From: Yuanhan Liu <yliu@fridaylinux.org>
To: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Cc: dpdk stable <stable@dpdk.org>, Yuanhan Liu <yliu@fridaylinux.org>
Subject: [dpdk-stable] patch 'crypto/armv8: fix authentication session configuration' has been queued to stable release 17.05.2
Date: Mon, 21 Aug 2017 17:30:50 +0800 [thread overview]
Message-ID: <1503307878-16728-36-git-send-email-yliu@fridaylinux.org> (raw)
In-Reply-To: <1503307878-16728-1-git-send-email-yliu@fridaylinux.org>
Hi,
FYI, your patch has been queued to stable release 17.05.2
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 08/24/17. So please
shout if anyone has objections.
Thanks.
--yliu
---
>From bcb44e17f90bfd38cc258751f2785e647d3963c2 Mon Sep 17 00:00:00 2001
From: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Date: Sun, 30 Jul 2017 16:53:00 +0530
Subject: [PATCH] crypto/armv8: fix authentication session configuration
[ upstream commit 473174a7da555ec26751c89b56255192586cb0aa ]
For key sizes greater than digest length, pad with zero rather than
computing hash of the key itself.
Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
---
drivers/crypto/armv8/rte_armv8_pmd.c | 58 ++++++++--------------------
drivers/crypto/armv8/rte_armv8_pmd_private.h | 4 +-
2 files changed, 18 insertions(+), 44 deletions(-)
diff --git a/drivers/crypto/armv8/rte_armv8_pmd.c b/drivers/crypto/armv8/rte_armv8_pmd.c
index 3d603a5..8371245 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd.c
+++ b/drivers/crypto/armv8/rte_armv8_pmd.c
@@ -288,27 +288,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
* Generate authentication key, i_key_pad and o_key_pad.
*/
/* Zero memory under key */
- memset(sess->auth.hmac.key, 0, SHA1_AUTH_KEY_LENGTH);
-
- if (xform->auth.key.length > SHA1_AUTH_KEY_LENGTH) {
- /*
- * In case the key is longer than 160 bits
- * the algorithm will use SHA1(key) instead.
- */
- error = sha1_block(NULL, xform->auth.key.data,
- sess->auth.hmac.key, xform->auth.key.length);
- if (error != 0)
- return -1;
- } else {
- /*
- * Now copy the given authentication key to the session
- * key assuming that the session key is zeroed there is
- * no need for additional zero padding if the key is
- * shorter than SHA1_AUTH_KEY_LENGTH.
- */
- rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
- xform->auth.key.length);
- }
+ memset(sess->auth.hmac.key, 0, SHA1_BLOCK_SIZE);
+
+ /*
+ * Now copy the given authentication key to the session
+ * key.
+ */
+ rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+ xform->auth.key.length);
/* Prepare HMAC padding: key|pattern */
auth_hmac_pad_prepare(sess, xform);
@@ -334,27 +321,14 @@ auth_set_prerequisites(struct armv8_crypto_session *sess,
* Generate authentication key, i_key_pad and o_key_pad.
*/
/* Zero memory under key */
- memset(sess->auth.hmac.key, 0, SHA256_AUTH_KEY_LENGTH);
-
- if (xform->auth.key.length > SHA256_AUTH_KEY_LENGTH) {
- /*
- * In case the key is longer than 256 bits
- * the algorithm will use SHA256(key) instead.
- */
- error = sha256_block(NULL, xform->auth.key.data,
- sess->auth.hmac.key, xform->auth.key.length);
- if (error != 0)
- return -1;
- } else {
- /*
- * Now copy the given authentication key to the session
- * key assuming that the session key is zeroed there is
- * no need for additional zero padding if the key is
- * shorter than SHA256_AUTH_KEY_LENGTH.
- */
- rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
- xform->auth.key.length);
- }
+ memset(sess->auth.hmac.key, 0, SHA256_BLOCK_SIZE);
+
+ /*
+ * Now copy the given authentication key to the session
+ * key.
+ */
+ rte_memcpy(sess->auth.hmac.key, xform->auth.key.data,
+ xform->auth.key.length);
/* Prepare HMAC padding: key|pattern */
auth_hmac_pad_prepare(sess, xform);
diff --git a/drivers/crypto/armv8/rte_armv8_pmd_private.h b/drivers/crypto/armv8/rte_armv8_pmd_private.h
index b75107f..34ab9de 100644
--- a/drivers/crypto/armv8/rte_armv8_pmd_private.h
+++ b/drivers/crypto/armv8/rte_armv8_pmd_private.h
@@ -192,8 +192,8 @@ struct armv8_crypto_session {
uint8_t o_key_pad[SHA_BLOCK_MAX]
__rte_cache_aligned;
/**< outer pad (max supported block length) */
- uint8_t key[SHA_AUTH_KEY_MAX];
- /**< HMAC key (max supported length)*/
+ uint8_t key[SHA_BLOCK_MAX];
+ /**< HMAC key (max supported block length)*/
} hmac;
};
} auth;
--
2.7.4
next prev parent reply other threads:[~2017-08-21 9:36 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-21 9:30 [dpdk-stable] patch 'net/virtio: do not claim to support LRO' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'ethdev: fix build with gcc 5.4.0' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/dpaa2_sec: fix build with gcc 7.1' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'mbuf: fix VXLAN port in comment' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'metrics: fix name string termination' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'bus/pci: use given name as generic name' " Yuanhan Liu
2017-08-29 7:47 ` Yuanhan Liu
2017-08-29 7:59 ` Gaëtan Rivet
2017-08-21 9:30 ` [dpdk-stable] patch 'net/sfc: request MAC stats upload immediately on port start' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/i40e: fix VF Tx bytes' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/ixgbe: fix LSC interrupt' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/i40e: " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/e1000: " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/i40e: fix ethertype filter for new FW' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/ixgbe: fix Rx/Tx queue interrupt for x550 devices' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'eventdev: fix memory realloc check in port config' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/scheduler: fix slave name parsing' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/qat: fix NULL authentication hang' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/dpaa2_sec: fix free usage for dpsec' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/aesni_mb: fix possible crypto job leak' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'doc: remove incorrect limitation on AESNI-MB PMD' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'doc: add missing algorithm in limitations for QAT' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/aesni_mb: fix zero burst dequeue' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/scheduler: fix strings not null terminated' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'app/crypto-perf: stop crypto devices after test' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'cmdline: fix dynamic tokens initialization' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'cmdline: fix dynamic tokens interface' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'app/testpmd: fix token matching in flow command' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'mempool/dpaa2: fix error code for allocation failure' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'mempool/dpaa2: fix freeing bp list' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'examples/qos_sched: fix build for less lcores' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/dpaa2_sec: fix HMAC supported key sizes' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/aesni_mb: " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/openssl: " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/qat: " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/qat: fix SHA384-HMAC block size' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'app/crypto-perf: fix CSV output' " Yuanhan Liu
2017-08-21 9:30 ` Yuanhan Liu [this message]
2017-08-21 9:30 ` [dpdk-stable] patch 'crypto/armv8: fix HMAC supported key sizes' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'app/testpmd: fix flow rule copy functions' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'mbuf: fix doxygen comment of bulk alloc' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/virtio: fix MAC address read' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/virtio: fix Rx interrupt setup' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/i40e: fix link down and negotiation' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/bnxt: fix set link config' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/bnxt: check invalid L2 filter id' " Yuanhan Liu
2017-08-21 9:30 ` [dpdk-stable] patch 'net/bnxt: free filter before reusing it' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/ixgbe: fix mirror rule index overflow' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/mlx5: fix inconsistent link status query' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/i40e: fix parsing QinQ pattern' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/i40e: fix PF notify when VF is not up' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'test/bonding: fix memory corruptions' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'test/bonding: fix parameters of a balance Tx' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'test/bonding: fix namespace of the RSS tests' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'test/bonding: fix device name' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/mlx5: fix missing packet type calculation' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/mlx4: fix flow creation before start' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/mlx4: fix probe failure report' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/qede: fix chip details print' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/vmxnet3: fix filtering on promiscuous disabling' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/i40e: fix Rx data segment buffer length' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/enic: fix crash when freeing 0 packet to mempool' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/ixgbe: fix mask flag on flow rule creation' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'net/i40e: revert fix of PF notify when VF not up' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'examples/l3fwd: fix IPv6 packet type parse' " Yuanhan Liu
2017-08-21 9:31 ` [dpdk-stable] patch 'crypto/dpaa2_sec: fix the return of supported API' " Yuanhan Liu
2017-08-29 9:27 ` [dpdk-stable] patch 'net/virtio: do not claim to support LRO' " Yuanhan Liu
2017-08-30 15:57 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1503307878-16728-36-git-send-email-yliu@fridaylinux.org \
--to=yliu@fridaylinux.org \
--cc=ssrinivasan@caviumnetworks.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).