diff mbox series

[v2,2/4] crypto/ipsec_mb: fix ZUC authentication verify

Message ID	20220223160116.736804-3-pablo.de.lara.guarch@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Pablo de Lara <pablo.de.lara.guarch@intel.com> To: roy.fan.zhang@intel.com, gakhil@marvell.com Cc: dev@dpdk.org, Pablo de Lara <pablo.de.lara.guarch@intel.com>, stable@dpdk.org Subject: [PATCH v2 2/4] crypto/ipsec_mb: fix ZUC authentication verify Date: Wed, 23 Feb 2022 16:01:14 +0000 Message-Id: <20220223160116.736804-3-pablo.de.lara.guarch@intel.com> In-Reply-To: <20220223160116.736804-1-pablo.de.lara.guarch@intel.com> References: <20220218163443.3520756-1-pablo.de.lara.guarch@intel.com> <20220223160116.736804-1-pablo.de.lara.guarch@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: dev-bounces@dpdk.org
Series	ipsec_mb fixes for ZUC algorithm \| [v2,0/4] ipsec_mb fixes for ZUC algorithm [v2,1/4] crypto/ipsec_mb: check for missing operation types [v2,2/4] crypto/ipsec_mb: fix ZUC authentication verify [v2,3/4] crypto/ipsec_mb: fix crypto operation overwrite [v2,4/4] crypto/ipsec_mb: fix length and offset settings

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

De Lara Guarch, Pablo Feb. 23, 2022, 4:01 p.m. UTC

  ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.

Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: pablo.de.lara.guarch@intel.com
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/ipsec_mb/pmd_zuc.c      | 2 +-
 drivers/crypto/ipsec_mb/pmd_zuc_priv.h | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff mbox series

Patch

diff --git a/drivers/crypto/ipsec_mb/pmd_zuc.c b/drivers/crypto/ipsec_mb/pmd_zuc.c
index ec83d96dfc..07cf1462d2 100644
--- a/drivers/crypto/ipsec_mb/pmd_zuc.c
+++ b/drivers/crypto/ipsec_mb/pmd_zuc.c
@@ -166,7 +166,7 @@  process_zuc_hash_op(struct ipsec_mb_qp *qp, struct rte_crypto_op **ops,
 
 		hash_keys[i] = sess->pKey_hash;
 		if (sess->auth_op == RTE_CRYPTO_AUTH_OP_VERIFY)
-			dst[i] = (uint32_t *)qp_data->temp_digest;
+			dst[i] = (uint32_t *)qp_data->temp_digest[i];
 		else
 			dst[i] = (uint32_t *)ops[i]->sym->auth.digest.data;
 
diff --git a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
index 46d5bfae37..76fd6758c2 100644
--- a/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
+++ b/drivers/crypto/ipsec_mb/pmd_zuc_priv.h
@@ -75,7 +75,7 @@  struct zuc_session {
 
 struct zuc_qp_data {
 
-	uint8_t temp_digest[ZUC_DIGEST_LENGTH];
+	uint8_t temp_digest[ZUC_MAX_BURST][ZUC_DIGEST_LENGTH];
 	/* *< Buffers used to store the digest generated
 	 * by the driver when verifying a digest provided
 	 * by the user (using authentication verify operation)