From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1F3E8A04FF for ; Mon, 21 Mar 2022 23:12:44 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 18736427E9; Mon, 21 Mar 2022 23:12:44 +0100 (CET) Received: from mail-lf1-f47.google.com (mail-lf1-f47.google.com [209.85.167.47]) by mails.dpdk.org (Postfix) with ESMTP id E9E0A427E9 for ; Mon, 21 Mar 2022 23:12:42 +0100 (CET) Received: by mail-lf1-f47.google.com with SMTP id e16so12667524lfc.13 for ; Mon, 21 Mar 2022 15:12:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=q+7+iYJO/VQGJ/xBhD2bnhBb9xb+GWKJsL0rFp3N2S8=; b=fmy7EgwaXpDcd/OOhBamZIP34rbHY3AlBSXR8gM5pFa35I7WHgcuZKvgr+jJVHtMGf SKv+Fe6yrB/+7GJxNav5HKXMEn3+2wX1NqErEMXisx506zg2OS8bn27B3k38eJeSAwOW zh0jq2YWU75fXLftN2wNeJmJK3M+0MroaMF0KZvukXcy0bNhNmTOLqbb+YX2+P57gFGo 6mDc/U+bdvzVFg0h2FylSg0LqbNaqwlPMZGLWUq2DvjAVT+hf51wc7KGkijSF/3gcHfT PoIzZ0FZPvgo76emwjWP5TzON2iB+1vKa2C2WisjbRNq078V2r3r+U45hhDUcUqDKyuR h8ng== X-Gm-Message-State: AOAM531sjUmyB3X8WcXsGOo3Wd9QixS5w02zXUXIZG6Fkdm3tiww/w21 wd04U3Wvm5ESKZo6WNK0NmcygL3D4w1Qiw== X-Google-Smtp-Source: ABdhPJz1y4evFpAPGn/fIns7d68sTx1c70JWmx2anzJ1sMgAnurIYyHLFXqiqcmfqQPwWyS0Im3TPg== X-Received: by 2002:a05:6512:3048:b0:448:38e0:bf7d with SMTP id b8-20020a056512304800b0044838e0bf7dmr15898378lfb.367.1647900761831; Mon, 21 Mar 2022 15:12:41 -0700 (PDT) Received: from mail-lf1-f50.google.com (mail-lf1-f50.google.com. [209.85.167.50]) by smtp.gmail.com with ESMTPSA id w8-20020a0565120b0800b0044846f3a8d5sm1930876lfu.201.2022.03.21.15.12.41 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 21 Mar 2022 15:12:41 -0700 (PDT) Received: by mail-lf1-f50.google.com with SMTP id t25so26844835lfg.7 for ; Mon, 21 Mar 2022 15:12:41 -0700 (PDT) X-Received: by 2002:a05:6512:1096:b0:44a:2aa5:da0f with SMTP id j22-20020a056512109600b0044a2aa5da0fmr5113436lfg.581.1647900760970; Mon, 21 Mar 2022 15:12:40 -0700 (PDT) MIME-Version: 1.0 References: <20220314110559.1502861-1-pablo.de.lara.guarch@intel.com> In-Reply-To: From: Luca Boccassi Date: Mon, 21 Mar 2022 22:12:29 +0000 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 20.11 1/2] crypto/ipsec_mb: fix length and offset settings To: "De Lara Guarch, Pablo" Cc: "stable@dpdk.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org On Mon, 21 Mar 2022 at 19:57, De Lara Guarch, Pablo wrote: > > Hi Luca, > > > -----Original Message----- > > From: Luca Boccassi > > Sent: Monday, March 14, 2022 12:20 PM > > To: De Lara Guarch, Pablo ; stable@dpdk= .org > > Subject: Re: [PATCH 20.11 1/2] crypto/ipsec_mb: fix length and offset s= ettings > > > > On Mon, 2022-03-14 at 11:05 +0000, Pablo de Lara wrote: > > > [ upstream commit a501609ea6466ed8526c0dfadedee332a4d4a451 ] > > > > > > KASUMI, SNOW3G and ZUC require lengths and offsets to be set in bits > > > or bytes depending on the algorithm. > > > There were some algorithms that were mixing these two, so this commit > > > is fixing this issue. > > > > > > Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9") > > > Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2") > > > Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3") > > > > > > Signed-off-by: Pablo de Lara > > > --- > > > drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 121 > > > +++++++++++++++------ > > > 1 file changed, 86 insertions(+), 35 deletions(-) > > > > > > diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > > > b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > > > index f4ffb21e10..07f5caa76f 100644 > > > --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > > > +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > > > @@ -1057,7 +1057,9 @@ get_session(struct aesni_mb_qp *qp, struct > > > rte_crypto_op *op) > > > > > > > > > static inline uint64_t > > > auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session > > *session, > > > - uint32_t oop) > > > + uint32_t oop, const uint32_t auth_offset, > > > + const uint32_t cipher_offset, const uint32_t auth_length, > > > + const uint32_t cipher_length) > > > { > > > struct rte_mbuf *m_src, *m_dst; > > > uint8_t *p_src, *p_dst; > > > @@ -1066,7 +1068,7 @@ auth_start_offset(struct rte_crypto_op *op, > > > struct aesni_mb_session *session, > > > > > > > > > /* Only cipher then hash needs special calculation. */ > > > if (!oop || session->chain_order !=3D CIPHER_HASH) > > > - return op->sym->auth.data.offset; > > > + return auth_offset; > > > > > > > > > m_src =3D op->sym->m_src; > > > m_dst =3D op->sym->m_dst; > > > @@ -1074,24 +1076,23 @@ auth_start_offset(struct rte_crypto_op *op, > > struct aesni_mb_session *session, > > > p_src =3D rte_pktmbuf_mtod(m_src, uint8_t *); > > > p_dst =3D rte_pktmbuf_mtod(m_dst, uint8_t *); > > > u_src =3D (uintptr_t)p_src; > > > - u_dst =3D (uintptr_t)p_dst + op->sym->auth.data.offset; > > > + u_dst =3D (uintptr_t)p_dst + auth_offset; > > > > > > > > > /** > > > * Copy the content between cipher offset and auth offset for > > generating > > > * correct digest. > > > */ > > > - if (op->sym->cipher.data.offset > op->sym->auth.data.offset) > > > - memcpy(p_dst + op->sym->auth.data.offset, > > > - p_src + op->sym->auth.data.offset, > > > - op->sym->cipher.data.offset - > > > - op->sym->auth.data.offset); > > > - > > > + if (cipher_offset > auth_offset) > > > + memcpy(p_dst + auth_offset, > > > + p_src + auth_offset, > > > + cipher_offset - > > > + auth_offset); > > > /** > > > * Copy the content between (cipher offset + length) and (auth of= fset + > > > * length) for generating correct digest > > > */ > > > - cipher_end =3D op->sym->cipher.data.offset + op->sym- > > >cipher.data.length; > > > - auth_end =3D op->sym->auth.data.offset + op->sym->auth.data.lengt= h; > > > + cipher_end =3D cipher_offset + cipher_length; > > > + auth_end =3D auth_offset + auth_length; > > > if (cipher_end < auth_end) > > > memcpy(p_dst + cipher_end, p_src + cipher_end, > > > auth_end - cipher_end); > > > @@ -1246,6 +1247,10 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > aesni_mb_qp *qp, > > > struct rte_mbuf *m_src =3D op->sym->m_src, *m_dst; > > > struct aesni_mb_session *session; > > > uint32_t m_offset, oop; > > > + uint32_t auth_off_in_bytes; > > > + uint32_t ciph_off_in_bytes; > > > + uint32_t auth_len_in_bytes; > > > + uint32_t ciph_len_in_bytes; > > > > > > > > > session =3D get_session(qp, op); > > > if (session =3D=3D NULL) { > > > @@ -1362,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > aesni_mb_qp *qp, > > > if (job->cipher_mode =3D=3D IMB_CIPHER_ZUC_EEA3) { > > > job->aes_enc_key_expanded =3D session->cipher.zuc_cipher_= key; > > > job->aes_dec_key_expanded =3D session->cipher.zuc_cipher_= key; > > > + m_offset >>=3D 3; > > > } else if (job->cipher_mode =3D=3D IMB_CIPHER_SNOW3G_UEA2_BITLEN)= { > > > job->enc_keys =3D &session->cipher.pKeySched_snow3g_ciphe= r; > > > m_offset =3D 0; > > > @@ -1418,9 +1424,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > > aesni_mb_qp *qp, > > > > > > > > > switch (job->hash_alg) { > > > case AES_CCM: > > > - job->cipher_start_src_offset_in_bytes =3D > > > - op->sym->aead.data.offset; > > > - job->msg_len_to_cipher_in_bytes =3D op->sym- > > >aead.data.length; > > > job->hash_start_src_offset_in_bytes =3D op->sym- > > >aead.data.offset; > > > job->msg_len_to_hash_in_bytes =3D op->sym->aead.data.leng= th; > > > > > > > > > @@ -1430,19 +1433,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > > aesni_mb_qp *qp, > > > > > > > > > case AES_GMAC: > > > if (session->cipher.mode =3D=3D GCM) { > > > - job->cipher_start_src_offset_in_bytes =3D > > > - op->sym->aead.data.offset; > > > job->hash_start_src_offset_in_bytes =3D > > > op->sym->aead.data.offset; > > > - job->msg_len_to_cipher_in_bytes =3D > > > - op->sym->aead.data.length; > > > job->msg_len_to_hash_in_bytes =3D > > > op->sym->aead.data.length; > > > } else { > > > - job->cipher_start_src_offset_in_bytes =3D > > > - op->sym->auth.data.offset; > > > - job->hash_start_src_offset_in_bytes =3D > > > - op->sym->auth.data.offset; > > > job->msg_len_to_cipher_in_bytes =3D 0; > > > job->msg_len_to_hash_in_bytes =3D 0; > > > } > > > @@ -1453,10 +1448,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > > aesni_mb_qp *qp, > > > > > > > > > #if IMB_VERSION(0, 54, 3) <=3D IMB_VERSION_NUM > > > case IMB_AUTH_CHACHA20_POLY1305: > > > - job->cipher_start_src_offset_in_bytes =3D op->sym- > > >aead.data.offset; > > > job->hash_start_src_offset_in_bytes =3D op->sym- > > >aead.data.offset; > > > - job->msg_len_to_cipher_in_bytes =3D > > > - op->sym->aead.data.length; > > > job->msg_len_to_hash_in_bytes =3D > > > op->sym->aead.data.length; > > > > > > > > > @@ -1464,26 +1456,85 @@ set_mb_job_params(JOB_AES_HMAC *job, struct > > aesni_mb_qp *qp, > > > session->iv.offset); > > > break; > > > #endif > > > - default: > > > - /* For SNOW3G, length and offsets are already in bits */ > > > - job->cipher_start_src_offset_in_bytes =3D > > > - op->sym->cipher.data.offset; > > > - job->msg_len_to_cipher_in_bytes =3D op->sym- > > >cipher.data.length; > > > +#if IMB_VERSION(0, 53, 3) <=3D IMB_VERSION_NUM > > > + /* ZUC and SNOW3G require length in bits and offset in bytes */ > > > + case IMB_AUTH_ZUC_EIA3_BITLEN: > > > + case IMB_AUTH_SNOW3G_UIA2_BITLEN: > > > + auth_off_in_bytes =3D op->sym->auth.data.offset >> 3; > > > + ciph_off_in_bytes =3D op->sym->cipher.data.offset >> 3; > > > + auth_len_in_bytes =3D op->sym->auth.data.length >> 3; > > > + ciph_len_in_bytes =3D op->sym->cipher.data.length >> 3; > > > + > > > + job->hash_start_src_offset_in_bytes =3D auth_start_offset= (op, > > > + session, oop, auth_off_in_bytes, > > > + ciph_off_in_bytes, auth_len_in_bytes, > > > + ciph_len_in_bytes); > > > + job->msg_len_to_hash_in_bits =3D op->sym->auth.data.lengt= h; > > > + > > > + job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > > > + session->iv.offset); > > > + break; > > > + > > > + /* KASUMI requires lengths and offset in bytes */ > > > + case IMB_AUTH_KASUMI_UIA1: > > > + auth_off_in_bytes =3D op->sym->auth.data.offset >> 3; > > > + ciph_off_in_bytes =3D op->sym->cipher.data.offset >> 3; > > > + auth_len_in_bytes =3D op->sym->auth.data.length >> 3; > > > + ciph_len_in_bytes =3D op->sym->cipher.data.length >> 3; > > > > > > > > > job->hash_start_src_offset_in_bytes =3D auth_start_offset= (op, > > > - session, oop); > > > + session, oop, auth_off_in_bytes, > > > + ciph_off_in_bytes, auth_len_in_bytes, > > > + ciph_len_in_bytes); > > > + job->msg_len_to_hash_in_bytes =3D auth_len_in_bytes; > > > + > > > + job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > > > + session->iv.offset); > > > + break; > > > +#endif > > > + > > > + default: > > > + job->hash_start_src_offset_in_bytes =3D auth_start_offset= (op, > > > + session, oop, op->sym->auth.data.offset, > > > + op->sym->cipher.data.offset, > > > + op->sym->auth.data.length, > > > + op->sym->cipher.data.length); > > > job->msg_len_to_hash_in_bytes =3D op->sym->auth.data.leng= th; > > > > > > > > > job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > > > session->iv.offset); > > > } > > > > > > > > > + switch (job->cipher_mode) { > > > #if IMB_VERSION(0, 53, 3) <=3D IMB_VERSION_NUM > > > - if (job->cipher_mode =3D=3D IMB_CIPHER_ZUC_EEA3) > > > - job->msg_len_to_cipher_in_bytes >>=3D 3; > > > - else if (job->hash_alg =3D=3D IMB_AUTH_KASUMI_UIA1) > > > - job->msg_len_to_hash_in_bytes >>=3D 3; > > > + /* ZUC requires length and offset in bytes */ > > > + case IMB_CIPHER_ZUC_EEA3: > > > + job->cipher_start_src_offset_in_bytes =3D > > > + op->sym->cipher.data.offset >> 3; > > > + job->msg_len_to_cipher_in_bytes =3D > > > + op->sym->cipher.data.length >> 3; > > > + break; > > > + /* ZUC and SNOW3G require length and offset in bits */ > > > + case IMB_CIPHER_SNOW3G_UEA2_BITLEN: > > > + case IMB_CIPHER_KASUMI_UEA1_BITLEN: > > > + job->cipher_start_src_offset_in_bits =3D > > > + op->sym->cipher.data.offset; > > > + job->msg_len_to_cipher_in_bits =3D > > > + op->sym->cipher.data.length; > > > + break; > > > #endif > > > + case IMB_CIPHER_CCM: > > > + case IMB_CIPHER_GCM: > > > + case IMB_CIPHER_CHACHA20_POLY1305: > > > + job->cipher_start_src_offset_in_bytes =3D > > > + op->sym->aead.data.offset; > > > + job->msg_len_to_cipher_in_bytes =3D op->sym- > > >aead.data.length; > > > + break; > > > + default: > > > + job->cipher_start_src_offset_in_bytes =3D > > > + op->sym->cipher.data.offset; > > > + job->msg_len_to_cipher_in_bytes =3D op->sym- > > >cipher.data.length; > > > + } > > > > > > > > > /* Set user data to be crypto operation data struct */ > > > job->user_data =3D op; > > > > This breaks the build on Ubuntu 20.04: > > > > [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c: In function > > =E2=80=98set_mb_job_params=E2=80=99: > > [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: error: > > =E2=80=98IMB_CIPHER_GCM=E2=80=99 undeclared (first use in this function= ) [ 1944s] 1526 | case > > IMB_CIPHER_GCM: > > [ 1944s] | ^~~~~~~~~~~~~~ > > [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: note: ea= ch > > undeclared identifier is reported only once for each function it appear= s in [ > > 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1527:31: error: > > =E2=80=98IMB_CIPHER_NULL=E2=80=99 undeclared (first use in this functio= n) > > [ 1944s] 1527 | if (session->cipher.mode =3D=3D IMB_CIPHER_NULL) { > > [ 1944s] | ^~~~~~~~~~~~~~~ > > [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1538:7: error: > > =E2=80=98IMB_CIPHER_CCM=E2=80=99 undeclared (first use in this function= ) [ 1944s] 1538 | case > > IMB_CIPHER_CCM: > > [ 1944s] | ^~~~~~~~~~~~~~ > > [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1539:7: error: > > =E2=80=98IMB_CIPHER_CHACHA20_POLY1305=E2=80=99 undeclared (first use in= this function); did > > you mean =E2=80=98RTE_CRYPTO_AEAD_CHACHA20_POLY1305=E2=80=99? > > [ 1944s] 1539 | case IMB_CIPHER_CHACHA20_POLY1305: > > [ 1944s] | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > [ 1944s] | RTE_CRYPTO_AEAD_CHACHA20_POLY1305 > > > > https://build.opensuse.org/package/live_build_log/home:bluca:dpdk/dpdk- > > 20.11/Ubuntu_20.04/x86_64 > > Apologies, I did not see this till today. I don't think this patch is act= ually breaking the build. > To me, it looks like an environment issue (IMB_CIPHER_GCM for instance is= already present in the code). > I wonder if that system has the right version of IPSec Multi buffer libra= ry. > Only versions from v1.0 onwards are supported. > > Thanks, > Pablo In 20.11 ipsec-mb v0.52.0 and over are supported: https://git.dpdk.org/dpdk-stable/tree/drivers/crypto/aesni_mb/meson.build?h= =3D20.11#n4 If this patch requires a new version and breaks backward compatibility, then it does not appear to be not suitable for backporting.