From: David Coyle <david.coyle@intel.com>
To: akhil.goyal@nxp.com, declan.doherty@intel.com,
pablo.de.lara.guarch@intel.com, fiona.trahe@intel.com
Cc: dev@dpdk.org, brendan.ryan@intel.com,
mairtin.oloingsigh@intel.com, David Coyle <david.coyle@intel.com>
Subject: [dpdk-dev] [PATCH v2 1/2] crypto/qat: improve security instance setup
Date: Mon, 20 Jul 2020 13:16:20 +0100 [thread overview]
Message-ID: <20200720121621.23628-2-david.coyle@intel.com> (raw)
In-Reply-To: <20200720121621.23628-1-david.coyle@intel.com>
This patch makes some improvements to the security instance setup for
the QAT SYM PMD, as follows:
- fix potential memory leak where the security instance was not freed if
an error occurred later in the device creation
- tidy-up security instance initialization code by moving it all,
including enabling the RTE_CRYPTODEV_FF_SECURITY feature, into one
'#ifdef RTE_LIBRTE_SECURITY' block
Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---
drivers/crypto/qat/qat_sym_pmd.c | 42 ++++++++++++++++++--------------
1 file changed, 24 insertions(+), 18 deletions(-)
diff --git a/drivers/crypto/qat/qat_sym_pmd.c b/drivers/crypto/qat/qat_sym_pmd.c
index c7e323cce..43870ac04 100644
--- a/drivers/crypto/qat/qat_sym_pmd.c
+++ b/drivers/crypto/qat/qat_sym_pmd.c
@@ -310,7 +310,7 @@ int
qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
struct qat_dev_cmd_param *qat_dev_cmd_param __rte_unused)
{
- int i = 0;
+ int i = 0, ret = 0;
struct qat_device_info *qat_dev_instance =
&qat_pci_devs[qat_pci_dev->qat_dev_id];
@@ -346,10 +346,6 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
}
}
-#ifdef RTE_LIBRTE_SECURITY
- struct rte_security_ctx *security_instance;
-#endif
-
snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, "%s_%s",
qat_pci_dev->name, "sym");
QAT_LOG(DEBUG, "Creating QAT SYM device %s", name);
@@ -381,8 +377,7 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
- RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED |
- RTE_CRYPTODEV_FF_SECURITY;
+ RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;
if (rte_eal_process_type() != RTE_PROC_PRIMARY)
return 0;
@@ -392,19 +387,21 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
qat_pci_dev->qat_dev_gen);
#ifdef RTE_LIBRTE_SECURITY
+ struct rte_security_ctx *security_instance;
security_instance = rte_malloc("qat_sec",
sizeof(struct rte_security_ctx),
RTE_CACHE_LINE_SIZE);
if (security_instance == NULL) {
QAT_LOG(ERR, "rte_security_ctx memory alloc failed");
- rte_cryptodev_pmd_destroy(cryptodev);
- return -ENOMEM;
+ ret = -ENOMEM;
+ goto error;
}
security_instance->device = (void *)cryptodev;
security_instance->ops = &security_qat_ops;
security_instance->sess_cnt = 0;
cryptodev->security_ctx = security_instance;
+ cryptodev->feature_flags |= RTE_CRYPTODEV_FF_SECURITY;
#endif
internals = cryptodev->data->dev_private;
@@ -428,10 +425,8 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
QAT_LOG(DEBUG,
"QAT gen %d capabilities unknown",
qat_pci_dev->qat_dev_gen);
- rte_cryptodev_pmd_destroy(cryptodev);
- memset(&qat_dev_instance->sym_rte_dev, 0,
- sizeof(qat_dev_instance->sym_rte_dev));
- return -(EINVAL);
+ ret = -(EINVAL);
+ goto error;
}
internals->capa_mz = rte_memzone_lookup(capa_memz_name);
@@ -442,12 +437,11 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
}
if (internals->capa_mz == NULL) {
QAT_LOG(DEBUG,
- "Error allocating memzone for capabilities, destroying PMD for %s",
+ "Error allocating memzone for capabilities, destroying "
+ "PMD for %s",
name);
- rte_cryptodev_pmd_destroy(cryptodev);
- memset(&qat_dev_instance->sym_rte_dev, 0,
- sizeof(qat_dev_instance->sym_rte_dev));
- return -EFAULT;
+ ret = -EFAULT;
+ goto error;
}
memcpy(internals->capa_mz->addr, capabilities, capa_size);
@@ -467,6 +461,17 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
cryptodev->data->name, internals->sym_dev_id);
return 0;
+
+error:
+#ifdef RTE_LIBRTE_SECURITY
+ rte_free(cryptodev->security_ctx);
+ cryptodev->security_ctx = NULL;
+#endif
+ rte_cryptodev_pmd_destroy(cryptodev);
+ memset(&qat_dev_instance->sym_rte_dev, 0,
+ sizeof(qat_dev_instance->sym_rte_dev));
+
+ return ret;
}
int
@@ -485,6 +490,7 @@ qat_sym_dev_destroy(struct qat_pci_device *qat_pci_dev)
cryptodev = rte_cryptodev_pmd_get_dev(qat_pci_dev->sym_dev->sym_dev_id);
#ifdef RTE_LIBRTE_SECURITY
rte_free(cryptodev->security_ctx);
+ cryptodev->security_ctx = NULL;
#endif
rte_cryptodev_pmd_destroy(cryptodev);
qat_pci_devs[qat_pci_dev->qat_dev_id].sym_rte_dev.name = NULL;
--
2.17.1
next prev parent reply other threads:[~2020-07-20 12:41 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-16 15:35 [dpdk-dev] [PATCH v1 0/2] " David Coyle
2020-07-16 15:35 ` [dpdk-dev] [PATCH v1 1/2] crypto/qat: " David Coyle
2020-07-17 18:20 ` Trahe, Fiona
2020-07-18 21:36 ` Akhil Goyal
2020-07-18 21:40 ` Akhil Goyal
2020-07-20 12:39 ` Coyle, David
2020-07-16 15:36 ` [dpdk-dev] [PATCH v1 2/2] crypto/aesni_mb: " David Coyle
2020-07-17 19:29 ` De Lara Guarch, Pablo
2020-07-20 12:38 ` Coyle, David
2020-07-20 12:16 ` [dpdk-dev] [PATCH v2 0/2] " David Coyle
2020-07-20 12:16 ` David Coyle [this message]
2020-07-20 12:16 ` [dpdk-dev] [PATCH v2 2/2] crypto/aesni-mb: " David Coyle
2020-07-22 7:58 ` De Lara Guarch, Pablo
2020-07-26 19:08 ` [dpdk-dev] [PATCH v2 0/2] " Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200720121621.23628-2-david.coyle@intel.com \
--to=david.coyle@intel.com \
--cc=akhil.goyal@nxp.com \
--cc=brendan.ryan@intel.com \
--cc=declan.doherty@intel.com \
--cc=dev@dpdk.org \
--cc=fiona.trahe@intel.com \
--cc=mairtin.oloingsigh@intel.com \
--cc=pablo.de.lara.guarch@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).