patch 'crypto/virtio: add request check on request side' has been queued to stable release 22.11.9

[luca.boccassi at gmail.com]

Hi,

FYI, your patch has been queued to stable release 22.11.9

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 06/14/25. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable

This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/1bb460c2f84aecae79002005fd5a5b1196e817ac

Thanks.

Luca Boccassi

---
>From 1bb460c2f84aecae79002005fd5a5b1196e817ac Mon Sep 17 00:00:00 2001
From: Radu Nicolau <radu.nicolau at intel.com>
Date: Fri, 23 May 2025 14:04:50 +0000
Subject: [PATCH] crypto/virtio: add request check on request side

[ upstream commit 9771f037ec8c6592126be49ca50953d1a14a0335 ]

Add same request checks on the request side.

Fixes: b2866f473369 ("vhost/crypto: fix missed request check for copy mode")

Signed-off-by: Radu Nicolau <radu.nicolau at intel.com>
Acked-by: Fan Zhang <fanzhang.oss at gmail.com>
Tested-by: Yu Jiang <yux.jiang at intel.com>
---
 drivers/crypto/virtio/virtio_rxtx.c | 41 +++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

diff --git a/drivers/crypto/virtio/virtio_rxtx.c b/drivers/crypto/virtio/virtio_rxtx.c
index 01977c7ec4..b18b50428d 100644
--- a/drivers/crypto/virtio/virtio_rxtx.c
+++ b/drivers/crypto/virtio/virtio_rxtx.c
@@ -107,6 +107,41 @@ virtqueue_dequeue_burst_rx(struct virtqueue *vq,
 	return i;
 }
 
+
+static __rte_always_inline uint8_t
+virtqueue_crypto_check_cipher_request(struct virtio_crypto_cipher_data_req *req)
+{
+	if (likely((req->para.iv_len <= VIRTIO_CRYPTO_MAX_IV_SIZE) &&
+		(req->para.src_data_len <= RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.dst_data_len >= req->para.src_data_len) &&
+		(req->para.dst_data_len <= RTE_MBUF_DEFAULT_BUF_SIZE)))
+		return VIRTIO_CRYPTO_OK;
+	return VIRTIO_CRYPTO_BADMSG;
+}
+
+static __rte_always_inline uint8_t
+virtqueue_crypto_check_chain_request(struct virtio_crypto_alg_chain_data_req *req)
+{
+	if (likely((req->para.iv_len <= VIRTIO_CRYPTO_MAX_IV_SIZE) &&
+		(req->para.src_data_len <= RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.dst_data_len >= req->para.src_data_len) &&
+		(req->para.dst_data_len <= RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.cipher_start_src_offset <
+			RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.len_to_cipher <= RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.hash_start_src_offset <
+			RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.len_to_hash <= RTE_MBUF_DEFAULT_BUF_SIZE) &&
+		(req->para.cipher_start_src_offset + req->para.len_to_cipher <=
+			req->para.src_data_len) &&
+		(req->para.hash_start_src_offset + req->para.len_to_hash <=
+			req->para.src_data_len) &&
+		(req->para.dst_data_len + req->para.hash_result_len <=
+			RTE_MBUF_DEFAULT_BUF_SIZE)))
+		return VIRTIO_CRYPTO_OK;
+	return VIRTIO_CRYPTO_BADMSG;
+}
+
 static int
 virtqueue_crypto_sym_pkt_header_arrange(
 		struct rte_crypto_op *cop,
@@ -142,6 +177,9 @@ virtqueue_crypto_sym_pkt_header_arrange(
 				sym_op->cipher.data.offset);
 		req_data->u.sym_req.u.cipher.para.dst_data_len =
 			req_data->u.sym_req.u.cipher.para.src_data_len;
+		if (virtqueue_crypto_check_cipher_request(
+			&req_data->u.sym_req.u.cipher) != VIRTIO_CRYPTO_OK)
+			return -1;
 		break;
 	case VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING:
 		req_data->u.sym_req.op_type =
@@ -181,6 +219,9 @@ virtqueue_crypto_sym_pkt_header_arrange(
 			VIRTIO_CRYPTO_SYM_HASH_MODE_AUTH)
 			req_data->u.sym_req.u.chain.para.hash_result_len =
 				chain_para->u.mac_param.hash_result_len;
+		if (virtqueue_crypto_check_chain_request(
+			&req_data->u.sym_req.u.chain) != VIRTIO_CRYPTO_OK)
+			return -1;
 		break;
 	default:
 		return -1;
-- 
2.47.2

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2025-06-12 22:06:25.953490628 +0100
+++ 0057-crypto-virtio-add-request-check-on-request-side.patch	2025-06-12 22:06:23.886044975 +0100
@@ -1 +1 @@
-From 9771f037ec8c6592126be49ca50953d1a14a0335 Mon Sep 17 00:00:00 2001
+From 1bb460c2f84aecae79002005fd5a5b1196e817ac Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 9771f037ec8c6592126be49ca50953d1a14a0335 ]
+
@@ -9 +10,0 @@
-Cc: stable at dpdk.org
@@ -15,2 +16,2 @@
- drivers/crypto/virtio/virtio_rxtx.c | 40 +++++++++++++++++++++++++++++
- 1 file changed, 40 insertions(+)
+ drivers/crypto/virtio/virtio_rxtx.c | 41 +++++++++++++++++++++++++++++
+ 1 file changed, 41 insertions(+)
@@ -19 +20 @@
-index a7f1bd9753..00988e18b1 100644
+index 01977c7ec4..b18b50428d 100644
@@ -22 +23 @@
-@@ -193,6 +193,40 @@ virtqueue_dequeue_burst_rx_packed(struct virtqueue *vq,
+@@ -107,6 +107,41 @@ virtqueue_dequeue_burst_rx(struct virtqueue *vq,
@@ -25,0 +27 @@
++
@@ -60 +62 @@
- static inline int
+ static int
@@ -63 +65 @@
-@@ -228,6 +262,9 @@ virtqueue_crypto_sym_pkt_header_arrange(
+@@ -142,6 +177,9 @@ virtqueue_crypto_sym_pkt_header_arrange(
@@ -73 +75 @@
-@@ -267,6 +304,9 @@ virtqueue_crypto_sym_pkt_header_arrange(
+@@ -181,6 +219,9 @@ virtqueue_crypto_sym_pkt_header_arrange(