From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 277DCA034F for ; Tue, 1 Mar 2022 11:44:09 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 22832426DE; Tue, 1 Mar 2022 11:44:09 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 89B9E407FF for ; Tue, 1 Mar 2022 11:44:07 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1646131447; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=SQ4DTtfOJ0fYoYUZXqCOmpCupT80kBf7asiSTDr7G1o=; b=DMmZH7/oDtIVvnC9bPxS5L1rBvwwD3ceNOVLaptrGpAucmJ9qZoFmIMyWLWCWmt28TQHOe mPl1yve4wDlnm4o5l9qkHHZoZ3gmNRPUY34rWJwBfk60cfGWCPsh6gC4lg5FyMmy9zryJj VGMNu7HhSlLhqTsooGnl37rOW11BZiM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-640-iRSne_dONhexT27ZUbpCVA-1; Tue, 01 Mar 2022 05:44:04 -0500 X-MC-Unique: iRSne_dONhexT27ZUbpCVA-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2642C1091DA2; Tue, 1 Mar 2022 10:44:03 +0000 (UTC) Received: from rh.Home (unknown [10.39.194.142]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4A9F5721DF; Tue, 1 Mar 2022 10:44:02 +0000 (UTC) From: Kevin Traynor To: Pablo de Lara Cc: dpdk stable Subject: patch 'crypto/ipsec_mb: fix ZUC authentication verify' has been queued to stable release 21.11.1 Date: Tue, 1 Mar 2022 10:41:49 +0000 Message-Id: <20220301104300.334382-33-ktraynor@redhat.com> In-Reply-To: <20220301104300.334382-1-ktraynor@redhat.com> References: <20220301104300.334382-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 03/06/22. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/1170e24b20f8117145f05f6785afe45d1bf389f6 Thanks. Kevin --- >From 1170e24b20f8117145f05f6785afe45d1bf389f6 Mon Sep 17 00:00:00 2001 From: Pablo de Lara Date: Wed, 23 Feb 2022 16:01:14 +0000 Subject: [PATCH] crypto/ipsec_mb: fix ZUC authentication verify [ upstream commit bd3769739b3897865b1f0d2886ce1fe8a88eac75 ] ZUC authentication is done over multiple buffers at a time. When authentication verification is done, multiple scratch buffers are using to generate the tags that will be compared afterwards. However, the same scratch buffer was used always, instead of having different ones for each crypto operation. Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54") Signed-off-by: Pablo de Lara --- drivers/crypto/ipsec_mb/pmd_zuc.c | 2 +- drivers/crypto/ipsec_mb/pmd_zuc_priv.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ipsec_mb/pmd_zuc.c b/drivers/crypto/ipsec_mb/pmd_zuc.c index ec83d96dfc..07cf1462d2 100644 --- a/drivers/crypto/ipsec_mb/pmd_zuc.c +++ b/drivers/crypto/ipsec_mb/pmd_zuc.c @@ -167,5 +167,5 @@ process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops, hash_keys[i] = sess->pKey_hash; if (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY) - dst[i] = (uint32_t *)qp_data->temp_digest; + dst[i] = (uint32_t *)qp_data->temp_digest[i]; else dst[i] = (uint32_t *)ops[i]->sym->auth.digest.data; diff --git a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h index 46d5bfae37..76fd6758c2 100644 --- a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h +++ b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h @@ -76,5 +76,5 @@ struct zuc_session { struct zuc_qp_data { - uint8_t temp_digest[ZUC_DIGEST_LENGTH]; + uint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH]; /* *< Buffers used to store the digest generated * by the driver when verifying a digest provided -- 2.34.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2022-03-01 10:41:02.235999248 +0000 +++ 0033-crypto-ipsec_mb-fix-ZUC-authentication-verify.patch 2022-03-01 10:41:01.286244094 +0000 @@ -1 +1 @@ -From bd3769739b3897865b1f0d2886ce1fe8a88eac75 Mon Sep 17 00:00:00 2001 +From 1170e24b20f8117145f05f6785afe45d1bf389f6 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit bd3769739b3897865b1f0d2886ce1fe8a88eac75 ] + @@ -13 +14,0 @@ -Cc: stable@dpdk.org