[v1] test: fix ipsec unit test segfault
Checks
Commit Message
Segfault was observed when running ipsec unit test:
+ TestCase [10] : test_ipsec_replay_inb_repeat_null_null_wrapper
succeeded
+ TestCase [11] : test_ipsec_replay_inb_inside_burst_null_null_wrapper
succeeded
+ TestCase [12] : test_ipsec_crypto_inb_burst_2sa_null_null_wrapper
succeeded
+ TestCase [13] : test_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper
succeeded
Segmentation fault
Data corruption happens due to incorrect destroy of session. Security
session needs process different from crypto session.
Destroy corresponding sessions according to different security actions.
Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
Cc: stable@dpdk.org
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
---
app/test/test_ipsec.c | 33 ++++++++++++++++++++++++++++++---
1 file changed, 30 insertions(+), 3 deletions(-)
Comments
>
> Segfault was observed when running ipsec unit test:
>
> + TestCase [10] : test_ipsec_replay_inb_repeat_null_null_wrapper
> succeeded
> + TestCase [11] : test_ipsec_replay_inb_inside_burst_null_null_wrapper
> succeeded
> + TestCase [12] : test_ipsec_crypto_inb_burst_2sa_null_null_wrapper
> succeeded
> + TestCase [13] : test_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper
> succeeded
> Segmentation fault
>
> Data corruption happens due to incorrect destroy of session. Security
> session needs process different from crypto session.
>
> Destroy corresponding sessions according to different security actions.
>
> Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> Cc: stable@dpdk.org
>
> Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
> Reviewed-by: Phil Yang <phil.yang@arm.com>
> Reviewed-by: Gavin Hu <gavin.hu@arm.com>
> ---
> app/test/test_ipsec.c | 33 ++++++++++++++++++++++++++++++---
> 1 file changed, 30 insertions(+), 3 deletions(-)
>
> diff --git a/app/test/test_ipsec.c b/app/test/test_ipsec.c
> index 9e1447293..79d00d7e0 100644
> --- a/app/test/test_ipsec.c
> +++ b/app/test/test_ipsec.c
> @@ -1167,6 +1167,34 @@ test_ipsec_dump_buffers(struct ipsec_unitest_params *ut_params, int i)
> }
> }
>
> +static void
> +destroy_dummy_sec_session(struct ipsec_unitest_params *ut,
> + uint32_t j)
> +{
> + rte_security_session_destroy(&dummy_sec_ctx,
> + ut->ss[j].security.ses);
> + ut->ss[j].security.ctx = NULL;
> +}
> +
> +static void
> +destroy_crypto_session(struct ipsec_unitest_params *ut,
> + uint8_t crypto_dev, uint32_t j)
> +{
> + rte_cryptodev_sym_session_clear(crypto_dev, ut->ss[j].crypto.ses);
> + rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
> + memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
> +}
> +
> +static void
> +destroy_session(struct ipsec_unitest_params *ut,
> + uint8_t crypto_dev, uint32_t j)
> +{
> + if (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)
> + return destroy_crypto_session(ut, crypto_dev, j);
> + else
> + return destroy_dummy_sec_session(ut, j);
> +}
> +
> static void
> destroy_sa(uint32_t j)
> {
> @@ -1175,9 +1203,8 @@ destroy_sa(uint32_t j)
>
> rte_ipsec_sa_fini(ut->ss[j].sa);
> rte_free(ut->ss[j].sa);
> - rte_cryptodev_sym_session_clear(ts->valid_dev, ut->ss[j].crypto.ses);
> - rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
> - memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
> +
> + destroy_session(ut, ts->valid_dev, j);
> }
>
> static int
> --
Good catch, thanks for the fix.
As a nit caption should probably be: "test/ipsec: fix ..."
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> 2.17.1
> >
> > Segfault was observed when running ipsec unit test:
> >
> > + TestCase [10] : test_ipsec_replay_inb_repeat_null_null_wrapper
> > succeeded
> > + TestCase [11] : test_ipsec_replay_inb_inside_burst_null_null_wrapper
> > succeeded
> > + TestCase [12] : test_ipsec_crypto_inb_burst_2sa_null_null_wrapper
> > succeeded
> > + TestCase [13] : test_ipsec_crypto_inb_burst_2sa_4grp_null_null_wrapper
> > succeeded
> > Segmentation fault
> >
> > Data corruption happens due to incorrect destroy of session. Security
> > session needs process different from crypto session.
> >
> > Destroy corresponding sessions according to different security actions.
> >
> > Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
> > Reviewed-by: Phil Yang <phil.yang@arm.com>
> > Reviewed-by: Gavin Hu <gavin.hu@arm.com>
> > ---
>
> Good catch, thanks for the fix.
> As a nit caption should probably be: "test/ipsec: fix ..."
Fixed
Applied to dpdk-next-crypto
Thanks.
>
> Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
> Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
>
> > 2.17.1
@@ -1167,6 +1167,34 @@ test_ipsec_dump_buffers(struct ipsec_unitest_params *ut_params, int i)
}
}
+static void
+destroy_dummy_sec_session(struct ipsec_unitest_params *ut,
+ uint32_t j)
+{
+ rte_security_session_destroy(&dummy_sec_ctx,
+ ut->ss[j].security.ses);
+ ut->ss[j].security.ctx = NULL;
+}
+
+static void
+destroy_crypto_session(struct ipsec_unitest_params *ut,
+ uint8_t crypto_dev, uint32_t j)
+{
+ rte_cryptodev_sym_session_clear(crypto_dev, ut->ss[j].crypto.ses);
+ rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
+ memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
+}
+
+static void
+destroy_session(struct ipsec_unitest_params *ut,
+ uint8_t crypto_dev, uint32_t j)
+{
+ if (ut->ss[j].type == RTE_SECURITY_ACTION_TYPE_NONE)
+ return destroy_crypto_session(ut, crypto_dev, j);
+ else
+ return destroy_dummy_sec_session(ut, j);
+}
+
static void
destroy_sa(uint32_t j)
{
@@ -1175,9 +1203,8 @@ destroy_sa(uint32_t j)
rte_ipsec_sa_fini(ut->ss[j].sa);
rte_free(ut->ss[j].sa);
- rte_cryptodev_sym_session_clear(ts->valid_dev, ut->ss[j].crypto.ses);
- rte_cryptodev_sym_session_free(ut->ss[j].crypto.ses);
- memset(&ut->ss[j], 0, sizeof(ut->ss[j]));
+
+ destroy_session(ut, ts->valid_dev, j);
}
static int