[dpdk-dev] [PATCH v1 1/3] examples/fips: fix hmac test failure

[dpdk-dev] [PATCH v1 1/3] examples/fips: fix hmac test failure

[Marko Kovacevic]

Application was failing as the HMAC and
Plain SHA fips request files are similar in a
way that they both have SHA- in the top section to
determine the hash algo and hash sizes. And HMAC having the
algo in the second line but the Plain SHA in the third
meant that when the HMAC files was used once it parsed the third
line Plain SHA was set as the algo and not HMAC.

USER1: Failed to get capability for cdev 0
USER1: Error -22: test block
[L=20 SHAAlg=SHA_2]
USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req

Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA")
Cc: damianx.nowak@intel.com

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/fips_validation.c | 80 +++++++++++++++++-------------
 1 file changed, 45 insertions(+), 35 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 2f8314fcc..a3c921e1d 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -98,6 +98,7 @@ fips_test_parse_header(void)
 	uint32_t i;
 	char *tmp;
 	int ret;
+	int algo_parsed = 0;
 	time_t t = time(NULL);
 	struct tm *tm_now = localtime(&t);
 
@@ -106,41 +107,50 @@ fips_test_parse_header(void)
 		return ret;
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
-		if (strstr(info.vec[i], "AESVS")) {
-			info.algo = FIPS_TEST_ALGO_AES;
-			ret = parse_test_aes_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "GCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_GCM;
-			ret = parse_test_gcm_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "CMAC")) {
-			info.algo = FIPS_TEST_ALGO_AES_CMAC;
-			ret = parse_test_cmac_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "CCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_CCM;
-			ret = parse_test_ccm_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "HMAC")) {
-			info.algo = FIPS_TEST_ALGO_HMAC;
-			ret = parse_test_hmac_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "TDES")) {
-			info.algo = FIPS_TEST_ALGO_TDES;
-			ret = parse_test_tdes_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "SHA-")) {
-			info.algo = FIPS_TEST_ALGO_SHA;
-			ret = parse_test_sha_init();
-			if (ret < 0)
-				return ret;
+		if(!algo_parsed){
+			if (strstr(info.vec[i], "AESVS")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES;
+				ret = parse_test_aes_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "GCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_GCM;
+				ret = parse_test_gcm_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "CMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CMAC;
+				ret = parse_test_cmac_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "CCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CCM;
+				ret = parse_test_ccm_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "HMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_HMAC;
+				ret = parse_test_hmac_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "TDES")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_TDES;
+				ret = parse_test_tdes_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "SHA-")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_SHA;
+				ret = parse_test_sha_init();
+				if (ret < 0)
+					return ret;
+			}
 		}
 
 		tmp = strstr(info.vec[i], "# Config info for ");
-- 
2.13.6

[dpdk-dev] [PATCH v1 1/3] examples/fips: fix hmac test failure

[Marko Kovacevic]

Application was failing as the HMAC and
Plain SHA fips request files are similar in a
way that they both have SHA- in the top section to
determine the hash algo and hash sizes. And HMAC having the
algo in the second line but the Plain SHA in the third
meant that when the HMAC files was used once it parsed the third
line Plain SHA was set as the algo and not HMAC.

USER1: Failed to get capability for cdev 0
USER1: Error -22: test block
[L=20 SHAAlg=SHA_2]
USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req

Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA")
Cc: damianx.nowak@intel.com

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/fips_validation.c | 80 +++++++++++++++++-------------
 1 file changed, 45 insertions(+), 35 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 2f8314fcc..a3c921e1d 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -98,6 +98,7 @@ fips_test_parse_header(void)
 	uint32_t i;
 	char *tmp;
 	int ret;
+	int algo_parsed = 0;
 	time_t t = time(NULL);
 	struct tm *tm_now = localtime(&t);
 
@@ -106,41 +107,50 @@ fips_test_parse_header(void)
 		return ret;
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
-		if (strstr(info.vec[i], "AESVS")) {
-			info.algo = FIPS_TEST_ALGO_AES;
-			ret = parse_test_aes_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "GCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_GCM;
-			ret = parse_test_gcm_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "CMAC")) {
-			info.algo = FIPS_TEST_ALGO_AES_CMAC;
-			ret = parse_test_cmac_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "CCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_CCM;
-			ret = parse_test_ccm_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "HMAC")) {
-			info.algo = FIPS_TEST_ALGO_HMAC;
-			ret = parse_test_hmac_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "TDES")) {
-			info.algo = FIPS_TEST_ALGO_TDES;
-			ret = parse_test_tdes_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "SHA-")) {
-			info.algo = FIPS_TEST_ALGO_SHA;
-			ret = parse_test_sha_init();
-			if (ret < 0)
-				return ret;
+		if(!algo_parsed){
+			if (strstr(info.vec[i], "AESVS")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES;
+				ret = parse_test_aes_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "GCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_GCM;
+				ret = parse_test_gcm_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "CMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CMAC;
+				ret = parse_test_cmac_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "CCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CCM;
+				ret = parse_test_ccm_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "HMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_HMAC;
+				ret = parse_test_hmac_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "TDES")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_TDES;
+				ret = parse_test_tdes_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "SHA-")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_SHA;
+				ret = parse_test_sha_init();
+				if (ret < 0)
+					return ret;
+			}
 		}
 
 		tmp = strstr(info.vec[i], "# Config info for ");
-- 
2.13.6

[dpdk-dev] [PATCH v1 2/3] examples/fips_validation: fix cmac test failure

[Marko Kovacevic]

As a result of the cmac test running the test where
PT len is 65536 it should give a result back to the
user USER1: Error -1: Prepare op USER1: PT len 65536
as this MSG len is not supported. Issue was
that the application was not freeing the op properly after
a while causing the app to fail.

CRYPTODEV: rte_cryptodev_sym_session_create() line 1340:
couldn't get object from session mempool
USER1: Error -12: test block
USER1: Error -12: Failed test CMAC/req/CMAC.req

Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5e3d5baa8..aef45055e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -949,19 +949,20 @@ fips_run_test(void)
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	ret = test_ops.prepare_op();
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Prepare op\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	if (rte_cryptodev_enqueue_burst(env.dev_id, 0, &env.op, 1) < 1) {
 		RTE_LOG(ERR, USER1, "Error: Failed enqueue\n");
-		return ret;
+		ret = -1;
+		goto exit;
 	}
 
 	do {
@@ -973,6 +974,7 @@ fips_run_test(void)
 
 	vec.status = env.op->status;
 
+exit:
 	rte_cryptodev_sym_session_clear(env.dev_id, env.sess);
 	rte_cryptodev_sym_session_free(env.sess);
 	env.sess = NULL;
-- 
2.13.6

[dpdk-dev] [PATCH v1 2/3] examples/fips_validation: fix cmac test failure

[Marko Kovacevic]

As a result of the cmac test running the test where
PT len is 65536 it should give a result back to the
user USER1: Error -1: Prepare op USER1: PT len 65536
as this MSG len is not supported. Issue was
that the application was not freeing the op properly after
a while causing the app to fail.

CRYPTODEV: rte_cryptodev_sym_session_create() line 1340:
couldn't get object from session mempool
USER1: Error -12: test block
USER1: Error -12: Failed test CMAC/req/CMAC.req

Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5e3d5baa8..aef45055e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -949,19 +949,20 @@ fips_run_test(void)
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	ret = test_ops.prepare_op();
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Prepare op\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	if (rte_cryptodev_enqueue_burst(env.dev_id, 0, &env.op, 1) < 1) {
 		RTE_LOG(ERR, USER1, "Error: Failed enqueue\n");
-		return ret;
+		ret = -1;
+		goto exit;
 	}
 
 	do {
@@ -973,6 +974,7 @@ fips_run_test(void)
 
 	vec.status = env.op->status;
 
+exit:
 	rte_cryptodev_sym_session_clear(env.dev_id, env.sess);
 	rte_cryptodev_sym_session_free(env.sess);
 	env.sess = NULL;
-- 
2.13.6

[dpdk-dev] [PATCH v1 3/3] cryptodev: fix uninitialized session clear

[Marko Kovacevic]

added check to see if a session for a device
has been initialised if it has return 0.

Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
Cc: roy.fan.zhang@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 lib/librte_cryptodev/rte_cryptodev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 2675e1ef7..00c2cf432 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1386,6 +1386,8 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 		return -EINVAL;
 
 	driver_id = dev->driver_id;
+	if (sess->sess_data[driver_id].refcnt == 0)
+		return 0;
 	if (--sess->sess_data[driver_id].refcnt != 0)
 		return -EBUSY;
 
-- 
2.13.6

[dpdk-dev] [PATCH v1 3/3] cryptodev: fix uninitialized session clear

[Marko Kovacevic]

added check to see if a session for a device
has been initialised if it has return 0.

Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
Cc: roy.fan.zhang@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 lib/librte_cryptodev/rte_cryptodev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 2675e1ef7..00c2cf432 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1386,6 +1386,8 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 		return -EINVAL;
 
 	driver_id = dev->driver_id;
+	if (sess->sess_data[driver_id].refcnt == 0)
+		return 0;
 	if (--sess->sess_data[driver_id].refcnt != 0)
 		return -EBUSY;
 
-- 
2.13.6

[dpdk-dev] [PATCH v2 1/3] examples/fips: fix hmac test failure

[Marko Kovacevic]

Application was failing as the HMAC and
Plain SHA fips request files are similar in a
way that they both have SHA- in the top section to
determine the hash algo and hash sizes. And HMAC having the
algo in the second line but the Plain SHA in the third
meant that when the HMAC files was used once it parsed the third
line Plain SHA was set as the algo and not HMAC.

USER1: Failed to get capability for cdev 0
USER1: Error -22: test block
[L=20 SHAAlg=SHA_2]
USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req

Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA")
Cc: damianx.nowak@intel.com

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
v2:
  Fixed checkpatch warning
---
 examples/fips_validation/fips_validation.c | 80 +++++++++++++++++-------------
 1 file changed, 45 insertions(+), 35 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 2f8314fcc..8d43b267e 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -98,6 +98,7 @@ fips_test_parse_header(void)
 	uint32_t i;
 	char *tmp;
 	int ret;
+	int algo_parsed = 0;
 	time_t t = time(NULL);
 	struct tm *tm_now = localtime(&t);
 
@@ -106,41 +107,50 @@ fips_test_parse_header(void)
 		return ret;
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
-		if (strstr(info.vec[i], "AESVS")) {
-			info.algo = FIPS_TEST_ALGO_AES;
-			ret = parse_test_aes_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "GCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_GCM;
-			ret = parse_test_gcm_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "CMAC")) {
-			info.algo = FIPS_TEST_ALGO_AES_CMAC;
-			ret = parse_test_cmac_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "CCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_CCM;
-			ret = parse_test_ccm_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "HMAC")) {
-			info.algo = FIPS_TEST_ALGO_HMAC;
-			ret = parse_test_hmac_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "TDES")) {
-			info.algo = FIPS_TEST_ALGO_TDES;
-			ret = parse_test_tdes_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "SHA-")) {
-			info.algo = FIPS_TEST_ALGO_SHA;
-			ret = parse_test_sha_init();
-			if (ret < 0)
-				return ret;
+		if (!algo_parsed) {
+			if (strstr(info.vec[i], "AESVS")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES;
+				ret = parse_test_aes_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "GCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_GCM;
+				ret = parse_test_gcm_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "CMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CMAC;
+				ret = parse_test_cmac_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "CCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CCM;
+				ret = parse_test_ccm_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "HMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_HMAC;
+				ret = parse_test_hmac_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "TDES")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_TDES;
+				ret = parse_test_tdes_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "SHA-")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_SHA;
+				ret = parse_test_sha_init();
+				if (ret < 0)
+					return ret;
+			}
 		}
 
 		tmp = strstr(info.vec[i], "# Config info for ");
-- 
2.13.6

[dpdk-dev] [PATCH v2 1/3] examples/fips: fix hmac test failure

[Marko Kovacevic]

Application was failing as the HMAC and
Plain SHA fips request files are similar in a
way that they both have SHA- in the top section to
determine the hash algo and hash sizes. And HMAC having the
algo in the second line but the Plain SHA in the third
meant that when the HMAC files was used once it parsed the third
line Plain SHA was set as the algo and not HMAC.

USER1: Failed to get capability for cdev 0
USER1: Error -22: test block
[L=20 SHAAlg=SHA_2]
USER1: Error -22: Failed test /root/FIPS/HMAC/req/HMAC.req

Fixes: f4797bae0050 ("examples/fips_validation: support plain SHA")
Cc: damianx.nowak@intel.com

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
v2:
  Fixed checkpatch warning
---
 examples/fips_validation/fips_validation.c | 80 +++++++++++++++++-------------
 1 file changed, 45 insertions(+), 35 deletions(-)

diff --git a/examples/fips_validation/fips_validation.c b/examples/fips_validation/fips_validation.c
index 2f8314fcc..8d43b267e 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -98,6 +98,7 @@ fips_test_parse_header(void)
 	uint32_t i;
 	char *tmp;
 	int ret;
+	int algo_parsed = 0;
 	time_t t = time(NULL);
 	struct tm *tm_now = localtime(&t);
 
@@ -106,41 +107,50 @@ fips_test_parse_header(void)
 		return ret;
 
 	for (i = 0; i < info.nb_vec_lines; i++) {
-		if (strstr(info.vec[i], "AESVS")) {
-			info.algo = FIPS_TEST_ALGO_AES;
-			ret = parse_test_aes_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "GCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_GCM;
-			ret = parse_test_gcm_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "CMAC")) {
-			info.algo = FIPS_TEST_ALGO_AES_CMAC;
-			ret = parse_test_cmac_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "CCM")) {
-			info.algo = FIPS_TEST_ALGO_AES_CCM;
-			ret = parse_test_ccm_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "HMAC")) {
-			info.algo = FIPS_TEST_ALGO_HMAC;
-			ret = parse_test_hmac_init();
-			if (ret < 0)
-				return ret;
-		} else if (strstr(info.vec[i], "TDES")) {
-			info.algo = FIPS_TEST_ALGO_TDES;
-			ret = parse_test_tdes_init();
-			if (ret < 0)
-				return 0;
-		} else if (strstr(info.vec[i], "SHA-")) {
-			info.algo = FIPS_TEST_ALGO_SHA;
-			ret = parse_test_sha_init();
-			if (ret < 0)
-				return ret;
+		if (!algo_parsed) {
+			if (strstr(info.vec[i], "AESVS")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES;
+				ret = parse_test_aes_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "GCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_GCM;
+				ret = parse_test_gcm_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "CMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CMAC;
+				ret = parse_test_cmac_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "CCM")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_AES_CCM;
+				ret = parse_test_ccm_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "HMAC")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_HMAC;
+				ret = parse_test_hmac_init();
+				if (ret < 0)
+					return ret;
+			} else if (strstr(info.vec[i], "TDES")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_TDES;
+				ret = parse_test_tdes_init();
+				if (ret < 0)
+					return 0;
+			} else if (strstr(info.vec[i], "SHA-")) {
+				algo_parsed = 1;
+				info.algo = FIPS_TEST_ALGO_SHA;
+				ret = parse_test_sha_init();
+				if (ret < 0)
+					return ret;
+			}
 		}
 
 		tmp = strstr(info.vec[i], "# Config info for ");
-- 
2.13.6

[dpdk-dev] [PATCH v2 2/3] examples/fips_validation: fix cmac test failure

[Marko Kovacevic]

As a result of the cmac test running the test where
PT len is 65536 it should give a result back to the
user USER1: Error -1: Prepare op USER1: PT len 65536
as this MSG len is not supported. Issue was
that the application was not freeing the op properly after
a while causing the app to fail.

CRYPTODEV: rte_cryptodev_sym_session_create() line 1340:
couldn't get object from session mempool
USER1: Error -12: test block
USER1: Error -12: Failed test CMAC/req/CMAC.req

Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5e3d5baa8..aef45055e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -949,19 +949,20 @@ fips_run_test(void)
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	ret = test_ops.prepare_op();
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Prepare op\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	if (rte_cryptodev_enqueue_burst(env.dev_id, 0, &env.op, 1) < 1) {
 		RTE_LOG(ERR, USER1, "Error: Failed enqueue\n");
-		return ret;
+		ret = -1;
+		goto exit;
 	}
 
 	do {
@@ -973,6 +974,7 @@ fips_run_test(void)
 
 	vec.status = env.op->status;
 
+exit:
 	rte_cryptodev_sym_session_clear(env.dev_id, env.sess);
 	rte_cryptodev_sym_session_free(env.sess);
 	env.sess = NULL;
-- 
2.13.6

[dpdk-dev] [PATCH v2 2/3] examples/fips_validation: fix cmac test failure

[Marko Kovacevic]

As a result of the cmac test running the test where
PT len is 65536 it should give a result back to the
user USER1: Error -1: Prepare op USER1: PT len 65536
as this MSG len is not supported. Issue was
that the application was not freeing the op properly after
a while causing the app to fail.

CRYPTODEV: rte_cryptodev_sym_session_create() line 1340:
couldn't get object from session mempool
USER1: Error -12: test block
USER1: Error -12: Failed test CMAC/req/CMAC.req

Fixes: cd255ccf5764 ("examples/fips_validation: support AES parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index 5e3d5baa8..aef45055e 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -949,19 +949,20 @@ fips_run_test(void)
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Init session\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	ret = test_ops.prepare_op();
 	if (ret < 0) {
 		RTE_LOG(ERR, USER1, "Error %i: Prepare op\n",
 				ret);
-		return ret;
+		goto exit;
 	}
 
 	if (rte_cryptodev_enqueue_burst(env.dev_id, 0, &env.op, 1) < 1) {
 		RTE_LOG(ERR, USER1, "Error: Failed enqueue\n");
-		return ret;
+		ret = -1;
+		goto exit;
 	}
 
 	do {
@@ -973,6 +974,7 @@ fips_run_test(void)
 
 	vec.status = env.op->status;
 
+exit:
 	rte_cryptodev_sym_session_clear(env.dev_id, env.sess);
 	rte_cryptodev_sym_session_free(env.sess);
 	env.sess = NULL;
-- 
2.13.6

[dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear

[Marko Kovacevic]

added check to see if a session for a device
has been initialised if it has return 0.

Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
Cc: roy.fan.zhang@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 lib/librte_cryptodev/rte_cryptodev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 2675e1ef7..00c2cf432 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1386,6 +1386,8 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 		return -EINVAL;
 
 	driver_id = dev->driver_id;
+	if (sess->sess_data[driver_id].refcnt == 0)
+		return 0;
 	if (--sess->sess_data[driver_id].refcnt != 0)
 		return -EBUSY;
 
-- 
2.13.6

[dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear

[Marko Kovacevic]

added check to see if a session for a device
has been initialised if it has return 0.

Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
Cc: roy.fan.zhang@intel.com
Cc: stable@dpdk.org

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 lib/librte_cryptodev/rte_cryptodev.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c
index 2675e1ef7..00c2cf432 100644
--- a/lib/librte_cryptodev/rte_cryptodev.c
+++ b/lib/librte_cryptodev/rte_cryptodev.c
@@ -1386,6 +1386,8 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id,
 		return -EINVAL;
 
 	driver_id = dev->driver_id;
+	if (sess->sess_data[driver_id].refcnt == 0)
+		return 0;
 	if (--sess->sess_data[driver_id].refcnt != 0)
 		return -EBUSY;
 
-- 
2.13.6

Re: [dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear

[Trahe, Fiona]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Marko Kovacevic
> Sent: Monday, April 15, 2019 4:05 PM
> To: dev@dpdk.org
> Cc: Mcnamara, John <john.mcnamara@intel.com>; Zhao, XinfengX <xinfengx.zhao@intel.com>;
> akhil.goyal@nxp.com; Kovacevic, Marko <marko.kovacevic@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>; stable@dpdk.org
> Subject: [dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear
> 
> added check to see if a session for a device
> has been initialised if it has return 0.
> 
> Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
> Cc: roy.fan.zhang@intel.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

Re: [dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear

[Trahe, Fiona]

> -----Original Message-----
> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Marko Kovacevic
> Sent: Monday, April 15, 2019 4:05 PM
> To: dev@dpdk.org
> Cc: Mcnamara, John <john.mcnamara@intel.com>; Zhao, XinfengX <xinfengx.zhao@intel.com>;
> akhil.goyal@nxp.com; Kovacevic, Marko <marko.kovacevic@intel.com>; Zhang, Roy Fan
> <roy.fan.zhang@intel.com>; stable@dpdk.org
> Subject: [dpdk-dev] [PATCH v2 3/3] cryptodev: fix uninitialized session clear
> 
> added check to see if a session for a device
> has been initialised if it has return 0.
> 
> Fixes: 5d6c73dd5938 ("cryptodev: add reference count to session private data")
> Cc: roy.fan.zhang@intel.com
> Cc: stable@dpdk.org
> 
> Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>