There are several func calls to rte_zmalloc() which don't do null
point check on the return value. And before return, the memory is not
freed. Fix it by adding null point check and rte_free().
Fixes: 1703e94ac5ce ("qat: add driver for QuickAssist devices")
Fixes: e09231eaa2af ("crypto/qat: add SGL capability")
Signed-off-by: Yong Wang <wang.yon...@zte.com.cn>
---
v4:
* Cover errors that happen after the rte_mempool_create.
* Add fix information.
v3:
* Rebase on master and modify again.
v2:
* Fix code style warning.
---
drivers/crypto/qat/qat_adf/qat_algs_build_desc.c | 10 ++++++++++
drivers/crypto/qat/qat_qp.c | 10 +++++++++-
2 files changed, 19 insertions(+), 1 deletion(-)
diff --git a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
index db6c9a3..26f854c 100644
--- a/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
+++ b/drivers/crypto/qat/qat_adf/qat_algs_build_desc.c
@@ -359,6 +359,11 @@ static int qat_alg_do_precomputes(enum
icp_qat_hw_auth_algo hash_alg,
in = rte_zmalloc("working mem for key",
ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ, 16);
+ if (in == NULL) {
+ PMD_DRV_LOG(ERR, "Failed to alloc memory");
+ return -ENOMEM;
+ }
+
rte_memcpy(in, qat_aes_xcbc_key_seed,
ICP_QAT_HW_AES_XCBC_MAC_STATE2_SZ);
for (x = 0; x < HASH_XCBC_PRECOMP_KEY_NUM; x++) {
@@ -389,6 +394,11 @@ static int qat_alg_do_precomputes(enum
icp_qat_hw_auth_algo hash_alg,
ICP_QAT_HW_GALOIS_E_CTR0_SZ);
in = rte_zmalloc("working mem for key",
ICP_QAT_HW_GALOIS_H_SZ, 16);
+ if (in == NULL) {
+ PMD_DRV_LOG(ERR, "Failed to alloc memory");
+ return -ENOMEM;
+ }
+
memset(in, 0, ICP_QAT_HW_GALOIS_H_SZ);
if (AES_set_encrypt_key(auth_key, auth_keylen << 3,
&enc_key) != 0) {
diff --git a/drivers/crypto/qat/qat_qp.c b/drivers/crypto/qat/qat_qp.c
index 0941a58..87b9ce0 100644
--- a/drivers/crypto/qat/qat_qp.c
+++ b/drivers/crypto/qat/qat_qp.c
@@ -151,6 +151,11 @@ int qat_crypto_sym_qp_setup(struct rte_cryptodev *dev,
uint16_t queue_pair_id,
qp->op_cookies = rte_zmalloc("qat PMD op cookie pointer",
qp_conf->nb_descriptors * sizeof(*qp->op_cookies),
RTE_CACHE_LINE_SIZE);
+ if (qp->op_cookies == NULL) {
+ PMD_DRV_LOG(ERR, "Failed to alloc mem for cookie");
+ rte_free(qp);
+ return -ENOMEM;
+ }
qp->mmap_bar_addr = pci_dev->mem_resource[0].addr;
qp->inflights16 = 0;
@@ -192,7 +197,7 @@ int qat_crypto_sym_qp_setup(struct rte_cryptodev *dev,
uint16_t queue_pair_id,
for (i = 0; i < qp->nb_descriptors; i++) {
if (rte_mempool_get(qp->op_cookie_pool, &qp->op_cookies[i])) {
PMD_DRV_LOG(ERR, "QAT PMD Cannot get op_cookie");
- return -EFAULT;
+ goto create_err;
}
struct qat_crypto_op_cookie *sql_cookie =
@@ -217,6 +222,9 @@ int qat_crypto_sym_qp_setup(struct rte_cryptodev *dev,
uint16_t queue_pair_id,
return 0;
create_err:
+ if (qp->op_cookie_pool)
+ rte_mempool_free(qp->op_cookie_pool);
+ rte_free(qp->op_cookies);
rte_free(qp);
return -EFAULT;
}
--
1.8.3.1
