From patchwork Mon Jan 29 15:00:14 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Github ODP bot X-Patchwork-Id: 126169 Delivered-To: patch@linaro.org Received: by 10.46.84.92 with SMTP id y28csp2512764ljd; Mon, 29 Jan 2018 07:05:43 -0800 (PST) X-Google-Smtp-Source: AH8x227PvVcCCi8C1AmTXPLMxmnMeVBUKlUa5mT2qbkd8JC6N/X1h8KU1Xhj13nUygcOsWkBAz95 X-Received: by 10.55.82.214 with SMTP id g205mr36127389qkb.349.1517238343454; Mon, 29 Jan 2018 07:05:43 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1517238343; cv=none; d=google.com; s=arc-20160816; b=ZFyxkQJpf3pHDOk4GA53hRGiVaDzHTdKQ0EhVRZxfVhyflgOmJCmZ/zH0yzW+RJq2k mQq/T3DwQyJHe3pSLcniQ3dDpTSAgL2VkTysyyooJpyOrRrAf4Lzug1HpVNF9CbRLUg1 Zc5Uhrakv4azC2Xuug4wdb6qODryKYCpAZyxZMhWqTN1tJZ6ydOMIBloz9Clnn8F2JTp rsr1C/PmoI6PjsGMLJ8q/gHDaI2rkNt8j/KJAPO7PesELzFNLQ0ki6cX4sN/V9SHQ8Cy 4PjiypU7LITgktxG7+VsnY+0c4AM/plOBNEy3wdhpG0Ij7KEEQXphBiqfmHfxLaiOUy3 rTBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:subject:github-pr-num :references:in-reply-to:message-id:date:to:from:delivered-to :arc-authentication-results; bh=Vfxh74wUNOgdYEwBxdDxWiZc8+DVuVovR3G5l3kgej4=; b=TGsPhI2Pd39AtxmrP7PGG1YfDit8PZwJRiCPakQddIs8cHWVTRBOUmcx7hk75JxRhR eccVUkAB9WMV3sQZxkrE5EcFr0y6lJJFzm2kVuPk2KrmRUN0VNEY628DwSONf6aNTzZI YjJRV2jYRuLQn+ZLEm1f3zJukcNsT3CNt4lcOncKnmH6GEHSOKbCDnzYCuu7J8OzIB47 WGS9Qxfh61Eve3voShhsknZsjB6106+eCHHqNm/hDU6toCv7UfPUGVuisaLbg/8Bq1fr Jv+ucRnXstnM9vmzhvCV0p0FMrLnc0udx7/DHsDchR+hGTzjErZmYcBf+/D9QVQ8FdGL u55w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Return-Path: Received: from lists.linaro.org (ec2-54-197-127-237.compute-1.amazonaws.com. [54.197.127.237]) by mx.google.com with ESMTP id g186si2095757qkc.154.2018.01.29.07.05.43; Mon, 29 Jan 2018 07:05:43 -0800 (PST) Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; Authentication-Results: mx.google.com; spf=pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) smtp.mailfrom=lng-odp-bounces@lists.linaro.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=yandex.ru Received: by lists.linaro.org (Postfix, from userid 109) id 251036173F; Mon, 29 Jan 2018 15:05:43 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ip-10-142-244-252 X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H2 autolearn=disabled version=3.4.0 Received: from [127.0.0.1] (localhost [127.0.0.1]) by lists.linaro.org (Postfix) with ESMTP id 5A69C61747; Mon, 29 Jan 2018 15:00:54 +0000 (UTC) X-Original-To: lng-odp@lists.linaro.org Delivered-To: lng-odp@lists.linaro.org Received: by lists.linaro.org (Postfix, from userid 109) id 193BB60813; Mon, 29 Jan 2018 15:00:31 +0000 (UTC) Received: from forward102p.mail.yandex.net (forward102p.mail.yandex.net [77.88.28.102]) by lists.linaro.org (Postfix) with ESMTPS id B824D60887 for ; Mon, 29 Jan 2018 15:00:21 +0000 (UTC) Received: from mxback2o.mail.yandex.net (mxback2o.mail.yandex.net [IPv6:2a02:6b8:0:1a2d::1c]) by forward102p.mail.yandex.net (Yandex) with ESMTP id 8F44C4302025 for ; Mon, 29 Jan 2018 18:00:20 +0300 (MSK) Received: from smtp1o.mail.yandex.net (smtp1o.mail.yandex.net [2a02:6b8:0:1a2d::25]) by mxback2o.mail.yandex.net (nwsmtp/Yandex) with ESMTP id 5x1tvUJX38-0KF0iMkT; Mon, 29 Jan 2018 18:00:20 +0300 Received: by smtp1o.mail.yandex.net (nwsmtp/Yandex) with ESMTPSA id ZIlIkHp1bF-0JUGCDaR; Mon, 29 Jan 2018 18:00:19 +0300 (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (Client certificate not present) From: Github ODP bot To: lng-odp@lists.linaro.org Date: Mon, 29 Jan 2018 18:00:14 +0300 Message-Id: <1517238014-22220-6-git-send-email-odpbot@yandex.ru> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1517238014-22220-1-git-send-email-odpbot@yandex.ru> References: <1517238014-22220-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 427 Subject: [lng-odp] [PATCH v2 5/5] linux-gen: ipsec: fix SA leak in SA creation X-BeenThere: lng-odp@lists.linaro.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "The OpenDataPlane \(ODP\) List" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" From: Dmitry Eremin-Solenikov odp_ipsec_sa_create can leave SA locked if one asks for ODP_AUTH_AES_GMAC with non-NULL encryption. Unlock SA in error path. Signed-off-by: Dmitry Eremin-Solenikov --- /** Email created from pull request 427 (lumag:ipsec-fix-sad) ** https://github.com/Linaro/odp/pull/427 ** Patch: https://github.com/Linaro/odp/pull/427.patch ** Base sha: 27480d82bd93a881ae683a3c314c11042a68ce29 ** Merge commit sha: 67c9dbf28c41ea7a53782ba841276b03f154c4ef **/ platform/linux-generic/odp_ipsec_sad.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/platform/linux-generic/odp_ipsec_sad.c b/platform/linux-generic/odp_ipsec_sad.c index 2af72bbb5..60d9b8fe7 100644 --- a/platform/linux-generic/odp_ipsec_sad.c +++ b/platform/linux-generic/odp_ipsec_sad.c @@ -416,7 +416,7 @@ odp_ipsec_sa_t odp_ipsec_sa_create(const odp_ipsec_sa_param_t *param) break; case ODP_AUTH_ALG_AES_GMAC: if (ODP_CIPHER_ALG_NULL != crypto_param.cipher_alg) - return ODP_IPSEC_SA_INVALID; + goto error; ipsec_sa->use_counter_iv = 1; ipsec_sa->esp_iv_len = 8; ipsec_sa->esp_block_len = 16;