patch 'examples/fips_validation: fix RSA memcpy' has been queued to stable release 25.11.1
Kevin Traynor
ktraynor at redhat.com
Thu Feb 26 14:08:44 CET 2026
Hi,
FYI, your patch has been queued to stable release 25.11.1
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 03/02/26. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable
This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable/commit/529424fc6dfb22e2352345aca9e965e906948ecd
Thanks.
Kevin
---
>From 529424fc6dfb22e2352345aca9e965e906948ecd Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen at networkplumber.org>
Date: Tue, 30 Dec 2025 10:55:15 -0800
Subject: [PATCH] examples/fips_validation: fix RSA memcpy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[ upstream commit dac0edb433859c026b35615495b48dc6d394b7b8 ]
The code for copying example hash key values was calling rte_memcpy
but rte_memcpy is generating vector instruction that references
past the array.
In function ‘get_hash_oid’,
inlined from ‘prepare_rsa_xform’
at ../examples/fips_validation/main.c:1607:12:
examples/fips_validation/main.c:890:20:
warning: array subscript ‘__m128i_u[0]’
is partly outside array bounds of ‘uint8_t[15]’
{aka ‘unsigned char[15]’} [-Warray-bounds=]
890 | id = id_sha1;
| ~~~^~~~~~~~~
In function ‘prepare_rsa_xform’:
examples/fips_validation/main.c:882:17: note: object ‘id_sha1’ of size 15
882 | uint8_t id_sha1[] = {0x30, 0x21, 0x30, 0x09, 0x06, 0x05,
Workaround is to replace rte_memcpy with memcpy.
Fixes: ae5ae3bf5996 ("examples/fips_validation: encode digest with hash OID")
Signed-off-by: Stephen Hemminger <stephen at networkplumber.org>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn at marvell.com>
---
examples/fips_validation/main.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/examples/fips_validation/main.c b/examples/fips_validation/main.c
index f21826e9d7..daf273bc85 100644
--- a/examples/fips_validation/main.c
+++ b/examples/fips_validation/main.c
@@ -883,6 +883,6 @@ get_hash_oid(enum rte_crypto_auth_algorithm hash, uint8_t *buf)
0x2b, 0x0e, 0x03, 0x02, 0x1a, 0x05,
0x00, 0x04, 0x14};
- uint8_t *id = NULL;
- int id_len = 0;
+ const uint8_t *id;
+ size_t id_len;
switch (hash) {
@@ -908,10 +908,8 @@ get_hash_oid(enum rte_crypto_auth_algorithm hash, uint8_t *buf)
break;
default:
- id_len = -1;
- break;
+ return -1;
}
- if (id != NULL)
- rte_memcpy(buf, id, id_len);
+ memcpy(buf, id, id_len);
return id_len;
@@ -1615,6 +1613,6 @@ prepare_rsa_xform(struct rte_crypto_asym_xform *xform)
msg.len = env.digest_len + b_len;
msg.val = rte_zmalloc(NULL, msg.len, 0);
- rte_memcpy(msg.val, b, b_len);
- rte_memcpy(msg.val + b_len, env.digest, env.digest_len);
+ memcpy(msg.val, b, b_len);
+ memcpy(msg.val + b_len, env.digest, env.digest_len);
rte_free(env.digest);
env.digest = msg.val;
--
2.53.0
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2026-02-26 10:16:48.760798009 +0000
+++ 0042-examples-fips_validation-fix-RSA-memcpy.patch 2026-02-26 10:16:46.953459246 +0000
@@ -1 +1 @@
-From dac0edb433859c026b35615495b48dc6d394b7b8 Mon Sep 17 00:00:00 2001
+From 529424fc6dfb22e2352345aca9e965e906948ecd Mon Sep 17 00:00:00 2001
@@ -8,0 +9,2 @@
+[ upstream commit dac0edb433859c026b35615495b48dc6d394b7b8 ]
+
@@ -29 +30,0 @@
-Cc: stable at dpdk.org
More information about the stable
mailing list