From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id F0F53A0032
	for <public@inbox.dpdk.org>; Fri, 24 Jun 2022 17:02:15 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id EC0204069D;
	Fri, 24 Jun 2022 17:02:15 +0200 (CEST)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mails.dpdk.org (Postfix) with ESMTP id 61F64400EF
 for <stable@dpdk.org>; Fri, 24 Jun 2022 17:02:13 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1656082932;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=waJFnDbRN3WCqK/meQO/K0VTg2HZmEDSbFSbQ/whLTs=;
 b=I5P9xUHua6wgj31Fnm9FTyk9raVmRcwSCKHkiFxysLTctHLkMw3JeHkDSUsgwhduZ6M8oO
 sWaOrhRWOiOS5JiaLmlx2kvxXzLB0OPoRwh3M5jge5t7w3sGemIv+FfFX7dufd8X2AKMPT
 KnuS/U+8Uvtq8aPFaVEjjLfgdLEaEJA=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-308-skKYudiNOY2YT3U7p1ppZw-1; Fri, 24 Jun 2022 11:02:09 -0400
X-MC-Unique: skKYudiNOY2YT3U7p1ppZw-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 51188101E988;
 Fri, 24 Jun 2022 15:02:09 +0000 (UTC)
Received: from rh.redhat.com (unknown [10.39.194.217])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 794769D63;
 Fri, 24 Jun 2022 15:02:08 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Radu Nicolau <radu.nicolau@intel.com>
Cc: Fan Zhang <roy.fan.zhang@intel.com>,
	dpdk stable <stable@dpdk.org>
Subject: patch 'ipsec: fix NAT-T ports and length' has been queued to stable
 release 21.11.2
Date: Fri, 24 Jun 2022 16:01:15 +0100
Message-Id: <20220624150148.1855580-7-ktraynor@redhat.com>
In-Reply-To: <20220624150148.1855580-1-ktraynor@redhat.com>
References: <20220624150148.1855580-1-ktraynor@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"; x-default=true
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

Hi,

FYI, your patch has been queued to stable release 21.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 06/27/22. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/d6a5fb4092c3f59726f76e777879d94a9477f3c9

Thanks.

Kevin

---
>From d6a5fb4092c3f59726f76e777879d94a9477f3c9 Mon Sep 17 00:00:00 2001
From: Radu Nicolau <radu.nicolau@intel.com>
Date: Wed, 25 May 2022 14:59:10 +0100
Subject: [PATCH] ipsec: fix NAT-T ports and length

[ upstream commit 778bbc089177f2e4cd9b3e66ec1a7940ffcab1e1 ]

Fix the UDP header fields, wrong byte order used for src and dst port
and wrong offset used when updating UDP datagram length.

Fixes: 01eef5907fc3 ("ipsec: support NAT-T")

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 lib/ipsec/esp_outb.c | 2 +-
 lib/ipsec/sa.c       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/ipsec/esp_outb.c b/lib/ipsec/esp_outb.c
index 672e56aba0..28bd58e3c7 100644
--- a/lib/ipsec/esp_outb.c
+++ b/lib/ipsec/esp_outb.c
@@ -198,5 +198,5 @@ outb_tun_pkt_prepare(struct rte_ipsec_sa *sa, rte_be64_t sqc,
 	if (sa->type & RTE_IPSEC_SATP_NATT_ENABLE) {
 		struct rte_udp_hdr *udph = (struct rte_udp_hdr *)
-				(ph - sizeof(struct rte_udp_hdr));
+			(ph + sa->hdr_len - sizeof(struct rte_udp_hdr));
 		udph->dgram_len = rte_cpu_to_be_16(mb->pkt_len - sqh_len -
 				sa->hdr_l3_off - sa->hdr_len);
diff --git a/lib/ipsec/sa.c b/lib/ipsec/sa.c
index cdb70af0cb..c921699390 100644
--- a/lib/ipsec/sa.c
+++ b/lib/ipsec/sa.c
@@ -368,6 +368,6 @@ esp_outb_tun_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm)
 				&sa->hdr[prm->tun.hdr_len];
 		sa->hdr_len += sizeof(struct rte_udp_hdr);
-		udph->src_port = prm->ipsec_xform.udp.sport;
-		udph->dst_port = prm->ipsec_xform.udp.dport;
+		udph->src_port = rte_cpu_to_be_16(prm->ipsec_xform.udp.sport);
+		udph->dst_port = rte_cpu_to_be_16(prm->ipsec_xform.udp.dport);
 		udph->dgram_cksum = 0;
 	}
-- 
2.34.3

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2022-06-24 15:51:09.210417380 +0100
+++ 0007-ipsec-fix-NAT-T-ports-and-length.patch	2022-06-24 15:51:08.846984014 +0100
@@ -1 +1 @@
-From 778bbc089177f2e4cd9b3e66ec1a7940ffcab1e1 Mon Sep 17 00:00:00 2001
+From d6a5fb4092c3f59726f76e777879d94a9477f3c9 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 778bbc089177f2e4cd9b3e66ec1a7940ffcab1e1 ]
+
@@ -10 +11,0 @@
-Cc: stable@dpdk.org
@@ -20 +21 @@
-index 6925bb9945..5a5429a12b 100644
+index 672e56aba0..28bd58e3c7 100644
@@ -23 +24 @@
-@@ -197,5 +197,5 @@ outb_tun_pkt_prepare(struct rte_ipsec_sa *sa, rte_be64_t sqc,
+@@ -198,5 +198,5 @@ outb_tun_pkt_prepare(struct rte_ipsec_sa *sa, rte_be64_t sqc,
@@ -31 +32 @@
-index 1b673b6a18..59a547637d 100644
+index cdb70af0cb..c921699390 100644
@@ -34 +35 @@
-@@ -365,6 +365,6 @@ esp_outb_tun_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm)
+@@ -368,6 +368,6 @@ esp_outb_tun_init(struct rte_ipsec_sa *sa, const struct rte_ipsec_sa_prm *prm)