From patchwork Tue Aug 22 17:33:16 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Akhil Goyal <gakhil@marvell.com>
X-Patchwork-Id: 130653
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id BF72D430D2;
	Tue, 22 Aug 2023 19:33:27 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id C1108406B7;
	Tue, 22 Aug 2023 19:33:27 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com
 [67.231.156.173])
 by mails.dpdk.org (Postfix) with ESMTP id 107D24021D;
 Tue, 22 Aug 2023 19:33:25 +0200 (CEST)
Received: from pps.filterd (m0045851.ppops.net [127.0.0.1])
 by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 37M8a6hZ021967; Tue, 22 Aug 2023 10:33:25 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : mime-version : content-transfer-encoding :
 content-type; s=pfpt0220; bh=TNA8jSgPgyypl+gLXjsQ7CSzhm4JTXOEz5hp0wChNcY=;
 b=dDqucWJJG3s1XcH0BBW1Wa05mthK6mIiJOtTVE83F39PrBg20wex+Q6kaB8XDK3/6lCm
 YLOboGVYe5UKGfRUwKbQOBH/DNK1yNspZ8AfdPN+ws4Bah15Wnp6tNYMtHSPyi9SqjLZ
 5r11x4AVxan36/j6xlh1DCb49pFP3/bGK3VRz1M9+1q/wdkiOkFF/gOeKWQHEzC6mHm3
 YTpDbZhsOkERe1MfTSeeUiZAN7Fhd51JEEVQuIgtDnfa1GoBOdhV+UIZGZBzO+B9xner
 Yipzz5Tsk3P2vl/QtLC+ScwrSeURybCafZAuWEYV9tmpKb3Lm6oX5OeK4j4ttw2Poqg1 Ng==
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3sjw8jj175-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Tue, 22 Aug 2023 10:33:25 -0700
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48;
 Tue, 22 Aug 2023 10:33:22 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend
 Transport; Tue, 22 Aug 2023 10:33:22 -0700
Received: from localhost.localdomain (unknown [10.28.36.102])
 by maili.marvell.com (Postfix) with ESMTP id 9E8A73F70D1;
 Tue, 22 Aug 2023 10:33:19 -0700 (PDT)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <vattunuru@marvell.com>, Akhil Goyal <gakhil@marvell.com>,
 <stable@dpdk.org>
Subject: [PATCH] test/security: fix buffer leaks in error path
Date: Tue, 22 Aug 2023 23:03:16 +0530
Message-ID: <20230822173316.465078-1-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
X-Proofpoint-ORIG-GUID: SVvKCYMvclrhXixJmMeNTblDHtJjqk52
X-Proofpoint-GUID: SVvKCYMvclrhXixJmMeNTblDHtJjqk52
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.601,FMLib:17.11.176.26
 definitions=2023-08-22_15,2023-08-22_01,2023-05-22_02
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

In case of failure of a test in macsec autotest,
the buffers were not getting cleaned.
Added appropriate code to clean the buffers.

Fixes: 993ea577a006 ("test/security: add inline MACsec cases")
Cc: stable@dpdk.org

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 app/test/test_security_inline_macsec.c | 70 ++++++++++++++++++--------
 1 file changed, 49 insertions(+), 21 deletions(-)

diff --git a/app/test/test_security_inline_macsec.c b/app/test/test_security_inline_macsec.c
index 20670fe5d2..8b57bc51fb 100644
--- a/app/test/test_security_inline_macsec.c
+++ b/app/test/test_security_inline_macsec.c
@@ -837,6 +837,11 @@ test_macsec_event_callback(uint16_t port_id, enum rte_eth_event_type type,
 	return 0;
 }
 
+#define FREE_PKTS(j, m) {		\
+	while (j--)			\
+		rte_pktmbuf_free(m[j]);	\
+}
+
 static int
 test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs_test_opts *opts)
 {
@@ -878,8 +883,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC;
 		}
 		if (tx_pkts_burst[j] == NULL) {
-			while (j--)
-				rte_pktmbuf_free(tx_pkts_burst[j]);
+			FREE_PKTS(j, tx_pkts_burst);
 			ret = TEST_FAILED;
 			goto out;
 		}
@@ -891,8 +895,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 					opts->ar_td[k]->secure_pkt.data,
 					opts->ar_td[k]->secure_pkt.len);
 				if (tx_pkts_burst[j] == NULL) {
-					while (j--)
-						rte_pktmbuf_free(tx_pkts_burst[j]);
+					FREE_PKTS(j, tx_pkts_burst);
 					ret = TEST_FAILED;
 					goto out;
 				}
@@ -919,8 +922,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 				tx_pkts_burst[j]->ol_flags |= RTE_MBUF_F_TX_MACSEC;
 			}
 			if (tx_pkts_burst[j] == NULL) {
-				while (j--)
-					rte_pktmbuf_free(tx_pkts_burst[j]);
+				FREE_PKTS(j, tx_pkts_burst);
 				ret = TEST_FAILED;
 				goto out;
 			}
@@ -942,7 +944,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 				id = rte_security_macsec_sa_create(ctx, &sa_conf);
 				if (id < 0) {
 					printf("MACsec SA create failed : %d.\n", id);
-					return TEST_FAILED;
+					FREE_PKTS(j, tx_pkts_burst);
+					ret = TEST_FAILED;
+					goto out;
 				}
 				rx_sa_id[i][an] = (uint16_t)id;
 			}
@@ -951,6 +955,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			id = rte_security_macsec_sc_create(ctx, &sc_conf);
 			if (id < 0) {
 				printf("MACsec SC create failed : %d.\n", id);
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
 				goto out;
 			}
 			rx_sc_id[i] = (uint16_t)id;
@@ -958,19 +964,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			/* Create Inline IPsec session. */
 			ret = fill_session_conf(td[i], port_id, opts, &sess_conf,
 					RTE_SECURITY_MACSEC_DIR_RX, rx_sc_id[i], tci_off);
-			if (ret)
-				return TEST_FAILED;
-
+			if (ret) {
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
+			}
 			rx_sess[i] = rte_security_session_create(ctx, &sess_conf,
 					sess_pool);
 			if (rx_sess[i] == NULL) {
 				printf("SEC Session init failed.\n");
-				return TEST_FAILED;
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
 			}
 			ret = create_default_flow(td[i], port_id,
 					RTE_SECURITY_MACSEC_DIR_RX, rx_sess[i]);
-			if (ret)
+			if (ret) {
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
 				goto out;
+			}
 		}
 		if (op == MCS_ENCAP || op == MCS_ENCAP_DECAP ||
 				op == MCS_AUTH_ONLY || op == MCS_AUTH_VERIFY) {
@@ -983,7 +996,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			id = rte_security_macsec_sa_create(ctx, &sa_conf);
 			if (id < 0) {
 				printf("MACsec SA create failed : %d.\n", id);
-				return TEST_FAILED;
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
 			}
 			tx_sa_id[i][0] = (uint16_t)id;
 			tx_sa_id[i][1] = MCS_INVALID_SA;
@@ -997,6 +1012,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 				id = rte_security_macsec_sa_create(ctx, &sa_conf);
 				if (id < 0) {
 					printf("MACsec rekey SA create failed : %d.\n", id);
+					FREE_PKTS(j, tx_pkts_burst);
+					ret = TEST_FAILED;
 					goto out;
 				}
 				tx_sa_id[i][1] = (uint16_t)id;
@@ -1006,6 +1023,8 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			id = rte_security_macsec_sc_create(ctx, &sc_conf);
 			if (id < 0) {
 				printf("MACsec SC create failed : %d.\n", id);
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
 				goto out;
 			}
 			tx_sc_id[i] = (uint16_t)id;
@@ -1013,19 +1032,26 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			/* Create Inline IPsec session. */
 			ret = fill_session_conf(td[i], port_id, opts, &sess_conf,
 					RTE_SECURITY_MACSEC_DIR_TX, tx_sc_id[i], tci_off);
-			if (ret)
-				return TEST_FAILED;
-
+			if (ret) {
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
+			}
 			tx_sess[i] = rte_security_session_create(ctx, &sess_conf,
 					sess_pool);
 			if (tx_sess[i] == NULL) {
 				printf("SEC Session init failed.\n");
-				return TEST_FAILED;
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
 			}
 			ret = create_default_flow(td[i], port_id,
 					RTE_SECURITY_MACSEC_DIR_TX, tx_sess[i]);
-			if (ret)
+			if (ret) {
+				FREE_PKTS(j, tx_pkts_burst);
+				ret = TEST_FAILED;
 				goto out;
+			}
 		}
 	}
 
@@ -1042,6 +1068,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 
 	rte_pause();
 
+	j = 0;
 	/* Receive back packet on loopback interface. */
 	do {
 		nb_rx += rte_eth_rx_burst(port_id, 0,
@@ -1055,8 +1082,7 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 	if (nb_rx != nb_sent) {
 		printf("\nUnable to RX all %d packets, received(%i)",
 				nb_sent, nb_rx);
-		while (--nb_rx >= 0)
-			rte_pktmbuf_free(rx_pkts_burst[nb_rx]);
+		FREE_PKTS(nb_rx, rx_pkts_burst);
 		ret = TEST_FAILED;
 		if (opts->check_sectag_interrupts == 1)
 			ret = TEST_SUCCESS;
@@ -1080,7 +1106,9 @@ test_macsec(const struct mcs_test_vector *td[], enum mcs_op op, const struct mcs
 			id = rte_security_macsec_sa_create(ctx, &sa_conf);
 			if (id < 0) {
 				printf("MACsec SA create failed : %d.\n", id);
-				return TEST_FAILED;
+				FREE_PKTS(nb_rx, rx_pkts_burst);
+				ret = TEST_FAILED;
+				goto out;
 			}
 			tx_sa_id[0][0] = (uint16_t)id;
 			break;