From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 0BB2F4324D for ; Tue, 31 Oct 2023 07:44:57 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 058244027F; Tue, 31 Oct 2023 07:44:57 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id AFCAC400D7; Tue, 31 Oct 2023 07:44:55 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 39UK6xac015840; Mon, 30 Oct 2023 23:44:55 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=R+yCVK6iRwGvZhNRUQ/z/EmAH/1OpJknNGyopI7cuA0=; b=GWZIEe5KBBoe8OrLcFjZroiflMtjq+sVYazJBlVTSW/PgzDdH5gGQxXwilNn07R6dcGQ KaNDriZFoVCLaegXN/QsvyYVLmLb0CQW8Wc2lRAGXETS0JtibX6pqfF7ElCcNoJ0V1L+ C3rU8iF9fiK4E+HAJ6dGxhRxfCwKNLSd/WLsGnftsY9d/CNza8rW8y00/fY/LfJytjHt /6d5JOqWqHuaiQf/YiDdOK6thXmgH9bhvWdcBehxp2YNhC3A5Tl7qmeGbBXVMcF6NWJR pV6UAZgLYs4NZMsdguMydq7JteWsRnHawLY8vQ5EOLsBPOTL4RMxqbkF3cgCYUrKWvnn fg== Received: from dc5-exch02.marvell.com ([199.233.59.182]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3u11tp9bpc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Mon, 30 Oct 2023 23:44:54 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Mon, 30 Oct 2023 23:44:52 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Mon, 30 Oct 2023 23:44:52 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 7117E3F703F; Mon, 30 Oct 2023 23:44:50 -0700 (PDT) From: Akhil Goyal To: CC: , , , Akhil Goyal , Subject: [PATCH v2] test/security: fix buffer leaks in error path Date: Tue, 31 Oct 2023 12:14:46 +0530 Message-ID: <20231031064446.150191-1-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230822173316.465078-1-gakhil@marvell.com> References: <20230822173316.465078-1-gakhil@marvell.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-GUID: EUd6veBzrYzKNuO0-P8ZZEgmCKCPpK4p X-Proofpoint-ORIG-GUID: EUd6veBzrYzKNuO0-P8ZZEgmCKCPpK4p X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.987,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2023-10-30_13,2023-10-31_02,2023-05-22_02 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org In case of failure of a test in macsec autotest, the buffers were not getting cleaned. Added appropriate code to clean the buffers. Fixes: 993ea577a006 ("test/security: add inline MACsec cases") Cc: stable@dpdk.org Signed-off-by: Akhil Goyal --- - Used rte_pktmbuf_free_bulk as suggested by Stephen. app/test/test_security_inline_macsec.c | 65 +++++++++++++++++--------- 1 file changed, 44 insertions(+), 21 deletions(-) diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c index 59b1b8a6a6..f11e9da8c3 100644 --- a/app/test/test_security_inline_macsec.c +++ b/app/test/test_security_inline_macsec.c @@ -952,8 +952,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC; } if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); ret = TEST_FAILED; goto out; } @@ -965,8 +964,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs opts->ar_td[k]->secure_pkt.data, opts->ar_td[k]->secure_pkt.len); if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); ret = TEST_FAILED; goto out; } @@ -993,8 +991,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC; } if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); ret = TEST_FAILED; goto out; } @@ -1016,7 +1013,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; } rx_sa_id[i][an] = (uint16_t)id; } @@ -1025,6 +1024,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sc_create(ctx, &sc_conf); if (id < 0) { printf("MACsec SC create failed : %d.\n", id); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; goto out; } rx_sc_id[i] = (uint16_t)id; @@ -1032,19 +1033,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs /* Create Inline IPsec session. */ ret = fill_session_conf(td[i], port_id, opts, &sess_conf, RTE_SECURITY_MACSEC_DIR_RX, rx_sc_id[i], tci_off); - if (ret) - return TEST_FAILED; - + if (ret) { + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; + } rx_sess[i] = rte_security_session_create(ctx, &sess_conf, sess_pool); if (rx_sess[i] == NULL) { printf("SEC Session init failed.\n"); - return TEST_FAILED; + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; } ret = create_default_flow(td[i], port_id, RTE_SECURITY_MACSEC_DIR_RX, rx_sess[i]); - if (ret) + if (ret) { + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; goto out; + } } if (op == MCS_ENCAP || op == MCS_ENCAP_DECAP || op == MCS_AUTH_ONLY || op == MCS_AUTH_VERIFY) { @@ -1057,7 +1065,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; } tx_sa_id[i][0] = (uint16_t)id; tx_sa_id[i][1] = MCS_INVALID_SA; @@ -1071,6 +1081,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec rekey SA create failed : %d.\n", id); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; goto out; } tx_sa_id[i][1] = (uint16_t)id; @@ -1080,6 +1092,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sc_create(ctx, &sc_conf); if (id < 0) { printf("MACsec SC create failed : %d.\n", id); + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; goto out; } tx_sc_id[i] = (uint16_t)id; @@ -1087,19 +1101,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs /* Create Inline IPsec session. */ ret = fill_session_conf(td[i], port_id, opts, &sess_conf, RTE_SECURITY_MACSEC_DIR_TX, tx_sc_id[i], tci_off); - if (ret) - return TEST_FAILED; - + if (ret) { + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; + } tx_sess[i] = rte_security_session_create(ctx, &sess_conf, sess_pool); if (tx_sess[i] == NULL) { printf("SEC Session init failed.\n"); - return TEST_FAILED; + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; + goto out; } ret = create_default_flow(td[i], port_id, RTE_SECURITY_MACSEC_DIR_TX, tx_sess[i]); - if (ret) + if (ret) { + rte_pktmbuf_free_bulk(tx_pkts_burst, j); + ret = TEST_FAILED; goto out; + } } } @@ -1116,6 +1137,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs rte_pause(); + j = 0; /* Receive back packet on loopback interface. */ do { nb_rx += rte_eth_rx_burst(port_id, 0, @@ -1129,8 +1151,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs if (nb_rx != nb_sent) { printf("\nUnable to RX all %d packets, received(%i)", nb_sent, nb_rx); - while (--nb_rx >= 0) - rte_pktmbuf_free(rx_pkts_burst[nb_rx]); + rte_pktmbuf_free_bulk(rx_pkts_burst, nb_rx); ret = TEST_FAILED; if (opts->check_sectag_interrupts == 1) ret = TEST_SUCCESS; @@ -1154,7 +1175,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + rte_pktmbuf_free_bulk(rx_pkts_burst, nb_rx); + ret = TEST_FAILED; + goto out; } tx_sa_id[0][0] = (uint16_t)id; break; -- 2.25.1