cryptodev: add reference count to session private data
This patch adds a refcnt field to every session private data in the cryptodev symmetric session. The counter is used to prevent freeing symmetric session blindly before it is not cleared by every type of crypto device in use. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Fiona Trahe <fiona.trahe@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This commit is contained in:
parent
9e5f5ecb5e
commit
5d6c73dd59
@ -308,6 +308,13 @@
|
||||
class="st2"
|
||||
y="189.4823"
|
||||
x="-185.78569">user_data</text>
|
||||
<text
|
||||
transform="scale(0.71276665,1.4029837)"
|
||||
style="font-size:14.02988338px;font-family:Calibri;overflow:visible;color-interpolation-filters:sRGB;fill:#386288;fill-rule:evenodd;stroke-width:1.40298378;stroke-linecap:square;stroke-miterlimit:3"
|
||||
id="text24-5-5-1-4"
|
||||
class="st2"
|
||||
y="129.23468"
|
||||
x="-204.95244">uint16_t refcnt;</text>
|
||||
</g><g
|
||||
transform="matrix(1.022976,0,0,0.71529071,199.82034,-39.936699)"
|
||||
id="shape19-6-5"><title
|
||||
|
Before Width: | Height: | Size: 19 KiB After Width: | Height: | Size: 20 KiB |
@ -100,6 +100,12 @@ New Features
|
||||
devices to track dirty pages caused by DMA. IFC driver has enabled this
|
||||
SW-assisted live migration mode.
|
||||
|
||||
* **Added security checks to cryptodev symmetric session operations.**
|
||||
|
||||
Added a set of security checks to the access cryptodev symmetric session.
|
||||
The checks include the session's user data read/write check and the
|
||||
session private data referencing status check while freeing a session.
|
||||
|
||||
* **Updated the AESNI-MB PMD.**
|
||||
|
||||
* Add support for intel-ipsec-mb version 0.52.
|
||||
|
@ -1216,7 +1216,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
|
||||
|
||||
RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_configure, -ENOTSUP);
|
||||
|
||||
if (sess->sess_data[index].data == NULL) {
|
||||
if (sess->sess_data[index].refcnt == 0) {
|
||||
ret = dev->dev_ops->sym_session_configure(dev, xforms,
|
||||
sess, mp);
|
||||
if (ret < 0) {
|
||||
@ -1227,6 +1227,7 @@ rte_cryptodev_sym_session_init(uint8_t dev_id,
|
||||
}
|
||||
}
|
||||
|
||||
sess->sess_data[index].refcnt++;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -1372,12 +1373,17 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
|
||||
struct rte_cryptodev_sym_session *sess)
|
||||
{
|
||||
struct rte_cryptodev *dev;
|
||||
uint8_t driver_id;
|
||||
|
||||
dev = rte_cryptodev_pmd_get_dev(dev_id);
|
||||
|
||||
if (dev == NULL || sess == NULL)
|
||||
return -EINVAL;
|
||||
|
||||
driver_id = dev->driver_id;
|
||||
if (--sess->sess_data[driver_id].refcnt != 0)
|
||||
return -EBUSY;
|
||||
|
||||
RTE_FUNC_PTR_OR_ERR_RET(*dev->dev_ops->sym_session_clear, -ENOTSUP);
|
||||
|
||||
dev->dev_ops->sym_session_clear(dev, sess);
|
||||
@ -1407,16 +1413,14 @@ int
|
||||
rte_cryptodev_sym_session_free(struct rte_cryptodev_sym_session *sess)
|
||||
{
|
||||
uint8_t i;
|
||||
void *sess_priv;
|
||||
struct rte_mempool *sess_mp;
|
||||
|
||||
if (sess == NULL)
|
||||
return -EINVAL;
|
||||
|
||||
/* Check that all device private data has been freed */
|
||||
for (i = 0; i < nb_drivers; i++) {
|
||||
sess_priv = get_sym_session_private_data(sess, i);
|
||||
if (sess_priv != NULL)
|
||||
for (i = 0; i < sess->nb_drivers; i++) {
|
||||
if (sess->sess_data[i].refcnt != 0)
|
||||
return -EBUSY;
|
||||
}
|
||||
|
||||
|
@ -959,6 +959,7 @@ struct rte_cryptodev_sym_session {
|
||||
/**< session user data will be placed after sess_data */
|
||||
__extension__ struct {
|
||||
void *data;
|
||||
uint16_t refcnt;
|
||||
} sess_data[0];
|
||||
/**< Driver specific session material, variable size */
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user