From: Kevin Traynor <ktraynor@redhat.com> To: Gagandeep Singh <g.singh@nxp.com> Cc: Akhil Goyal <gakhil@marvell.com>, dpdk stable <stable@dpdk.org> Subject: patch 'crypto/dpaa2_sec: fix fle buffer leak' has been queued to stable release 21.11.2 Date: Tue, 10 May 2022 13:30:02 +0100 Message-ID: <20220510123010.159523-25-ktraynor@redhat.com> (raw) In-Reply-To: <20220510123010.159523-1-ktraynor@redhat.com> Hi, FYI, your patch has been queued to stable release 21.11.2 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 05/15/22. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/f72e482fec5398317d6eb012f05a8508b38cd612 Thanks. Kevin --- From f72e482fec5398317d6eb012f05a8508b38cd612 Mon Sep 17 00:00:00 2001 From: Gagandeep Singh <g.singh@nxp.com> Date: Thu, 28 Apr 2022 17:17:20 +0530 Subject: [PATCH] crypto/dpaa2_sec: fix fle buffer leak [ upstream commit 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 ] Driver allocates a fle buffer for each packet before enqueue and free the buffer on dequeue. But in case if there are enqueue failures, then code should free the fle buffers. Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue") Fixes: 3ffce51a1f04 ("crypto/dpaa2_sec: add enqueue retry timeout") Signed-off-by: Gagandeep Singh <g.singh@nxp.com> Acked-by: Akhil Goyal <gakhil@marvell.com> --- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 29 ++++++++++++++++++++- 1 file changed, 28 insertions(+), 1 deletion(-) diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c index 5b5c4f3639..9b461357c0 100644 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c @@ -2,5 +2,5 @@ * * Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved. - * Copyright 2016-2021 NXP + * Copyright 2016-2022 NXP * */ @@ -53,4 +53,25 @@ uint8_t cryptodev_driver_id; +static inline void +free_fle(const struct qbman_fd *fd) +{ + struct qbman_fle *fle; + struct rte_crypto_op *op; + struct ctxt_priv *priv; + +#ifdef RTE_LIB_SECURITY + if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single) + return; +#endif + fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd)); + op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1)); + /* free the fle memory */ + if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) { + priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1); + rte_mempool_put(priv->fle_pool, (void *)(fle-1)); + } else + rte_free((void *)(fle-1)); +} + #ifdef RTE_LIB_SECURITY static inline int @@ -1502,4 +1523,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, num_tx += loop; nb_ops -= loop; + DPAA2_SEC_DP_DEBUG("Enqueue fail\n"); + /* freeing the fle buffers */ + while (loop < frames_to_send) { + free_fle(&fd_arr[loop]); + loop++; + } goto skip_tx; } -- 2.34.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2022-05-10 13:24:22.251517466 +0100 +++ 0025-crypto-dpaa2_sec-fix-fle-buffer-leak.patch 2022-05-10 13:24:21.617646377 +0100 @@ -1 +1 @@ -From 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 Mon Sep 17 00:00:00 2001 +From f72e482fec5398317d6eb012f05a8508b38cd612 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 ] + @@ -12 +13,0 @@ -Cc: stable@dpdk.org @@ -17,2 +18,2 @@ - drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++- - 1 file changed, 34 insertions(+), 1 deletion(-) + drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 29 ++++++++++++++++++++- + 1 file changed, 28 insertions(+), 1 deletion(-) @@ -21 +22 @@ -index e62d04852b..03fef5e500 100644 +index 5b5c4f3639..9b461357c0 100644 @@ -31,2 +32,2 @@ -@@ -65,4 +65,25 @@ uint8_t cryptodev_driver_id; - uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP; +@@ -53,4 +53,25 @@ + uint8_t cryptodev_driver_id; @@ -57,12 +58 @@ -@@ -1514,4 +1535,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops, - num_tx += loop; - nb_ops -= loop; -+ DPAA2_SEC_DP_DEBUG("Enqueue fail\n"); -+ /* freeing the fle buffers */ -+ while (loop < frames_to_send) { -+ free_fle(&fd_arr[loop]); -+ loop++; -+ } - goto skip_tx; - } -@@ -1855,4 +1882,10 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops, +@@ -1502,4 +1523,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
next prev parent reply other threads:[~2022-05-10 12:31 UTC|newest] Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top 2022-05-10 12:29 patch 'eal/windows: add missing C++ include guards' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/dpaa2: fix dpdmux default interface' " Kevin Traynor 2022-05-10 12:29 ` patch 'examples/bond: fix invalid use of trylock' " Kevin Traynor 2022-05-10 12:29 ` patch 'test/bpf: skip test if libpcap is unavailable' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/ice: improve performance of Rx timestamp offload' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/i40e: populate error in flow director parser' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/ice: add missing Tx burst mode name' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/ice: refactor parser usage' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/ice: fix raw flow input pattern parsing' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/netvsc: fix calculation of checksums based on mbuf flag' " Kevin Traynor 2022-05-10 12:29 ` patch 'common/mlx5: fix memory region range calculation' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: fix Tx when inlining is impossible' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: fix probing with secondary bonding member' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: fix counter in non-termination meter' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: restrict Rx queue array access to boundary' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: fix GTP handling in header modify action' " Kevin Traynor 2022-05-10 12:29 ` patch 'net/mlx5: fix Rx/Tx stats concurrency' " Kevin Traynor 2022-05-10 12:29 ` patch 'test/table: fix buffer overflow on lpm entry' " Kevin Traynor 2022-05-10 12:29 ` patch 'mem: skip attaching external memory in secondary process' " Kevin Traynor 2022-05-10 12:29 ` patch 'malloc: fix ASan handling for unmapped memory' " Kevin Traynor 2022-05-10 12:29 ` patch 'eal: fix C++ include for device event and DMA' " Kevin Traynor 2022-05-10 12:29 ` patch 'crypto/dpaa_sec: fix digest size' " Kevin Traynor 2022-05-10 12:30 ` patch 'security: fix SA lifetime comments' " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/mlx5: fix login cleanup' " Kevin Traynor 2022-05-10 12:30 ` Kevin Traynor [this message] 2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix buffer pool ID check' " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/dpaa_sec: fix chained FD length in raw datapath' " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/dpaa_sec: fix secondary process probing' " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix crypto operation pointer' " Kevin Traynor 2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix operation status for simple FD' " Kevin Traynor 2022-05-10 12:30 ` patch 'common/dpaax: fix short MAC-I IV calculation for ZUC' " Kevin Traynor 2022-05-10 12:30 ` patch 'examples/l2fwd-crypto: fix stats refresh rate' " Kevin Traynor
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220510123010.159523-25-ktraynor@redhat.com \ --to=ktraynor@redhat.com \ --cc=g.singh@nxp.com \ --cc=gakhil@marvell.com \ --cc=stable@dpdk.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
patches for DPDK stable branches This inbox may be cloned and mirrored by anyone: git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git # If you have public-inbox 1.1+ installed, you may # initialize and index your mirror using the following commands: public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \ stable@dpdk.org public-inbox-index stable Example config snippet for mirrors. Newsgroup available over NNTP: nntp://inbox.dpdk.org/inbox.dpdk.stable AGPL code for this site: git clone https://public-inbox.org/public-inbox.git