From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 85A9CA04F5
	for <public@inbox.dpdk.org>; Wed, 11 Dec 2019 22:28:40 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 7845A1D9E;
	Wed, 11 Dec 2019 22:28:40 +0100 (CET)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
 [205.139.110.120]) by dpdk.org (Postfix) with ESMTP id 4F59A1B994
 for <stable@dpdk.org>; Wed, 11 Dec 2019 22:28:39 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
 s=mimecast20190719; t=1576099718;
 h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
 content-transfer-encoding:content-transfer-encoding:
 in-reply-to:in-reply-to:references:references;
 bh=J9FwV6OiKIVvLe8yYTHs1uJsLPY21+8D+w0fDpNoaZI=;
 b=NzXHS7CNuwL6oTo7umZb2Zxpc3qosRaCgHRa9djAt0QveGCkBxoT/Np8Q8zfulingQOvhT
 5V6PHZKiGbBnxsgS9mkBTekDu49QWuq0LHgejT3Zh4kkkC+e9Tsi6+Bxt+W8Sj7KsYNrpn
 7l0pYuYCJNUlMkIQir4dEsyNvZVE43g=
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-416-blrPOz90NWaYufNmSIWCCQ-1; Wed, 11 Dec 2019 16:28:37 -0500
Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com
 [10.5.11.22])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 43C11DBE6;
 Wed, 11 Dec 2019 21:28:36 +0000 (UTC)
Received: from rh.redhat.com (ovpn-116-64.ams2.redhat.com [10.36.116.64])
 by smtp.corp.redhat.com (Postfix) with ESMTP id 36C9310013A1;
 Wed, 11 Dec 2019 21:28:35 +0000 (UTC)
From: Kevin Traynor <ktraynor@redhat.com>
To: Fan Zhang <roy.fan.zhang@intel.com>
Cc: Marko Kovacevic <marko.kovacevic@intel.com>, dpdk stable <stable@dpdk.org>
Date: Wed, 11 Dec 2019 21:26:28 +0000
Message-Id: <20191211212702.27851-36-ktraynor@redhat.com>
In-Reply-To: <20191211212702.27851-1-ktraynor@redhat.com>
References: <20191211212702.27851-1-ktraynor@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22
X-MC-Unique: blrPOz90NWaYufNmSIWCCQ-1
X-Mimecast-Spam-Score: 0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Subject: [dpdk-stable] patch 'examples/fips_validation: fix auth verify' has
	been queued to LTS release 18.11.6
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

Hi,

FYI, your patch has been queued to LTS release 18.11.6

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 12/17/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasi=
ng
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable-queue

This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable-queue/commit/6cd900d65c6cfd3d6d=
9c0f5cfb46be0353401c13

Thanks.

Kevin.

---
>From 6cd900d65c6cfd3d6d9c0f5cfb46be0353401c13 Mon Sep 17 00:00:00 2001
From: Fan Zhang <roy.fan.zhang@intel.com>
Date: Wed, 6 Nov 2019 10:54:25 +0000
Subject: [PATCH] examples/fips_validation: fix auth verify

[ upstream commit 82cfb9c24f66084e6c7933e6c00bca409bcc00e2 ]

Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")

This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 60 ++++++++++-----------------------
 1 file changed, 17 insertions(+), 43 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/mai=
n.c
index 40785decb..27558baa4 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -405,4 +405,5 @@ prepare_auth_op(void)
 {
 =09struct rte_crypto_sym_op *sym =3D env.op->sym;
+=09uint8_t *pt;
=20
 =09__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_SYMMETRIC);
@@ -412,51 +413,24 @@ prepare_auth_op(void)
 =09sym->auth.data.offset =3D 0;
=20
-=09if (info.op =3D=3D FIPS_TEST_ENC_AUTH_GEN) {
-=09=09uint8_t *pt;
+=09pt =3D (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
+=09=09=09vec.cipher_auth.digest.len);
=20
-=09=09if (vec.pt.len > RTE_MBUF_MAX_NB_SEGS) {
-=09=09=09RTE_LOG(ERR, USER1, "PT len %u\n", vec.pt.len);
-=09=09=09return -EPERM;
-=09=09}
+=09if (!pt) {
+=09=09RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
+=09=09=09=09-ENOMEM);
+=09=09return -ENOMEM;
+=09}
=20
-=09=09pt =3D (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
+=09sym->auth.data.length =3D vec.pt.len;
+=09sym->auth.digest.data =3D pt + vec.pt.len;
+=09sym->auth.digest.phys_addr =3D rte_pktmbuf_mtophys_offset(
+=09=09=09env.mbuf, vec.pt.len);
+
+=09memcpy(pt, vec.pt.val, vec.pt.len);
+
+=09if (info.op =3D=3D FIPS_TEST_DEC_AUTH_VERIF)
+=09=09memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
 =09=09=09=09vec.cipher_auth.digest.len);
=20
-=09=09if (!pt) {
-=09=09=09RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-=09=09=09=09=09-ENOMEM);
-=09=09=09return -ENOMEM;
-=09=09}
-
-=09=09memcpy(pt, vec.pt.val, vec.pt.len);
-=09=09sym->auth.data.length =3D vec.pt.len;
-=09=09sym->auth.digest.data =3D pt + vec.pt.len;
-=09=09sym->auth.digest.phys_addr =3D rte_pktmbuf_mtophys_offset(
-=09=09=09=09env.mbuf, vec.pt.len);
-
-=09} else {
-=09=09uint8_t *ct;
-
-=09=09if (vec.ct.len > RTE_MBUF_MAX_NB_SEGS) {
-=09=09=09RTE_LOG(ERR, USER1, "CT len %u\n", vec.ct.len);
-=09=09=09return -EPERM;
-=09=09}
-
-=09=09ct =3D (uint8_t *)rte_pktmbuf_append(env.mbuf,
-=09=09=09=09vec.ct.len + vec.cipher_auth.digest.len);
-
-=09=09if (!ct) {
-=09=09=09RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-=09=09=09=09=09-ENOMEM);
-=09=09=09return -ENOMEM;
-=09=09}
-
-=09=09memcpy(ct, vec.ct.val, vec.ct.len);
-=09=09sym->auth.data.length =3D vec.ct.len;
-=09=09sym->auth.digest.data =3D vec.cipher_auth.digest.val;
-=09=09sym->auth.digest.phys_addr =3D rte_malloc_virt2iova(
-=09=09=09=09sym->auth.digest.data);
-=09}
-
 =09rte_crypto_op_attach_sym_session(env.op, env.sess);
=20
--=20
2.21.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-=
empty:
---
--- -=092019-12-11 21:24:15.564071375 +0000
+++ 0036-examples-fips_validation-fix-auth-verify.patch=092019-12-11 21:24:=
12.669651176 +0000
@@ -1 +1 @@
-From 82cfb9c24f66084e6c7933e6c00bca409bcc00e2 Mon Sep 17 00:00:00 2001
+From 6cd900d65c6cfd3d6d9c0f5cfb46be0353401c13 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 82cfb9c24f66084e6c7933e6c00bca409bcc00e2 ]
+
@@ -7 +8,0 @@
-Cc: stable@dpdk.org
@@ -15,2 +16,2 @@
- examples/fips_validation/main.c | 62 ++++++++++-----------------------
- 1 file changed, 18 insertions(+), 44 deletions(-)
+ examples/fips_validation/main.c | 60 ++++++++++-----------------------
+ 1 file changed, 17 insertions(+), 43 deletions(-)
@@ -19 +20 @@
-index f8694ef96..9a2c8da61 100644
+index 40785decb..27558baa4 100644
@@ -22 +23 @@
-@@ -513,4 +513,5 @@ prepare_auth_op(void)
+@@ -405,4 +405,5 @@ prepare_auth_op(void)
@@ -28 +29 @@
-@@ -520,51 +521,24 @@ prepare_auth_op(void)
+@@ -412,51 +413,24 @@ prepare_auth_op(void)
@@ -40 +41,6 @@
--
++=09if (!pt) {
++=09=09RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
++=09=09=09=09-ENOMEM);
++=09=09return -ENOMEM;
++=09}
+=20
@@ -42,2 +48,11 @@
--=09=09=09=09vec.cipher_auth.digest.len);
--
++=09sym->auth.data.length =3D vec.pt.len;
++=09sym->auth.digest.data =3D pt + vec.pt.len;
++=09sym->auth.digest.phys_addr =3D rte_pktmbuf_mtophys_offset(
++=09=09=09env.mbuf, vec.pt.len);
++
++=09memcpy(pt, vec.pt.val, vec.pt.len);
++
++=09if (info.op =3D=3D FIPS_TEST_DEC_AUTH_VERIF)
++=09=09memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
+ =09=09=09=09vec.cipher_auth.digest.len);
+=20
@@ -78,17 +93,2 @@
-+=09if (!pt) {
-+=09=09RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-+=09=09=09=09-ENOMEM);
-+=09=09return -ENOMEM;
- =09}
-=20
-+=09sym->auth.data.length =3D vec.pt.len;
-+=09sym->auth.digest.data =3D pt + vec.pt.len;
-+=09sym->auth.digest.phys_addr =3D rte_pktmbuf_mtophys_offset(
-+=09=09=09env.mbuf, vec.pt.len);
-+
-+=09memcpy(pt, vec.pt.val, vec.pt.len);
-+
-+=09if (info.op =3D=3D FIPS_TEST_DEC_AUTH_VERIF)
-+=09=09memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
-+=09=09=09=09vec.cipher_auth.digest.len);
-+
+-=09}
+-