summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenoît Ganne <bganne@cisco.com>2021-01-22 18:11:37 +0100
committerFan Zhang <roy.fan.zhang@intel.com>2021-04-07 11:44:48 +0000
commit48524a9072c1c7cda964f8777d3a08a1aa63c533 (patch)
treeca7d24b87ecf14103d4699065a8a6623b40f4961
parent3887be7d375dc7bd564cea0881a9fb7a31f06456 (diff)
crypto: fix ops flags in crypto sw scheduler
The crypto op flags must be reset to frame flags minus invalid values depending of the operation, instead of forcing them to specific values. Type: fix Change-Id: Ib02c2a738bbca6962394b3c03088d516d0da56a0 Signed-off-by: Benoît Ganne <bganne@cisco.com>
-rw-r--r--src/plugins/crypto_sw_scheduler/main.c9
-rw-r--r--src/vnet/ipsec/esp_decrypt.c2
2 files changed, 4 insertions, 7 deletions
diff --git a/src/plugins/crypto_sw_scheduler/main.c b/src/plugins/crypto_sw_scheduler/main.c
index 980fa14e5f1..29f91b36345 100644
--- a/src/plugins/crypto_sw_scheduler/main.c
+++ b/src/plugins/crypto_sw_scheduler/main.c
@@ -148,8 +148,6 @@ cryptodev_sw_scheduler_sgl (vlib_main_t * vm,
u32 n_chunks = 0;
u32 chunk_index = vec_len (ptd->chunks);
- op->flags |= VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS;
-
while (len)
{
if (nb->current_data + nb->current_length > offset)
@@ -251,15 +249,12 @@ crypto_sw_scheduler_convert_link_crypto (vlib_main_t * vm,
crypto_op->iv = fe->iv;
crypto_op->key_index = key->index_crypto;
crypto_op->user_data = 0;
+ crypto_op->flags = fe->flags & ~VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
integ_op->op = integ_op_id;
integ_op->digest = fe->digest;
integ_op->digest_len = digest_len;
integ_op->key_index = key->index_integ;
- crypto_op->flags = integ_op->flags = 0;
- if (is_enc)
- crypto_op->flags |= VNET_CRYPTO_OP_FLAG_INIT_IV;
- else
- integ_op->flags |= VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
+ integ_op->flags = fe->flags & ~VNET_CRYPTO_OP_FLAG_INIT_IV;
crypto_op->user_data = integ_op->user_data = index;
}
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c
index ea5a99c6fa1..8c4a9e22182 100644
--- a/src/vnet/ipsec/esp_decrypt.c
+++ b/src/vnet/ipsec/esp_decrypt.c
@@ -632,6 +632,8 @@ esp_decrypt_prepare_async_frame (vlib_main_t *vm, vlib_node_runtime_t *node,
key_index = sa0->linked_key_index;
integ_start_offset = payload - b->data;
integ_len = len;
+ if (PREDICT_TRUE (sa0->integ_op_id != VNET_CRYPTO_OP_NONE))
+ flags |= VNET_CRYPTO_OP_FLAG_HMAC_CHECK;
if (pd->is_chain)
{