[PATCH v4 17/27] net/iavf: avoid rte malloc in VF mailbox for IPsec

Stephen Hemminger stephen at networkplumber.org
Mon Feb 16 23:25:14 CET 2026

Previous message (by thread): [PATCH v4 17/27] net/iavf: avoid rte malloc in VF mailbox for IPsec
Next message (by thread): [PATCH v4 18/27] net/iavf: decouple hash uninit from parser uninit
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 13 Feb 2026 10:26:28 +0000
Anatoly Burakov <anatoly.burakov at intel.com> wrote:

> Currently, when calling down into the VF mailbox, IPsec code will use
> dynamic memory allocation (rte_malloc one at that!) to allocate VF message
> structures which are ~40 bytes in size, and then immediately frees them.
> This is wasteful and unnecessary, so use stack allocation instead.
> 
> Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
> ---

AI spotted this:

Patch 17/27 — net/iavf: avoid rte malloc in VF mailbox for IPsec
Warning (Correctness — Uninitialized stack memory)

The stack-allocated anonymous structs (sa_req, sa_resp, sp_req, sp_resp) are not zero-initialized. The originals used rte_malloc (not rte_zmalloc), so this isn't a regression per se — the old code also didn't zero the buffers. However, since these are sent as virtchnl messages, it would be safer to add = {0} for defense in depth, particularly since individual field assignment may miss padding.

This is lower priority than patch 22 since the old code had the same issue.

Previous message (by thread): [PATCH v4 17/27] net/iavf: avoid rte malloc in VF mailbox for IPsec
Next message (by thread): [PATCH v4 18/27] net/iavf: decouple hash uninit from parser uninit
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list