From 60527bd6df4772bb4215403f2eea1b61b8b10157 Mon Sep 17 00:00:00 2001 From: Piotr Bronowski Date: Wed, 28 Jun 2023 08:16:38 +0000 Subject: [PATCH] dpdk-cryptodev: sync mbuf length with corresponding vlib buffer When vlib buffer is processed on vnet side its length is corrected by cipher padding and icv_sz. These changes need to be reflected in the mbuf internals. Type: fix Signed-off-by: Piotr Bronowski Change-Id: I0aa03f67f556dfc8f9a577ca1967210527221e02 --- .../dpdk/cryptodev/cryptodev_op_data_path.c | 33 ++++++++++++++-------- 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c b/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c index 2f0599c7bd3..4d3e00aa95e 100644 --- a/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c +++ b/src/plugins/dpdk/cryptodev/cryptodev_op_data_path.c @@ -66,6 +66,23 @@ cryptodev_get_iova (clib_pmalloc_main_t *pm, enum rte_iova_mode mode, return pointer_to_uword (data) - pm->lookup_table[index]; } +static_always_inline void +cryptodev_validate_mbuf (struct rte_mbuf *mb, vlib_buffer_t *b) +{ + /* on vnet side vlib_buffer current_length is updated by cipher padding and + * icv_sh. mbuf needs to be sync with these changes */ + u16 data_len = b->current_length + + (b->data + b->current_data - rte_pktmbuf_mtod (mb, u8 *)); + + /* for input nodes that are not dpdk-input, it is possible the mbuf + * was updated before as one of the chained mbufs. Setting nb_segs + * to 1 here to prevent the cryptodev PMD to access potentially + * invalid m_src->next pointers. + */ + mb->nb_segs = 1; + mb->pkt_len = mb->data_len = data_len; +} + static_always_inline void cryptodev_validate_mbuf_chain (vlib_main_t *vm, struct rte_mbuf *mb, vlib_buffer_t *b) @@ -218,12 +235,8 @@ cryptodev_frame_linked_algs_enqueue (vlib_main_t *vm, if (PREDICT_FALSE (fe->flags & VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS)) cryptodev_validate_mbuf_chain (vm, sop->m_src, b); else - /* for input nodes that are not dpdk-input, it is possible the mbuf - * was updated before as one of the chained mbufs. Setting nb_segs - * to 1 here to prevent the cryptodev PMD to access potentially - * invalid m_src->next pointers. - */ - sop->m_src->nb_segs = 1; + cryptodev_validate_mbuf (sop->m_src, b); + clib_memcpy_fast (cop[0]->iv, fe->iv, 16); cop++; bi++; @@ -359,12 +372,8 @@ cryptodev_frame_aead_enqueue (vlib_main_t *vm, if (PREDICT_FALSE (fe->flags & VNET_CRYPTO_OP_FLAG_CHAINED_BUFFERS)) cryptodev_validate_mbuf_chain (vm, sop->m_src, b); else - /* for input nodes that are not dpdk-input, it is possible the mbuf - * was updated before as one of the chained mbufs. Setting nb_segs - * to 1 here to prevent the cryptodev PMD to access potentially - * invalid m_src->next pointers. - */ - sop->m_src->nb_segs = 1; + cryptodev_validate_mbuf (sop->m_src, b); + clib_memcpy_fast (cop[0]->iv, fe->iv, 12); clib_memcpy_fast (cop[0]->aad, fe->aad, aad_len); cop++; -- 2.16.6