Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 75622,
    "url": "http://patches.dpdk.org/api/patches/75622/?format=api",
    "web_url": "http://patches.dpdk.org/project/dpdk/patch/20200818121720.52090-3-roy.fan.zhang@intel.com/",
    "project": {
        "id": 1,
        "url": "http://patches.dpdk.org/api/projects/1/?format=api",
        "name": "DPDK",
        "link_name": "dpdk",
        "list_id": "dev.dpdk.org",
        "list_email": "dev@dpdk.org",
        "web_url": "http://core.dpdk.org",
        "scm_url": "git://dpdk.org/dpdk",
        "webscm_url": "http://git.dpdk.org/dpdk",
        "list_archive_url": "https://inbox.dpdk.org/dev",
        "list_archive_url_format": "https://inbox.dpdk.org/dev/{}",
        "commit_url_format": ""
    },
    "msgid": "<20200818121720.52090-3-roy.fan.zhang@intel.com>",
    "list_archive_url": "https://inbox.dpdk.org/dev/20200818121720.52090-3-roy.fan.zhang@intel.com",
    "date": "2020-08-18T12:17:20",
    "name": "[2/2] fips_validation: update GCM test",
    "commit_ref": null,
    "pull_url": null,
    "state": "superseded",
    "archived": true,
    "hash": "ddd25a336a8fcf57124b08854557c2d3cedfe900",
    "submitter": {
        "id": 304,
        "url": "http://patches.dpdk.org/api/people/304/?format=api",
        "name": "Fan Zhang",
        "email": "roy.fan.zhang@intel.com"
    },
    "delegate": {
        "id": 6690,
        "url": "http://patches.dpdk.org/api/users/6690/?format=api",
        "username": "akhil",
        "first_name": "akhil",
        "last_name": "goyal",
        "email": "gakhil@marvell.com"
    },
    "mbox": "http://patches.dpdk.org/project/dpdk/patch/20200818121720.52090-3-roy.fan.zhang@intel.com/mbox/",
    "series": [
        {
            "id": 11685,
            "url": "http://patches.dpdk.org/api/series/11685/?format=api",
            "web_url": "http://patches.dpdk.org/project/dpdk/list/?series=11685",
            "date": "2020-08-18T12:17:18",
            "name": "fips_validation: add SGL and GMAC support",
            "version": 1,
            "mbox": "http://patches.dpdk.org/series/11685/mbox/"
        }
    ],
    "comments": "http://patches.dpdk.org/api/patches/75622/comments/",
    "check": "fail",
    "checks": "http://patches.dpdk.org/api/patches/75622/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<dev-bounces@dpdk.org>",
        "X-Original-To": "patchwork@inbox.dpdk.org",
        "Delivered-To": "patchwork@inbox.dpdk.org",
        "Received": [
            "from dpdk.org (dpdk.org [92.243.14.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id C3F4BA034C;\n\tTue, 18 Aug 2020 14:17:45 +0200 (CEST)",
            "from [92.243.14.124] (localhost [127.0.0.1])\n\tby dpdk.org (Postfix) with ESMTP id 965AF1C039;\n\tTue, 18 Aug 2020 14:17:29 +0200 (CEST)",
            "from mga01.intel.com (mga01.intel.com [192.55.52.88])\n by dpdk.org (Postfix) with ESMTP id 87F451C002\n for <dev@dpdk.org>; Tue, 18 Aug 2020 14:17:27 +0200 (CEST)",
            "from fmsmga002.fm.intel.com ([10.253.24.26])\n by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;\n 18 Aug 2020 05:17:26 -0700",
            "from silpixa00398673.ir.intel.com (HELO\n silpixa00398673.ger.corp.intel.com) ([10.237.223.136])\n by fmsmga002.fm.intel.com with ESMTP; 18 Aug 2020 05:17:25 -0700"
        ],
        "IronPort-SDR": [
            "\n 3Bbkr9B0s2e76YtkGsLX6cDBwQ/izfqe/5iuW/LwdEX1OXyEz+r3grb1yPE2m0oEwLjwePhaqy\n AfyUmO6L0bRA==",
            "\n Oif0xCxLmct0i9K8156Vu+WY7NatjYzQQyhaFAKcwwtueeXec5y9AwXaJ/xu9xx7kmfN0pCi7I\n mJtc8FDZ9lNA=="
        ],
        "X-IronPort-AV": [
            "E=McAfee;i=\"6000,8403,9716\"; a=\"172937293\"",
            "E=Sophos;i=\"5.76,327,1592895600\"; d=\"scan'208\";a=\"172937293\"",
            "E=Sophos;i=\"5.76,327,1592895600\"; d=\"scan'208\";a=\"328951131\""
        ],
        "X-Amp-Result": "SKIPPED(no attachment in message)",
        "X-Amp-File-Uploaded": "False",
        "X-ExtLoop1": "1",
        "From": "Fan Zhang <roy.fan.zhang@intel.com>",
        "To": "dev@dpdk.org",
        "Cc": "akhil.goyal@nxp.com, Fan Zhang <roy.fan.zhang@intel.com>,\n Weqaar Janjua <Weqaar.A.Janjua@intel.com>",
        "Date": "Tue, 18 Aug 2020 13:17:20 +0100",
        "Message-Id": "<20200818121720.52090-3-roy.fan.zhang@intel.com>",
        "X-Mailer": "git-send-email 2.20.1",
        "In-Reply-To": "<20200818121720.52090-1-roy.fan.zhang@intel.com>",
        "References": "<20200818121720.52090-1-roy.fan.zhang@intel.com>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "Subject": "[dpdk-dev] [dpdk-dev 2/2] fips_validation: update GCM test",
        "X-BeenThere": "dev@dpdk.org",
        "X-Mailman-Version": "2.1.15",
        "Precedence": "list",
        "List-Id": "DPDK patches and discussions <dev.dpdk.org>",
        "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>",
        "List-Archive": "<http://mails.dpdk.org/archives/dev/>",
        "List-Post": "<mailto:dev@dpdk.org>",
        "List-Help": "<mailto:dev-request@dpdk.org?subject=help>",
        "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>",
        "Errors-To": "dev-bounces@dpdk.org",
        "Sender": "\"dev\" <dev-bounces@dpdk.org>"
    },
    "content": "This patch updates fips validation GCM test capabilities:\n\n- In NIST GCMVS spec GMAC test vectors are the GCM ones with\nplaintext length as 0 and uses AAD as input data. Originally\nfips_validation tests treats them both as GCM test vectors.\nThis patch introduce automatic test type recognition between\nthe two: when plaintext length is 0 the prepare_gmac_xform\nand prepare_auth_op functions are called, otherwise\nprepare_gcm_xform and prepare_aead_op functions are called.\n\n- NIST GCMVS also specified externally or internally IV\ngeneration. When IV is to be generated by IUT internally IUT\nshall store the generated IV in the response file. This patch\nalso adds the support to that.\n\nSigned-off-by: Fan Zhang <roy.fan.zhang@intel.com>\nSigned-off-by: Weqaar Janjua <Weqaar.A.Janjua@intel.com>\n---\n doc/guides/rel_notes/release_20_11.rst        |   5 +\n examples/fips_validation/fips_validation.h    |  29 ++++-\n .../fips_validation/fips_validation_gcm.c     | 118 ++++++++++++++++--\n examples/fips_validation/main.c               |  85 ++++++++++---\n 4 files changed, 203 insertions(+), 34 deletions(-)",
    "diff": "diff --git a/doc/guides/rel_notes/release_20_11.rst b/doc/guides/rel_notes/release_20_11.rst\nindex df227a177..081b5df8d 100644\n--- a/doc/guides/rel_notes/release_20_11.rst\n+++ b/doc/guides/rel_notes/release_20_11.rst\n@@ -55,6 +55,11 @@ New Features\n      Also, make sure to start the actual text at the margin.\n      =======================================================\n \n+     ** fips_validation enhancement.**\n+\n+     fips_vadation sample application is added SGL and NIST GCMVS complaint\n+     GMAC test method support.\n+\n \n Removed Items\n -------------\ndiff --git a/examples/fips_validation/fips_validation.h b/examples/fips_validation/fips_validation.h\nindex d48648467..b786e33d9 100644\n--- a/examples/fips_validation/fips_validation.h\n+++ b/examples/fips_validation/fips_validation.h\n@@ -12,7 +12,8 @@\n #define MAX_CASE_LINE\t\t15\n #define MAX_LINE_CHAR\t\t204800 /*< max number of characters per line */\n #define MAX_NB_TESTS\t\t10240\n-#define DEF_MBUF_SEG_SIZE\tUINT16_MAX\n+#define DEF_MBUF_SEG_SIZE\t(UINT16_MAX - sizeof(struct rte_mbuf) - \\\n+\t\t\t\tRTE_PKTMBUF_HEADROOM)\n #define MAX_STRING_SIZE\t\t64\n #define MAX_DIGEST_SIZE\t\t64\n \n@@ -154,6 +155,11 @@ struct sha_interim_data {\n \tenum rte_crypto_auth_algorithm algo;\n };\n \n+struct gcm_interim_data {\n+\tuint8_t is_gmac;\n+\tuint8_t gen_iv;\n+};\n+\n struct fips_test_interim_info {\n \tFILE *fp_rd;\n \tFILE *fp_wr;\n@@ -172,6 +178,7 @@ struct fips_test_interim_info {\n \t\tstruct tdes_interim_data tdes_data;\n \t\tstruct ccm_interim_data ccm_data;\n \t\tstruct sha_interim_data sha_data;\n+\t\tstruct gcm_interim_data gcm_data;\n \t} interim_info;\n \n \tenum fips_test_op op;\n@@ -257,4 +264,24 @@ parse_write_hex_str(struct fips_val *src);\n int\n update_info_vec(uint32_t count);\n \n+typedef int (*fips_test_one_case_t)(void);\n+typedef int (*fips_prepare_op_t)(void);\n+typedef int (*fips_prepare_xform_t)(struct rte_crypto_sym_xform *);\n+\n+struct fips_test_ops {\n+\tfips_prepare_xform_t prepare_xform;\n+\tfips_prepare_op_t prepare_op;\n+\tfips_test_one_case_t test;\n+};\n+\n+extern struct fips_test_ops test_ops;\n+\n+int prepare_aead_op(void);\n+\n+int prepare_auth_op(void);\n+\n+int prepare_gcm_xform(struct rte_crypto_sym_xform *xform);\n+\n+int prepare_gmac_xform(struct rte_crypto_sym_xform *xform);\n+\n #endif\ndiff --git a/examples/fips_validation/fips_validation_gcm.c b/examples/fips_validation/fips_validation_gcm.c\nindex 47576e9a3..df3caa267 100644\n--- a/examples/fips_validation/fips_validation_gcm.c\n+++ b/examples/fips_validation/fips_validation_gcm.c\n@@ -7,6 +7,7 @@\n #include <stdio.h>\n \n #include <rte_cryptodev.h>\n+#include <rte_malloc.h>\n \n #include \"fips_validation.h\"\n \n@@ -30,22 +31,93 @@\n \n #define OP_ENC_STR\t\"Encrypt\"\n #define OP_DEC_STR\t\"Decrypt\"\n+/* External/Internal IV generation, specified in file name, following NIST\n+ * GCMVS Section 6.1\n+ */\n+#define OP_ENC_EXT_STR\t\"ExtIV\"\n+#define OP_ENC_INT_STR\t\"IntIV\"\n \n #define NEG_TEST_STR\t\"FAIL\"\n \n+/**\n+ * GMAC is essentially zero length plaintext and uses AAD as input data.\n+ * NIST does not have GMAC specific test vector but using zero length \"PTlen\"\n+ * and uses AAD as input.\n+ **/\n+static int\n+parser_read_gcm_pt_len(const char *key, char *src,\n+\t\t__rte_unused struct fips_val *val)\n+{\n+\tint ret = parser_read_uint32_bit_val(key, src, &vec.pt);\n+\n+\tif (ret < 0)\n+\t\treturn ret;\n+\n+\tif (vec.pt.len == 0) {\n+\t\tinfo.interim_info.gcm_data.is_gmac = 1;\n+\t\ttest_ops.prepare_op = prepare_auth_op;\n+\t\ttest_ops.prepare_xform = prepare_gmac_xform;\n+\t} else {\n+\t\tinfo.interim_info.gcm_data.is_gmac = 0;\n+\t\ttest_ops.prepare_op = prepare_aead_op;\n+\t\ttest_ops.prepare_xform = prepare_gcm_xform;\n+\t}\n+\n+\treturn ret;\n+}\n+\n+static int\n+parse_gcm_aad_str(const char *key, char *src,\n+\t\t__rte_unused struct fips_val *val)\n+{\n+\t/* For GMAC test vector, AAD is treated as input */\n+\tif (info.interim_info.gcm_data.is_gmac) {\n+\t\tvec.pt.len = vec.aead.aad.len;\n+\t\treturn parse_uint8_known_len_hex_str(key, src, &vec.pt);\n+\t} else /* gcm */\n+\t\treturn parse_uint8_known_len_hex_str(key, src, &vec.aead.aad);\n+}\n+\n+static int\n+parse_gcm_pt_ct_str(const char *key, char *src, struct fips_val *val)\n+{\n+\t/* According to NIST GCMVS section 6.1, IUT should generate IV data */\n+\tif (info.interim_info.gcm_data.gen_iv && vec.iv.len) {\n+\t\tuint32_t i;\n+\n+\t\tif (!vec.iv.val) {\n+\t\t\tvec.iv.val = rte_malloc(0, vec.iv.len, 0);\n+\t\t\tif (!vec.iv.val)\n+\t\t\t\treturn -ENOMEM;\n+\t\t}\n+\n+\t\tfor (i = 0; i < vec.iv.len; i++) {\n+\t\t\tint random = rand();\n+\t\t\tvec.iv.val[i] = (uint8_t)random;\n+\t\t}\n+\t}\n+\n+\t/* if PTlen == 0, pt or ct will be handled by AAD later */\n+\tif (info.interim_info.gcm_data.is_gmac)\n+\t\treturn 0;\n+\n+\treturn parse_uint8_known_len_hex_str(key, src, val);\n+}\n+\n struct fips_test_callback gcm_dec_vectors[] = {\n \t\t{KEY_STR, parse_uint8_known_len_hex_str, &vec.aead.key},\n \t\t{IV_STR, parse_uint8_known_len_hex_str, &vec.iv},\n-\t\t{CT_STR, parse_uint8_known_len_hex_str, &vec.ct},\n-\t\t{AAD_STR, parse_uint8_known_len_hex_str, &vec.aead.aad},\n+\t\t{CT_STR, parse_gcm_pt_ct_str, &vec.ct},\n+\t\t{AAD_STR, parse_gcm_aad_str, &vec.aead.aad},\n \t\t{TAG_STR, parse_uint8_known_len_hex_str,\n \t\t\t\t&vec.aead.digest},\n \t\t{NULL, NULL, NULL} /**< end pointer */\n };\n+\n struct fips_test_callback gcm_interim_vectors[] = {\n \t\t{KEYLEN_STR, parser_read_uint32_bit_val, &vec.aead.key},\n \t\t{IVLEN_STR, parser_read_uint32_bit_val, &vec.iv},\n-\t\t{PTLEN_STR, parser_read_uint32_bit_val, &vec.pt},\n+\t\t{PTLEN_STR, parser_read_gcm_pt_len, &vec.pt},\n \t\t{PTLEN_STR, parser_read_uint32_bit_val, &vec.ct},\n \t\t/**< The NIST test vectors use 'PTlen' to denote input text\n \t\t *  length in case of decrypt & encrypt operations.\n@@ -59,8 +131,8 @@ struct fips_test_callback gcm_interim_vectors[] = {\n struct fips_test_callback gcm_enc_vectors[] = {\n \t\t{KEY_STR, parse_uint8_known_len_hex_str, &vec.aead.key},\n \t\t{IV_STR, parse_uint8_known_len_hex_str, &vec.iv},\n-\t\t{PT_STR, parse_uint8_known_len_hex_str, &vec.pt},\n-\t\t{AAD_STR, parse_uint8_known_len_hex_str, &vec.aead.aad},\n+\t\t{PT_STR, parse_gcm_pt_ct_str, &vec.pt},\n+\t\t{AAD_STR, parse_gcm_aad_str, &vec.aead.aad},\n \t\t{NULL, NULL, NULL} /**< end pointer */\n };\n \n@@ -70,12 +142,28 @@ parse_test_gcm_writeback(struct fips_val *val)\n \tstruct fips_val tmp_val;\n \n \tif (info.op == FIPS_TEST_ENC_AUTH_GEN) {\n+\t\t/* According to NIST GCMVS section 6.1, IUT should provide\n+\t\t * generate IV data\n+\t\t */\n+\t\tif (info.interim_info.gcm_data.gen_iv) {\n+\t\t\tfprintf(info.fp_wr, \"%s\", IV_STR);\n+\t\t\ttmp_val.val = vec.iv.val;\n+\t\t\ttmp_val.len = vec.iv.len;\n+\n+\t\t\tparse_write_hex_str(&tmp_val);\n+\t\t\trte_free(vec.iv.val);\n+\t\t\tvec.iv.val = NULL;\n+\t\t}\n+\n \t\tfprintf(info.fp_wr, \"%s\", CT_STR);\n \n-\t\ttmp_val.val = val->val;\n-\t\ttmp_val.len = vec.pt.len;\n+\t\tif (!info.interim_info.gcm_data.is_gmac) {\n+\t\t\ttmp_val.val = val->val;\n+\t\t\ttmp_val.len = vec.pt.len;\n \n-\t\tparse_write_hex_str(&tmp_val);\n+\t\t\tparse_write_hex_str(&tmp_val);\n+\t\t} else\n+\t\t\tfprintf(info.fp_wr, \"\\n\");\n \n \t\tfprintf(info.fp_wr, \"%s\", TAG_STR);\n \n@@ -86,11 +174,14 @@ parse_test_gcm_writeback(struct fips_val *val)\n \t} else {\n \t\tif (vec.status == RTE_CRYPTO_OP_STATUS_SUCCESS) {\n \t\t\tfprintf(info.fp_wr, \"%s\", PT_STR);\n+\t\t\tif (!info.interim_info.gcm_data.is_gmac) {\n+\t\t\t\tfprintf(info.fp_wr, \"%s\", PT_STR);\n+\t\t\t\ttmp_val.val = val->val;\n+\t\t\t\ttmp_val.len = vec.pt.len;\n \n-\t\t\ttmp_val.val = val->val;\n-\t\t\ttmp_val.len = vec.pt.len;\n-\n-\t\t\tparse_write_hex_str(&tmp_val);\n+\t\t\t\tparse_write_hex_str(&tmp_val);\n+\t\t\t} else\n+\t\t\t\tfprintf(info.fp_wr, \"\\n\");\n \t\t} else\n \t\t\tfprintf(info.fp_wr, \"%s\\n\", NEG_TEST_STR);\n \t}\n@@ -108,12 +199,13 @@ parse_test_gcm_init(void)\n \tfor (i = 0; i < info.nb_vec_lines; i++) {\n \t\tchar *line = info.vec[i];\n \n-\n \t\ttmp = strstr(line, OP_STR);\n \t\tif (tmp) {\n \t\t\tif (strstr(line, OP_ENC_STR)) {\n \t\t\t\tinfo.op = FIPS_TEST_ENC_AUTH_GEN;\n \t\t\t\tinfo.callbacks = gcm_enc_vectors;\n+\t\t\t\tif (strstr(info.file_name, OP_ENC_INT_STR))\n+\t\t\t\t\tinfo.interim_info.gcm_data.gen_iv = 1;\n \t\t\t} else if (strstr(line, OP_DEC_STR)) {\n \t\t\t\tinfo.op = FIPS_TEST_DEC_AUTH_VERIF;\n \t\t\t\tinfo.callbacks = gcm_dec_vectors;\ndiff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c\nindex b2660b0d7..aa94ced2b 100644\n--- a/examples/fips_validation/main.c\n+++ b/examples/fips_validation/main.c\n@@ -205,7 +205,7 @@ cryptodev_fips_validate_usage(const char *prgname)\n \t\t\"  --%s: REQUEST-FILE-PATH\\n\"\n \t\t\"  --%s: RESPONSE-FILE-PATH\\n\"\n \t\t\"  --%s: indicating both paths are folders\\n\"\n-\t\t\"  --%s: mbuf dataroom size (default %u bytes)\\n\"\n+\t\t\"  --%s: mbuf dataroom size (default %lu bytes)\\n\"\n \t\t\"  --%s: CRYPTODEV-NAME\\n\"\n \t\t\"  --%s: CRYPTODEV-ID-NAME\\n\"\n \t\t\"  --%s: self test indicator\\n\"\n@@ -476,15 +476,7 @@ main(int argc, char *argv[])\n #define IV_OFF (sizeof(struct rte_crypto_op) + sizeof(struct rte_crypto_sym_op))\n #define CRYPTODEV_FIPS_MAX_RETRIES\t16\n \n-typedef int (*fips_test_one_case_t)(void);\n-typedef int (*fips_prepare_op_t)(void);\n-typedef int (*fips_prepare_xform_t)(struct rte_crypto_sym_xform *);\n-\n-struct fips_test_ops {\n-\tfips_prepare_xform_t prepare_xform;\n-\tfips_prepare_op_t prepare_op;\n-\tfips_test_one_case_t test;\n-} test_ops;\n+struct fips_test_ops test_ops;\n \n static int\n prepare_data_mbufs(struct fips_val *val)\n@@ -608,7 +600,7 @@ prepare_cipher_op(void)\n \treturn 0;\n }\n \n-static int\n+int\n prepare_auth_op(void)\n {\n \tstruct rte_crypto_sym_op *sym = env.op->sym;\n@@ -616,6 +608,14 @@ prepare_auth_op(void)\n \n \t__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_SYMMETRIC);\n \n+\tif (vec.iv.len) {\n+\t\tuint8_t *iv = rte_crypto_op_ctod_offset(env.op, uint8_t *,\n+\t\t\t\tIV_OFF);\n+\t\tmemset(iv, 0, vec.iv.len);\n+\t\tif (vec.iv.val)\n+\t\t\tmemcpy(iv, vec.iv.val, vec.iv.len);\n+\t}\n+\n \tret = prepare_data_mbufs(&vec.pt);\n \tif (ret < 0)\n \t\treturn ret;\n@@ -646,7 +646,7 @@ prepare_auth_op(void)\n \treturn 0;\n }\n \n-static int\n+int\n prepare_aead_op(void)\n {\n \tstruct rte_crypto_sym_op *sym = env.op->sym;\n@@ -836,7 +836,7 @@ prepare_hmac_xform(struct rte_crypto_sym_xform *xform)\n \treturn 0;\n }\n \n-static int\n+int\n prepare_gcm_xform(struct rte_crypto_sym_xform *xform)\n {\n \tconst struct rte_cryptodev_symmetric_capability *cap;\n@@ -882,6 +882,47 @@ prepare_gcm_xform(struct rte_crypto_sym_xform *xform)\n \treturn 0;\n }\n \n+int\n+prepare_gmac_xform(struct rte_crypto_sym_xform *xform)\n+{\n+\tconst struct rte_cryptodev_symmetric_capability *cap;\n+\tstruct rte_cryptodev_sym_capability_idx cap_idx;\n+\tstruct rte_crypto_auth_xform *auth_xform = &xform->auth;\n+\n+\txform->type = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\n+\tauth_xform->algo = RTE_CRYPTO_AUTH_AES_GMAC;\n+\tauth_xform->op = (info.op == FIPS_TEST_ENC_AUTH_GEN) ?\n+\t\t\tRTE_CRYPTO_AUTH_OP_GENERATE :\n+\t\t\tRTE_CRYPTO_AUTH_OP_VERIFY;\n+\tauth_xform->iv.offset = IV_OFF;\n+\tauth_xform->iv.length = vec.iv.len;\n+\tauth_xform->digest_length = vec.aead.digest.len;\n+\tauth_xform->key.data = vec.aead.key.val;\n+\tauth_xform->key.length = vec.aead.key.len;\n+\n+\tcap_idx.algo.auth = auth_xform->algo;\n+\tcap_idx.type = RTE_CRYPTO_SYM_XFORM_AUTH;\n+\n+\tcap = rte_cryptodev_sym_capability_get(env.dev_id, &cap_idx);\n+\tif (!cap) {\n+\t\tRTE_LOG(ERR, USER1, \"Failed to get capability for cdev %u\\n\",\n+\t\t\t\tenv.dev_id);\n+\t\treturn -EINVAL;\n+\t}\n+\n+\tif (rte_cryptodev_sym_capability_check_auth(cap,\n+\t\t\tauth_xform->key.length,\n+\t\t\tauth_xform->digest_length, 0) != 0) {\n+\t\tRTE_LOG(ERR, USER1, \"PMD %s key length %u IV length %u\\n\",\n+\t\t\t\tinfo.device_name, auth_xform->key.length,\n+\t\t\t\tauth_xform->digest_length);\n+\t\treturn -EPERM;\n+\t}\n+\n+\treturn 0;\n+}\n+\n static int\n prepare_cmac_xform(struct rte_crypto_sym_xform *xform)\n {\n@@ -1045,7 +1086,8 @@ static int\n get_writeback_data(struct fips_val *val)\n {\n \tstruct rte_mbuf *m = env.mbuf;\n-\tuint16_t total_len = rte_pktmbuf_pkt_len(m) + env.digest_len, tlen;\n+\tuint16_t data_len = rte_pktmbuf_pkt_len(m);\n+\tuint16_t total_len = data_len + env.digest_len;\n \tuint8_t *src, *dst, *wb_data;\n \n \t/* in case val is reused for MCT test, try to free the buffer first */\n@@ -1056,22 +1098,25 @@ get_writeback_data(struct fips_val *val)\n \n \twb_data = dst = calloc(1, total_len);\n \tif (!dst) {\n-\t\tRTE_LOG(ERR, USER1, \"Not enough memory\\n\");\n+\t\tRTE_LOG(ERR, USER1, \"Error %i: Not enough memory\\n\", -ENOMEM);\n \t\treturn -ENOMEM;\n \t}\n \n-\ttlen = total_len;\n-\n-\twhile (m && tlen) {\n-\t\tuint16_t seg_len = RTE_MIN(rte_pktmbuf_data_len(m), tlen);\n+\twhile (m && data_len) {\n+\t\tuint16_t seg_len = RTE_MIN(rte_pktmbuf_data_len(m), data_len);\n \n \t\tsrc = rte_pktmbuf_mtod(m, uint8_t *);\n \t\tmemcpy(dst, src, seg_len);\n \t\tm = m->next;\n-\t\ttlen -= seg_len;\n+\t\tdata_len -= seg_len;\n \t\tdst += seg_len;\n \t}\n \n+\tif (data_len) {\n+\t\tRTE_LOG(ERR, USER1, \"Error -1: write back data\\n\");\n+\t\treturn -1;\n+\t}\n+\n \tif (env.digest)\n \t\tmemcpy(dst, env.digest, env.digest_len);\n \n",
    "prefixes": [
        "2/2"
    ]
}