Re: [dpdk-dev] [PATCH v1 2/2] crypto/aesni_mb: improve security instance setup

Fri, 17 Jul 2020 12:30:32 -0700 

Hi David,

> -----Original Message-----
> From: Coyle, David <david.co...@intel.com>
> Sent: Thursday, July 16, 2020 4:36 PM
> To: akhil.go...@nxp.com; Doherty, Declan <declan.dohe...@intel.com>; De
> Lara Guarch, Pablo <pablo.de.lara.gua...@intel.com>; Trahe, Fiona
> <fiona.tr...@intel.com>
> Cc: dev@dpdk.org; Ryan, Brendan <brendan.r...@intel.com>; O'loingsigh,
> Mairtin <mairtin.oloings...@intel.com>; Coyle, David <david.co...@intel.com>
> Subject: [PATCH v1 2/2] crypto/aesni_mb: improve security instance setup
> 
> This patch makes some minor improvements to the security instance setup for
> the AESNI-MB PMD. All of this setup code is now in one '#ifdef
> AESNI_MB_DOCSIS_SEC_ENABLED' block. Enabling the
> RTE_CRYPTODEV_FF_SECURITY feature for the device is also moved to this
> block.
> 
> Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
> 
> Signed-off-by: David Coyle <david.co...@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 13 ++++---------
>  1 file changed, 4 insertions(+), 9 deletions(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> index b54c57f86..171d914a3 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> @@ -1881,9 +1881,6 @@ cryptodev_aesni_mb_create(const char *name,
>       struct aesni_mb_private *internals;
>       enum aesni_mb_vector_mode vector_mode;
>       MB_MGR *mb_mgr;
> -#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> -     struct rte_security_ctx *security_instance;
> -#endif
> 
>       dev = rte_cryptodev_pmd_create(name, &vdev->device, init_params);
>       if (dev == NULL) {
> @@ -1912,13 +1909,10 @@ cryptodev_aesni_mb_create(const char *name,
>                       RTE_CRYPTODEV_FF_SYM_OPERATION_CHAINING |
>                       RTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |
>                       RTE_CRYPTODEV_FF_SYM_CPU_CRYPTO |
> -                     RTE_CRYPTODEV_FF_SYM_SESSIONLESS
> -#ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> -                     | RTE_CRYPTODEV_FF_SECURITY
> -#endif
> -                     ;
> +                     RTE_CRYPTODEV_FF_SYM_SESSIONLESS;
> 
>  #ifdef AESNI_MB_DOCSIS_SEC_ENABLED
> +     struct rte_security_ctx *security_instance;
>       security_instance = rte_malloc("aesni_mb_sec",
>                               sizeof(struct rte_security_ctx),
>                               RTE_CACHE_LINE_SIZE);

I see that there could be a potential memory leak here.
Assuming this malloc works, if alloc_init_mb_mgr() fails, this memory will not 
be freed.
So I suggest two options:
1 - Free security_instance if alloc_init_mb_mgr() fails
2 - Move this piece of code after alloc_init_mb_mgr and free mb_mgr if this 
malloc fails.

Thanks,
Pablo

Reply via email to