patches for DPDK stable branches
 help / color / Atom feed
* [dpdk-stable] [PATCH] fips_validation: fix auth verify
@ 2019-11-06 10:54 Fan Zhang
  2019-11-18  7:09 ` Akhil Goyal
  0 siblings, 1 reply; 4+ messages in thread
From: Fan Zhang @ 2019-11-06 10:54 UTC (permalink / raw)
  To: dev; +Cc: akhil.goyal, Fan Zhang, marko.kovacevic, stable

Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 examples/fips_validation/main.c | 58 +++++++++------------------------
 1 file changed, 16 insertions(+), 42 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f8694ef96..9a2c8da61 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -512,6 +512,7 @@ static int
 prepare_auth_op(void)
 {
 	struct rte_crypto_sym_op *sym = env.op->sym;
+	uint8_t *pt;
 
 	__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_SYMMETRIC);
 	rte_pktmbuf_reset(env.mbuf);
@@ -519,52 +520,25 @@ prepare_auth_op(void)
 	sym->m_src = env.mbuf;
 	sym->auth.data.offset = 0;
 
-	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-		uint8_t *pt;
-
-		if (vec.pt.len > RTE_MBUF_MAX_NB_SEGS) {
-			RTE_LOG(ERR, USER1, "PT len %u\n", vec.pt.len);
-			return -EPERM;
-		}
-
-		pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
-				vec.cipher_auth.digest.len);
-
-		if (!pt) {
-			RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-					-ENOMEM);
-			return -ENOMEM;
-		}
-
-		memcpy(pt, vec.pt.val, vec.pt.len);
-		sym->auth.data.length = vec.pt.len;
-		sym->auth.digest.data = pt + vec.pt.len;
-		sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
-				env.mbuf, vec.pt.len);
-
-	} else {
-		uint8_t *ct;
+	pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
+			vec.cipher_auth.digest.len);
 
-		if (vec.ct.len > RTE_MBUF_MAX_NB_SEGS) {
-			RTE_LOG(ERR, USER1, "CT len %u\n", vec.ct.len);
-			return -EPERM;
-		}
+	if (!pt) {
+		RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
+				-ENOMEM);
+		return -ENOMEM;
+	}
 
-		ct = (uint8_t *)rte_pktmbuf_append(env.mbuf,
-				vec.ct.len + vec.cipher_auth.digest.len);
+	sym->auth.data.length = vec.pt.len;
+	sym->auth.digest.data = pt + vec.pt.len;
+	sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			env.mbuf, vec.pt.len);
 
-		if (!ct) {
-			RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-					-ENOMEM);
-			return -ENOMEM;
-		}
+	memcpy(pt, vec.pt.val, vec.pt.len);
 
-		memcpy(ct, vec.ct.val, vec.ct.len);
-		sym->auth.data.length = vec.ct.len;
-		sym->auth.digest.data = vec.cipher_auth.digest.val;
-		sym->auth.digest.phys_addr = rte_malloc_virt2iova(
-				sym->auth.digest.data);
-	}
+	if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
+		memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
+				vec.cipher_auth.digest.len);
 
 	rte_crypto_op_attach_sym_session(env.op, env.sess);
 
-- 
2.20.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [dpdk-stable] [PATCH] fips_validation: fix auth verify
  2019-11-06 10:54 [dpdk-stable] [PATCH] fips_validation: fix auth verify Fan Zhang
@ 2019-11-18  7:09 ` Akhil Goyal
  2019-11-18 16:43   ` Kovacevic, Marko
  0 siblings, 1 reply; 4+ messages in thread
From: Akhil Goyal @ 2019-11-18  7:09 UTC (permalink / raw)
  To: Fan Zhang, dev; +Cc: marko.kovacevic, stable

Hi Marko,

Could you please ack this patch if no issues.

> 
> Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
> Cc: marko.kovacevic@intel.com
> Cc: stable@dpdk.org
> 
> This patch fixes the incorrect mbuf write and digest memory leak in
> fips_validation authentication verify.
> 
> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
> ---

Regards,
Akhil

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [dpdk-stable] [PATCH] fips_validation: fix auth verify
  2019-11-18  7:09 ` Akhil Goyal
@ 2019-11-18 16:43   ` Kovacevic, Marko
  2019-11-19  7:53     ` Akhil Goyal
  0 siblings, 1 reply; 4+ messages in thread
From: Kovacevic, Marko @ 2019-11-18 16:43 UTC (permalink / raw)
  To: Akhil Goyal, Zhang, Roy Fan, dev; +Cc: stable

Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [dpdk-stable] [PATCH] fips_validation: fix auth verify
  2019-11-18 16:43   ` Kovacevic, Marko
@ 2019-11-19  7:53     ` Akhil Goyal
  0 siblings, 0 replies; 4+ messages in thread
From: Akhil Goyal @ 2019-11-19  7:53 UTC (permalink / raw)
  To: Kovacevic, Marko, Zhang, Roy Fan, dev; +Cc: stable


> Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>

Applied to dpdk-next-crypto

Thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-06 10:54 [dpdk-stable] [PATCH] fips_validation: fix auth verify Fan Zhang
2019-11-18  7:09 ` Akhil Goyal
2019-11-18 16:43   ` Kovacevic, Marko
2019-11-19  7:53     ` Akhil Goyal

patches for DPDK stable branches

Archives are clonable:
	git clone --mirror http://inbox.dpdk.org/stable/0 stable/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 stable stable/ http://inbox.dpdk.org/stable \
		stable@dpdk.org
	public-inbox-index stable


Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.stable


AGPL code for this site: git clone https://public-inbox.org/ public-inbox