From 5c481ff732caef6cbd4e3c095e802f095a920d82 Mon Sep 17 00:00:00 2001 From: Benoît Ganne Date: Mon, 8 Mar 2021 10:22:51 +0100 Subject: crypto: fix chained buffer integrity support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Type: fix Change-Id: I984a3e577a4209e41d046eaf3a8eef8986dc6147 Signed-off-by: Benoît Ganne --- src/plugins/crypto_sw_scheduler/main.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/plugins/crypto_sw_scheduler/main.c b/src/plugins/crypto_sw_scheduler/main.c index 29f91b36345..fa2611f065c 100644 --- a/src/plugins/crypto_sw_scheduler/main.c +++ b/src/plugins/crypto_sw_scheduler/main.c @@ -170,7 +170,21 @@ cryptodev_sw_scheduler_sgl (vlib_main_t * vm, break; } - ASSERT (offset == 0 && len == 0); + ASSERT (offset == 0); + if (n_chunks && len) + { + /* Some async crypto users can use buffers in creative ways, let's allow + * some flexibility here... + * Current example is ESP decrypt with ESN in async mode: it will stash + * ESN at the end of the last buffer (if it can) because it must be part + * of the integrity check but it will not update the buffer length. + * Fixup the last operation chunk length if we have room. + */ + ASSERT (vlib_buffer_space_left_at_end (vm, nb) >= len); + if (vlib_buffer_space_left_at_end (vm, nb) >= len) + ch->len += len; + } + op->chunk_index = chunk_index; op->n_chunks = n_chunks; } -- cgit 1.2.3-korg