From 93e11beebc49ad5ab7ea3d146da911caa8064bd1 Mon Sep 17 00:00:00 2001 From: Vipin Varghese Date: Fri, 12 Oct 2018 15:23:46 +0530 Subject: [PATCH] net/ixgbe: prevent ic session leak on failure For function ixgbe_crypto_create_session, fetches ic_session from the mempool. But on failure scenarios, the object is not released back to mempool. Using rte_mempool_put the ic_session is put back to mempool. Signed-off-by: Vipin Varghese Acked-by: Radu Nicolau --- drivers/net/ixgbe/ixgbe_ipsec.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/drivers/net/ixgbe/ixgbe_ipsec.c b/drivers/net/ixgbe/ixgbe_ipsec.c index 683ab88a60..5a416885f8 100644 --- a/drivers/net/ixgbe/ixgbe_ipsec.c +++ b/drivers/net/ixgbe/ixgbe_ipsec.c @@ -364,6 +364,7 @@ ixgbe_crypto_create_session(void *device, conf->crypto_xform->aead.algo != RTE_CRYPTO_AEAD_AES_GCM) { PMD_DRV_LOG(ERR, "Unsupported crypto transformation mode\n"); + rte_mempool_put(mempool, (void *)ic_session); return -ENOTSUP; } aead_xform = &conf->crypto_xform->aead; @@ -373,6 +374,7 @@ ixgbe_crypto_create_session(void *device, ic_session->op = IXGBE_OP_AUTHENTICATED_DECRYPTION; } else { PMD_DRV_LOG(ERR, "IPsec decryption not enabled\n"); + rte_mempool_put(mempool, (void *)ic_session); return -ENOTSUP; } } else { @@ -380,6 +382,7 @@ ixgbe_crypto_create_session(void *device, ic_session->op = IXGBE_OP_AUTHENTICATED_ENCRYPTION; } else { PMD_DRV_LOG(ERR, "IPsec encryption not enabled\n"); + rte_mempool_put(mempool, (void *)ic_session); return -ENOTSUP; } } @@ -395,6 +398,7 @@ ixgbe_crypto_create_session(void *device, if (ic_session->op == IXGBE_OP_AUTHENTICATED_ENCRYPTION) { if (ixgbe_crypto_add_sa(ic_session)) { PMD_DRV_LOG(ERR, "Failed to add SA\n"); + rte_mempool_put(mempool, (void *)ic_session); return -EPERM; } } -- 2.20.1