[v1] crypto/aesni_mb: fix incorrect clearing of security session
Checks
Commit Message
When destroying a security session, the AESNI-MB PMD attempted to clear
the private aesni_mb session object to remove any key material. However,
the function aesni_mb_pmd_sec_sess_destroy() cleared the security session
object instead of the private session object.
This patch fixes this issue by now clearing the private session object.
Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
Hi David,
> -----Original Message-----
> From: Coyle, David <david.coyle@intel.com>
> Sent: Tuesday, October 6, 2020 10:42 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; akhil.goyal@nxp.com; Coyle, David
> <david.coyle@intel.com>
> Subject: [PATCH v1] crypto/aesni_mb: fix incorrect clearing of security session
>
> When destroying a security session, the AESNI-MB PMD attempted to clear the
> private aesni_mb session object to remove any key material. However, the
> function aesni_mb_pmd_sec_sess_destroy() cleared the security session object
> instead of the private session object.
>
> This patch fixes this issue by now clearing the private session object.
>
> Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
>
> Signed-off-by: David Coyle <david.coyle@intel.com>
Patch looks good, but you need to CC stable, as this should be backported since the issue was introduced in the previous release.
So, add Cc: stable@dpdk.org after Fixes: fda... and send a v2.
Apart from that, you can keep my ack:
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Hi Pablo
> >
> > When destroying a security session, the AESNI-MB PMD attempted to
> > clear the private aesni_mb session object to remove any key material.
> > However, the function aesni_mb_pmd_sec_sess_destroy() cleared the
> > security session object instead of the private session object.
> >
> > This patch fixes this issue by now clearing the private session object.
> >
> > Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
> >
> > Signed-off-by: David Coyle <david.coyle@intel.com>
>
> Patch looks good, but you need to CC stable, as this should be backported
> since the issue was introduced in the previous release.
> So, add Cc: stable@dpdk.org after Fixes: fda... and send a v2.
> Apart from that, you can keep my ack:
[DC] Done, thanks for pointing that out
>
> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
@@ -911,7 +911,7 @@ aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
if (sess_priv) {
struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
- memset(sess, 0, sizeof(struct aesni_mb_session));
+ memset(sess_priv, 0, sizeof(struct aesni_mb_session));
set_sec_session_private_data(sess, NULL);
rte_mempool_put(sess_mp, sess_priv);
}