[dpdk-dev] [PATCH v1 2/2] crypto/aesni_mb: improve security instance setup

De Lara Guarch, Pablo pablo.de.lara.guarch at intel.com
Fri Jul 17 21:29:28 CEST 2020


Hi David,

> -----Original Message-----
> From: Coyle, David <david.coyle at intel.com>
> Sent: Thursday, July 16, 2020 4:36 PM
> To: akhil.goyal at nxp.com; Doherty, Declan <declan.doherty at intel.com>; De
> Lara Guarch, Pablo <pablo.de.lara.guarch at intel.com>; Trahe, Fiona
> <fiona.trahe at intel.com>
> Cc: dev at dpdk.org; Ryan, Brendan <brendan.ryan at intel.com>; O'loingsigh,
> Mairtin <mairtin.oloingsigh at intel.com>; Coyle, David <david.coyle at intel.com>
> Subject: [PATCH v1 2/2] crypto/aesni_mb: improve security instance setup
> 
> This patch makes some minor improvements to the security instance setup for
> the AESNI-MB PMD. All of this setup code is now in one '#ifdef
> AESNI_MB_DOCSIS_SEC_ENABLED' block. Enabling the
> RTE_CRYPTODEV_FF_SECURITY feature for the device is also moved to this
> block.
> 
> Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
> 
> Signed-off-by: David Coyle <david.coyle at intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 13 ++++---------
>  1 file changed, 4 insertions(+), 9 deletions(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> index b54c57f86..171d914a3 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> @@ -1881,9 +1881,6 @@ cryptodev_aesni_mb_create(const char *name,
>  	struct aesni_mb_private *internals;
>  	enum aesni_mb_vector_mode vector_mode;
>  	MB_MGR *mb_mgr;
> -#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> -	struct rte_security_ctx *security_instance;
> -#endif
> 
>  	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
>  	if (dev == NULL) {
> @@ -1912,13 +1909,10 @@ cryptodev_aesni_mb_create(const char *name,
>  			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
>  			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
>  			RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |
> -			RTE_CRYPTODEV_FF_SYM_SESSIONLESS
> -#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> -			| RTE_CRYPTODEV_FF_SECURITY
> -#endif
> -			;
> +			RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
> 
>  #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> +	struct rte_security_ctx *security_instance;
>  	security_instance = rte_malloc("aesni_mb_sec",
>  				sizeof(struct rte_security_ctx),
>  				RTE_CACHE_LINE_SIZE);

I see that there could be a potential memory leak here.
Assuming this malloc works, if alloc_init_mb_mgr() fails, this memory will not be freed.
So I suggest two options:
1 - Free security_instance if alloc_init_mb_mgr() fails
2 - Move this piece of code after alloc_init_mb_mgr and free mb_mgr if this malloc fails.

Thanks,
Pablo



More information about the dev mailing list