CRC is the end of frame, which occupies 4 bytes. Keeping CRC is a
feature of MAC, which will not strip CRC field when receiving frames.
The feature can be enabled using DEV_RX_OFFLOAD_KEEP_CRC offload by
upper level application. And the feature is only supported for hns3 PF
PMD driver, not supported for hns3 VF PMD driver
Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
Signed-off-by: Wei Hu (Xavier) <xavier.huwei@huawei.com>
The 200G device has a new device id 0xA228, so adds this device id
to pci table for pci driver can probe it. Similar to the network port
with other speed, the hns3 PMD driver gets 200G speed information
from firmware, and passes them to DPDK framework.
Signed-off-by: Wei Hu (Xavier) <xavier.huwei@huawei.com>
The hns3 network engine is built-in multiple SoCs, such as kunpeng 920,
kunpeng 930, etc. The PCI revision id is 0x21 in kunpeng 920, and the
PCI revision id is 0x30 in kunpeng 930.
Copper media type is supported for hns3 PF device in kunpeng 930 and
later SoCs. The configuration operation for PHY is implemented by
firmware.
Signed-off-by: Wei Hu (Xavier) <xavier.huwei@huawei.com>
Previous logic in removing RSS for GTPU was added in incorrect lines.
The adjustment in this patch will correct the code order so that RSS
for GTPU can be removed successfully.
We also delete the redundant print statement and cleanup the coding
style in this patch.
Fixes: bed9bb3139ef ("net/ice/base: fix GTP-U inner RSS IPv4 IPv6 co-exist")
Cc: stable@dpdk.org
Signed-off-by: Junfeng Guo <junfeng.guo@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
This patch updates the minimum driver version that supports
Intel QuickAssist device D15xx.
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The variable names crc_length and crc_offset have been changed to
crc_data_len and crc_data_ofs respectively, to make it clearer as to
their use i.e. the length and offset of the data over which the CRC is
calculated.
Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Multi-segment mbufs are not supported for DOCSIS security protocol.
This patch adds an explicit check for this and returns an op error if
this case is found. This limitation is also added to the QAT cryptodev
documentation.
Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
This patch improves the DOCSIS session creation as follows:
- it validates the security action type as well as the protocol before
creating a session and now does this validation before allocating the
session from the mempool
Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
This patch improves the DOCSIS session creation as follows:
- it validates the security action type as well as the protocol before
creating a session and now does this validation before allocating the
session from the mempool
- it clears the entire private session struct before populating it with
DOCSIS session info, in case any data was left over from the last time
it was used
- it simplifies the DOCSIS parameter setting, which was overly
complicated
Fixes: 6f0ef237404b ("crypto/qat: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The RTE_CRYPTODEV_FF_SECURITY feature was disabled through the
ff_disable device configuration option for all crypto performance tests,
including security related tests. This patch updates the crypto
performance tool to not disable RTE_CRYPTODEV_FF_SECURITY for DOCSIS and
PDCP security tests.
Fixes: d4a131a9498d ("test/crypto-perf: support DOCSIS protocol")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The RTE_CRYPTODEV_FF_SECURITY feature was disabled through the
ff_disable device configuration option for all cryptodev tests,
including security related tests. This patch updates the cryptodev unit
tests to not disable RTE_CRYPTODEV_FF_SECURITY for DOCSIS and PDCP
security tests.
Fixes: ea31f2b4f547 ("test/crypto: add DOCSIS security cases")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The AESNI-MB CPU test cases, which are executed via the
cryptodev_cpu_aesni_mb_autotest command, aborted when it tried to run
the DOCSIS security tests as these are not CPU type tests. The abort
happened at the following line in process_crypto_request():
RTE_VERIFY(gbl_action_type != RTE_SECURITY_ACTION_TYPE_CPU_CRYPTO);
The tests have been updated not to run the DOCSIS (or PDCP) security
tests during cryptodev_cpu_aesni_mb_autotest, with the decision based on
improved PMD security capability checks.
Fixes: ea31f2b4f547 ("test/crypto: add DOCSIS security cases")
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
This patch moves otx2_sec_session structure to otx2_security.h
to make it common for inline and lookaside protocol modes of
rte_security
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The patch reverts the commit that updated Intel QuickAssist GEN3
marketing name. The change was not backported and has to be withdrawn.
This reverts commit 9cd9d3e702fba4700539c1a2eddac13dd14ecf70
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Because capability memzone of compression does not have lookup
call, second and subsequent devices cannot be created.
Fixes: 7788dceccb80 ("common/qat: add multi-process handling of capabilities")
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Tested-by: Yu Jiang <yux.jiang@intel.com>
Application updates first line of each test vector with
COUNT = i(where i = 1,2,3..) assuming first line contains
COUNT string. But few of the TDES input test vectors don't
contain COUNT string and thus COUNT is getting overwritten on
other data.
Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Kanaka Durga Kotamarthy <kkotamarthy@marvell.com>
Processing of test vector for COUNT = 0 is getting skipped, as
some of the NIST TDES files doesn't have an empty line after
[ENCRYPT]/[DECRYPT] and thus treated as an interim block.
Parse function now identifies such blocks, separates out interim
and test vector data, and then parses each with their respective
callbacks.
Fixes: 3d0fad56b74a ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Signed-off-by: Ayuj Verma <ayverma@marvell.com>
Fix missing callback registration and the incorrect
callback definition for interim NK_STR. The callback
should compare input key against the interim.
Fixes: 527cbf3d5ee3 ("examples/fips_validation: support TDES parsing")
Cc: stable@dpdk.org
Signed-off-by: Archana Muniganti <marchana@marvell.com>
In the IPSEC ESN test vector the cipher offset for encryption
should be 8 bytes which is the size of esp header.
This patch also changes the ciphertext and the digest reference
data against which the operation result is validated.
Fixes: 699741912d71 ("test/crypto: add case for auth only trailer")
Cc: stable@dpdk.org
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
scheduler PMD uses its own hand-made peek functions
that directly access rte_ring internals.
As now rte_ring has an API for that type of functionality -
change scheduler PMD to use API provided by rte_ring.
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch limits the number of client connections to the new telemetry
socket. The limit is set to 10.
Signed-off-by: Ciara Power <ciara.power@intel.com>
The hairpin queue is the one that start from normal rxq,
and will be less than nr_queues where nr_queues is the
sum of normal and hairpin.
Fixes: bf3688f1e816 ("app/flow-perf: add insertion rate calculation")
Signed-off-by: Wisam Jaddo <wisamm@mellanox.com>
Reviewed-by: Asaf Penso <asafp@mellanox.com>
In order to deprecate the rte_atomic and rte_smp barrier APIs [1], prevent
the patches from using these APIs and __sync builtins in new code.
Please use __atomic builtins instead of __sync builtins, rte_atomicNN_xxx
and rte_smp_[r/w]mb APIs.
On x86 the __atomic_thread_fence(__ATOMIC_SEQ_CST) is quite expensive for
SMP case. Flag the new code which use __atomic_thread_fence API.
Please use rte_thread_fence API instead of __atomic_thread_fence builtins.
1: Refer to the locks-and-atomic-operations section in
https://doc.dpdk.org/guides/prog_guide/writing_efficient_code.html
Signed-off-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Provide a wrapper for __atomic_thread_fence builtins to support
optimized code for __ATOMIC_SEQ_CST memory order for x86 platforms.
Suggested-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Signed-off-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Add information about possible optimizations using C11 atomic builtins.
Signed-off-by: Phil Yang <phil.yang@arm.com>
Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
If Jansson was found, the headers list is overwritten when including
rte_metrics_telemetry.h, which prevents rte_metrics.h from being
installed. This is now fixed to add to headers, rather than overwrite,
to allow both headers be installed when Jansson is present.
Fixes: c5b7197f662e ("telemetry: move some functions to metrics library")
Cc: stable@dpdk.org
Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: David Marchand <david.marchand@redhat.com>
This change is required to allow the branch ratio algorithm to
power manage cores with no workload running on them. This is
useful both when idle cores don't use C-states and for a number of
hyperthreading scenarios.
Signed-off-by: Rory Sexton <rory.sexton@intel.com>
Reviewed-by: David Hunt <david.hunt@intel.com>
Acked-by: Reshma Pattan <reshma.pattan@intel.com>
This modification allows for the branch ratio threshold to be set
per core rather than system wide. This gives greater flexibility to
the branch ratio monitoring allowing it to manage different
workloads with different characteristics on the same system.
Signed-off-by: Rory Sexton <rory.sexton@intel.com>
Reviewed-by: David Hunt <david.hunt@intel.com>
Acked-by: Reshma Pattan <reshma.pattan@intel.com>
Change the log level for RTE_TEST_ASSERT macro to error to help
log errors while running test cases.
Suggested-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Acked-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
abidiff can provide some more information about the ABI difference it
detected.
In all cases, a discussion on the mailing must happen but we can give
some hints to know if this is a problem with the script calling abidiff,
a potential ABI breakage or an unambiguous ABI breakage.
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Acked-by: Aaron Conole <aconole@redhat.com>
'librte_rcu' is now dependency to 'librte_lpm' library, this dependency
should be reflected to build system.
Fixes: 8a9f8564e9f9 ("lpm: implement RCU rule reclamation")
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
In order to verify offloading of eCPRI protocol via flow rules, the
command line of flow creation should support the parsing of the eCPRI
pattern.
Based on the specification, one eCPRI message will have the common
header and payload. Payload format is various based on the type field
of the common header. Fixed strings will be used instead of integer
to make the CLI easy for auto-completion.
The testpmd command line examples of flow to match eCPRI item are
listed below:
1. flow create 0 ... pattern eth / ecpri / end actions ...
This is to match all eCPRI messages.
2. flow create 0 ... pattern eth / ecpri common type rtc_ctrl / end actions ...
This is to match all eCPRI messages with the type #2 - "Real-Time
Control Data".
3. flow create 0 ... pattern eth / ecpri common type iq_data pc_id is [U16Int] / end actions ...
This is to match eCPRI messages with the type #0 - "IQ Data", and
the physical channel ID 'pc_id' of the messages is a specific
value. Since the sequence ID is changeable, there is no need to
match that field in the flow.
Currently, only type #0, #2 and #5 will be supported.
Since eCPRI could be over Ethernet layer (or after .1Q) and UDP
layer, it is the PMD driver's responsibility to check whether eCPRI
is supported and which protocol stack is supported. Network byte
order should be used for eCPRI header, the same as other headers.
Signed-off-by: Bing Zhao <bingz@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
Add a new item "rte_flow_item_ecpri" in order to match eCRPI header.
eCPRI is a packet based protocol used in the fronthaul interface of
5G networks. Header format definition could be found in the
specification via the link below:
https://www.gigalight.com/downloads/standards/ecpri-specification.pdf
eCPRI message can be over Ethernet layer (.1Q supported also) or over
UDP layer. Message header formats are the same in these two variants.
Signed-off-by: Bing Zhao <bingz@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
This patch does following things:
1. Added a wrapper function bnxt_clear_one_vnic_filter()
for destroying the filters in hw. This will avoid duplicate
code in many places.
2. When flow create fails due to an already existing mark id
for the new flow id created, fixed to destroy the hw
filter created.
3. Re-arranged code to move a log and list update to right place.
Fixes: 9db66782bd06 ("net/bnxt: fix supporting zero mark ID with RSS action")
Fixes: 5ef3b79fdfe6 ("net/bnxt: support flow filter ops")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Somnath Kotur <somnath.kotur@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
If set_em_filter/set_ntuple_filter cmds fails for some reason,
driver is not filling the "rte_flow_error" string buffer.
Same is the case when flow create fails due to an already
existing mark id for the new flow id created.
This leads to a crash in testpmd while trying to print the
error message.
Fixes: 5c1171c97216 ("net/bnxt: refactor filter/flow")
Fixes: 9db66782bd06 ("net/bnxt: fix supporting zero mark ID with RSS action")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
During probe, driver issues HWRM_CFA_ADV_FLOW_MGNT_QCAPS command.
But it is not using the command response anywhere which makes the
fw call redundant.
Remove the unnecessary HWRM_CFA_ADV_FLOW_MGNT_QCAPS call to fw.
Remove the redundant flow_flags in bnxt struct.
Fixes: afef822b2e1b ("net/bnxt: support creating SMAC and inner DMAC filters")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Somnath Kotur <somnath.kotur@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
"enum bnxt_hw_context" is defined in the header file, but is not
used anywhere.
Fixes: 9738793f28ec ("net/bnxt: add VNIC functions and structs")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
VFs are not privileged to issue HWRM_PORT_LED_QCFG/CFG.
There is no need to allocate "bp->leds" memory.
Fixes: 205b74295282 ("net/bnxt: fix allocation of LED config info")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Somnath Kotur <somnath.kotur@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
When two host is connected directly without any devices like switch,
rx_machine_update would receiving partner LACP negotiation packets,
and partner's port mac is filled with zeros in this packet, which is
different with internal's mode4 mac. So in this situation, it would
never go rx_machine branch and then execute mac swap for negotiation!
Thus bond mode 4 will negotiation failed.
Fixes: 56cbc0817399 ("net/bonding: fix LACP negotiation")
Cc: stable@dpdk.org
Signed-off-by: Yicai Lu <luyicai@huawei.com>
Reviewed-by: Wei Hu (Xavier) <xavier.huwei@huawei.com>
The new 5-tuple swap engine swaps:
source and destination mac address,
source and destination address in ipv4/ipv6,
source and destination port in UDP/TCP.
The forwarding engine will parse each layer
and swap it, and will stop when the next
layer doesn't match.
The mentioned headers of ICMP/ARP/Multicast
packets will be swapped as well according to
matching layers.
usage: --forward-mode=5tswap
Signed-off-by: Shiri Kuzin <shirik@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
