Add support for asymmetric crypto validation starting with RSA.
For the generation of crypto values which is multiprecision in
math, openssl library is used only for this purpose.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Brian Dooley <brian.dooley@intel.com>
The current blockcipher test function only has support for two types of
SGL test, INPLACE or OOP_SGL_IN_LB_OUT. These types are hardcoded into
the function, with the number of segments always set to 3.
To ensure all SGL types are tested, blockcipher test vectors now have
fields to specify SGL type, and the number of segments.
If these fields are missing, the previous defaults are used,
either INPLACE or OOP_SGL_IN_LB_OUT, with 3 segments.
Some AES and Hash vectors are modified to use these new fields, and new
AES tests are added to test the SGL types that were not previously
being tested.
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
More tests are added to test variations of OOP SGL for SNOW3G.
This includes LB_IN_SGL_OUT and SGL_IN_LB_OUT.
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The intel-ipsec-mb library supports SGL for GCM and ChaChaPoly
algorithms using the JOB API.
This support was added to AESNI_MB PMD previously, but the SGL feature
flags could not be added due to no SGL support for other algorithms.
This patch adds a workaround SGL approach for other algorithms
using the JOB API. The segmented input buffers are copied into a
linear buffer, which is passed as a single job to intel-ipsec-mb.
The job is processed, and on return, the linear buffer is split into the
original destination segments.
Existing AESNI_MB testcases are passing with these feature flags added.
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The segment size for some tests was too small to hold the auth digest.
This caused issues when using op->sym->auth.digest.data for comparisons
in AESNI_MB PMD after a subsequent patch enables SGL.
For example, if segment size is 2, and digest size is 4, then 4 bytes
are read from op->sym->auth.digest.data, which overflows into the memory
after the segment, rather than using the second segment that contains
the remaining half of the digest.
Fixes: 11c5485bb2 ("test/crypto: add scatter-gather tests for IP and OOP")
Cc: stable@dpdk.org
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Added functionality to parse algorithm for AES CTR test
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Added functionality to parse algorithm for AES GMAC test.
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
This patch reallocates the OpenSSL version check from
qat_session_configure() to a proper qat_security_session_create()
routine.
Fixes: 3227bc7138 ("crypto/qat: use intel-ipsec-mb for partial hash and AES")
Cc: stable@dpdk.org
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Kai Ji <kai.ji@intel.com>
Fixes spelling in one of the app's exit messages.
Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Cc: stable@dpdk.org
Signed-off-by: Ali Alnubani <alialnu@nvidia.com>
The related dependency to build the PMD based on the
SDK libraries is now enabled through pkgconfig.
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Limit number of queue pairs to one for event lookaside mode,
since all cores are using same queue in this mode.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added vector support for event crypto adapter in lookaside mode.
Once --event-vector is enabled, event crypto adapter will group
processed crypto operation into rte_event_vector event with type
RTE_EVENT_TYPE_CRYPTODEV_VECTOR.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added base support for lookaside event mode.
Events that are coming from ethdev will be enqueued
to the event crypto adapter, processed and
enqueued back to ethdev for the transmission.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Add separate event queue for event crypto adapter processing,
to resolve queue contention between new and already processed events.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added support to create, configure and start an event crypto adapter.
This adapter will be used in lookaside event mode processing.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
The variable mlx5_config may be used by other mlx5 drivers
and should be always initialized.
By moving its initialization (with configuration file generation),
it is made consistent for Linux and Windows builds.
And the check of mlx5_config in net/mlx5 is moved at the top of
net/mlx5/hws/meson.build so HWS requirements are in the right context.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Tested-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Alex Vesker <valex@nvidia.com>
If the dependency common/mlx5 is explicitly disabled,
but net/mlx5 is not explicitly disabled,
Meson will read the full recipe of net/mlx5
and will fail when accessing a variable from common/mlx5:
drivers/net/mlx5/meson.build:76:4: ERROR: Unknown variable "mlx5_config".
The solution is to stop parsing net/mlx5 if common/mlx5 is disabled.
The deps array must be defined before stopping, in order to automatically
disable the build of net/mlx5 and print the reason.
The same protection is applied to other mlx5 drivers,
so it will allow using the variable mlx5_config in future.
Fixes: 22681deead ("net/mlx5/hws: enable hardware steering")
Reported-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Tested-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Alex Vesker <valex@nvidia.com>
The mlx5_is_thread_alive function always returns false
(terminated) regardless to the actual thread state.
Fixed to return the correct thread state.
Bugzilla ID: 1089
Fixes: 5d55a494f4 ("net/mlx5: split multi-thread flow handling per OS")
Cc: stable@dpdk.org
Signed-off-by: Tal Shnaiderman <talshn@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
These are my last couple of days at Microsoft.
Remove the old email from MAINTAINERS.
Will no longer have free access to Azure to work on Netvsc.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Add a new structure for indirect AGE update.
This new structure enables:
1. Update timeout value.
2. Stop AGE checking.
3. Start AGE checking.
4. restart AGE checking.
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
When application use queue-based flow rule management and operate the
same flow rule on the same queue, e.g create/destroy/query, API of
querying aged flow rules should also have queue id parameter just like
other queue-based flow APIs.
By this way, PMD can work in more optimized way since resources are
isolated by queue and needn't synchronize.
If application do use queue-based flow management but configure port
without RTE_FLOW_PORT_FLAG_STRICT_QUEUE, which means application operate
a given flow rule on different queues, the queue id parameter will
be ignored.
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
The data-path focused flow rule management can manage flow rules in more
optimized way than traditional one by using hints provided by
application in initialization phase.
In addition to the current hints we have in port attr, more hints could
be provided by application about its behaviour.
One example is how the application do with the same flow rule ?
A. create/destroy flow on same queue but query flow on different queue
or queue-less way (i.e, counter query)
B. All flow operations will be exactly on the same queue, by which PMD
could be in more optimized way then A because resource could be
isolated and access based on queue, without lock, for example.
This patch add flag about above situation and could be extended to cover
more situations.
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Based on the hard limits configured in the SA context,
PMD passes corresponding event subtype to the application
to notify hard expiry event
Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Removed unnecessary datapointer(DPTR) update and remove ESN update
from microcode command word 0 based on the latest microcode.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
As per recent change in Linux-5.4.x AF driver, mailbox is updated to
configure mapping between channel and BPID.
Due to mbox mismatch, PFC was broken. Patch syncs mailbox definition
for the same. Also fixes the PFC configuration issues.
Fixes: ff1400aa9d ("net/cnxk: add receive channel backpressure for SDP")
Cc: stable@dpdk.org
Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
Sync nix_hw_info structure with kernel.
Maintain default RR_QUANTUM for VF TL2 same as kernel to make
equal distribution among all VFs.
Signed-off-by: Satha Rao <skoteshwar@marvell.com>
Each TX schedule config mail box supports a maximum 20 register updates.
This patch will send node weight updates in multiple mailboxes when
TM is created with more than 20 scheduler nodes.
Fixes: 464c9f9193 ("common/cnxk: support NIX TM dynamic update")
Cc: stable@dpdk.org
Signed-off-by: Satha Rao <skoteshwar@marvell.com>
RQ mask config needs to enable SPB_ENA in order for zero for
being able to override it with meta AURA.
Also fix flow control config to catch invalid rxchan config
errors.
Fixes: ddf955d391 ("common/cnxk: support CPT second pass")
Fixes: da57d4589a ("common/cnxk: support NIX flow control")
Cc: stable@dpdk.org
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
In outbound inline case, use NIX Tx offset instead of
NIX Tx address for cn10kb as per new instruction format.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Fix later skip to include mbuf priv data as mbuf->buf_addr
is populated based on calculation including per-mbuf priv area.
Fixes: 706eeae607 ("net/cnxk: add multi-segment Rx for CN10K")
Cc: stable@dpdk.org
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Add support to override soft expiry poll frequency via devargs.
Also provide helper API to indicate reassembly support on a chip
and documentation for devargs that are already present.
Fixes: 780b9c8924 ("net/cnxk: support zero AURA for inline meta")
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Set maximum frame size on SDP NIX side to 16KB for CN93 A0 and B0,
CNF95N A0 and CNF95O A0 SOC type. Rest of the SoCs SDP NIX to 64KB.
Signed-off-by: Sathesh Edara <sedara@marvell.com>
Verify that the message length is non zero and keep processing
virtual channel messages after the event is received.
Fixes: 6bc987ecb8 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
PMD tx path does not support VXLAN_GPE tunnel offload. Because it does not
process RTE_MBUF_F_TX_TUNNEL_VXLAN_GPE flag in mbuf, and then the "L4TUNT"
field will not be set in Tx context descriptor.
This patch is to add the RTE_MBUF_F_TX_TUNNEL_VXLAN_GPE flag to
support Tx VXLAN_GPE offload under the scenario if the offload tso
and VXLAN_GPE tunnel are both required, so that it would avoid
tx queue overflowing.
Fixes: daa02b5cdd ("mbuf: add namespace to offload flags")
Cc: stable@dpdk.org
Signed-off-by: Mingjin Ye <mingjinx.ye@intel.com>
Tested-by: Ke Xu <ke1.xu@intel.com>
Use large VF queue stop request when large VF is enabled
Fixes: 9cf9c02bf6 ("net/iavf: add enable/disable queues for large VF")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
All callbacks registered for ethdev events are called in
eal-intr-thread, and some of them execute virtchnl commands.
Because interrupts are disabled in the intr thread, no response
will be received for these commands. So all callbacks should
be called in a new context.
When the device is bonded, the bond pmd registers a callback for
the LSC event to execute virtchnl commands to reinitialize the
device, and it would also raise the above issue.
This commit adds a new thread to call all event callbacks.
Fixes: 48de41ca11 ("net/avf: enable link status update")
Fixes: 8410842505 ("net/iavf: support asynchronous virtual channel message")
Cc: stable@dpdk.org
Signed-off-by: Yiding Zhou <yidingx.zhou@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
proto_hdr defines a bit mask of the protocol sequence as RTE_PTYPE_*,
The last RTE_PTYPE* in the mask indicates the split position.
To get the split position from proto_hdr, the order of judgement should
be from inner to outer layer, so for tunneling packets the tunnel header
should be placed at the end of the judgement condition.
Fixes: 629dad3ef3 ("net/ice: support buffer split in scalar Rx")
Signed-off-by: Yuan Wang <yuanx.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Replace mempool_put with memset 0, the internal session memory block
is no longer allocated from a mempool
Fixes: 3f3fc3308b ("security: remove private mempool usage")
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Replace mempool_put with memset 0, the internal session memory block
is no longer allocated from a mempool
Fixes: 3f3fc3308b ("security: remove private mempool usage")
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Fix issue with final word being dropped when retrieving module EEPROM
data for the ice driver.
Take for simplicity the case when `info->offset` is zero and `info->len`
is equal to `SFF_READ_BLOCK_SIZE`. In this case, memcpy would not be
called despite there presumably being room in the buffer
(as we have requested 8 bytes of data and the memcpy would write
precisely 8 bytes). The same edge case will be hit on the final
iteration of the for loop whenever a multiple of 8 bytes is requested,
as the final word will not be written to the data buffer.
Fixes: 5256925658 ("net/ice: support module EEPROM")
Cc: stable@dpdk.org
Signed-off-by: David MacDougal <david.macdougal@gmail.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
