From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id CEFF5430D2 for ; Tue, 22 Aug 2023 19:33:28 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D244F42D0C; Tue, 22 Aug 2023 19:33:28 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 107D24021D; Tue, 22 Aug 2023 19:33:25 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 37M8a6hZ021967; Tue, 22 Aug 2023 10:33:25 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-transfer-encoding : content-type; s=pfpt0220; bh=TNA8jSgPgyypl+gLXjsQ7CSzhm4JTXOEz5hp0wChNcY=; b=dDqucWJJG3s1XcH0BBW1Wa05mthK6mIiJOtTVE83F39PrBg20wex+Q6kaB8XDK3/6lCm YLOboGVYe5UKGfRUwKbQOBH/DNK1yNspZ8AfdPN+ws4Bah15Wnp6tNYMtHSPyi9SqjLZ 5r11x4AVxan36/j6xlh1DCb49pFP3/bGK3VRz1M9+1q/wdkiOkFF/gOeKWQHEzC6mHm3 YTpDbZhsOkERe1MfTSeeUiZAN7Fhd51JEEVQuIgtDnfa1GoBOdhV+UIZGZBzO+B9xner Yipzz5Tsk3P2vl/QtLC+ScwrSeURybCafZAuWEYV9tmpKb3Lm6oX5OeK4j4ttw2Poqg1 Ng== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3sjw8jj175-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 22 Aug 2023 10:33:25 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Tue, 22 Aug 2023 10:33:22 -0700 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Tue, 22 Aug 2023 10:33:22 -0700 Received: from localhost.localdomain (unknown [10.28.36.102]) by maili.marvell.com (Postfix) with ESMTP id 9E8A73F70D1; Tue, 22 Aug 2023 10:33:19 -0700 (PDT) From: Akhil Goyal To: CC: , Akhil Goyal , Subject: [PATCH] test/security: fix buffer leaks in error path Date: Tue, 22 Aug 2023 23:03:16 +0530 Message-ID: <20230822173316.465078-1-gakhil@marvell.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Proofpoint-ORIG-GUID: SVvKCYMvclrhXixJmMeNTblDHtJjqk52 X-Proofpoint-GUID: SVvKCYMvclrhXixJmMeNTblDHtJjqk52 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.601,FMLib:17.11.176.26 definitions=2023-08-22_15,2023-08-22_01,2023-05-22_02 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org In case of failure of a test in macsec autotest, the buffers were not getting cleaned. Added appropriate code to clean the buffers. Fixes: 993ea577a006 ("test/security: add inline MACsec cases") Cc: stable@dpdk.org Signed-off-by: Akhil Goyal --- app/test/test_security_inline_macsec.c | 70 ++++++++++++++++++-------- 1 file changed, 49 insertions(+), 21 deletions(-) diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c index 20670fe5d2..8b57bc51fb 100644 --- a/app/test/test_security_inline_macsec.c +++ b/app/test/test_security_inline_macsec.c @@ -837,6 +837,11 @@ test_macsec_event_callback(uint16_t port_id, enum rte_eth_event_type type, return 0; } +#define FREE_PKTS(j, m) { \ + while (j--) \ + rte_pktmbuf_free(m[j]); \ +} + static int test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs_test_opts *opts) { @@ -878,8 +883,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC; } if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + FREE_PKTS(j, tx_pkts_burst); ret = TEST_FAILED; goto out; } @@ -891,8 +895,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs opts->ar_td[k]->secure_pkt.data, opts->ar_td[k]->secure_pkt.len); if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + FREE_PKTS(j, tx_pkts_burst); ret = TEST_FAILED; goto out; } @@ -919,8 +922,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC; } if (tx_pkts_burst[j] == NULL) { - while (j--) - rte_pktmbuf_free(tx_pkts_burst[j]); + FREE_PKTS(j, tx_pkts_burst); ret = TEST_FAILED; goto out; } @@ -942,7 +944,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; } rx_sa_id[i][an] = (uint16_t)id; } @@ -951,6 +955,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sc_create(ctx, &sc_conf); if (id < 0) { printf("MACsec SC create failed : %d.\n", id); + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; goto out; } rx_sc_id[i] = (uint16_t)id; @@ -958,19 +964,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs /* Create Inline IPsec session. */ ret = fill_session_conf(td[i], port_id, opts, &sess_conf, RTE_SECURITY_MACSEC_DIR_RX, rx_sc_id[i], tci_off); - if (ret) - return TEST_FAILED; - + if (ret) { + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; + } rx_sess[i] = rte_security_session_create(ctx, &sess_conf, sess_pool); if (rx_sess[i] == NULL) { printf("SEC Session init failed.\n"); - return TEST_FAILED; + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; } ret = create_default_flow(td[i], port_id, RTE_SECURITY_MACSEC_DIR_RX, rx_sess[i]); - if (ret) + if (ret) { + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; goto out; + } } if (op == MCS_ENCAP || op == MCS_ENCAP_DECAP || op == MCS_AUTH_ONLY || op == MCS_AUTH_VERIFY) { @@ -983,7 +996,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; } tx_sa_id[i][0] = (uint16_t)id; tx_sa_id[i][1] = MCS_INVALID_SA; @@ -997,6 +1012,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec rekey SA create failed : %d.\n", id); + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; goto out; } tx_sa_id[i][1] = (uint16_t)id; @@ -1006,6 +1023,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sc_create(ctx, &sc_conf); if (id < 0) { printf("MACsec SC create failed : %d.\n", id); + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; goto out; } tx_sc_id[i] = (uint16_t)id; @@ -1013,19 +1032,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs /* Create Inline IPsec session. */ ret = fill_session_conf(td[i], port_id, opts, &sess_conf, RTE_SECURITY_MACSEC_DIR_TX, tx_sc_id[i], tci_off); - if (ret) - return TEST_FAILED; - + if (ret) { + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; + } tx_sess[i] = rte_security_session_create(ctx, &sess_conf, sess_pool); if (tx_sess[i] == NULL) { printf("SEC Session init failed.\n"); - return TEST_FAILED; + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; + goto out; } ret = create_default_flow(td[i], port_id, RTE_SECURITY_MACSEC_DIR_TX, tx_sess[i]); - if (ret) + if (ret) { + FREE_PKTS(j, tx_pkts_burst); + ret = TEST_FAILED; goto out; + } } } @@ -1042,6 +1068,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs rte_pause(); + j = 0; /* Receive back packet on loopback interface. */ do { nb_rx += rte_eth_rx_burst(port_id, 0, @@ -1055,8 +1082,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs if (nb_rx != nb_sent) { printf("\nUnable to RX all %d packets, received(%i)", nb_sent, nb_rx); - while (--nb_rx >= 0) - rte_pktmbuf_free(rx_pkts_burst[nb_rx]); + FREE_PKTS(nb_rx, rx_pkts_burst); ret = TEST_FAILED; if (opts->check_sectag_interrupts == 1) ret = TEST_SUCCESS; @@ -1080,7 +1106,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs id = rte_security_macsec_sa_create(ctx, &sa_conf); if (id < 0) { printf("MACsec SA create failed : %d.\n", id); - return TEST_FAILED; + FREE_PKTS(nb_rx, rx_pkts_burst); + ret = TEST_FAILED; + goto out; } tx_sa_id[0][0] = (uint16_t)id; break; -- 2.25.1