From: Pablo de Lara <pablo.de.lara.guarch@intel.com>
To: roy.fan.zhang@intel.com, ciara.power@intel.com
Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>,
stable@dpdk.org
Subject: [PATCH] crypto/ipsec_mb: fix cipher key setting
Date: Mon, 22 Nov 2021 17:47:29 +0000 [thread overview]
Message-ID: <20211122174729.1153925-1-pablo.de.lara.guarch@intel.com> (raw)
When authenticating with SNOW3G, KASUMI and ZUC,
the pointers for encryption/decryption keys is not set.
If a cipher algorithm such as AES-CBC is also used,
the application would seg fault.
Hence, these pointers should be set to some value by default.
Command line to replicate the issue:
./build/app/dpdk-test-crypto-perf -l 4,5 -n 6 --vdev="crypto_aesni_mb" -- \
--devtype="crypto_aesni_mb" --optype=cipher-then-auth --auth-algo snow3g-uia2 \
--auth-key-sz 16 --auth-iv-sz 16 --digest-sz 4 --silent --total-ops 1000000 \
--auth-op generate --burst-sz 32 --cipher-algo aes-ctr
--cipher-key-sz 16 --cipher-iv-sz 16
Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9")
Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2")
Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
index e05bc04c3b..a308d42ffa 100644
--- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
+++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
@@ -1120,6 +1120,14 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
const int aead = is_aead_algo(job->hash_alg, job->cipher_mode);
+ if (job->cipher_mode == IMB_CIPHER_DES3) {
+ job->enc_keys = session->cipher.exp_3des_keys.ks_ptr;
+ job->dec_keys = session->cipher.exp_3des_keys.ks_ptr;
+ } else {
+ job->enc_keys = session->cipher.expanded_aes_keys.encode;
+ job->dec_keys = session->cipher.expanded_aes_keys.decode;
+ }
+
switch (job->hash_alg) {
case IMB_AUTH_AES_XCBC:
job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
@@ -1189,13 +1197,6 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
job->u.HMAC._hashed_auth_key_xor_opad =
session->auth.pads.outer;
- if (job->cipher_mode == IMB_CIPHER_DES3) {
- job->enc_keys = session->cipher.exp_3des_keys.ks_ptr;
- job->dec_keys = session->cipher.exp_3des_keys.ks_ptr;
- } else {
- job->enc_keys = session->cipher.expanded_aes_keys.encode;
- job->dec_keys = session->cipher.expanded_aes_keys.decode;
- }
}
if (aead)
--
2.25.1
next reply other threads:[~2021-11-22 17:47 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-22 17:47 Pablo de Lara [this message]
2021-11-23 8:22 ` Power, Ciara
2021-11-23 13:09 ` Zhang, Roy Fan
2021-11-23 18:39 ` Akhil Goyal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20211122174729.1153925-1-pablo.de.lara.guarch@intel.com \
--to=pablo.de.lara.guarch@intel.com \
--cc=ciara.power@intel.com \
--cc=dev@dpdk.org \
--cc=roy.fan.zhang@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).