summaryrefslogtreecommitdiff
path: root/drivers/net/softnic
diff options
context:
space:
mode:
authorFan Zhang <roy.fan.zhang@intel.com>2019-06-24 14:35:22 +0100
committerAkhil Goyal <akhil.goyal@nxp.com>2019-07-19 14:15:21 +0200
commit186b14d6850654eb84a8ae9ea29b736f0ba5e093 (patch)
tree6f470ae3a3d72d9e245f1648bf7d7326996841a0 /drivers/net/softnic
parent8c7a31317b0ec128d25b30cd56db94c144ceaaa2 (diff)
downloaddpdk-186b14d6850654eb84a8ae9ea29b736f0ba5e093.zip
dpdk-186b14d6850654eb84a8ae9ea29b736f0ba5e093.tar.gz
dpdk-186b14d6850654eb84a8ae9ea29b736f0ba5e093.tar.xz
cryptodev: make xform key pointer constant
This patch changes the key pointer data types in cipher, auth, and aead xforms from "uint8_t *" to "const uint8_t *" for a more intuitive and safe sessionn creation. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com> Acked-by: Akhil Goyal <akhil.goyal@nxp.com> Acked-by: Liron Himi <lironh@marvell.com>
Diffstat (limited to 'drivers/net/softnic')
-rw-r--r--drivers/net/softnic/rte_eth_softnic_cli.c74
-rw-r--r--drivers/net/softnic/rte_eth_softnic_internals.h4
2 files changed, 38 insertions, 40 deletions
diff --git a/drivers/net/softnic/rte_eth_softnic_cli.c b/drivers/net/softnic/rte_eth_softnic_cli.c
index 56fc92b..88e0a84 100644
--- a/drivers/net/softnic/rte_eth_softnic_cli.c
+++ b/drivers/net/softnic/rte_eth_softnic_cli.c
@@ -4095,24 +4095,18 @@ parse_free_sym_crypto_param_data(struct rte_table_action_sym_crypto_params *p)
switch (xform[i]->type) {
case RTE_CRYPTO_SYM_XFORM_CIPHER:
- if (xform[i]->cipher.key.data)
- free(xform[i]->cipher.key.data);
if (p->cipher_auth.cipher_iv.val)
free(p->cipher_auth.cipher_iv.val);
if (p->cipher_auth.cipher_iv_update.val)
free(p->cipher_auth.cipher_iv_update.val);
break;
case RTE_CRYPTO_SYM_XFORM_AUTH:
- if (xform[i]->auth.key.data)
- free(xform[i]->cipher.key.data);
if (p->cipher_auth.auth_iv.val)
free(p->cipher_auth.cipher_iv.val);
if (p->cipher_auth.auth_iv_update.val)
free(p->cipher_auth.cipher_iv_update.val);
break;
case RTE_CRYPTO_SYM_XFORM_AEAD:
- if (xform[i]->aead.key.data)
- free(xform[i]->cipher.key.data);
if (p->aead.iv.val)
free(p->aead.iv.val);
if (p->aead.aad.val)
@@ -4127,8 +4121,8 @@ parse_free_sym_crypto_param_data(struct rte_table_action_sym_crypto_params *p)
static struct rte_crypto_sym_xform *
parse_table_action_cipher(struct rte_table_action_sym_crypto_params *p,
- char **tokens, uint32_t n_tokens, uint32_t encrypt,
- uint32_t *used_n_tokens)
+ uint8_t *key, uint32_t max_key_len, char **tokens,
+ uint32_t n_tokens, uint32_t encrypt, uint32_t *used_n_tokens)
{
struct rte_crypto_sym_xform *xform_cipher;
int status;
@@ -4155,16 +4149,16 @@ parse_table_action_cipher(struct rte_table_action_sym_crypto_params *p,
/* cipher_key */
len = strlen(tokens[4]);
- xform_cipher->cipher.key.data = calloc(1, len / 2 + 1);
- if (xform_cipher->cipher.key.data == NULL)
+ if (len / 2 > max_key_len) {
+ status = -ENOMEM;
goto error_exit;
+ }
- status = softnic_parse_hex_string(tokens[4],
- xform_cipher->cipher.key.data,
- (uint32_t *)&len);
+ status = softnic_parse_hex_string(tokens[4], key, (uint32_t *)&len);
if (status < 0)
goto error_exit;
+ xform_cipher->cipher.key.data = key;
xform_cipher->cipher.key.length = (uint16_t)len;
/* cipher_iv */
@@ -4188,9 +4182,6 @@ parse_table_action_cipher(struct rte_table_action_sym_crypto_params *p,
return xform_cipher;
error_exit:
- if (xform_cipher->cipher.key.data)
- free(xform_cipher->cipher.key.data);
-
if (p->cipher_auth.cipher_iv.val) {
free(p->cipher_auth.cipher_iv.val);
p->cipher_auth.cipher_iv.val = NULL;
@@ -4203,8 +4194,8 @@ error_exit:
static struct rte_crypto_sym_xform *
parse_table_action_cipher_auth(struct rte_table_action_sym_crypto_params *p,
- char **tokens, uint32_t n_tokens, uint32_t encrypt,
- uint32_t *used_n_tokens)
+ uint8_t *key, uint32_t max_key_len, char **tokens,
+ uint32_t n_tokens, uint32_t encrypt, uint32_t *used_n_tokens)
{
struct rte_crypto_sym_xform *xform_cipher;
struct rte_crypto_sym_xform *xform_auth;
@@ -4233,17 +4224,21 @@ parse_table_action_cipher_auth(struct rte_table_action_sym_crypto_params *p,
/* auth_key */
len = strlen(tokens[10]);
- xform_auth->auth.key.data = calloc(1, len / 2 + 1);
- if (xform_auth->auth.key.data == NULL)
+ if (len / 2 > max_key_len) {
+ status = -ENOMEM;
goto error_exit;
+ }
- status = softnic_parse_hex_string(tokens[10],
- xform_auth->auth.key.data, (uint32_t *)&len);
+ status = softnic_parse_hex_string(tokens[10], key, (uint32_t *)&len);
if (status < 0)
goto error_exit;
+ xform_auth->auth.key.data = key;
xform_auth->auth.key.length = (uint16_t)len;
+ key += xform_auth->auth.key.length;
+ max_key_len -= xform_auth->auth.key.length;
+
if (strcmp(tokens[11], "digest_size"))
goto error_exit;
@@ -4252,8 +4247,8 @@ parse_table_action_cipher_auth(struct rte_table_action_sym_crypto_params *p,
if (status < 0)
goto error_exit;
- xform_cipher = parse_table_action_cipher(p, tokens, 7, encrypt,
- used_n_tokens);
+ xform_cipher = parse_table_action_cipher(p, key, max_key_len, tokens, 7,
+ encrypt, used_n_tokens);
if (xform_cipher == NULL)
goto error_exit;
@@ -4268,8 +4263,6 @@ parse_table_action_cipher_auth(struct rte_table_action_sym_crypto_params *p,
}
error_exit:
- if (xform_auth->auth.key.data)
- free(xform_auth->auth.key.data);
if (p->cipher_auth.auth_iv.val) {
free(p->cipher_auth.auth_iv.val);
p->cipher_auth.auth_iv.val = 0;
@@ -4282,8 +4275,8 @@ error_exit:
static struct rte_crypto_sym_xform *
parse_table_action_aead(struct rte_table_action_sym_crypto_params *p,
- char **tokens, uint32_t n_tokens, uint32_t encrypt,
- uint32_t *used_n_tokens)
+ uint8_t *key, uint32_t max_key_len, char **tokens,
+ uint32_t n_tokens, uint32_t encrypt, uint32_t *used_n_tokens)
{
struct rte_crypto_sym_xform *xform_aead;
int status;
@@ -4312,15 +4305,16 @@ parse_table_action_aead(struct rte_table_action_sym_crypto_params *p,
/* aead_key */
len = strlen(tokens[4]);
- xform_aead->aead.key.data = calloc(1, len / 2 + 1);
- if (xform_aead->aead.key.data == NULL)
+ if (len / 2 > max_key_len) {
+ status = -ENOMEM;
goto error_exit;
+ }
- status = softnic_parse_hex_string(tokens[4], xform_aead->aead.key.data,
- (uint32_t *)&len);
+ status = softnic_parse_hex_string(tokens[4], key, (uint32_t *)&len);
if (status < 0)
goto error_exit;
+ xform_aead->aead.key.data = key;
xform_aead->aead.key.length = (uint16_t)len;
/* aead_iv */
@@ -4362,8 +4356,6 @@ parse_table_action_aead(struct rte_table_action_sym_crypto_params *p,
return xform_aead;
error_exit:
- if (xform_aead->aead.key.data)
- free(xform_aead->aead.key.data);
if (p->aead.iv.val) {
free(p->aead.iv.val);
p->aead.iv.val = NULL;
@@ -4386,6 +4378,8 @@ parse_table_action_sym_crypto(char **tokens,
{
struct rte_table_action_sym_crypto_params *p = &a->sym_crypto;
struct rte_crypto_sym_xform *xform = NULL;
+ uint8_t *key = a->sym_crypto_key;
+ uint32_t max_key_len = SYM_CRYPTO_MAX_KEY_SIZE;
uint32_t used_n_tokens;
uint32_t encrypt;
int status;
@@ -4410,20 +4404,20 @@ parse_table_action_sym_crypto(char **tokens,
tokens += 3;
n_tokens -= 3;
- xform = parse_table_action_cipher(p, tokens, n_tokens, encrypt,
- &used_n_tokens);
+ xform = parse_table_action_cipher(p, key, max_key_len, tokens,
+ n_tokens, encrypt, &used_n_tokens);
} else if (strcmp(tokens[3], "cipher_auth") == 0) {
tokens += 3;
n_tokens -= 3;
- xform = parse_table_action_cipher_auth(p, tokens, n_tokens,
- encrypt, &used_n_tokens);
+ xform = parse_table_action_cipher_auth(p, key, max_key_len,
+ tokens, n_tokens, encrypt, &used_n_tokens);
} else if (strcmp(tokens[3], "aead") == 0) {
tokens += 3;
n_tokens -= 3;
- xform = parse_table_action_aead(p, tokens, n_tokens, encrypt,
- &used_n_tokens);
+ xform = parse_table_action_aead(p, key, max_key_len, tokens,
+ n_tokens, encrypt, &used_n_tokens);
}
if (xform == NULL)
diff --git a/drivers/net/softnic/rte_eth_softnic_internals.h b/drivers/net/softnic/rte_eth_softnic_internals.h
index 415434d..08bc660 100644
--- a/drivers/net/softnic/rte_eth_softnic_internals.h
+++ b/drivers/net/softnic/rte_eth_softnic_internals.h
@@ -948,6 +948,9 @@ struct softnic_table_rule_match {
} match;
};
+#ifndef SYM_CRYPTO_MAX_KEY_SIZE
+#define SYM_CRYPTO_MAX_KEY_SIZE (256)
+#endif
struct softnic_table_rule_action {
uint64_t action_mask;
struct rte_table_action_fwd_params fwd;
@@ -962,6 +965,7 @@ struct softnic_table_rule_action {
struct rte_table_action_tag_params tag;
struct rte_table_action_decap_params decap;
struct rte_table_action_sym_crypto_params sym_crypto;
+ uint8_t sym_crypto_key[SYM_CRYPTO_MAX_KEY_SIZE];
};
struct rte_flow {