From patchwork Wed Nov  6 10:54:25 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Fan Zhang <roy.fan.zhang@intel.com>
X-Patchwork-Id: 62530
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 70EE6A04A2;
	Wed,  6 Nov 2019 11:54:33 +0100 (CET)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id BEB301C08C;
	Wed,  6 Nov 2019 11:54:32 +0100 (CET)
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 by dpdk.org (Postfix) with ESMTP id 1F4711C07D;
 Wed,  6 Nov 2019 11:54:29 +0100 (CET)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 06 Nov 2019 02:54:29 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.68,274,1569308400"; d="scan'208";a="214207007"
Received: from silpixa00398673.ir.intel.com (HELO
 silpixa00398673.ger.corp.intel.com) ([10.237.223.136])
 by orsmga002.jf.intel.com with ESMTP; 06 Nov 2019 02:54:27 -0800
From: Fan Zhang <roy.fan.zhang@intel.com>
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com, Fan Zhang <roy.fan.zhang@intel.com>,
 marko.kovacevic@intel.com, stable@dpdk.org
Date: Wed,  6 Nov 2019 10:54:25 +0000
Message-Id: <20191106105425.1061-1-roy.fan.zhang@intel.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [dpdk-dev] [PATCH] fips_validation: fix auth verify
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Fixes: f64adb6714e0 ("examples/fips_validation: support HMAC parsing")
Cc: marko.kovacevic@intel.com
Cc: stable@dpdk.org

This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
---
 examples/fips_validation/main.c | 58 +++++++++------------------------
 1 file changed, 16 insertions(+), 42 deletions(-)

diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f8694ef96..9a2c8da61 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -512,6 +512,7 @@ static int
 prepare_auth_op(void)
 {
 	struct rte_crypto_sym_op *sym = env.op->sym;
+	uint8_t *pt;
 
 	__rte_crypto_op_reset(env.op, RTE_CRYPTO_OP_TYPE_SYMMETRIC);
 	rte_pktmbuf_reset(env.mbuf);
@@ -519,52 +520,25 @@ prepare_auth_op(void)
 	sym->m_src = env.mbuf;
 	sym->auth.data.offset = 0;
 
-	if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
-		uint8_t *pt;
-
-		if (vec.pt.len > RTE_MBUF_MAX_NB_SEGS) {
-			RTE_LOG(ERR, USER1, "PT len %u\n", vec.pt.len);
-			return -EPERM;
-		}
-
-		pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
-				vec.cipher_auth.digest.len);
-
-		if (!pt) {
-			RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-					-ENOMEM);
-			return -ENOMEM;
-		}
-
-		memcpy(pt, vec.pt.val, vec.pt.len);
-		sym->auth.data.length = vec.pt.len;
-		sym->auth.digest.data = pt + vec.pt.len;
-		sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
-				env.mbuf, vec.pt.len);
-
-	} else {
-		uint8_t *ct;
+	pt = (uint8_t *)rte_pktmbuf_append(env.mbuf, vec.pt.len +
+			vec.cipher_auth.digest.len);
 
-		if (vec.ct.len > RTE_MBUF_MAX_NB_SEGS) {
-			RTE_LOG(ERR, USER1, "CT len %u\n", vec.ct.len);
-			return -EPERM;
-		}
+	if (!pt) {
+		RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
+				-ENOMEM);
+		return -ENOMEM;
+	}
 
-		ct = (uint8_t *)rte_pktmbuf_append(env.mbuf,
-				vec.ct.len + vec.cipher_auth.digest.len);
+	sym->auth.data.length = vec.pt.len;
+	sym->auth.digest.data = pt + vec.pt.len;
+	sym->auth.digest.phys_addr = rte_pktmbuf_mtophys_offset(
+			env.mbuf, vec.pt.len);
 
-		if (!ct) {
-			RTE_LOG(ERR, USER1, "Error %i: MBUF too small\n",
-					-ENOMEM);
-			return -ENOMEM;
-		}
+	memcpy(pt, vec.pt.val, vec.pt.len);
 
-		memcpy(ct, vec.ct.val, vec.ct.len);
-		sym->auth.data.length = vec.ct.len;
-		sym->auth.digest.data = vec.cipher_auth.digest.val;
-		sym->auth.digest.phys_addr = rte_malloc_virt2iova(
-				sym->auth.digest.data);
-	}
+	if (info.op == FIPS_TEST_DEC_AUTH_VERIF)
+		memcpy(pt + vec.pt.len, vec.cipher_auth.digest.val,
+				vec.cipher_auth.digest.len);
 
 	rte_crypto_op_attach_sym_session(env.op, env.sess);