diff mbox series

[v2,01/11] crypto/dpaa2_sec: fix to check next null for auth only case

Message ID 20210825081837.23830-1-hemant.agrawal@nxp.com
State New
Headers show
Series [v2,01/11] crypto/dpaa2_sec: fix to check next null for auth only case | expand

Commit Message

Hemant Agrawal Aug. 25, 2021, 8:18 a.m. UTC
This patch fixes the issue to check for next pointer as
null in the integrity only case in pdcp-security context.

Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
Cc: stable@dpdk.org

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
 1 file changed, 13 insertions(+), 12 deletions(-)

-- 
2.17.1

Comments

Akhil Goyal Sept. 2, 2021, 12:46 p.m. UTC | #1
> This patch fixes the issue to check for next pointer as

> null in the integrity only case in pdcp-security context.

> 

> Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")

> Cc: stable@dpdk.org


This patch is not a fix and need not be backported, because integrity
only case is not a valid case for PDCP before the introduction of short MAC.
Since short MAC is supported here in this release only, this should be reworded
as to support short MAC, integrity-only case is required to be supported for
PDCP.
And this patch should be part of the short MAC-I series and not this one.

> 

> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

> ---

>  drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------

>  1 file changed, 13 insertions(+), 12 deletions(-)

> 

> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

> index fe90d9d2d8..87a94b2c04 100644

> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

> @@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev

> *dev,

>  	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;

>  	struct rte_crypto_sym_xform *xform = conf->crypto_xform;

>  	struct rte_crypto_auth_xform *auth_xform = NULL;

> -	struct rte_crypto_cipher_xform *cipher_xform;

> +	struct rte_crypto_cipher_xform *cipher_xform = NULL;

>  	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;

>  	struct ctxt_priv *priv;

>  	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;

> @@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct

> rte_cryptodev *dev,

>  	flc = &priv->flc_desc[0].flc;

> 

>  	/* find xfrm types */

> -	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform-

> >next == NULL) {

> -		cipher_xform = &xform->cipher;

> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&

> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {

> -		session->ext_params.aead_ctxt.auth_cipher_text = true;

> +	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {

>  		cipher_xform = &xform->cipher;

> -		auth_xform = &xform->next->auth;

> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&

> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {

> -		session->ext_params.aead_ctxt.auth_cipher_text = false;

> -		cipher_xform = &xform->next->cipher;

> +		if (xform->next != NULL) {

> +			session->ext_params.aead_ctxt.auth_cipher_text =

> true;

> +			auth_xform = &xform->next->auth;

> +		}

> +	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {

>  		auth_xform = &xform->auth;

> +		if (xform->next != NULL) {

> +			session->ext_params.aead_ctxt.auth_cipher_text =

> false;

> +			cipher_xform = &xform->next->cipher;

> +		}

>  	} else {

>  		DPAA2_SEC_ERR("Invalid crypto type");

>  		return -EINVAL;

> @@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev

> *dev,

>  	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;

>  	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;

>  	/* hfv ovd offset location is stored in iv.offset value*/

> -	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;

> +	if (cipher_xform)

> +		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;

> 

>  	cipherdata.key = (size_t)session->cipher_key.data;

>  	cipherdata.keylen = session->cipher_key.length;

> --

> 2.17.1
Hemant Agrawal Sept. 2, 2021, 1:48 p.m. UTC | #2
On 9/2/2021 6:16 PM, Akhil Goyal wrote:
>> This patch fixes the issue to check for next pointer as

>> null in the integrity only case in pdcp-security context.

>>

>> Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")

>> Cc: stable@dpdk.org

> This patch is not a fix and need not be backported, because integrity

> only case is not a valid case for PDCP before the introduction of short MAC.

> Since short MAC is supported here in this release only, this should be reworded

> as to support short MAC, integrity-only case is required to be supported for

> PDCP.

> And this patch should be part of the short MAC-I series and not this one.

Ok,
>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

>> ---

>>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------

>>   1 file changed, 13 insertions(+), 12 deletions(-)

>>

>> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

>> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

>> index fe90d9d2d8..87a94b2c04 100644

>> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

>> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c

>> @@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev

>> *dev,

>>   	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;

>>   	struct rte_crypto_sym_xform *xform = conf->crypto_xform;

>>   	struct rte_crypto_auth_xform *auth_xform = NULL;

>> -	struct rte_crypto_cipher_xform *cipher_xform;

>> +	struct rte_crypto_cipher_xform *cipher_xform = NULL;

>>   	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;

>>   	struct ctxt_priv *priv;

>>   	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;

>> @@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct

>> rte_cryptodev *dev,

>>   	flc = &priv->flc_desc[0].flc;

>>

>>   	/* find xfrm types */

>> -	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform-

>>> next == NULL) {

>> -		cipher_xform = &xform->cipher;

>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&

>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {

>> -		session->ext_params.aead_ctxt.auth_cipher_text = true;

>> +	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {

>>   		cipher_xform = &xform->cipher;

>> -		auth_xform = &xform->next->auth;

>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&

>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {

>> -		session->ext_params.aead_ctxt.auth_cipher_text = false;

>> -		cipher_xform = &xform->next->cipher;

>> +		if (xform->next != NULL) {

>> +			session->ext_params.aead_ctxt.auth_cipher_text =

>> true;

>> +			auth_xform = &xform->next->auth;

>> +		}

>> +	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {

>>   		auth_xform = &xform->auth;

>> +		if (xform->next != NULL) {

>> +			session->ext_params.aead_ctxt.auth_cipher_text =

>> false;

>> +			cipher_xform = &xform->next->cipher;

>> +		}

>>   	} else {

>>   		DPAA2_SEC_ERR("Invalid crypto type");

>>   		return -EINVAL;

>> @@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev

>> *dev,

>>   	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;

>>   	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;

>>   	/* hfv ovd offset location is stored in iv.offset value*/

>> -	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;

>> +	if (cipher_xform)

>> +		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;

>>

>>   	cipherdata.key = (size_t)session->cipher_key.data;

>>   	cipherdata.keylen = session->cipher_key.length;

>> --

>> 2.17.1
diff mbox series

Patch

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index fe90d9d2d8..87a94b2c04 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -3095,7 +3095,7 @@  dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
 	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
 	struct rte_crypto_auth_xform *auth_xform = NULL;
-	struct rte_crypto_cipher_xform *cipher_xform;
+	struct rte_crypto_cipher_xform *cipher_xform = NULL;
 	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
 	struct ctxt_priv *priv;
 	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
@@ -3127,18 +3127,18 @@  dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	flc = &priv->flc_desc[0].flc;
 
 	/* find xfrm types */
-	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform->next == NULL) {
-		cipher_xform = &xform->cipher;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
-		session->ext_params.aead_ctxt.auth_cipher_text = true;
+	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
 		cipher_xform = &xform->cipher;
-		auth_xform = &xform->next->auth;
-	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
-		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
-		session->ext_params.aead_ctxt.auth_cipher_text = false;
-		cipher_xform = &xform->next->cipher;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = true;
+			auth_xform = &xform->next->auth;
+		}
+	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
 		auth_xform = &xform->auth;
+		if (xform->next != NULL) {
+			session->ext_params.aead_ctxt.auth_cipher_text = false;
+			cipher_xform = &xform->next->cipher;
+		}
 	} else {
 		DPAA2_SEC_ERR("Invalid crypto type");
 		return -EINVAL;
@@ -3177,7 +3177,8 @@  dpaa2_sec_set_pdcp_session(struct rte_cryptodev *dev,
 	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
 	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
 	/* hfv ovd offset location is stored in iv.offset value*/
-	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
+	if (cipher_xform)
+		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
 
 	cipherdata.key = (size_t)session->cipher_key.data;
 	cipherdata.keylen = session->cipher_key.length;