[dpdk-dev] [PATCH v2 07/27] crypto/qat: fix KASUMI authentication

[Pablo de Lara]

QAT PMD was assuming that cipher IV was always prepended,
before the input buffer, but it is not necessary to have it
there, only the auth IV (COUNT and FRESH) and the input buffer
needs to be contiguous, with the direction bit after.

If AAD (containing the IV for authentication)
is not just before the message, the authentication will fail.
Therefore, the headroom of the input buffer is used to
copy the AAD, and then it is removed after the operation is
finished.

It was also assuming that the IV was starting at offset 0,
which is not always the case.

Fixes: d4f2745300e0 ("crypto/qat: add KASUMI")
CC: stable at dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
---
 drivers/crypto/qat/qat_crypto.c | 37 ++++++++++++++++++++++++++-----------
 1 file changed, 26 insertions(+), 11 deletions(-)

diff --git a/drivers/crypto/qat/qat_crypto.c b/drivers/crypto/qat/qat_crypto.c
index 9b294e4..bdd5bab 100644
--- a/drivers/crypto/qat/qat_crypto.c
+++ b/drivers/crypto/qat/qat_crypto.c
@@ -812,6 +812,11 @@ qat_pmd_dequeue_op_burst(void *qp, struct rte_crypto_op **ops,
 						(rx_op->sym->session->_private);
 			if (sess->bpi_ctx)
 				qat_bpicipher_postprocess(sess, rx_op);
+			if (sess->qat_hash_alg ==
+					ICP_QAT_HW_AUTH_ALGO_KASUMI_F9)
+				/* Trim area used for authentication IV. */
+				rte_pktmbuf_adj(rx_op->sym->m_src,
+						ICP_QAT_HW_KASUMI_BLK_SZ);
 			rx_op->status = RTE_CRYPTO_OP_STATUS_SUCCESS;
 		}
 
@@ -1012,15 +1017,25 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 
 			if (ctx->qat_hash_alg ==
 					ICP_QAT_HW_AUTH_ALGO_KASUMI_F9) {
-				if (do_cipher) {
-					auth_len = auth_len + auth_ofs + 1 -
-						ICP_QAT_HW_KASUMI_BLK_SZ;
-					auth_ofs = ICP_QAT_HW_KASUMI_BLK_SZ;
-				} else {
-					auth_len = auth_len + auth_ofs + 1;
-					auth_ofs = 0;
-				}
-			}
+				/*
+				 * Prepend IV in mbuf, as IV and the plaintext
+				 * needs to be contiguous
+				 */
+				uint8_t *auth_iv_ptr_dst =
+						(uint8_t *) rte_pktmbuf_prepend(
+							op->sym->m_src,
+							ICP_QAT_HW_KASUMI_BLK_SZ);
+				const uint8_t *auth_iv_ptr_src =
+						op->sym->auth.aad.data;
+				rte_memcpy(auth_iv_ptr_dst, auth_iv_ptr_src,
+					       ICP_QAT_HW_KASUMI_BLK_SZ);
+				/* Auth IV and message is contiguous + direction bit */
+				auth_len = auth_len + ICP_QAT_HW_KASUMI_BLK_SZ + 1;
+				/* Buffer to cipher starts after auth IV */
+				if (do_cipher)
+					cipher_ofs += ICP_QAT_HW_KASUMI_BLK_SZ;
+			} else
+				auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
 
 		} else if (ctx->qat_hash_alg ==
 					ICP_QAT_HW_AUTH_ALGO_GALOIS_128 ||
@@ -1028,6 +1043,8 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 					ICP_QAT_HW_AUTH_ALGO_GALOIS_64) {
 			auth_ofs = op->sym->cipher.data.offset;
 			auth_len = op->sym->cipher.data.length;
+
+			auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
 		} else {
 			auth_ofs = op->sym->auth.data.offset;
 			auth_len = op->sym->auth.data.length;
@@ -1036,8 +1053,6 @@ qat_write_hw_desc_entry(struct rte_crypto_op *op, uint8_t *out_msg,
 
 		auth_param->auth_res_addr = op->sym->auth.digest.phys_addr;
 
-		auth_param->u1.aad_adr = op->sym->auth.aad.phys_addr;
-
 	}
 
 	if (op->sym->m_src->next || (op->sym->m_dst && op->sym->m_dst->next))
-- 
2.9.4