From: dpdklab@iol.unh.edu
To: test-report@dpdk.org
Cc: dpdk-test-reports@iol.unh.edu
Subject: |WARNING| pw133842 [PATCH] crypto/openssl: fix asym memory leaks
Date: Fri, 03 Nov 2023 10:18:02 -0700 (PDT) [thread overview]
Message-ID: <65452b4a.0c0a0220.210b5.1b6fSMTPIN_ADDED_MISSING@mx.google.com> (raw)
Test-Label: iol-testing
Test-Status: WARNING
http://dpdk.org/patch/133842
_apply patch failure_
Submitter: Ciara Power <ciara.power@intel.com>
Date: Friday, November 03 2023 15:45:16
Applied on: CommitID:11e5ca63c77b355d0397f642989f28a7a0318cbc
Apply patch set 133842 failed:
Checking patch drivers/crypto/openssl/openssl_pmd_private.h...
Checking patch drivers/crypto/openssl/rte_openssl_pmd.c...
error: while searching for:
err_dsa_sign:
if (params)
OSSL_PARAM_free(params);
if (key_ctx)
EVP_PKEY_CTX_free(key_ctx);
if (dsa_ctx)
EVP_PKEY_CTX_free(dsa_ctx);
EVP_PKEY_free(pkey);
return ret;
}
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd.c:1958
error: while searching for:
DSA_SIG_free(sign);
if (params)
OSSL_PARAM_free(params);
if (key_ctx)
EVP_PKEY_CTX_free(key_ctx);
if (dsa_ctx)
EVP_PKEY_CTX_free(dsa_ctx);
BN_free(pub_key);
EVP_PKEY_free(pkey);
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd.c:2043
Hunk #3 succeeded at 2294 (offset -2 lines).
error: while searching for:
err_sm2:
EVP_MD_free(check_md);
EVP_MD_CTX_free(md_ctx);
if (kctx)
EVP_PKEY_CTX_free(kctx);
if (sctx)
EVP_PKEY_CTX_free(sctx);
if (cctx)
EVP_PKEY_CTX_free(cctx);
if (pkey)
EVP_PKEY_free(pkey);
return ret;
}
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd.c:2887
Checking patch drivers/crypto/openssl/rte_openssl_pmd_ops.c...
Hunk #1 succeeded at 1104 (offset -2 lines).
Hunk #2 succeeded at 1129 (offset -2 lines).
Hunk #3 succeeded at 1146 (offset -2 lines).
error: while searching for:
err_dh:
OPENSSL_LOG(ERR, " failed to set dh params\n");
BN_free(p);
BN_free(g);
return -1;
}
case RTE_CRYPTO_ASYM_XFORM_DSA:
{
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
BIGNUM *p = NULL, *g = NULL;
BIGNUM *q = NULL, *priv_key = NULL;
BIGNUM *pub_key = NULL;
OSSL_PARAM_BLD *param_bld = NULL;
p = BN_bin2bn((const unsigned char *)
xform->dsa.p.data,
xform->dsa.p.length,
p);
g = BN_bin2bn((const unsigned char *)
xform->dsa.g.data,
xform->dsa.g.length,
g);
q = BN_bin2bn((const unsigned char *)
xform->dsa.q.data,
xform->dsa.q.length,
q);
if (!p || !q || !g)
goto err_dsa;
priv_key = BN_bin2bn((const unsigned char *)
xform->dsa.x.data,
xform->dsa.x.length,
priv_key);
if (priv_key == NULL)
goto err_dsa;
param_bld = OSSL_PARAM_BLD_new();
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd_ops.c:1177
Hunk #5 succeeded at 1218 (offset -3 lines).
Hunk #6 succeeded at 1285 (offset -3 lines).
Hunk #7 succeeded at 1306 (offset -3 lines).
Hunk #8 succeeded at 1431 (offset -5 lines).
error: while searching for:
if (sess->u.dh.dh_key)
DH_free(sess->u.dh.dh_key);
#endif
break;
case RTE_CRYPTO_ASYM_XFORM_DSA:
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
OSSL_PARAM_BLD_free(sess->u.s.param_bld);
sess->u.s.param_bld = NULL;
#else
if (sess->u.s.dsa)
DSA_free(sess->u.s.dsa);
error: patch failed: drivers/crypto/openssl/rte_openssl_pmd_ops.c:1463
Applied patch drivers/crypto/openssl/openssl_pmd_private.h cleanly.
Applying patch drivers/crypto/openssl/rte_openssl_pmd.c with 3 rejects...
Rejected hunk #1.
Rejected hunk #2.
Hunk #3 applied cleanly.
Rejected hunk #4.
Applying patch drivers/crypto/openssl/rte_openssl_pmd_ops.c with 2 rejects...
Hunk #1 applied cleanly.
Hunk #2 applied cleanly.
Hunk #3 applied cleanly.
Rejected hunk #4.
Hunk #5 applied cleanly.
Hunk #6 applied cleanly.
Hunk #7 applied cleanly.
Hunk #8 applied cleanly.
Rejected hunk #9.
hint: Use 'git am --show-current-patch' to see the failed patch
diff a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c (rejected hunks)
@@ -1958,11 +1958,8 @@ process_openssl_dsa_sign_op_evp(struct rte_crypto_op *cop,
err_dsa_sign:
if (params)
OSSL_PARAM_free(params);
- if (key_ctx)
- EVP_PKEY_CTX_free(key_ctx);
- if (dsa_ctx)
- EVP_PKEY_CTX_free(dsa_ctx);
-
+ EVP_PKEY_CTX_free(key_ctx);
+ EVP_PKEY_CTX_free(dsa_ctx);
EVP_PKEY_free(pkey);
return ret;
}
@@ -2043,10 +2040,8 @@ process_openssl_dsa_verify_op_evp(struct rte_crypto_op *cop,
DSA_SIG_free(sign);
if (params)
OSSL_PARAM_free(params);
- if (key_ctx)
- EVP_PKEY_CTX_free(key_ctx);
- if (dsa_ctx)
- EVP_PKEY_CTX_free(dsa_ctx);
+ EVP_PKEY_CTX_free(key_ctx);
+ EVP_PKEY_CTX_free(dsa_ctx);
BN_free(pub_key);
EVP_PKEY_free(pkey);
@@ -2887,18 +2877,10 @@ process_openssl_sm2_op_evp(struct rte_crypto_op *cop,
err_sm2:
EVP_MD_free(check_md);
EVP_MD_CTX_free(md_ctx);
-
- if (kctx)
- EVP_PKEY_CTX_free(kctx);
-
- if (sctx)
- EVP_PKEY_CTX_free(sctx);
-
- if (cctx)
- EVP_PKEY_CTX_free(cctx);
-
- if (pkey)
- EVP_PKEY_free(pkey);
+ EVP_PKEY_CTX_free(kctx);
+ EVP_PKEY_CTX_free(sctx);
+ EVP_PKEY_CTX_free(cctx);
+ EVP_PKEY_free(pkey);
return ret;
}
diff a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c (rejected hunks)
@@ -1177,40 +1177,42 @@ static int openssl_set_asym_session_parameters(
err_dh:
OPENSSL_LOG(ERR, " failed to set dh params\n");
- BN_free(p);
- BN_free(g);
+ BN_free(*p);
+ BN_free(*g);
return -1;
}
case RTE_CRYPTO_ASYM_XFORM_DSA:
{
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
- BIGNUM *p = NULL, *g = NULL;
- BIGNUM *q = NULL, *priv_key = NULL;
+ BIGNUM **p = &asym_session->u.s.p;
+ BIGNUM **g = &asym_session->u.s.g;
+ BIGNUM **q = &asym_session->u.s.q;
+ BIGNUM **priv_key = &asym_session->u.s.priv_key;
BIGNUM *pub_key = NULL;
OSSL_PARAM_BLD *param_bld = NULL;
- p = BN_bin2bn((const unsigned char *)
+ *p = BN_bin2bn((const unsigned char *)
xform->dsa.p.data,
xform->dsa.p.length,
- p);
+ *p);
- g = BN_bin2bn((const unsigned char *)
+ *g = BN_bin2bn((const unsigned char *)
xform->dsa.g.data,
xform->dsa.g.length,
- g);
+ *g);
- q = BN_bin2bn((const unsigned char *)
+ *q = BN_bin2bn((const unsigned char *)
xform->dsa.q.data,
xform->dsa.q.length,
- q);
- if (!p || !q || !g)
+ *q);
+ if (!*p || !*q || !*g)
goto err_dsa;
- priv_key = BN_bin2bn((const unsigned char *)
+ *priv_key = BN_bin2bn((const unsigned char *)
xform->dsa.x.data,
xform->dsa.x.length,
- priv_key);
- if (priv_key == NULL)
+ *priv_key);
+ if (*priv_key == NULL)
goto err_dsa;
param_bld = OSSL_PARAM_BLD_new();
@@ -1463,11 +1464,17 @@ static void openssl_reset_asym_session(struct openssl_asym_session *sess)
if (sess->u.dh.dh_key)
DH_free(sess->u.dh.dh_key);
#endif
+ BN_clear_free(sess->u.dh.p);
+ BN_clear_free(sess->u.dh.g);
break;
case RTE_CRYPTO_ASYM_XFORM_DSA:
#if (OPENSSL_VERSION_NUMBER >= 0x30000000L)
OSSL_PARAM_BLD_free(sess->u.s.param_bld);
sess->u.s.param_bld = NULL;
+ BN_clear_free(sess->u.s.p);
+ BN_clear_free(sess->u.s.q);
+ BN_clear_free(sess->u.s.g);
+ BN_clear_free(sess->u.s.priv_key);
#else
if (sess->u.s.dsa)
DSA_free(sess->u.s.dsa);
https://lab.dpdk.org/results/dashboard/patchsets/28225/
UNH-IOL DPDK Community Lab
next reply other threads:[~2023-11-03 17:18 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-03 17:18 dpdklab [this message]
[not found] <20231103154516.3456536-1-ciara.power@intel.com>
2023-11-03 15:25 ` qemudev
2023-11-03 15:46 ` checkpatch
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=65452b4a.0c0a0220.210b5.1b6fSMTPIN_ADDED_MISSING@mx.google.com \
--to=dpdklab@iol.unh.edu \
--cc=dpdk-test-reports@iol.unh.edu \
--cc=test-report@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).