From patchwork Mon Jul 20 12:16:21 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Coyle, David" <david.coyle@intel.com>
X-Patchwork-Id: 74496
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 0DDC0A0540;
	Mon, 20 Jul 2020 14:41:19 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 79E092D13;
	Mon, 20 Jul 2020 14:41:06 +0200 (CEST)
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 by dpdk.org (Postfix) with ESMTP id 9CDDB2C30
 for <dev@dpdk.org>; Mon, 20 Jul 2020 14:41:01 +0200 (CEST)
IronPort-SDR: 
 bAS2oHICxR9UX1UDnWhTr5c40mMRVk9vXRrVsT7jerC7riKCqKuY38SiXdM9GYV6DkF7hLod4q
 zswCtjJS30fQ==
X-IronPort-AV: E=McAfee;i="6000,8403,9687"; a="214578335"
X-IronPort-AV: E=Sophos;i="5.75,375,1589266800"; d="scan'208";a="214578335"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga008.fm.intel.com ([10.253.24.58])
 by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 20 Jul 2020 05:41:00 -0700
IronPort-SDR: 
 YYOzv2Aoou0G+0W2yTkQ5Y9mQ1LTKAJbgEdHhPAXn5Rw+lIANekjHvBmHmXQK4Vn0EqFCyHZPY
 xKKS4Nl7MyTQ==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.75,375,1589266800"; d="scan'208";a="271422852"
Received: from silpixa00399912.ir.intel.com (HELO
 silpixa00399912.ger.corp.intel.com) ([10.237.223.64])
 by fmsmga008.fm.intel.com with ESMTP; 20 Jul 2020 05:40:58 -0700
From: David Coyle <david.coyle@intel.com>
To: akhil.goyal@nxp.com, declan.doherty@intel.com,
 pablo.de.lara.guarch@intel.com, fiona.trahe@intel.com
Cc: dev@dpdk.org, brendan.ryan@intel.com, mairtin.oloingsigh@intel.com,
 David Coyle <david.coyle@intel.com>
Date: Mon, 20 Jul 2020 13:16:21 +0100
Message-Id: <20200720121621.23628-3-david.coyle@intel.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20200720121621.23628-1-david.coyle@intel.com>
References: <20200716153600.66071-1-david.coyle@intel.com>
 <20200720121621.23628-1-david.coyle@intel.com>
Subject: [dpdk-dev] [PATCH v2 2/2] crypto/aesni-mb: improve security
	instance setup
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch makes some improvements to the security instance setup for
the AESNI-MB PMD, as follows:
- fix potential memory leak where the security instance was not freed if
  an error occurred later in the device creation
- tidy-up security instance initialization code by moving it all,
  including enabling the RTE_CRYPTODEV_FF_SECURITY feature, into one
  '#ifdef AESNI_MB_DOCSIS_SEC_ENABLED' block

Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")

Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index b54c57f86..1bddbcf74 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -1881,9 +1881,6 @@ cryptodev_aesni_mb_create(const char *name,
 	struct aesni_mb_private *internals;
 	enum aesni_mb_vector_mode vector_mode;
 	MB_MGR *mb_mgr;
-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
-	struct rte_security_ctx *security_instance;
-#endif
 
 	dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
 	if (dev == NULL) {
@@ -1912,13 +1909,10 @@ cryptodev_aesni_mb_create(const char *name,
 			RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
 			RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
 			RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |
-			RTE_CRYPTODEV_FF_SYM_SESSIONLESS
-#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
-			| RTE_CRYPTODEV_FF_SECURITY
-#endif
-			;
+			RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
 
 #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
+	struct rte_security_ctx *security_instance;
 	security_instance = rte_malloc("aesni_mb_sec",
 				sizeof(struct rte_security_ctx),
 				RTE_CACHE_LINE_SIZE);
@@ -1932,6 +1926,7 @@ cryptodev_aesni_mb_create(const char *name,
 	security_instance->ops = rte_aesni_mb_pmd_sec_ops;
 	security_instance->sess_cnt = 0;
 	dev->security_ctx = security_instance;
+	dev->feature_flags |= RTE_CRYPTODEV_FF_SECURITY;
 #endif
 
 	/* Check CPU for support for AES instruction set */
@@ -1944,6 +1939,10 @@ cryptodev_aesni_mb_create(const char *name,
 
 	mb_mgr = alloc_init_mb_mgr(vector_mode);
 	if (mb_mgr == NULL) {
+#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
+		rte_free(dev->security_ctx);
+		dev->security_ctx = NULL;
+#endif
 		rte_cryptodev_pmd_destroy(dev);
 		return -ENOMEM;
 	}
@@ -2011,8 +2010,9 @@ cryptodev_aesni_mb_remove(struct rte_vdev_device *vdev)
 		RTE_PER_LCORE(sync_mb_mgr) = NULL;
 	}
 
-#ifdef RTE_LIBRTE_SECURITY
+#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
 	rte_free(cryptodev->security_ctx);
+	cryptodev->security_ctx = NULL;
 #endif
 
 	return rte_cryptodev_pmd_destroy(cryptodev);