Commit Graph

22585 Commits

Author SHA1 Message Date
Pavan Nikhilesh
03a4e635cf mempool/octeontx2: mark internal symbols
Move the internal symbols to INTERNAL sections so that any
change in them is not reported as ABI breakage.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: David Marchand <david.marchand@redhat.com>
2020-05-18 17:29:24 +02:00
Pavan Nikhilesh
8614cb6afd common/octeontx2: mark internal symbols
Move the internal symbols to INTERNAL sections so that any
change in them is not reported as ABI breakage.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: David Marchand <david.marchand@redhat.com>
2020-05-18 17:29:20 +02:00
Xuan Ding
e7debf6026 vhost: fix potential fd leak
Vhost will create temporary file when receiving VHOST_USER_GET_INFLIGHT_FD
message. Malicious guest can send endless this message to drain out the
resource of host.

When receiving VHOST_USER_GET_INFLIGHT_FD message repeatedly, closing the
file created during the last handling of this message.

CVE-2020-10726
Fixes: d87f1a1cb7 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org

Signed-off-by: Xuan Ding <xuan.ding@intel.com>
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2020-05-18 15:22:42 +02:00
Xiaolong Ye
549de54c4f vhost: fix potential memory space leak
A malicious container which has direct access to the vhost-user socket
can keep sending VHOST_USER_GET_INFLIGHT_FD messages which may cause
leaking resources until resulting a DOS. Fix it by unmapping the
dev->inflight_info->addr before assigning new mapped addr to it.

CVE-2020-10726
Fixes: d87f1a1cb7 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org

Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2020-05-18 15:22:42 +02:00
Marvin Liu
97ecc1c85c vhost: fix translated address not checked
Malicious guest can construct desc with invalid address and zero buffer
length. That will request vhost to check both translated address and
translated data length. This patch will add missed address check.

CVE-2020-10725
Fixes: 75ed516978 ("vhost: add packed ring batch dequeue")
Fixes: ef861692c3 ("vhost: add packed ring batch enqueue")
Cc: stable@dpdk.org

Signed-off-by: Marvin Liu <yong.liu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2020-05-18 15:22:42 +02:00
Maxime Coquelin
acd4c92fa6 vhost/crypto: validate keys lengths
transform_cipher_param() and transform_chain_param() handle
the payload data for the VHOST_USER_CRYPTO_CREATE_SESS
message. These payloads have to be validated, since it
could come from untrusted sources.

Two buffers and their lengths are defined in this payload,
one the the auth key and one for the cipher key. But above
functions do not validate the key length inputs, which could
lead to read out of bounds, as buffers have static sizes of
64 bytes for the cipher key and 512 bytes for the auth key.

This patch adds necessary checks on the key length field
before being used.

CVE-2020-10724
Fixes: e80a987081 ("vhost/crypto: add session message handler")
Cc: stable@dpdk.org

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
2020-05-18 15:22:34 +02:00
Maxime Coquelin
c78d94189d vhost: fix vring index check
vhost_user_check_and_alloc_queue_pair() is used to extract
a vring index from a payload. This function validates the
index and is called early on in when performing message
handling. Most message handlers depend on it correctly
validating the vring index.

Depending on the message type the vring index is in
different parts of the payload. The function contains a
switch/case for each type and copies the index. This is
stored in a uint16. This index is then validated. Depending
on the message, the source index is an unsigned int. If
integer truncation occurs (uint->uint16) the top 16 bits
of the index are never validated.

When they are used later on  (e.g. in
vhost_user_set_vring_num() or vhost_user_set_vring_addr())
it can lead to out of bound indexing. The out of bound
indexed data gets written to, and hence this can cause
memory corruption.

This patch fixes this vulnerability by declaring vring
index as an unsigned int in
vhost_user_check_and_alloc_queue_pair().

CVE-2020-10723
Fixes: 160cbc815b ("vhost: remove a hack on queue allocation")
Cc: stable@dpdk.org

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
2020-05-18 15:18:58 +02:00
Maxime Coquelin
3ae4beb079 vhost: check log mmap offset and size overflow
vhost_user_set_log_base() is a message handler that is
called to handle the VHOST_USER_SET_LOG_BASE message.
Its payload contains a 64 bit size and offset. Both are
added up and used as a size when calling mmap().

There is no integer overflow check. If an integer overflow
occurs a smaller memory map would be created than
requested. Since the returned mapping is mapped as writable
and used for logging, a memory corruption could occur.

CVE-2020-10722
Fixes: fbc4d248b1 ("vhost: fix offset while mmaping log base address")
Cc: stable@dpdk.org

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
2020-05-18 15:18:58 +02:00
Kevin Traynor
cfacbcb5a2 build: disable gcc 10 zero-length-bounds warning
gcc 10 issues warnings about the use of rearm_data marker
from struct rte_mbuf.

e.g.
../drivers/net/enic/enic_rxtx_vec_avx2.c: In function ‘rx_one’:
../drivers/net/enic/enic_rxtx_vec_avx2.c:21:2:
warning:
array subscript 0 is outside the bounds of an interior zero-length array
‘RTE_MARKER64’ {aka ‘long unsigned int[0]’} [-Wzero-length-bounds]
   21 |  *(uint64_t *)&mb->rearm_data = enic->mbuf_initializer;
      |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../lib/librte_mbuf/rte_mbuf.h:45,
                 from ../drivers/net/enic/enic_rxtx_vec_avx2.c:6:
../lib/librte_mbuf/rte_mbuf_core.h:484:15:
note: while referencing ‘rearm_data’
  484 |  RTE_MARKER64 rearm_data;
      |

Disable this warning for gcc 10 in order to allow v20.05 to build
without changes to struct rte_mbuf.

Bugzilla ID: 396
Cc: stable@dpdk.org

Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
2020-05-18 13:54:36 +02:00
Kevin Traynor
572f2a9089 hash: fix gcc 10 maybe-uninitialized warning
gcc 10.1.1 reports a warning for the ext_bkt_id variable:

../lib/librte_hash/rte_cuckoo_hash.c:
In function ‘__rte_hash_add_key_with_hash’:
../lib/librte_hash/rte_cuckoo_hash.c:1104:29:
warning: ‘ext_bkt_id’ may be used uninitialized in this function
[-Wmaybe-uninitialized]
 1104 |  (h->buckets_ext[ext_bkt_id - 1]).sig_current[0] = short_sig;
      |                  ~~~~~~~~~~~^~~

The return value of rte_ring_sc_dequeue_elem() is already checked,
but also initialize ext_bkt_id to zero (invalid value) and check
that it also overwritten.

Fixes: fbfe568103 ("hash: use 32-bit elements rings to save memory")
Cc: stable@dpdk.org

Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Acked-by: Yipeng Wang <yipeng1.wang@intel.com>
2020-05-18 13:54:36 +02:00
Jay Zhou
b7aa3b5b88 crypto/virtio: enable OOP feature flag
Since it will check the feature mask before running out-of-place
test cases and the virtio-crypto device supports OOP_LB_IN_LB_OUT mode.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
2020-05-17 16:10:44 +02:00
Anoob Joseph
caeba5062c crypto/octeontx: improve symmetric session-less path
Cleanup sessionless code path and improve error handling.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
2020-05-17 16:10:44 +02:00
Ankur Dwivedi
32b8f26adf crypto/octeontx: enable non-byte aligned data
The OCTEON TX crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
2020-05-17 16:10:44 +02:00
Anoob Joseph
96330d215f crypto/octeontx2: improve symmetric session algos check
Session configure should return -ENOTSUP in case of unsupported xform
requests. Moving the validation of combinations out of cpt, as the
feature support will not be same across OCTEON TX and OCTEON TX2.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
2020-05-17 16:10:44 +02:00
Ankur Dwivedi
51f3e107ac crypto/octeontx2: enable non-byte aligned data
The OCTEON TX2 crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
2020-05-17 16:10:44 +02:00
Tejasree Kondoj
120d13db35 net/octeontx2: update max packet length for inline IPsec
Update max packet length supported by Inline IPsec Rx to
NIX_MAX_FRS

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
2020-05-17 16:10:44 +02:00
Anoob Joseph
18839177b8 common/octeontx2: fix port ID bound check
Fix out of bounds access.

Coverity issue: 354230, 354231
Fixes: f44e716377 ("net/octeontx2: add security session operations")
Fixes: 3fe4d07d16 ("crypto/octeontx2: enable CPT to share QP with ethdev")
Cc: stable@dpdk.org

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
2020-05-17 16:10:44 +02:00
Yunjian Wang
c40b4fcd98 crypto/caam_jr: fix IRQ functions return type
The caam_jr_enable_irqs() and caam_jr_disable_irqs() methods maybe return a
negative error. So use int instead of uint32_t int the functions.

Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Gagandeep Singh <g.singh@nxp.com>
2020-05-17 16:10:44 +02:00
Yunjian Wang
61552661e2 crypto/caam_jr: fix check of file descriptors
Zero is a valid fd. It will fail to check the fd if the fd is zero.
The "job_ring->uio_fd" is an fd, so define it as "int".

Fixes: e7a45f3cc2 ("crypto/caam_jr: add UIO specific operations")
Fixes: a5e1018d5e ("crypto/caam_jr: add routines to configure HW")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Gagandeep Singh <g.singh@nxp.com>
2020-05-17 16:10:44 +02:00
Apeksha Gupta
29fdc5bf45 test/crypto: fix statistics case
The test case - test_stats is directly accessing the
cryptodev and its dev_ops which are internal to library
and should not be used directly by the application.
However, the test case is also missing to check for the
error ENOTSUP. It should skip the case if the API returns
ENOTSUP. This patch fixes these two issues.

Fixes: 202d375c60 ("app/test: add cryptodev unit and performance tests")
Cc: stable@dpdk.org

Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2020-05-17 16:10:29 +02:00
Mairtin o Loingsigh
eff52d4e2f crypto/qat: add DOCSIS AES-256 to release notes
Add release notes update for QAT DOCSIS AES-256 support

Fixes: 2aab3ff3d8 ("crypto/qat: support DOCSIS AES-256")

Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
2020-05-15 19:52:00 +02:00
Akhil Goyal
eef9e0412a drivers/crypto: fix build with -fno-common
gcc 10 defaults to -fno-common and as a result when linking
with crypto drivers:

drivers/librte_pmd_dpaa_sec.a(crypto_dpaa_sec_dpaa_sec.c.o):
(.bss+0x4): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here

drivers/librte_pmd_dpaa2_sec.a(crypto_dpaa2_sec_dpaa2_sec_dpseci.c.o):
(.data+0x0): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here

This patch fixes the blunt workaround in the following commit.

Fixes: 50b03f3b8e ("drivers/crypto: disable gcc 10 no-common errors")

Bugzilla ID: 469
Cc: stable@dpdk.org

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
2020-05-15 19:43:17 +02:00
Anoob Joseph
c140299940 test/crypto: remove tests for unsupported descriptors
Cryptodev doesn't limit the number of descriptors that can be supported
by the PMD.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2020-05-15 19:43:17 +02:00
Pavan Nikhilesh
40984bf253 app/eventdev: check Tx adapter service ID
Fix unchecked return values reported by coverity.

Coverity issue: 357755
Fixes: 032a965a8f ("app/eventdev: support Tx adapter")
Cc: stable@dpdk.org

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-14 15:16:37 +02:00
Mattias Rönnblom
7c7f48069d event/dsw: update release notes
Update release notes with recent DSW event device improvements.

Signed-off-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-14 09:51:30 +02:00
Yuri Chipchev
1c4975d6df event/dsw: fix enqueue burst return value
The returned number from rte_event_enqueue_*()
wouldn't include events marked with RTE_EVENT_OP_RELEASE.

Fixes: 1c8e3caa3 ("event/dsw: add event scheduling and device start/stop")
Cc: stable@dpdk.org

Signed-off-by: Yuri Chipchev <yuric@marvell.com>
Reviewed-by: Liron Himi <lironh@marvell.com>
Acked-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
2020-05-14 09:15:37 +02:00
Pavan Nikhilesh
2e90885566 test/graph: fix memory leaks in performance tests
Fix memory leaks reported by Coverity.

Fixes: 61d77071ab ("test/graph: add performance tests")

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-15 11:00:55 +02:00
Kiran Kumar K
c5a56c5897 test/graph: fix memory leaks in functional tests
Fix memory leaks reported by Coverity.

Fixes: 6b89650418 ("test/graph: add functional tests")

Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-15 11:00:18 +02:00
Kiran Kumar K
9330521cb8 test/graph: use better randomness
Fix weak crypto issues reported by Coverity.

Fixes: 6b89650418 ("test/graph: add functional tests")

Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-15 10:59:46 +02:00
Nithin Dabilpuram
a8b8a86317 node: fix arm64 build with old gcc
Older GCC(~4) complains about uninitialized 'dip'
var though all the lanes of the vec register are set.
Hence this patch explicitly initializes vec register
to fix the issue.

In file included from ip4_lookup.c:34:0:
ip4_lookup_neon.h: n function ‘ip4_lookup_node_process’: \
ip4_lookup_neon.h:25:12: error: ‘dip’ may be used uninitialized in \
	this function [-Werror=maybe-uninitialized]
  int32x4_t dip;
            ^

Fixes: 16df6a2c66 ("node: add IPv4 lookup for arm64")

Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2020-05-13 15:38:50 +02:00
Thomas Monjalon
1d51f154cd version: 20.05-rc2
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
2020-05-12 04:09:20 +02:00
Ivan Dyukov
c81e3f21d1 examples: remove extra new line after link duplex
This patch removes extra 'new line' in few app examples.

Fixes: d3641ae863 ("examples: update link status checks")
Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Fixes: 4ff457986f ("examples/l2fwd-event: add default poll mode routines")
Fixes: e64833f227 ("examples/l2fwd-keepalive: add sample application")
Fixes: 204896f8d6 ("examples/l2fwd-jobstats: add new example")
Fixes: c8e6ceeceb ("examples/ioat: add new sample app for ioat driver")
Fixes: cc8f4d020c ("examples/ip_reassembly: initial import")
Fixes: d299106e8e ("examples/ipsec-secgw: add IPsec sample application")
Fixes: 39aad0e88c ("examples/flow_distributor: new example to demonstrate EFD")
Fixes: d48415e1fe ("examples/performance-thread: add l3fwd-thread app")
Fixes: 20c78ac9ee ("examples/vm_power_mgr: add port initialisation")
Fixes: 361b2e9559 ("acl: new sample l3fwd-acl")
Fixes: de3cfa2c98 ("sched: initial import")
Fixes: d7937e2e3d ("power: initial import")
Fixes: 3fc5ca2f63 ("kni: initial import")
Cc: stable@dpdk.org

Signed-off-by: Ivan Dyukov <i.dyukov@samsung.com>
2020-05-12 04:07:29 +02:00
Ivan Dyukov
a357d09d54 app: remove extra new line after link duplex
This is testpmd part of new line cleanup.

Fixes: 002ade70e9 ("app/test: measure cycles per packet in Rx/Tx")
Fixes: ce8d561418 ("app/testpmd: add port configuration settings")
Cc: stable@dpdk.org

Signed-off-by: Ivan Dyukov <i.dyukov@samsung.com>
Acked-by: Andrew Rybchenko <arybchenko@solarflare.com>
2020-05-12 04:07:22 +02:00
Maxime Coquelin
9036180f61 net/virtio: fix AVX512 datapath selection
The AVX512 packed ring datapath selection was only done
at build time, but it should also be checked at runtime
that the CPU supports it.

This patch add a CPU flags check so that non-vectorized
path is selected at runtime if AVX512 is not supported.

Also in meson build enable vectorization only for relevant file, not for
all driver.

Fixes: ccb10995c2 ("net/virtio: add election for vectorized path")

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2020-05-11 23:04:33 +02:00
Xiaoyun Wang
9d441c4551 net/hinic/base: support IPv6 flow rules
The patch supports ipv6 flow rules for BGP or ICMP packets.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
2020-05-11 22:27:39 +02:00
Xiaoyun Wang
13850e88a4 net/hinic: fail initialization for not supported device
If hardware mode for this card does not support nic,
the network features for this card will not be supported
and driver will be initialized failed.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
2020-05-11 22:27:39 +02:00
Xiaoyun Wang
254bd849b1 net/hinic: set jumbo frame offload flag
The patch adds DEV_RX_OFFLOAD_JUMBO_FRAME flag for jumbo when set mtu.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
2020-05-11 22:27:39 +02:00
Dekel Peled
563ac307a4 net/mlx5: support match on GTP flags
This patch adds to MLX5 PMD the support of matching on
GTP header item v_pt_rsv_flags.

This item is contained in 1 byte of the format:
-------------------------------------------
| bit   | 0 - 2   | 3  | 4   | 5 | 6 | 7  |
|-----------------------------------------|
| value | Version | PT | Res | E | S | PN |
-------------------------------------------

Matching is supported only for GTP flags E, S, PN.
Therefore values 0 to 7 are supported.

Mask must be set accordingly:
... gtp v_pt_rsv_flags is 1 v_pt_rsv_flags mask 0x07 ...

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2020-05-11 22:27:39 +02:00
Alexander Kozyrev
776aec28fc net/mlx5: fix Tx queue release debug log timing
Program received signal SIGSEGV, Segmentation fault.
0x00000000008ef7c4 in mlx5_tx_queue_release (dpdk_txq=0x17ce01680) at
drivers/net/mlx5/mlx5_txq.c:302
301 mlx5_txq_release(ETH_DEV(priv), i);
302 DRV_LOG(DEBUG, "port %u removing Tx queue %u from list",
303         PORT_ID(priv), txq->idx);
The problem is txq is freed inside the mlx5_txq_release() function
and no longer valid in the debug log right after this invocation.
Move the debug log before the mlx5_txq_release() function to fix this.

Fixes: a6d83b6a92 ("net/mlx5: standardize on negative errno values")
Cc: stable@dpdk.org

Signed-off-by: Alexander Kozyrev <akozyrev@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2020-05-11 22:27:39 +02:00
Michael Baum
6f155c0b9d net/mlx4: fix drop queue error handling
The function mlx4_drop_get() creates pointer to a struct mlx4_drop and
if needed allocates by rte_malloc.

If the allocation is failed the function goes to label “error”, and
there does dereference to a null pointer.

Skip resources cleaning when the memory allocation is failed.

Coverity issue: 146206
Coverity issue: 146146
Fixes: d3a7e09234 ("net/mlx4: allocate drop flow resources on demand")
Cc: stable@dpdk.org

Signed-off-by: Michael Baum <michaelba@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2020-05-11 22:27:39 +02:00
Michael Baum
c8f0abe7f8 net/mlx5: fix meter color register consideration
The mlx5_flow_get_reg_id() function translates tag ID to register
from the registers that are supported and available for use. The
user does not know which register is available at a time and therefore
there is an array that represents mapping to the available registers.
Usually the free registers are continuous in the flow_mreg_c array but
sometimes the mtr_color_reg register is between them and it must be
skipped and the next register returned, in which case the function
returns the mapping of the next entity in the array.

When the function reads from the next entity in the array, it does not
check whether such an entity exists and in some situation invalid access
to memory occurs beyond the array boundaries.

So, when all the registers are valid from HW perspective and the meter
color register is not the default, the tag id 5 causes an out of bound
access.

Validate registers availability when meter color register is not the
default.

Coverity issue: 146355
Fixes: 792e749e92 ("net/mlx5: fix register usage in meter")
Cc: stable@dpdk.org

Signed-off-by: Michael Baum <michaelba@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2020-05-11 22:27:39 +02:00
Raslan Darawsheh
8a2e026add net/mlx5: fix matching for UDP tunnels with Verbs
When creating flow rule with zero specs it will cause
matching all UDP packets like following:
 eth / ipv4 / udp / vxlan / end
Such rule will match all udp packets.

This change the behavior to match the dv flow engine
which will automatically set the match on relative
outer UDP port if the user didn't specify any.

Fixes: 84c406e745 ("net/mlx5: add flow translate function")
Cc: stable@dpdk.org

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2020-05-11 22:27:39 +02:00
Dekel Peled
92818d839e net/mlx5: fix match on empty VLAN item in DV mode
In existing implementation, using wild card VLAN item is not allowed.
A VLAN item in flow pattern must include VLAN ID (vid) value.
This obligation contradict the flow API specification [1].

This patch updates the VLAN item validation and translation, to allow
wild card VLAN item, without VLAN ID value.
User guide and release notes are updated accordingly.

[1]
commit 40513808b165 ("doc: refine ethernet and VLAN flow rule items")

Fixes: 00f75a4057 ("net/mlx5: fix VLAN match for DV mode")
Cc: stable@dpdk.org

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
2020-05-11 22:27:39 +02:00
Xiaolong Ye
25cc7b9a11 doc: remove Intel PMD examples in flow bifurcation guide
Now this feature is no longer supported by kernel side, (i40e kernel
driver doesn't support it from v2.3.2 and ixgbe kernel driver isn't
guaranteed to support this feature as well in the future), so remove the
Intel PMD examples to avoid confusion.

Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2020-05-11 22:27:39 +02:00
Gaetan Rivet
8459f5ab32 net/ring: fix device pointer on allocation
When a net_ring device is allocated, its device pointer is not set
before calling rte_eth_dev_probing_finish, which is incorrect.

The following:
  commit 96cb195211 ("net/ring: use EAL APIs in PMD specific API")
  commit a6992e9610 ("net/ring: set ethernet device field")

already fixed the same issue in 17.08, which was fine at the time.
Adding the hook rte_eth_dev_probing_finish() however created this bug,
as the eth_dev exposed when this hook is executed is expected to be
complete.

Remove the prior attempts to fix the issue in rte_pmd_ring_probe() and
write the pointer properly in do_eth_dev_ring_create().

Fixes: fbe90cdd77 ("ethdev: add probing finish function")
Cc: stable@dpdk.org

Signed-off-by: Gaetan Rivet <grive@u256.net>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2020-05-11 22:27:39 +02:00
Raslan Darawsheh
53601aefc4 net/tap: fix build for glibc < 2.24
When trying to compile with glibc < 2.24 that doesn't
support SOL_NETLINK it will cause compilation failure:

drivers/net/tap/tap_netlink.c:70:17: error:
 'SOL_NETLINK' undeclared (first use in this function)
  setsockopt(fd, SOL_NETLINK, NETLINK_EXT_ACK, &one, sizeof(one));

The glibc commits adds the SOL_NETLINK support:
https://github.com/bminor/glibc/commit/f9b437d5efce93800b51ad2a437c8b1c9

Fixes: 647909bcf3 ("net/tap: use netlink extended ack support")

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2020-05-11 22:27:39 +02:00
Sunil Kumar Kori
241546237c net/octeontx2: fix minimum length to SMQ config
NIX exposes NIX_AF_SMQ(0..511)_CFG to configure minimum length
of the packet which is being used for zero padding if packet is
less than configured value.

Setting it to default minimum length i.e. 60 bytes.

Fixes: ec8ddd4fb1 ("net/octeontx2: restructure TM helper functions")

Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2020-05-11 22:27:39 +02:00
Jerin Jacob
251dab27d5 common/octeontx2: upgrade mbox definition to version 7
Upgrade mailbox definitions to version 0x0007 of kernel AF driver.

Signed-off-by: Jerin Jacob <jerinj@marvell.com>
2020-05-11 22:27:39 +02:00
Rasesh Mody
80a73194de net/bnx2x: add Rx descriptor MTU segment limitation
Add Rx descriptor limit for number of segments per MTU.
PMD doesn't support Jumbo Rx scatter gather hence set 1 segment per
MTU. Some applications can adjust mbuf_size based on this value.
For others PMD detects the condition where Rx packet length cannot
be held by configured mbuf size and logs the message.

Signed-off-by: Rasesh Mody <rmody@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
2020-05-11 22:27:39 +02:00
Qi Zhang
0beafe7b04 net/ice: fix variable initialization
Fix coverity defect due to uninitialized scalar variable.

Coverity issue: 357763
Fixes: 47d460d632 ("net/ice: rework switch filter")
Cc: stable@dpdk.org

Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2020-05-11 22:27:39 +02:00