RE: [RFC] eal_debug: do not use malloc in rte_dump_stack
> From: Stephen Hemminger [mailto:step...@networkplumber.org]
> Sent: Saturday, 29 January 2022 02.11
>
> The glibc backtrace_symbols() calls malloc which makes it
> dangerous to use rte_dump_stack() in a signal handler that
> is handling errors that maybe due to memory corruption.
Yes. We have experienced that problem with backtrace_symbols(); so as a
workaround, our failure signal handler dumps all other information first, and
calls backtrace_symbols() last, in case it crashes.
>
> Instead, use dladdr() to lookup up symbols incrementally.
I took a brief look at the dladdr() source code, and it looks good to me.
>
> The format of the messages is based on what X org server
> has been doing for many years. It changes from bottom up
> to top down order.
Good idea. Seems more logical.
>
> Bugzilla ID: 929
> Signed-off-by: Stephen Hemminger
> ---
> lib/eal/linux/eal_debug.c | 45 ---
> 1 file changed, 32 insertions(+), 13 deletions(-)
>
> diff --git a/lib/eal/linux/eal_debug.c b/lib/eal/linux/eal_debug.c
> index 64dab4e0da24..bf232f72f402 100644
> --- a/lib/eal/linux/eal_debug.c
> +++ b/lib/eal/linux/eal_debug.c
> @@ -4,6 +4,7 @@
>
> #ifdef RTE_BACKTRACE
> #include
> +#include
> #endif
> #include
> #include
> @@ -18,26 +19,44 @@
>
> #define BACKTRACE_SIZE 256
>
> -/* dump the stack of the calling core */
> +/* Dump the stack of the calling core
> + *
> + * Note: this requires some careful usage in order to
> + * stay safe in case where called from a signal
> + * handler and the malloc pool may be corrupted.
> + */
> void rte_dump_stack(void)
> {
> #ifdef RTE_BACKTRACE
> void *func[BACKTRACE_SIZE];
> - char **symb = NULL;
> - int size;
> + int i, size;
>
> size = backtrace(func, BACKTRACE_SIZE);
> - symb = backtrace_symbols(func, size);
> -
> - if (symb == NULL)
> - return;
>
> - while (size > 0) {
> - rte_log(RTE_LOG_ERR, RTE_LOGTYPE_EAL,
> - "%d: [%s]\n", size, symb[size - 1]);
> - size --;
> + for (i = 0; i < size; i++) {
> + void *pc = func[i];
> + const char *fname;
> + Dl_info info;
> +
> + if (dladdr(pc, &info) == 0) {
> + rte_log(RTE_LOG_ERR, RTE_LOGTYPE_EAL,
> + "%d: ?? [%p]\n", i, pc);
> + continue;
> + }
> +
> + fname = (info.dli_fname && *info.dli_fname) ?
> info.dli_fname : "(vdso)";
> + if (info.dli_saddr != NULL)
> + rte_log(RTE_LOG_ERR, RTE_LOGTYPE_EAL,
> + "%d: %s (%s+%#tx) [%p]\n",
> + i, fname, info.dli_sname,
> + (ptrdiff_t)((uintptr_t)pc -
> (uintptr_t)info.dli_saddr),
> + pc);
> + else
> + rte_log(RTE_LOG_ERR, RTE_LOGTYPE_EAL,
> + "%d: %s (%p+%#tx) [%p]\n",
> + i, fname, info.dli_fbase,
> + (ptrdiff_t)((uintptr_t)pc -
> (uintptr_t)info.dli_fbase),
> + pc);
> }
> -
> free(symb);
Probably something is lost in formatting here, but free(symb) must also be
removed.
> #endif /* RTE_BACKTRACE */
> }
> --
> 2.34.1
>
Great improvement, Stephen!
Acked-by: Morten Brørup
RE: [PATCH] vhost: fix data-plane access to released vq
Hi Maxime,
> -Original Message-
> From: Maxime Coquelin
> Sent: Thursday, January 27, 2022 6:47 PM
> To: Wang, YuanX ; Xia, Chenbo
>
> Cc: dev@dpdk.org; Hu, Jiayu ; Ding, Xuan
> ; Ma, WenwuX ; Ling,
> WeiX
> Subject: Re: [PATCH] vhost: fix data-plane access to released vq
>
> Hi,
>
> On 1/27/22 11:30, Wang, YuanX wrote:
> > Hi Maxime,
> >
> >> -Original Message-
> >> From: Maxime Coquelin
> >> Sent: Wednesday, January 26, 2022 10:03 PM
> >> To: Wang, YuanX ; Xia, Chenbo
> >>
> >> Cc: dev@dpdk.org; Hu, Jiayu ; Ding, Xuan
> >> ; Ma, WenwuX ; Ling,
> WeiX
> >>
> >> Subject: Re: [PATCH] vhost: fix data-plane access to released vq
> >>
> >> Hi Yuan,
> >>
> >> On 12/3/21 17:34, Yuan Wang wrote:
> >>> From: yuan wang
> >>>
> >>> When numa reallocation occurs, numa_realoc() on the control plane
> >>> will free the old vq. If rte_vhost_dequeue_burst() on the data plane
> >>> get the vq just before release, then it will access the released vq.
> >>> We need to put the
> >>> vq->access_lock into struct virtio_net to ensure that it
> >>> can prevents this situation.
> >>
> >>
> >> This patch is a fix, so the Fixes tag would be needed.
> >>
> >> But are you really facing this issue, or this is just based on code review?
> >
> > This issue is run-time checked with AddressSanitizer which can be turned
> on by:
> > meson configure -Db_sanitize=address
> >
> >>
> >> Currently NUMA reallocation is called whenever
> >> translate_ring_addresses() is called.
> >>
> >> translate_ring_addresses() is primarly called at device
> >> initialization, before the .new_device() callback is called. At that
> >> stage, there is no risk to performa NUMA reallocation as the
> >> application is not expected to use APIs requiring vq->access_lock
> acquisition.
> >>
> >> But I agree there are possibilities that numa_realloc() gets called
> >> while device is in running state. But even if that happened, I don't
> >> think it is possible that
> >> numa_realloc() ends-up reallocating the virtqueue on a different NUMA
> >> node (the vring should not have moved from a physical memory
> standpoint).
> >> And if even it happened, we should be safe because we ensure the VQ
> >> was not ready (so not usable by the
> >> application) before proceeding with reallocation:
> >
> > Here is a scenario where VQ ready has not been set:
> > 1. run the testpmd and then start the data plane process.
> > 2. run the front-end.
> > 3. new_device() gets called when the first two queues are ready, even if
> the later queues are not.
> > 4. when processing messages from the later queues, it may go to
> numa_realloc(), the ready flag has not been set and therefore can be
> reallocated.
>
> I will need a bit more details here.
For this scenario I used a QEMU as the front end and set up 8 queues with the
front and back ends in different NUMA.
>
> AFAICT, if the ready flag is not set for a given virtqueue, the virtqueue is
> not
> supposed to be exposed to the application. Is there a case where it happens?
> If so, the fix should consist in ensuring the application cannot use the
> virtqueue if it is not ready.
>
> Regards,
> Maxime
Thanks for the suggestion, I will look for more details on this.
Regards,
Yuan
>
> >
> > If all the queues are ready before call new_deivce(), this issue does not
> occur.
> > I think maybe it is another solution.
>
> No, that was the older behaviour but causes issues with vDPA.
> We cannot just revert to older behaviour.
>
> Thanks,
> Maxime
>
> > Thanks,
> > Yuan
> >
> >>
> >> static struct virtio_net*
> >> numa_realloc(struct virtio_net *dev, int index) {
> >>int node, dev_node;
> >>struct virtio_net *old_dev;
> >>struct vhost_virtqueue *vq;
> >>struct batch_copy_elem *bce;
> >>struct guest_page *gp;
> >>struct rte_vhost_memory *mem;
> >>size_t mem_size;
> >>int ret;
> >>
> >>old_dev = dev;
> >>vq = dev->virtqueue[index];
> >>
> >>/*
> >> * If VQ is ready, it is too late to reallocate, it certainly already
> >> * happened anyway on VHOST_USER_SET_VRING_ADRR.
> >> */
> >>if (vq->ready)
> >>return dev;
> >>
> >> So, if this is fixing a real issue, I would need more details on the
> >> issue in order to understand why vq->ready was not set when it should
> have been.
> >>
> >> On a side note, while trying to understand how you could face an
> >> issue, I noticed that translate_ring_addresses() may be called by
> >> vhost_user_iotlb_msg(). In that case, vq->access_lock is not held as
> >> this is the handler for VHOST_USER_IOTLB_MSG. We may want to protect
> >> translate_ring_addresses() calls with locking the VQ locks. I will
> >> post a fix for it.
> >>
> >>> Signed-off-by: Yuan Wang
> >>> ---
> >>>lib/vhost/vhost.c | 26 +-
> >>>lib/vhost/vhost.h | 4 +---
> >>>lib/vhost/vhost_user.c | 4 ++--
> >>>lib/vhost/virtio_net.c | 16
> >>>4 files changed, 24 insertions(+
[PATCH] crypto/ipsec_mb: fix null pointer dereference
Adjust memory check and use in a proper order to avoid
null pointer dereference.
Fixes: 918fd2f1466b ("crypto/ipsec_mb: move aesni_mb PMD")
Signed-off-by: Weiguo Li
---
drivers/crypto/ipsec_mb/ipsec_mb_private.h | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_private.h
b/drivers/crypto/ipsec_mb/ipsec_mb_private.h
index 866722d6f4..cae8f68988 100644
--- a/drivers/crypto/ipsec_mb/ipsec_mb_private.h
+++ b/drivers/crypto/ipsec_mb/ipsec_mb_private.h
@@ -191,12 +191,11 @@ ipsec_mb_parse_xform(const struct rte_crypto_sym_xform
*xform,
const struct rte_crypto_sym_xform **cipher_xform,
const struct rte_crypto_sym_xform **aead_xform)
{
- const struct rte_crypto_sym_xform *next = xform->next;
-
if (xform == NULL) {
*mode = IPSEC_MB_OP_NOT_SUPPORTED;
return -ENOTSUP;
}
+ const struct rte_crypto_sym_xform *next = xform->next;
if (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER) {
if (next == NULL) {
--
2.25.1
[PATCH v2 0/5] Add JSON vector set support to fips validation
Adds a very basic introduction to JSON vector sets in the fips validation example application. This patch set will only introduce the AES-GCM test using a JSON request file because the other algorithms need more information than what is given in the new JSON format. Brandon Lo (5): examples/fips_validation: add jansson dependency examples/fips_validation: add json info to header examples/fips_validation: add json parsing examples/fips_validation: allow json file as input examples/fips_validation: add json to gcm test examples/fips_validation/fips_validation.c| 90 - examples/fips_validation/fips_validation.h| 48 - .../fips_validation/fips_validation_gcm.c | 149 ++ examples/fips_validation/main.c | 190 +- examples/fips_validation/meson.build | 4 + 5 files changed, 471 insertions(+), 10 deletions(-) -- 2.25.1
[PATCH v2 1/5] examples/fips_validation: add jansson dependency
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo
---
examples/fips_validation/meson.build | 4
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build
b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ext_deps += jansson_dep
+endif
--
2.25.1
[PATCH v2 2/5] examples/fips_validation: add json info to header
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo
---
v2:
* fix type of prefix to suffix
examples/fips_validation/fips_validation.h | 48 --
1 file changed, 44 insertions(+), 4 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h
b/examples/fips_validation/fips_validation.h
index aaadf01ba8..8e2963faa3 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX"req"
-#define RSP_FILE_PERFIX"rsp"
-#define FAX_FILE_PERFIX"fax"
+#define REQ_FILE_SUFFIX"req"
+#define RSP_FILE_SUFFIX"rsp"
+#define FAX_FILE_SUFFIX"fax"
+#define JSON_FILE_SUFFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
--
2.25.1
[PATCH v2 3/5] examples/fips_validation: add json parsing
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo
---
v2:
* fix for loop initialization
examples/fips_validation/fips_validation.c | 90 +-
1 file changed, 87 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c
b/examples/fips_validation/fips_validation.c
index 52a7bf952d..6f83cb7fc4 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,12 +270,14 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_SUFFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_SUFFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_SUFFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_SUFFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char
*rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line
%d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,8 @@ fips_test_init(const char *req_file_path, const char
*rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -429,6 +448,71 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set,
"algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM")) info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ json_t *param =
json_object_get(json_info.json_test_group, info.interim_callbacks[i].key);
+ json_int_t val = json_integer_value(param);
+ sprintf(json_value, "%lld", val);
+ /* First argument is blank because the key
+ is not included in the string being parsed. */
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ json_t *param = json_object_get(json_info.json_test_case,
info.callbacks[i].key);
+ if (param) {
+ const char *json_string = json_string_value(param);
+ strcpy(info.one_line_text, json_string);
+ /* First argument is blank because the key
+ is not included in the string being parsed. */
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_JANSSON */
+
static int
parser_read_uint64_hex(uint64_t *value, const char *p)
{
--
2.25.1
[PATCH v2 4/5] examples/fips_validation: allow json file as input
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo
---
v2:
* remove use_json variable
examples/fips_validation/main.c | 190 +++-
1 file changed, 187 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index dc40bffe7d..2f82c7a541 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
@@ -169,6 +173,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -428,8 +437,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -484,7 +502,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test
%s\n",
ret, req_path);
@@ -1226,7 +1254,7 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON) fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
@@ -1245,6 +1273,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1260,7 +1289,7 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON) fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1856,3 +1885,158 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if (ret == 0)
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ case 1:
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json_info.json_write_group, "tgId",
+ json_object_get
[PATCH v2 5/5] examples/fips_validation: add json to gcm test
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo
---
.../fips_validation/fips_validation_gcm.c | 149 ++
1 file changed, 149 insertions(+)
diff --git a/examples/fips_validation/fips_validation_gcm.c
b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..4df20370b6 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include
#include
+#ifdef RTE_HAS_JANSSON
+#include
+#endif /* RTE_HAS_JANSSON */
+
#include
#include
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR"keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR"payloadLen"
+#define AADLEN_JSON_STR"aadLen"
+#define TAGLEN_JSON_STR"tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR"iv"
+#define PT_JSON_STR"pt"
+#define CT_JSON_STR"ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR"encrypt"
+#define OP_DEC_JSON_STR"decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR"external"
+#define OP_ENC_INT_JSON_STR"internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote
input text
+* length in case of decrypt & encrypt operations.
+*/
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -188,12 +247,102 @@ parse_test_gcm_writeback(struct fips_val *val)
return 0;
}
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case,
IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, TAG_JSON_STR,
tag)
[PATCH] vdpa/sfc: fix null pointer dereference
When sva is null, sfc_vdpa_info(sva, ...) will cause a null
dereference. Use SFC_VDPA_GENERIC_LOG() to avoid that.
See macros sfc_vdpa_info and SFC_VDPA_GENERIC_LOG
defined in drivers/vdpa/sfc/sfc_vdpa_log.h for detail.
Fixes: 5e7596ba7cb3 ("vdpa/sfc: introduce Xilinx vDPA driver")
Signed-off-by: Weiguo Li
---
drivers/vdpa/sfc/sfc_vdpa.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/vdpa/sfc/sfc_vdpa.c b/drivers/vdpa/sfc/sfc_vdpa.c
index fccdd8c687..53f598facc 100644
--- a/drivers/vdpa/sfc/sfc_vdpa.c
+++ b/drivers/vdpa/sfc/sfc_vdpa.c
@@ -328,7 +328,8 @@ sfc_vdpa_pci_remove(struct rte_pci_device *pci_dev)
sva = sfc_vdpa_get_adapter_by_dev(pci_dev);
if (sva == NULL) {
- sfc_vdpa_info(sva, "invalid device: %s", pci_dev->name);
+ SFC_VDPA_GENERIC_LOG(INFO,
+ "Invalid device: %s.", pci_dev->name);
return -1;
}
--
2.25.1
[PATCH] vdpa/sfc: fix null dereference
Fixes: b11961363b4a ("vdpa/sfc: support device configure and close")
Signed-off-by: Weiguo Li
---
drivers/vdpa/sfc/sfc_vdpa_ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/vdpa/sfc/sfc_vdpa_ops.c b/drivers/vdpa/sfc/sfc_vdpa_ops.c
index c4ce4474ef..183834189c 100644
--- a/drivers/vdpa/sfc/sfc_vdpa_ops.c
+++ b/drivers/vdpa/sfc/sfc_vdpa_ops.c
@@ -666,7 +666,7 @@ sfc_vdpa_dev_close(int vid)
ops_data = sfc_vdpa_get_data_by_dev(vdpa_dev);
if (ops_data == NULL) {
- sfc_vdpa_err(ops_data->dev_handle,
+ SFC_VDPA_GENERIC_LOG(ERR,
"invalid vDPA device : %p, vid : %d",
vdpa_dev, vid);
return -1;
--
2.25.1
[PATCH v3 0/5] Add JSON vector set support to fips validation
Adds a very basic introduction to JSON vector sets in the fips validation example application. This patch set will only introduce the AES-GCM test using a JSON request file because the other algorithms need more information than what is given in the new JSON format. Brandon Lo (5): examples/fips_validation: add jansson dependency examples/fips_validation: add json info to header examples/fips_validation: add json parsing examples/fips_validation: allow json file as input examples/fips_validation: add json to gcm test examples/fips_validation/fips_validation.c| 96 - examples/fips_validation/fips_validation.h| 48 - .../fips_validation/fips_validation_gcm.c | 150 ++ examples/fips_validation/main.c | 195 +- examples/fips_validation/meson.build | 4 + 5 files changed, 483 insertions(+), 10 deletions(-) -- 2.25.1
[PATCH v3 1/5] examples/fips_validation: add jansson dependency
Added a check for RTE_HAS_JANSSON into the meson
configuration file for JSON support.
Signed-off-by: Brandon Lo
---
examples/fips_validation/meson.build | 4
1 file changed, 4 insertions(+)
diff --git a/examples/fips_validation/meson.build
b/examples/fips_validation/meson.build
index 7eef456318..8cd63066b5 100644
--- a/examples/fips_validation/meson.build
+++ b/examples/fips_validation/meson.build
@@ -21,3 +21,7 @@ sources = files(
'fips_dev_self_test.c',
'main.c',
)
+
+if dpdk_conf.has('RTE_HAS_JANSSON')
+ext_deps += jansson_dep
+endif
--
2.25.1
[PATCH v3 2/5] examples/fips_validation: add json info to header
Added json-specific functions and other information needed to
test the new FIPS test vectors.
Signed-off-by: Brandon Lo
---
v2:
* fix type of prefix to suffix
examples/fips_validation/fips_validation.h | 48 --
1 file changed, 44 insertions(+), 4 deletions(-)
diff --git a/examples/fips_validation/fips_validation.h
b/examples/fips_validation/fips_validation.h
index aaadf01ba8..8e2963faa3 100644
--- a/examples/fips_validation/fips_validation.h
+++ b/examples/fips_validation/fips_validation.h
@@ -5,6 +5,10 @@
#ifndef _FIPS_VALIDATION_H_
#define _FIPS_VALIDATION_H_
+#ifdef RTE_HAS_JANSSON
+#include
+#endif /* RTE_HAS_JANSSON */
+
#define FIPS_PARSE_ERR(fmt, args) \
RTE_LOG(ERR, USER1, "FIPS parse error" ## fmt ## "\n", ## args)
@@ -21,9 +25,12 @@
#define POSITIVE_TEST 0
#define NEGATIVE_TEST -1
-#define REQ_FILE_PERFIX"req"
-#define RSP_FILE_PERFIX"rsp"
-#define FAX_FILE_PERFIX"fax"
+#define REQ_FILE_SUFFIX"req"
+#define RSP_FILE_SUFFIX"rsp"
+#define FAX_FILE_SUFFIX"fax"
+#define JSON_FILE_SUFFIX "json"
+
+#define ACVVERSION "1.0"
enum fips_test_algorithms {
FIPS_TEST_ALGO_AES = 0,
@@ -40,7 +47,8 @@ enum fips_test_algorithms {
enum file_types {
FIPS_TYPE_REQ = 1,
FIPS_TYPE_FAX,
- FIPS_TYPE_RSP
+ FIPS_TYPE_RSP,
+ FIPS_TYPE_JSON,
};
enum fips_test_op {
@@ -161,6 +169,23 @@ struct gcm_interim_data {
uint8_t gen_iv;
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info {
+ /* Information used for reading from json */
+ json_t *json_root;
+ json_t *json_vector_set;
+ json_t *json_test_group;
+ json_t *json_test_case;
+ /* Location of json write output */
+ json_t *json_write_root;
+ json_t *json_write_group;
+ json_t *json_write_set;
+ json_t *json_write_case;
+ /* Other info */
+ uint8_t is_sample;
+};
+#endif /* RTE_HAS_JANSSON */
+
struct fips_test_interim_info {
FILE *fp_rd;
FILE *fp_wr;
@@ -196,6 +221,10 @@ struct fips_test_interim_info {
extern struct fips_test_vector vec;
extern struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+extern struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
int
fips_test_init(const char *req_file_path, const char *rsp_file_path,
const char *device_name);
@@ -212,6 +241,17 @@ fips_test_parse_one_case(void);
void
fips_test_write_one_case(void);
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void);
+
+int
+fips_test_parse_one_json_group(void);
+
+int
+fips_test_parse_one_json_case(void);
+#endif /* RTE_HAS_JANSSON */
+
int
parse_test_aes_init(void);
--
2.25.1
[PATCH v3 3/5] examples/fips_validation: add json parsing
Added functions to parse the required information from a vector set
given in the new json format.
Signed-off-by: Brandon Lo
---
v3:
* fix checkpatch warnings
v2:
* fix for loop initialization
examples/fips_validation/fips_validation.c | 96 +-
1 file changed, 93 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/fips_validation.c
b/examples/fips_validation/fips_validation.c
index 52a7bf952d..198cdb5688 100644
--- a/examples/fips_validation/fips_validation.c
+++ b/examples/fips_validation/fips_validation.c
@@ -270,12 +270,14 @@ parse_file_type(const char *path)
{
const char *tmp = path + strlen(path) - 3;
- if (strstr(tmp, REQ_FILE_PERFIX))
+ if (strstr(tmp, REQ_FILE_SUFFIX))
info.file_type = FIPS_TYPE_REQ;
- else if (strstr(tmp, RSP_FILE_PERFIX))
+ else if (strstr(tmp, RSP_FILE_SUFFIX))
info.file_type = FIPS_TYPE_RSP;
- else if (strstr(path, FAX_FILE_PERFIX))
+ else if (strstr(path, FAX_FILE_SUFFIX))
info.file_type = FIPS_TYPE_FAX;
+ else if (strstr(path, JSON_FILE_SUFFIX))
+ info.file_type = FIPS_TYPE_JSON;
else
return -EINVAL;
@@ -311,6 +313,21 @@ fips_test_init(const char *req_file_path, const char
*rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON) {
+#ifdef RTE_HAS_JANSSON
+ json_error_t error;
+ json_info.json_root = json_loadf(info.fp_rd, 0, &error);
+ if (!json_info.json_root) {
+ RTE_LOG(ERR, USER1, "Cannot parse json file %s (line
%d, column %d)\n",
+ req_file_path, error.line, error.column);
+ return -EINVAL;
+ }
+#else /* RTE_HAS_JANSSON */
+ RTE_LOG(ERR, USER1, "No json library configured.\n");
+ return -EINVAL;
+#endif /* RTE_HAS_JANSSON */
+ }
+
info.fp_wr = fopen(rsp_file_path, "w");
if (!info.fp_wr) {
RTE_LOG(ERR, USER1, "Cannot open file %s\n", rsp_file_path);
@@ -329,6 +346,9 @@ fips_test_init(const char *req_file_path, const char
*rsp_file_path,
return -EINVAL;
}
+ if (info.file_type == FIPS_TYPE_JSON)
+ return 0;
+
if (fips_test_parse_header() < 0) {
RTE_LOG(ERR, USER1, "Failed parsing header\n");
return -1;
@@ -429,6 +449,76 @@ fips_test_write_one_case(void)
fprintf(info.fp_wr, "%s\n", info.vec[i]);
}
+#ifdef RTE_HAS_JANSSON
+int
+fips_test_parse_one_json_vector_set(void)
+{
+ json_t *algo_obj = json_object_get(json_info.json_vector_set,
"algorithm");
+ const char *algo_str = json_string_value(algo_obj);
+
+ /* Vector sets contain the algorithm type, and nothing else we need. */
+ if (strstr(algo_str, "AES-GCM"))
+ info.algo = FIPS_TEST_ALGO_AES_GCM;
+ else
+ return -EINVAL;
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_group(void)
+{
+ int ret, i;
+
+ if (info.interim_callbacks) {
+ char json_value[256];
+ for (i = 0; info.interim_callbacks[i].key != NULL; i++) {
+ json_t *param =
json_object_get(json_info.json_test_group,
+ info.interim_callbacks[i].key);
+ json_int_t val = json_integer_value(param);
+ snprintf(json_value, 255, "%"JSON_INTEGER_FORMAT, val);
+ /* First argument is blank because the key
+* is not included in the string being parsed.
+*/
+ ret = info.interim_callbacks[i].cb(
+ "", json_value,
+ info.interim_callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+
+int
+fips_test_parse_one_json_case(void)
+{
+ uint32_t i;
+ int ret = 0;
+
+ for (i = 0; info.callbacks[i].key != NULL; i++) {
+ json_t *param = json_object_get(json_info.json_test_case,
info.callbacks[i].key);
+ if (param) {
+ const char *json_string = json_string_value(param);
+ strcpy(info.one_line_text, json_string);
+ /* First argument is blank because the key
+* is not included in the string being parsed.
+*/
+ ret = info.callbacks[i].cb(
+ "", info.one_line_text,
+ info.callbacks[i].val
+ );
+ if (ret < 0)
+ return ret;
+ }
+ }
+
+ return 0;
+}
+#endif /* RTE_HAS_
[PATCH v3 4/5] examples/fips_validation: allow json file as input
Added the ability to use the json format as the input
and output of the example application.
Signed-off-by: Brandon Lo
---
v3:
* fix checkpatch warnings
v2:
* remove use_json variable
examples/fips_validation/main.c | 195 +++-
1 file changed, 192 insertions(+), 3 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index dc40bffe7d..6a6794fab1 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -39,6 +39,10 @@ enum {
struct fips_test_vector vec;
struct fips_test_interim_info info;
+#ifdef RTE_HAS_JANSSON
+struct fips_test_json_info json_info;
+#endif /* RTE_HAS_JANSSON */
+
struct cryptodev_fips_validate_env {
const char *req_path;
const char *rsp_path;
@@ -169,6 +173,11 @@ cryptodev_fips_validate_app_uninit(void)
static int
fips_test_one_file(void);
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_one_json_file(void);
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_cryptodev_arg(char *arg)
{
@@ -428,8 +437,17 @@ main(int argc, char *argv[])
goto exit;
}
-
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test %s\n",
ret, env.req_path);
@@ -484,7 +502,17 @@ main(int argc, char *argv[])
break;
}
+#ifdef RTE_HAS_JANSSON
+ if (info.file_type == FIPS_TYPE_JSON) {
+ ret = fips_test_one_json_file();
+ json_decref(json_info.json_root);
+ } else {
+ ret = fips_test_one_file();
+ }
+#else /* RTE_HAS_JANSSON */
ret = fips_test_one_file();
+#endif /* RTE_HAS_JANSSON */
+
if (ret < 0) {
RTE_LOG(ERR, USER1, "Error %i: Failed test
%s\n",
ret, req_path);
@@ -1226,7 +1254,8 @@ fips_generic_test(void)
struct fips_val val = {NULL, 0};
int ret;
- fips_test_write_one_case();
+ if (info.file_type != FIPS_TYPE_JSON)
+ fips_test_write_one_case();
ret = fips_run_test();
if (ret < 0) {
@@ -1245,6 +1274,7 @@ fips_generic_test(void)
switch (info.file_type) {
case FIPS_TYPE_REQ:
case FIPS_TYPE_RSP:
+ case FIPS_TYPE_JSON:
if (info.parse_writeback == NULL)
return -EPERM;
ret = info.parse_writeback(&val);
@@ -1260,7 +1290,8 @@ fips_generic_test(void)
break;
}
- fprintf(info.fp_wr, "\n");
+ if (info.file_type != FIPS_TYPE_JSON)
+ fprintf(info.fp_wr, "\n");
free(val.val);
return 0;
@@ -1856,3 +1887,161 @@ fips_test_one_file(void)
return ret;
}
+
+#ifdef RTE_HAS_JANSSON
+static int
+fips_test_json_init_writeback(void)
+{
+ json_t *session_info, *session_write;
+ session_info = json_array_get(json_info.json_root, 0);
+ session_write = json_object();
+ json_info.json_write_root = json_array();
+
+ json_object_set(session_write, "jwt",
+ json_object_get(session_info, "jwt"));
+ json_object_set(session_write, "url",
+ json_object_get(session_info, "url"));
+ json_object_set(session_write, "isSample",
+ json_object_get(session_info, "isSample"));
+
+ json_info.is_sample = json_boolean_value(
+ json_object_get(session_info, "isSample"));
+
+ json_array_append_new(json_info.json_write_root, session_write);
+ return 0;
+}
+
+static int
+fips_test_one_test_case(void)
+{
+ int ret;
+
+ ret = fips_test_parse_one_json_case();
+
+ switch (ret) {
+ case 0:
+ ret = test_ops.test();
+ if (ret == 0)
+ break;
+ RTE_LOG(ERR, USER1, "Error %i: test block\n",
+ ret);
+ break;
+ case 1:
+ break;
+ default:
+ RTE_LOG(ERR, USER1, "Error %i: Parse block\n",
+ ret);
+ }
+ return 0;
+}
+
+static int
+fips_test_one_test_group(void)
+{
+ int ret;
+ json_t *tests, *write_tests;
+ size_t test_idx, tests_size;
+
+ write_tests = json_array();
+ json_info.json_write_group = json_object();
+ json_object_set(json
[PATCH v3 5/5] examples/fips_validation: add json to gcm test
Adds json-specific testing and writeback function. Allows
the user to test AES-GCM vector sets.
Signed-off-by: Brandon Lo
---
v3:
* fix checkpatch warnings
.../fips_validation/fips_validation_gcm.c | 150 ++
1 file changed, 150 insertions(+)
diff --git a/examples/fips_validation/fips_validation_gcm.c
b/examples/fips_validation/fips_validation_gcm.c
index 250d09bf90..5c72dbf790 100644
--- a/examples/fips_validation/fips_validation_gcm.c
+++ b/examples/fips_validation/fips_validation_gcm.c
@@ -6,6 +6,10 @@
#include
#include
+#ifdef RTE_HAS_JANSSON
+#include
+#endif /* RTE_HAS_JANSSON */
+
#include
#include
@@ -37,6 +41,27 @@
#define OP_ENC_EXT_STR "ExtIV"
#define OP_ENC_INT_STR "IntIV"
+#define KEYLEN_JSON_STR"keyLen"
+#define IVLEN_JSON_STR "ivLen"
+#define PAYLOADLEN_JSON_STR"payloadLen"
+#define AADLEN_JSON_STR"aadLen"
+#define TAGLEN_JSON_STR"tagLen"
+
+#define KEY_JSON_STR "key"
+#define IV_JSON_STR"iv"
+#define PT_JSON_STR"pt"
+#define CT_JSON_STR"ct"
+#define AAD_JSON_STR "aad"
+#define TAG_JSON_STR "tag"
+#define DIR_JSON_STR "direction"
+
+#define OP_ENC_JSON_STR"encrypt"
+#define OP_DEC_JSON_STR"decrypt"
+
+#define IVGEN_JSON_STR "ivGen"
+#define OP_ENC_EXT_JSON_STR"external"
+#define OP_ENC_INT_JSON_STR"internal"
+
#define NEG_TEST_STR "FAIL"
/**
@@ -136,6 +161,40 @@ struct fips_test_callback gcm_enc_vectors[] = {
{NULL, NULL, NULL} /**< end pointer */
};
+#ifdef RTE_HAS_JANSSON
+struct fips_test_callback gcm_dec_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {CT_JSON_STR, parse_gcm_pt_ct_str, &vec.ct},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {TAG_JSON_STR, parse_uint8_known_len_hex_str,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_interim_json_vectors[] = {
+ {KEYLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.key},
+ {IVLEN_JSON_STR, parser_read_uint32_bit_val, &vec.iv},
+ {PAYLOADLEN_JSON_STR, parser_read_gcm_pt_len, &vec.pt},
+ {PAYLOADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.ct},
+ /**< The NIST json test vectors use 'payloadLen' to denote
input text
+* length in case of decrypt & encrypt operations.
+*/
+ {AADLEN_JSON_STR, parser_read_uint32_bit_val, &vec.aead.aad},
+ {TAGLEN_JSON_STR, parser_read_uint32_bit_val,
+ &vec.aead.digest},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+
+struct fips_test_callback gcm_enc_json_vectors[] = {
+ {KEY_JSON_STR, parse_uint8_known_len_hex_str, &vec.aead.key},
+ {IV_JSON_STR, parse_uint8_known_len_hex_str, &vec.iv},
+ {PT_JSON_STR, parse_gcm_pt_ct_str, &vec.pt},
+ {AAD_JSON_STR, parse_gcm_aad_str, &vec.aead.aad},
+ {NULL, NULL, NULL} /**< end pointer */
+};
+#endif /* RTE_HAS_JANSSON */
+
static int
parse_test_gcm_writeback(struct fips_val *val)
{
@@ -188,12 +247,103 @@ parse_test_gcm_writeback(struct fips_val *val)
return 0;
}
+#ifdef RTE_HAS_JANSSON
+static int
+parse_test_gcm_json_writeback(struct fips_val *val)
+{
+ struct fips_val tmp_val;
+ json_t *tcId, *tag;
+
+ tcId = json_object_get(json_info.json_test_case, "tcId");
+
+ json_info.json_write_case = json_object();
+ json_object_set(json_info.json_write_case, "tcId", tcId);
+
+ if (info.op == FIPS_TEST_ENC_AUTH_GEN) {
+ json_t *ct;
+
+ tmp_val.val = val->val;
+ tmp_val.len = vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ ct = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case, CT_JSON_STR, ct);
+
+ if (info.interim_info.gcm_data.gen_iv) {
+ json_t *iv;
+ tmp_val.val = vec.iv.val;
+ tmp_val.len = vec.iv.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ iv = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_write_case,
IV_JSON_STR, iv);
+
+ rte_free(vec.iv.val);
+ vec.iv.val = NULL;
+ }
+
+ tmp_val.val = val->val + vec.pt.len;
+ tmp_val.len = val->len - vec.pt.len;
+
+ writeback_hex_str("", info.one_line_text, &tmp_val);
+ tag = json_string(info.one_line_text);
+ json_object_set_new(json_info.json_
[PATCH v2] vdpa/sfc: fix null dereference
Fixes: b11961363b4a ("vdpa/sfc: support device configure and close")
Signed-off-by: Weiguo Li
---
drivers/vdpa/sfc/sfc_vdpa_ops.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/vdpa/sfc/sfc_vdpa_ops.c b/drivers/vdpa/sfc/sfc_vdpa_ops.c
index c4ce4474ef..b3d9b6cd56 100644
--- a/drivers/vdpa/sfc/sfc_vdpa_ops.c
+++ b/drivers/vdpa/sfc/sfc_vdpa_ops.c
@@ -611,7 +611,7 @@ sfc_vdpa_dev_config(int vid)
ops_data = sfc_vdpa_get_data_by_dev(vdpa_dev);
if (ops_data == NULL) {
- sfc_vdpa_err(ops_data->dev_handle,
+ SFC_VDPA_GENERIC_LOG(ERR,
"invalid vDPA device : %p, vid : %d",
vdpa_dev, vid);
return -1;
@@ -666,7 +666,7 @@ sfc_vdpa_dev_close(int vid)
ops_data = sfc_vdpa_get_data_by_dev(vdpa_dev);
if (ops_data == NULL) {
- sfc_vdpa_err(ops_data->dev_handle,
+ SFC_VDPA_GENERIC_LOG(ERR,
"invalid vDPA device : %p, vid : %d",
vdpa_dev, vid);
return -1;
--
2.25.1
Re: [PATCH v2 01/83] lib: update documentation of XXX_free() functions
28/01/2022 23:51, Stephen Hemminger: > On Fri, 28 Jan 2022 22:47:15 +0100 > Thomas Monjalon wrote: > > > 24/01/2022 18:45, Stephen Hemminger: > > > These functions all behave like libc free() and do > > > nothing if handed a NULL pointer. The code is already doing > > > this, this patch just documents the behavior. > > > > > > Signed-off-by: Stephen Hemminger > > > --- > > > /** > > > * De-allocate all memory used by hash table. > > > + * > > > + * If the pointer is NULL, the function does nothing. > > > > Would be better to move in the context of the parameter > > I copied text from rte_free to other functions... > For consistency, lets document it one way in all cases. > Don't care which one... I prefer to have comments about a parameter inside the @param please.
[PATCH] vhost: fix null pointer dereference
Fixes: 155ee3542fb1 ("vhost: improve vhost-user layer logs")
Signed-off-by: Weiguo Li
---
lib/vhost/vhost_user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/vhost/vhost_user.c b/lib/vhost/vhost_user.c
index e8297a09eb..d032998488 100644
--- a/lib/vhost/vhost_user.c
+++ b/lib/vhost/vhost_user.c
@@ -671,7 +671,7 @@ numa_realloc(struct virtio_net *dev, int index)
dev = rte_realloc_socket(old_dev, sizeof(*dev), 0, node);
if (!dev) {
VHOST_LOG_CONFIG(ERR, "(%s) failed to realloc dev on node %d\n",
- dev->ifname, node);
+ old_dev->ifname, node);
return old_dev;
}
--
2.25.1
RE: [PATCH v2 1/1] net/ixgbe: check ixgbe filter init failure
> -Original Message-
> From: Wang, Haiyue
> Sent: Thursday, December 30, 2021 1:33 PM
> To: Yunjian Wang ; dev@dpdk.org
> Cc: dingxiaoxi...@huawei.com; xudin...@huawei.com; sta...@dpdk.org
> Subject: RE: [PATCH v2 1/1] net/ixgbe: check ixgbe filter init failure
>
> > -Original Message-
> > From: Yunjian Wang
> > Sent: Friday, December 24, 2021 19:27
> > To: dev@dpdk.org
> > Cc: Wang, Haiyue ; dingxiaoxi...@huawei.com;
> > xudin...@huawei.com; Yunjian Wang ;
> > sta...@dpdk.org
> > Subject: [PATCH v2 1/1] net/ixgbe: check ixgbe filter init failure
> >
> > The function ixgbe_fdir_filter_init() and ixgbe_l2_tn_filter_init()
> > could return errors, the return value need to be checked and returned.
> >
> > Fixes: 080e3c0ee989 ("net/ixgbe: store flow director filter")
> > Fixes: d0c0c416ef1f ("net/ixgbe: store L2 tunnel filter")
> > Cc: sta...@dpdk.org
> >
> > Signed-off-by: Yunjian Wang
> > ---
> > v2: update code suggested by Haiyue Wang
> > ---
> > drivers/net/ixgbe/ixgbe_ethdev.c | 32
> > +++-
> > 1 file changed, 23 insertions(+), 9 deletions(-)
> >
>
> Thanks!
>
> Acked-by: Haiyue Wang
Applied to dpdk-next-net-intel.
Thanks
Qi
>
> > --
> > 2.27.0
