patch 'crypto/ipsec_mb: fix cipher key setting' has been queued to stable release 20.11.4

[Xueming(Steven) Li]

Hi Pablo,

On Sun, 2021-11-28 at 22:54 +0800, Xueming Li wrote:
> Hi,
> 
> FYI, your patch has been queued to stable release 20.11.4
> 
> Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
> It will be pushed if I get no objections before 11/30/21. So please
> shout if anyone has objections.
> 
> Also note that after the patch there's a diff of the upstream commit vs the
> patch applied to the branch. This will indicate if there was any rebasing
> needed to apply to the stable branch. If there were code changes for rebasing
> (ie: not only metadata diffs), please double check that the rebase was
> correctly done.
> 
> Queued patches are on a temporary branch at:
> https://github.com/steevenlee/dpdk
> 
> This queued commit can be viewed at:
> https://github.com/steevenlee/dpdk/commit/6096e4200509865f35a2cf9383da0af76bc68aff
> 
> Thanks.
> 
> Xueming Li <xuemingl at nvidia.com>
> 
> ---
> From 6096e4200509865f35a2cf9383da0af76bc68aff Mon Sep 17 00:00:00 2001
> From: Pablo de Lara <pablo.de.lara.guarch at intel.com>
> Date: Mon, 22 Nov 2021 17:47:29 +0000
> Subject: [PATCH] crypto/ipsec_mb: fix cipher key setting
> Cc: Xueming Li <xuemingl at nvidia.com>
> 
> [ upstream commit b0a37e8cd2ac559202086d88c1761e0b6406b445 ]
> 
> When authenticating with SNOW3G, KASUMI and ZUC,
> the pointers for encryption/decryption keys is not set.
> If a cipher algorithm such as AES-CBC is also used,
> the application would seg fault.
> Hence, these pointers should be set to some value by default.
> 
> Command line to replicate the issue:
> ./build/app/dpdk-test-crypto-perf -l 4,5 -n 6 --vdev="crypto_aesni_mb" -- \
>  --devtype="crypto_aesni_mb" --optype=cipher-then-auth --auth-algo \
>  snow3g-uia2 --auth-key-sz 16 --auth-iv-sz 16 --digest-sz 4 --silent \
>  --total-ops 1000000 --auth-op generate --burst-sz 32 \
>  --cipher-algo aes-ctr --cipher-key-sz 16 --cipher-iv-sz 16
> 
> Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9")
> Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2")
> Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3")
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
> Acked-by: Ciara Power <ciara.power at intel.com>
> Acked-by: Fan Zhang <roy.fan.zhang at intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 19 ++++++++-----------
>  1 file changed, 8 insertions(+), 11 deletions(-)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> index 03186485f9..6e14788fd0 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
> @@ -1267,6 +1267,14 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
>  
>  	const int aead = is_aead_algo(job->hash_alg, job->cipher_mode);
>  
> +	if (job->cipher_mode == IMB_CIPHER_DES3) {

In 20.11, intel-ipsec-mb 0.52 is required, IMB_CIPHER_DES3 not defined,
comiple error happens in server with lower verison.
Changed it to DES3, please let me know if wrong.

Regards,
Xueming

> +		job->enc_keys = session->cipher.exp_3des_keys.ks_ptr;
> +		job->dec_keys = session->cipher.exp_3des_keys.ks_ptr;
> +	} else {
> +		job->enc_keys = session->cipher.expanded_aes_keys.encode;
> +		job->dec_keys = session->cipher.expanded_aes_keys.decode;
> +	}
> +
>  	switch (job->hash_alg) {
>  	case AES_XCBC:
>  		job->u.XCBC._k1_expanded = session->auth.xcbc.k1_expanded;
> @@ -1339,17 +1347,6 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
>  		job->u.HMAC._hashed_auth_key_xor_ipad = session->auth.pads.inner;
>  		job->u.HMAC._hashed_auth_key_xor_opad = session->auth.pads.outer;
>  
> -		if (job->cipher_mode == DES3) {
> -			job->aes_enc_key_expanded =
> -				session->cipher.exp_3des_keys.ks_ptr;
> -			job->aes_dec_key_expanded =
> -				session->cipher.exp_3des_keys.ks_ptr;
> -		} else {
> -			job->aes_enc_key_expanded =
> -				session->cipher.expanded_aes_keys.encode;
> -			job->aes_dec_key_expanded =
> -				session->cipher.expanded_aes_keys.decode;
> -		}
>  	}
>  
>  	if (aead)