From patchwork Mon Jul 20 12:16:20 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Coyle, David" <david.coyle@intel.com>
X-Patchwork-Id: 74495
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 52ACDA0540;
	Mon, 20 Jul 2020 14:41:08 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 2266D2C38;
	Mon, 20 Jul 2020 14:41:04 +0200 (CEST)
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by dpdk.org (Postfix) with ESMTP id EDDD81DBB
 for <dev@dpdk.org>; Mon, 20 Jul 2020 14:41:00 +0200 (CEST)
IronPort-SDR: 
 NVpYM8Y17Ci/l1aizHyU8M+BP0Qw4a3njjlti5U95bzDEJhQz8deNz5gYBY+n6gmbpMtiLIGbX
 h1BawbVooG6w==
X-IronPort-AV: E=McAfee;i="6000,8403,9687"; a="214578332"
X-IronPort-AV: E=Sophos;i="5.75,375,1589266800"; d="scan'208";a="214578332"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
 by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 20 Jul 2020 05:40:59 -0700
IronPort-SDR: 
 hjGmqfAEpHr+CkIzkS0dZtL0wcwbtQpTn6N6IAq1C4hNM8Gnzx+HEOIN+fMlz/T5wQwpEHQ676
 ib15PMhZ5r0w==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.75,375,1589266800"; d="scan'208";a="271422847"
Received: from silpixa00399912.ir.intel.com (HELO
 silpixa00399912.ger.corp.intel.com) ([10.237.223.64])
 by fmsmga008.fm.intel.com with ESMTP; 20 Jul 2020 05:40:56 -0700
From: David Coyle <david.coyle@intel.com>
To: akhil.goyal@nxp.com, declan.doherty@intel.com,
 pablo.de.lara.guarch@intel.com, fiona.trahe@intel.com
Cc: dev@dpdk.org, brendan.ryan@intel.com, mairtin.oloingsigh@intel.com,
 David Coyle <david.coyle@intel.com>
Date: Mon, 20 Jul 2020 13:16:20 +0100
Message-Id: <20200720121621.23628-2-david.coyle@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20200720121621.23628-1-david.coyle@intel.com>
References: <20200716153600.66071-1-david.coyle@intel.com>
 <20200720121621.23628-1-david.coyle@intel.com>
Subject: [dpdk-dev] [PATCH v2 1/2] crypto/qat: improve security instance
	setup
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch makes some improvements to the security instance setup for
the QAT SYM PMD, as follows:
- fix potential memory leak where the security instance was not freed if
  an error occurred later in the device creation
- tidy-up security instance initialization code by moving it all,
  including enabling the RTE_CRYPTODEV_FF_SECURITY feature, into one
  '#ifdef RTE_LIBRTE_SECURITY' block

Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")

Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---
 drivers/crypto/qat/qat_sym_pmd.c | 42 ++++++++++++++++++--------------
 1 file changed, 24 insertions(+), 18 deletions(-)

diff --git a/drivers/crypto/qat/qat_sym_pmd.c b/drivers/crypto/qat/qat_sym_pmd.c
index c7e323cce..43870ac04 100644
--- a/drivers/crypto/qat/qat_sym_pmd.c
+++ b/drivers/crypto/qat/qat_sym_pmd.c
@@ -310,7 +310,7 @@ int
 qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 		struct qat_dev_cmd_param *qat_dev_cmd_param __rte_unused)
 {
-	int i = 0;
+	int i = 0, ret = 0;
 	struct qat_device_info *qat_dev_instance =
 			&qat_pci_devs[qat_pci_dev->qat_dev_id];
 
@@ -346,10 +346,6 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 		}
 	}
 
-#ifdef RTE_LIBRTE_SECURITY
-	struct rte_security_ctx *security_instance;
-#endif
-
 	snprintf(name, RTE_CRYPTODEV_NAME_MAX_LEN, "%s_%s",
 			qat_pci_dev->name, "sym");
 	QAT_LOG(DEBUG, "Creating QAT SYM device %s", name);
@@ -381,8 +377,7 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 			RTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |
 			RTE_CRYPTODEV_FF_OOP_LB_IN_SGL_OUT |
 			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
-			RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED |
-			RTE_CRYPTODEV_FF_SECURITY;
+			RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;
 
 	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
 		return 0;
@@ -392,19 +387,21 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 			qat_pci_dev->qat_dev_gen);
 
 #ifdef RTE_LIBRTE_SECURITY
+	struct rte_security_ctx *security_instance;
 	security_instance = rte_malloc("qat_sec",
 				sizeof(struct rte_security_ctx),
 				RTE_CACHE_LINE_SIZE);
 	if (security_instance == NULL) {
 		QAT_LOG(ERR, "rte_security_ctx memory alloc failed");
-		rte_cryptodev_pmd_destroy(cryptodev);
-		return -ENOMEM;
+		ret = -ENOMEM;
+		goto error;
 	}
 
 	security_instance->device = (void *)cryptodev;
 	security_instance->ops = &security_qat_ops;
 	security_instance->sess_cnt = 0;
 	cryptodev->security_ctx = security_instance;
+	cryptodev->feature_flags |= RTE_CRYPTODEV_FF_SECURITY;
 #endif
 
 	internals = cryptodev->data->dev_private;
@@ -428,10 +425,8 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 		QAT_LOG(DEBUG,
 			"QAT gen %d capabilities unknown",
 			qat_pci_dev->qat_dev_gen);
-		rte_cryptodev_pmd_destroy(cryptodev);
-		memset(&qat_dev_instance->sym_rte_dev, 0,
-			sizeof(qat_dev_instance->sym_rte_dev));
-		return -(EINVAL);
+		ret = -(EINVAL);
+		goto error;
 	}
 
 	internals->capa_mz = rte_memzone_lookup(capa_memz_name);
@@ -442,12 +437,11 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 	}
 	if (internals->capa_mz == NULL) {
 		QAT_LOG(DEBUG,
-			"Error allocating memzone for capabilities, destroying PMD for %s",
+			"Error allocating memzone for capabilities, destroying "
+			"PMD for %s",
 			name);
-		rte_cryptodev_pmd_destroy(cryptodev);
-		memset(&qat_dev_instance->sym_rte_dev, 0,
-			sizeof(qat_dev_instance->sym_rte_dev));
-		return -EFAULT;
+		ret = -EFAULT;
+		goto error;
 	}
 
 	memcpy(internals->capa_mz->addr, capabilities, capa_size);
@@ -467,6 +461,17 @@ qat_sym_dev_create(struct qat_pci_device *qat_pci_dev,
 			cryptodev->data->name, internals->sym_dev_id);
 
 	return 0;
+
+error:
+#ifdef RTE_LIBRTE_SECURITY
+	rte_free(cryptodev->security_ctx);
+	cryptodev->security_ctx = NULL;
+#endif
+	rte_cryptodev_pmd_destroy(cryptodev);
+	memset(&qat_dev_instance->sym_rte_dev, 0,
+		sizeof(qat_dev_instance->sym_rte_dev));
+
+	return ret;
 }
 
 int
@@ -485,6 +490,7 @@ qat_sym_dev_destroy(struct qat_pci_device *qat_pci_dev)
 	cryptodev = rte_cryptodev_pmd_get_dev(qat_pci_dev->sym_dev->sym_dev_id);
 #ifdef RTE_LIBRTE_SECURITY
 	rte_free(cryptodev->security_ctx);
+	cryptodev->security_ctx = NULL;
 #endif
 	rte_cryptodev_pmd_destroy(cryptodev);
 	qat_pci_devs[qat_pci_dev->qat_dev_id].sym_rte_dev.name = NULL;