[v2] crypto/qat: fix ecdsa session handling
Checks
Commit Message
Fixed a problem with setting the key in the session
in the ECDSA alghorithm.
Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC session")
Cc: stable@dpdk.org
Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
drivers/crypto/qat/qat_asym.c | 41 +++++++++++++++++++++++++++++++++--
1 file changed, 39 insertions(+), 2 deletions(-)
Comments
> Fixed a problem with setting the key in the session
> in the ECDSA alghorithm.
Please elaborate what is the problem and what is being done in the patch.
>
> Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC session")
> Cc: stable@dpdk.org
>
> Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> ---
> drivers/crypto/qat/qat_asym.c | 41 +++++++++++++++++++++++++++++++++--
> 1 file changed, 39 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
> index 9e97582e22..dfc52d1286 100644
> --- a/drivers/crypto/qat/qat_asym.c
> +++ b/drivers/crypto/qat/qat_asym.c
> @@ -1346,11 +1346,48 @@ session_set_rsa(struct qat_asym_session
> *qat_session,
> return ret;
> }
>
> -static void
> +static int
> session_set_ec(struct qat_asym_session *qat_session,
> struct rte_crypto_asym_xform *xform)
> {
> + uint8_t *pkey = xform->ec.pkey.data;
> + uint8_t *q_x = xform->ec.q.x.data;
> + uint8_t *q_y = xform->ec.q.y.data;
> +
> + qat_session->xform.ec.pkey.data =
> + rte_malloc(NULL, xform->ec.pkey.length, 0);
> + if (qat_session->xform.ec.pkey.length &&
> + qat_session->xform.ec.pkey.data == NULL)
> + return -ENOMEM;
> + qat_session->xform.ec.q.x.data = rte_malloc(NULL,
> + xform->ec.q.x.length, 0);
> + if (qat_session->xform.ec.q.x.length &&
> + qat_session->xform.ec.q.x.data == NULL) {
> + rte_free(qat_session->xform.ec.pkey.data);
> + return -ENOMEM;
> + }
> + qat_session->xform.ec.q.y.data = rte_malloc(NULL,
> + xform->ec.q.y.length, 0);
> + if (qat_session->xform.ec.q.y.length &&
> + qat_session->xform.ec.q.y.data == NULL) {
> + rte_free(qat_session->xform.ec.pkey.data);
> + rte_free(qat_session->xform.ec.q.x.data);
> + return -ENOMEM;
> + }
> +
> + rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
> + xform->ec.pkey.length);
> + qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
> + rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
> + xform->ec.q.x.length);
> + qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
> + rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
> + xform->ec.q.y.length);
Do you really need rte_memcpy?
memcpy is not enough?
> + qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
> qat_session->xform.ec.curve_id = xform->ec.curve_id;
> +
> + return 0;
> +
> }
>
> int
> @@ -1386,7 +1423,7 @@ qat_asym_session_configure(struct rte_cryptodev
> *dev __rte_unused,
> case RTE_CRYPTO_ASYM_XFORM_ECDSA:
> case RTE_CRYPTO_ASYM_XFORM_ECPM:
> case RTE_CRYPTO_ASYM_XFORM_ECDH:
> - session_set_ec(qat_session, xform);
> + ret = session_set_ec(qat_session, xform);
> break;
> case RTE_CRYPTO_ASYM_XFORM_SM2:
> break;
> --
> 2.34.1
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Wednesday, November 6, 2024 12:52 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: Dooley, Brian <brian.dooley@intel.com>; stable@dpdk.org
> Subject: RE: [EXTERNAL] [PATCH v2] crypto/qat: fix ecdsa session handling
>
> > Fixed a problem with setting the key in the session in the ECDSA
> > alghorithm.
>
> Please elaborate what is the problem and what is being done in the patch.
>
> >
> > Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC
> > session")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> > ---
> > drivers/crypto/qat/qat_asym.c | 41
> > +++++++++++++++++++++++++++++++++--
> > 1 file changed, 39 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/crypto/qat/qat_asym.c
> > b/drivers/crypto/qat/qat_asym.c index 9e97582e22..dfc52d1286 100644
> > --- a/drivers/crypto/qat/qat_asym.c
> > +++ b/drivers/crypto/qat/qat_asym.c
> > @@ -1346,11 +1346,48 @@ session_set_rsa(struct qat_asym_session
> > *qat_session,
> > return ret;
> > }
> >
> > -static void
> > +static int
> > session_set_ec(struct qat_asym_session *qat_session,
> > struct rte_crypto_asym_xform *xform) {
> > + uint8_t *pkey = xform->ec.pkey.data;
> > + uint8_t *q_x = xform->ec.q.x.data;
> > + uint8_t *q_y = xform->ec.q.y.data;
> > +
> > + qat_session->xform.ec.pkey.data =
> > + rte_malloc(NULL, xform->ec.pkey.length, 0);
> > + if (qat_session->xform.ec.pkey.length &&
> > + qat_session->xform.ec.pkey.data == NULL)
> > + return -ENOMEM;
> > + qat_session->xform.ec.q.x.data = rte_malloc(NULL,
> > + xform->ec.q.x.length, 0);
> > + if (qat_session->xform.ec.q.x.length &&
> > + qat_session->xform.ec.q.x.data == NULL) {
> > + rte_free(qat_session->xform.ec.pkey.data);
> > + return -ENOMEM;
> > + }
> > + qat_session->xform.ec.q.y.data = rte_malloc(NULL,
> > + xform->ec.q.y.length, 0);
> > + if (qat_session->xform.ec.q.y.length &&
> > + qat_session->xform.ec.q.y.data == NULL) {
> > + rte_free(qat_session->xform.ec.pkey.data);
> > + rte_free(qat_session->xform.ec.q.x.data);
> > + return -ENOMEM;
> > + }
> > +
> > + rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
> > + xform->ec.pkey.length);
> > + qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
> > + rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
> > + xform->ec.q.x.length);
> > + qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
> > + rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
> > + xform->ec.q.y.length);
>
> Do you really need rte_memcpy?
> memcpy is not enough?
This is a session, so yes, this can be a memcpy call.
I will change.
>
> > + qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
> > qat_session->xform.ec.curve_id = xform->ec.curve_id;
> > +
> > + return 0;
> > +
> > }
> >
> > int
> > @@ -1386,7 +1423,7 @@ qat_asym_session_configure(struct rte_cryptodev
> > *dev __rte_unused,
> > case RTE_CRYPTO_ASYM_XFORM_ECDSA:
> > case RTE_CRYPTO_ASYM_XFORM_ECPM:
> > case RTE_CRYPTO_ASYM_XFORM_ECDH:
> > - session_set_ec(qat_session, xform);
> > + ret = session_set_ec(qat_session, xform);
> > break;
> > case RTE_CRYPTO_ASYM_XFORM_SM2:
> > break;
> > --
> > 2.34.1
@@ -1346,11 +1346,48 @@ session_set_rsa(struct qat_asym_session *qat_session,
return ret;
}
-static void
+static int
session_set_ec(struct qat_asym_session *qat_session,
struct rte_crypto_asym_xform *xform)
{
+ uint8_t *pkey = xform->ec.pkey.data;
+ uint8_t *q_x = xform->ec.q.x.data;
+ uint8_t *q_y = xform->ec.q.y.data;
+
+ qat_session->xform.ec.pkey.data =
+ rte_malloc(NULL, xform->ec.pkey.length, 0);
+ if (qat_session->xform.ec.pkey.length &&
+ qat_session->xform.ec.pkey.data == NULL)
+ return -ENOMEM;
+ qat_session->xform.ec.q.x.data = rte_malloc(NULL,
+ xform->ec.q.x.length, 0);
+ if (qat_session->xform.ec.q.x.length &&
+ qat_session->xform.ec.q.x.data == NULL) {
+ rte_free(qat_session->xform.ec.pkey.data);
+ return -ENOMEM;
+ }
+ qat_session->xform.ec.q.y.data = rte_malloc(NULL,
+ xform->ec.q.y.length, 0);
+ if (qat_session->xform.ec.q.y.length &&
+ qat_session->xform.ec.q.y.data == NULL) {
+ rte_free(qat_session->xform.ec.pkey.data);
+ rte_free(qat_session->xform.ec.q.x.data);
+ return -ENOMEM;
+ }
+
+ rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
+ xform->ec.pkey.length);
+ qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
+ rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
+ xform->ec.q.x.length);
+ qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
+ rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
+ xform->ec.q.y.length);
+ qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
qat_session->xform.ec.curve_id = xform->ec.curve_id;
+
+ return 0;
+
}
int
@@ -1386,7 +1423,7 @@ qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
case RTE_CRYPTO_ASYM_XFORM_ECDSA:
case RTE_CRYPTO_ASYM_XFORM_ECPM:
case RTE_CRYPTO_ASYM_XFORM_ECDH:
- session_set_ec(qat_session, xform);
+ ret = session_set_ec(qat_session, xform);
break;
case RTE_CRYPTO_ASYM_XFORM_SM2:
break;