From: Chaoyong He <chaoyong.he@corigine.com>
To: Akhil Goyal <gakhil@marvell.com>, "dev@dpdk.org" <dev@dpdk.org>
Cc: oss-drivers <oss-drivers@corigine.com>,
Shihong Wang <shihong.wang@nephogine.com>,
"stable@dpdk.org" <stable@dpdk.org>
Subject: RE: [EXTERNAL] [PATCH 1/2] examples/ipsec-secgw: fix SA salt endianness problem
Date: Thu, 14 Mar 2024 01:41:08 +0000 [thread overview]
Message-ID: <SJ0PR13MB5545DB2B59B12F66D7F559A69E292@SJ0PR13MB5545.namprd13.prod.outlook.com> (raw)
In-Reply-To: <CO6PR18MB4484CC9DB0407D11639B3428D82A2@CO6PR18MB4484.namprd18.prod.outlook.com>
> > Subject: [EXTERNAL] [PATCH 1/2] examples/ipsec-secgw: fix SA salt
> > endianness problem
> > From: Shihong Wang <shihong.wang@corigine.com>
> >
> > The SA salt of struct ipsec_sa is a CPU-endian u32 variable, but it’s
> > value is stored in an array of encryption or authentication keys
> > according to big-endian. So it maybe need to convert the endianness
> > order to ensure that the value assigned to the SA salt is CPU-endian.
> >
> > Fixes: 50d75cae2a2c ("examples/ipsec-secgw: initialize SA salt")
> > Fixes: 9413c3901f31 ("examples/ipsec-secgw: support additional
> > algorithms")
> > Fixes: 501e9c226adf ("examples/ipsec-secgw: add AEAD parameters")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Shihong Wang <shihong.wang@corigine.com>
> > Reviewed-by: Chaoyong He <chaoyong.he@corigine.com>
> > ---
> > examples/ipsec-secgw/sa.c | 10 +++++++---
> > 1 file changed, 7 insertions(+), 3 deletions(-)
> >
> > diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
> > index c4bac17cd7..4018b0558a 100644
> > --- a/examples/ipsec-secgw/sa.c
> > +++ b/examples/ipsec-secgw/sa.c
> > @@ -374,6 +374,7 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> > uint32_t ti; /*token index*/
> > uint32_t *ri /*rule index*/;
> > struct ipsec_sa_cnt *sa_cnt;
> > + rte_be32_t salt; /*big-endian salt*/
> > uint32_t cipher_algo_p = 0;
> > uint32_t auth_algo_p = 0;
> > uint32_t aead_algo_p = 0;
> > @@ -508,8 +509,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> > if (algo->algo == RTE_CRYPTO_CIPHER_AES_CTR) {
> > key_len -= 4;
> > rule->cipher_key_len = key_len;
> > - memcpy(&rule->salt,
> > + memcpy(&salt,
> > &rule->cipher_key[key_len], 4);
> > + rule->salt = rte_be_to_cpu_32(salt);
> > }
> >
> > cipher_algo_p = 1;
> > @@ -573,8 +575,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> > key_len -= 4;
> > rule->auth_key_len = key_len;
> > rule->iv_len = algo->iv_len;
> > - memcpy(&rule->salt,
> > + memcpy(&salt,
> > &rule->auth_key[key_len], 4);
> > + rule->salt = rte_be_to_cpu_32(salt);
> > }
> >
> > auth_algo_p = 1;
> > @@ -632,8 +635,9 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,
> >
> > key_len -= 4;
> > rule->cipher_key_len = key_len;
> > - memcpy(&rule->salt,
> > + memcpy(&salt,
> > &rule->cipher_key[key_len], 4);
> Can you put the memcpy call in a single line?
Okay, no problem.
I will send a v2 patch to fix that, thanks.
>
> > + rule->salt = rte_be_to_cpu_32(salt);
next prev parent reply other threads:[~2024-03-14 1:41 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-11 2:49 [PATCH 0/2] fix IPSec " Chaoyong He
2024-03-11 2:49 ` [PATCH 1/2] examples/ipsec-secgw: fix SA salt " Chaoyong He
2024-03-13 18:33 ` [EXTERNAL] " Akhil Goyal
2024-03-14 1:41 ` Chaoyong He [this message]
2024-03-14 2:00 ` [PATCH v2] " Chaoyong He
2024-03-14 18:17 ` [EXTERNAL] " Akhil Goyal
2024-03-14 19:11 ` Akhil Goyal
2024-07-03 17:58 ` Akhil Goyal
2024-07-23 16:04 ` Medvedkin, Vladimir
2024-07-23 16:57 ` Akhil Goyal
2024-07-24 10:59 ` Radu Nicolau
2024-07-24 11:20 ` Akhil Goyal
2024-07-24 11:33 ` Radu Nicolau
2024-07-24 13:04 ` Akhil Goyal
2024-07-24 14:44 ` Radu Nicolau
2024-07-25 4:47 ` Akhil Goyal
2024-07-25 10:16 ` Radu Nicolau
2024-07-25 10:19 ` Akhil Goyal
2024-03-11 2:49 ` [PATCH 2/2] net/nfp: fix data " Chaoyong He
2024-03-13 15:39 ` Ferruh Yigit
2024-03-12 10:37 ` [PATCH 0/2] fix IPSec " Ferruh Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SJ0PR13MB5545DB2B59B12F66D7F559A69E292@SJ0PR13MB5545.namprd13.prod.outlook.com \
--to=chaoyong.he@corigine.com \
--cc=dev@dpdk.org \
--cc=gakhil@marvell.com \
--cc=oss-drivers@corigine.com \
--cc=shihong.wang@nephogine.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).