If multi-segment is enabled and single segment/packet
is received, then mbuf data_len is not updated in
cn9k_nix_cqe_to_mbuf() function.
Also, in case of timestamp is enabled, mbuf data_len
and pkt_len will be updated for all packets including
multi segmented packets.
Fixes: 7c6bee34064f ("net/cnxk: enable PTP processing in vector Rx")
Cc: stable@dpdk.org
Signed-off-by: Rahul Bhansali <rbhansali@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
The right size for a human readable MAC is RTE_ETHER_ADDR_FMT_SIZE.
While at it, the net library provides a helper for MAC address
formatting. Prefer it.
Fixes: 58b43c1ddfd1 ("ethdev: add telemetry endpoint for device info")
Cc: stable@dpdk.org
Reported-by: Christophe Fontaine <cfontain@redhat.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
When iavf_security_ctx_destroy() is cleaning up, it does not correctly
set the security_ctx variable to NULL, which will lead to wild pointer.
Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
When txgbe_dev_close() is cleaning up, it does not correctly set
the security_ctx variable to NULL, which will lead to wild pointer.
Fixes: f437d97c3df1 ("net/txgbe: add IPsec context creation")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
When ixgbe_dev_close() is cleaning up, it does not correctly set
the security_ctx variable to NULL, which will lead to wild pointer.
Fixes: 9a0752f498d2 ("net/ixgbe: enable inline IPsec")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Haiyue Wang <haiyue.wang@intel.com>
Add support for chunk DMA transfers.
Chunk mpu transfer use 64 objects (512 byte) to maintain memory
read alignment.
Align mpu memory allocation to be at 512 byte boundaries.
Reduce force-close allocation from 10000 objects to 64 objects.
Signed-off-by: John Miller <john.miller@atomicrules.com>
Added arbitrary mbuf size per queue capability.
Updated ARK_UDM_CONST3 value to reflect the version number
read from the HW that is required to support this change.
Signed-off-by: John Miller <john.miller@atomicrules.com>
Add a device capabilities record for supported features.
Certain variants require that PCIe read-requests be correctly
throttled. This is called "rqpacing" in Arkville, and has to do
with credit and flow control on certain Arkville implementations.
Signed-off-by: John Miller <john.miller@atomicrules.com>
In the firmware, the promisc mode overrides the multicast mode.
So when the promisc mode is turned off, driver must check if the
multicast mode was active before and conditionally reactivate it.
Fixes: 6435f9a0ac22 ("net/nfb: add new netcope driver")
Cc: stable@dpdk.org
Signed-off-by: Martin Spinler <spinler@cesnet.cz>
The indexes in the for cycle were wrongly used and
the code accessed outside of the rxmac/txmac array.
Fixes: 6435f9a0ac22 ("net/nfb: add new netcope driver")
Cc: stable@dpdk.org
Signed-off-by: Martin Spinler <spinler@cesnet.cz>
This patch fixes an issue found by coverity. It checks for a possible
null value of "error" before dereferencing it.
CID: 375064: Dereference after null check
Either the check against null is unnecessary, or there may be a null
pointer dereference.
Coverity issue: 375064
Fixes: ee806eea59fe ("net/enic: support GENEVE flow item")
Signed-off-by: John Daley <johndale@cisco.com>
Reviewed-by: Hyong Youb Kim <hyonkim@cisco.com>
Add support for L2TPv2(include PPP over L2TPv2) protocols FDIR
based on outer MAC src/dst address and L2TPv2 session ID.
Add support for PPPoL2TPv2oUDP protocols FDIR based on inner IP
src/dst address and UDP/TCP src/dst port.
Patterns are listed below:
eth/ipv4(6)/udp/l2tpv2
eth/ipv4(6)/udp/l2tpv2/ppp
eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)
eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)/udp
eth/ipv4(6)/udp/l2tpv2/ppp/ipv4(6)/tcp
Signed-off-by: Jie Wang <jie1x.wang@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
Add support for L2TPv2(include PPP over L2TPv2) protocols RSS based
on outer MAC src/dst address and L2TPv2 session ID.
Patterns are listed below:
eth/ipv4/udp/l2tpv2
eth/ipv4/udp/l2tpv2/ppp
eth/ipv6/udp/l2tpv2
eth/ipv6/udp/l2tpv2/ppp
Signed-off-by: Jie Wang <jie1x.wang@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
This commit adds a flow director support to i40e NEON
vector RX path.
I40e can have 16 and 32 byte descriptors, and the Flow
Director ID data and indication-bit are in different
locations for each size descriptor. The support is
implemented in two separate functions as they require
vastly different operations.
The 16B descriptor re-purposes the "filter-status" u32
field to indicate FDIR ID when the FLM bit is set. No
extra loads are required, however we do have to store
to mbuf->fdir.hi, which is not stored to in the RX path
before this patch.
The 32B descriptor requires loading the 2nd 16 bytes of
each descriptor, to get the FLEXBH_STAT and FD Filter ID
from qword3. The resulting data must also be stored to
mbuf->fdir.hi, same as the 16B code path.
Signed-off-by: Joyce Kong <joyce.kong@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Updated AESNI MB and AESNI GCM, KASUMI, ZUC and SNOW3G PMD documentation
guides with information about the latest Intel IPSec Multi-buffer
library supported.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
KASUMI, SNOW3G and ZUC require lengths and offsets to
be set in bits or bytes depending on the algorithm.
There were some algorithms that were mixing these two,
so this commit is fixing this issue.
Fixes: ae8e085c608d ("crypto/aesni_mb: support KASUMI F8/F9")
Fixes: 6c42e0cf4d12 ("crypto/aesni_mb: support SNOW3G-UEA2/UIA2")
Fixes: fd8df85487c4 ("crypto/aesni_mb: support ZUC-EEA3/EIA3")
Fixes: 8c835018de84 ("crypto/ipsec_mb: support ZUC-256 for aesni_mb")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
ZUC PMD batches crypto operations depending on their type
(encryption + tag generation, tag verification + decryption, etc),
to allow parallelization.
The array used to store the pointers to these operations was
always the same array provided by dequeue_burst() function,
and it was looping around the same positions (from 0 to ZUC_MAX_BURST - 1).
A new internal array is used to avoid overwriting the pointers
of the array provided by dequeue_burst() function.
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
ZUC authentication is done over multiple buffers at a time.
When authentication verification is done, multiple scratch buffers
are using to generate the tags that will be compared afterwards.
However, the same scratch buffer was used always, instead of having
different ones for each crypto operation.
Fixes: 0b133c36ad7d ("crypto/zuc: support IPsec Multi-buffer lib v0.54")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
When processing crypto operations in ZUC PMD,
there were two operation types that were set at session level,
but not checked when the operations are enqueued and processed,
leaving the buffers untouched silently.
Fixes: cde8df1bda9d ("crypto/ipsec_mb: move zuc PMD")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
The actual maximum number of gather pointers should have been limited
Coverity issue: 375803, 375813, 375819, 375827, 375831
Fixes: 5ad5060f8f7a ("baseband/acc100: add LDPC processing functions")
Cc: stable@dpdk.org
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Coverity flags an issue with 32-bit value. If max ethports value is
configured with a value larger than 32 there will be an issue.
Coverity issue: 375863 Unintentional integer overflow
Fixes: 387259bd6c67 ("examples/l2fwd-crypto: add sample application")
Cc: stable@dpdk.org
Signed-off-by: Brian Dooley <brian.dooley@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added test case to verify L4 checksum offload in IPsec transport mode.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Add test cases to verify TTL and hop limit decrement with lookaside
IPsec offload.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Added missing step for converting SHA request files to correct
format. Replaced AES_GCM with GCM to follow the correct
naming format.
Fixes: 3d0fad56b74 ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org
Signed-off-by: Jakub Poczatek <jakub.poczatek@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Add support to enable per port packet pool and also override
vector pool size from command line args. This is useful
on some HW to tune performance based on usecase.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Fix packet processing to skip after mbuf is freed instead of
touching and Tx'ing it.
Also free vector event buffer in event worker when after processing
there is no pkt to be enqueued to Tx adapter.
Fixes: 86738ebe1e3d ("examples/ipsec-secgw: support event vector")
Cc: stable@dpdk.org
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Update error prints in data path to RTE_LOG_DP().
Error prints in fast path are not good for performance
as they slow down the application when few bad packets are
received.
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Usage of unprotected port mask without any configured SA inbound, will
cause use of uninitialized SA context, so disallow such configuration.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
This patch refactors asymmetric session in Intel
QuickAssist Technology PMD and fixes some issues
with xform. Code will be now bit more scalable,
and easier readable.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This commit refactors asummetric crypto functions
in Intel QuickAssist Technology PMD.
Functions right now are shorter and far easier readable,
plus it facilitates addition of new algorithms.
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
This patch unifies QAT's raw dp api implementations
to the same enqueue/dequeue methods used in crypto operations.
The specific functions for different QAT generation are updated
respectively. The qat_sym_hw_dp.c is removed as no longer required.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch enable the op_build_request function in
qat_enqueue_op_burst, and the qat_dequeue_process_response
function in qat_dequeue_op_burst.
The op_build_request invoked in crypto build request op is based
on crypto operations setup'd during session init.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch removes qat_asym_pmd.c and integrates all the
functions into qat_asym.c. The unified/integrated asym crypto
pmd functions should make them easier to maintain.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch removes qat_sym_pmd.c and integrates all the functions into
qat_sym.c. The unified/integrated qat sym crypto pmd functions should
make them easier to maintain.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch reworks the asymmetric crypto data path
implementation in QAT driver. The changes include asymmetric
crypto data path separation for QAT hardware generations, and
code optimisation of the device capabilities declaration.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch introduces a set of set_session methods to QAT
generations. In addition, the reuse of QAT session between
generations is prohibit as the support of min_qat_dev_gen_id'
is removed.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch adds common inline functions for QAT symmetric
crypto driver to process crypto op, and the implementation of
build op request function for QAT generation 1.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This patch introduce build request and dequeue op function
pointers to the qat queue pair implementation. The function
pointers are assigned during qat session generation based on input
crypto operation request.
Signed-off-by: Kai Ji <kai.ji@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
