patch 'crypto/cnxk: return decrypted data for RSA verify' has been queued to stable release 24.11.5

[luca.boccassi at gmail.com]

Hi,

FYI, your patch has been queued to stable release 24.11.5

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/22/26. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable

This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/ece3cda0095b092fa707922dc7bc0c197715e133

Thanks.

Luca Boccassi

---
>From ece3cda0095b092fa707922dc7bc0c197715e133 Mon Sep 17 00:00:00 2001
From: Garvit Varshney <gvarshney at marvell.com>
Date: Tue, 27 Jan 2026 10:04:59 +0530
Subject: [PATCH] crypto/cnxk: return decrypted data for RSA verify

[ upstream commit adaf208c017724a814a08472a22908ca0a2f11b8 ]

For RSA verify operations with RTE_CRYPTO_RSA_PADDING_NONE, the driver
cannot determine which padding algorithm the application is using.
As per the API specification in rte_crypto_asym.h, when
RTE_CRYPTO_RSA_PADDING_NONE and RTE_CRYPTO_ASYM_OP_VERIFY are selected,
the decrypted signature should be returned to the application in the
cipher output buffer.

Fixes: dfd038b97ec3 ("crypto/cnxk: refactor RSA verification")

Signed-off-by: Garvit Varshney <gvarshney at marvell.com>
Acked-by: Akhil Goyal <gakhil at marvell.com>
---
 .mailmap                      | 1 +
 drivers/crypto/cnxk/cnxk_ae.h | 7 ++++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/.mailmap b/.mailmap
index 0ddb7d8075..3661a8d0a5 100644
--- a/.mailmap
+++ b/.mailmap
@@ -473,6 +473,7 @@ Gang Yang <gangx.yang at intel.com>
 Gao Feng <davidfgao at tencent.com>
 Gaoxiang Liu <liugaoxiang at huawei.com>
 Gargi Sau <gargi.sau at intel.com>
+Garvit Varshney <gvarshney at marvell.com>
 Gary Mussar <gmussar at ciena.com>
 Gaurav Singh <gaurav1086 at gmail.com>
 Gautam Dawar <gdawar at solarflare.com>
diff --git a/drivers/crypto/cnxk/cnxk_ae.h b/drivers/crypto/cnxk/cnxk_ae.h
index 912a2a9496..21a0c8068a 100644
--- a/drivers/crypto/cnxk/cnxk_ae.h
+++ b/drivers/crypto/cnxk/cnxk_ae.h
@@ -1591,9 +1591,10 @@ cnxk_ae_dequeue_rsa_op(struct rte_crypto_op *cop, uint8_t *rptr,
 		break;
 	case RTE_CRYPTO_ASYM_OP_VERIFY:
 		if (rsa_ctx->padding.type == RTE_CRYPTO_RSA_PADDING_NONE) {
-			rsa->sign.length = rsa_ctx->n.length;
-			if (memcmp(rptr, rsa->message.data, rsa->message.length))
-				cop->status = RTE_CRYPTO_OP_STATUS_ERROR;
+			/* Application compares decrypted data with message for SW padding schemes
+			 */
+			rsa->cipher.length = rsa_ctx->n.length;
+			memcpy(rsa->cipher.data, rptr, rsa->cipher.length);
 		} else {
 			/* Get length of signed output */
 			rsa->sign.length = rte_cpu_to_be_16(*((uint16_t *)rptr));
-- 
2.47.3

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2026-02-20 14:55:46.252296440 +0000
+++ 0079-crypto-cnxk-return-decrypted-data-for-RSA-verify.patch	2026-02-20 14:55:43.288192499 +0000
@@ -1 +1 @@
-From adaf208c017724a814a08472a22908ca0a2f11b8 Mon Sep 17 00:00:00 2001
+From ece3cda0095b092fa707922dc7bc0c197715e133 Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit adaf208c017724a814a08472a22908ca0a2f11b8 ]
+
@@ -14 +15,0 @@
-Cc: stable at dpdk.org
@@ -24 +25 @@
-index cdaa471715..81499a3337 100644
+index 0ddb7d8075..3661a8d0a5 100644
@@ -27 +28 @@
-@@ -497,6 +497,7 @@ Ganghui Zeng <zengganghui at huawei.com>
+@@ -473,6 +473,7 @@ Gang Yang <gangx.yang at intel.com>