Remove SA & packet accesses in dequeue path by adjusting the headers in
the enqueue path for outbound packets. For inbound packets, add extra
esn_en flag in the SA to minimize cache line accesses in the datapath.
Also, use seq_lo for IPID. IPID just need to be unique. Instead of
incrementing per packet, use ESN low bits.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Move the IPsec SA creation to common.
The code can be used by fastpath also to create the SAs
Add changes to support new full context microcode
Signed-off-by: Vidya Sagar Velumuri <vvelumuri@marvell.com>
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
This commit fixes missing guards for size of memcpy,
it is needed to prevent faulty access when incorrect length
passed from the user.
Fixes: 3b78aa7b2317 ("crypto/qat: refactor asymmetric crypto functions")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
This commit fixes wrong qp_id value in cryptodev scheduler in failover
mode.
Fixes: 37f075dad1e9 ("crypto/scheduler: add fail-over scheduling mode")
Cc: stable@dpdk.org
Signed-off-by: Jakub Wysocki <jakubx.wysocki@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Full cookie data should be cleared by default if not algorithm
specified. This is protection in case algorithm specific cleanup
is not implemented.
Fixes: 3b78aa7b2317 ("crypto/qat: refactor asymmetric crypto functions")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
When compiling this example out of DPDK, linking the executable fails
with:
## Building fips_validation
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_init':
fips_validation.c:(.text+0x7ab): undefined reference to `json_loadf'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function
`fips_test_parse_one_json_vector_set':
fips_validation.c:(.text+0xc2e): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xc36): undefined reference to
`json_string_value'
/usr/bin/ld: /tmp/ccQjeHBg.o: in function `fips_test_parse_one_json_group':
fips_validation.c:(.text+0xd00): undefined reference to `json_object_get'
/usr/bin/ld: fips_validation.c:(.text+0xd14): undefined reference to
`json_integer_value'
...
Code in an example can't rely on RTE_HAS_JANSSON, because it only
indicates that the jansson library was available at the time of dpdk
compilation.
Prefer a local build flag (like what is done in vm_power_manager).
And add linking to libjansson, if available.
Fixes: f556293fd58e ("examples/fips_validation: add JSON info to header")
Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Gowrishankar Muthukrishnan <gmuthukrishn@marvell.com>
GCC 12 raises the following warning:
In function ‘_mm256_loadu_si256’,
inlined from ‘rte_mov32’ at
../lib/eal/x86/include/rte_memcpy.h:319:9,
inlined from ‘rte_mov128’ at
../lib/eal/x86/include/rte_memcpy.h:344:2,
inlined from ‘rte_memcpy_generic’ at
../lib/eal/x86/include/rte_memcpy.h:438:4,
inlined from ‘rte_memcpy’ at
../lib/eal/x86/include/rte_memcpy.h:882:10,
inlined from ‘setup_test_string.constprop’ at
../app/test/test_ipsec.c:572:4:
/usr/lib/gcc/x86_64-redhat-linux/12/include/avxintrin.h:929:10: error:
array subscript ‘__m256i_u[3]’ is partly outside array bounds of
‘const char[108]’ [-Werror=array-bounds]
929 | return *__P;
| ^~~~
../app/test/test_ipsec.c: In function ‘setup_test_string.constprop’:
../app/test/test_ipsec.c:539:12: note: at offset 96 into object
‘null_plain_data’ of size 108
539 | const char null_plain_data[] =
| ^~~~~~~~~~~~~~~
Add a hint so that the compiler understands the copied data is within
the passed string boundaries.
Bugzilla ID: 848
Fixes: 05fe65eb66b2 ("test/ipsec: introduce functional test")
Cc: stable@dpdk.org
Signed-off-by: David Marchand <david.marchand@redhat.com>
The following warning is observed with GCC 12 compilation:
In file included from ../drivers/crypto/cnxk/cn10k_cryptodev_ops.c:17:
In function ‘fill_sg_comp_from_iov’,
inlined from ‘cpt_pdcp_chain_alg_prep’ at
../drivers/crypto/cnxk/cnxk_se.h:1194:8,
inlined from ‘cpt_fc_enc_hmac_prep’ at
../drivers/crypto/cnxk/cnxk_se.h:1871:9,
inlined from ‘fill_digest_params’ at
../drivers/crypto/cnxk/cnxk_se.h:2829:8,
inlined from ‘cpt_sym_inst_fill’ at
../drivers/crypto/cnxk/cn10k_cryptodev_ops.c:92:9,
inlined from ‘cn10k_cpt_fill_inst.constprop’ at
../drivers/crypto/cnxk/cn10k_cryptodev_ops.c:146:10:
../drivers/crypto/cnxk/cnxk_se.h:222:52: warning: array subscript 0 is
outside array bounds of ‘struct roc_se_buf_ptr[0]’ [-Warray-bounds]
222 | e_vaddr = (uint64_t)bufs[j].vaddr;
| ~~~~~~~^~~~~~
../drivers/crypto/cnxk/cnxk_se.h:223:48: warning: array subscript 0 is
outside array bounds of ‘struct roc_se_buf_ptr[0]’ [-Warray-bounds]
223 | e_len = (size > bufs[j].size) ? bufs[j].size : size;
| ~~~~~~~^~~~~
This patch resolves the warning.
Fixes: 3de331795f73 ("crypto/cnxk: add flexi cipher encryption")
Cc: stable@dpdk.org
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Reviewed-by: Anoob Joseph <anoobj@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Tested-by: David Marchand <david.marchand@redhat.com>
The following warning is observed with GCC 12 compilation:
In function ‘fill_sg_comp_from_iov’,
inlined from ‘cpt_zuc_snow3g_enc_prep’ at
../drivers/common/cpt/cpt_ucode.h:1672:9,
inlined from ‘cpt_fc_enc_hmac_prep’ at
../drivers/common/cpt/cpt_ucode.h:2472:3,
inlined from ‘fill_digest_params’ at
../drivers/common/cpt/cpt_ucode.h:3548:14,
inlined from ‘otx_cpt_enq_single_sym’ at
../drivers/crypto/octeontx/otx_cryptodev_ops.c:541:9,
inlined from ‘otx_cpt_enq_single_sym_sessless’ at
../drivers/crypto/octeontx/otx_cryptodev_ops.c:584:8,
inlined from ‘otx_cpt_enq_single’ at
../drivers/crypto/octeontx/otx_cryptodev_ops.c:611:11,
inlined from ‘otx_cpt_pkt_enqueue’ at
../drivers/crypto/octeontx/otx_cryptodev_ops.c:643:9,
inlined from ‘otx_cpt_enqueue_sym’ at
../drivers/crypto/octeontx/otx_cryptodev_ops.c:668:9:
../drivers/common/cpt/cpt_ucode.h:415:36: warning: array subscript 0 is
outside array bounds of ‘buf_ptr_t[0]’ {aka ‘struct buf_ptr[]’}
[-Warray-bounds]
415 | e_dma_addr = bufs[j].dma_addr;
| ~~~~~~~~~~~^~~~~~~~~~~~~~~~~~
../drivers/common/cpt/cpt_ucode.h:416:48: warning: array subscript 0 is
outside array bounds of ‘buf_ptr_t[0]’ {aka ‘struct buf_ptr[]’}
[-Warray-bounds]
416 | e_len = (size > bufs[j].size) ?
| ~~~~~~~^~~~~
This patch resolves the warning.
Bugzilla ID: 861
Fixes: 9be415daf469 ("common/cpt: add common defines for microcode")
Fixes: b74652f3a91f ("common/cpt: add microcode interface for encryption")
Cc: stable@dpdk.org
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Reviewed-by: Anoob Joseph <anoobj@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Tested-by: David Marchand <david.marchand@redhat.com>
Response info may have valid sub_event_type. Pass this to the event
generated by CPT.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Reviewed-by: Shijith Thotton <sthotton@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Response info may have valid sub_event_type. Pass this to the event
generated by CPT.
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Reviewed-by: Shijith Thotton <sthotton@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
The value of ec_mdata cannot be NULL, instead check that value of
private_data_offset was set.
Coverity issue: 378861, 378865
Fixes: 97ebfda82910 ("crypto/cnxk: add event metadata set operation")
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
The microcode expects the IV to be in reverse of what is provided
by dpdk test app. Also the first 8 bytes of reversed IV is
compressed to 6 bytes.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
The microcode expects zuc-256 key to be in reverse of what is
provided by dpdk test app. This patch swaps the zuc-256 key.
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Add new packet type flags instead of overwriting.
Fixes: d04bb1c52647 ("examples/ipsec-secgw: use HW parsed packet type in poll mode")
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Added option to configure number of queue pair descriptors via command
line (--desc-nb NUMBER_OF_DESC).
When the crypto processing takes longer durations, small queue pair size
would result in cryptodev enqueue failures. Larger queue pair size would
allow more packets to stay in flight simultaneously and reduce enqueue
failures.
Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Fix ESN option flag and initial value for the rte_ipsec library path.
Fixes: 560029d5cfc9 ("examples/ipsec-secgw: define initial ESN value")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Fail IPSec ESN and antireplay cases, if there are no packets. Fixes
following warning when using optimization=1 build flag with GCC 11.
../app/test/test_cryptodev.c: In function ‘test_ipsec_pkt_replay’:
../app/test/test_cryptodev.c:10074:15: warning: ‘td_outb’ may be used uninitialized [-Wmaybe-uninitialized]
ret = test_ipsec_proto_process(td_outb, td_inb, nb_pkts, true,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
&flags);
~~~~~~~
../app/test/test_cryptodev.c:9150:1: note: by argument 1 of type ‘const struct ipsec_test_data[]’ to ‘test_ipsec_proto_process’ declared here
test_ipsec_proto_process(const struct ipsec_test_data td[],
^~~~~~~~~~~~~~~~~~~~~~~~
../app/test/test_cryptodev.c:10056:32: note: ‘td_outb’ declared here
struct ipsec_test_data td_outb[IPSEC_TEST_PACKETS_MAX];
^~~~~~~
Bugzilla ID: 1032
Fixes: d02c6bfcb99a ("test/crypto: add ESN and antireplay cases")
Cc: stable@dpdk.org
Reported-by: Daxue Gao <daxuex.gao@intel.com>
Signed-off-by: Rahul Lakkireddy <rahul.lakkireddy@chelsio.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Correct the length calculation used for NAT-T
Fixes: 6bc987ecb860 ("net/iavf: support IPsec inline crypto")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Use the proper IP protocol (UDP instead of ESP) and set the ports when
UDP encapsulation is enabled.
Fixes: 9ae86b4cfc77 ("examples/ipsec-secgw: support UDP encap for inline crypto")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Fix the UDP header fields, wrong byte order used for src and dst port
and wrong offset used when updating UDP datagram length.
Fixes: 01eef5907fc3 ("ipsec: support NAT-T")
Cc: stable@dpdk.org
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Adding companion function common to ACC100/ACC101 which
can be called from bbdev-test when running from PF.
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
The validation requirement is different for the two
devices.
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Hernan Vargas <hernan.vargas@intel.com>
Added support for ACC101 as a derivative of ACC100.
Integrated in unified driver and reusing existing code when possible.
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Cosmetic update to remove RTE_ prefix for a define
kept internal.
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Catch exception in PMD in case of invalid input parameter.
Fixes: 5ad5060f8f7a ("baseband/acc100: add LDPC processing functions")
Cc: stable@dpdk.org
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Update of the device configuration function from PF used for bbdev-test
to latest sequence for ACC199 PRQ device and matching version in
pf_bb_config 22.03.
Fixes: b17d70922d5d ("baseband/acc100: add configure function")
Cc: stable@dpdk.org
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Reviewed-by: Hernan Vargas <hernan.vargas@intel.com>
ALIGNMENT_MASK is only used internally.
Besides it lacks a DPDK-related prefix.
Hide it from external eyes.
Fixes: f5472703c0bd ("eal: optimize aligned memcpy on x86")
Cc: stable@dpdk.org
Reported-by: Morten Brørup <mb@smartsharesystems.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
The function rte_pie_drop was attempting to do a random probability
drop, but because of incorrect usage of fixed point divide
it would always return 1.
Change to use new rte_drand() instead.
Fixes: 44c730b0e379 ("sched: add PIE based congestion management")
Cc: stable@dpdk.org
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Jasvinder Singh <jasvinder.singh@intel.com>
The qdelay variable is derived from and compared to 64 bit
value so it doesn't have to be floating point.
Fixes: 44c730b0e379 ("sched: add PIE based congestion management")
Cc: stable@dpdk.org
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Jasvinder Singh <jasvinder.singh@intel.com>
The PIE code and other applications can benefit from having a
fast way to get a random floating point value. This new function
is equivalent to drand() in the standard library.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Add support for toggling modes between ETH and CPRI on
newer MACs (RPM).
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Layout of eth mode change command defined by firmware has been changed
recently. So in order to retain compatibility between ROC and firmware
update existing codebase.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Some constants are redundant hence remove them.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Add support for changing miscellaneous CPRI settings.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Add support for enabling or disablig TX for SERDES
configured in CPRI mode.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Add support for switching from ethernet (eCPRI) to CPRI mode.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Switching affinity back and forth was used as a mean to pass CPU number
to IRQ registration routine which is an overkill.
Simplify current logic by extending IRQ registration routine parameter
list with a CPU which should run IRQ handler.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Documentation in doxygen format is important for API
headers used by end user. This patch fills BPHY and CGX
interface with missing bits.
Signed-off-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Some platforms have more RPMs available than the others. Take than
into account when retrieving id of a particular RPM.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Tested-by: Jerin Jacob <jerinj@marvell.com>
Due to HW changes some fields which were used to enable
xmit were moved elsewhere. This patch takes care of this.
Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
Reviewed-by: Jakub Palider <jpalider@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
Tested-by: Jerin Jacob <jerinj@marvell.com>
cycles_autotest and delay_us_sleep_autotest tests were removed in the
commit ee00af60170b ("test: remove strict timing requirements some tests")
and were wrongly reintroduced later.
Bugzilla ID: 1021
Fixes: 74822233bdc2 ("test: create a list of extra tests")
Cc: stable@dpdk.org
Signed-off-by: David Marchand <david.marchand@redhat.com>
While all systems which will use the idxd driver for hardware will
support AVX2, if the driver is present the initialization functions e.g.
to register logs, will be called on all systems - irrespective of HW
support. This can cause issues if the system running DPDK does not have
AVX2, and the compiler has included AVX instructions in the
initialization code.
To fix this, remove AVX2 instruction set from the whole build of the
driver. Instead, we add "target(avx2)" attribute to all datapath
functions, so those - and only those functions - will having AVX2
instructions in them.
Bugzilla ID: 1038
Fixes: 3d36a0a1c7de ("dma/idxd: add data path job submission")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Conor Walsh <conor.walsh@intel.com>
When no --wq-option flag is passed to dpdk_idxd_cfg.py script, the
default value used by argparse is None. This leads to later errors which
are expecting an array value:
TypeError: 'NoneType' object is not iterable
This is fixed by specifying that the empty array should be the default
if no flags are passed.
Fixes: 94b0f04dc0e3 ("dma/idxd: add generic option for queue config")
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Sunil Pai G <sunil.pai.g@intel.com>
Acked-by: Conor Walsh <conor.walsh@intel.com>
Enable most of the driver tests to run on Windows, most tests will be
skipped since the drivers themselves are not available on Windows.
Tests not removed from conditional run:
cryptodev_openssl_asym_autotest
Test fails because it does not bother checking to see if required
driver is available as the other cryptodev tests do.
The test should be updated to fix the issue.
eventdev_selftest_octeontx, eventdev_selftest_sw
Because it has a dependency on eventdev library which doesn't build
on Windows. These should be resolved by including/running the tests
dependent on if dpdk_conf.has('RTE_LIB_EVENT')
dump_xxx tests are still to be evaluated, no attempt has been made
to move these out of conditional run for Windows.
Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
These header includes have been flagged by the iwyu_tool
and removed.
Signed-off-by: Sean Morrissey <sean.morrissey@intel.com>
Acked-by: Chenbo Xia <chenbo.xia@intel.com>
