From patchwork Thu Oct 20 11:14:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tejasree Kondoj <ktejasree@marvell.com>
X-Patchwork-Id: 118784
X-Patchwork-Delegate: gakhil@marvell.com
Return-Path: <dev-bounces@dpdk.org>
X-Original-To: patchwork@inbox.dpdk.org
Delivered-To: patchwork@inbox.dpdk.org
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 9E67BA0552;
	Thu, 20 Oct 2022 13:15:28 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A176042D5D;
	Thu, 20 Oct 2022 13:15:10 +0200 (CEST)
Received: from mx0b-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id AE65942D5D
 for <dev@dpdk.org>; Thu, 20 Oct 2022 13:15:08 +0200 (CEST)
Received: from pps.filterd (m0045849.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.17.1.5/8.17.1.5) with ESMTP id
 29K8KTLu021245
 for <dev@dpdk.org>; Thu, 20 Oct 2022 04:15:07 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;
 h=from : to : cc :
 subject : date : message-id : in-reply-to : references : mime-version :
 content-transfer-encoding : content-type; s=pfpt0220;
 bh=Q1FxSLIwrLrbG0xqGVCT3BwyHu4/TwbqjHpdj9dHIUE=;
 b=a1wtd0jydTpkJylqrA5XDHWplBqIBufRQ34DkTv1qwalFKj7mBoaHbML4D2nCnYvIaqW
 OEsmNOHMW61yt3gZ5o/YLz+//vWxEauKrS5+kbTjIM2JtHdkS+r2qsQhgB9WoB8WGm3u
 gLDh2VpyToODZt/KkCA+MsGqCCg3zmTuee8fLz1Eujnv+OOEzVUzjtbIyJkmCjYztHn+
 hWGcL3NlJ4cMBLoKHVJiJJxVOcH0VQjFAgd7RJ5hZBc47Kt+TG9zCPLfUIVjznhwJPd8
 oEAfcuTDDjQZQSpF+Ke53g3ljZV+S25dUq/hfQky8fhluJf8GdzvoODW/CrjL+XcS9Sv Ag==
Received: from dc5-exch02.marvell.com ([199.233.59.182])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 3kb2qx8jcx-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT)
 for <dev@dpdk.org>; Thu, 20 Oct 2022 04:15:07 -0700
Received: from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com
 (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.18;
 Thu, 20 Oct 2022 04:15:06 -0700
Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com
 (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend
 Transport; Thu, 20 Oct 2022 04:15:06 -0700
Received: from hyd1554.marvell.com (unknown [10.29.57.11])
 by maili.marvell.com (Postfix) with ESMTP id 5F35D3F707D;
 Thu, 20 Oct 2022 04:15:04 -0700 (PDT)
From: Tejasree Kondoj <ktejasree@marvell.com>
To: Akhil Goyal <gakhil@marvell.com>
CC: Anoob Joseph <anoobj@marvell.com>, Vidya Sagar Velumuri
 <vvelumuri@marvell.com>, <dev@dpdk.org>
Subject: [PATCH 12/13] crypto/cnxk: verify IV length during session create
Date: Thu, 20 Oct 2022 16:44:52 +0530
Message-ID: <20221020111453.1982947-6-ktejasree@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20221020111453.1982947-1-ktejasree@marvell.com>
References: <20221020111453.1982947-1-ktejasree@marvell.com>
MIME-Version: 1.0
X-Proofpoint-GUID: L1A6i6t8SaGFyPlzrTMvanZPa1NCZy3h
X-Proofpoint-ORIG-GUID: L1A6i6t8SaGFyPlzrTMvanZPa1NCZy3h
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.205,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1
 definitions=2022-10-20_03,2022-10-20_01,2022-06-22_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

From: Anoob Joseph <anoobj@marvell.com>

For Kasumi cipher operation, IV is a must. Verify the arg provided in
session creation and remove datapath check.

Coverity issue: 381020 381019
Fixes: 7a59ccc1b502 ("crypto/cnxk: remove extra indirection for FC and Kasumi")

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
---
 drivers/crypto/cnxk/cnxk_se.h | 44 ++++++++++++++---------------------
 1 file changed, 17 insertions(+), 27 deletions(-)

diff --git a/drivers/crypto/cnxk/cnxk_se.h b/drivers/crypto/cnxk/cnxk_se.h
index ac97b864b9..4675512bbc 100644
--- a/drivers/crypto/cnxk/cnxk_se.h
+++ b/drivers/crypto/cnxk/cnxk_se.h
@@ -1753,35 +1753,17 @@ cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 	auth_data_len = ROC_SE_AUTH_DLEN(d_lens);
 
 	se_ctx = params->ctx;
+	iv_s = params->iv_buf;
 	flags = se_ctx->zsk_flags;
 	mac_len = se_ctx->mac_len;
 
-	if (flags == 0x0)
-		iv_s = params->iv_buf;
-	else
-		iv_s = params->auth_iv_buf;
-
 	dir = iv_s[8] & 0x1;
 
-	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_KASUMI | ROC_SE_DMA_MODE;
-
-	/* indicates ECB/CBC, direction, ctx from cptr, iv from dptr */
-	cpt_inst_w4.s.opcode_minor = ((1 << 6) | (se_ctx->k_ecb << 5) |
-				      (dir << 4) | (0 << 3) | (flags & 0x7));
-
-	/*
-	 * GP op header, lengths are expected in bits.
-	 */
-	cpt_inst_w4.s.param1 = encr_data_len;
-	cpt_inst_w4.s.param2 = auth_data_len;
-
-	/* consider iv len */
 	if (flags == 0x0) {
+		/* Consider IV len */
 		encr_offset += iv_len;
 		auth_offset += iv_len;
-	}
 
-	if (flags == 0x0) {
 		inputlen = encr_offset + (RTE_ALIGN(encr_data_len, 8) / 8);
 		outputlen = inputlen;
 		/* iv offset is 0 */
@@ -1803,6 +1785,15 @@ cpt_kasumi_enc_prep(uint32_t req_flags, uint64_t d_offs, uint64_t d_lens,
 		}
 	}
 
+	cpt_inst_w4.s.opcode_major = ROC_SE_MAJOR_OP_KASUMI | ROC_SE_DMA_MODE;
+
+	/* Indicate ECB/CBC, direction, CTX from CPTR, IV from DPTR */
+	cpt_inst_w4.s.opcode_minor =
+		((1 << 6) | (se_ctx->k_ecb << 5) | (dir << 4) | (0 << 3) | (flags & 0x7));
+
+	cpt_inst_w4.s.param1 = encr_data_len;
+	cpt_inst_w4.s.param2 = auth_data_len;
+
 	inst->w4.u64 = cpt_inst_w4.u64;
 	if (is_sg_ver2)
 		sg2_inst_prep(params, inst, offset_ctrl, iv_s, iv_len, 0, 0, inputlen, outputlen, 0,
@@ -2017,6 +2008,8 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform, struct cnxk_se_sess *sess)
 	case RTE_CRYPTO_CIPHER_KASUMI_F8:
 		if (sess->chained_op)
 			return -ENOTSUP;
+		if (c_form->iv.length != 8)
+			return -EINVAL;
 		enc_type = ROC_SE_KASUMI_F8_ECB;
 		cipher_key_len = 16;
 		zsk_flag = ROC_SE_K_F8;
@@ -2433,15 +2426,12 @@ fill_fc_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 	fc_params.mac_buf.size = 0;
 	fc_params.mac_buf.vaddr = 0;
 
-	if (likely(sess->iv_length)) {
+	if (likely(is_kasumi || sess->iv_length)) {
 		flags |= ROC_SE_VALID_IV_BUF;
-		fc_params.iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *,
-							     sess->iv_offset);
+		fc_params.iv_buf = rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset);
 		if (!is_aead && sess->aes_ctr && unlikely(sess->iv_length != 16)) {
 			memcpy((uint8_t *)iv_buf,
-			       rte_crypto_op_ctod_offset(cop, uint8_t *,
-							 sess->iv_offset),
-			       12);
+			       rte_crypto_op_ctod_offset(cop, uint8_t *, sess->iv_offset), 12);
 			iv_buf[3] = rte_cpu_to_be_32(0x1);
 			fc_params.iv_buf = iv_buf;
 		}
@@ -3017,7 +3007,7 @@ fill_digest_params(struct rte_crypto_op *cop, struct cnxk_se_sess *sess,
 
 			/* Store it at end of auth iv */
 			iv_buf[8] = direction;
-			params.auth_iv_buf = iv_buf;
+			params.iv_buf = iv_buf;
 		}
 	}