From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 6119441CB2
	for <public@inbox.dpdk.org>; Thu, 16 Feb 2023 15:25:03 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 4E52242D62;
	Thu, 16 Feb 2023 15:25:03 +0100 (CET)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id BEB2340E03;
 Thu, 16 Feb 2023 15:25:00 +0100 (CET)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id
 31GEMgH3027452; Thu, 16 Feb 2023 06:24:55 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : mime-version : content-transfer-encoding :
 content-type; s=pfpt0220; bh=D4/OLIKlLHHKVCjVrwarg6peUWebbvBFDaiBXaFjaoY=;
 b=jEjwbTvKlL4x130m7h1eoXNsSjk3N4e+FDfWkKd9MCSXnc+Pv2bG8cSvMZEDcRX2+1Gs
 kOFEsC2SGP1rNcCrOACGBgccY4GT3d03OGg4wJ5SnVhIrje3yFCekqiBzqj5UFwDOSFU
 lHWwYglAVJjnu1kTaY0p7u6BzBvTvU/n+dbKUrIWjj8ShH5r2NZ1b8fO5ImOq3XzLHdp
 yWfsH3j24VRz9zFDeE8QKlw+gJty6QCRQ131qTndonWePTa7wIqCnS0GG6Gtt+DIsSmg
 fSLE6w+/F6PVG28DXVjhX5dVbaMf5GcUF86hFYaWz4jx4k1Xgo7Upb1lt1/TGS0LNZ1x tw== 
Received: from dc5-exch01.marvell.com ([199.233.59.181])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3nsg888xmu-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);
 Thu, 16 Feb 2023 06:24:55 -0800
Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.42;
 Thu, 16 Feb 2023 06:24:53 -0800
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.42 via Frontend
 Transport; Thu, 16 Feb 2023 06:24:53 -0800
Received: from localhost.localdomain (unknown [10.28.36.102])
 by maili.marvell.com (Postfix) with ESMTP id 242443F7089;
 Thu, 16 Feb 2023 06:24:49 -0800 (PST)
From: Akhil Goyal <gakhil@marvell.com>
To: <dev@dpdk.org>
CC: <radu.nicolau@intel.com>, <anoobj@marvell.com>, <g.singh@nxp.com>,
 <hemant.agrawal@nxp.com>, <kai.ji@intel.com>, <ruifeng.wang@arm.com>,
 <sunilprakashrao.uttarwar@amd.com>, <rnagadheeraj@marvell.com>,
 <matan@nvidia.com>, Akhil Goyal <gakhil@marvell.com>, <stable@dpdk.org>
Subject: [PATCH 1/3] examples/ipsec-secgw: fix auth IV length
Date: Thu, 16 Feb 2023 19:54:40 +0530
Message-ID: <20230216142442.3657742-1-gakhil@marvell.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-ORIG-GUID: oEN7bJP3BZVtlkOpgHO1DLukuS7o23mP
X-Proofpoint-GUID: oEN7bJP3BZVtlkOpgHO1DLukuS7o23mP
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.219,Aquarius:18.0.930,Hydra:6.0.562,FMLib:17.11.170.22
 definitions=2023-02-16_10,2023-02-16_01,2023-02-09_01
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

Currently, cipher IV length is getting used to set auth
xform IV length. Auth IV is needed for AES-GMAC case,
and in all other cases, auth IV should be 0.
Used a separate auth IV length to separate out cipher and auth cases.

Fixes: 9413c3901f31 ("examples/ipsec-secgw: support additional algorithms")
Cc: stable@dpdk.org

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
---
 examples/ipsec-secgw/sa.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 7da9444a7b..001762bea9 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -1247,6 +1247,7 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 	struct ipsec_sa *sa;
 	uint32_t i, idx;
 	uint16_t iv_length, aad_length;
+	uint16_t auth_iv_length = 0;
 	int inline_status;
 	int32_t rc;
 	struct rte_ipsec_session *ips;
@@ -1340,7 +1341,7 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 
 			/* AES_GMAC uses salt like AEAD algorithms */
 			if (sa->auth_algo == RTE_CRYPTO_AUTH_AES_GMAC)
-				iv_length = 12;
+				auth_iv_length = 12;
 
 			if (inbound) {
 				sa_ctx->xf[idx].b.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -1364,7 +1365,7 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 				sa_ctx->xf[idx].a.auth.op =
 					RTE_CRYPTO_AUTH_OP_VERIFY;
 				sa_ctx->xf[idx].a.auth.iv.offset = IV_OFFSET;
-				sa_ctx->xf[idx].a.auth.iv.length = iv_length;
+				sa_ctx->xf[idx].a.auth.iv.length = auth_iv_length;
 
 			} else { /* outbound */
 				sa_ctx->xf[idx].a.type = RTE_CRYPTO_SYM_XFORM_CIPHER;
@@ -1388,7 +1389,7 @@ sa_add_rules(struct sa_ctx *sa_ctx, const struct ipsec_sa entries[],
 				sa_ctx->xf[idx].b.auth.op =
 					RTE_CRYPTO_AUTH_OP_GENERATE;
 				sa_ctx->xf[idx].b.auth.iv.offset = IV_OFFSET;
-				sa_ctx->xf[idx].b.auth.iv.length = iv_length;
+				sa_ctx->xf[idx].b.auth.iv.length = auth_iv_length;
 
 			}
 
-- 
2.25.1