Re: [dpdk-dev] [PATCH v2 1/2] crypto/ccp: sha3 support enabling in ccp

DPDK patches and discussions
 help / color / mirror / Atom feed

From: David Marchand <david.marchand@redhat.com>
To: Thomas Monjalon <thomas@monjalon.net>
Cc: "Kumar, Ravi1" <Ravi1.Kumar@amd.com>,
	 "Sardar, Shamsher singh" <Shamshersingh.Sardar@amd.com>,
	"dev@dpdk.org" <dev@dpdk.org>,  Akhil Goyal <akhil.goyal@nxp.com>,
	dodji@seketeli.net
Subject: Re: [dpdk-dev] [PATCH v2 1/2] crypto/ccp: sha3 support enabling in ccp
Date: Thu, 6 Feb 2020 10:34:09 +0100	[thread overview]
Message-ID: <CAJFAV8xs5CVdE2xwRtaxk5vE_PiQMV5LY5tKStk3R1gOuRTsUw@mail.gmail.com> (raw)
In-Reply-To: <45170712.MN2xkq1pzW@xps>

On Wed, Feb 5, 2020 at 11:22 PM Thomas Monjalon <thomas@monjalon.net> wrote:
> 05/02/2020 13:24, Akhil Goyal:
> > > For series,
> > > Acked-by: Ravi Kumar <ravi1.kumar@amd.com>
> > >
> > > >
> > > >From: Sardar Shamsher Singh <Shamshersingh.Sardar@amd.com>
> > > >
> > > >sha3 support enabled in AMD-CCP crypto controller
> > > >
> > > >Signed-off-by: Sardar Shamsher Singh <Shamshersingh.Sardar@amd.com>
> > > >---
> > Change patch title and description as below
> >     cryptodev: fix missing SHA3 algo strings
> >
> >     SHA3 support was added earlier but algo strings were
> >     missing. This patch add the missing strings.
> >
> >     Fixes: 1df800f89518 ("crypto/ccp: support SHA3 family")
> >     Cc: stable@dpdk.org
> >
> >     Signed-off-by: Sardar Shamsher Singh <Shamshersingh.Sardar@amd.com>
> >     Acked-by: Ravi Kumar <ravi1.kumar@amd.com>
> >     Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
> >
> > Applied to dpdk-next-crypto
>
> Sorry I must drop this patch because it triggers an ABI warning:
>   [C]'const char* rte_crypto_auth_algorithm_strings[]' was changed at rte_crypto_sym.h:320:1:
>     size of symbol changed from 168 to 232

This is still not clear to me, but here is how I understand the issue.


An exposed array (and its size) ends up in both the shared library and
the final binary data section.

[dmarchan@wsfd-netdev66 dpdk]$ readelf -sW
~/builds/build-gcc-shared/app/dpdk-test-crypto-perf |grep
rte_crypto_auth_algorithm_strings
    86: 00000000004141a0   168 OBJECT  GLOBAL DEFAULT   24
rte_crypto_auth_algorithm_strings@DPDK_20.0 (4)
   308: 00000000004141a0   168 OBJECT  GLOBAL DEFAULT   24
rte_crypto_auth_algorithm_strings@@DPDK_20.0
[dmarchan@wsfd-netdev66 dpdk]$ readelf -sW
~/builds/build-gcc-shared/lib/librte_cryptodev.so |grep
rte_crypto_auth_algorithm_strings
    57: 000000000000b220   168 OBJECT  GLOBAL DEFAULT   23
rte_crypto_auth_algorithm_strings@@DPDK_20.0
   158: 000000000000b220   168 OBJECT  GLOBAL DEFAULT   23
rte_crypto_auth_algorithm_strings

At runtime, the linker chooses to rewire all access to the final
binary data section, not the shared library local representation.

Now, if we update the array size, the shared library code is built
with the assumption of the increased size.
But at runtime with an "old" binary, the shared library code runs with
a shorter array, with potential out of bound access.

Interesting article:
https://developers.redhat.com/blog/2019/05/06/how-c-array-sizes-become-part-of-the-binary-interface-of-a-library/


-- 
David Marchand

     prev parent reply	other threads:[~2020-02-06  9:34 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-01-22 10:52 ssardar
2020-01-22 10:52 ` [dpdk-dev] [PATCH v2 2/2] examples/crypto: crypto test application ssardar
2020-01-28  6:35   ` Akhil Goyal
2020-01-30  8:45     ` Sardar, Shamsher singh
2020-01-30  8:52       ` Akhil Goyal
2020-01-30  9:08         ` Sardar, Shamsher singh
2020-01-22 11:11 ` [dpdk-dev] [PATCH v2 1/2] crypto/ccp: sha3 support enabling in ccp Kumar, Ravi1
2020-02-05 12:24   ` Akhil Goyal
2020-02-05 22:22     ` Thomas Monjalon
2020-02-06  9:34       ` David Marchand [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAJFAV8xs5CVdE2xwRtaxk5vE_PiQMV5LY5tKStk3R1gOuRTsUw@mail.gmail.com \
    --to=david.marchand@redhat.com \
    --cc=Ravi1.Kumar@amd.com \
    --cc=Shamshersingh.Sardar@amd.com \
    --cc=akhil.goyal@nxp.com \
    --cc=dev@dpdk.org \
    --cc=dodji@seketeli.net \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).