[dpdk-dev] crypto/aesni_mb: add missing digest length

Message ID 1485522968-211005-1-git-send-email-pablo.de.lara.guarch@intel.com
State Accepted, archived
Delegated to: Pablo de Lara Guarch
Headers show

Checks

Context Check Description
ci/Intel compilation success Compilation OK
ci/checkpatch success coding style OK

Commit Message

De Lara Guarch, Pablo Jan. 27, 2017, 1:16 p.m.
AESNI MB now supports authentication only operations,
but the array containing all the possible digest lengths
was not updated to reflect the new algorithm NULL_HASH,
causing an "Out-of-bounds access".

Coverity issue: 140977
Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation functionality")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 2 ++
 1 file changed, 2 insertions(+)

Comments

De Lara Guarch, Pablo Jan. 27, 2017, 1:15 p.m. | #1
> -----Original Message-----
> From: De Lara Guarch, Pablo
> Sent: Friday, January 27, 2017 1:16 PM
> To: adrien.mazarguil@6wind.com; Wu, Jingjing
> Cc: dev@dpdk.org; De Lara Guarch, Pablo
> Subject: [PATCH] crypto/aesni_mb: add missing digest length
> 
> AESNI MB now supports authentication only operations,
> but the array containing all the possible digest lengths
> was not updated to reflect the new algorithm NULL_HASH,
> causing an "Out-of-bounds access".
> 
> Coverity issue: 140977
> Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation
> functionality")
> 
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
>  drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> index 5f125b2..eb4b2ad 100644
> --- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> +++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
> @@ -88,6 +88,7 @@ static const unsigned
> auth_truncated_digest_byte_lengths[] = {
>  		[SHA_384]	= 24,
>  		[SHA_512]	= 32,
>  		[AES_XCBC]	= 12,
> +		[NULL_HASH]     = 0
>  };
> 
>  /**
> @@ -111,6 +112,7 @@ static const unsigned auth_digest_byte_lengths[] =
> {
>  		[SHA_384]	= 48,
>  		[SHA_512]	= 64,
>  		[AES_XCBC]	= 16,
> +		[NULL_HASH]     = 0
>  };
> 
>  /**
> --
> 2.7.4

Wrong maintainer, Sending to right one  now. Sorry about that.
Declan Doherty Jan. 31, 2017, 4:44 p.m. | #2
On 27/01/17 13:16, Pablo de Lara wrote:
> AESNI MB now supports authentication only operations,
> but the array containing all the possible digest lengths
> was not updated to reflect the new algorithm NULL_HASH,
> causing an "Out-of-bounds access".
>
> Coverity issue: 140977
> Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation functionality")
>
> Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> ---
....
>
Acked-by: Declan Doherty <declan.doherty@intel.com>
De Lara Guarch, Pablo Feb. 9, 2017, 10:19 p.m. | #3
> -----Original Message-----
> From: Doherty, Declan
> Sent: Tuesday, January 31, 2017 4:44 PM
> To: dev@dpdk.org
> Cc: De Lara Guarch, Pablo
> Subject: Re: [dpdk-dev] [PATCH] crypto/aesni_mb: add missing digest
> length
> 
> On 27/01/17 13:16, Pablo de Lara wrote:
> > AESNI MB now supports authentication only operations,
> > but the array containing all the possible digest lengths
> > was not updated to reflect the new algorithm NULL_HASH,
> > causing an "Out-of-bounds access".
> >
> > Coverity issue: 140977
> > Fixes: 8772c3f713e2 ("crypto/aesni_mb: add single operation
> functionality")
> >
> > Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
> > ---
> ....
> >
> Acked-by: Declan Doherty <declan.doherty@intel.com>

Applied to dpdk-next-crypto.

Pablo

Patch

diff --git a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
index 5f125b2..eb4b2ad 100644
--- a/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
+++ b/drivers/crypto/aesni_mb/rte_aesni_mb_pmd_private.h
@@ -88,6 +88,7 @@  static const unsigned auth_truncated_digest_byte_lengths[] = {
 		[SHA_384]	= 24,
 		[SHA_512]	= 32,
 		[AES_XCBC]	= 12,
+		[NULL_HASH]     = 0
 };
 
 /**
@@ -111,6 +112,7 @@  static const unsigned auth_digest_byte_lengths[] = {
 		[SHA_384]	= 48,
 		[SHA_512]	= 64,
 		[AES_XCBC]	= 16,
+		[NULL_HASH]     = 0
 };
 
 /**