From mboxrd@z Thu Jan  1 00:00:00 1970
From: Fan Zhang <roy.fan.zhang@intel.com>
Subject: [PATCH] ipsec-secgw: fix AES-CTR block size in legacy
	mode
Date: Tue,  5 Mar 2019 14:40:41 +0000
Message-ID: <20190305144041.88771-1-roy.fan.zhang@intel.com>
Cc: akhil.goyal@nxp.com, roy.fan.zhang@intel.com, konstantin.ananyev@intel.com,
 stable@dpdk.org
To: dev@dpdk.org
Return-path: <dev-bounces@dpdk.org>
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch fixes the incorrect block size for AES-CTR in
legacy mode. Originally, wrong block size will cause
esp_inbound() drop AES-CTR encrypted packets if the payload
sizes not equal to multiple times of 16.

Fixes: 4470c22de2e1 ("examples/ipsec-secgw: add AES-CTR")
Cc: stable@dpdk.org

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
---
 examples/ipsec-secgw/sa.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 414fcd26c..93e3620bc 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -80,7 +80,7 @@ const struct supported_cipher_algo cipher_algos[] = {
 		.keyword = "aes-128-ctr",
 		.algo = RTE_CRYPTO_CIPHER_AES_CTR,
 		.iv_len = 8,
-		.block_size = 16, /* XXX AESNI MB limition, should be 4 */
+		.block_size = 4,
 		.key_len = 20
 	},
 	{
-- 
2.14.5