From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id C4F40A04FF
	for <public@inbox.dpdk.org>; Tue, 22 Mar 2022 11:39:52 +0100 (CET)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id BF00940151;
	Tue, 22 Mar 2022 11:39:52 +0100 (CET)
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
 by mails.dpdk.org (Postfix) with ESMTP id BF96640151
 for <stable@dpdk.org>; Tue, 22 Mar 2022 11:39:51 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1647945591;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=aC7nqdVA0VNf6vqJQX44U5/ya2wM1uKdfLQse/22cwM=;
 b=Nzhm/WjopQUaqA1sU9xFF8zvuWmJcNq5vfOl2dE3/yzLs7KugsKn1PV4nyWCsqijoN75Az
 SkqPkvWFeD84UmAF9lAQJvpYcdWfoepjcKzmWZJaiBfzhGo93pT1DwtSXjgSagf/u4EzBh
 SsowGJcM2fae8zCMp8BHGNrQIznT+Qg=
Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com
 [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-453-mQ2_nn2tO12UTFvrkS5_HQ-1; Tue, 22 Mar 2022 06:39:48 -0400
X-MC-Unique: mQ2_nn2tO12UTFvrkS5_HQ-1
Received: by mail-wm1-f70.google.com with SMTP id
 q6-20020a1cf306000000b0038c5726365aso682510wmq.3
 for <stable@dpdk.org>; Tue, 22 Mar 2022 03:39:47 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:message-id:date:mime-version:user-agent
 :content-language:to:cc:references:from:subject:in-reply-to
 :content-transfer-encoding;
 bh=aC7nqdVA0VNf6vqJQX44U5/ya2wM1uKdfLQse/22cwM=;
 b=JAHFg2Rad5q6TpGR25kEXJNFcr/LRbQvhy0mhfM0wr17I4LlySklmn8KxZWsvxF0Z2
 JIpIIq2EGRrX9mPDqPxBKykPqXink7ugATrhSnn2eKEst5IX+1ZuT4FVDkhZ0i93lSe+
 82NLqEYymiFTwLWHJQi5ltxK/wGT3/kGtdZ/h7zCxM82ZdcXyxBzXu/r3QI3KKbmhPO4
 toBD5A3licCZd3FvS1LoVMVUCgwT6YfHJAoKIui7Ay4zjYcpn7YL+5XKaK+B2+Bl9B6a
 Bd1idVbTfcLUyLe0txqI0twEuA5YC7iIGia8T0WW8XyPfg+AjH6IGTWpvQ2k9r8prD6T
 1NHw==
X-Gm-Message-State: AOAM531E8MBIVqI9X99dPbpeYkSZsukSWhKemTRqw/XUpcLmxxgVECCV
 j/bQPFGd5QbyQbsq1/4TyLAzbBtYSfYHkqQofzieOS8T5Cl5U5T3io2Dbg7sPtiQjsHU55kqzrn
 fq20uaek=
X-Received: by 2002:adf:d1c4:0:b0:204:b9d:a840 with SMTP id
 b4-20020adfd1c4000000b002040b9da840mr9035025wrd.285.1647945586937; 
 Tue, 22 Mar 2022 03:39:46 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJw0F838hxYdtc2sc4XSK8zBfrQJ5DSc62TNNzMIKpiXNEKBingqTMFluYOT26Itpp0yl59sMg==
X-Received: by 2002:adf:d1c4:0:b0:204:b9d:a840 with SMTP id
 b4-20020adfd1c4000000b002040b9da840mr9035011wrd.285.1647945586692; 
 Tue, 22 Mar 2022 03:39:46 -0700 (PDT)
Received: from [192.168.0.36] ([78.17.178.139])
 by smtp.gmail.com with ESMTPSA id
 u7-20020a5d6da7000000b00203d9d1875bsm17397442wrs.73.2022.03.22.03.39.46
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Tue, 22 Mar 2022 03:39:46 -0700 (PDT)
Message-ID: <f8e4da3c-1dba-ebae-e600-7222ccd2de98@redhat.com>
Date: Tue, 22 Mar 2022 10:39:45 +0000
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.7.0
To: Luca Boccassi <bluca@debian.org>,
 "De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>
Cc: "stable@dpdk.org" <stable@dpdk.org>
References: <20220314110559.1502861-1-pablo.de.lara.guarch@intel.com>
 <f9030407a47a8554b2c09426c5bc40049647db2d.camel@debian.org>
 <DM8PR11MB559161E51BA353FCE9006CC184169@DM8PR11MB5591.namprd11.prod.outlook.com>
 <CAMw=ZnRV+ut6+jktLjjz8ftJ4x--USBnr6WH9qySoMw1tkbVCw@mail.gmail.com>
From: Kevin Traynor <ktraynor@redhat.com>
Subject: Re: [PATCH 20.11 1/2] crypto/ipsec_mb: fix length and offset settings
In-Reply-To: <CAMw=ZnRV+ut6+jktLjjz8ftJ4x--USBnr6WH9qySoMw1tkbVCw@mail.gmail.com>
Authentication-Results: relay.mimecast.com;
 auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=ktraynor@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org

On 21/03/2022 22:12, Luca Boccassi wrote:
> On Mon, 21 Mar 2022 at 19:57, De Lara Guarch, Pablo
> <pablo.de.lara.guarch@intel.com> wrote:
>>
>> Hi Luca,
>>
>>> -----Original Message-----
>>> From: Luca Boccassi <bluca@debian.org>
>>> Sent: Monday, March 14, 2022 12:20 PM
>>> To: De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; stable@dpdk.org
>>> Subject: Re: [PATCH 20.11 1/2] crypto/ipsec_mb: fix length and offset settings
>>>
>>> On Mon, 2022-03-14 at 11:05 +0000, Pablo de Lara wrote:
>>>> [ upstream commit a501609ea6466ed8526c0dfadedee332a4d4a451 ]
>>>>
>>>> KASUMI, SNOW3G and ZUC require lengths and offsets to be set in bits
>>>> or bytes depending on the algorithm.
>>>> There were some algorithms that were mixing these two, so this commit
>>>> is fixing this issue.
>>>>
>>>> Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9")
>>>> Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2")
>>>> Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3")
>>>>
>>>> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
>>>> ---
>>>>   drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 121
>>>> +++++++++++++++------
>>>>   1 file changed, 86 insertions(+), 35 deletions(-)
>>>>
>>>> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
>>>> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
>>>> index f4ffb21e10..07f5caa76f 100644
>>>> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
>>>> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
>>>> @@ -1057,7 +1057,9 @@ get_session(struct aesni_mb_qp *qp, struct
>>>> rte_crypto_op *op)
>>>>
>>>>
>>>>   static inline uint64_t
>>>>   auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session
>>> *session,
>>>> -           uint32_t oop)
>>>> +           uint32_t oop, const uint32_t auth_offset,
>>>> +           const uint32_t cipher_offset, const uint32_t auth_length,
>>>> +           const uint32_t cipher_length)
>>>>   {
>>>>      struct rte_mbuf *m_src, *m_dst;
>>>>      uint8_t *p_src, *p_dst;
>>>> @@ -1066,7 +1068,7 @@ auth_start_offset(struct rte_crypto_op *op,
>>>> struct aesni_mb_session *session,
>>>>
>>>>
>>>>      /* Only cipher then hash needs special calculation. */
>>>>      if (!oop || session->chain_order != CIPHER_HASH)
>>>> -           return op->sym->auth.data.offset;
>>>> +           return auth_offset;
>>>>
>>>>
>>>>      m_src = op->sym->m_src;
>>>>      m_dst = op->sym->m_dst;
>>>> @@ -1074,24 +1076,23 @@ auth_start_offset(struct rte_crypto_op *op,
>>> struct aesni_mb_session *session,
>>>>      p_src = rte_pktmbuf_mtod(m_src, uint8_t *);
>>>>      p_dst = rte_pktmbuf_mtod(m_dst, uint8_t *);
>>>>      u_src = (uintptr_t)p_src;
>>>> -   u_dst = (uintptr_t)p_dst + op->sym->auth.data.offset;
>>>> +   u_dst = (uintptr_t)p_dst + auth_offset;
>>>>
>>>>
>>>>      /**
>>>>       * Copy the content between cipher offset and auth offset for
>>> generating
>>>>       * correct digest.
>>>>       */
>>>> -   if (op->sym->cipher.data.offset > op->sym->auth.data.offset)
>>>> -           memcpy(p_dst + op->sym->auth.data.offset,
>>>> -                           p_src + op->sym->auth.data.offset,
>>>> -                           op->sym->cipher.data.offset -
>>>> -                           op->sym->auth.data.offset);
>>>> -
>>>> +   if (cipher_offset > auth_offset)
>>>> +           memcpy(p_dst + auth_offset,
>>>> +                           p_src + auth_offset,
>>>> +                           cipher_offset -
>>>> +                           auth_offset);
>>>>      /**
>>>>       * Copy the content between (cipher offset + length) and (auth offset +
>>>>       * length) for generating correct digest
>>>>       */
>>>> -   cipher_end = op->sym->cipher.data.offset + op->sym-
>>>> cipher.data.length;
>>>> -   auth_end = op->sym->auth.data.offset + op->sym->auth.data.length;
>>>> +   cipher_end = cipher_offset + cipher_length;
>>>> +   auth_end = auth_offset + auth_length;
>>>>      if (cipher_end < auth_end)
>>>>              memcpy(p_dst + cipher_end, p_src + cipher_end,
>>>>                              auth_end - cipher_end);
>>>> @@ -1246,6 +1247,10 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>> aesni_mb_qp *qp,
>>>>      struct rte_mbuf *m_src = op->sym->m_src, *m_dst;
>>>>      struct aesni_mb_session *session;
>>>>      uint32_t m_offset, oop;
>>>> +   uint32_t auth_off_in_bytes;
>>>> +   uint32_t ciph_off_in_bytes;
>>>> +   uint32_t auth_len_in_bytes;
>>>> +   uint32_t ciph_len_in_bytes;
>>>>
>>>>
>>>>      session = get_session(qp, op);
>>>>      if (session == NULL) {
>>>> @@ -1362,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>> aesni_mb_qp *qp,
>>>>      if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3) {
>>>>              job->aes_enc_key_expanded = session->cipher.zuc_cipher_key;
>>>>              job->aes_dec_key_expanded = session->cipher.zuc_cipher_key;
>>>> +           m_offset >>= 3;
>>>>      } else if (job->cipher_mode == IMB_CIPHER_SNOW3G_UEA2_BITLEN) {
>>>>              job->enc_keys = &session->cipher.pKeySched_snow3g_cipher;
>>>>              m_offset = 0;
>>>> @@ -1418,9 +1424,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>>> aesni_mb_qp *qp,
>>>>
>>>>
>>>>      switch (job->hash_alg) {
>>>>      case AES_CCM:
>>>> -           job->cipher_start_src_offset_in_bytes =
>>>> -                           op->sym->aead.data.offset;
>>>> -           job->msg_len_to_cipher_in_bytes = op->sym-
>>>> aead.data.length;
>>>>              job->hash_start_src_offset_in_bytes = op->sym-
>>>> aead.data.offset;
>>>>              job->msg_len_to_hash_in_bytes = op->sym->aead.data.length;
>>>>
>>>>
>>>> @@ -1430,19 +1433,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>>> aesni_mb_qp *qp,
>>>>
>>>>
>>>>      case AES_GMAC:
>>>>              if (session->cipher.mode == GCM) {
>>>> -                   job->cipher_start_src_offset_in_bytes =
>>>> -                                   op->sym->aead.data.offset;
>>>>                      job->hash_start_src_offset_in_bytes =
>>>>                                      op->sym->aead.data.offset;
>>>> -                   job->msg_len_to_cipher_in_bytes =
>>>> -                                   op->sym->aead.data.length;
>>>>                      job->msg_len_to_hash_in_bytes =
>>>>                                      op->sym->aead.data.length;
>>>>              } else {
>>>> -                   job->cipher_start_src_offset_in_bytes =
>>>> -                                   op->sym->auth.data.offset;
>>>> -                   job->hash_start_src_offset_in_bytes =
>>>> -                                   op->sym->auth.data.offset;
>>>>                      job->msg_len_to_cipher_in_bytes = 0;
>>>>                      job->msg_len_to_hash_in_bytes = 0;
>>>>              }
>>>> @@ -1453,10 +1448,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>>> aesni_mb_qp *qp,
>>>>
>>>>
>>>>   #if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
>>>>      case IMB_AUTH_CHACHA20_POLY1305:
>>>> -           job->cipher_start_src_offset_in_bytes = op->sym-
>>>> aead.data.offset;
>>>>              job->hash_start_src_offset_in_bytes = op->sym-
>>>> aead.data.offset;
>>>> -           job->msg_len_to_cipher_in_bytes =
>>>> -                           op->sym->aead.data.length;
>>>>              job->msg_len_to_hash_in_bytes =
>>>>                                      op->sym->aead.data.length;
>>>>
>>>>
>>>> @@ -1464,26 +1456,85 @@ set_mb_job_params(JOB_AES_HMAC *job, struct
>>> aesni_mb_qp *qp,
>>>>                              session->iv.offset);
>>>>              break;
>>>>   #endif
>>>> -   default:
>>>> -           /* For SNOW3G, length and offsets are already in bits */
>>>> -           job->cipher_start_src_offset_in_bytes =
>>>> -                           op->sym->cipher.data.offset;
>>>> -           job->msg_len_to_cipher_in_bytes = op->sym-
>>>> cipher.data.length;
>>>> +#if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
>>>> +   /* ZUC and SNOW3G require length in bits and offset in bytes */
>>>> +   case IMB_AUTH_ZUC_EIA3_BITLEN:
>>>> +   case IMB_AUTH_SNOW3G_UIA2_BITLEN:
>>>> +           auth_off_in_bytes = op->sym->auth.data.offset >> 3;
>>>> +           ciph_off_in_bytes = op->sym->cipher.data.offset >> 3;
>>>> +           auth_len_in_bytes = op->sym->auth.data.length >> 3;
>>>> +           ciph_len_in_bytes = op->sym->cipher.data.length >> 3;
>>>> +
>>>> +           job->hash_start_src_offset_in_bytes = auth_start_offset(op,
>>>> +                           session, oop, auth_off_in_bytes,
>>>> +                           ciph_off_in_bytes, auth_len_in_bytes,
>>>> +                           ciph_len_in_bytes);
>>>> +           job->msg_len_to_hash_in_bits = op->sym->auth.data.length;
>>>> +
>>>> +           job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
>>>> +                   session->iv.offset);
>>>> +           break;
>>>> +
>>>> +   /* KASUMI requires lengths and offset in bytes */
>>>> +   case IMB_AUTH_KASUMI_UIA1:
>>>> +           auth_off_in_bytes = op->sym->auth.data.offset >> 3;
>>>> +           ciph_off_in_bytes = op->sym->cipher.data.offset >> 3;
>>>> +           auth_len_in_bytes = op->sym->auth.data.length >> 3;
>>>> +           ciph_len_in_bytes = op->sym->cipher.data.length >> 3;
>>>>
>>>>
>>>>              job->hash_start_src_offset_in_bytes = auth_start_offset(op,
>>>> -                           session, oop);
>>>> +                           session, oop, auth_off_in_bytes,
>>>> +                           ciph_off_in_bytes, auth_len_in_bytes,
>>>> +                           ciph_len_in_bytes);
>>>> +           job->msg_len_to_hash_in_bytes = auth_len_in_bytes;
>>>> +
>>>> +           job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
>>>> +                   session->iv.offset);
>>>> +           break;
>>>> +#endif
>>>> +
>>>> +   default:
>>>> +           job->hash_start_src_offset_in_bytes = auth_start_offset(op,
>>>> +                           session, oop, op->sym->auth.data.offset,
>>>> +                           op->sym->cipher.data.offset,
>>>> +                           op->sym->auth.data.length,
>>>> +                           op->sym->cipher.data.length);
>>>>              job->msg_len_to_hash_in_bytes = op->sym->auth.data.length;
>>>>
>>>>
>>>>              job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
>>>>                      session->iv.offset);
>>>>      }
>>>>
>>>>
>>>> +   switch (job->cipher_mode) {
>>>>   #if IMB_VERSION(0, 53, 3) <= IMB_VERSION_NUM
>>>> -   if (job->cipher_mode == IMB_CIPHER_ZUC_EEA3)
>>>> -           job->msg_len_to_cipher_in_bytes >>= 3;
>>>> -   else if (job->hash_alg == IMB_AUTH_KASUMI_UIA1)
>>>> -           job->msg_len_to_hash_in_bytes >>= 3;
>>>> +   /* ZUC requires length and offset in bytes */
>>>> +   case IMB_CIPHER_ZUC_EEA3:
>>>> +           job->cipher_start_src_offset_in_bytes =
>>>> +                                   op->sym->cipher.data.offset >> 3;
>>>> +           job->msg_len_to_cipher_in_bytes =
>>>> +                                   op->sym->cipher.data.length >> 3;
>>>> +           break;
>>>> +   /* ZUC and SNOW3G require length and offset in bits */
>>>> +   case IMB_CIPHER_SNOW3G_UEA2_BITLEN:
>>>> +   case IMB_CIPHER_KASUMI_UEA1_BITLEN:
>>>> +           job->cipher_start_src_offset_in_bits =
>>>> +                                   op->sym->cipher.data.offset;
>>>> +           job->msg_len_to_cipher_in_bits =
>>>> +                                   op->sym->cipher.data.length;
>>>> +           break;
>>>>   #endif
>>>> +   case IMB_CIPHER_CCM:
>>>> +   case IMB_CIPHER_GCM:
>>>> +   case IMB_CIPHER_CHACHA20_POLY1305:
>>>> +           job->cipher_start_src_offset_in_bytes =
>>>> +                           op->sym->aead.data.offset;
>>>> +           job->msg_len_to_cipher_in_bytes = op->sym-
>>>> aead.data.length;
>>>> +           break;
>>>> +   default:
>>>> +           job->cipher_start_src_offset_in_bytes =
>>>> +                                   op->sym->cipher.data.offset;
>>>> +           job->msg_len_to_cipher_in_bytes = op->sym-
>>>> cipher.data.length;
>>>> +   }
>>>>
>>>>
>>>>      /* Set user data to be crypto operation data struct */
>>>>      job->user_data = op;
>>>
>>> This breaks the build on Ubuntu 20.04:
>>>
>>> [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c: In function
>>> ‘set_mb_job_params’:
>>> [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: error:
>>> ‘IMB_CIPHER_GCM’ undeclared (first use in this function) [ 1944s]  1526 |  case
>>> IMB_CIPHER_GCM:
>>> [ 1944s]       |       ^~~~~~~~~~~~~~
>>> [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: note: each
>>> undeclared identifier is reported only once for each function it appears in [
>>> 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1527:31: error:
>>> ‘IMB_CIPHER_NULL’ undeclared (first use in this function)
>>> [ 1944s]  1527 |   if (session->cipher.mode == IMB_CIPHER_NULL) {
>>> [ 1944s]       |                               ^~~~~~~~~~~~~~~
>>> [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1538:7: error:
>>> ‘IMB_CIPHER_CCM’ undeclared (first use in this function) [ 1944s]  1538 |  case
>>> IMB_CIPHER_CCM:
>>> [ 1944s]       |       ^~~~~~~~~~~~~~
>>> [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1539:7: error:
>>> ‘IMB_CIPHER_CHACHA20_POLY1305’ undeclared (first use in this function); did
>>> you mean ‘RTE_CRYPTO_AEAD_CHACHA20_POLY1305’?
>>> [ 1944s]  1539 |  case IMB_CIPHER_CHACHA20_POLY1305:
>>> [ 1944s]       |       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> [ 1944s]       |       RTE_CRYPTO_AEAD_CHACHA20_POLY1305
>>>
>>> https://build.opensuse.org/package/live_build_log/home:bluca:dpdk/dpdk-
>>> 20.11/Ubuntu_20.04/x86_64
>>
>> Apologies, I did not see this till today. I don't think this patch is actually breaking the build.
>> To me, it looks like an environment issue (IMB_CIPHER_GCM for instance is already present in the code).
>> I wonder if that system has the right version of IPSec Multi buffer library.
>> Only versions from v1.0 onwards are supported.
>>
>> Thanks,
>> Pablo
> 
> In 20.11 ipsec-mb v0.52.0 and over are supported:
> 
> https://git.dpdk.org/dpdk-stable/tree/drivers/crypto/aesni_mb/meson.build?h=20.11#n4
> 
> If this patch requires a new version and breaks backward
> compatibility, then it does not appear to be not suitable for
> backporting.
> 

+1

Just to confirm for 21.11 there was already a dependency of 1.0.0, so 
patches would be suitable for it.