* [dpdk-dev] [PATCH] fips_validation: fix auth verify
@ 2019-11-06 10:54 Fan Zhang
2019-11-18 7:09 ` Akhil Goyal
0 siblings, 1 reply; 4+ messages in thread
From: Fan Zhang @ 2019-11-06 10:54 UTC (permalink / raw)
To: dev; +Cc: akhil.goyal, Fan Zhang, marko.kovacevic, stable
Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org
This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
examples/fips_validation/main.c | 58 +++++++++------------------------
1 file changed, 16 insertions(+), 42 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f8694ef96..9a2c8da61 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -512,6 +512,7 @@ static int
prepare_auth_op(void)
{
struct rte_crypto_sym_op *sym = env.op->sym;
+ uint8_t *pt;
__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_SYMMETRIC);
rte_pktmbuf_reset(env.mbuf);
@@ -519,52 +520,25 @@ prepare_auth_op(void)
sym->m_src = env.mbuf;
sym->auth.data.offset = 0;
- if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
- uint8_t *pt;
-
- if (vec.pt.len > RTE_MBUF_MAX_NB_SEGS) {
- RTE_LOG(ERR, USER1, "PT len %u\n", vec.pt.len);
- return -EPERM;
- }
-
- pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
- vec.cipher_auth.digest.len);
-
- if (!pt) {
- RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
- -ENOMEM);
- return -ENOMEM;
- }
-
- memcpy(pt, vec.pt.val, vec.pt.len);
- sym->auth.data.length = vec.pt.len;
- sym->auth.digest.data = pt + vec.pt.len;
- sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
- env.mbuf, vec.pt.len);
-
- } else {
- uint8_t *ct;
+ pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
+ vec.cipher_auth.digest.len);
- if (vec.ct.len > RTE_MBUF_MAX_NB_SEGS) {
- RTE_LOG(ERR, USER1, "CT len %u\n", vec.ct.len);
- return -EPERM;
- }
+ if (!pt) {
+ RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
+ -ENOMEM);
+ return -ENOMEM;
+ }
- ct = (uint8_t *)rte_pktmbuf_append(env.mbuf,
- vec.ct.len + vec.cipher_auth.digest.len);
+ sym->auth.data.length = vec.pt.len;
+ sym->auth.digest.data = pt + vec.pt.len;
+ sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+ env.mbuf, vec.pt.len);
- if (!ct) {
- RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
- -ENOMEM);
- return -ENOMEM;
- }
+ memcpy(pt, vec.pt.val, vec.pt.len);
- memcpy(ct, vec.ct.val, vec.ct.len);
- sym->auth.data.length = vec.ct.len;
- sym->auth.digest.data = vec.cipher_auth.digest.val;
- sym->auth.digest.phys_addr = rte_malloc_virt2iova(
- sym->auth.digest.data);
- }
+ if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
+ memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
+ vec.cipher_auth.digest.len);
rte_crypto_op_attach_sym_session(env.op, env.sess);
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-11-19 7:53 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-06 10:54 [dpdk-dev] [PATCH] fips_validation: fix auth verify Fan Zhang
2019-11-18 7:09 ` Akhil Goyal
2019-11-18 16:43 ` Kovacevic, Marko
2019-11-19 7:53 ` Akhil Goyal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).