patch 'crypto/openssl: skip workaround at compilation time' has been queued to stable release 20.11.9

luca.boccassi at gmail.com luca.boccassi at gmail.com
Wed Jun 28 16:10:28 CEST 2023

Previous message (by thread): patch 'mbuf: fix Doxygen comment of distributor metadata' has been queued to stable release 20.11.9
Next message (by thread): patch 'ethdev: update documentation for API to set FEC' has been queued to stable release 20.11.9
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to stable release 20.11.9

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 06/30/23. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable

This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/002685408d2231b30b1144a7f6506407c23c7fdb

Thanks.

Luca Boccassi

---
>From 002685408d2231b30b1144a7f6506407c23c7fdb Mon Sep 17 00:00:00 2001
From: Didier Pallard <didier.pallard at 6wind.com>
Date: Tue, 18 Apr 2023 16:56:19 +0200
Subject: [PATCH] crypto/openssl: skip workaround at compilation time

[ upstream commit 5b94ac1965620e945a3b8fcff84fab4fcb2ef801 ]

This workaround was needed before version 1.0.1f.
Do not build it for versions >= 1.1.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")

Signed-off-by: Didier Pallard <didier.pallard at 6wind.com>
Acked-by: Kai Ji <kai.ji at intel.com>
---
 drivers/crypto/openssl/rte_openssl_pmd.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/openssl/rte_openssl_pmd.c b/drivers/crypto/openssl/rte_openssl_pmd.c
index 786c87baed..089d879a5e 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd.c
@@ -1061,8 +1061,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
 		int srclen, uint8_t *aad, int aadlen, uint8_t *iv,
 		uint8_t *dst, uint8_t *tag, EVP_CIPHER_CTX *ctx)
 {
-	int len = 0, unused = 0;
+	int len = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	int unused = 0;
 	uint8_t empty[] = {};
+#endif
 
 	if (EVP_EncryptInit_ex(ctx, NULL, NULL, NULL, iv) <= 0)
 		goto process_auth_encryption_gcm_err;
@@ -1076,9 +1079,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
 				srclen, ctx, 0))
 			goto process_auth_encryption_gcm_err;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	/* Workaround open ssl bug in version less then 1.0.1f */
 	if (EVP_EncryptUpdate(ctx, empty, &unused, empty, 0) <= 0)
 		goto process_auth_encryption_gcm_err;
+#endif
 
 	if (EVP_EncryptFinal_ex(ctx, dst, &len) <= 0)
 		goto process_auth_encryption_gcm_err;
@@ -1140,8 +1145,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,
 		int srclen, uint8_t *aad, int aadlen, uint8_t *iv,
 		uint8_t *dst, uint8_t *tag, EVP_CIPHER_CTX *ctx)
 {
-	int len = 0, unused = 0;
+	int len = 0;
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+	int unused = 0;
 	uint8_t empty[] = {};
+#endif
 
 	if (EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag) <= 0)
 		goto process_auth_decryption_gcm_err;
@@ -1158,9 +1166,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,
 				srclen, ctx, 0))
 			goto process_auth_decryption_gcm_err;
 
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
 	/* Workaround open ssl bug in version less then 1.0.1f */
 	if (EVP_DecryptUpdate(ctx, empty, &unused, empty, 0) <= 0)
 		goto process_auth_decryption_gcm_err;
+#endif
 
 	if (EVP_DecryptFinal_ex(ctx, dst, &len) <= 0)
 		return -EFAULT;
-- 
2.39.2

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2023-06-28 11:40:08.240346384 +0100
+++ 0004-crypto-openssl-skip-workaround-at-compilation-time.patch	2023-06-28 11:40:08.020026763 +0100
@@ -1 +1 @@
-From 5b94ac1965620e945a3b8fcff84fab4fcb2ef801 Mon Sep 17 00:00:00 2001
+From 002685408d2231b30b1144a7f6506407c23c7fdb Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 5b94ac1965620e945a3b8fcff84fab4fcb2ef801 ]
+
@@ -10 +11,0 @@
-Cc: stable at dpdk.org
@@ -19 +20 @@
-index 9b83811d67..4569c5e62f 100644
+index 786c87baed..089d879a5e 100644
@@ -22 +23 @@
-@@ -1196,8 +1196,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
+@@ -1061,8 +1061,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
@@ -35 +36 @@
-@@ -1211,9 +1214,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
+@@ -1076,9 +1079,11 @@ process_openssl_auth_encryption_gcm(struct rte_mbuf *mbuf_src, int offset,
@@ -47 +48 @@
-@@ -1275,8 +1280,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,
+@@ -1140,8 +1145,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,
@@ -60 +61 @@
-@@ -1293,9 +1301,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,
+@@ -1158,9 +1166,11 @@ process_openssl_auth_decryption_gcm(struct rte_mbuf *mbuf_src, int offset,

Previous message (by thread): patch 'mbuf: fix Doxygen comment of distributor metadata' has been queued to stable release 20.11.9
Next message (by thread): patch 'ethdev: update documentation for API to set FEC' has been queued to stable release 20.11.9
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list