Bug fixes on GCM cleanup and disable flags in provider.

Signed-off-by: Premkumar Shanmugam <[email protected]>
intel · Jun 16, 2023 · b2f2d91 · b2f2d91
1 parent 7a74199
commit b2f2d91
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 34 deletions.
diff --git a/qat_hw_gcm.c b/qat_hw_gcm.c
@@ -741,6 +741,7 @@ int qat_aes_gcm_cleanup(EVP_CIPHER_CTX *ctx)
 #endif
     CpaStatus sts = 0;
     CpaCySymSessionSetupData* session_data = NULL;
+    CpaBoolean sessionInUse = CPA_FALSE;
     int ret_val = 1;
 
     DEBUG("- Entering\n");
@@ -764,48 +765,53 @@ int qat_aes_gcm_cleanup(EVP_CIPHER_CTX *ctx)
         return 0;
     }
 
+    /* Wait for in-flight requests before removing session */
+    do {
+        cpaCySymSessionInUse(qctx->qat_ctx, &sessionInUse);
+    } while (sessionInUse);
+
     session_data = qctx->session_data;
     if (session_data) {
         /* Remove the session */
         if (qctx->qat_ctx) {
             if ((sts = cpaCySymRemoveSession(qat_instance_handles[qctx->inst_num], qctx->qat_ctx))
-               != CPA_STATUS_SUCCESS) {
+                    != CPA_STATUS_SUCCESS) {
                 WARN("cpaCySymRemoveSession FAILED, sts = %d.!\n", sts);
                 ret_val = 0;
                 /* Lets not return yet and instead make a best effort to
                  * cleanup the rest to avoid memory leaks
                  */
             }
-	    qaeCryptoMemFreeNonZero(qctx->qat_ctx);
+            qaeCryptoMemFreeNonZero(qctx->qat_ctx);
             qctx->qat_ctx = NULL;
         }
-            /* Cleanup the memory */
-            if (qctx->aad) {
-                qaeCryptoMemFreeNonZero(qctx->aad);
-                qctx->aad = NULL;
-            }
-            if (qctx->srcBufferList.pPrivateMetaData) {
-                qaeCryptoMemFreeNonZero(qctx->srcBufferList.pPrivateMetaData);
-                qctx->srcBufferList.pPrivateMetaData = NULL;
-            }
-            if (qctx->dstBufferList.pPrivateMetaData) {
-                qaeCryptoMemFreeNonZero(qctx->dstBufferList.pPrivateMetaData);
-                qctx->dstBufferList.pPrivateMetaData = NULL;
-            }
-            if (qctx->iv) {
-                qaeCryptoMemFree(qctx->iv);
-                qctx->iv = NULL;
-            }
-            if (qctx->cipher_key) {
-                qaeCryptoMemFree(qctx->cipher_key);
-                qctx->cipher_key = NULL;
-            }
-            if (qctx->OpData.pDigestResult) {
-                qaeCryptoMemFree(qctx->OpData.pDigestResult);
-                qctx->OpData.pDigestResult = NULL;
-            }
-            session_data->cipherSetupData.pCipherKey = NULL;
-            OPENSSL_clear_free(session_data, sizeof(CpaCySymSessionSetupData));
+        /* Cleanup the memory */
+        if (qctx->aad) {
+            qaeCryptoMemFreeNonZero(qctx->aad);
+            qctx->aad = NULL;
+        }
+        if (qctx->srcBufferList.pPrivateMetaData) {
+            qaeCryptoMemFreeNonZero(qctx->srcBufferList.pPrivateMetaData);
+            qctx->srcBufferList.pPrivateMetaData = NULL;
+        }
+        if (qctx->dstBufferList.pPrivateMetaData) {
+            qaeCryptoMemFreeNonZero(qctx->dstBufferList.pPrivateMetaData);
+            qctx->dstBufferList.pPrivateMetaData = NULL;
+        }
+        if (qctx->iv) {
+            qaeCryptoMemFree(qctx->iv);
+            qctx->iv = NULL;
+        }
+        if (qctx->cipher_key) {
+            qaeCryptoMemFree(qctx->cipher_key);
+            qctx->cipher_key = NULL;
+        }
+        if (qctx->OpData.pDigestResult) {
+            qaeCryptoMemFree(qctx->OpData.pDigestResult);
+            qctx->OpData.pDigestResult = NULL;
+        }
+        session_data->cipherSetupData.pCipherKey = NULL;
+        OPENSSL_clear_free(session_data, sizeof(CpaCySymSessionSetupData));
     }
     qctx->is_session_init = 0;
 

diff --git a/qat_prov_kmgmt_ec.c b/qat_prov_kmgmt_ec.c
@@ -72,8 +72,6 @@
 # include "qat_sw_ec.h"
 #endif
 
-#if defined(ENABLE_QAT_HW_ECDSA) || defined(ENABLE_QAT_HW_ECDH) \
- || defined(ENABLE_QAT_SW_ECDSA) || defined(ENABLE_QAT_SW_ECDH)
 typedef struct{
     int id; /* libcrypto internal */
     int name_id;
@@ -131,6 +129,8 @@ typedef struct {
     EC_GROUP *gen_group;
 }QAT_EC_GEN_CTX;
 
+#if defined(ENABLE_QAT_HW_ECDSA) || defined(ENABLE_QAT_HW_ECDH) \
+ || defined(ENABLE_QAT_SW_ECDSA) || defined(ENABLE_QAT_SW_ECDH)
 static QAT_EC_KEYMGMT get_default_keymgmt()
 {
     static QAT_EC_KEYMGMT s_keymgmt;
@@ -424,6 +424,7 @@ const OSSL_DISPATCH qat_ecdh_keymgmt_functions[] = {
       (void (*)(void))qat_keymgmt_ec_query_operation_name },
     {0, NULL }
 };
+#endif /* defined(ENABLE_QAT_HW_ECDH) || defined(ENABLE_QAT_SW_ECDH) */
 
 # ifdef ENABLE_QAT_SW_SM2
 static QAT_EC_KEYMGMT sm2_get_default_keymgmt()
@@ -673,4 +674,3 @@ const OSSL_DISPATCH qat_sm2_keymgmt_functions[] = {
     {0, NULL }
 };
 # endif /* ENABLE_QAT_SW_SM2 */
-#endif /* defined(ENABLE_QAT_HW_ECDH) || defined(ENABLE_QAT_SW_ECDH) */
diff --git a/qat_sw_ec.c b/qat_sw_ec.c
@@ -75,7 +75,7 @@
 #include "crypto_mb/ec_nistp384.h"
 #include "crypto_mb/ec_sm2.h"
 
-#ifdef ENABLE_QAT_FIPS
+# if defined(ENABLE_QAT_FIPS) && defined(ENABLE_QAT_SW_ECDSA)
 extern int qat_fips_kat_test;
 static const unsigned char KINV_256[] = {
         0x62, 0x15, 0x9E, 0x5B, 0xA9, 0xE7, 0x12, 0xFB,

diff --git a/qat_sw_ecx.c b/qat_sw_ecx.c
@@ -83,7 +83,7 @@ int x25519_nid[] = {
     EVP_PKEY_X25519
 };
 
-
+#ifdef ENABLE_QAT_SW_ECX
 void process_x25519_keygen_reqs(mb_thread_data *tlv)
 {
     x25519_keygen_op_data *x25519_keygen_req_array[MULTIBUFF_BATCH] = {0};
@@ -620,3 +620,4 @@ int multibuff_x25519_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
     return -2;
 }
 # endif
+#endif /*ENABLE_QAT_HW_ECX*/