From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0753BA056D; Thu, 12 Mar 2020 16:17:33 +0100 (CET) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 7D8201C02C; Thu, 12 Mar 2020 16:17:14 +0100 (CET) Received: from mailout1.w1.samsung.com (mailout1.w1.samsung.com [210.118.77.11]) by dpdk.org (Postfix) with ESMTP id D44E51BFBF for ; Thu, 12 Mar 2020 16:17:09 +0100 (CET) Received: from eucas1p1.samsung.com (unknown [182.198.249.206]) by mailout1.w1.samsung.com (KnoxPortal) with ESMTP id 20200312151709euoutp01c0bcad4af48d056638be5b759809f7a7~7l3Z4eESR0471204712euoutp01F for ; Thu, 12 Mar 2020 15:17:09 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.w1.samsung.com 20200312151709euoutp01c0bcad4af48d056638be5b759809f7a7~7l3Z4eESR0471204712euoutp01F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com; s=mail20170921; t=1584026229; bh=FBIjnB53Kv79V96klEGMOMPGn+YQdKjlGAkns8pOWII=; h=From:To:Subject:Date:In-Reply-To:References:From; b=JlEELGuJ/rPok3ZXQwBH0mJXu5YC/ebZyTcgyhlmuGK3f+5dejv7Vs6fdH19neBqb uA3zRReFp5HFautovLh1r6qxeXcvxbVKyGnXp4X1xS5Ix2zVy5g113Tn2ESe91Uyvh U1I1FSEieA6NqHIrv5L5PGPmApUse9kzVt/2bU1k= Received: from eusmges3new.samsung.com (unknown [203.254.199.245]) by eucas1p1.samsung.com (KnoxPortal) with ESMTP id 20200312151708eucas1p1148720a7b0cfd75b33e7672ec552ceaa~7l3Zypwy31595115951eucas1p1c for ; Thu, 12 Mar 2020 15:17:08 +0000 (GMT) Received: from eucas1p2.samsung.com ( [182.198.249.207]) by eusmges3new.samsung.com (EUCPMTA) with SMTP id 4A.B9.60698.4725A6E5; Thu, 12 Mar 2020 15:17:08 +0000 (GMT) Received: from eusmtrp2.samsung.com (unknown [182.198.249.139]) by eucas1p2.samsung.com (KnoxPortal) with ESMTPA id 20200312151708eucas1p2acee543b5f9d236b8e43cd4d1fbed489~7l3ZJnZch1644416444eucas1p2y for ; Thu, 12 Mar 2020 15:17:08 +0000 (GMT) Received: from eusmgms1.samsung.com (unknown [182.198.249.179]) by eusmtrp2.samsung.com (KnoxPortal) with ESMTP id 20200312151708eusmtrp25661d89ce27ea885d280eb38fee10b37~7l3ZJI_Rw1238312383eusmtrp2G for ; Thu, 12 Mar 2020 15:17:08 +0000 (GMT) X-AuditID: cbfec7f5-a29ff7000001ed1a-a1-5e6a527446e1 Received: from eusmtip1.samsung.com ( [203.254.199.221]) by eusmgms1.samsung.com (EUCPMTA) with SMTP id 31.3F.08375.4725A6E5; Thu, 12 Mar 2020 15:17:08 +0000 (GMT) Received: from Padamandas.example.org (unknown [106.120.51.19]) by eusmtip1.samsung.com (KnoxPortal) with ESMTPA id 20200312151708eusmtip140b4fd4f8e0ca59ec353ac9c84c4585d~7l3Y8-2xU1532415324eusmtip1Q for ; Thu, 12 Mar 2020 15:17:07 +0000 (GMT) From: Lukasz Wojciechowski To: dev@dpdk.org Date: Thu, 12 Mar 2020 16:16:42 +0100 Message-Id: <20200312151654.7218-2-l.wojciechow@partner.samsung.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20200312151654.7218-1-l.wojciechow@partner.samsung.com> X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrHIsWRmVeSWpSXmKPExsWy7djP87olQVlxBv1zlS3efdrO5MDo8WvB UtYAxigum5TUnMyy1CJ9uwSujIuXPzMWfDOouDc5vYGxXauLkZNDQsBE4u/HM+xdjFwcQgIr GCXe3D7KCuG0M0kseDafEcJpY5JY++wrUIYDrOX0dFOI+HJGiVsXH7LDdbw5PoEVZC6bgK3E kZlfwWwRAQGJz52L2UBsYQE3iQ03N4PZLAKqEvNWnwezeQVcJA497meHuEleYvWGA8wgNqeA q8SNSc/BTpIQmMEmsePobUaIIheJFY0XmCFsYYlXx7dANctI/N85nwmioZ9RYu+/t+xQ3YwS qy/PYoKospY4/O83G8g/zAKaEut36UOEHSXWtkxigXiTT+LGW0GQMDOQOWnbdGaIMK9ER5sQ RLWexNOeqYwwa/+sfcICYXtIXHz4jA0SKEBbv19/zj6BUW4WwrIFjIyrGMVTS4tz01OLjfNS y/WKE3OLS/PS9ZLzczcxAmP19L/jX3cw7vuTdIhRgINRiYfXQCwrTog1say4MvcQowQHs5II b7x8epwQb0piZVVqUX58UWlOavEhRmkOFiVxXuNFL2OFBNITS1KzU1MLUotgskwcnFINjLZb NzQLv92YrZEc4rCG7fDSoq8TPX5NOrn25TOTlU+PuNa2Or2LVtiRNrXT2C7c85bamqKD3lGz tj4xXDJplugdx82udRLvnU+YGdneFZgneTNs7ny52UdX7v2hzbTCNSf2+Sars78VLjXIsO6/ fs0pu9YiLjlCZo6YQ0rmU1PRQ+Z9ueLB/UosxRmJhlrMRcWJAMYeXxXRAgAA X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprLLMWRmVeSWpSXmKPExsVy+t/xu7olQVlxBrMO8Vi8+7SdyYHR49eC pawBjFF6NkX5pSWpChn5xSW2StGGFkZ6hpYWekYmlnqGxuaxVkamSvp2NimpOZllqUX6dgl6 GRcvf2Ys+GZQcW9yegNju1YXIweHhICJxOnppl2MXBxCAksZJQ6c2MEIEZeR+HBJoIuRE8gU lvhzrYsNoqaVSeJQ8yRmkASbgK3EkZlfWUFsEQEBic+di9lAbGEBN4kNNzeD2SwCqhLzVp8H s3kFXCQOPe5nhxgqL7F6wwGwOZwCrhI3Jj0HmyMEVPP8/xLmCYy8CxgZVjGKpJYW56bnFhvq FSfmFpfmpesl5+duYgQGzbZjPzfvYLy0MfgQowAHoxIPr4FYVpwQa2JZcWXuIUYJDmYlEd54 +fQ4Id6UxMqq1KL8+KLSnNTiQ4ymQEdNZJYSTc4HBnReSbyhqaG5haWhubG5sZmFkjhvh8DB GCGB9MSS1OzU1ILUIpg+Jg5OqQbGKM0YEfHDaznPeHYEnt7cnHuv+KHdxsPcVy/cdU4xU33i seWdme2vzL/TdIq3JRtPUJUxtdv88szqdak5BruS2BeoZ2Uujrh4I+m2Dce6510Oy59/8+8V y7xquSmmXiXjnatV1+ub7XXMQjbpWg08kgpVep2cJ50+xeTwz3b8s/Xjwu+hhyqUWIozEg21 mIuKEwEimSgGMAIAAA== X-CMS-MailID: 20200312151708eucas1p2acee543b5f9d236b8e43cd4d1fbed489 X-Msg-Generator: CA Content-Type: text/plain; charset="utf-8" X-RootMTR: 20200312151708eucas1p2acee543b5f9d236b8e43cd4d1fbed489 X-EPHeader: CA CMS-TYPE: 201P X-CMS-RootMailID: 20200312151708eucas1p2acee543b5f9d236b8e43cd4d1fbed489 References: <20200312151654.7218-1-l.wojciechow@partner.samsung.com> Subject: [dpdk-dev] [PATCH 01/13] librte_security: fix verification of parameters X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" This patch adds verification of the parameters to the ret_security API functions. All required parameters are checked if they are not NULL. Checks verify full chain of pointers, e.g. in case of verification of "instance->ops->session_XXX", they check also "instance" and "instance->ops". Signed-off-by: Lukasz Wojciechowski Change-Id: I1724c926a1a0a13fd16d76f19842a0b40fbea1b2 --- lib/librte_security/rte_security.c | 58 +++++++++++++++++++++++------- 1 file changed, 45 insertions(+), 13 deletions(-) diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c index bc81ce15d..40a0e9ce5 100644 --- a/lib/librte_security/rte_security.c +++ b/lib/librte_security/rte_security.c @@ -1,6 +1,7 @@ /* SPDX-License-Identifier: BSD-3-Clause * Copyright 2017 NXP. * Copyright(c) 2017 Intel Corporation. + * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved */ #include @@ -9,6 +10,12 @@ #include "rte_security.h" #include "rte_security_driver.h" +/* Macro to check for invalid pointers */ +#define RTE_PTR_OR_ERR_RET(ptr, retval) do { \ + if ((ptr) == NULL) \ + return retval; \ +} while (0) + struct rte_security_session * rte_security_session_create(struct rte_security_ctx *instance, struct rte_security_session_conf *conf, @@ -16,10 +23,11 @@ rte_security_session_create(struct rte_security_ctx *instance, { struct rte_security_session *sess = NULL; - if (conf == NULL) - return NULL; - - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL); + RTE_PTR_OR_ERR_RET(instance, NULL); + RTE_PTR_OR_ERR_RET(instance->ops, NULL); + RTE_PTR_OR_ERR_RET(instance->ops->session_create, NULL); + RTE_PTR_OR_ERR_RET(conf, NULL); + RTE_PTR_OR_ERR_RET(mp, NULL); if (rte_mempool_get(mp, (void **)&sess)) return NULL; @@ -38,14 +46,20 @@ rte_security_session_update(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_security_session_conf *conf) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP); + RTE_PTR_OR_ERR_RET(instance, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops->session_update, -ENOTSUP); + RTE_PTR_OR_ERR_RET(sess, -EINVAL); + RTE_PTR_OR_ERR_RET(conf, -EINVAL); return instance->ops->session_update(instance->device, sess, conf); } unsigned int rte_security_session_get_size(struct rte_security_ctx *instance) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_get_size, 0); + RTE_PTR_OR_ERR_RET(instance, 0); + RTE_PTR_OR_ERR_RET(instance->ops, 0); + RTE_PTR_OR_ERR_RET(instance->ops->session_get_size, 0); return instance->ops->session_get_size(instance->device); } @@ -54,7 +68,11 @@ rte_security_session_stats_get(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_security_stats *stats) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP); + RTE_PTR_OR_ERR_RET(instance, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops->session_stats_get, -ENOTSUP); + // Parameter sess can be NULL in case of getting global statistics. + RTE_PTR_OR_ERR_RET(stats, -EINVAL); return instance->ops->session_stats_get(instance->device, sess, stats); } @@ -64,7 +82,10 @@ rte_security_session_destroy(struct rte_security_ctx *instance, { int ret; - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP); + RTE_PTR_OR_ERR_RET(instance, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops->session_destroy, -ENOTSUP); + RTE_PTR_OR_ERR_RET(sess, -EINVAL); if (instance->sess_cnt) instance->sess_cnt--; @@ -81,7 +102,11 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance, struct rte_security_session *sess, struct rte_mbuf *m, void *params) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP); + RTE_PTR_OR_ERR_RET(instance, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops, -EINVAL); + RTE_PTR_OR_ERR_RET(instance->ops->set_pkt_metadata, -ENOTSUP); + RTE_PTR_OR_ERR_RET(sess, -EINVAL); + RTE_PTR_OR_ERR_RET(m, -EINVAL); return instance->ops->set_pkt_metadata(instance->device, sess, m, params); } @@ -91,7 +116,9 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) { void *userdata = NULL; - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL); + RTE_PTR_OR_ERR_RET(instance, NULL); + RTE_PTR_OR_ERR_RET(instance->ops, NULL); + RTE_PTR_OR_ERR_RET(instance->ops->get_userdata, NULL); if (instance->ops->get_userdata(instance->device, md, &userdata)) return NULL; @@ -101,7 +128,9 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md) const struct rte_security_capability * rte_security_capabilities_get(struct rte_security_ctx *instance) { - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); + RTE_PTR_OR_ERR_RET(instance, NULL); + RTE_PTR_OR_ERR_RET(instance->ops, NULL); + RTE_PTR_OR_ERR_RET(instance->ops->capabilities_get, NULL); return instance->ops->capabilities_get(instance->device); } @@ -113,7 +142,10 @@ rte_security_capability_get(struct rte_security_ctx *instance, const struct rte_security_capability *capability; uint16_t i = 0; - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL); + RTE_PTR_OR_ERR_RET(instance, NULL); + RTE_PTR_OR_ERR_RET(instance->ops, NULL); + RTE_PTR_OR_ERR_RET(instance->ops->capabilities_get, NULL); + RTE_PTR_OR_ERR_RET(idx, NULL); capabilities = instance->ops->capabilities_get(instance->device); if (capabilities == NULL) @@ -121,7 +153,7 @@ rte_security_capability_get(struct rte_security_ctx *instance, while ((capability = &capabilities[i++])->action != RTE_SECURITY_ACTION_TYPE_NONE) { - if (capability->action == idx->action && + if (capability->action == idx->action && capability->protocol == idx->protocol) { if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) { if (capability->ipsec.proto == -- 2.17.1