Commit Graph

33713 Commits

Author SHA1 Message Date
Radu Nicolau
eb944b5906 net/iavf: update IPsec ESN values when updating session
When updating an ingress session update the internal values before
making the virtual channel request.

Fixes: 6bc987ecb8 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Aleksandr Miloshenko
4e868408bf net/iavf: fix Tx done descriptors cleanup
iavf_xmit_pkts() sets tx_tail to the next of last transmitted
Tx descriptor. So the cleanup of Tx done descriptors must be started
from tx_tail, not from the next of tx_tail.
Otherwise rte_eth_tx_done_cleanup() doesn't free the first Tx done mbuf
when tx queue is full.

Fixes: 86e44244f9 ("net/iavf: cleanup Tx buffers")
Cc: stable@dpdk.org

Signed-off-by: Aleksandr Miloshenko <a.miloshenko@f5.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Zhichao Zeng
9e984bc53b net/ice: add option to disable ACL engine in DCF
Support disabling DCF ACL engine via devarg "acl=off" in cmdline, aiming to
shorten the DCF startup time.

Signed-off-by: Zhichao Zeng <zhichaox.zeng@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Steve Yang
e5c7498fae net/iavf: fix pattern check for flow director parser
FDIR rules with masks are not supported in current code. Thus add
pattern check for IPv4/UDP/TCP/SCTP addr/port to terminate the FDIR
programming stage.

Fixes: d5eb3e600d ("net/iavf: support flow director basic rule")
Cc: stable@dpdk.org

Signed-off-by: Steve Yang <stevex.yang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Junfeng Guo
cf0884e4b0 net/igc: support device I225-IT
Add device id for Ethernet Controller (2) I225-IT.

Signed-off-by: Junfeng Guo <junfeng.guo@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Yiding Zhou
0d58caa7d6 net/iavf: fix VLAN insertion
When the driver tells the VF to insert VLAN tag using the L2TAG2 field,
vector Tx path does not use Tx context descriptor and would cause VLAN tag
inserted into the wrong location.

This commit is to fix issue by using normal Tx path to handle L2TAG2 case.

Fixes: 3aa9573385 ("net/iavf: fix VLAN insert")
Cc: stable@dpdk.org

Signed-off-by: Yiding Zhou <yidingx.zhou@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Zhichao Zeng
776c119736 net/ice: remove deprecated VF flow action
According to the ABI and API Deprecation, remove deprecated VF action
as hard-to-use / ambiguous.

Action REPRESENTED_PORT should be used instead.

Signed-off-by: Zhichao Zeng <zhichaox.zeng@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Ke Zhang
817577c03a net/iavf: fix L3 checksum Tx offload flag
When ol_flag is only RTE_MBUF_F_TX_IPV4, the Tx L3
checksum offload is still configured to IIPT in the
command field of Tx data descriptor.

This patch is to fix the issue to make the Tx L3
checksum offload flags and Tx data descriptor
consistent.

Fixes: 1e728b0112 ("net/iavf: rework Tx path")
Cc: stable@dpdk.org

Signed-off-by: Ke Zhang <ke1x.zhang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:56 +02:00
Zhichao Zeng
c0444f6273 net/ice: support represented port flow action
Add support for action REPRESENTED_PORT in DCF. Supposed to send matching
traffic to the entity (VF) represented by the given ethdev, at embedded
switch level.

Signed-off-by: Zhichao Zeng <zhichaox.zeng@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-09-06 14:54:40 +02:00
Dexia Li
4be031d7af net/iavf: support flow matching on MAC address
Position src and dst mac bit in iavf fdir eth inset, thus
eth pattern can support src and dst mac match.

Signed-off-by: Dexia Li <dexia.li@jaguarmicro.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-08-08 11:11:30 +02:00
Ting Xu
53e7c7fcf3 net/ice/base: fix inner symmetric RSS hash in raw flow
Inner IPv4 and IPv6 symmetric RSS hash is not valid for raw pattern.
This patch fixes the issue by adding the corresponding protocol ID
for inner IPv4/6.

Fixes: 0837da2e27 ("net/ice/base: support add HW profile for RSS raw flow")
Cc: stable@dpdk.org

Signed-off-by: Ting Xu <ting.xu@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-08-08 10:51:02 +02:00
Zhichao Zeng
04887b812a net/ice: fix RSS hash update
This patch fixes the issue that the RSS does not update correctly
when the user sets it to none.

Fixes: 4717a12cfa ("net/ice: initialize and update RSS based on user config")
Cc: stable@dpdk.org

Signed-off-by: Zhichao Zeng <zhichaox.zeng@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2022-08-08 10:45:53 +02:00
Ke Zhang
ba10df53e4 net/i40e: fix VF representor release
A segmentation fault occurs when testpmd exit.

This is due to fetching the device name from PF, PF
is freed firstly and then VF representor is called
later.

This commit fixes the bug by fetching the device
name from VF representor instead of PF.

Fixes: e391a7b7f8 ("net/i40e: fix multi-process shared data")
Cc: stable@dpdk.org

Signed-off-by: Ke Zhang <ke1x.zhang@intel.com>
Acked-by: Yuying Zhang <yuying.zhang@intel.com>
2022-08-08 10:37:41 +02:00
Ali Alnubani
9891ded2ea net: fix build with -Wpedantic
Adds the __extension__ attribute to resolve the following warning
with gcc 4.8.5 on CentOS 7:
lib/net/rte_macsec.h:38:2: error: type of bit-field 'short_length' is
  a GCC extension [-Werror=pedantic]

Fixes: 0aaf097585 ("ethdev: add MACsec flow item")

Signed-off-by: Ali Alnubani <alialnu@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-29 09:20:12 +02:00
Akhil Goyal
bbbe6c596b security: support MACsec
Added support for MACsec in rte_security for offloading
MACsec Protocol operation to inline NIC device or a crypto device.

To support MACsec we cannot just make one security session and
send with the packet to process it. MACsec specifications suggest,
it has 3 different entities - SECY Entity, SC (secure channel) and
SA (security association). And same SA can be used by multiple SCs and
similarly many SECY can have same SCs. Hence, in order to support this
many to one relationships between all entities, 2 new APIs are created -
rte_security_macsec_sc_create and rte_security_macsec_sa_create.
Flow of execution of the APIs would be as
- rte_security_macsec_sa_create
- rte_security_macsec_sc_create
- rte_security_session_create (for secy)
And in case of inline protocol processing rte_flow can be created with
rte_security action. A new flow item will be added for MACsec header.
New APIs are also created for getting SC and SA stats.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
2022-09-28 21:31:14 +02:00
Akhil Goyal
0aaf097585 ethdev: add MACsec flow item
A new flow item is defined for MACsec flows which can be
offloaded to an inline device. If the flow matches with
MACsec header, device will process as per the security
session created using rte_security APIs.
If an error comes while MACsec processing in HW, PMD will
notify with the events defined in this patch.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Ori Kam <orika@nvidia.com>
2022-09-28 21:31:02 +02:00
Akhil Goyal
32ae9939d9 net: add MACsec header
Added MACsec protocol header to be used for supporting
MACsec protocol offload in hardware or directly in the application.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Ori Kam <orika@nvidia.com>
2022-09-28 21:17:21 +02:00
Volodymyr Fialko
4f3c773825 eventdev: fix name of Rx conf type in documentation
Rename configuration structure type to correspond definition.

Fixes: dcc806c263 ("eventdev: add eth Rx adapter API")
Cc: stable@dpdk.org

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Jay Jayatheerthan <jay.jayatheerthan@intel.com>
2022-09-28 13:02:55 +02:00
Naga Harish K S V
3c3328aef3 eventdev/eth_tx: add queue start/stop API
Add support to start or stop a particular queue
that is associated with the adapter.

Start function enables the Tx adapter to start enqueueing
packets to the Tx queue.

Stop function stops the Tx adapter from enqueueing any
packets to the Tx queue. The stop API also frees any packets
that may have been buffered for this queue. All in-flight packets
destined to the queue are freed by the adapter runtime until the
queue is started again.

Signed-off-by: Naga Harish K S V <s.v.naga.harish.k@intel.com>
Acked-by: Jay Jayatheerthan <jay.jayatheerthan@intel.com>
2022-09-28 05:47:38 +02:00
Pavan Nikhilesh
2367e7e0cf event/cnxk: update event vector Tx routine
Update event vector transmit routine to honor elem_offset.
Use ``rte_event_vector::elem_offset`` to report partial
vector transmission to the application when there is not
enough space in the SQ.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
2022-09-27 15:41:59 +02:00
Pavan Nikhilesh
3a304711b6 examples: update event vector free routine
Update event vector free routine to account for element
offset while freeing elements.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
2022-09-27 15:41:39 +02:00
Pavan Nikhilesh
0fbb55efa5 eventdev: add element offset to event vector
Add `rte_event_vector:elem_offset:12` bit field event vector
structure the bits are taken from `rte_event_vector::rsvd:15`.
The element offset defines the offset into the vector array
at which valid elements start.

The valid elements count will be equal to
`rte_event_vector::nb_elem`.

Update Rx/Tx adapter SW implementation to use elem_offset.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Reviewed-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
2022-09-27 15:41:03 +02:00
Pavan Nikhilesh
a6d13f59e6 event/cnxk: disable timer resolution estimation
Disable timer resolution estimation, read TIM LF clock registers
to get the current running clock counter as estimating causes
time drift.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
2022-09-27 12:56:38 +02:00
Pavan Nikhilesh
4b5ffa6a05 event/cnxk: set dequeue mode to prefetch with wait
Set default GetWork(dequeue) mode to prefetch with wait for
event.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
2022-09-27 12:56:38 +02:00
Pavan Nikhilesh
e3c0049d16 event/cnxk: avoid reading non-cached registers
Avoid reading non-cached registers in fastpath.
PENDSTATE need not be read before tag flush in Tx enqueue
context as we have additional checks prior to check for
pending flushes.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
2022-09-27 12:56:38 +02:00
Shijith Thotton
bd1cf51125 event/cnxk: remove option to limit XAQ
Removed support to limit XAQ from devargs. If XAQ is limited, new add
works could run out of XAQ entries and disable the queue.

Signed-off-by: Shijith Thotton <sthotton@marvell.com>
2022-09-27 12:55:39 +02:00
Bruce Richardson
8c76e2f693 raw/ioat: remove deprecated driver
The ioat driver has been superseded by the ioat and idxd dmadev drivers,
and has been deprecated for some time, so remove it.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
2022-09-28 14:41:07 +02:00
Ferruh Yigit
8841fbadda maintainers: update email address
Updating @xilinx.com domain to @amd.com domain.

Signed-off-by: Ferruh Yigit <ferruh.yigit@amd.com>
2022-09-28 14:19:59 +02:00
Sunil Uttarwar
12914ce519 maintainers: update for AMD CCP
Updating AMD CCP crypto maintainer

Signed-off-by: Sunil Uttarwar <sunilprakashrao.uttarwar@amd.com>
2022-09-28 14:19:59 +02:00
Fan Zhang
9f5f141627 maintainers: update for crypto and compressdev
Update maintainer and email address.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Kai Ji <kai.ji@intel.com>
2022-09-28 14:19:54 +02:00
Stephen Hemminger
f3cd6803ac maintainers: update for Arm v7
Going over list of active DPDK developers and MAINTAINERS
and noticed that Jan's email was not active.

His response was:
"
The viktorin@rehivetech.com is no longer under my control.
As there is already another maintainer (Ruifeng Wang),
I would prefer and suggest to remove my address
from the maintainers entirely.
"

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
2022-09-28 13:24:41 +02:00
Andrew Boyer
19d5f52240 eal/linux: restore some header includes for HPET
These are necessary to build when HPET is enabled.

Fixes: 2ff3976e67 ("eal: remove unneeded header includes")
Cc: stable@dpdk.org

Signed-off-by: Andrew Boyer <andrew.boyer@amd.com>
Acked-by: Ferruh Yigit <ferruh.yigit@amd.com>
2022-09-28 13:18:29 +02:00
Vamsi Attunuru
ff8ef86c7e test/security: add inline IPsec SA hard expiry cases
Patch adds hard expiry unit tests for both packet
and byte limits.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 20:31:16 +02:00
Vamsi Attunuru
34e8a9d9b4 test/security: add inline IPsec SA soft expiry cases
Patch adds unit tests for packet & byte soft expiry events.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 20:31:16 +02:00
Vamsi Attunuru
d1ce79d14b ethdev: add IPsec SA expiry event subtypes
Patch adds new event subtypes for notifying expiry
events upon reaching IPsec SA soft packet expiry and
hard packet/byte expiry limits.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
2022-09-27 20:31:16 +02:00
Anoob Joseph
d34a0ad3fa test/crypto: ensure structs are updated in unison
The structs are directly indexed for generating standard vectors. Add
asserts to make sure structs are not updated in isolation.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 18:20:35 +02:00
Kai Ji
0100b0f3f1 crypto/openssl: fix HMAC output length
This patch sets the max length of dst in OpenSSL 3.0 lib EVP MAC final
routine to ensure enough space for the result.

Fixes: 75adf1eae4 ("crypto/openssl: update HMAC routine with 3.0 EVP API")
Cc: stable@dpdk.org

Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
2022-09-27 18:20:35 +02:00
Volodymyr Fialko
6c55e2c3e6 cryptodev: fix missing SHA3 algorithm strings
SHA3 family algorithms were missing in the array of algorithm strings.

Fixes: 1df800f895 ("crypto/ccp: support SHA3 family")
Cc: stable@dpdk.org

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 18:20:35 +02:00
Nithin Dabilpuram
58e2cf4cf7 examples/ipsec-secgw: update ether type using tunnel info
Update ether type for outbound SA processing based on tunnel header
information in both NEON functions for poll mode and event mode worker
functions.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 18:20:35 +02:00
Nithin Dabilpuram
c215f6cdf9 test/security: update L2 header based on tunnel IP version
Update L2 header based on tunnel IP version in the application
as driver/HW is not expected to update L2 ether type post
Outbound Inline protocol offload processing.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 18:20:35 +02:00
Nithin Dabilpuram
be7e9c5fb0 net/cnxk: remove L2 header update for outbound inline
Remove L2 header update for outbound inline packets as
application is already taking care of the same.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
2022-09-27 18:20:35 +02:00
Nithin Dabilpuram
dcee1520f3 security: clarify L2 header requirement for inline IPsec
Clarify that for Outbound Inline IPsec processing, L2 header
needs to be up to date with ether type which will be applicable
post IPsec processing as the IPsec offload only touches L3 and above.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:46 +02:00
Nithin Dabilpuram
338eb15178 mbuf: clarify meta data needed for inline IPsec
Clarify mbuf meta data needed for Outbound Inline IPsec processing.
Application needs to provide mbuf.l3_len and L3 type in
mbuf.ol_flags so that like tunnel mode using mbuf.l2_len, transport mode
can make use of l3_len and l3_type to determine perform
proper transport mode IPsec processing.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Volodymyr Fialko
87d396163c crypto/cnxk: support DOCSIS
Add support for offloading RTE_CRYPTO_CIPHER_AES_DOCSISBPI and
RTE_CRYPTO_CIPHER_DES_DOCSISBPI algorithms to symmetric crypto session.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Vamsi Attunuru
f57e36acb2 crypto/cnxk: update flow label copy capability
Update flow label copy capability in IPsec options.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Shijith Thotton
bfce22f1f9 crypto/cnxk: change adapter datapath error log to debug
Errors in crypto adapter datapath can be handled gracefully. So the
error print can be moved under debug.

Signed-off-by: Shijith Thotton <sthotton@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Anoob Joseph
1ceb66a1e4 crypto/cnxk: remove unused context buffer length
'struct roc_se_buf_ptr ctx_buf' has fields for a pointer and len.
The field for len was unused.
It is removed and the required pointer is added in the parent struct.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Anoob Joseph
82ab591504 crypto/cnxk: use dedicated functions based on operation
Identify the datapath thread to be used during session create. This can
be used to call right function early on to avoid multiple session
specific checks in datapath functions.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Tejasree Kondoj
2c049fb12d crypto/cnxk: enable IE engine for Chacha-Poly
Change engine group of Chacha20-Poly1305 as it is
supported on IE engines also.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00
Anoob Joseph
256d24011e crypto/cnxk: remove auth IV from Kasumi cipher
Auth IV is not applicable for kasumi cipher operation.
Removed the same.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-09-27 17:18:45 +02:00