[PATCH 20.11 2/2] crypto/ipsec_mb: fix GMAC parameters setting
Pablo de Lara
pablo.de.lara.guarch at intel.com
Tue Mar 22 14:39:10 CET 2022
[ upstream commit 837269c2e5c5a8813adfcf59f23b80569048ddeb ]
AES-GMAC requires plaintext length to be 0 when using AES-GCM,
so only AAD data is used.
Fixes: a501609ea646 ("crypto/ipsec_mb: fix length and offset settings")
Cc: pablo.de.lara.guarch at intel.com
Cc: stable at dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch at intel.com>
Acked-by: Fan Zhang <roy.fan.zhang at intel.com>
Acked-by: Radu Nicolau <radu.nicolau at intel.com>
Tested-by: Radu Nicolau <radu.nicolau at intel.com>
---
drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c | 17 ++++++++++++++---
1 file changed, 14 insertions(+), 3 deletions(-)
diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
index ab9864739d..94055d8177 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd.c
@@ -1438,9 +1438,9 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
op->sym->aead.data.offset;
job->msg_len_to_hash_in_bytes =
op->sym->aead.data.length;
- } else {
- job->msg_len_to_cipher_in_bytes = 0;
+ } else { /* AES-GMAC only, only AAD used */
job->msg_len_to_hash_in_bytes = 0;
+ job->hash_start_src_offset_in_bytes = 0;
}
job->iv = rte_crypto_op_ctod_offset(op, uint8_t *,
@@ -1524,8 +1524,19 @@ set_mb_job_params(JOB_AES_HMAC *job, struct aesni_mb_qp *qp,
op->sym->cipher.data.length;
break;
#endif
- case CCM:
case GCM:
+ if (session->cipher.mode == NULL_CIPHER) {
+ /* AES-GMAC only (only AAD used) */
+ job->msg_len_to_cipher_in_bytes = 0;
+ job->cipher_start_src_offset_in_bytes = 0;
+ } else {
+ job->cipher_start_src_offset_in_bytes =
+ op->sym->aead.data.offset;
+ job->msg_len_to_cipher_in_bytes =
+ op->sym->aead.data.length;
+ }
+ break;
+ case CCM:
#if IMB_VERSION(0, 54, 3) <= IMB_VERSION_NUM
case IMB_CIPHER_CHACHA20_POLY1305:
#endif
--
2.25.1
More information about the stable
mailing list