patches for DPDK stable branches
 help / color / mirror / Atom feed
* [dpdk-stable] [PATCH 1/5] crypto/dpaa2_sec: fix to check next null for auth only case
@ 2021-07-21  7:39 Hemant Agrawal
  2021-08-25  8:18 ` [dpdk-stable] [PATCH v2 01/11] " Hemant Agrawal
  0 siblings, 1 reply; 7+ messages in thread
From: Hemant Agrawal @ 2021-07-21  7:39 UTC (permalink / raw)
  To: dev; +Cc: gakhil, stable

This patch fixes the issue to check for next pointer as
null in the integrity only case in pdcp-security context.

Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
Cc: stable@dpdk.org

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 1ccead3641..4438486a8b 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3102,7 +3102,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
 	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
-	struct rte_crypto_cipher_xform *cipher_xform;
+	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
 	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
@@ -3134,18 +3134,18 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	flc = &priv->flc_desc[0].flc;
 
 	/* find xfrm types */
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		cipher_xform = &xform->cipher;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
-		session->ext_params.aead_ctxt.auth_cipher_text = true;
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		cipher_xform = &xform->cipher;
-		auth_xform = &xform->next->auth;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
-		session->ext_params.aead_ctxt.auth_cipher_text = false;
-		cipher_xform = &xform->next->cipher;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = true;
+			auth_xform = &xform->next->auth;
+		}
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		auth_xform = &xform->auth;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = false;
+			cipher_xform = &xform->next->cipher;
+		}
 	} else {
 		DPAA2_SEC_ERR("Invalid crypto type");
 		return -EINVAL;
@@ -3184,7 +3184,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
 	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
 	/* hfv ovd offset location is stored in iv.offset value*/
-	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
+	if (cipher_xform)
+		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
 
 	cipherdata.key = (size_t)session->cipher_key.data;
 	cipherdata.keylen = session->cipher_key.length;
-- 
2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-stable] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case
  2021-07-21  7:39 [dpdk-stable] [PATCH 1/5] crypto/dpaa2_sec: fix to check next null for auth only case Hemant Agrawal
@ 2021-08-25  8:18 ` Hemant Agrawal
  2021-08-25  8:18   ` [dpdk-stable] [PATCH v2 09/11] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
                     ` (2 more replies)
  0 siblings, 3 replies; 7+ messages in thread
From: Hemant Agrawal @ 2021-08-25  8:18 UTC (permalink / raw)
  To: dev, gakhil; +Cc: stable

This patch fixes the issue to check for next pointer as
null in the integrity only case in pdcp-security context.

Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
Cc: stable@dpdk.org

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
 1 file changed, 13 insertions(+), 12 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index fe90d9d2d8..87a94b2c04 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
 	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
-	struct rte_crypto_cipher_xform *cipher_xform;
+	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
 	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
@@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	flc = &priv->flc_desc[0].flc;
 
 	/* find xfrm types */
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		cipher_xform = &xform->cipher;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
-		session->ext_params.aead_ctxt.auth_cipher_text = true;
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		cipher_xform = &xform->cipher;
-		auth_xform = &xform->next->auth;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
-		session->ext_params.aead_ctxt.auth_cipher_text = false;
-		cipher_xform = &xform->next->cipher;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = true;
+			auth_xform = &xform->next->auth;
+		}
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		auth_xform = &xform->auth;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = false;
+			cipher_xform = &xform->next->cipher;
+		}
 	} else {
 		DPAA2_SEC_ERR("Invalid crypto type");
 		return -EINVAL;
@@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
 	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
 	/* hfv ovd offset location is stored in iv.offset value*/
-	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
+	if (cipher_xform)
+		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
 
 	cipherdata.key = (size_t)session->cipher_key.data;
 	cipherdata.keylen = session->cipher_key.length;
-- 
2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-stable] [PATCH v2 09/11] common/dpaax: fix IV value for shortMAC-I for SNOW algo
  2021-08-25  8:18 ` [dpdk-stable] [PATCH v2 01/11] " Hemant Agrawal
@ 2021-08-25  8:18   ` Hemant Agrawal
  2021-09-02 12:46   ` [dpdk-stable] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case Akhil Goyal
       [not found]   ` <20210907083953.8948-1-hemant.agrawal@nxp.com>
  2 siblings, 0 replies; 7+ messages in thread
From: Hemant Agrawal @ 2021-08-25  8:18 UTC (permalink / raw)
  To: dev, gakhil; +Cc: Gagandeep Singh, stable

From: Gagandeep Singh <g.singh@nxp.com>

The logic was incorecly doing conditional swap. It need to
be bit swap always.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 5b3d846099..8e8daf5ba8 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -1,6 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause or GPL-2.0+
  * Copyright 2008-2013 Freescale Semiconductor, Inc.
- * Copyright 2019-2020 NXP
+ * Copyright 2019-2021 NXP
  */
 
 #ifndef __DESC_PDCP_H__
@@ -3715,9 +3715,10 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 		break;
 
 	case PDCP_AUTH_TYPE_SNOW:
+		/* IV calculation based on 3GPP specs. 36331, section:5.3.7.4 */
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0x04000000) : 0x04000000;
-		iv[2] = swap ? swab32(0xF8000000) : 0xF8000000;
+		iv[1] = swab32(0x04000000);
+		iv[2] = swab32(0xF8000000);
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
 		    authdata->keylen, INLINE_KEY(authdata));
-- 
2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-stable] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case
  2021-08-25  8:18 ` [dpdk-stable] [PATCH v2 01/11] " Hemant Agrawal
  2021-08-25  8:18   ` [dpdk-stable] [PATCH v2 09/11] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
@ 2021-09-02 12:46   ` Akhil Goyal
  2021-09-02 13:48     ` [dpdk-stable] [dpdk-dev] " Hemant Agrawal
       [not found]   ` <20210907083953.8948-1-hemant.agrawal@nxp.com>
  2 siblings, 1 reply; 7+ messages in thread
From: Akhil Goyal @ 2021-09-02 12:46 UTC (permalink / raw)
  To: Hemant Agrawal, dev; +Cc: stable

> This patch fixes the issue to check for next pointer as
> null in the integrity only case in pdcp-security context.
> 
> Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
> Cc: stable@dpdk.org

This patch is not a fix and need not be backported, because integrity
only case is not a valid case for PDCP before the introduction of short MAC.
Since short MAC is supported here in this release only, this should be reworded
as to support short MAC, integrity-only case is required to be supported for
PDCP.
And this patch should be part of the short MAC-I series and not this one.

> 
> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
> ---
>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
>  1 file changed, 13 insertions(+), 12 deletions(-)
> 
> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> index fe90d9d2d8..87a94b2c04 100644
> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
> @@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
> *dev,
>  	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
>  	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
>  	struct rte_crypto_auth_xform *auth_xform = NULL;
> -	struct rte_crypto_cipher_xform *cipher_xform;
> +	struct rte_crypto_cipher_xform *cipher_xform = NULL;
>  	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
>  	struct ctxt_priv *priv;
>  	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
> @@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct
> rte_cryptodev *dev,
>  	flc = &priv->flc_desc[0].flc;
> 
>  	/* find xfrm types */
> -	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform-
> >next == NULL) {
> -		cipher_xform = &xform->cipher;
> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
> -		session->ext_params.aead_ctxt.auth_cipher_text = true;
> +	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
>  		cipher_xform = &xform->cipher;
> -		auth_xform = &xform->next->auth;
> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
> -		session->ext_params.aead_ctxt.auth_cipher_text = false;
> -		cipher_xform = &xform->next->cipher;
> +		if (xform->next != NULL) {
> +			session->ext_params.aead_ctxt.auth_cipher_text =
> true;
> +			auth_xform = &xform->next->auth;
> +		}
> +	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
>  		auth_xform = &xform->auth;
> +		if (xform->next != NULL) {
> +			session->ext_params.aead_ctxt.auth_cipher_text =
> false;
> +			cipher_xform = &xform->next->cipher;
> +		}
>  	} else {
>  		DPAA2_SEC_ERR("Invalid crypto type");
>  		return -EINVAL;
> @@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
> *dev,
>  	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
>  	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
>  	/* hfv ovd offset location is stored in iv.offset value*/
> -	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
> +	if (cipher_xform)
> +		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
> 
>  	cipherdata.key = (size_t)session->cipher_key.data;
>  	cipherdata.keylen = session->cipher_key.length;
> --
> 2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [dpdk-stable] [dpdk-dev] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case
  2021-09-02 12:46   ` [dpdk-stable] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case Akhil Goyal
@ 2021-09-02 13:48     ` Hemant Agrawal
  0 siblings, 0 replies; 7+ messages in thread
From: Hemant Agrawal @ 2021-09-02 13:48 UTC (permalink / raw)
  To: Akhil Goyal, Hemant Agrawal, dev; +Cc: stable


On 9/2/2021 6:16 PM, Akhil Goyal wrote:
>> This patch fixes the issue to check for next pointer as
>> null in the integrity only case in pdcp-security context.
>>
>> Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
>> Cc: stable@dpdk.org
> This patch is not a fix and need not be backported, because integrity
> only case is not a valid case for PDCP before the introduction of short MAC.
> Since short MAC is supported here in this release only, this should be reworded
> as to support short MAC, integrity-only case is required to be supported for
> PDCP.
> And this patch should be part of the short MAC-I series and not this one.
Ok,
>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>> ---
>>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
>>   1 file changed, 13 insertions(+), 12 deletions(-)
>>
>> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> index fe90d9d2d8..87a94b2c04 100644
>> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> @@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
>> *dev,
>>   	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
>>   	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
>>   	struct rte_crypto_auth_xform *auth_xform = NULL;
>> -	struct rte_crypto_cipher_xform *cipher_xform;
>> +	struct rte_crypto_cipher_xform *cipher_xform = NULL;
>>   	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
>>   	struct ctxt_priv *priv;
>>   	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
>> @@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct
>> rte_cryptodev *dev,
>>   	flc = &priv->flc_desc[0].flc;
>>
>>   	/* find xfrm types */
>> -	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform-
>>> next == NULL) {
>> -		cipher_xform = &xform->cipher;
>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
>> -		session->ext_params.aead_ctxt.auth_cipher_text = true;
>> +	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
>>   		cipher_xform = &xform->cipher;
>> -		auth_xform = &xform->next->auth;
>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
>> -		session->ext_params.aead_ctxt.auth_cipher_text = false;
>> -		cipher_xform = &xform->next->cipher;
>> +		if (xform->next != NULL) {
>> +			session->ext_params.aead_ctxt.auth_cipher_text =
>> true;
>> +			auth_xform = &xform->next->auth;
>> +		}
>> +	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
>>   		auth_xform = &xform->auth;
>> +		if (xform->next != NULL) {
>> +			session->ext_params.aead_ctxt.auth_cipher_text =
>> false;
>> +			cipher_xform = &xform->next->cipher;
>> +		}
>>   	} else {
>>   		DPAA2_SEC_ERR("Invalid crypto type");
>>   		return -EINVAL;
>> @@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
>> *dev,
>>   	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
>>   	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
>>   	/* hfv ovd offset location is stored in iv.offset value*/
>> -	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
>> +	if (cipher_xform)
>> +		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
>>
>>   	cipherdata.key = (size_t)session->cipher_key.data;
>>   	cipherdata.keylen = session->cipher_key.length;
>> --
>> 2.17.1

^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-stable] [PATCH v3 08/10] common/dpaax: fix IV value for shortMAC-I for SNOW algo
       [not found]   ` <20210907083953.8948-1-hemant.agrawal@nxp.com>
@ 2021-09-07  8:39     ` Hemant Agrawal
       [not found]     ` <20210908065953.28349-1-hemant.agrawal@nxp.com>
  1 sibling, 0 replies; 7+ messages in thread
From: Hemant Agrawal @ 2021-09-07  8:39 UTC (permalink / raw)
  To: dev, gakhil; +Cc: Gagandeep Singh, stable

From: Gagandeep Singh <g.singh@nxp.com>

The logic was incorecly doing conditional swap. It need to
be bit swap always.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 5b3d846099..8e8daf5ba8 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -1,6 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause or GPL-2.0+
  * Copyright 2008-2013 Freescale Semiconductor, Inc.
- * Copyright 2019-2020 NXP
+ * Copyright 2019-2021 NXP
  */
 
 #ifndef __DESC_PDCP_H__
@@ -3715,9 +3715,10 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 		break;
 
 	case PDCP_AUTH_TYPE_SNOW:
+		/* IV calculation based on 3GPP specs. 36331, section:5.3.7.4 */
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0x04000000) : 0x04000000;
-		iv[2] = swap ? swab32(0xF8000000) : 0xF8000000;
+		iv[1] = swab32(0x04000000);
+		iv[2] = swab32(0xF8000000);
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
 		    authdata->keylen, INLINE_KEY(authdata));
-- 
2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

* [dpdk-stable] [PATCH v4 08/10] common/dpaax: fix IV value for shortMAC-I for SNOW algo
       [not found]     ` <20210908065953.28349-1-hemant.agrawal@nxp.com>
@ 2021-09-08  6:59       ` Hemant Agrawal
  0 siblings, 0 replies; 7+ messages in thread
From: Hemant Agrawal @ 2021-09-08  6:59 UTC (permalink / raw)
  To: dev, gakhil; +Cc: Gagandeep Singh, stable

From: Gagandeep Singh <g.singh@nxp.com>

The logic was incorecly doing conditional swap. It need to
be bit swap always.

Fixes: 73a24060cd70 ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org

Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
---
 drivers/common/dpaax/caamflib/desc/pdcp.h | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/drivers/common/dpaax/caamflib/desc/pdcp.h b/drivers/common/dpaax/caamflib/desc/pdcp.h
index 5b3d846099..8e8daf5ba8 100644
--- a/drivers/common/dpaax/caamflib/desc/pdcp.h
+++ b/drivers/common/dpaax/caamflib/desc/pdcp.h
@@ -1,6 +1,6 @@
 /* SPDX-License-Identifier: BSD-3-Clause or GPL-2.0+
  * Copyright 2008-2013 Freescale Semiconductor, Inc.
- * Copyright 2019-2020 NXP
+ * Copyright 2019-2021 NXP
  */
 
 #ifndef __DESC_PDCP_H__
@@ -3715,9 +3715,10 @@ cnstr_shdsc_pdcp_short_mac(uint32_t *descbuf,
 		break;
 
 	case PDCP_AUTH_TYPE_SNOW:
+		/* IV calculation based on 3GPP specs. 36331, section:5.3.7.4 */
 		iv[0] = 0xFFFFFFFF;
-		iv[1] = swap ? swab32(0x04000000) : 0x04000000;
-		iv[2] = swap ? swab32(0xF8000000) : 0xF8000000;
+		iv[1] = swab32(0x04000000);
+		iv[2] = swab32(0xF8000000);
 
 		KEY(p, KEY2, authdata->key_enc_flags, authdata->key,
 		    authdata->keylen, INLINE_KEY(authdata));
-- 
2.17.1


^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2021-09-08  7:04 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-07-21  7:39 [dpdk-stable] [PATCH 1/5] crypto/dpaa2_sec: fix to check next null for auth only case Hemant Agrawal
2021-08-25  8:18 ` [dpdk-stable] [PATCH v2 01/11] " Hemant Agrawal
2021-08-25  8:18   ` [dpdk-stable] [PATCH v2 09/11] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
2021-09-02 12:46   ` [dpdk-stable] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case Akhil Goyal
2021-09-02 13:48     ` [dpdk-stable] [dpdk-dev] " Hemant Agrawal
     [not found]   ` <20210907083953.8948-1-hemant.agrawal@nxp.com>
2021-09-07  8:39     ` [dpdk-stable] [PATCH v3 08/10] common/dpaax: fix IV value for shortMAC-I for SNOW algo Hemant Agrawal
     [not found]     ` <20210908065953.28349-1-hemant.agrawal@nxp.com>
2021-09-08  6:59       ` [dpdk-stable] [PATCH v4 " Hemant Agrawal

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).