From: Kevin Traynor <ktraynor@redhat.com>
To: Gagandeep Singh <g.singh@nxp.com>
Cc: Akhil Goyal <gakhil@marvell.com>, dpdk stable <stable@dpdk.org>
Subject: patch 'crypto/dpaa2_sec: fix fle buffer leak' has been queued to stable release 21.11.2
Date: Tue, 10 May 2022 13:30:02 +0100
Message-ID: <20220510123010.159523-25-ktraynor@redhat.com> (raw)
In-Reply-To: <20220510123010.159523-1-ktraynor@redhat.com>
Hi,
FYI, your patch has been queued to stable release 21.11.2
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/15/22. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable
This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/f72e482fec5398317d6eb012f05a8508b38cd612
Thanks.
Kevin
---
From f72e482fec5398317d6eb012f05a8508b38cd612 Mon Sep 17 00:00:00 2001
From: Gagandeep Singh <g.singh@nxp.com>
Date: Thu, 28 Apr 2022 17:17:20 +0530
Subject: [PATCH] crypto/dpaa2_sec: fix fle buffer leak
[ upstream commit 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 ]
Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.
Fixes: 4562de326d30 ("crypto/dpaa2_sec: support ordered queue")
Fixes: 3ffce51a1f04 ("crypto/dpaa2_sec: add enqueue retry timeout")
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 29 ++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 5b5c4f3639..9b461357c0 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -2,5 +2,5 @@
*
* Copyright (c) 2016 Freescale Semiconductor, Inc. All rights reserved.
- * Copyright 2016-2021 NXP
+ * Copyright 2016-2022 NXP
*
*/
@@ -53,4 +53,25 @@
uint8_t cryptodev_driver_id;
+static inline void
+free_fle(const struct qbman_fd *fd)
+{
+ struct qbman_fle *fle;
+ struct rte_crypto_op *op;
+ struct ctxt_priv *priv;
+
+#ifdef RTE_LIB_SECURITY
+ if (DPAA2_FD_GET_FORMAT(fd) == qbman_fd_single)
+ return;
+#endif
+ fle = (struct qbman_fle *)DPAA2_IOVA_TO_VADDR(DPAA2_GET_FD_ADDR(fd));
+ op = (struct rte_crypto_op *)DPAA2_GET_FLE_ADDR((fle - 1));
+ /* free the fle memory */
+ if (likely(rte_pktmbuf_is_contiguous(op->sym->m_src))) {
+ priv = (struct ctxt_priv *)(size_t)DPAA2_GET_FLE_CTXT(fle - 1);
+ rte_mempool_put(priv->fle_pool, (void *)(fle-1));
+ } else
+ rte_free((void *)(fle-1));
+}
+
#ifdef RTE_LIB_SECURITY
static inline int
@@ -1502,4 +1523,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
num_tx += loop;
nb_ops -= loop;
+ DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
+ /* freeing the fle buffers */
+ while (loop < frames_to_send) {
+ free_fle(&fd_arr[loop]);
+ loop++;
+ }
goto skip_tx;
}
--
2.34.1
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2022-05-10 13:24:22.251517466 +0100
+++ 0025-crypto-dpaa2_sec-fix-fle-buffer-leak.patch 2022-05-10 13:24:21.617646377 +0100
@@ -1 +1 @@
-From 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 Mon Sep 17 00:00:00 2001
+From f72e482fec5398317d6eb012f05a8508b38cd612 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 6a2b01a4106402be0aa50e3e3b1e5098e3a9b646 ]
+
@@ -12 +13,0 @@
-Cc: stable@dpdk.org
@@ -17,2 +18,2 @@
- drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 35 ++++++++++++++++++++-
- 1 file changed, 34 insertions(+), 1 deletion(-)
+ drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 29 ++++++++++++++++++++-
+ 1 file changed, 28 insertions(+), 1 deletion(-)
@@ -21 +22 @@
-index e62d04852b..03fef5e500 100644
+index 5b5c4f3639..9b461357c0 100644
@@ -31,2 +32,2 @@
-@@ -65,4 +65,25 @@ uint8_t cryptodev_driver_id;
- uint8_t dpaa2_sec_dp_dump = DPAA2_SEC_DP_ERR_DUMP;
+@@ -53,4 +53,25 @@
+ uint8_t cryptodev_driver_id;
@@ -57,12 +58 @@
-@@ -1514,4 +1535,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
- num_tx += loop;
- nb_ops -= loop;
-+ DPAA2_SEC_DP_DEBUG("Enqueue fail\n");
-+ /* freeing the fle buffers */
-+ while (loop < frames_to_send) {
-+ free_fle(&fd_arr[loop]);
-+ loop++;
-+ }
- goto skip_tx;
- }
-@@ -1855,4 +1882,10 @@ dpaa2_sec_enqueue_burst_ordered(void *qp, struct rte_crypto_op **ops,
+@@ -1502,4 +1523,10 @@ dpaa2_sec_enqueue_burst(void *qp, struct rte_crypto_op **ops,
next prev parent reply other threads:[~2022-05-10 12:31 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-10 12:29 patch 'eal/windows: add missing C++ include guards' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/dpaa2: fix dpdmux default interface' " Kevin Traynor
2022-05-10 12:29 ` patch 'examples/bond: fix invalid use of trylock' " Kevin Traynor
2022-05-10 12:29 ` patch 'test/bpf: skip test if libpcap is unavailable' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/ice: improve performance of Rx timestamp offload' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/i40e: populate error in flow director parser' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/ice: add missing Tx burst mode name' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/ice: refactor parser usage' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/ice: fix raw flow input pattern parsing' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/netvsc: fix calculation of checksums based on mbuf flag' " Kevin Traynor
2022-05-10 12:29 ` patch 'common/mlx5: fix memory region range calculation' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: fix Tx when inlining is impossible' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: fix probing with secondary bonding member' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: fix counter in non-termination meter' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: restrict Rx queue array access to boundary' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: fix GTP handling in header modify action' " Kevin Traynor
2022-05-10 12:29 ` patch 'net/mlx5: fix Rx/Tx stats concurrency' " Kevin Traynor
2022-05-10 12:29 ` patch 'test/table: fix buffer overflow on lpm entry' " Kevin Traynor
2022-05-10 12:29 ` patch 'mem: skip attaching external memory in secondary process' " Kevin Traynor
2022-05-10 12:29 ` patch 'malloc: fix ASan handling for unmapped memory' " Kevin Traynor
2022-05-10 12:29 ` patch 'eal: fix C++ include for device event and DMA' " Kevin Traynor
2022-05-10 12:29 ` patch 'crypto/dpaa_sec: fix digest size' " Kevin Traynor
2022-05-10 12:30 ` patch 'security: fix SA lifetime comments' " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/mlx5: fix login cleanup' " Kevin Traynor
2022-05-10 12:30 ` Kevin Traynor [this message]
2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix buffer pool ID check' " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/dpaa_sec: fix chained FD length in raw datapath' " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/dpaa_sec: fix secondary process probing' " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix crypto operation pointer' " Kevin Traynor
2022-05-10 12:30 ` patch 'crypto/dpaa2_sec: fix operation status for simple FD' " Kevin Traynor
2022-05-10 12:30 ` patch 'common/dpaax: fix short MAC-I IV calculation for ZUC' " Kevin Traynor
2022-05-10 12:30 ` patch 'examples/l2fwd-crypto: fix stats refresh rate' " Kevin Traynor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220510123010.159523-25-ktraynor@redhat.com \
--to=ktraynor@redhat.com \
--cc=g.singh@nxp.com \
--cc=gakhil@marvell.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
patches for DPDK stable branches
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \
stable@dpdk.org
public-inbox-index stable
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://inbox.dpdk.org/inbox.dpdk.stable
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git