- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I’m encountering a reproducible decryption failure when submitting AES-GCM requests using the traditional API on QAT c4xxx devices.
The issue specifically occurs when the final buffer in the buffer list is less than 16 bytes, leading to a failed authentication (i.e., verifyResult = CPA_FALSE) and corrupted output data. This does not happen on c62x devices, suggesting a possible SDK or firmware issue specific to c4xxx.
Environment:
QAT device: c4xxx (Atom P5352)
Linux SDK version: 4.27.0
To help reproduce the issue, I’ve attached a modified cpa_gcm_sample.c containing the input data that fails on c4xxx. The failure occurs with the following buffer sizes:
[377, 1448, 36, 1448, 12, 1448, 1448, 1448, 1448, 48, 1448, 1448, 1448, 1448, 1448, 12]However, if I shift 4 bytes so the final buffer becomes exactly 16 bytes, like this:
[377, 1448, 36, 1448, 12, 1448, 1448, 1448, 1448, 48, 1448, 1448, 1448, 1448, 1444, 16]…then the decryption succeeds on both c4xxx and c62x devices.
Please see the REQUEST_FIX macro in the sample for the exact differences between the passing and failing cases.
gcm_sample output of 12 byte final buffer request on c4xxx:
-bash-5.1# ./gcm_sample.bad
main(): Starting GCM Sample Code App ...
algChainSample(): cpaCyStartInstance
algChainSample(): Authenticated Decryption
algChainSample(): cpaCySymSessionCtxGetSize GCM encrypt
algChainSample(): cpaCySymInitSession GCM Decrypt
algChainPerformOpGCM(): cpaCyBufferListGetMetaSize
*** Input buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7f5cfe777800 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7f5cfe777000 "\xff<\xbde\x02O\xfdY\x9b\xb7\x0c\x84\xf5L<\x1b"}
*** END Input buffer information ***
algChainPerformOpGCM(): cpaCySymPerformOp
symCallback(): Callback called with status = 0.
symCallback(): verifyResult = CPA_FALSE
*** Output buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7f5cfe777800 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7f5cfe777000 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"}
*** END output buffer information ***
algChainSample(): cpaCySymRemoveSession GCM decrypt
algChainSample(): Number of symmetric operation completed: 1
algChainSample(): cpaCyStopInstance
algChainSample(): Sample code ran successfully
main():
GCM Sample Code App finished
-bash-5.1#gcm_sample output of 16 byte final buffer request on c4xxx:
-bash-5.1# ./gcm_sample.good
main(): Starting GCM Sample Code App ...
algChainSample(): cpaCyStartInstance
algChainSample(): Authenticated Decryption
algChainSample(): cpaCySymSessionCtxGetSize GCM encrypt
algChainSample(): cpaCySymInitSession GCM Decrypt
algChainPerformOpGCM(): cpaCyBufferListGetMetaSize
*** Input buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 16, pData = 0x7f4ad5777800 "7\xcb\xb6@Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1444, pData = 0x7f4ad5777000 "\xff<\xbde\x02O\xfdY\x9b\xb7\x0c\x84\xf5L<\x1b"}
*** END Input buffer information ***
algChainPerformOpGCM(): cpaCySymPerformOp
symCallback(): Callback called with status = 0.
symCallback(): verifyResult = CPA_TRUE
*** Output buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 16, pData = 0x7f4ad5777800 "7\xcb\xb6@Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1444, pData = 0x7f4ad5777000 "<\xb0\xdaF(\x98\x04V\x83\x83\xe6\xf5\xb14\x0bz"}
*** END output buffer information ***
algChainSample(): cpaCySymRemoveSession GCM decrypt
algChainSample(): Number of symmetric operation completed: 1
algChainSample(): cpaCyStopInstance
algChainSample(): Sample code ran successfully
main():
GCM Sample Code App finished
-bash-5.1#gcm_sample output of 12 byte final buffer request on c62x:
-bash-5.1# ./gcm_sample.bad
main(): Starting GCM Sample Code App ...
algChainSample(): cpaCyStartInstance
algChainSample(): Authenticated Decryption
algChainSample(): cpaCySymSessionCtxGetSize GCM encrypt
algChainSample(): cpaCySymInitSession GCM Decrypt
algChainPerformOpGCM(): cpaCyBufferListGetMetaSize
*** Input buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7fac02f85000 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7fac02f84800 "\xff<\xbde\x02O\xfdY\x9b\xb7\x0c\x84\xf5L<\x1b"}
*** END Input buffer information ***
algChainPerformOpGCM(): cpaCySymPerformOp
symCallback(): Callback called with status = 0.
symCallback(): verifyResult = CPA_TRUE
*** Output buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7fac02f85000 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7fac02f84800 "<\xb0\xdaF(\x98\x04V\x83\x83\xe6\xf5\xb14\x0bz"}
*** END output buffer information ***
algChainSample(): cpaCySymRemoveSession GCM decrypt
algChainSample(): Number of symmetric operation completed: 1
algChainSample(): cpaCyStopInstance
algChainSample(): Sample code ran successfully
main():
GCM Sample Code App finished
-bash-5.1#
Given that the same code works fine on c62x, this may indicate a bug or inconsistency in the SDK or device firmware behavior for c4xxx. I’d appreciate it if your team could take a closer look.
Let me know if you need additional logs or traces.
Thanks,
Jamie
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie_A10,
Thank you for reporting this issue, I am currently looking into it.
I will contact you back as soon as possible.
Regards,
Ronny G
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie_A10,
I reproduced the issue you mentioned, as shown below.
Please give me some time to discuss it with the development team, and I will update you soon.
#gcm_sample]# ./gcm_sample
main(): Starting GCM Sample Code App ...
algChainSample(): cpaCyStartInstance
algChainSample(): Authenticated Decryption
algChainSample(): cpaCySymSessionCtxGetSize GCM encrypt
algChainSample(): cpaCySymInitSession GCM Decrypt
algChainPerformOpGCM(): cpaCyBufferListGetMetaSize
*** Input buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7f890d119400 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7f890d118c00 "\xff<\xbde\x02O\xfdY\x9b\xb7\x0c\x84\xf5L<\x1b"}
*** END Input buffer information ***
algChainPerformOpGCM(): cpaCySymPerformOp
symCallback(): Callback called with status = 0.
symCallback(): verifyResult = CPA_FALSE
*** Output buffer information ***
pFlatBuffer[15] = {dataLenInBytes = 12, pData = 0x7f890d119400 "Y\xd5\xa8\x96\xf4\x0b\x11\xf8\xe4s\xbeC"}
pFlatBuffer[14] = {dataLenInBytes = 1448, pData = 0x7f890d118c00 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"}
*** END output buffer information ***
algChainSample(): cpaCySymRemoveSession GCM decrypt
algChainSample(): Number of symmetric operation completed: 1
algChainSample(): cpaCyStopInstance
algChainSample(): Sample code ran successfully
main():
GCM Sample Code App finished
Thanks,
Ronny G
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie_A10,
This is just to let you know that we are still looking into this report.
I will get back to you soon.
Regards,
Ronny G
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ronny,
Thank you for the updates. Could you please create a support ticket for this issue?
Many of our products are affected, and we look forward to your further investigation.
Thanks,
Jamie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie_A10,
I completely understand. We've generated a service ticket for this issue, and the case number is 06579424. As I mentioned before, I was able to replicate this issue, and it is currently escalated. I would appreciate it if you could share more details about the usage model and how it impacts your organization. This information will assist me in prioritizing the resolution of the issue.
Regards,
Ronny G
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie,
I am currently working with the QAT FW engineering team to address this issue and would be grateful if you could provide further details about the usage model and its impact on your organization. I've also sent you an email requesting this information to prevent the sharing of private details that are not suitable for public discussion in a community setting. This information will help me prioritize the resolution of the issue.
Regards,
Ronny G
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ronny,
The QAT c4xxx is used in our TH1060 model, and it is causing service outages for customers using the AES-GCM cipher. We currently have over 20 escalations (and more coming) related to this issue.
At this time, our only workaround is to advise customers to disable QAT acceleration on the TH1060 model. However, this results in significant performance degradation due to reliance on software SSL.
Please prioritize resolving this issue as soon as possible.
Thanks,
Jamie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Jamie,
I recognize the importance of this issue and have made sure the firmware team understands its impact, I am also prioritizing the IPS case accordingly.
I will keep you updated with any information I receive from them, though please be aware that the resolution might require extra time.
I am closing this community post since we will be addressing this issue through IPS.
Regards,
Ronny G
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page