From patchwork Tue Apr 18 14:26:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Didier Pallard X-Patchwork-Id: 126244 X-Patchwork-Delegate: gakhil@marvell.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 741ED4297D; Tue, 18 Apr 2023 16:26:52 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6536C42D0C; Tue, 18 Apr 2023 16:26:52 +0200 (CEST) Received: from mail-wm1-f42.google.com (mail-wm1-f42.google.com [209.85.128.42]) by mails.dpdk.org (Postfix) with ESMTP id 8815542BB1 for ; Tue, 18 Apr 2023 16:26:50 +0200 (CEST) Received: by mail-wm1-f42.google.com with SMTP id m39-20020a05600c3b2700b003f170e75bd3so906821wms.1 for ; Tue, 18 Apr 2023 07:26:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=6wind.com; s=google; t=1681828010; x=1684420010; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=4dfLmsPm2ktn5e7XN7vJsDrgDeyuHWn9n2hrzM9RxqY=; b=HyHAMmSVfyYsaydUIxKR0a0AiSEfo7Uqj7ubJlg9Of7yoN7mus/Ho55BUwQWidSu2i nW8bJ/vf+cvn6KtrZBjPSlSAvRUW1V4tBtWFI5XPfK8Sm6jZZoXqWbtR5Ewxw5Y2k66V TMwAKdEC5lo/2z9D5S9BhRxL0zHjNiXMxyft4ubRaQOKfYczKMHa/wc2Nb6875X6lerY T0JVBwIh57niFctH0og83tmY5QcvJQRpQzln6AT525UV3L7vjpvCe3Pf9W9tlWUIjTLM h8g+2rRVIA0rB/nMB+ZPKltDC3W+/MXs7XLqbbd59PuKBQOITdYnRln1e2zU7vXioaxP 5UjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681828010; x=1684420010; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=4dfLmsPm2ktn5e7XN7vJsDrgDeyuHWn9n2hrzM9RxqY=; b=AEDz0S6Y0TIl2kMJGOcQxDZpe5JwKra/9N+eKgi25YGXaRNLIht4gnbOtOzf81ET9v 7UfMzoiyU+SCgIpg8WChVI2ZrTOvrvLL2aqt211FxO7v9TuIBFbrlyguXtMTB/gkJ06y 6CLkq1B7JksWuwTGmDt+YOZBSFWS/Ghsoyt63E8CoK68pExOz89FFPeItG9GUPDFzviM b0ITl5r+caKUuADvpjRZujR6BxJl45Ys6P7W8meHqa0sPJ3pqccYdoHAquUOxvTvx8AX 0D2PA7z89tPqDXTXO0ZwfnhFopHZqAioBWW+AyYjcHyxxutvZAT4ciahP71YRQgifjW6 3uIQ== X-Gm-Message-State: AAQBX9cgzhxM0Da5g2DeQKJ8PK90ro/Vfl01eOiJGerjxStfGI/U3nub aHJgcqTBPzu53l2CYOYZESWwEQWyimRMWJJcjUo= X-Google-Smtp-Source: AKy350aYD2SFQh35MjL5Q2Z9zdUwgJ+t588sKOMUfLjFmU7yLGPu+yJdFIj8W6RptqY+nVTSDD9ytQ== X-Received: by 2002:a7b:cc88:0:b0:3ee:5c8:c3d8 with SMTP id p8-20020a7bcc88000000b003ee05c8c3d8mr14147819wma.34.1681828010201; Tue, 18 Apr 2023 07:26:50 -0700 (PDT) Received: from arion.dev.6wind.com ([185.13.181.2]) by smtp.gmail.com with ESMTPSA id f16-20020a05600c4e9000b003f0a6a1f969sm15556702wmq.46.2023.04.18.07.26.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Apr 2023 07:26:49 -0700 (PDT) From: Didier Pallard To: dev@dpdk.org Cc: stable@dpdk.org, Kai Ji , Akhil Goyal , Fan Zhang , Ashwin Sekhar T K Subject: [PATCH] crypto/openssl: fix memory leak in auth processing function Date: Tue, 18 Apr 2023 16:26:19 +0200 Message-Id: <20230418142619.2643428-1-didier.pallard@6wind.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Contexts allocated with EVP_MAC_CTX_new calls are leaking, they are created then overwritten by the return value of EVP_MAC_CTX_dup call. Fixes: 75adf1eae44f ("crypto/openssl: update HMAC routine with 3.0 EVP API") Fixes: 2b9c693f6ef5 ("crypto/openssl: support AES-CMAC operations") Signed-off-by: Didier Pallard Cc: stable@dpdk.org Acked-by: Kai Ji > --- drivers/crypto/openssl/rte_openssl_pmd.c | 7 ------- 1 file changed, 7 deletions(-) diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c index 384d26262105..e00db0facba5 100644 --- a/drivers/crypto/openssl/rte_openssl_pmd.c +++ b/drivers/crypto/openssl/rte_openssl_pmd.c @@ -1797,7 +1797,6 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op, # if OPENSSL_VERSION_NUMBER >= 0x30000000L EVP_MAC_CTX *ctx_h; EVP_MAC_CTX *ctx_c; - EVP_MAC *mac; # else HMAC_CTX *ctx_h; CMAC_CTX *ctx_c; @@ -1818,10 +1817,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op, break; case OPENSSL_AUTH_AS_HMAC: # if OPENSSL_VERSION_NUMBER >= 0x30000000L - mac = EVP_MAC_fetch(NULL, "HMAC", NULL); - ctx_h = EVP_MAC_CTX_new(mac); ctx_h = EVP_MAC_CTX_dup(sess->auth.hmac.ctx); - EVP_MAC_free(mac); status = process_openssl_auth_mac(mbuf_src, dst, op->sym->auth.data.offset, srclen, ctx_h); @@ -1836,10 +1832,7 @@ process_openssl_auth_op(struct openssl_qp *qp, struct rte_crypto_op *op, break; case OPENSSL_AUTH_AS_CMAC: # if OPENSSL_VERSION_NUMBER >= 0x30000000L - mac = EVP_MAC_fetch(NULL, OSSL_MAC_NAME_CMAC, NULL); - ctx_c = EVP_MAC_CTX_new(mac); ctx_c = EVP_MAC_CTX_dup(sess->auth.cmac.ctx); - EVP_MAC_free(mac); status = process_openssl_auth_mac(mbuf_src, dst, op->sym->auth.data.offset, srclen, ctx_c);