From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id ABD10A0032 for ; Wed, 16 Mar 2022 16:15:54 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id A6B0240395; Wed, 16 Mar 2022 16:15:54 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 127DB41158 for ; Wed, 16 Mar 2022 16:15:52 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1647443752; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ixP0BO4M7BBraTSRkWU31QrXaizha8rvuny88FvbtnI=; b=bhjcE3Ke95KguzEQmXDgaKfoyWPWFlb7G43ThToX8vSJFNzlgeEC+59U1IVidSX5lMdn/V VuGYGpT1CWuOIlmFZQF0dh7IpoCF1jm3bJ92EWr/nZRm1HdJ5UGVhvO/CMg9Uv+eRH8Wp5 JevJTaiL1qONZ4HqGNXe3h/85VhSpKA= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-85-kgiJFCQdOsivl9aEF1QmiA-1; Wed, 16 Mar 2022 11:15:49 -0400 X-MC-Unique: kgiJFCQdOsivl9aEF1QmiA-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 04231811E75; Wed, 16 Mar 2022 15:15:49 +0000 (UTC) Received: from rh.redhat.com (unknown [10.39.195.131]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1367F4B8D43; Wed, 16 Mar 2022 15:15:47 +0000 (UTC) From: Kevin Traynor To: Piotr Bronowski Cc: Ciara Power , dpdk stable Subject: patch 'crypto/ipsec_mb: fix GCM requested digest length' has been queued to stable release 21.11.1 Date: Wed, 16 Mar 2022 15:15:11 +0000 Message-Id: <20220316151524.1242199-10-ktraynor@redhat.com> In-Reply-To: <20220316151524.1242199-1-ktraynor@redhat.com> References: <20220316151524.1242199-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 03/21/22. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/75c570058bc84363756d2a7a36e9650b73520381 Thanks. Kevin --- >From 75c570058bc84363756d2a7a36e9650b73520381 Mon Sep 17 00:00:00 2001 From: Piotr Bronowski Date: Wed, 9 Mar 2022 18:02:00 +0000 Subject: [PATCH] crypto/ipsec_mb: fix GCM requested digest length [ upstream commit 2c6b3438d6caa096fca1b2f078f3ca18ce737ded ] This patch removes coverity defect CID 375828: Untrusted value as argument (TAINTED_SCALAR) Coverity issue: 375828 Fixes: ceb863938708 ("crypto/aesni_gcm: support all truncated digest sizes") Signed-off-by: Piotr Bronowski Acked-by: Ciara Power --- drivers/crypto/ipsec_mb/pmd_aesni_gcm.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c index e5ad629fe5..2c033c6f28 100644 --- a/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c +++ b/drivers/crypto/ipsec_mb/pmd_aesni_gcm.c @@ -97,5 +97,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session, key_length = auth_xform->auth.key.length; key = auth_xform->auth.key.data; - sess->req_digest_length = auth_xform->auth.digest_length; + sess->req_digest_length = + RTE_MIN(auth_xform->auth.digest_length, + DIGEST_LENGTH_MAX); break; case IPSEC_MB_OP_AEAD_AUTHENTICATED_ENCRYPT: @@ -117,5 +119,7 @@ aesni_gcm_session_configure(IMB_MGR *mb_mgr, void *session, key = aead_xform->aead.key.data; sess->aad_length = aead_xform->aead.aad_length; - sess->req_digest_length = aead_xform->aead.digest_length; + sess->req_digest_length = + RTE_MIN(aead_xform->aead.digest_length, + DIGEST_LENGTH_MAX); break; default: -- 2.34.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2022-03-16 15:14:12.391934910 +0000 +++ 0010-crypto-ipsec_mb-fix-GCM-requested-digest-length.patch 2022-03-16 15:14:12.108847604 +0000 @@ -1 +1 @@ -From 2c6b3438d6caa096fca1b2f078f3ca18ce737ded Mon Sep 17 00:00:00 2001 +From 75c570058bc84363756d2a7a36e9650b73520381 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 2c6b3438d6caa096fca1b2f078f3ca18ce737ded ] + @@ -11 +12,0 @@ -Cc: stable@dpdk.org