diff options
author | Benoît Ganne <bganne@cisco.com> | 2021-03-08 10:22:51 +0100 |
---|---|---|
committer | Fan Zhang <roy.fan.zhang@intel.com> | 2021-04-29 15:48:25 +0000 |
commit | 5c481ff732caef6cbd4e3c095e802f095a920d82 (patch) | |
tree | dec57d693a3d49bea0f496e6cdbf5ea4907698cc /src | |
parent | edda5926e0b755368aef017a278272b796d22467 (diff) |
crypto: fix chained buffer integrity support
Type: fix
Change-Id: I984a3e577a4209e41d046eaf3a8eef8986dc6147
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/plugins/crypto_sw_scheduler/main.c | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/src/plugins/crypto_sw_scheduler/main.c b/src/plugins/crypto_sw_scheduler/main.c index 29f91b36345..fa2611f065c 100644 --- a/src/plugins/crypto_sw_scheduler/main.c +++ b/src/plugins/crypto_sw_scheduler/main.c @@ -170,7 +170,21 @@ cryptodev_sw_scheduler_sgl (vlib_main_t * vm, break; } - ASSERT (offset == 0 && len == 0); + ASSERT (offset == 0); + if (n_chunks && len) + { + /* Some async crypto users can use buffers in creative ways, let's allow + * some flexibility here... + * Current example is ESP decrypt with ESN in async mode: it will stash + * ESN at the end of the last buffer (if it can) because it must be part + * of the integrity check but it will not update the buffer length. + * Fixup the last operation chunk length if we have room. + */ + ASSERT (vlib_buffer_space_left_at_end (vm, nb) >= len); + if (vlib_buffer_space_left_at_end (vm, nb) >= len) + ch->len += len; + } + op->chunk_index = chunk_index; op->n_chunks = n_chunks; } |