diff mbox series

[v1] crypto/aesni_mb: fix incorrect clearing of security session

Message ID 20201006094215.49882-1-david.coyle@intel.com (mailing list archive)
State Superseded, archived
Delegated to: akhil goyal
Headers
Series [v1] crypto/aesni_mb: fix incorrect clearing of security session |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK
ci/iol-broadcom-Functional fail Functional Testing issues
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-testing success Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/travis-robot success Travis build: passed
ci/iol-mellanox-Performance success Performance Testing PASS

Commit Message

Coyle, David Oct. 6, 2020, 9:42 a.m. UTC 
  When destroying a security session, the AESNI-MB PMD attempted to clear
the private aesni_mb session object to remove any key material. However,
the function aesni_mb_pmd_sec_sess_destroy() cleared the security session
object instead of the private session object.

This patch fixes this issue by now clearing the private session object.

Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")

Signed-off-by: David Coyle <david.coyle@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

De Lara Guarch, Pablo Oct. 6, 2020, 11:08 a.m. UTC | #1 
Hi David,


> -----Original Message-----
> From: Coyle, David <david.coyle@intel.com>
> Sent: Tuesday, October 6, 2020 10:42 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Doherty, Declan
> <declan.doherty@intel.com>
> Cc: dev@dpdk.org; akhil.goyal@nxp.com; Coyle, David
> <david.coyle@intel.com>
> Subject: [PATCH v1] crypto/aesni_mb: fix incorrect clearing of security session
> 
> When destroying a security session, the AESNI-MB PMD attempted to clear the
> private aesni_mb session object to remove any key material. However, the
> function aesni_mb_pmd_sec_sess_destroy() cleared the security session object
> instead of the private session object.
> 
> This patch fixes this issue by now clearing the private session object.
> 
> Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
> 
> Signed-off-by: David Coyle <david.coyle@intel.com>

Patch looks good, but you need to CC stable, as this should be backported since the issue was introduced in the previous release.
So, add Cc: stable@dpdk.org after Fixes: fda... and send a v2.
Apart from that, you can keep my ack:

Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Coyle, David Oct. 6, 2020, 11:43 a.m. UTC | #2 
Hi Pablo

> >
> > When destroying a security session, the AESNI-MB PMD attempted to
> > clear the private aesni_mb session object to remove any key material.
> > However, the function aesni_mb_pmd_sec_sess_destroy() cleared the
> > security session object instead of the private session object.
> >
> > This patch fixes this issue by now clearing the private session object.
> >
> > Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
> >
> > Signed-off-by: David Coyle <david.coyle@intel.com>
> 
> Patch looks good, but you need to CC stable, as this should be backported
> since the issue was introduced in the previous release.
> So, add Cc: stable@dpdk.org after Fixes: fda... and send a v2.
> Apart from that, you can keep my ack:

[DC] Done, thanks for pointing that out

> 
> Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
diff mbox series

Patch

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
index 2362f0c3c..b11d7f12b 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_ops.c
@@ -911,7 +911,7 @@  aesni_mb_pmd_sec_sess_destroy(void *dev __rte_unused,
 
 	if (sess_priv) {
 		struct rte_mempool *sess_mp = rte_mempool_from_obj(sess_priv);
-		memset(sess, 0, sizeof(struct aesni_mb_session));
+		memset(sess_priv, 0, sizeof(struct aesni_mb_session));
 		set_sec_session_private_data(sess, NULL);
 		rte_mempool_put(sess_mp, sess_priv);
 	}