From 3d0bae35c41f44732625486f21eb62baa23e5bdf Mon Sep 17 00:00:00 2001
From: Yuriy Umanets <yumanets@nvidia.com>
Date: Fri, 21 Jan 2022 12:08:49 +0200
Subject: [PATCH] bdev/crypto: Error handling fixes in vbdev_crypto_claim()

- Fixed missed spdk_bdev_module_release_bdev() during error handling.
- Fill the keys with zeros before releasing memory.
- Fixed issue with g_number_of_claimed_volumes that can become negative
  because of invalid error handling.

Signed-off-by: Yuriy Umanets <yumanets@nvidia.com>
Change-Id: I4171f4326d87b1d8f886416bf53b0f2043ccbfe7
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/11628
Community-CI: Broadcom CI <spdk-ci.pdl@broadcom.com>
Community-CI: Mellanox Build Bot
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Aleksey Marchuk <alexeymar@mellanox.com>
Reviewed-by: Paul Luse <paul.e.luse@intel.com>
---
 module/bdev/crypto/vbdev_crypto.c | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/module/bdev/crypto/vbdev_crypto.c b/module/bdev/crypto/vbdev_crypto.c
index 0e52d8052..09569d3e9 100644
--- a/module/bdev/crypto/vbdev_crypto.c
+++ b/module/bdev/crypto/vbdev_crypto.c
@@ -1861,8 +1861,7 @@ vbdev_crypto_claim(const char *bdev_name)
 
 	if (g_number_of_claimed_volumes >= MAX_CRYPTO_VOLUMES) {
 		SPDK_DEBUGLOG(vbdev_crypto, "Reached max number of claimed volumes\n");
-		rc = -EINVAL;
-		goto error_vbdev_alloc;
+		return -EINVAL;
 	}
 	g_number_of_claimed_volumes++;
 
@@ -2068,18 +2067,28 @@ error_session_de_create:
 	rte_cryptodev_sym_session_free(vbdev->session_encrypt);
 error_session_en_create:
 error_cant_find_devid:
+	spdk_bdev_module_release_bdev(vbdev->base_bdev);
 error_claim:
-	spdk_bdev_close(vbdev->base_desc);
 	TAILQ_REMOVE(&g_vbdev_crypto, vbdev, link);
 	spdk_io_device_unregister(vbdev, NULL);
-	free(vbdev->xts_key);
+	if (vbdev->xts_key) {
+		memset(vbdev->xts_key, 0, AES_XTS_KEY_LENGTH * 2);
+		free(vbdev->xts_key);
+	}
 error_xts_key:
+	spdk_bdev_close(vbdev->base_desc);
 error_open:
 	free(vbdev->drv_name);
 error_drv_name:
-	free(vbdev->key2);
+	if (vbdev->key2) {
+		memset(vbdev->key2, 0, strlen(vbdev->key2));
+		free(vbdev->key2);
+	}
 error_alloc_key2:
-	free(vbdev->key);
+	if (vbdev->key) {
+		memset(vbdev->key, 0, strlen(vbdev->key));
+		free(vbdev->key);
+	}
 error_alloc_key:
 	free(vbdev->crypto_bdev.name);
 error_bdev_name: