gerrit.fd Code Review - vpp.git/commit - src/vnet/ipsec/esp

author	Matthew Smith <mgsmith@netgate.com>
	Wed, 1 Dec 2021 20:02:35 +0000 (20:02 +0000)
committer	Neale Ranns <neale@graphiant.com>
	Sat, 4 Dec 2021 12:52:29 +0000 (12:52 +0000)
commit	c14b8cfe601b7b56e946e5f518e82a47e223c721
tree	73e77279155cbce1ea33ef037f36d8d92e04ab91	tree \| snapshot
parent	0d05c0d214ffd326e531bea58f3c971bb9a58252	commit \| diff

ipsec: fix async buffer leak

Type: fix
Fixes: f16e9a5507

If an attempt to submit an async crypto frame fails, the buffers that
were added to the frame are supposed to be dropped. This was not
happening and they are leaking, resulting in buffer exhaustion.
There are two issues:

1. The return value of esp_async_recycle_failed_submit() is used to
figure out how many buffers should be dropped. That function calls
vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting
the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always
returns 0. It is safe to remove the call to reset the frame because
esp_async_recycle_failed_submit() is called in 2 places and a call to
reset the frame is made immediately afterwards in both cases - so it
is currently unnecessary anyway.

2. An array and an index are passed to esp_async_recycle_failed_submit().
The index should indicate the position in the array where indices of the
buffers contained in the frame should be written. Across multiple calls,
the same index value (n_sync) is passed. This means each call may overwrite
the same entries in the array with the buffer indices in the frame rather
than appending them to the entries which were written earlier. Pass n_noop
as the index instead of n_sync.

Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84
Signed-off-by: Matthew Smith <mgsmith@netgate.com>

src/vnet/ipsec/esp.h		diff \| blob \| history
src/vnet/ipsec/esp_decrypt.c		diff \| blob \| history
src/vnet/ipsec/esp_encrypt.c		diff \| blob \| history