From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id D17A8A034D for ; Mon, 14 Mar 2022 13:20:16 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 98F5140150; Mon, 14 Mar 2022 13:20:16 +0100 (CET) Received: from mail-wr1-f51.google.com (mail-wr1-f51.google.com [209.85.221.51]) by mails.dpdk.org (Postfix) with ESMTP id 2EFDD40150 for ; Mon, 14 Mar 2022 13:20:15 +0100 (CET) Received: by mail-wr1-f51.google.com with SMTP id x15so23571042wru.13 for ; Mon, 14 Mar 2022 05:20:15 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:subject:from:to:date:in-reply-to :references:content-transfer-encoding:user-agent:mime-version; bh=NRrBr3fSAHcemX32WRBo8VhfCyKuos1M2nV+4fsz67A=; b=B+mNiCcuEwMW1YyOuhEbigh+huX1X/RpU7QQD4chiCK7tZ6u/8e7lZsoiguvwl7Cqd t0DzLCOAe99eA9iuJrESEi1ks8EAjNFlPhzjKyPG+zWpP7OdhNxS61Qi7HcODfSmhOtb PEgB/0dx3s2o1GEOUgBtc/LrdSC+cHD0kyBFdwIo5m1sEOgVqBBbjvlIJpM1JPPG7Bij VOvmoY1a0RBKor4bVggmjoPBPSL5Cbjcw9aV3ziqdYVUWxL9xBkD204d1k1ah4uDR5ue 9LIeifNPglAkNUsieHSRZucCz2E8w+gi0kNP08x/j9ttY6gPoojxsIH8aw9DvK0E2IFn 1UzA== X-Gm-Message-State: AOAM533/p1coQhzKTqZv/xA6xBhSGmKKptRy9FARKFQo6hh5Pktnp3a4 xYhF/3MCI49jCHDJccCU8LBa72lMLxs2qQ== X-Google-Smtp-Source: ABdhPJwTOz41k/7/BC/k3YUw03hFMLZvV5afiUaG8ywW9xFg6hYPSpZb29NLPqfHz7n2uHNvG2DoVg== X-Received: by 2002:a05:6000:1847:b0:203:813a:509e with SMTP id c7-20020a056000184700b00203813a509emr16266667wri.329.1647260414860; Mon, 14 Mar 2022 05:20:14 -0700 (PDT) Received: from localhost ([2a01:4b00:f41a:3600:360b:9754:2e3a:c344]) by smtp.gmail.com with ESMTPSA id i9-20020adffdc9000000b001f046861795sm12983960wrs.19.2022.03.14.05.20.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Mar 2022 05:20:14 -0700 (PDT) Message-ID: Subject: Re: [PATCH 20.11 1/2] crypto/ipsec_mb: fix length and offset settings From: Luca Boccassi To: Pablo de Lara , stable@dpdk.org Date: Mon, 14 Mar 2022 12:20:13 +0000 In-Reply-To: <20220314110559.1502861-1-pablo.de.lara.guarch@intel.com> References: <20220314110559.1502861-1-pablo.de.lara.guarch@intel.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.38.3-1+plugin MIME-Version: 1.0 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org On Mon, 2022-03-14 at 11:05 +0000, Pablo de Lara wrote: > [ upstream commit a501609ea6466ed8526c0dfadedee332a4d4a451 ] >=20 > KASUMI, SNOW3G and ZUC require lengths and offsets to > be set in bits or bytes depending on the algorithm. > There were some algorithms that were mixing these two, > so this commit is fixing this issue. >=20 > Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9") > Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2") > Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3") >=20 > Signed-off-by: Pablo de Lara > --- > =C2=A0drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 121 +++++++++++++++---= --- > =C2=A01 file changed, 86 insertions(+), 35 deletions(-) >=20 > diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/= aesni_mb/rte_aesni_mb_pmd.c > index f4ffb21e10..07f5caa76f 100644 > --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c > @@ -1057,7 +1057,9 @@ get_session(struct aesni_mb_qp *qp, struct rte_cryp= to_op *op) > =C2=A0 >=20 > =C2=A0static inline uint64_t > =C2=A0auth_start_offset(struct rte_crypto_op *op, struct aesni_mb_session= *session, > - uint32_t oop) > + uint32_t oop, const uint32_t auth_offset, > + const uint32_t cipher_offset, const uint32_t auth_length, > + const uint32_t cipher_length) > =C2=A0{ > =C2=A0 struct rte_mbuf *m_src, *m_dst; > =C2=A0 uint8_t *p_src, *p_dst; > @@ -1066,7 +1068,7 @@ auth_start_offset(struct rte_crypto_op *op, struct = aesni_mb_session *session, > =C2=A0 >=20 > =C2=A0 /* Only cipher then hash needs special calculation. */ > =C2=A0 if (!oop || session->chain_order !=3D CIPHER_HASH) > - return op->sym->auth.data.offset; > + return auth_offset; > =C2=A0 >=20 > =C2=A0 m_src =3D op->sym->m_src; > =C2=A0 m_dst =3D op->sym->m_dst; > @@ -1074,24 +1076,23 @@ auth_start_offset(struct rte_crypto_op *op, struc= t aesni_mb_session *session, > =C2=A0 p_src =3D rte_pktmbuf_mtod(m_src, uint8_t *); > =C2=A0 p_dst =3D rte_pktmbuf_mtod(m_dst, uint8_t *); > =C2=A0 u_src =3D (uintptr_t)p_src; > - u_dst =3D (uintptr_t)p_dst + op->sym->auth.data.offset; > + u_dst =3D (uintptr_t)p_dst + auth_offset; > =C2=A0 >=20 > =C2=A0 /** > =C2=A0 * Copy the content between cipher offset and auth offset for gene= rating > =C2=A0 * correct digest. > =C2=A0 */ > - if (op->sym->cipher.data.offset > op->sym->auth.data.offset) > - memcpy(p_dst + op->sym->auth.data.offset, > - p_src + op->sym->auth.data.offset, > - op->sym->cipher.data.offset - > - op->sym->auth.data.offset); > - > + if (cipher_offset > auth_offset) > + memcpy(p_dst + auth_offset, > + p_src + auth_offset, > + cipher_offset - > + auth_offset); > =C2=A0 /** > =C2=A0 * Copy the content between (cipher offset + length) and (auth off= set + > =C2=A0 * length) for generating correct digest > =C2=A0 */ > - cipher_end =3D op->sym->cipher.data.offset + op->sym->cipher.data.lengt= h; > - auth_end =3D op->sym->auth.data.offset + op->sym->auth.data.length; > + cipher_end =3D cipher_offset + cipher_length; > + auth_end =3D auth_offset + auth_length; > =C2=A0 if (cipher_end < auth_end) > =C2=A0 memcpy(p_dst + cipher_end, p_src + cipher_end, > =C2=A0 auth_end - cipher_end); > @@ -1246,6 +1247,10 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_= mb_qp *qp, > =C2=A0 struct rte_mbuf *m_src =3D op->sym->m_src, *m_dst; > =C2=A0 struct aesni_mb_session *session; > =C2=A0 uint32_t m_offset, oop; > + uint32_t auth_off_in_bytes; > + uint32_t ciph_off_in_bytes; > + uint32_t auth_len_in_bytes; > + uint32_t ciph_len_in_bytes; > =C2=A0 >=20 > =C2=A0 session =3D get_session(qp, op); > =C2=A0 if (session =3D=3D NULL) { > @@ -1362,6 +1367,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_m= b_qp *qp, > =C2=A0 if (job->cipher_mode =3D=3D IMB_CIPHER_ZUC_EEA3) { > =C2=A0 job->aes_enc_key_expanded =3D session->cipher.zuc_cipher_key; > =C2=A0 job->aes_dec_key_expanded =3D session->cipher.zuc_cipher_key; > + m_offset >>=3D 3; > =C2=A0 } else if (job->cipher_mode =3D=3D IMB_CIPHER_SNOW3G_UEA2_BITLEN) = { > =C2=A0 job->enc_keys =3D &session->cipher.pKeySched_snow3g_cipher; > =C2=A0 m_offset =3D 0; > @@ -1418,9 +1424,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_m= b_qp *qp, > =C2=A0 >=20 > =C2=A0 switch (job->hash_alg) { > =C2=A0 case AES_CCM: > - job->cipher_start_src_offset_in_bytes =3D > - op->sym->aead.data.offset; > - job->msg_len_to_cipher_in_bytes =3D op->sym->aead.data.length; > =C2=A0 job->hash_start_src_offset_in_bytes =3D op->sym->aead.data.offset= ; > =C2=A0 job->msg_len_to_hash_in_bytes =3D op->sym->aead.data.length; > =C2=A0 >=20 > @@ -1430,19 +1433,11 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni= _mb_qp *qp, > =C2=A0 >=20 > =C2=A0 case AES_GMAC: > =C2=A0 if (session->cipher.mode =3D=3D GCM) { > - job->cipher_start_src_offset_in_bytes =3D > - op->sym->aead.data.offset; > =C2=A0 job->hash_start_src_offset_in_bytes =3D > =C2=A0 op->sym->aead.data.offset; > - job->msg_len_to_cipher_in_bytes =3D > - op->sym->aead.data.length; > =C2=A0 job->msg_len_to_hash_in_bytes =3D > =C2=A0 op->sym->aead.data.length; > =C2=A0 } else { > - job->cipher_start_src_offset_in_bytes =3D > - op->sym->auth.data.offset; > - job->hash_start_src_offset_in_bytes =3D > - op->sym->auth.data.offset; > =C2=A0 job->msg_len_to_cipher_in_bytes =3D 0; > =C2=A0 job->msg_len_to_hash_in_bytes =3D 0; > =C2=A0 } > @@ -1453,10 +1448,7 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_= mb_qp *qp, > =C2=A0 >=20 > =C2=A0#if IMB_VERSION(0, 54, 3) <=3D IMB_VERSION_NUM > =C2=A0 case IMB_AUTH_CHACHA20_POLY1305: > - job->cipher_start_src_offset_in_bytes =3D op->sym->aead.data.offset; > =C2=A0 job->hash_start_src_offset_in_bytes =3D op->sym->aead.data.offset= ; > - job->msg_len_to_cipher_in_bytes =3D > - op->sym->aead.data.length; > =C2=A0 job->msg_len_to_hash_in_bytes =3D > =C2=A0 op->sym->aead.data.length; > =C2=A0 >=20 > @@ -1464,26 +1456,85 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni= _mb_qp *qp, > =C2=A0 session->iv.offset); > =C2=A0 break; > =C2=A0#endif > - default: > - /* For SNOW3G, length and offsets are already in bits */ > - job->cipher_start_src_offset_in_bytes =3D > - op->sym->cipher.data.offset; > - job->msg_len_to_cipher_in_bytes =3D op->sym->cipher.data.length; > +#if IMB_VERSION(0, 53, 3) <=3D IMB_VERSION_NUM > + /* ZUC and SNOW3G require length in bits and offset in bytes */ > + case IMB_AUTH_ZUC_EIA3_BITLEN: > + case IMB_AUTH_SNOW3G_UIA2_BITLEN: > + auth_off_in_bytes =3D op->sym->auth.data.offset >> 3; > + ciph_off_in_bytes =3D op->sym->cipher.data.offset >> 3; > + auth_len_in_bytes =3D op->sym->auth.data.length >> 3; > + ciph_len_in_bytes =3D op->sym->cipher.data.length >> 3; > + > + job->hash_start_src_offset_in_bytes =3D auth_start_offset(op, > + session, oop, auth_off_in_bytes, > + ciph_off_in_bytes, auth_len_in_bytes, > + ciph_len_in_bytes); > + job->msg_len_to_hash_in_bits =3D op->sym->auth.data.length; > + > + job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > + session->iv.offset); > + break; > + > + /* KASUMI requires lengths and offset in bytes */ > + case IMB_AUTH_KASUMI_UIA1: > + auth_off_in_bytes =3D op->sym->auth.data.offset >> 3; > + ciph_off_in_bytes =3D op->sym->cipher.data.offset >> 3; > + auth_len_in_bytes =3D op->sym->auth.data.length >> 3; > + ciph_len_in_bytes =3D op->sym->cipher.data.length >> 3; > =C2=A0 >=20 > =C2=A0 job->hash_start_src_offset_in_bytes =3D auth_start_offset(op, > - session, oop); > + session, oop, auth_off_in_bytes, > + ciph_off_in_bytes, auth_len_in_bytes, > + ciph_len_in_bytes); > + job->msg_len_to_hash_in_bytes =3D auth_len_in_bytes; > + > + job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > + session->iv.offset); > + break; > +#endif > + > + default: > + job->hash_start_src_offset_in_bytes =3D auth_start_offset(op, > + session, oop, op->sym->auth.data.offset, > + op->sym->cipher.data.offset, > + op->sym->auth.data.length, > + op->sym->cipher.data.length); > =C2=A0 job->msg_len_to_hash_in_bytes =3D op->sym->auth.data.length; > =C2=A0 >=20 > =C2=A0 job->iv =3D rte_crypto_op_ctod_offset(op, uint8_t *, > =C2=A0 session->iv.offset); > =C2=A0 } > =C2=A0 >=20 > + switch (job->cipher_mode) { > =C2=A0#if IMB_VERSION(0, 53, 3) <=3D IMB_VERSION_NUM > - if (job->cipher_mode =3D=3D IMB_CIPHER_ZUC_EEA3) > - job->msg_len_to_cipher_in_bytes >>=3D 3; > - else if (job->hash_alg =3D=3D IMB_AUTH_KASUMI_UIA1) > - job->msg_len_to_hash_in_bytes >>=3D 3; > + /* ZUC requires length and offset in bytes */ > + case IMB_CIPHER_ZUC_EEA3: > + job->cipher_start_src_offset_in_bytes =3D > + op->sym->cipher.data.offset >> 3; > + job->msg_len_to_cipher_in_bytes =3D > + op->sym->cipher.data.length >> 3; > + break; > + /* ZUC and SNOW3G require length and offset in bits */ > + case IMB_CIPHER_SNOW3G_UEA2_BITLEN: > + case IMB_CIPHER_KASUMI_UEA1_BITLEN: > + job->cipher_start_src_offset_in_bits =3D > + op->sym->cipher.data.offset; > + job->msg_len_to_cipher_in_bits =3D > + op->sym->cipher.data.length; > + break; > =C2=A0#endif > + case IMB_CIPHER_CCM: > + case IMB_CIPHER_GCM: > + case IMB_CIPHER_CHACHA20_POLY1305: > + job->cipher_start_src_offset_in_bytes =3D > + op->sym->aead.data.offset; > + job->msg_len_to_cipher_in_bytes =3D op->sym->aead.data.length; > + break; > + default: > + job->cipher_start_src_offset_in_bytes =3D > + op->sym->cipher.data.offset; > + job->msg_len_to_cipher_in_bytes =3D op->sym->cipher.data.length; > + } > =C2=A0 >=20 > =C2=A0 /* Set user data to be crypto operation data struct */ > =C2=A0 job->user_data =3D op; This breaks the build on Ubuntu 20.04: [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c: In function =E2=80= =98set_mb_job_params=E2=80=99: [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: error: =E2= =80=98IMB_CIPHER_GCM=E2=80=99 undeclared (first use in this function) [ 1944s] 1526 | case IMB_CIPHER_GCM: [ 1944s] | ^~~~~~~~~~~~~~ [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1526:7: note: each u= ndeclared identifier is reported only once for each function it appears in [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1527:31: error: =E2= =80=98IMB_CIPHER_NULL=E2=80=99 undeclared (first use in this function) [ 1944s] 1527 | if (session->cipher.mode =3D=3D IMB_CIPHER_NULL) { [ 1944s] | ^~~~~~~~~~~~~~~ [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1538:7: error: =E2= =80=98IMB_CIPHER_CCM=E2=80=99 undeclared (first use in this function) [ 1944s] 1538 | case IMB_CIPHER_CCM: [ 1944s] | ^~~~~~~~~~~~~~ [ 1944s] ../drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c:1539:7: error: =E2= =80=98IMB_CIPHER_CHACHA20_POLY1305=E2=80=99 undeclared (first use in this f= unction); did you mean =E2=80=98RTE_CRYPTO_AEAD_CHACHA20_POLY1305=E2=80=99? [ 1944s] 1539 | case IMB_CIPHER_CHACHA20_POLY1305: [ 1944s] | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ [ 1944s] | RTE_CRYPTO_AEAD_CHACHA20_POLY1305 https://build.opensuse.org/package/live_build_log/home:bluca:dpdk/dpdk-20.1= 1/Ubuntu_20.04/x86_64 --=20 Kind regards, Luca Boccassi