From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C0E8DA055D; Wed, 3 Mar 2021 10:00:51 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6715F40691; Wed, 3 Mar 2021 10:00:51 +0100 (CET) Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mails.dpdk.org (Postfix) with ESMTP id 6B5E040683 for ; Wed, 3 Mar 2021 10:00:49 +0100 (CET) IronPort-SDR: EaVEJwN9SrkWLMixxDVjnLAlGMhsvYBVJstELnwjCmpo/EC7fg5kslAchc7/H8MR+WdMNYH93l RabHY4AYxs2w== X-IronPort-AV: E=McAfee;i="6000,8403,9911"; a="183764000" X-IronPort-AV: E=Sophos;i="5.81,219,1610438400"; d="scan'208";a="183764000" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2021 01:00:45 -0800 IronPort-SDR: wvXnXz2IPbeIiBBGLVs/F9Dr7Rm0PRu9ZJSZUG526Z4qbMluAZMHDDxXuJhCKlaIOxlHyMS/ts QRIFCAT7PWaQ== X-IronPort-AV: E=Sophos;i="5.81,219,1610438400"; d="scan'208";a="445173923" Received: from joreil5x-mobl.amr.corp.intel.com (HELO [10.213.254.196]) ([10.213.254.196]) by orsmga001-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 03 Mar 2021 01:00:42 -0800 To: Linfeng Li , "dev@dpdk.org" Cc: "john.griffin@intel.com" , "fiona.trahe@intel.com" , "deepak.k.jain@intel.com" , Steve Rizor , Emil Meng References: From: "Doherty, Declan" Message-ID: <302300b3-6325-7b05-43f5-46423c905b1d@intel.com> Date: Wed, 3 Mar 2021 09:00:39 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: Re: [dpdk-dev] Potential bug in QAT PMD code X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" H On 23/02/2021 12:34 AM, Linfeng Li wrote: > Hi, > > > > We believe we found a potential bug in the QAT PMD code. > > > > file link: https://github.com/DPDK/dpdk/blob/main/drivers/crypto/qat/qat_sym.c > > > > The undesired behavior happens when: > * symmetric operation > * out-of-place operation > * encryption > * do cipher + do hash > * SGL enabled on either src/dst mbuf chain > * min_ofs is smaller than the length of the first segment of the src mbuf chain > > > > behavior: In dst mbuf, payload is ciphered as expected, but mac-i remains plain text where it's expected to be ciphered as well. > > > > potential cause: > * When min_ofs is smaller than the length of the first segment of the src mbuf chain with the foregoing scenario , auth_param->auth_off is calculated by auth_ofs-min_ofs(line 512 in qat_sym.c). > * When SGL enabled + do auth + do cipher, the remaining_off is calculated by auth_param->auth_off + auth_param->auth_len + alignment_adjustment(line 534 in qat_sym.c). so remaining_off doesn't include the offset applied on auth_param->auth_off in this scenario. > * The auth_data_end(line 546 in qat_sym.c) found doesn't seem proper since the while loop (line 540 in qat_sym.c) iterates from the very beginning of the dst mbuf. > > > > Proposal fix: > > add min_ofs in the calculation of remaining_off(line 534 in qat_sym.c) > > > > Please let us know what your thoughts are about this issue and feel free to contact us if there are any questions. > > Linfeng > Hey Linfeng, thanks we're looking into this now, and will address in this release cycle. Thanks Declan