Re: [dpdk-dev] [PATCH 05/11] crypto/ccp: add support for CPU based authentication

Mon, 11 Dec 2017 11:41:00 -0800 


> -----Original Message-----
> From: dev [mailto:dev-boun...@dpdk.org] On Behalf Of Ravi Kumar
> Sent: Thursday, November 30, 2017 1:12 PM
> To: dev@dpdk.org
> Subject: [dpdk-dev] [PATCH 05/11] crypto/ccp: add support for CPU based
> authentication

When enabling this, I got the following error:

In file included from build/include/rte_mempool.h:79:0,
                 from build/include/rte_mbuf.h:65,
                 from build/include/rte_cryptodev_pmd.h:51,
                 from drivers/crypto/ccp/ccp_crypto.c:46:
drivers/crypto/ccp/ccp_crypto.c: In function 'cpu_crypto_auth':
build/include/rte_memcpy.h:367:2: error: array subscript is above array bounds 
[-Werror=array-bounds]
  rte_mov32((uint8_t *)dst + 3 * 32, (const uint8_t *)src + 3 * 32);

Also, could you add a commit message in this and the other patches?
If the patch is simple enough, a commit message might not be necessary,
but for patches like this one, I think it is quite useful.

Also, I have an extra comment below.

Thanks,
Pablo

> 
> Signed-off-by: Ravi Kumar <ravi1.ku...@amd.com>

...

> a/drivers/crypto/ccp/ccp_crypto.c b/drivers/crypto/ccp/ccp_crypto.c index
> 4d71ec1..1833929 100644
> --- a/drivers/crypto/ccp/ccp_crypto.c
> +++ b/drivers/crypto/ccp/ccp_crypto.c

...
> +static int cpu_crypto_auth(struct rte_crypto_op *op, struct ccp_session
> *sess,
> +                        EVP_MD_CTX *ctx)
> +{
> +     uint8_t *src, *dst;
> +     int srclen, status;
> +     struct rte_mbuf *mbuf_src, *mbuf_dst;
> +     const EVP_MD *algo = NULL;
> +     EVP_PKEY *pkey;
> +
> +     algo_select(sess->auth.algo, &algo);
> +     pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, sess-
> >auth.key,
> +                                 sess->auth.key_length);
> +     mbuf_src = op->sym->m_src;
> +     mbuf_dst = op->sym->m_dst ? op->sym->m_dst : op->sym-
> >m_src;
> +     srclen = op->sym->auth.data.length;
> +     src = rte_pktmbuf_mtod_offset(mbuf_src, uint8_t *,
> +                                   op->sym->auth.data.offset);
> +
> +     if (sess->auth.op == CCP_AUTH_OP_VERIFY) {
> +             dst = (uint8_t *)rte_pktmbuf_append(mbuf_src,
> +                                                 sess->auth.digest_length);

There was a change in the previous release, that removed any append in the 
source mbuf,
to allocate memory for a temporary digest (like in this case). Instead, memory 
in the queue pair 
structure was reserved. This way, you won't have to worry about not having 
enough space in the mbuf.

Reply via email to