diff mbox series

net/ixgbe_ipsec: prevent ic_session leak on failure

Message ID 20181012095346.42141-1-vipin.varghese@intel.com (mailing list archive)
State Accepted, archived
Delegated to: Qi Zhang
Headers
Series net/ixgbe_ipsec: prevent ic_session leak on failure |

Checks

Context Check Description
ci/Intel-compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

Varghese, Vipin Oct. 12, 2018, 9:53 a.m. UTC 
  For function ixgbe_crypto_create_session, fetches ic_session from the
mempool. But on failure scenarios, the object is not released back to
mempool. Using rte_mempool_put the ic_session is put back to mempool.

Signed-off-by: Vipin Varghese <vipin.varghese@intel.com>
---
 drivers/net/ixgbe/ixgbe_ipsec.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Radu Nicolau Oct. 16, 2018, 11:32 a.m. UTC | #1 
On 10/12/2018 10:53 AM, Vipin Varghese wrote:
> For function ixgbe_crypto_create_session, fetches ic_session from the
> mempool. But on failure scenarios, the object is not released back to
> mempool. Using rte_mempool_put the ic_session is put back to mempool.
>
> Signed-off-by: Vipin Varghese <vipin.varghese@intel.com>
> ---
>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Qi Zhang Oct. 25, 2018, 2:13 p.m. UTC | #2 
> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Radu Nicolau
> Sent: Tuesday, October 16, 2018 6:32 AM
> To: Varghese, Vipin <vipin.varghese@intel.com>; Ananyev, Konstantin
> <konstantin.ananyev@intel.com>; dev@dpdk.org; Lu, Wenzhuo
> <wenzhuo.lu@intel.com>
> Subject: Re: [dpdk-dev] [PATCH] net/ixgbe_ipsec: prevent ic_session leak on
> failure
> 
> 
> 
> On 10/12/2018 10:53 AM, Vipin Varghese wrote:
> > For function ixgbe_crypto_create_session, fetches ic_session from the
> > mempool. But on failure scenarios, the object is not released back to
> > mempool. Using rte_mempool_put the ic_session is put back to mempool.
> >
> > Signed-off-by: Vipin Varghese <vipin.varghese@intel.com>
> > ---
> >
> Acked-by: Radu Nicolau <radu.nicolau@intel.com>

Applied to dpdk-next-net-intel.

Thanks
Qi
diff mbox series

Patch

diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c
index 683ab88a6..5a416885f 100644
--- a/drivers/net/ixgbe/ixgbe_ipsec.c
+++ b/drivers/net/ixgbe/ixgbe_ipsec.c
@@ -364,6 +364,7 @@  ixgbe_crypto_create_session(void *device,
 			conf->crypto_xform->aead.algo !=
 					RTE_CRYPTO_AEAD_AES_GCM) {
 		PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n");
+		rte_mempool_put(mempool, (void *)ic_session);
 		return -ENOTSUP;
 	}
 	aead_xform = &conf->crypto_xform->aead;
@@ -373,6 +374,7 @@  ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n");
+			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	} else {
@@ -380,6 +382,7 @@  ixgbe_crypto_create_session(void *device,
 			ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION;
 		} else {
 			PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n");
+			rte_mempool_put(mempool, (void *)ic_session);
 			return -ENOTSUP;
 		}
 	}
@@ -395,6 +398,7 @@  ixgbe_crypto_create_session(void *device,
 	if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) {
 		if (ixgbe_crypto_add_sa(ic_session)) {
 			PMD_DRV_LOG(ERR, "Failed to add SA\n");
+			rte_mempool_put(mempool, (void *)ic_session);
 			return -EPERM;
 		}
 	}