DPDK patches and discussions
 help / color / mirror / Atom feed
From: Fan Zhang <roy.fan.zhang@intel.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com, pablo.de.lara.guarch@intel.com,
	fiona.trahe@intel.com
Subject: [dpdk-dev] [PATCH v5 11/12] cryptodev: add reference count to session private data
Date: Thu, 10 Jan 2019 14:50:21 +0000	[thread overview]
Message-ID: <20190110145022.42883-12-roy.fan.zhang@intel.com> (raw)
In-Reply-To: <20190110145022.42883-1-roy.fan.zhang@intel.com>

This patch adds a refcnt field to every session private data in the
cryptodev symmetric session. The counter is used to prevent freeing
symmetric session blindly before it is not cleared by every type of
crypto device in use.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---
 doc/guides/prog_guide/img/cryptodev_sym_sess.svg |  7 +++++++
 doc/guides/rel_notes/release_19_02.rst           |  6 ++++++
 lib/librte_cryptodev/rte_cryptodev.c             | 14 +++++++++-----
 lib/librte_cryptodev/rte_cryptodev.h             |  1 +
 4 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/doc/guides/prog_guide/img/cryptodev_sym_sess.svg b/doc/guides/prog_guide/img/cryptodev_sym_sess.svg
index 20059cc0f..7d7052c38 100644
--- a/doc/guides/prog_guide/img/cryptodev_sym_sess.svg
+++ b/doc/guides/prog_guide/img/cryptodev_sym_sess.svg
@@ -308,6 +308,13 @@
        class="st2"
        y="189.4823"
        x="-185.78569">user_data</text>
+<text
+       transform="scale(0.71276665,1.4029837)"
+       style="font-size:14.02988338px;font-family:Calibri;overflow:visible;color-interpolation-filters:sRGB;fill:#386288;fill-rule:evenodd;stroke-width:1.40298378;stroke-linecap:square;stroke-miterlimit:3"
+       id="text24-5-5-1-4"
+       class="st2"
+       y="129.23468"
+       x="-204.95244">uint16_t refcnt;</text>
 </g><g
      transform="matrix(1.022976,0,0,0.71529071,199.82034,-39.936699)"
      id="shape19-6-5"><title
diff --git a/doc/guides/rel_notes/release_19_02.rst b/doc/guides/rel_notes/release_19_02.rst
index b488a6d35..a79298ce3 100644
--- a/doc/guides/rel_notes/release_19_02.rst
+++ b/doc/guides/rel_notes/release_19_02.rst
@@ -110,6 +110,12 @@ New Features
   Added a new performance test tool to test the compressdev PMD. The tool tests
   compression ratio and compression throughput.
 
+* **Added security checks to cryptodev symmetric session operations.**
+
+  Added a set of security checks to the access cryptodev symmetric session.
+  The checks include the session's user data read/write check and the
+  session private data referencing status check while freeing a session.
+
 
 Removed Items
 -------------
diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index d01bb110e..654c39fe1 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1216,7 +1216,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
 
 	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_configure, -ENOTSUP);
 
-	if (sess->sess_data[index].data == NULL) {
+	if (sess->sess_data[index].refcnt == 0) {
 		ret = dev->dev_ops->sym_session_configure(dev, xforms,
 							sess, mp);
 		if (ret < 0) {
@@ -1227,6 +1227,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
 		}
 	}
 
+	sess->sess_data[index].refcnt++;
 	return 0;
 }
 
@@ -1372,12 +1373,17 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 		struct rte_cryptodev_sym_session *sess)
 {
 	struct rte_cryptodev *dev;
+	uint8_t driver_id;
 
 	dev = rte_cryptodev_pmd_get_dev(dev_id);
 
 	if (dev == NULL || sess == NULL)
 		return -EINVAL;
 
+	driver_id = dev->driver_id;
+	if (--sess->sess_data[driver_id].refcnt != 0)
+		return -EBUSY;
+
 	RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_clear, -ENOTSUP);
 
 	dev->dev_ops->sym_session_clear(dev, sess);
@@ -1407,16 +1413,14 @@ int
 rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess)
 {
 	uint8_t i;
-	void *sess_priv;
 	struct rte_mempool *sess_mp;
 
 	if (sess == NULL)
 		return -EINVAL;
 
 	/* Check that all device private data has been freed */
-	for (i = 0; i < nb_drivers; i++) {
-		sess_priv = get_sym_session_private_data(sess, i);
-		if (sess_priv != NULL)
+	for (i = 0; i < sess->nb_drivers; i++) {
+		if (sess->sess_data[i].refcnt != 0)
 			return -EBUSY;
 	}
 
diff --git a/lib/librte_cryptodev/rte_cryptodev.h b/lib/librte_cryptodev/rte_cryptodev.h
index 232cd1aa8..7652102de 100644
--- a/lib/librte_cryptodev/rte_cryptodev.h
+++ b/lib/librte_cryptodev/rte_cryptodev.h
@@ -963,6 +963,7 @@ struct rte_cryptodev_sym_session {
 	/**< session user data will be placed after sess_data */
 	__extension__ struct {
 		void *data;
+		uint16_t refcnt;
 	} sess_data[0];
 	/**< Driver specific session material, variable size */
 };
-- 
2.13.6

  parent reply	other threads:[~2019-01-10 14:50 UTC|newest]

Thread overview: 61+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-15 17:24 [dpdk-dev] [PATCH 0/2] lib/cryptodev: change qp conf and sym session Fan Zhang
2018-11-15 17:24 ` [dpdk-dev] [PATCH 1/2] cryptodev: change queue pair configure structure Fan Zhang
2018-11-16 12:05   ` Ananyev, Konstantin
2018-11-19 10:12     ` Zhang, Roy Fan
2018-12-04 16:05   ` Trahe, Fiona
2018-11-15 17:24 ` [dpdk-dev] [PATCH 2/2] cryptodev: change symmetric session structure Fan Zhang
2018-11-16  0:47   ` Ananyev, Konstantin
2018-11-16 14:32   ` Ananyev, Konstantin
2018-11-19 10:11     ` Zhang, Roy Fan
2018-12-11 10:34 ` [dpdk-dev] [PATCH v2 0/2] lib/cryptodev: change qp conf and sym session Fan Zhang
2018-12-11 10:34   ` [dpdk-dev] [PATCH v2 1/2] cryptodev: change queue pair configure structure Fan Zhang
2018-12-17 19:31     ` Trahe, Fiona
2018-12-11 10:34   ` [dpdk-dev] [PATCH v2 2/2] cryptodev: change symmetric session structure Fan Zhang
2018-12-17 20:29     ` Trahe, Fiona
2018-12-18 16:25       ` Zhang, Roy Fan
2018-12-18 16:32         ` Trahe, Fiona
2018-12-11 12:26   ` [dpdk-dev] [PATCH v2 0/2] lib/cryptodev: change qp conf and sym session Ananyev, Konstantin
2018-12-21 13:55   ` [dpdk-dev] [PATCH v3 0/2] cryptodev: " Fan Zhang
2018-12-21 13:55     ` [dpdk-dev] [PATCH v3 1/2] cryptodev: change queue pair configure structure Fan Zhang
2019-01-08 23:20       ` De Lara Guarch, Pablo
2019-01-09 11:30         ` Zhang, Roy Fan
2019-01-09 10:41       ` De Lara Guarch, Pablo
2018-12-21 13:55     ` [dpdk-dev] [PATCH v3 2/2] cryptodev: change symmetric session structure Fan Zhang
2019-01-08 16:12       ` Trahe, Fiona
2019-01-09 11:01       ` De Lara Guarch, Pablo
2019-01-09 11:10         ` Zhang, Roy Fan
2019-01-09 22:55     ` [dpdk-dev] [PATCH v4 00/12] cryptodev: change qp conf and sym session Fan Zhang
2019-01-09 22:55       ` [dpdk-dev] [PATCH v4 01/12] cryptodev: change queue pair configure structure Fan Zhang
2019-01-10  9:47         ` De Lara Guarch, Pablo
2019-01-10 11:24           ` De Lara Guarch, Pablo
2019-01-09 22:55       ` [dpdk-dev] [PATCH v4 02/12] cryptodev: add sym session mempool create Fan Zhang
2019-01-10 11:22         ` De Lara Guarch, Pablo
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 03/12] app/test-crypto-perf: use separate session mempools Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 04/12] net/softnic: " Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 05/12] examples: " Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 06/12] vhost/crypto: " Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 07/12] test/crypto: " Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 08/12] cryptodev: add sym session header size API Fan Zhang
2019-01-10 13:28         ` De Lara Guarch, Pablo
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 09/12] cryptodev: update symmetric session structure Fan Zhang
2019-01-10 13:06         ` De Lara Guarch, Pablo
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 10/12] cryptodev: add user data size to symmetric session Fan Zhang
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 11/12] cryptodev: add reference count to session private data Fan Zhang
2019-01-10 12:35         ` De Lara Guarch, Pablo
2019-01-09 22:56       ` [dpdk-dev] [PATCH v4 12/12] cryptodev: add opaque data field to symmetric session Fan Zhang
2019-01-10 14:50       ` [dpdk-dev] [PATCH v5 00/12] cryptodev: change qp conf and sym session Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 01/12] cryptodev: change queue pair configure structure Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 02/12] cryptodev: add sym session mempool create Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 03/12] app/test-crypto-perf: use separate session mempools Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 04/12] net/softnic: " Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 05/12] examples: " Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 06/12] vhost/crypto: " Fan Zhang
2019-01-11  9:13           ` Maxime Coquelin
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 07/12] test/crypto: " Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 08/12] cryptodev: add sym session header size API Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 09/12] cryptodev: update symmetric session structure Fan Zhang
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 10/12] cryptodev: add user data size to symmetric session Fan Zhang
2019-01-10 14:50         ` Fan Zhang [this message]
2019-01-10 14:50         ` [dpdk-dev] [PATCH v5 12/12] cryptodev: add opaque data field " Fan Zhang
2019-01-10 15:06         ` [dpdk-dev] [PATCH v5 00/12] cryptodev: change qp conf and sym session Akhil Goyal
2019-01-10 17:18         ` De Lara Guarch, Pablo

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190110145022.42883-12-roy.fan.zhang@intel.com \
    --to=roy.fan.zhang@intel.com \
    --cc=akhil.goyal@nxp.com \
    --cc=dev@dpdk.org \
    --cc=fiona.trahe@intel.com \
    --cc=pablo.de.lara.guarch@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).