[PATCH] crypto/ipsec_mb: fix GMAC parameters setting
De Lara Guarch, Pablo
pablo.de.lara.guarch at intel.com
Wed Mar 9 20:02:51 CET 2022
Hi Thomas,
> -----Original Message-----
> From: Zhang, Roy Fan <roy.fan.zhang at intel.com>
> Sent: Wednesday, March 9, 2022 11:01 AM
> To: De Lara Guarch, Pablo <pablo.de.lara.guarch at intel.com>; Nicolau, Radu
> <radu.nicolau at intel.com>; Buckley, Daniel M <daniel.m.buckley at intel.com>
> Cc: dev at dpdk.org; stable at dpdk.org
> Subject: RE: [PATCH] crypto/ipsec_mb: fix GMAC parameters setting
>
> > -----Original Message-----
> > From: De Lara Guarch, Pablo <pablo.de.lara.guarch at intel.com>
> > Sent: Wednesday, March 9, 2022 10:45 AM
> > To: Nicolau, Radu <radu.nicolau at intel.com>; Buckley, Daniel M
> > <daniel.m.buckley at intel.com>; Zhang, Roy Fan <roy.fan.zhang at intel.com>
> > Cc: dev at dpdk.org; De Lara Guarch, Pablo
> > <pablo.de.lara.guarch at intel.com>; stable at dpdk.org
> > Subject: [PATCH] crypto/ipsec_mb: fix GMAC parameters setting
> >
> > AES-GMAC requires plaintext length to be 0 when using AES-GCM, so only
> > AAD data is used.
> >
> > Fixes: a501609ea646 ("crypto/ipsec_mb: fix length and offset
> > settings")
> > Cc: pablo.de.lara.guarch at intel.com
> > Cc: stable at dpdk.org
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
> > ---
> > drivers/crypto/ipsec_mb/pmd_aesni_mb.c | 16 +++++++++++++---
> > 1 file changed, 13 insertions(+), 3 deletions(-)
> >
> > diff --git a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> > b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> > index c974886032..afa0b6e3a4 100644
> > --- a/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> > +++ b/drivers/crypto/ipsec_mb/pmd_aesni_mb.c
> > @@ -1296,9 +1296,9 @@ set_mb_job_params(IMB_JOB *job, struct
> > ipsec_mb_qp *qp,
> > op->sym->aead.data.offset;
> > job->msg_len_to_hash_in_bytes =
> > op->sym->aead.data.length;
> > - } else {
> > - job->msg_len_to_cipher_in_bytes = 0;
> > + } else { /* AES-GMAC only, only AAD used */
> > job->msg_len_to_hash_in_bytes = 0;
> > + job->hash_start_src_offset_in_bytes = 0;
> > }
> >
> > job->iv = rte_crypto_op_ctod_offset(op, uint8_t *, @@ -1378,8
> > +1378,18 @@ set_mb_job_params(IMB_JOB *job, struct ipsec_mb_qp *qp,
> > job->msg_len_to_cipher_in_bits =
> > op->sym->cipher.data.length;
> > break;
> > - case IMB_CIPHER_CCM:
> > case IMB_CIPHER_GCM:
> > + if (session->cipher.mode == IMB_CIPHER_NULL) {
> > + /* AES-GMAC only (only AAD used) */
> > + job->msg_len_to_cipher_in_bytes = 0;
> > + job->cipher_start_src_offset_in_bytes = 0;
> > + } else {
> > + job->cipher_start_src_offset_in_bytes =
> > + op->sym->aead.data.offset;
> > + job->msg_len_to_cipher_in_bytes = op->sym-
> > >aead.data.length;
> > + }
> > + break;
> > + case IMB_CIPHER_CCM:
> > case IMB_CIPHER_CHACHA20_POLY1305:
> > job->cipher_start_src_offset_in_bytes =
> > op->sym->aead.data.offset;
> > --
> > 2.25.1
> Acked-by: Fan Zhang <roy.fan.zhang at intel.com> Thanks Pablo!
Would it be possible to merge this fix for this release?
A previous commit merged in this release has introduced a bug,
so it would be great if this fix can make it into 22.03.
Thanks,
Pablo
More information about the dev
mailing list