From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 898474308E for ; Thu, 17 Aug 2023 13:46:16 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 81B6D43251; Thu, 17 Aug 2023 13:46:16 +0200 (CEST) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id 383B142D12; Thu, 17 Aug 2023 13:46:13 +0200 (CEST) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 37H3ZFva017346; Thu, 17 Aug 2023 04:46:12 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type; s=pfpt0220; bh=Q6Ygg/Su5Re4Jk30l83aWtEuYrW6Eix+SffxM2740Ic=; b=gTV5lQoqlCLG6tdYxkdBs2Lm291bV2M4zCKCCMsWQgQydFDiCKw7tICwLz/CwE3KwDb1 o/FxAutsKlJ2Ja/NCd246ay51EyvbYpw6GMI371KAjucHz8fjnONNE9cH0QcIr0KouHX p/EUIzUy20k+sXJ9zsl3P2EE1QN65HwjineSbi+Lf/2svlCPH+eZnYf++wql7s7oR656 7okumWaPI0OfvjmJEdxiGP/UViHcgxQRwpR7Stlw/mBZylkSY417ZecA8DAM67kOPhIc AEuEk238Sy4wa73vV5uKf/7kdjPIOI3BbUBIRoaGZfutvac82aUynk3yZaI9/S1L6Nm0 dw== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3sgptkwp48-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 17 Aug 2023 04:46:12 -0700 Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.48; Thu, 17 Aug 2023 04:46:10 -0700 Received: from hyd1399.caveonetworks.com.com (10.69.176.80) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.48 via Frontend Transport; Thu, 17 Aug 2023 04:46:08 -0700 From: Nagadheeraj Rottela To: CC: , Nagadheeraj Rottela , Subject: [PATCH 1/2] crypto/nitrox: fix panic with higher mbuf segments Date: Thu, 17 Aug 2023 17:15:56 +0530 Message-ID: <20230817114557.25574-2-rnagadheeraj@marvell.com> X-Mailer: git-send-email 2.13.6 In-Reply-To: <20230817114557.25574-1-rnagadheeraj@marvell.com> References: <20230817114557.25574-1-rnagadheeraj@marvell.com> MIME-Version: 1.0 Content-Type: text/plain X-Proofpoint-ORIG-GUID: VpLBF14vYj7BJiFl05AXSMlTWnsrjkCN X-Proofpoint-GUID: VpLBF14vYj7BJiFl05AXSMlTWnsrjkCN X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.267,Aquarius:18.0.957,Hydra:6.0.601,FMLib:17.11.176.26 definitions=2023-08-17_04,2023-08-17_02,2023-05-22_02 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org When the number of segments in source or destination mbuf is higher than max supported then the application was panicked during the creation of sglist when RTE_VERIFY was called. Validate the number of mbuf segments and return an error instead of panicking. Fixes: 678f3eca1dfd ("crypto/nitrox: support cipher-only operations") Fixes: 9282bdee5cdf ("crypto/nitrox: add cipher auth chain processing") Cc: stable@dpdk.org Signed-off-by: Nagadheeraj Rottela --- drivers/crypto/nitrox/nitrox_sym_reqmgr.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/drivers/crypto/nitrox/nitrox_sym_reqmgr.c b/drivers/crypto/nitrox/nitrox_sym_reqmgr.c index 9edb0cc00f..d7e8ff7db4 100644 --- a/drivers/crypto/nitrox/nitrox_sym_reqmgr.c +++ b/drivers/crypto/nitrox/nitrox_sym_reqmgr.c @@ -10,8 +10,11 @@ #include "nitrox_sym_reqmgr.h" #include "nitrox_logs.h" -#define MAX_SGBUF_CNT 16 -#define MAX_SGCOMP_CNT 5 +#define MAX_SUPPORTED_MBUF_SEGS 16 +/* IV + AAD + ORH + CC + DIGEST */ +#define ADDITIONAL_SGBUF_CNT 5 +#define MAX_SGBUF_CNT (MAX_SUPPORTED_MBUF_SEGS + ADDITIONAL_SGBUF_CNT) +#define MAX_SGCOMP_CNT (RTE_ALIGN_MUL_CEIL(MAX_SGBUF_CNT, 4) / 4) /* SLC_STORE_INFO */ #define MIN_UDD_LEN 16 /* PKT_IN_HDR + SLC_STORE_INFO */ @@ -303,7 +306,7 @@ create_sglist_from_mbuf(struct nitrox_sgtable *sgtbl, struct rte_mbuf *mbuf, datalen -= mlen; } - RTE_VERIFY(cnt <= MAX_SGBUF_CNT); + RTE_ASSERT(cnt <= MAX_SGBUF_CNT); sgtbl->map_bufs_cnt = cnt; return 0; } @@ -375,7 +378,7 @@ create_cipher_outbuf(struct nitrox_softreq *sr) sr->out.sglist[cnt].virt = &sr->resp.completion; cnt++; - RTE_VERIFY(cnt <= MAX_SGBUF_CNT); + RTE_ASSERT(cnt <= MAX_SGBUF_CNT); sr->out.map_bufs_cnt = cnt; create_sgcomp(&sr->out); @@ -600,7 +603,7 @@ create_aead_outbuf(struct nitrox_softreq *sr, struct nitrox_sglist *digest) resp.completion); sr->out.sglist[cnt].virt = &sr->resp.completion; cnt++; - RTE_VERIFY(cnt <= MAX_SGBUF_CNT); + RTE_ASSERT(cnt <= MAX_SGBUF_CNT); sr->out.map_bufs_cnt = cnt; create_sgcomp(&sr->out); @@ -774,6 +777,14 @@ nitrox_process_se_req(uint16_t qno, struct rte_crypto_op *op, { int err; + if (unlikely(op->sym->m_src->nb_segs > MAX_SUPPORTED_MBUF_SEGS || + (op->sym->m_dst && + op->sym->m_dst->nb_segs > MAX_SUPPORTED_MBUF_SEGS))) { + NITROX_LOG(ERR, "Mbuf segments not supported. " + "Max supported %d\n", MAX_SUPPORTED_MBUF_SEGS); + return -ENOTSUP; + } + softreq_init(sr, sr->iova); sr->ctx = ctx; sr->op = op; -- 2.13.6