Commit Graph

20299 Commits

Author SHA1 Message Date
Dekel Peled
6b7af102d0 net/mlx5: fix getting Rx queue type
Function mlx5_rxq_get_type() uses the input queue index, without
checking it, as index to the Rx queues array.
If this value is too high, it will result in pointer to memory out
of Rx queues array bounds.

This patch adds check of the input queue index, to verify it is valid.

Fixes: d85c7b5ea5 ("net/mlx5: split hairpin flows")

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2019-11-20 17:36:05 +01:00
Viacheslav Ovsiienko
cec19a342f net/mlx5: fix suffix flow creation in metadata split
The variable cleanup was erroneously done before pointer usage.
The cleanup is moved to appropriate place, comment is clarified.

Fixes: 8d72fa6689 ("net/mlx5: share tag between meter and metadata")

Reported-by: Eli Britstein <elibr@mellanox.com>
Signed-off-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2019-11-20 17:36:05 +01:00
Matan Azrad
7f1517012b net/mlx5: revert default rules amount optimization
This reverts commit 304ffe576f.

It tried to optimize the amount of the default flow
rules and created it only once on top of the PF representor.

For each FDB rule, the default port ID to match on is like of the port
that triggers the flow.

Hence, the single default rule will not be matched on the VF traffic.

As a result, all the traffic of the VFs will not match to the jump flow
in the root table and will always be forwarded to the representor port.

Revert the commit.

Fixes: 304ffe576f ("net/mlx5: fix condition to create default rule")

Signed-off-by: Matan Azrad <matan@mellanox.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
2019-11-20 17:36:05 +01:00
Shougang Wang
1ad37a2c58 net/ice: fix wild pointer
To avoid wild pointer, pointers should be set to NULL after free them.

Fixes: 1a2fc1799f ("net/ice: reject duplicated flow for flow director")
Fixes: 84dc7a95a2 ("net/ice: enable flow director engine")
Fixes: 0f880c3df1 ("net/ice: add flow director counter resource init/release")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Acked-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Shougang Wang
01af3d0a41 net/ice: fix flow director counter resource release
All the counter resources should be cleaned up when teardown.

Fixes: 0f880c3df1 ("net/ice: add flow director counter resource init/release")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Shougang Wang
3916416737 net/ice: fix flow director profile removal
The removal of FDIR profile should start from the next
of ICE_FLTR_PTYPE_NONF_NONE.

Fixes: 109e8e0624 ("net/ice: configure HW flow director rule")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Acked-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Shougang Wang
b8e609e8e2 net/ice: fix memzone reserve and release in flow director
To avoid memzone reserve failure and memory leak, following
resources management should be added.
- Check if the FDIR Memzone already exists before reserving.
- Free FDIR memzone when teardown and other failure scenarios.

Fixes: 84dc7a95a2 ("net/ice: enable flow director engine")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Wei Zhao
9ffb871222 net/ice/base: fix switch programming for IPv6
Correct an error in the IPV6 header bitmask used for programming switch
rules.

Also, change other programming switch headers to use big endian
fields in order to make setting these easier.

Fixes: 04b8ec1ea8 ("net/ice/base: add protocol structures and defines")
Cc: stable@dpdk.org

Signed-off-by: Dan Nowlin <dan.nowlin@intel.com>
Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Bruce Richardson
3566515daf net/i40e: fix clang build with 16B descriptors
When compiling with 16B descriptor support enabled, clang compiles gave
an error, complaining that the final parameter of _mm256_blend_epi32()
had to be an immediate value (i.e. compile-time constant):

 i40e_rxtx_vec_avx2.c:561:21: error: argument to
'__builtin_ia32_pblendd256' must be a constant integer
   __m256i tmp0_1 = _mm256_blend_epi32(fdir_zero_mask,
                    ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

While it appears that GCC was able to convert the constant variable
value "fdir_blend_mask" into the blend call, clang was not doing so. To
guarantee the use of an immediate we convert the variable value to a
"#define".

Fixes: 7d087a0a8b ("net/i40e: support flow director on AVX Rx")

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Leyi Rong
d7a6eab090 net/iavf: fix Tx checksum offload in AVX path
Fix iavf vf_checksum_sw case fail in X710/XXV710, set bit2 to 1
of CMD field in Tx descriptor of AVX Tx path according to Spec.

Fixes: af0c246a38 ("net/iavf: enable AVX2 for iavf")

Signed-off-by: Leyi Rong <leyi.rong@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2019-11-20 17:36:05 +01:00
Qi Zhang
89a3286f9c net/ice/base: fix TCAM entry management
Order intermediate VSIG list correct in order to correctly match
existing VSIG lists.

When overriding pre-existing TCAM entries, properly delete the existing
entry and remove it from the change/update list.

Fixes: 51d04e4933 ("net/ice/base: add flexible pipeline module")

Signed-off-by: Dan Nowlin <dan.nowlin@intel.com>
Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Tested-by: Zhirun Yan <zhirun.yan@intel.com>
2019-11-20 17:36:05 +01:00
Chenxu Di
e2d6596bc3 net/i40e: fix hotplug remove
testpmd will occur infinite loops when device hotplug remove.
We can fix the issue by using the pci generic remove function

Fixes: ac89d46096 ("net/i40e: release port upon close")

Signed-off-by: Chenxu Di <chenxux.di@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Chenxu Di
1709cb10a8 net/ixgbe: fix hotplug remove
testpmd will occur infinite loops when device hotplug remove.
We can fix the issue by using the pci generic remove function

Fixes: f2f4990eff ("net/ixgbe: release port upon close")

Signed-off-by: Chenxu Di <chenxux.di@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Simei Su
6410b1d993 net/ice: fix crash with wrong package
This patch fixes core dump issue when entering safe mode with a
wrong ice.pkg. In safe mode, rte_flow is not supported and it
won't initialize any flow engine.

Fixes: 7615a68950 ("net/ice: rework for generic flow enabling")

Signed-off-by: Simei Su <simei.su@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2019-11-20 17:36:05 +01:00
Qiming Yang
fdcf92ed66 net/ice: fix link status recovery
This patch fixes a kernel driver link status issue by recovering
link status when device stops.

Fixes: e6161345d8 ("net/ice: support link status change")
Cc: stable@dpdk.org

Signed-off-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
2019-11-20 17:36:05 +01:00
Simei Su
db6730a809 net/ice: fix RSS rule destroy
This patch changes RSS rule destroy interface from ice_rem_vsi_rss_cfg()
to ice_rem_rss_cfg(). To coordinate with input set change, it should
destroy a specific flow rule but not all vsi cfg.

Fixes: 5ad3db8d4b ("net/ice: enable advanced RSS")

Signed-off-by: Simei Su <simei.su@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
2019-11-20 17:36:05 +01:00
Dekel Peled
97127d4298 net/mlx5: fix check of RSS queue index
RSS action validation function checks the queues included in RSS
to make sure they are valid.
A Queue is considered valid if the pointer to the queue (item at
location queue-index of RxQ array) is not a null value.
The queue indices are not checked. If a large value is entered as
queue index, using it as an index in RxQ array will result in a
pointer to memory out of array bounds. If this memory contains a
value which is not null, this queue will be wrongly considered valid.

This patch updates function mlx5_flow_validate_action_rss() with
check of the input queue indices, as done in function
mlx5_flow_validate_action_queue().

Fixes: 23c1d42c71 ("net/mlx5: split flow validation to dedicated function")
Cc: stable@dpdk.org

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2019-11-20 17:36:05 +01:00
Viacheslav Ovsiienko
dcd1b653e9 net/mlx5: fix query host adapter attributes
Host adapter attributes are queried from kernel via multiple
DevX calls. The retrieved data were erroneously overwritten,
the order of querying is fixed.

Fixes: 6bc327b94f ("net/mlx5: fill meter capabilities using DevX")

Signed-off-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
2019-11-20 17:36:05 +01:00
Akhil Goyal
b795e127e8 crypto/openssl: support in-place scatter gather
As per current support, Scatter Gather is only supported
for out of place input and output buffers.
This patch add support for Scatter Gather for in-place buffers.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2019-11-20 12:35:51 +01:00
Fan Zhang
82cfb9c24f examples/fips_validation: fix auth verify
Fixes: f64adb6714 ("examples/fips_validation: support HMAC parsing")
Cc: stable@dpdk.org

This patch fixes the incorrect mbuf write and digest memory leak in
fips_validation authentication verify.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
2019-11-20 12:35:51 +01:00
Akhil Goyal
8fd2b5a60d app/crypto-perf: support PDCP
test-crypto-perf app is updated to calculate PDCP
throughput numbers.

2 new params are added for PDCP
--pdcp-sn-sz <5/7/12/15/18>
--pdcp-domain <control/user>

./dpdk-test-crypto-perf --master-lcore 0 -l 0,1 --log-level=8 --
--devtype crypto_dpaa2_sec --optype pdcp --cipher-algo aes-ctr
--cipher-op encrypt --auth-algo null --auth-op generate  --auth-key-sz
16 --ptest throughput --total-ops 100000 --burst-sz 64 --buffer-sz
64,390,1512  --pool-sz 4096 --silent --pdcp-sn-sz 12 --pdcp-domain
control

Signed-off-by: Manish Tomar <manish.tomar@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
2019-11-20 12:35:51 +01:00
Pablo de Lara
6231271d0c doc: update release notes for AESNI PMDs
AESNI MB and AESNI GCM PMDs were updated to support
latest IPSec Multi buffer library (v0.53), and the user guide
of hose drivers were updated but not release notes.

Fixes: 4b70152374 ("crypto/aesni_gcm: support in-place chained mbufs")
Fixes: d91dc58356 ("doc: support IPsec Multi-buffer lib v0.53")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2019-11-20 12:35:51 +01:00
Stephen Hemminger
1dc48bce51 examples/ipsec-segw: add SPDX license tag
Add missing BSD license tag to IPsec examples.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2019-11-20 12:35:51 +01:00
Lukasz Bartosik
742be57872 examples/ipsec-secgw: fix default configuration
Update default configuration of ipsec-secgw:
1.In ep0.cfg change SPI value used by two inbound IPv6 security
policies from 15 to 115 and 16 to 116 to point to existing inbound
SAs. There are no inbound SAs with SPI value 15, 16.
- In ep1.cfg change SPI value used by two outbound IPv6 security
policies from 15 to 115 and 16 to 116 to point to existing outbound
SAs. There are no outbound SAs with SPI value 15, 16. Add missing
priority parameter in two inbound IPv4 security policies.

Fixes: 60a94afefc ("examples/ipsec-secgw: add sample configuration files")
Cc: stable@dpdk.org

Signed-off-by: Lukasz Bartosik <lbartosik@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-11-20 12:35:51 +01:00
Xueming Li
90f538b863 malloc: fix realloc padded element size
When resize a memory with next element, the original element size grows.
If the orginal element has padding, the real inner element size didn't
grow as well and this causes trailer verification failure when malloc
debug enabled.

Fixes: af75078fec ("first public release")
Cc: stable@dpdk.org

Signed-off-by: Xueming Li <xuemingl@mellanox.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-11-20 14:08:39 +01:00
Xueming Li
a029a06036 malloc: fix realloc copy size
In rte_realloc, if the old element has pad and need to allocate a new
memory, the padding size was not deducted, so more data was copied to
new data area.

Fixes: af75078fec ("first public release")
Cc: stable@dpdk.org

Signed-off-by: Xueming Li <xuemingl@mellanox.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-11-20 14:08:39 +01:00
Bruce Richardson
37a95bbff0 kernel/freebsd: always use clang for kmod compilation
Clang is the system compiler for FreeBSD and kernel module builds can fail
when built with gcc, e.g. when testing with test-meson-builds.sh.
Therefore, it's safer to always use clang to build the kmods since the
actual flags used are outside of DPDK's control and cannot be guaranteed to
work with all compilers.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
2019-11-20 10:17:33 +01:00
Bruce Richardson
23a5bb477a kernel/freebsd: allow installing kernel modules
Set the install path for the kernel modules as /boot/modules. This may
ease the integration with the official FreeBSD ports system as all
components should be correctly located in the staging directory after
running "ninja install"

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
2019-11-20 10:17:05 +01:00
Bruce Richardson
3be76aa929 ci: add 32-bit travis builds
Add a travis job to build for 32-bit on 64-bit systems to catch additional
build errors, for example, incorrect use of printf specifiers with uint64_t
types.

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Aaron Conole <aconole@redhat.com>
2019-11-19 22:23:31 +01:00
Kevin Traynor
baf023a8ed lib: fix doxygen typos
Fix these as they are user visible. Found with codespell.

Fixes: af75078fec ("first public release")
Fixes: c2361bab70 ("eal: compute IOVA mode based on PA availability")
Fixes: 0880c40113 ("drivers: advertise kmod dependencies in pmdinfo")
Fixes: 56b6ef874f ("efd: new Elastic Flow Distributor library")
Fixes: 5a5f3178d4 ("power: return error when environment already set")
Cc: stable@dpdk.org

Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
2019-11-19 22:03:38 +01:00
Kevin Traynor
0411d61fa9 lib: fix log typos
Fix these as they are user visible. Found with codespell.

Fixes: bacaa27540 ("eal: add channel for multi-process communication")
Fixes: f05e26051c ("eal: add IPC asynchronous request")
Fixes: 0cbce3a167 ("vfio: skip DMA map failure if already mapped")
Fixes: 445c6528b5 ("power: common interface for guest and host")
Fixes: e6c6dc0f96 ("power: add p-state driver compatibility")
Fixes: 8f972312b8 ("vhost: support vhost-user")
Cc: stable@dpdk.org

Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
2019-11-19 22:03:27 +01:00
David Marchand
8980d7da64 build: remove unneeded meson option
The meson option has been missed when removing this code.

Fixes: 8e35792c53 ("eal: remove dead code on NUMA node detection")
Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
2019-11-19 22:00:32 +01:00
Michael Pfeiffer
b8a0415008 kni: reduce interface name size
The name in rte_kni_device_info is passed to the kernel, which allows
interface names with at most 16 bytes (IFNAMSIZ). rte_kni_alloc with a
longer name currently trigger a kernel BUG in alloc_netdev_mqs in
net/core/dev.c. Reduce RTE_KNI_NAMESIZE to prevent this situation.

Signed-off-by: Michael Pfeiffer <michael.pfeiffer@tu-ilmenau.de>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-19 22:00:32 +01:00
Anatoly Burakov
84191ddeb5 mempool: remove check for bad IOVA when populating
Currently, mempool will check if IOVA is bad for a segment, and reject
the IOVA if hugepages are also enabled. This check is wrong because now
that we have external memory segments, they are allowed to have their
IOVA's to be invalid. This check also doesn't make much sense in the
first place, because the following code can handle bad IOVA's perfectly
well (and in fact, this check is not triggering a failure when
--no-huge option is enabled), so there is not much sense to check for
this in the first place.

Fixes: 950e8fb4e1 ("mem: allow registering external memory areas")
Cc: stable@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Tested-by: Bo Chen <box.c.chen@intel.com>
2019-11-19 21:41:43 +01:00
Anatoly Burakov
2a7fd3ef38 mempool: use actual IOVA addresses when populating
Currently, when mempool is being populated, we get IOVA address
of every segment using rte_mem_virt2iova(). This works for internal
memory, but does not really work for external memory, and does not
work on platforms which return RTE_BAD_IOVA as a result of this
call (such as FreeBSD). Moreover, even when it works, the function
in question will do unnecessary pagewalks in IOVA as PA mode, as
it falls back to rte_mem_virt2phy() instead of just doing a lookup in
internal memseg table.

To fix it, replace the call to first attempt to look through the
internal memseg table (this takes care of internal and external memory),
and fall back to rte_mem_virt2iova() when unable to perform VA->IOVA
translation via memseg table.

Fixes: 66cc45e293 ("mem: replace memseg with memseg lists")
Cc: stable@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Tested-by: Bo Chen <box.c.chen@intel.com>
2019-11-19 21:41:43 +01:00
Vamsi Attunuru
a0dede62a5 eal/linux: remove KNI restriction on IOVA
Now that KNI supports VA (with kernel versions starting 4.6.0), we can
accept IOVA as VA, but KNI must be configured for this.
Pass iova_mode when creating KNI netdevs.

So far, IOVA detection policy forced IOVA as PA when KNI is loaded,
whatever the buses IOVA requirements were.

We can now use IOVA as VA, but this comes with a cost in KNI.
When no constraint is expressed by the buses, keep the current behavior
of choosing PA.

Note: this change supposes that dpdk is built on the same kernel than
the target system kernel; no objection has been expressed on this topic.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2019-11-18 16:00:51 +01:00
Vamsi Attunuru
e73831dc6c kni: support userspace VA
Patch adds support for kernel module to work in IOVA = VA mode by
providing address translation routines to convert userspace VA to
kernel VA.

KNI performance using PA is not changed by this patch.
But comparing KNI using PA to KNI using VA, the latter will have lower
performance due to the cost of the added translation.

This translation is implemented only with kernel versions starting 4.6.0.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
2019-11-18 16:00:51 +01:00
Zhike Wang
1407b0752e vhost: fix vring requests validation broken if no FD
When VHOST_USER_VRING_NOFD_MASK is set, the fd_num is 0,
so validate_msg_fds() will return error. In this case,
the negotiation of vring message between vhost user front end and
back end would fail, and as a result, vhost user link could NOT be up.

How to reproduce:
1.Run dpdk testpmd insides VM, which locates at host with ovs+dpdk.
2.Notice that inside ovs there are endless logs regarding failure to
handle VHOST_USER_SET_VRING_CALL, and link of vm could NOT be up.

Fixes: bf472259dd ("vhost: fix possible denial of service by leaking FDs")
Cc: stable@dpdk.org

Signed-off-by: Zhike Wang <wangzk320@163.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Tiwei Bie <tiwei.bie@intel.com>
2019-11-15 14:25:48 +01:00
David Marchand
f43d3dbbd9 doc/guides: clean repeated words
Shoot repeated words in all our guides.

Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Kevin Traynor <ktraynor@redhat.com>
2019-11-15 11:36:27 +01:00
David Marchand
a0eb7f2be8 doc: fix link to AESNI mb external library
Add missing _.

Fixes: 2977a13657 ("doc: fix AESNI_MB guide")
Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
2019-11-15 10:11:04 +01:00
Xiao Wang
21f46d5f19 doc: fix address type description for IOAT rawdev
Align the description to what the code snippet shows.

Fixes: 0a92e63fc4 ("raw/ioat: add local API to perform copies")
Cc: stable@dpdk.org

Signed-off-by: Xiao Wang <xiao.w.wang@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
2019-11-15 10:00:25 +01:00
David Marchand
43628b3df2 doc: fix internal links for older releases
Using external explicit references to http://doc.dpdk.org makes older
releases documentation point to the current master documentation pages.
Switch to internal references.

Fixes: 59ad25fe21 ("doc: add overview of qat guide")
Fixes: 30e7fbd628 ("doc: add event timer adapter guide")
Fixes: b7f859c9a9 ("doc: add switch representation documentation")
Fixes: f714a18885 ("app/testbbdev: add test application for bbdev")
Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
2019-11-15 09:58:01 +01:00
Luca Boccassi
a46987cf94 doc: add oss-security to the security process
The OSS-security project functions as a single point of contact for
pre-release, embargoed security notifications. Distributions and major
vendors are subscribed to this private list, so that they can be warned
in advance and schedule the work required to fix the vulnerability.

List and link this process in the DPDK security process document.

Signed-off-by: Luca Boccassi <luca.boccassi@microsoft.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2019-11-15 09:54:55 +01:00
Krzysztof Kanas
18562261ab test: optimise fd closing in forks
Caught while investigating timeouts on a ARM64 server.

Stracing a test process running the eal_flags_autotest, we can see that
the fork helper is checking all possible file descriptors from
getdtablesize() to 2, and close the existing ones.
We can do better by inspecting this forked process /proc/self/fd
directory.

Besides, checking file descriptors via /proc/self/fd only makes sense for
Linux. This code was a noop on FreeBSD.

Fixes: af75078fec ("first public release")
Cc: stable@dpdk.org

Signed-off-by: Krzysztof Kanas <kkanas@marvell.com>
Signed-off-by: David Marchand <david.marchand@redhat.com>
Tested-by: Krzysztof Kanas <kkanas@marvell.com>
Acked-by: Kevin Traynor <ktraynor@redhat.com>
2019-11-15 09:35:20 +01:00
Wangyu (Eric)
d25ab4b7f1 bus/pci: align next mapping address on page boundary
Currently, the next address picked by PCI mapping infrastructure
may be page-unaligned due to BAR length being smaller than page size.
This leads to a situation where the requested map address is invalid,
resulting in mmap() call returning an arbitrary address,
which will later interfere with device BAR mapping in secondary processes.

Fix it by always aligning the next requested address on page boundary.

Fixes: c752998b5e ("pci: introduce library and driver")
Cc: stable@dpdk.org

Signed-off-by: Xiaofeng Deng <dengxiaofeng@huawei.com>
Signed-off-by: Wangyu (Eric) <seven.wangyu@huawei.com>
Acked-by: Wei Hu (Xavier) <xavier.huwei@huawei.com>
Acked-by: Min Hu (Connor) <humin29@huawei.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Gavin Hu <gavin.hu@arm.com>
2019-11-14 14:17:48 +01:00
Stephen Hemminger
08a234788e cmdline: remove unnecessary #ifdef
The #ifdef to conditionally include <sys/socket.h> on BSD
is unnecessary. It is harmless to include the header on other
OS's. An extra include is better than an #ifdef.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2019-11-12 18:35:17 +01:00
David Marchand
264a1598c5 examples/l2fwd: fix build warning with system wide install
Caught when compiling this example with pkg-config:

 ## Building l2fwd
 ...
 main.c: In function ‘main’:
 main.c:716:3: warning: ‘rte_eth_dev_set_ptypes’ is deprecated: Symbol
 is not yet part of stable ABI [-Wdeprecated-declarations]
   716 |   ret = rte_eth_dev_set_ptypes(portid, RTE_PTYPE_UNKNOWN, NULL,
       |   ^~~
 In file included from main.c:38:
 ...build-x86-default/install-root/usr/local/include/rte_ethdev.h:2661:5:
 note: declared here
  2661 | int rte_eth_dev_set_ptypes(uint16_t port_id, uint32_t
 ptype_mask,
       |     ^~~~~~~~~~~~~~~~~~~~~~
 ln -sf l2fwd-shared build/l2fwd

Fixes: 9731df2e75 ("examples/l2fwd: disable packet type parsing")

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-11-12 18:16:20 +01:00
Maxime Coquelin
bf472259dd vhost: fix possible denial of service by leaking FDs
A malicious Vhost-user master could send in loop hand-crafted
vhost-user messages containing more file descriptors the
vhost-user slave expects. Doing so causes the application using
the vhost-user library to run out of FDs.

This issue has been assigned CVE-2019-14818

Fixes: 8f972312b8 ("vhost: support vhost-user")

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2019-11-12 12:21:20 +01:00
Maxime Coquelin
612e17cf6d vhost: fix possible denial of service on SET_VRING_NUM
vhost_user_set_vring_num() performs multiple allocations
without checking whether data were previously allocated.

It may cause a denial of service because of the memory leaks
that happen if a malicious vhost-user master keeps sending
VHOST_USER_SET_VRING_NUM request until the slave runs out
of memory.

This issue has been assigned CVE-2019-14818

Fixes: b0a985d1f3 ("vhost: add dequeue zero copy")

Reported-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
2019-11-12 12:21:17 +01:00
Thomas Monjalon
31aa07759e version: 19.11-rc2
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
2019-11-12 09:07:25 +01:00