From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: ktraynor@redhat.com
Cc: stable@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>,
Fan Zhang <roy.fan.zhang@intel.com>,
Radu Nicolau <radu.nicolau@intel.com>
Subject: [PATCH 21.11 v2 2/2] crypto/ipsec_mb: fix GMAC parameters setting
Date: Tue, 22 Mar 2022 15:14:47 +0000 [thread overview]
Message-ID: <20220322151447.718221-2-pablo.de.lara.guarch@intel.com> (raw)
In-Reply-To: <20220322151447.718221-1-pablo.de.lara.guarch@intel.com>
[ upstream commit 837269c2e5c5a8813adfcf59f23b80569048ddeb ]
AES-GMAC requires plaintext length to be 0 when using AES-GCM,
so only AAD data is used.
Fixes: a501609ea646 ("crypto/ipsec_mb: fix length and offset settings")
Cc: pablo.de.lara.guarch@intel.com
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Tested-by: Radu Nicolau <radu.nicolau@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index 519ff023ff..536a586e98 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -1284,9 +1284,9 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
op->sym->aead.data.offset;
job->msg_len_to_hash_in_bytes =
op->sym->aead.data.length;
- } else {
- job->msg_len_to_cipher_in_bytes = 0;
+ } else { /* AES-GMAC only, only AAD used */
job->msg_len_to_hash_in_bytes = 0;
+ job->hash_start_src_offset_in_bytes = 0;
}
job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
@@ -1366,8 +1366,18 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
job->msg_len_to_cipher_in_bits =
op->sym->cipher.data.length;
break;
- case IMB_CIPHER_CCM:
case IMB_CIPHER_GCM:
+ if (session->cipher.mode == IMB_CIPHER_NULL) {
+ /* AES-GMAC only (only AAD used) */
+ job->msg_len_to_cipher_in_bytes = 0;
+ job->cipher_start_src_offset_in_bytes = 0;
+ } else {
+ job->cipher_start_src_offset_in_bytes =
+ op->sym->aead.data.offset;
+ job->msg_len_to_cipher_in_bytes = op->sym->aead.data.length;
+ }
+ break;
+ case IMB_CIPHER_CCM:
case IMB_CIPHER_CHACHA20_POLY1305:
job->cipher_start_src_offset_in_bytes =
op->sym->aead.data.offset;
--
2.25.1
next prev parent reply other threads:[~2022-03-22 15:14 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-22 15:14 [PATCH 21.11 v2 1/2] crypto/ipsec_mb: fix length and offset settings Pablo de Lara
2022-03-22 15:14 ` Pablo de Lara [this message]
2022-03-23 16:14 ` Kevin Traynor
2022-03-25 15:07 ` Kevin Traynor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220322151447.718221-2-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=ktraynor@redhat.com \
--cc=radu.nicolau@intel.com \
--cc=roy.fan.zhang@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).