Re: [dpdk-dev] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case

From: Hemant Agrawal <hemant.agrawal@oss.nxp.com>
To: Akhil Goyal <gakhil@marvell.com>,
	Hemant Agrawal <hemant.agrawal@nxp.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Cc: "stable@dpdk.org" <stable@dpdk.org>
Subject: Re: [dpdk-dev] [EXT] [PATCH v2 01/11] crypto/dpaa2_sec: fix to check next null for auth only case
Date: Thu, 2 Sep 2021 19:18:29 +0530	[thread overview]
Message-ID: <b3779413-f320-e54e-d833-2101a1c506ee@oss.nxp.com> (raw)
In-Reply-To: <CO6PR18MB44845CBAB19FB65BE8750DD0D8CE9@CO6PR18MB4484.namprd18.prod.outlook.com>


On 9/2/2021 6:16 PM, Akhil Goyal wrote:
>> This patch fixes the issue to check for next pointer as
>> null in the integrity only case in pdcp-security context.
>>
>> Fixes: bef594ec5cc8 ("crypto/dpaa2_sec: support PDCP offload")
>> Cc: stable@dpdk.org
> This patch is not a fix and need not be backported, because integrity
> only case is not a valid case for PDCP before the introduction of short MAC.
> Since short MAC is supported here in this release only, this should be reworded
> as to support short MAC, integrity-only case is required to be supported for
> PDCP.
> And this patch should be part of the short MAC-I series and not this one.
Ok,
>> Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
>> ---
>>   drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 25 +++++++++++----------
>>   1 file changed, 13 insertions(+), 12 deletions(-)
>>
>> diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> index fe90d9d2d8..87a94b2c04 100644
>> --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
>> @@ -3095,7 +3095,7 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
>> *dev,
>>   	struct rte_security_pdcp_xform *pdcp_xform = &conf->pdcp;
>>   	struct rte_crypto_sym_xform *xform = conf->crypto_xform;
>>   	struct rte_crypto_auth_xform *auth_xform = NULL;
>> -	struct rte_crypto_cipher_xform *cipher_xform;
>> +	struct rte_crypto_cipher_xform *cipher_xform = NULL;
>>   	dpaa2_sec_session *session = (dpaa2_sec_session *)sess;
>>   	struct ctxt_priv *priv;
>>   	struct dpaa2_sec_dev_private *dev_priv = dev->data->dev_private;
>> @@ -3127,18 +3127,18 @@ dpaa2_sec_set_pdcp_session(struct
>> rte_cryptodev *dev,
>>   	flc = &priv->flc_desc[0].flc;
>>
>>   	/* find xfrm types */
>> -	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER && xform-
>>> next == NULL) {
>> -		cipher_xform = &xform->cipher;
>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&
>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
>> -		session->ext_params.aead_ctxt.auth_cipher_text = true;
>> +	if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
>>   		cipher_xform = &xform->cipher;
>> -		auth_xform = &xform->next->auth;
>> -	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&
>> -		   xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
>> -		session->ext_params.aead_ctxt.auth_cipher_text = false;
>> -		cipher_xform = &xform->next->cipher;
>> +		if (xform->next != NULL) {
>> +			session->ext_params.aead_ctxt.auth_cipher_text =
>> true;
>> +			auth_xform = &xform->next->auth;
>> +		}
>> +	} else if (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH) {
>>   		auth_xform = &xform->auth;
>> +		if (xform->next != NULL) {
>> +			session->ext_params.aead_ctxt.auth_cipher_text =
>> false;
>> +			cipher_xform = &xform->next->cipher;
>> +		}
>>   	} else {
>>   		DPAA2_SEC_ERR("Invalid crypto type");
>>   		return -EINVAL;
>> @@ -3177,7 +3177,8 @@ dpaa2_sec_set_pdcp_session(struct rte_cryptodev
>> *dev,
>>   	session->pdcp.hfn_threshold = pdcp_xform->hfn_threshold;
>>   	session->pdcp.hfn_ovd = pdcp_xform->hfn_ovrd;
>>   	/* hfv ovd offset location is stored in iv.offset value*/
>> -	session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
>> +	if (cipher_xform)
>> +		session->pdcp.hfn_ovd_offset = cipher_xform->iv.offset;
>>
>>   	cipherdata.key = (size_t)session->cipher_key.data;
>>   	cipherdata.keylen = session->cipher_key.length;
>> --
>> 2.17.1