TIMER_MILLISECOND is defined as the number of cpu cycles per millisecond,
current definition is correct for cores with frequency of 2GHZ, for cores
with different frequency, it caused different periods between refresh,
(i.e. the definition is about 14ms on ARM cores).
The devarg that stated the period between stats print was not used,
instead, it was always defaulted to 10 seconds (on 2GHZ core).
Use DPDK API to get CPU frequency, to define TIMER_MILLISECOND.
Use the refresh period devarg instead of defaulting to 10s always.
Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Cc: stable@dpdk.org
Signed-off-by: Raja Zidane <rzidane@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added test vector file for AES-128-GCM for
64B and 512B length buffers.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
For decrypt, ICV mismatch can come as data is dummy and
latency will be calculated for error path. Hence populate
mbuf with test vector data.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Fixing the IV calculation for ZUC based short MAC-I
as per the HW security engine guidelines.
Fixes: 73a24060cd ("crypto/dpaa2_sec: add sample PDCP descriptor APIs")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Driver is preparing the shared descriptor of session while
attaching the session to a queue pair.
It should be prepared on session create.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
There are some crypto driver related thread specific
variables which are no longer used, so removing them.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Driver is not filling the operation status on dequeue
in case the FD is simple.
So setting the status as per the results.
Fixes: 0a23d4b6f4 ("crypto/dpaa2_sec: support protocol offload IPsec")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Driver is filling the crypto_op variable with an invalid value
for atomic and ordered events which can results into
segmentation fault.
This patch assigning the correct crypto_op and event buffer
pointers by extracting from FD.
Fixes: a77db24643 ("crypto/dpaa2_sec: support atomic queues")
Fixes: 4562de326d ("crypto/dpaa2_sec: support ordered queue")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Driver is creating a fle pool with a fixed number of
buffers for all queue pairs of a DPSECI object.
These fle buffers are equivalent to the number of descriptors.
In this patch, creating the fle pool for each queue pair
so that user can control the number of descriptors of a
queue pair using API rte_cryptodev_queue_pair_setup().
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
DPAA hardware supports non-i/o performing secondary
applications only. So we do not have to probe crypto
devices in secondary applications.
Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Vanshika Shukla <vanshika.shukla@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Remove sec era 1 to 7 IPsec and caam operations code
as none of the NXP platform use it.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
To perform crypto operations on DPAA platform,
QI interface of HW must be enabled.
Earlier DPAA crypto driver was dependent on
kernel for QI enable. Now with this patch
there is no such dependency on kernel.
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
DPAA2 sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.
Fixes: aa6ec1fd84 ("crypto/dpaa2_sec: support authenc with raw buffer API")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
DPAA sec raw driver is calculating the wrong lengths while
creating the FD for chain.
This patch fixes lengths for chain FD.
Fixes: 78156d38e1 ("crypto/dpaa_sec: support authonly and chain with raw API")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Simple fd rely on bpid of the buffers whereas
other FD types can support buffers without bpid
of pool.
So moving the bpid check to simple fd to mbuf
conversion function.
Fixes: 8d1f3a5d75 ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Driver allocates a fle buffer for each packet
before enqueue and free the buffer on dequeue. But in case if
there are enqueue failures, then code should free the fle buffers.
Fixes: 4562de326d ("crypto/dpaa2_sec: support ordered queue")
Fixes: 3ffce51a1f ("crypto/dpaa2_sec: add enqueue retry timeout")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Extended support for asymmetric crypto perf throughput test.
Added support for new modulus lengths.
Added new parameter --modex-len.
Supported lengths are 60, 128, 255, 448. Default length is 128.
Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
In case of a probing failure caused by wrong devarg provided,
login isn't destroyed when exiting.
Destroy login on failure.
Fixes: ba707cdb6d ("crypto/mlx5: fix queue size configuration")
Cc: stable@dpdk.org
Signed-off-by: Raja Zidane <rzidane@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
In a situation where crypto_caps elements are checked only for
RTE_CRYPTO_OP_TYPE_UNDEFINED until valid op defined, there is
possibility for an out of bound access. Add this array by one
element for current capabilities.
Signed-off-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Usage of flush and invalidate would involve delays to account
for flush delay. Use set_ctx operation instead. When set_ctx fails,
fall back to flush + invalidate scheme.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Add busy wait and polling for ctx write operation
rather than waiting with 1 ms delay.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Fix comments to reflect the hard expiry fields.
Fixes: ad7515a39f ("security: add SA lifetime configuration")
Cc: stable@dpdk.org
Reported-by: Thomas Monjalon <thomas@monjalon.net>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Reviewed-by: Morten Brørup <mb@smartsharesystems.com>
DPAA crypto driver can support 64 bytes size digest size
for SHA512-HMAC.
This patch changes the value of macro max supported digest size to
64.
Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Gagandeep Singh <g.singh@nxp.com>
Added tunnel and transport AH known test vectors for
SHA256 HMAC.
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added auth only and null cipher + auth under combined mode
for following combinations.
1. Tunnel IPv4
2. Transport IPv4
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Add mingw cross compilation in our public CI so that users with their
own github repository have a first level of checks for Windows compilation
before submitting to the mailing list.
This does not replace our better checks in other entities of the CI.
Only the helloworld example is compiled (same as what is tested in
test-meson-builds.sh).
Note: the mingw cross compilation toolchain (version 5.0) in Ubuntu
18.04 was broken (missing a ENOMSG definition).
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Ubuntu 18.04 is now rather old.
Besides, other entities in our CI are also testing this distribution.
Switch to a newer Ubuntu release and benefit from more recent
tool(chain)s: for example, net/cnxk now builds fine and can be
re-enabled.
Note: Ubuntu 18.04 and 20.04 seem to preserve the same paths for the ARM
and PPC cross compilation toolchains, so we can use a single
configuration file (with the hope, future releases of Ubuntu will do the
same).
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Aaron Conole <aconole@redhat.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Currently the "extern C" section ends right before rte_dev_dma_unmap
and other DMA function declarations, causing some C++ compilers to
produce C++ mangled symbols to rte_dev_dma_unmap instead of C symbols.
This leads to build failures later when linking a final executable
against this object.
Fixes: a753e53d51 ("eal: add device event monitor framework")
Cc: stable@dpdk.org
Signed-off-by: Tianhao Chai <cth451@gmail.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Currently, when we free previously allocated memory, we mark the area as
"freed" for ASan purposes (flag 0xfd). However, sometimes, freeing a
malloc element will cause pages to be unmapped from memory and re-backed
with anonymous memory again. This may cause ASan's "use-after-free"
error down the line, because the allocator will try to write into
memory areas recently marked as "freed".
To fix this, we need to mark the unmapped memory area as "available",
and fixup surrounding malloc element header/trailers to enable later
malloc routines to safely write into new malloc elements' headers or
trailers.
Bugzilla ID: 994
Fixes: 6cc51b1293 ("mem: instrument allocator for ASan")
Cc: stable@dpdk.org
Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Currently, EAL init in secondary processes will attach all fbarrays
in the memconfig to have access to the primary process's page tables.
However, fbarrays corresponding to external memory segments should
not be attached at initialization, because this will happen as part
of `rte_extmem_attach` [1] or `rte_malloc_heap_memory_attach` [2] calls.
1: https://doc.dpdk.org/api/rte__memory_8h.html#a2796da68de6825f8edf53759f8e4d230
2: https://doc.dpdk.org/api/rte__malloc_8h.html#af6360dea35bdf162feeb2b62cf149fd3
Fixes: ff3619d624 ("malloc: allow attaching to external memory chunks")
Cc: stable@dpdk.org
Suggested-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: Deepak Khandelwal <deepak.khandelwal@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
The driver wrongly set the LRO configurations to the TIR of the DevX
drop queue even when LRO is not supported.
Actually, the LRO configuration is not relevant to the drop queue at
all.
This causes failure in the initialization of the device, which doesn't
support LRO where the drop queue is created.
Probably, the drop queue creation by DevX missed the fact that LRO is
set by default in the TIR creation function and didn't unset it in the
drop queue case like other cases that unset LRO.
Move the default LRO configuration to unset it and set it only in the
case of all the TIR queues configured with LRO.
Fixes: bc5bee028e ("net/mlx5: create drop queue using DevX")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
The mlx5_rx_queue_setup() get LRO offload from user.
When LRO is configured, the LRO flag in rxq_data is set to 1.
This patch adds validation to make sure the LRO is supported.
Fixes: 17ed314 ("net/mlx5: allow LRO per Rx queue")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
When an indirect action was created with an RSS action configured to
hash on both source and destination L3 addresses (or L4 ports), it caused
shared hrxq to be configured to hash only on destination address
(or port).
This patch fixes this behavior by refining RSS types specified in
configuration before calculating hash types used for hrxq. Refining RSS
types removes *_SRC_ONLY and *_DST_ONLY flags if they are both set.
Fixes: 212d17b6a6 ("net/mlx5: fix missing shared RSS hash types")
Cc: stable@dpdk.org
Signed-off-by: Dariusz Sosnowski <dsosnowski@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
Queue statistics are being continuously updated in Rx/Tx burst
routines while handling traffic. In addition to that, statistics
can be reset (written with zeroes) on statistics reset in other
threads, causing a race condition, which in turn could result in
wrong stats.
The patch provides an approach with reference values, allowing
the actual counters to be writable within Rx/Tx burst threads
only, and updating reference values on stats reset.
Fixes: 87011737b7 ("mlx5: add software counters")
Cc: stable@dpdk.org
Signed-off-by: Raja Zidane <rzidane@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
GTP items were ignored during conversion of modify header actions. This
caused modify TTL action to generate a wrong modify header command when
tunnel and inner headers used different IP versions.
This patch adds GTP item handling to modify header action conversion.
Fixes: 04233f36c7 ("net/mlx5: fix layer type in header modify action")
Cc: stable@dpdk.org
Signed-off-by: Dariusz Sosnowski <dsosnowski@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
Mlx5Devx library has new API's for setting and getting MTU.
Added new glue functions that wrap the new mlx5devx lib API's.
Implemented the os_ethdev callbacks to use the new glue
functions in Windows.
Signed-off-by: Adham Masarwah <adham@nvidia.com>
Tested-by: Idan Hackmon <idanhac@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Support of the set promiscuous modes by calling the new API
In Mlx5DevX Lib.
Added new glue API for Windows which will be used to communicate
with Windows driver to enable/disable PROMISC or ALLMC.
Signed-off-by: Adham Masarwah <adham@nvidia.com>
Tested-by: Idan Hackmon <idanhac@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
The mlx5_rxq_is_hairpin() function checks whether RxQ type is Hairpin.
It is done by reading a flag in Rx control structure coming from
mlx5_rxq_ctrl_get() function.
The function verifies that the queue index is valid even though it has
been checked within the mlx5_rxq_ctrl_get() function.
This patch removes the redundant check.
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
The mlx5_rxq_get() function gets RxQ index and return RxQ priv
accordingly.
When it gets an invalid index, it accesses out of array bounds which
might cause undefined behavior.
This patch adds a check for invalid indexes before accessing to array.
Fixes: 0cedf34da7 ("net/mlx5: move Rx queue reference count")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
The flow_drv_rxq_flags_set sets the Rx queue flags (Mark/Flag and Tunnel
Ptypes) according to the device flow.
It tries to get the RxQ control structure to update its ptype. However,
external RxQs don't have control structure to update and it may cause a
crash.
This patch add check whether this Queue is external.
Fixes: 311b17e669 ("net/mlx5: support queue/RSS actions for external Rx queue")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
In rte_flow, if a counter action is before a meter which has
non-termination policy, the counter value only includes packets not
being dropped.
This patch fixes this issue by differentiating the order of counter and
non-termination meter:
1. counter + meter, counts all packets hitting this flow.
2. meter + counter, only counts packets not being dropped.
Fixes: 51ec04dc7b ("net/mlx5: connect meter policy to created flows")
Cc: stable@dpdk.org
Signed-off-by: Shun Hao <shunh@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
