From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pablo.de.lara.guarch@intel.com>
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 by dpdk.org (Postfix) with ESMTP id 0863B5A6A;
 Mon, 26 Jun 2017 20:22:58 +0200 (CEST)
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 26 Jun 2017 11:22:58 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.39,396,1493708400"; d="scan'208";a="101655443"
Received: from silpixa00399464.ir.intel.com (HELO
 silpixa00399464.ger.corp.intel.com) ([10.237.222.157])
 by orsmga004.jf.intel.com with ESMTP; 26 Jun 2017 11:22:56 -0700
From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: declan.doherty@intel.com, zbigniew.bodek@caviumnetworks.com,
 jerin.jacob@caviumnetworks.com, akhil.goyal@nxp.com, hemant.agrawal@nxp.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>,
 stable@dpdk.org
Date: Mon, 26 Jun 2017 11:22:40 +0100
Message-Id: <20170626102300.56637-8-pablo.de.lara.guarch@intel.com>
X-Mailer: git-send-email 2.9.4
In-Reply-To: <20170626102300.56637-1-pablo.de.lara.guarch@intel.com>
References: <1496005522-134934-1-git-send-email-pablo.de.lara.guarch@intel.com>
 <20170626102300.56637-1-pablo.de.lara.guarch@intel.com>
Subject: [dpdk-dev] [PATCH v2 07/27] crypto/qat: fix KASUMI authentication
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jun 2017 18:23:00 -0000

QAT PMD was assuming that cipher IV was always prepended,
before the input buffer, but it is not necessary to have it
there, only the auth IV (COUNT and FRESH) and the input buffer
needs to be contiguous, with the direction bit after.

If AAD (containing the IV for authentication)
is not just before the message, the authentication will fail.
Therefore, the headroom of the input buffer is used to
copy the AAD, and then it is removed after the operation is
finished.

It was also assuming that the IV was starting at offset 0,
which is not always the case.

Fixes: d4f2745300e0 ("crypto/qat: add KASUMI")
CC: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/qat/qat_crypto.c | 37 ++++++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 9b294e4..bdd5bab 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -812,6 +812,11 @@ qat_pmd_dequeue_op_burst(void *qp, struct rte_crypto_op **ops,
 						(rx_op->sym->session->_private);
 			if (sess->bpi_ctx)
 				qat_bpicipher_postprocess(sess, rx_op);
+			if (sess->qat_hash_alg ==
+					ICP_QAT_HW_AUTH_ALGO_KASUMI_F9)
+				/* Trim area used for authentication IV. */
+				rte_pktmbuf_adj(rx_op->sym->m_src,
+						ICP_QAT_HW_KASUMI_BLK_SZ);
 			rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 		}
 
@@ -1012,15 +1017,25 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 
 			if (ctx->qat_hash_alg ==
 					ICP_QAT_HW_AUTH_ALGO_KASUMI_F9) {
-				if (do_cipher) {
-					auth_len = auth_len + auth_ofs + 1 -
-						ICP_QAT_HW_KASUMI_BLK_SZ;
-					auth_ofs = ICP_QAT_HW_KASUMI_BLK_SZ;
-				} else {
-					auth_len = auth_len + auth_ofs + 1;
-					auth_ofs = 0;
-				}
-			}
+				/*
+				 * Prepend IV in mbuf, as IV and the plaintext
+				 * needs to be contiguous
+				 */
+				uint8_t *auth_iv_ptr_dst =
+						(uint8_t *) rte_pktmbuf_prepend(
+							op->sym->m_src,
+							ICP_QAT_HW_KASUMI_BLK_SZ);
+				const uint8_t *auth_iv_ptr_src =
+						op->sym->auth.aad.data;
+				rte_memcpy(auth_iv_ptr_dst, auth_iv_ptr_src,
+					       ICP_QAT_HW_KASUMI_BLK_SZ);
+				/* Auth IV and message is contiguous + direction bit */
+				auth_len = auth_len + ICP_QAT_HW_KASUMI_BLK_SZ + 1;
+				/* Buffer to cipher starts after auth IV */
+				if (do_cipher)
+					cipher_ofs += ICP_QAT_HW_KASUMI_BLK_SZ;
+			} else
+				auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
 
 		} else if (ctx->qat_hash_alg ==
 					ICP_QAT_HW_AUTH_ALGO_GALOIS_128 ||
@@ -1028,6 +1043,8 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 					ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
 			auth_ofs = op->sym->cipher.data.offset;
 			auth_len = op->sym->cipher.data.length;
+
+			auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
 		} else {
 			auth_ofs = op->sym->auth.data.offset;
 			auth_len = op->sym->auth.data.length;
@@ -1036,8 +1053,6 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 
 		auth_param->auth_res_addr = op->sym->auth.digest.phys_addr;
 
-		auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
-
 	}
 
 	if (op->sym->m_src->next || (op->sym->m_dst && op->sym->m_dst->next))
-- 
2.9.4