[v2] crypto/qat: fix ecdsa session handling

Message ID 20241104093048.20351-1-arkadiuszx.kusztal@intel.com (mailing list archive)
State Superseded, archived
Delegated to: akhil goyal
Headers
Series [v2] crypto/qat: fix ecdsa session handling |

Checks

Context Check Description
ci/checkpatch warning coding style issues
ci/loongarch-compilation success Compilation OK
ci/loongarch-unit-testing success Unit Testing PASS
ci/Intel-compilation success Compilation OK
ci/intel-Testing success Testing PASS
ci/intel-Functional success Functional PASS
ci/github-robot: build success github build: passed
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-marvell-Functional success Functional Testing PASS
ci/iol-broadcom-Performance success Performance Testing PASS
ci/iol-unit-amd64-testing success Testing PASS
ci/iol-unit-arm64-testing success Testing PASS
ci/iol-compile-arm64-testing success Testing PASS
ci/iol-compile-amd64-testing success Testing PASS
ci/iol-sample-apps-testing success Testing PASS

Commit Message

Kusztal, ArkadiuszX Nov. 4, 2024, 9:30 a.m. UTC
Fixed a problem with setting the key in the session
in the ECDSA alghorithm.

Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC session")
Cc: stable@dpdk.org

Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
---
 drivers/crypto/qat/qat_asym.c | 41 +++++++++++++++++++++++++++++++++--
 1 file changed, 39 insertions(+), 2 deletions(-)
  

Comments

Akhil Goyal Nov. 6, 2024, 11:51 a.m. UTC | #1
> Fixed a problem with setting the key in the session
> in the ECDSA alghorithm.

Please elaborate what is the problem and what is being done in the patch.

> 
> Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC session")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> ---
>  drivers/crypto/qat/qat_asym.c | 41 +++++++++++++++++++++++++++++++++--
>  1 file changed, 39 insertions(+), 2 deletions(-)
> 
> diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
> index 9e97582e22..dfc52d1286 100644
> --- a/drivers/crypto/qat/qat_asym.c
> +++ b/drivers/crypto/qat/qat_asym.c
> @@ -1346,11 +1346,48 @@ session_set_rsa(struct qat_asym_session
> *qat_session,
>  	return ret;
>  }
> 
> -static void
> +static int
>  session_set_ec(struct qat_asym_session *qat_session,
>  			struct rte_crypto_asym_xform *xform)
>  {
> +	uint8_t *pkey = xform->ec.pkey.data;
> +	uint8_t *q_x = xform->ec.q.x.data;
> +	uint8_t *q_y = xform->ec.q.y.data;
> +
> +	qat_session->xform.ec.pkey.data =
> +		rte_malloc(NULL, xform->ec.pkey.length, 0);
> +	if (qat_session->xform.ec.pkey.length &&
> +		qat_session->xform.ec.pkey.data == NULL)
> +		return -ENOMEM;
> +	qat_session->xform.ec.q.x.data = rte_malloc(NULL,
> +		xform->ec.q.x.length, 0);
> +	if (qat_session->xform.ec.q.x.length &&
> +		qat_session->xform.ec.q.x.data == NULL) {
> +		rte_free(qat_session->xform.ec.pkey.data);
> +		return -ENOMEM;
> +	}
> +	qat_session->xform.ec.q.y.data = rte_malloc(NULL,
> +		xform->ec.q.y.length, 0);
> +	if (qat_session->xform.ec.q.y.length &&
> +		qat_session->xform.ec.q.y.data == NULL) {
> +		rte_free(qat_session->xform.ec.pkey.data);
> +		rte_free(qat_session->xform.ec.q.x.data);
> +		return -ENOMEM;
> +	}
> +
> +	rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
> +		xform->ec.pkey.length);
> +	qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
> +	rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
> +		xform->ec.q.x.length);
> +	qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
> +	rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
> +		xform->ec.q.y.length);

Do you really need rte_memcpy?
memcpy is not enough?

> +	qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
>  	qat_session->xform.ec.curve_id = xform->ec.curve_id;
> +
> +	return 0;
> +
>  }
> 
>  int
> @@ -1386,7 +1423,7 @@ qat_asym_session_configure(struct rte_cryptodev
> *dev __rte_unused,
>  	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
>  	case RTE_CRYPTO_ASYM_XFORM_ECPM:
>  	case RTE_CRYPTO_ASYM_XFORM_ECDH:
> -		session_set_ec(qat_session, xform);
> +		ret = session_set_ec(qat_session, xform);
>  		break;
>  	case RTE_CRYPTO_ASYM_XFORM_SM2:
>  		break;
> --
> 2.34.1
  
Kusztal, ArkadiuszX Nov. 6, 2024, 2:44 p.m. UTC | #2
> -----Original Message-----
> From: Akhil Goyal <gakhil@marvell.com>
> Sent: Wednesday, November 6, 2024 12:52 PM
> To: Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; dev@dpdk.org
> Cc: Dooley, Brian <brian.dooley@intel.com>; stable@dpdk.org
> Subject: RE: [EXTERNAL] [PATCH v2] crypto/qat: fix ecdsa session handling
> 
> > Fixed a problem with setting the key in the session in the ECDSA
> > alghorithm.
> 
> Please elaborate what is the problem and what is being done in the patch.
> 
> >
> > Fixes: badc0c6f6d6a ("cryptodev: set private and public keys in EC
> > session")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
> > ---
> >  drivers/crypto/qat/qat_asym.c | 41
> > +++++++++++++++++++++++++++++++++--
> >  1 file changed, 39 insertions(+), 2 deletions(-)
> >
> > diff --git a/drivers/crypto/qat/qat_asym.c
> > b/drivers/crypto/qat/qat_asym.c index 9e97582e22..dfc52d1286 100644
> > --- a/drivers/crypto/qat/qat_asym.c
> > +++ b/drivers/crypto/qat/qat_asym.c
> > @@ -1346,11 +1346,48 @@ session_set_rsa(struct qat_asym_session
> > *qat_session,
> >  	return ret;
> >  }
> >
> > -static void
> > +static int
> >  session_set_ec(struct qat_asym_session *qat_session,
> >  			struct rte_crypto_asym_xform *xform)  {
> > +	uint8_t *pkey = xform->ec.pkey.data;
> > +	uint8_t *q_x = xform->ec.q.x.data;
> > +	uint8_t *q_y = xform->ec.q.y.data;
> > +
> > +	qat_session->xform.ec.pkey.data =
> > +		rte_malloc(NULL, xform->ec.pkey.length, 0);
> > +	if (qat_session->xform.ec.pkey.length &&
> > +		qat_session->xform.ec.pkey.data == NULL)
> > +		return -ENOMEM;
> > +	qat_session->xform.ec.q.x.data = rte_malloc(NULL,
> > +		xform->ec.q.x.length, 0);
> > +	if (qat_session->xform.ec.q.x.length &&
> > +		qat_session->xform.ec.q.x.data == NULL) {
> > +		rte_free(qat_session->xform.ec.pkey.data);
> > +		return -ENOMEM;
> > +	}
> > +	qat_session->xform.ec.q.y.data = rte_malloc(NULL,
> > +		xform->ec.q.y.length, 0);
> > +	if (qat_session->xform.ec.q.y.length &&
> > +		qat_session->xform.ec.q.y.data == NULL) {
> > +		rte_free(qat_session->xform.ec.pkey.data);
> > +		rte_free(qat_session->xform.ec.q.x.data);
> > +		return -ENOMEM;
> > +	}
> > +
> > +	rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
> > +		xform->ec.pkey.length);
> > +	qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
> > +	rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
> > +		xform->ec.q.x.length);
> > +	qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
> > +	rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
> > +		xform->ec.q.y.length);
> 
> Do you really need rte_memcpy?
> memcpy is not enough?

This is a session, so yes, this can be a memcpy call.
I will change.

> 
> > +	qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
> >  	qat_session->xform.ec.curve_id = xform->ec.curve_id;
> > +
> > +	return 0;
> > +
> >  }
> >
> >  int
> > @@ -1386,7 +1423,7 @@ qat_asym_session_configure(struct rte_cryptodev
> > *dev __rte_unused,
> >  	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
> >  	case RTE_CRYPTO_ASYM_XFORM_ECPM:
> >  	case RTE_CRYPTO_ASYM_XFORM_ECDH:
> > -		session_set_ec(qat_session, xform);
> > +		ret = session_set_ec(qat_session, xform);
> >  		break;
> >  	case RTE_CRYPTO_ASYM_XFORM_SM2:
> >  		break;
> > --
> > 2.34.1
  

Patch

diff --git a/drivers/crypto/qat/qat_asym.c b/drivers/crypto/qat/qat_asym.c
index 9e97582e22..dfc52d1286 100644
--- a/drivers/crypto/qat/qat_asym.c
+++ b/drivers/crypto/qat/qat_asym.c
@@ -1346,11 +1346,48 @@  session_set_rsa(struct qat_asym_session *qat_session,
 	return ret;
 }
 
-static void
+static int
 session_set_ec(struct qat_asym_session *qat_session,
 			struct rte_crypto_asym_xform *xform)
 {
+	uint8_t *pkey = xform->ec.pkey.data;
+	uint8_t *q_x = xform->ec.q.x.data;
+	uint8_t *q_y = xform->ec.q.y.data;
+
+	qat_session->xform.ec.pkey.data =
+		rte_malloc(NULL, xform->ec.pkey.length, 0);
+	if (qat_session->xform.ec.pkey.length &&
+		qat_session->xform.ec.pkey.data == NULL)
+		return -ENOMEM;
+	qat_session->xform.ec.q.x.data = rte_malloc(NULL,
+		xform->ec.q.x.length, 0);
+	if (qat_session->xform.ec.q.x.length &&
+		qat_session->xform.ec.q.x.data == NULL) {
+		rte_free(qat_session->xform.ec.pkey.data);
+		return -ENOMEM;
+	}
+	qat_session->xform.ec.q.y.data = rte_malloc(NULL,
+		xform->ec.q.y.length, 0);
+	if (qat_session->xform.ec.q.y.length &&
+		qat_session->xform.ec.q.y.data == NULL) {
+		rte_free(qat_session->xform.ec.pkey.data);
+		rte_free(qat_session->xform.ec.q.x.data);
+		return -ENOMEM;
+	}
+
+	rte_memcpy(qat_session->xform.ec.pkey.data, pkey,
+		xform->ec.pkey.length);
+	qat_session->xform.ec.pkey.length = xform->ec.pkey.length;
+	rte_memcpy(qat_session->xform.ec.q.x.data, q_x,
+		xform->ec.q.x.length);
+	qat_session->xform.ec.q.x.length = xform->ec.q.x.length;
+	rte_memcpy(qat_session->xform.ec.q.y.data, q_y,
+		xform->ec.q.y.length);
+	qat_session->xform.ec.q.y.length = xform->ec.q.y.length;
 	qat_session->xform.ec.curve_id = xform->ec.curve_id;
+
+	return 0;
+
 }
 
 int
@@ -1386,7 +1423,7 @@  qat_asym_session_configure(struct rte_cryptodev *dev __rte_unused,
 	case RTE_CRYPTO_ASYM_XFORM_ECDSA:
 	case RTE_CRYPTO_ASYM_XFORM_ECPM:
 	case RTE_CRYPTO_ASYM_XFORM_ECDH:
-		session_set_ec(qat_session, xform);
+		ret = session_set_ec(qat_session, xform);
 		break;
 	case RTE_CRYPTO_ASYM_XFORM_SM2:
 		break;