Commit Graph

32394 Commits

Author SHA1 Message Date
Akhil Goyal
86e2487c5f test/security: add cases for inline IPsec offload
A new test suite is added in test app to test inline IPsec protocol
offload. In this patch, predefined vectors from Lookaside IPsec test
are used to verify the IPsec functionality without the need of
external traffic generators. The sent packet is loopbacked onto the same
interface which is received and matched with the expected output.
The test suite can be updated further with other functional test cases.
In this patch encap only cases are added.
The testsuite can be run using:
RTE> inline_ipsec_autotest

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Akhil Goyal
8f5b549502 app/eventdev: support asym ops for crypto adapter
Test eventdev app is updated to add new option for asymmetric
crypto ops for event crypto adapter.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Akhil Goyal
647a788dbf test/event: add asymmetric cases for crypto adapter
Test app is updated to add cases for asymmetric crypto
sessions for event crypto adapter.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Akhil Goyal
b8c8a6ddc6 eventdev: use new API to get event crypto metadata
For getting event crypto metadata from crypto_op,
the new API rte_cryptodev_get_session_event_mdata is used
instead of getting userdata inside PMD.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Akhil Goyal
4c43055c0f test/event: use new API to set event crypto metadata
Used the new API rte_cryptodev_set_session_event_mdata to set
event crypto metadata from the applications (app/test and
app/test-eventdev) instead of using session userdata.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Akhil Goyal
a974f7cb6b crypto/octeontx: use new API for event metadata
For getting event crypto metadata from crypto_op,
the new API rte_cryptodev_get_session_event_mdata can be used
directly instead of getting userdata inside PMD.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Volodymyr Fialko
97ebfda829 crypto/cnxk: add event metadata set operation
Added cryptodev operation for setting event crypto
metadata for all supported sessions - sym/asym/security.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Volodymyr Fialko
a7ddfa9c27 cryptodev: add API to get/set event metadata
Currently, crypto session userdata is used to set event crypto
metadata from the application and the driver is dereferencing it
in driver which is not correct. User data is meant to be opaque
to the driver.
To support this, new API is added to get and set event crypto
metadata. The new API, rte_cryptodev_set_session_event_mdata,
allows setting event metadata in session private data which is
filled inside PMD using a new cryptodev op. This operation
can be performed on any of the PMD supported sessions
(sym/asym/security).
For SW abstraction of event crypto adapter to be used by
eventdev library, a new field is added in asymmetric crypto
session for now and for symmetric case, current implementation
of using userdata is used. Symmetric cases cannot be fixed now,
as it will be ABI breakage which will be resolved in DPDK 22.11.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Ciara Power
e6d37ffa69 test/crypto: fix null check for ZUC authentication
Check if the returned op is NULL because of failure,
before using it and causing a segmentation fault.

Fixes: 4c99481f49 ("app/test: add ZUC")
Cc: stable@dpdk.org

Signed-off-by: Ciara Power <ciara.power@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
2022-06-01 16:26:34 +02:00
Vamsi Attunuru
4ec5008860 crypto/cnxk: enable 3DES-CBC secure capability
Patch enables 3DES-CBC secure capability of crypto device.

Signed-off-by: Vamsi Attunuru <vattunuru@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2022-06-01 16:26:34 +02:00
Raja Zidane
f12c41bf40 crypto/mlx5: support plain text keys
Using crypto devs requires the user to log in and the supplied DEK to be
encrypted with a KEK (keys encryption key).
KEK is burned once on the nic, along with credentials for users,
and for a user to log in, he is needed to supply his creds wrapped with
the KEK.
A device comes out of the Mellanox factory with a pre-defined import
method for each algorithm. The defined method could be wrapped
mode, so the device can be used as described above, or
plaintext mode, without the need to log in and wrap supplied DEKs.

Support crypto operations with the plaintext import method.

Signed-off-by: Raja Zidane <rzidane@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
23d3a468c4 examples/ipsec-secgw: fix promiscuous mode option
Currently default value of promiscuous mode flag is true and
even there is command line argument to set it to true.
So it never is in non-promiscuous mode. Fix it by
changing default value to false.

Fixes: d299106e8e ("examples/ipsec-secgw: add IPsec sample application")
Cc: stable@dpdk.org

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Volodymyr Fialko
a8ade12123 examples/ipsec-secgw: create lookaside sessions at init
In event lookaside mode same session could be handled with multiple
cores, and session creation in datapath will cause situation where
multiple cores will try to create same session simultaneously.
To avoid such case and enable event lookaside mode in future, lookaside
sessions are now created at initialization in sa_add_rules().

All sessions(inline and lookaside) now created during init process, so
session pool information was removed from ipsec context. Core id was
added to obtain correct crypto device queue pair for the current core.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Volodymyr Fialko
8e814e18c1 examples/ipsec-secgw: destroy lookaside sessions
Lookaside mode also creates security and crypto sessions that needs to
be destroyed after they are no longer used.

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Volodymyr Fialko
0b512a92b7 examples/ipsec-secgw: fix uninitialized memory access
rte_flow_validate and rte_flow_create not always initialize flow error.
Using error.message in some error cases will cause read from
uninitialized memory.

Fixes: 6738c0a956 ("examples/ipsec-secgw: support flow director")
Cc: stable@dpdk.org

Signed-off-by: Volodymyr Fialko <vfialko@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
0d76e22d11 examples/ipsec-secgw: add poll mode worker for inline proto
Add separate worker thread when all SA's are of type
inline protocol offload and librte_ipsec is enabled
in order to make it more optimal for that case.
Current default worker supports all kinds of SA leading
to doing lot of per-packet checks and branching based on
SA type which can be of 5 types of SA's.

Also make a provision for choosing different poll mode workers
for different combinations of SA types with default being
existing poll mode worker that supports all kinds of SA's.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
4fbfa6c7c9 examples/ipsec-secgw: update eth header during route lookup
Update ethernet header during route lookup instead of doing
way later while performing Tx burst. Advantages to doing
is at route lookup is that no additional IP version checks
based on packet data are needed and packet data is already
in cache as route lookup is already consuming that data.

This is also useful for inline protocol offload cases
of v4inv6 or v6inv4 outbound tunnel operations as
packet data will not have any info about what is the tunnel
protocol.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
c7e6d808e5 examples/ipsec-secgw: get security context from lcore conf
Store security context pointer in lcore Rx queue config and
get it from there in fast path for better performance.
Currently rte_eth_dev_get_sec_ctx() which is meant to be control
path API is called per packet basis. For every call to that
API, ethdev port status is checked.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
a2b445b810 examples/ipsec-secgw: allow larger burst size for vectors
Allow larger burst size of vector event mode instead of restricting
to 32. Also restructure traffic type struct to have num pkts first
so that it is always in first cacheline. Also cache align
traffic type struct. Since MAX_PKT_BURST is not used by
vector event mode worker, define another macro for its burst
size so that poll mode perf is not effected.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:34 +02:00
Nithin Dabilpuram
d04bb1c526 examples/ipsec-secgw: use HW parsed packet type in poll mode
Use HW parsed packet type when ethdev supports necessary protocols.
If packet type is not supported, then register ethdev callbacks
for parse packet in SW. This is better for performance as it
effects fast path.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:33 +02:00
Nithin Dabilpuram
d24471e578 examples/ipsec-secgw: disable Tx checksum for inline
Enable Tx IPv4 checksum offload only when Tx inline crypto, lookaside
crypto/protocol or cpu crypto is needed.
For Tx Inline protocol offload, checksum computation
is implicitly taken care by HW.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>
2022-06-01 16:26:33 +02:00
Nithin Dabilpuram
dcbf9ad5fd examples/ipsec-secgw: move fast path helper functions
Move fast path helper functions to header file for easy access.

Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
2022-06-01 16:26:33 +02:00
Rahul Bhansali
b4ee9c07bd config/arm: disable SVE ACLE for CN10K
This disable the sve_acle flag for cn10k.

For native build, -Dplatform=cn10k will require to
get sve_acle flag parameter in the build.

Performance impact:-
With l3fwd example, lpm lookup performance increased
by ~21% if Neon is used instead of SVE. Hence, disabled
sve_acle flag for cn10k.

Signed-off-by: Rahul Bhansali <rbhansali@marvell.com>
Reviewed-by: Chengwen Feng <fengchengwen@huawei.com>
Acked-by: Ruifeng Wang <ruifeng.wang@arm.com>
2022-06-02 00:36:35 +02:00
Rahul Bhansali
4eea7c6461 config/arm: add SVE ACLE control flag
An additional check of control flag sve_acle for
RTE_HAS_SVE_ACLE macro to be part of the build.
If any SoC config doesn't have sve_acle flag parameter
then default it will be considered as true.

Signed-off-by: Rahul Bhansali <rbhansali@marvell.com>
Reviewed-by: Chengwen Feng <fengchengwen@huawei.com>
Reviewed-by: Juraj Linkeš <juraj.linkes@pantheon.tech>
Acked-by: Ruifeng Wang <ruifeng.wang@arm.com>
2022-06-02 00:36:24 +02:00
Harman Kalra
bb7e178c40 config/arm: add ThunderX T83
Adding support for Marvell ThunderX T83 platform.

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Acked-by: Ruifeng Wang <ruifeng.wang@arm.com>
2022-06-02 00:06:05 +02:00
Tomasz Duszynski
d1422d107d common/cnxk: support CNF950_A0
Add PCI IDs which match CNF95O_A0 SoC.

Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
2022-06-01 22:30:32 +02:00
Rahul Bhansali
dd462f68f0 common/cnxk: support CN103XX platform
Added support for CN103XX (cn10kb) platform.

Signed-off-by: Rahul Bhansali <rbhansali@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2022-06-01 21:58:38 +02:00
Thomas Monjalon
b251bb7630 eal/ppc: undefine AltiVec keyword vector
The AltiVec header file is defining "vector", except in C++ build.
The keyword "vector" may conflict easily.
As a rule, it is better to use the alternative keyword "__vector".

The DPDK header file rte_altivec.h takes care of undefining "vector",
so the applications and dependencies are free to define the name "vector".

This is a compatibility breakage for applications which were using
the keyword "vector" for its AltiVec meaning.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Tested-by: Ali Alnubani <alialnu@nvidia.com>
Acked-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
2022-06-01 16:51:53 +02:00
Cian Ferriter
30278c443a doc: remove reference to pcapng init function
The rte_pcapng_init function doesn't exist, so remove it from the docs.

Also fix minor mistakes in the file.

Signed-off-by: Cian Ferriter <cian.ferriter@intel.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
2022-06-01 16:39:30 +02:00
Quentin Armitage
c882eb5448 pcapng: fix timestamp wrapping in output files
In pcap_tsc_to_ns(), delta * NSEC_PER_SEC will overflow approx 8
seconds after pcap_init is called when using a TSC with a frequency
of 2.5GHz.

To avoid the overflow, update the saved time and TSC value once
delta >= tsc_hz.

Fixes: 8d23ce8f5e ("pcapng: add new library for writing pcapng files")
Cc: stable@dpdk.org

Signed-off-by: Quentin Armitage <quentin@armitage.org.uk>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
2022-06-01 16:39:25 +02:00
Cristian Dumitrescu
d65c56c443 examples/pipeline: support hash functions
Add example for hash function operation.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 16:09:46 +02:00
Cristian Dumitrescu
92f2944daf pipeline: support hash functions
Add support for hash functions that compute a signature for an array
of bytes read from a packet header or meta-data. Useful for flow
affinity-based load balancing.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 16:01:37 +02:00
Cristian Dumitrescu
80dd28aff8 examples/pipeline: improve learner table timers
Added the rearm counter to the statistics. Updated the learner table
example to the new learner table timer operation.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:22:41 +02:00
Cristian Dumitrescu
e2ecc53582 pipeline: improve learner table timers
Enable the pipeline to use the improved learner table timer operation
through the new "rearm" instruction.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:14:31 +02:00
Cristian Dumitrescu
8186c0bbc9 table: improve learner table timers
Previously, on lookup hit, the hit key had its timer automatically
rearmed with the same timeout in order to prevent its expiration. Now,
a broader set of actions is available on lookup hit, which has to be
managed explicitly: the key can have its timer rearmed with the same
or with a different timeout, or the key timer can be left unmodified.
The latter option allows the key to expire naturally when the timer
eventually runs out, unless the key is hit again and its timer rearmed
at that point. Needed by the TCP connection tracking state machine.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:04:46 +02:00
Cristian Dumitrescu
49b3e173c7 examples/pipeline: add packet recirculation example
Add example program to illustrate packet recirculation.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
5ec76d29dc pipeline: support packet recirculation
Add support for packet recirculation. The current packet is flagged
for recirculation using the new "recirculate" instruction; on TX, this
flag causes the packet to execute the full pipeline again as if it was
a new packet, except the packet meta-data is preserved. The new
"recircid" instruction can be used to read the pass number in case the
packet goes several times through the pipeline.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
5e54e2e004 examples/pipeline: add packet mirroring example
Add example program to illustrate packet mirroring.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
172254555f examples/pipeline: support packet mirroring
Add CLI commands for packet mirroring.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Signed-off-by: Yogesh Jangra <yogesh.jangra@intel.com>
Signed-off-by: Kamalakannan R <kamalakannan.r@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
dac0ecd909 pipeline: support packet mirroring
The packet mirroring is configured through slots and sessions, with
the number of slots and sessions set at init.

The new "mirror" instruction assigns one of the existing sessions to a
specific slot, which results in scheduling a mirror operation for the
current packet to be executed later at the time the packet is either
transmitted or dropped.

Several copies of the same input packet can be mirrored to different
output ports by using multiple slots.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Signed-off-by: Kamalakannan R <kamalakannan.r@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
b94eb6cd35 port: support packet mirroring
Add packet clone operation to the output ports in order to support
packet mirroring.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Signed-off-by: Kamalakannan R <kamalakannan.r@intel.com>
2022-06-01 15:04:34 +02:00
Cristian Dumitrescu
73d94b009f pipeline: support default action arguments
Add support for arguments to the default action of regular and learner
tables at initialization time. Until now, only default actions with no
arguments were accepted in the .spec file.

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Signed-off-by: Yogesh Jangra <yogesh.jangra@intel.com>
2022-06-01 13:56:30 +02:00
Cristian Dumitrescu
775be5b539 pipeline: fix emit instruction for invalid headers
Fix the emit instruction for the pathological case of all headers to
be emitted being invalid. In this case, the for loop was essentially
skipped and the last emitted header (or an invalid memory location)
getting corrupted by setting its size to 0 through the assignment to
ho->n_bytes right after the for loop.

Fixes: d60dbdc88a ("pipeline: create inline functions for emit instruction")
Cc: stable@dpdk.org

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Signed-off-by: Venkata Suresh Kumar P <venkata.suresh.kumar.p@intel.com>
Signed-off-by: Yogesh Jangra <yogesh.jangra@intel.com>
2022-06-01 13:06:06 +02:00
David Marchand
924de7b8e6 devtools: fix null test for NUMA systems
On NUMA systems, default cores (0 and 1) might be on different memory
nodes. Double the amount of memory.

Fixes: 9e6b36c34c ("app/testpmd: reduce memory consumption")
Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
2022-06-01 12:49:46 +02:00
Dmitry Kozlyuk
53bb9a073f doc: rewrite shell scripts in Python
Shell used in documentation generation could not run on Windows.
Rewrite scripts in Python.
New scripts use proper path separators and handle paths with spaces.

Signed-off-by: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
Reviewed-by: Bruce Richardson <bruce.richardson@intel.com>
2022-06-01 11:53:35 +02:00
Dmitry Kozlyuk
a9d84ead56 doc: fix API index Markdown syntax
API documentation index had spaces between link caption and URL,
which may be unsupported by some Markdown implementations.
That is, "[caption](URL)" is valid but "[caption] (URL)" is not.
The problematic behavior is observed with Doxygen on Windows.
Remove the spaces.
Unfortunately, Markdown syntax is not formally specified.

Fixes: 9bf486e606 ("doc: generate HTML for API with doxygen")

Signed-off-by: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
2022-06-01 11:53:05 +02:00
Dmitry Kozlyuk
e4c2241419 doc: simplify CSS customization for Doxygen
CSS for API documentation was customized by a shell script
modifying the file that Doxygen produces.
This way CSS code is kept in a script and an extra build step is added.
Move custom style to a plain CSS file.
Use Doxygen capability to attach this extra stylesheet.

Signed-off-by: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
2022-06-01 11:26:11 +02:00
Ben Magistro
4d75f3fcde mbuf: dump outer VLAN
Enable printing of the outer VLAN if flags indicate it is present.

Cc: stable@dpdk.org

Signed-off-by: Ben Magistro <koncept1@gmail.com>
Reviewed-by: Morten Brørup <mb@smartsharesystems.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2022-06-01 11:15:37 +02:00
Stephen Hemminger
eeab353b79 rib: mark error checks with unlikely
Also mark some conditional functions as const.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Morten Brørup <mb@smartsharesystems.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2022-06-01 10:58:12 +02:00
Stephen Hemminger
1b984e98a3 rib: fix traversal with /32 route
If a /32 route is entered in the RIB the code to traverse
will not see end of the tree. This is due to trying
to do a negative shift which is an undefined in C.

Fix by checking for max depth as is already done in rib6.

Fixes: 5a5793a5ff ("rib: add RIB library")
Cc: stable@dpdk.org

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2022-06-01 08:59:56 +02:00