From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D9F8843355 for ; Fri, 17 Nov 2023 13:37:55 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id CC3A1410E4; Fri, 17 Nov 2023 13:37:55 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [134.134.136.100]) by mails.dpdk.org (Postfix) with ESMTP id 1662C40648; Fri, 17 Nov 2023 13:37:51 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1700224672; x=1731760672; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=/tzuxuyWLJPTOXyCj5GeXCtaP7fD5PpjJcTfpV6WgPA=; b=G8wFyesM/QnV56a1LnF0HDJ2VRQovZk/EHGVS4+RLnIYdpVnfow7+4A7 uNYTe1qKBbsLNM+JPvT8Ok1Tm7BdDtqv0R7SPFdinsoHz3rAi9GNY3KaR y3XJ+l2P1Y3ZgJTEcLzO7t000azEnEzaTs9xS9+TUKNi24p4S2UKjiAO2 F5bfRMIMgA3zsc3812I8vmRuFNNeatqza1qGD4t/covvxioKVNpBDpiyp wm8zWUSzMjrsJZKCcwEoCFFMKwSekka0HqQePUPBlQ7qSPECJAmEMhfRV XVq+rqVfDd8fMkpAzInr47m8m2GRN63ujLIPB/d/o/DiOrrx+21oHfRHr Q==; X-IronPort-AV: E=McAfee;i="6600,9927,10896"; a="457790495" X-IronPort-AV: E=Sophos;i="6.04,206,1695711600"; d="scan'208";a="457790495" Received: from fmviesa001.fm.intel.com ([10.60.135.141]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Nov 2023 04:37:49 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.04,206,1695711600"; d="scan'208";a="13916851" Received: from silpixa00400902.ir.intel.com ([10.243.23.146]) by fmviesa001.fm.intel.com with ESMTP; 17 Nov 2023 04:37:48 -0800 From: Sivaramakrishnan Venkat To: dev@dpdk.org Cc: stable@dpdk.org, kai.ji@intel.com, gakhil@marvell.com, Sivaramakrishnan Venkat Subject: [PATCH v2] crypto/qat: fix block cipher misalignment for AES CBC and 3DES CBC Date: Fri, 17 Nov 2023 12:37:44 +0000 Message-Id: <20231117123744.592459-1-venkatx.sivaramakrishnan@intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231103133037.782512-1-venkatx.sivaramakrishnan@intel.com> References: <20231103133037.782512-1-venkatx.sivaramakrishnan@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org check cipher length alignment for 3DES CBC and AES CBC to change it to NULL service type for buffer misalignment. Fixes: def38073ac90 ("crypto/qat: check cipher buffer alignment") Cc: stable@dpdk.org Signed-off-by: Sivaramakrishnan Venkat Acked-by: Kai Ji --- v2: Dropped new tests patch. Removed settings reponse header directly. Cleared cookie status instead of setting to SUCCESS. --- drivers/crypto/qat/dev/qat_crypto_pmd_gens.h | 27 +++++++++++++++----- drivers/crypto/qat/dev/qat_sym_pmd_gen1.c | 12 ++++----- drivers/crypto/qat/qat_sym.h | 8 ++++++ 3 files changed, 34 insertions(+), 13 deletions(-) diff --git a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h index eebf2e6eb8..b8ddf42d6f 100644 --- a/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h +++ b/drivers/crypto/qat/dev/qat_crypto_pmd_gens.h @@ -618,7 +618,8 @@ static __rte_always_inline void enqueue_one_cipher_job_gen1(struct qat_sym_session *ctx, struct icp_qat_fw_la_bulk_req *req, struct rte_crypto_va_iova_ptr *iv, - union rte_crypto_sym_ofs ofs, uint32_t data_len) + union rte_crypto_sym_ofs ofs, uint32_t data_len, + struct qat_sym_op_cookie *cookie) { struct icp_qat_fw_la_cipher_req_params *cipher_param; @@ -629,6 +630,15 @@ enqueue_one_cipher_job_gen1(struct qat_sym_session *ctx, cipher_param->cipher_offset = ofs.ofs.cipher.head; cipher_param->cipher_length = data_len - ofs.ofs.cipher.head - ofs.ofs.cipher.tail; + + if (AES_OR_3DES_MISALIGNED) { + QAT_LOG(DEBUG, + "Input cipher buffer misalignment detected and change job as NULL operation"); + struct icp_qat_fw_comn_req_hdr *header = &req->comn_hdr; + header->service_type = ICP_QAT_FW_COMN_REQ_NULL; + header->service_cmd_id = ICP_QAT_FW_NULL_REQ_SERV_ID; + cookie->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + } } static __rte_always_inline void @@ -685,7 +695,8 @@ enqueue_one_chain_job_gen1(struct qat_sym_session *ctx, struct rte_crypto_va_iova_ptr *cipher_iv, struct rte_crypto_va_iova_ptr *digest, struct rte_crypto_va_iova_ptr *auth_iv, - union rte_crypto_sym_ofs ofs, uint32_t data_len) + union rte_crypto_sym_ofs ofs, uint32_t data_len, + struct qat_sym_op_cookie *cookie) { struct icp_qat_fw_la_cipher_req_params *cipher_param; struct icp_qat_fw_la_auth_req_params *auth_param; @@ -722,11 +733,13 @@ enqueue_one_chain_job_gen1(struct qat_sym_session *ctx, * error detected. */ if (AES_OR_3DES_MISALIGNED) { - QAT_LOG(ERR, "Input cipher length alignment error detected.\n"); - ctx->qat_cipher_alg = ICP_QAT_HW_CIPHER_ALGO_NULL; - ctx->qat_hash_alg = ICP_QAT_HW_AUTH_ALGO_NULL; - cipher_param->cipher_length = 0; - auth_param->auth_len = 0; + QAT_LOG(DEBUG, + "Input cipher buffer misalignment detected and change job as NULL operation"); + struct icp_qat_fw_comn_req_hdr *header = &req->comn_hdr; + header->service_type = ICP_QAT_FW_COMN_REQ_NULL; + header->service_cmd_id = ICP_QAT_FW_NULL_REQ_SERV_ID; + cookie->status = RTE_CRYPTO_OP_STATUS_INVALID_ARGS; + return -1; } switch (ctx->qat_hash_alg) { diff --git a/drivers/crypto/qat/dev/qat_sym_pmd_gen1.c b/drivers/crypto/qat/dev/qat_sym_pmd_gen1.c index e4bcfa59e7..208b7e0ba6 100644 --- a/drivers/crypto/qat/dev/qat_sym_pmd_gen1.c +++ b/drivers/crypto/qat/dev/qat_sym_pmd_gen1.c @@ -248,7 +248,7 @@ qat_sym_build_op_cipher_gen1(void *in_op, struct qat_sym_session *ctx, return -EINVAL; } - enqueue_one_cipher_job_gen1(ctx, req, &cipher_iv, ofs, total_len); + enqueue_one_cipher_job_gen1(ctx, req, &cipher_iv, ofs, total_len, op_cookie); qat_sym_debug_log_dump(req, ctx, in_sgl.vec, in_sgl.num, &cipher_iv, NULL, NULL, NULL); @@ -383,7 +383,7 @@ qat_sym_build_op_chain_gen1(void *in_op, struct qat_sym_session *ctx, enqueue_one_chain_job_gen1(ctx, req, in_sgl.vec, in_sgl.num, out_sgl.vec, out_sgl.num, &cipher_iv, &digest, &auth_iv, - ofs, total_len); + ofs, total_len, cookie); qat_sym_debug_log_dump(req, ctx, in_sgl.vec, in_sgl.num, &cipher_iv, &auth_iv, NULL, &digest); @@ -507,7 +507,7 @@ qat_sym_dp_enqueue_single_cipher_gen1(void *qp_data, uint8_t *drv_ctx, if (unlikely(data_len < 0)) return -1; - enqueue_one_cipher_job_gen1(ctx, req, iv, ofs, (uint32_t)data_len); + enqueue_one_cipher_job_gen1(ctx, req, iv, ofs, (uint32_t)data_len, cookie); qat_sym_debug_log_dump(req, ctx, data, n_data_vecs, iv, NULL, NULL, NULL); @@ -564,7 +564,7 @@ qat_sym_dp_enqueue_cipher_jobs_gen1(void *qp_data, uint8_t *drv_ctx, if (unlikely(data_len < 0)) break; enqueue_one_cipher_job_gen1(ctx, req, &vec->iv[i], ofs, - (uint32_t)data_len); + (uint32_t)data_len, cookie); tail = (tail + tx_queue->msg_size) & tx_queue->modulo_mask; qat_sym_debug_log_dump(req, ctx, vec->src_sgl[i].vec, @@ -740,7 +740,7 @@ qat_sym_dp_enqueue_single_chain_gen1(void *qp_data, uint8_t *drv_ctx, if (unlikely(enqueue_one_chain_job_gen1(ctx, req, data, n_data_vecs, NULL, 0, cipher_iv, job_digest, auth_iv, ofs, - (uint32_t)data_len))) + (uint32_t)data_len, cookie))) return -1; dp_ctx->tail = tail; @@ -811,7 +811,7 @@ qat_sym_dp_enqueue_chain_jobs_gen1(void *qp_data, uint8_t *drv_ctx, vec->src_sgl[i].vec, vec->src_sgl[i].num, NULL, 0, &vec->iv[i], job_digest, - &vec->auth_iv[i], ofs, (uint32_t)data_len))) + &vec->auth_iv[i], ofs, (uint32_t)data_len, cookie))) break; tail = (tail + tx_queue->msg_size) & tx_queue->modulo_mask; diff --git a/drivers/crypto/qat/qat_sym.h b/drivers/crypto/qat/qat_sym.h index b4e19e3015..71e9d5f34b 100644 --- a/drivers/crypto/qat/qat_sym.h +++ b/drivers/crypto/qat/qat_sym.h @@ -117,6 +117,7 @@ struct qat_sym_op_cookie { } opt; uint8_t digest_null[4]; phys_addr_t digest_null_phys_addr; + enum rte_crypto_op_status status; }; struct qat_sym_dp_ctx { @@ -321,6 +322,7 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie, (resp_msg->opaque_data); struct qat_sym_session *sess; uint8_t is_docsis_sec; + struct qat_sym_op_cookie *cookie = NULL; #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG QAT_DP_HEXDUMP_LOG(DEBUG, "qat_response:", (uint8_t *)resp_msg, @@ -366,6 +368,12 @@ qat_sym_process_response(void **op, uint8_t *resp, void *op_cookie, sess->auth_key_length); } + cookie = (struct qat_sym_op_cookie *) op_cookie; + if (cookie->status == RTE_CRYPTO_OP_STATUS_INVALID_ARGS) { + rx_op->status = cookie->status; + cookie->status = 0; + } + *op = (void *)rx_op; /* -- 2.25.1