From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from aserp2120.oracle.com ([141.146.126.78]:51116 "EHLO aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751274AbeBVTO7 (ORCPT ); Thu, 22 Feb 2018 14:14:59 -0500 From: Shannon Nelson To: intel-wired-lan@lists.osuosl.org Cc: netdev@vger.kernel.org, steffen.klassert@secunet.com Subject: [PATCH next-queue 2/3] ixgbe: fix ipsec trailer length Date: Thu, 22 Feb 2018 11:09:56 -0800 Message-Id: <1519326597-7679-3-git-send-email-shannon.nelson@oracle.com> In-Reply-To: <1519326597-7679-1-git-send-email-shannon.nelson@oracle.com> References: <1519326597-7679-1-git-send-email-shannon.nelson@oracle.com> Sender: netdev-owner@vger.kernel.org List-ID: Fix up the Tx trailer length calculation. We can't believe the trailer len from the xstate information because it was calculated before the packet was put together and padding added. This bit of code finds the padding value in the trailer, adds it to the authentication length, and saves it so later we can put it into the Tx descriptor to tell the device where to stop the checksum calculation. Fixes: 592594704761 ("ixgbe: process the Tx ipsec offload") Signed-off-by: Shannon Nelson --- drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c index 8b7dbc8..8623013 100644 --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_ipsec.c @@ -789,11 +789,33 @@ int ixgbe_ipsec_tx(struct ixgbe_ring *tx_ring, itd->flags = 0; if (xs->id.proto == IPPROTO_ESP) { + struct sk_buff *skb = first->skb; + int ret, authlen, trailerlen; + u8 padlen; + itd->flags |= IXGBE_ADVTXD_TUCMD_IPSEC_TYPE_ESP | IXGBE_ADVTXD_TUCMD_L4T_TCP; if (first->protocol == htons(ETH_P_IP)) itd->flags |= IXGBE_ADVTXD_TUCMD_IPV4; - itd->trailer_len = xs->props.trailer_len; + + /* The actual trailer length is authlen (16 bytes) plus + * 2 bytes for the proto and the padlen values, plus + * padlen bytes of padding. This ends up not the same + * as the static value found in xs->props.trailer_len (21). + * + * The "correct" way to get the auth length would be to use + * authlen = crypto_aead_authsize(xs->data); + * but since we know we only have one size to worry about + * we can let the compiler use the constant and save us a + * few CPU cycles. + */ + authlen = IXGBE_IPSEC_AUTH_BITS / 8; + + ret = skb_copy_bits(skb, skb->len - (authlen + 2), &padlen, 1); + if (unlikely(ret)) + return 0; + trailerlen = authlen + 2 + padlen; + itd->trailer_len = trailerlen; } if (tsa->encrypt) itd->flags |= IXGBE_ADVTXD_TUCMD_IPSEC_ENCRYPT_EN; -- 2.7.4