Commit Graph

31726 Commits

Author SHA1 Message Date
Maxime Coquelin
04c27cb673 vhost: fix unsafe vring addresses modifications
This patch adds missing protection around vring_invalidate
and translate_ring_addresses calls in vhost_user_iotlb_msg.

Fixes: eefac9536a ("vhost: postpone device creation until rings are mapped")
Cc: stable@dpdk.org

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
2022-02-17 09:26:50 +01:00
Abhimanyu Saini
b8162dbeef vdpa/sfc: make MCDI memzone name unique
Buffer for MCDI channel is allocated using rte_memzone_reserve_aligned
with zone name 'mcdi'. Since multiple MCDI channels are needed to
support multiple VF(s) and rte_memzone_reserve_aligned expects unique
zone names, append PCI address to zone name to make it unique.

Signed-off-by: Abhimanyu Saini <asaini@xilinx.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2022-02-15 13:22:18 +01:00
Xuan Ding
52ade97e36 vhost: fix physical address mapping
When choosing IOVA as PA mode, IOVA is likely to be discontinuous,
which requires page by page mapping for DMA devices. To be consistent,
this patch implements page by page mapping instead of mapping at the
region granularity for both IOVA as VA and PA mode.

Fixes: 7c61fa08b7 ("vhost: enable IOMMU for async vhost")
Cc: stable@dpdk.org

Signed-off-by: Xuan Ding <xuan.ding@intel.com>
Signed-off-by: Yuan Wang <yuanx.wang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2022-02-15 11:49:47 +01:00
Xuan Ding
2ec359747e vhost: fix field naming in guest page struct
This patch renames the host_phys_addr to host_iova in guest_page
struct. The host_phys_addr is iova, it depends on the DPDK
IOVA mode.

Fixes: e246896178 ("vhost: get guest/host physical address mappings")
Cc: stable@dpdk.org

Signed-off-by: Xuan Ding <xuan.ding@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2022-02-15 11:49:47 +01:00
Harman Kalra
f2566bfa80 common/cnxk: enable NIX Tx interrupts errata
An errata exists whereby NIX may incorrectly overwrite the value in
NIX_SQ_CTX_S[SQ_INT]. This may cause set interrupts to get cleared or
causing an QINT when no error is outstanding.
As a workaround, software should always read all SQ debug registers
and not just rely on NIX_SQINT_E bits set in NIX_SQ_CTX_S[SQ_INT].
Also for detecting SQB faults software must read SQ context and
check id next_sqb is NULL.

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2022-02-17 10:26:30 +01:00
Satheesh Paul
3cebc8f35f net/cnxk: fix Rx/Tx function update
When Rx/Tx functions are updated such as in a rte flow
rule creation with VLAN stripping or marking action,
update the fastpath ops table as well.

Fixes: b951c2efcb ("net/cnxk: add Rx burst for CN9K")
Fixes: f742a9a668 ("net/cnxk: add Rx burst for CN10K")
Cc: stable@dpdk.org

Signed-off-by: Satheesh Paul <psatheesh@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2022-02-17 09:51:23 +01:00
Satheesh Paul
0fb2b46be7 common/cnxk: fix base rule merge
Egress rules do not have a base steering rule and the
current base steering rule is applicable only for ingress
rules. Hence, when creating a flow rule, merge base steering
rule only for ingress rules.

Fixes: f9af908074 ("common/cnxk: add mcam utility API")
Cc: stable@dpdk.org

Signed-off-by: Satheesh Paul <psatheesh@marvell.com>
Reviewed-by: Kiran Kumar K <kirankumark@marvell.com>
2022-02-17 09:12:08 +01:00
Satheesh Paul
542e27e99b common/cnxk: fix log level during MCAM allocation
Changed log level from info to debug for a couple of log
messages printed during MCAM allocation.

Fixes: 1f66919817 ("common/cnxk: improve MCAM entries management")
Cc: stable@dpdk.org

Signed-off-by: Satheesh Paul <psatheesh@marvell.com>
Reviewed-by: Kiran Kumar K <kirankumark@marvell.com>
2022-02-17 08:21:25 +01:00
Satheesh Paul
40257b81b8 common/cnxk: fix flow deletion
When a flow is deleted, the counters are deleted without
being cleared first. This results in counter values being
retained and shown in flows created later. Hence, counter
is cleared before being deleted.

Updated driver to clear and delete counters upon flow deletion.

Fixes: a07f7ced43 ("common/cnxk: add NPC init and fini")
Cc: stable@dpdk.org

Signed-off-by: Satheesh Paul <psatheesh@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2022-02-17 07:33:16 +01:00
Satheesh Paul
9132292e99 common/cnxk: fix null access in IPv6 flow parsing
Added null check in IPv6 flow pattern parsing.

Fixes: 474e275b1b ("common/cnxk: support extensions attributes in IPv6 item")

Signed-off-by: Satheesh Paul <psatheesh@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2022-02-17 05:33:09 +01:00
Min Hu (Connor)
d8c079a572 app/testpmd: check starting port is not in bonding
In bond, start or stop slave port should be operated by bonding port.
This patch add port_is_bonding_slave in start_port function.

Fixes: 0e545d3047 ("app/testpmd: check stopping port is not in bonding")
Cc: stable@dpdk.org

Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2022-02-17 13:35:31 +01:00
Junjie Wan
b3eaaf1d08 net/bonding: fix slaves initializing on MTU setting
If a initial process for the bonding device is like:
rte_eth_dev_configure
rte_eth_dev_set_mtu
queue setup and start, etc.

Pass the vdev args to application, and init bonding device only.
-a 0000:af:00.0 --vdev="net_bonding0,mode=2,slave=0000:af:00.0"

It will fail and complain for the slave device
"Port 0 must be configured before MTU set"

Test can be reproduced with ovs.

Fixes: b26bee10ee ("ethdev: forbid MTU set before device configure")
Cc: stable@dpdk.org

Signed-off-by: Junjie Wan <wanjunjie@bytedance.com>
Tested-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Min Hu (Connor) <humin29@huawei.com>
2022-02-17 12:55:21 +01:00
Junjie Wan
6f65049e89 net/bonding: log on invalid device argument
When invalid args exist, application exits with no error hint.
Adding a log message here will help users to know the reason.

Signed-off-by: Junjie Wan <wanjunjie@bytedance.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Min Hu (Connor) <humin29@huawei.com>
2022-02-17 12:55:15 +01:00
Rahul Bhansali
4e00823dcc net/cnxk: fix mbuf data length
If multi-segment is enabled and single segment/packet
is received, then mbuf data_len is not updated in
cn9k_nix_cqe_to_mbuf() function.
Also, in case of timestamp is enabled, mbuf data_len
and pkt_len will be updated for all packets including
multi segmented packets.

Fixes: 7c6bee3406 ("net/cnxk: enable PTP processing in vector Rx")
Cc: stable@dpdk.org

Signed-off-by: Rahul Bhansali <rbhansali@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2022-02-16 14:36:00 +01:00
David Marchand
ffe77e911f ethdev: fix MAC address in telemetry device info
The right size for a human readable MAC is RTE_ETHER_ADDR_FMT_SIZE.
While at it, the net library provides a helper for MAC address
formatting. Prefer it.

Fixes: 58b43c1ddf ("ethdev: add telemetry endpoint for device info")
Cc: stable@dpdk.org

Reported-by: Christophe Fontaine <cfontain@redhat.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2022-02-16 17:30:04 +01:00
Yunjian Wang
23abab4f14 net/iavf: reset security context pointer on stop
When iavf_security_ctx_destroy() is cleaning up, it does not correctly
set the security_ctx variable to NULL, which will lead to wild pointer.

Fixes: 6bc987ecb8 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2022-02-16 15:16:53 +01:00
Yunjian Wang
6d498b853f net/txgbe: reset security context pointer on close
When txgbe_dev_close() is cleaning up, it does not correctly set
the security_ctx variable to NULL, which will lead to wild pointer.

Fixes: f437d97c3d ("net/txgbe: add IPsec context creation")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2022-02-16 15:16:53 +01:00
Yunjian Wang
848a37cead net/ixgbe: reset security context pointer on close
When ixgbe_dev_close() is cleaning up, it does not correctly set
the security_ctx variable to NULL, which will lead to wild pointer.

Fixes: 9a0752f498 ("net/ixgbe: enable inline IPsec")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Haiyue Wang <haiyue.wang@intel.com>
2022-02-16 15:16:53 +01:00
John Miller
24259c4f90 net/ark: add performance optimizations
Added software register writes for hw optimization and
performance fixes.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
b4b68e7508 net/ark: add memory write barriers in critical paths
Add memory write barriers for read and wait status functions
in ddm, udm and mpu.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
30e59d5435 net/ark: support chunk DMA transfers
Add support for chunk DMA transfers.

Chunk mpu transfer use 64 objects (512 byte) to maintain memory
read alignment.

Align mpu memory allocation to be at 512 byte boundaries.

Reduce force-close allocation from 10000 objects to 64 objects.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
4f2f1bd8cd net/ark: update packet generator and checker config status
Configuration status updates for internal packet checker and
generator.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
2f27ef736f net/ark: support arbitrary mbuf size
Added arbitrary mbuf size per queue capability.
Updated ARK_UDM_CONST3 value to reflect the version number
read from the HW that is required to support this change.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
51ec6c74e8 net/ark: support new devices
Add two new supported device ID's.
Add documentation for new devices.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
John Miller
c5314a538a net/ark: add device capabilities record
Add a device capabilities record for supported features.
Certain variants require that PCIe read-requests be correctly
throttled. This is called "rqpacing" in Arkville, and has to do
with credit and flow control on certain Arkville implementations.

Signed-off-by: John Miller <john.miller@atomicrules.com>
2022-02-16 00:48:06 +01:00
Martin Spinler
3a9f9364a8 net/nfb: support more MAC addresses
Extend the eth_dev_ops by add/remove MAC address functions.

Signed-off-by: Martin Spinler <spinler@cesnet.cz>
2022-02-15 14:53:41 +01:00
Martin Spinler
6685343c48 net/nfb: fix multicast/promiscuous mode switching
In the firmware, the promisc mode overrides the multicast mode.
So when the promisc mode is turned off, driver must check if the
multicast mode was active before and conditionally reactivate it.

Fixes: 6435f9a0ac ("net/nfb: add new netcope driver")
Cc: stable@dpdk.org

Signed-off-by: Martin Spinler <spinler@cesnet.cz>
2022-02-15 14:53:41 +01:00
Martin Spinler
1b4081870e net/nfb: use timestamp offload flag
Rewrite the RX timestamp setup code to use standard offload flag.

Signed-off-by: Martin Spinler <spinler@cesnet.cz>
2022-02-15 14:53:41 +01:00
Martin Spinler
f95a6c34bb net/nfb: skip log for zero-sized Tx burst
Zero-sized TX burst floods the log no more.

Signed-off-by: Martin Spinler <spinler@cesnet.cz>
2022-02-15 14:53:41 +01:00
Martin Spinler
8a4c8edb11 net/nfb: fix array indexes in deinit functions
The indexes in the for cycle were wrongly used and
the code accessed outside of the rxmac/txmac array.

Fixes: 6435f9a0ac ("net/nfb: add new netcope driver")
Cc: stable@dpdk.org

Signed-off-by: Martin Spinler <spinler@cesnet.cz>
2022-02-15 14:53:41 +01:00
John Daley
3f326c460f net/enic: fix dereference before null check
This patch fixes an issue found by coverity. It checks for a possible
null value of "error" before dereferencing it.

CID: 375064: Dereference after null check
Either the check against null is unnecessary, or there may be a null
pointer dereference.

Coverity issue: 375064
Fixes: ee806eea59 ("net/enic: support GENEVE flow item")

Signed-off-by: John Daley <johndale@cisco.com>
Reviewed-by: Hyong Youb Kim <hyonkim@cisco.com>
2022-02-15 13:54:39 +01:00
Jie Wang
3f3ae64f14 net/iavf: support L2TPv2 for flow director
Add support for L2TPv2(include PPP over L2TPv2) protocols FDIR
based on outer MAC src/dst address and L2TPv2 session ID.

Add support for PPPoL2TPv2oUDP protocols FDIR based on inner IP
src/dst address and UDP/TCP src/dst port.

Patterns are listed below:
eth/ipv4(6)/udp/l2tpv2
eth/ipv4(6)/udp/l2tpv2/ppp

eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)
eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)/udp
eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)/tcp

Signed-off-by: Jie Wang <jie1x.wang@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
2022-02-15 17:32:33 +01:00
Jie Wang
01d9025629 net/iavf: support L2TPv2 for RSS
Add support for L2TPv2(include PPP over L2TPv2) protocols RSS based
on outer MAC src/dst address and L2TPv2 session ID.

Patterns are listed below:
eth/ipv4/udp/l2tpv2
eth/ipv4/udp/l2tpv2/ppp
eth/ipv6/udp/l2tpv2
eth/ipv6/udp/l2tpv2/ppp

Signed-off-by: Jie Wang <jie1x.wang@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
2022-02-15 17:32:10 +01:00
Joyce Kong
dba9e3bcd9 net/i40e: add flow mark capability to NEON Rx
This commit adds a flow director support to i40e NEON
vector RX path.

I40e can have 16 and 32 byte descriptors, and the Flow
Director ID data and indication-bit are in different
locations for each size descriptor. The support is
implemented in two separate functions as they require
vastly different operations.

The 16B descriptor re-purposes the "filter-status" u32
field to indicate FDIR ID when the FLM bit is set. No
extra loads are required, however we do have to store
to mbuf->fdir.hi, which is not stored to in the RX path
before this patch.

The 32B descriptor requires loading the 2nd 16 bytes of
each descriptor, to get the FLEXBH_STAT and FD Filter ID
from qword3. The resulting data must also be stored to
mbuf->fdir.hi, same as the 16B code path.

Signed-off-by: Joyce Kong <joyce.kong@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
2022-02-15 17:06:06 +01:00
Pablo de Lara
35cb5bd236 doc: support IPsec Multi-buffer lib v1.2
Updated AESNI MB and AESNI GCM, KASUMI, ZUC and SNOW3G PMD documentation
guides with information about the latest Intel IPSec Multi-buffer
library supported.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-02-24 11:28:29 +01:00
Pablo de Lara
a501609ea6 crypto/ipsec_mb: fix length and offset settings
KASUMI, SNOW3G and ZUC require lengths and offsets to
be set in bits or bytes depending on the algorithm.
There were some algorithms that were mixing these two,
so this commit is fixing this issue.

Fixes: ae8e085c60 ("crypto/aesni_mb: support KASUMI F8/F9")
Fixes: 6c42e0cf4d ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2")
Fixes: fd8df85487 ("crypto/aesni_mb: support ZUC-EEA3/EIA3")
Fixes: 8c835018de ("crypto/ipsec_mb: support ZUC-256 for aesni_mb")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-02-24 11:21:28 +01:00
Pablo de Lara
96d0dc2a3c crypto/ipsec_mb: fix ZUC operation overwrite
ZUC PMD batches crypto operations depending on their type
(encryption + tag generation, tag verification + decryption, etc),
to allow parallelization.
The array used to store the pointers to these operations was
always the same array provided by dequeue_burst() function,
and it was looping around the same positions (from 0 to ZUC_MAX_BURST - 1).

A new internal array is used to avoid overwriting the pointers
of the array provided by dequeue_burst() function.

Fixes: cf7685d68f ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-02-24 11:21:23 +01:00
Pablo de Lara
bd3769739b crypto/ipsec_mb: fix ZUC authentication verify
ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.

Fixes: 0b133c36ad ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-02-24 11:21:12 +01:00
Pablo de Lara
cfb566048e crypto/ipsec_mb: check missing operation types
When processing crypto operations in ZUC PMD,
there were two operation types that were set at session level,
but not checked when the operations are enqueued and processed,
leaving the buffers untouched silently.

Fixes: cde8df1bda ("crypto/ipsec_mb: move zuc PMD")
Cc: stable@dpdk.org

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-02-24 11:20:51 +01:00
Brian Dooley
a965e76806 crypto/virtio: fix out-of-bounds access
Coverity flags an untrusted loop bound. Check length of session iv.

Coverity issue: 375802
Fixes: b063e843fa ("crypto/virtio: fix IV physical address")
Cc: stable@dpdk.org

Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
2022-02-23 12:10:59 +01:00
Nicolas Chautru
fb6996eec0 baseband/acc100: avoid out-of-bounds access
The actual maximum number of gather pointers should have been limited

Coverity issue: 375803, 375813, 375819, 375827, 375831
Fixes: 5ad5060f8f ("baseband/acc100: add LDPC processing functions")
Cc: stable@dpdk.org

Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
2022-02-23 11:59:51 +01:00
Brian Dooley
aaf4ac4043 examples/l2fwd-crypto: fix port mask overflow
Coverity flags an issue with 32-bit value. If max ethports value is
configured with a value larger than 32 there will be an issue.
Coverity issue: 375863 Unintentional integer overflow

Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Cc: stable@dpdk.org

Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-02-23 11:50:02 +01:00
Volodymyr Fialko
5816147901 test/crypto: add L4 checksum case for transport mode
Added test case to verify L4 checksum offload in IPsec transport mode.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-02-23 11:43:41 +01:00
Volodymyr Fialko
42902e810d test/crypto: add TTL and hop limit decrement cases
Add test cases to verify TTL and hop limit decrement with lookaside
IPsec offload.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-02-23 11:43:41 +01:00
Jakub Poczatek
1998071cb6 doc: fix FIPS guide
Added missing step for converting SHA request files to correct
format. Replaced AES_GCM with GCM to follow the correct
naming format.

Fixes: 3d0fad56b7 ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org

Signed-off-by: Jakub Poczatek <jakub.poczatek@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
2022-02-23 11:43:14 +01:00
Nithin Dabilpuram
48a398718d examples/ipsec-secgw: add pool size parameters
Add support to enable per port packet pool and also override
vector pool size from command line args. This is useful
on some HW to tune performance based on usecase.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-02-23 11:43:14 +01:00
Nithin Dabilpuram
5fb245ba6d examples/ipsec-secgw: fix buffer freeing in vector mode
Fix packet processing to skip after mbuf is freed instead of
touching and Tx'ing it.

Also free vector event buffer in event worker when after processing
there is no pkt to be enqueued to Tx adapter.

Fixes: 86738ebe1e ("examples/ipsec-secgw: support event vector")
Cc: stable@dpdk.org

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-02-23 11:43:14 +01:00
Nithin Dabilpuram
5315b7746c examples/ipsec-secgw: avoid logs in data path
Update error prints in data path to RTE_LOG_DP().
Error prints in fast path are not good for performance
as they slow down the application when few bad packets are
received.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-02-23 11:43:14 +01:00
Volodymyr Fialko
a15f7b7d8a examples/ipsec-secgw: add check for unprotected port mask
Usage of unprotected port mask without any configured SA inbound, will
cause use of uninitialized SA context, so disallow such configuration.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-02-23 10:20:16 +01:00
Arek Kusztal
002486db23 crypto/qat: refactor asymmetric session
This patch refactors asymmetric session in Intel
QuickAssist Technology PMD and fixes some issues
with xform. Code will be now bit more scalable,
and easier readable.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
2022-02-23 10:17:16 +01:00