Hi Kevin, This patch was reverted on main branch. So better not backport. Regards, Akhil From: Kevin Traynor Sent: Friday, August 23, 2024 9:48 PM To: Shihong Wang Cc: Chaoyong He ; Akhil Goyal ; dpdk stable Subject: [EXTERNAL] patch 'examples/ipsec-secgw: fix SA salt endianness' has been queued to stable release 21.11.8 Hi, FYI, your patch has been queued to stable release 21. 11. 8 Note it hasn't been pushed to https: //urldefense. proofpoint. com/v2/url?u=http-3A__dpdk. org_browse_dpdk-2Dstable&d=DwIDaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=DnL7Si2wl_PRwpZ9TWey3eu68gBzn7DkPwuqhd6WNyo&m=jxMUmPULUFoI7N1IfPQX3iPunuqaFfvUiMvebss7a8oZ3g5cSkmT3owuWcRrmop6&s=Gl4YJ1gzyH5_C1fAntP5oV3-o7HB3pTE70HU-jtKq10&e= Hi, FYI, your patch has been queued to stable release 21.11.8 Note it hasn't been pushed to https://urldefense.proofpoint.com/v2/url?u=http-3A__dpdk.org_browse_dpdk-2Dstable&d=DwIDaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=DnL7Si2wl_PRwpZ9TWey3eu68gBzn7DkPwuqhd6WNyo&m=jxMUmPULUFoI7N1IfPQX3iPunuqaFfvUiMvebss7a8oZ3g5cSkmT3owuWcRrmop6&s=Gl4YJ1gzyH5_C1fAntP5oV3-o7HB3pTE70HU-jtKq10&e= yet. It will be pushed if I get no objections before 08/28/24. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_kevintraynor_dpdk-2Dstable&d=DwIDaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=DnL7Si2wl_PRwpZ9TWey3eu68gBzn7DkPwuqhd6WNyo&m=jxMUmPULUFoI7N1IfPQX3iPunuqaFfvUiMvebss7a8oZ3g5cSkmT3owuWcRrmop6&s=ORkIdcswiYk9iiTtV7ZmbP_zV54GLLsyvnBU72T8PbY&e= This queued commit can be viewed at: https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_kevintraynor_dpdk-2Dstable_commit_db8d7d17a9e8b79c8b6bae2044a6fcb819b33700&d=DwIDaQ&c=nKjWec2b6R0mOyPaz7xtfQ&r=DnL7Si2wl_PRwpZ9TWey3eu68gBzn7DkPwuqhd6WNyo&m=jxMUmPULUFoI7N1IfPQX3iPunuqaFfvUiMvebss7a8oZ3g5cSkmT3owuWcRrmop6&s=OxADViB5_6ttYifYrSuk4n9QR-FrrZjMHn69AGIDLwg&e= Thanks. Kevin --- From db8d7d17a9e8b79c8b6bae2044a6fcb819b33700 Mon Sep 17 00:00:00 2001 From: Shihong Wang > Date: Thu, 14 Mar 2024 10:00:52 +0800 Subject: [PATCH] examples/ipsec-secgw: fix SA salt endianness MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [ upstream commit e6bfd9676109f904b4f263402e77105fdca8e67c ] The SA salt of struct ipsec_sa is a CPU-endian u32 variable, but it’s value is stored in an array of encryption or authentication keys according to big-endian. So it maybe need to convert the endianness order to ensure that the value assigned to the SA salt is CPU-endian. Fixes: 50d75cae2a2c ("examples/ipsec-secgw: initialize SA salt") Fixes: 9413c3901f31 ("examples/ipsec-secgw: support additional algorithms") Fixes: 501e9c226adf ("examples/ipsec-secgw: add AEAD parameters") Signed-off-by: Shihong Wang > Reviewed-by: Chaoyong He > Acked-by: Akhil Goyal > --- examples/ipsec-secgw/sa.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c index 49d16f055b..af3a92f53e 100644 --- a/examples/ipsec-secgw/sa.c +++ b/examples/ipsec-secgw/sa.c @@ -366,4 +366,5 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, uint32_t *ri /*rule index*/; struct ipsec_sa_cnt *sa_cnt; + rte_be32_t salt; /*big-endian salt*/ uint32_t cipher_algo_p = 0; uint32_t auth_algo_p = 0; @@ -500,6 +501,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, key_len -= 4; rule->cipher_key_len = key_len; - memcpy(&rule->salt, - &rule->cipher_key[key_len], 4); + memcpy(&salt, &rule->cipher_key[key_len], 4); + rule->salt = rte_be_to_cpu_32(salt); } @@ -565,6 +566,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, rule->auth_key_len = key_len; rule->iv_len = algo->iv_len; - memcpy(&rule->salt, - &rule->auth_key[key_len], 4); + memcpy(&salt, &rule->auth_key[key_len], 4); + rule->salt = rte_be_to_cpu_32(salt); } @@ -624,6 +625,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, key_len -= 4; rule->cipher_key_len = key_len; - memcpy(&rule->salt, - &rule->cipher_key[key_len], 4); + memcpy(&salt, &rule->cipher_key[key_len], 4); + rule->salt = rte_be_to_cpu_32(salt); aead_algo_p = 1; -- 2.46.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2024-08-23 17:18:11.871795930 +0100 +++ 0069-examples-ipsec-secgw-fix-SA-salt-endianness.patch 2024-08-23 17:18:09.746430196 +0100 @@ -1 +1 @@ -From e6bfd9676109f904b4f263402e77105fdca8e67c Mon Sep 17 00:00:00 2001 +From db8d7d17a9e8b79c8b6bae2044a6fcb819b33700 Mon Sep 17 00:00:00 2001 @@ -8,0 +9,2 @@ +[ upstream commit e6bfd9676109f904b4f263402e77105fdca8e67c ] + @@ -17 +18,0 @@ -Cc: stable@dpdk.org @@ -27 +28 @@ -index c4bac17cd7..8aa9aca739 100644 +index 49d16f055b..af3a92f53e 100644 @@ -30 +31 @@ -@@ -375,4 +375,5 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, +@@ -366,4 +366,5 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, @@ -36 +37 @@ -@@ -509,6 +510,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, +@@ -500,6 +501,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, @@ -45 +46 @@ -@@ -574,6 +575,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, +@@ -565,6 +566,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, @@ -54 +55 @@ -@@ -633,6 +634,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens, +@@ -624,6 +625,6 @@ parse_sa_tokens(char **tokens, uint32_t n_tokens,