The four function declarations have no function implementation,
remove them.
Fixes: 0db70a8030 ("app/testpmd: add commands for filters")
Cc: stable@dpdk.org
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Ipsec-secgw application is modified so that it can support
following type of actions for crypto operations
1. full protocol offload using crypto devices.
2. inline ipsec using ethernet devices to perform crypto operations
3. full protocol offload using ethernet devices.
4. non protocol offload
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
The crypto action is specified by an application to request
crypto offload for a flow.
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Reviewed-by: John McNamara <john.mcnamara@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
rte_flow_action type and ethdev updated to support rte_security
sessions for crypto offload to ethernet device.
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Add security crypto flags and update mbuf fields to support
IPsec crypto offload for transmitted packets, and to indicate
crypto result for received packets.
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
The ESP header is required for IPsec crypto actions.
Signed-off-by: Boris Pismenny <borisp@mellanox.com>
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Extend the Doxygen documentation of rte_cryptodev_info_get,
to describe how it returns the capabilities of a device.
Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Removes any dependency of librte_cryptodev on the PCI device
infrastructure code and removes the functions which were virtual
device specific.
Updates QAT crypto PMD to remove dependencies on rte_cryptodev_pci.h
and replaces those calls with the new bus independent functions.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Removes any dependency of librte_cryptodev on the virtual device
infrastructure code and removes the functions which were virtual
device specific.
Updates all virtual PMDs to remove dependencies on rte_cryptodev_vdev.h
and replaces those calls with the new bus independent functions.
Due to these changes, the cryptodev ABI version gets bumped.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Tomasz Duszynski <tdu@semihalf.com>
Adds new PMD assist functions which are bus independent for driver to
create and destroy new device instances.
Also includes function to parse parameters which can be passed to
driver on device initialisation.
Signed-off-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
digest sizes are not a fixed value, but a range between
1 and the maximum digest size for those algorithms.
Fixes: 26c2e4ad5a ("cryptodev: add capabilities discovery")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Arkadiusz Kusztal <arkadiuszx.kusztal@intel.com>
For AEAD algorithms, the physical address for the digest
was being set incorrectly.
Fixes: 2661f4fbe9 ("examples/l2fwd-crypto: add AEAD parameters")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
According to rfc4106 the IV should be unique and can be implemented
as counter.
The changed was created because putting an analyzer on wire and
comparing packets generated by this application and Linux kernel.
Linux kernel sets IV as BE, so it is worth to do the same for
future debug / comparison.
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Search for session also with AEAD algorithms.
Fixes: 501e9c226a ("examples/ipsec-secgw: add AEAD parameters")
Cc: stable@dpdk.org
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
AEAD algorithms were not being added in the mapping
between algorithms and crypto devices, only cipher and
authentication chained algorithms.
Fixes: 501e9c226a ("examples/ipsec-secgw: add AEAD parameters")
Cc: stable@dpdk.org
Signed-off-by: Aviad Yehezkel <aviadye@mellanox.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Enable out of place buffer test cases in nxp dpaa2_sec
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
IPv6 payload length header field should contain only the number of bytes
following the IPv6 header and not the entire packet size.
Fixes: f159e70b09 ("examples/ipsec-secgw: support transport mode")
Fixes: 906257e965 ("examples/ipsec-secgw: support IPv6")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
When compiling with an application that includes rte_cryptodev.h with
Ofast, an error is reported regarding enumeration
RTE_CRYPTO_OP_TYPE_UNDEFINED not handled in switch case in function
__rte_crypto_op_reset().
Fix this by adding a case for RTE_CRYPTO_OP_TYPE_UNDEFINED.
Fixes: c0f87eb525 ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Fix port id issues and keep variables related to port ids in
consistent data type definition "uint16_t".
Remove unnecessary cast in the meanwhile.
Fixes: f8244c6399 ("ethdev: increase port id range")
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
In case MUSDK dma memory has been already initialized by a different
driver (and perhaps do the different size) mv_sys_dma_mem_init()
will return -EEXIST error code.
Printing extra message makes it clear.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Using non-existent configuration option for enabling debug
messages will actually never enable them.
Fixes: 8a61c83af2 ("crypto/mrvl: add mrvl crypto driver")
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Since CRYPTODEV_NAME_MRVL_CRYPTO_PMD is undefined RTE_STR() expands
it to "CRYPTODEV_NAME_MRVL_CRYPTO_PMD" instead of "crypto_mrvl".
This patch fixes that by using proper name definition in debug logs.
Fixes: 8a61c83af2 ("crypto/mrvl: add mrvl crypto driver")
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Since new_ip and ip4 are overlapping buffers copying ip4 over new_ip
using memmove() might overwrite memory at ip4. This could happen if
following condition holds:
ip_hdr_len > sizeof(struct esp_hdr) + sa->iv_len
Thus using ip4 to check ip version is wrong as it might not contain
proper value.
Fixes: f159e70b09 ("examples/ipsec-secgw: support transport mode")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Reviewed-by: Aviad Yehezkel <aviadye@mellanox.com>
The code would crash for segmented buffer if no check.
Fixes: 8d1f3a5d75 ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The code would crash in case of segmented buffer if no check
Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Since the packet lengths are modified, it is not required to
explicitly reset the ICV.
Fixes: 13273250ee ("crypto/dpaa2_sec: support AES-GCM and CTR")
Fixes: 8d1f3a5d75 ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Since the packet lengths are modified, it is not required to
explicitly reset the ICV.
Fixes: c3e85bdcc6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
The unit test for flow classify should be disabled
if the library is disabled in the configuration.
Fixes: 9c9befea4f ("test: add flow classify unit tests")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
Fixes: c711ccb309 ("ivshmem: remove library and its EAL integration")
Fixes: e8009a077d ("doc: group classification libraries in doxygen index")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: John McNamara <john.mcnamara@intel.com>
This commit adds a new function to disable the runtime mapped
service-cores check. This allows an application to take responsibility
of running unmapped services.
This feature is useful in cases like unit tests, where the application
code (or unit test in this case) requires accurate control over when
the service function is called to ensure correct behaviour, and when
an application has an advanced use-case and wishes to manage services
manually.
Signed-off-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
This commit adds a new function which allows an application lcore
(aka; *not* a dedicated service-lcore) to run a service. This
function is required to allow applications to gradually port
functionality to using services, while still being able to run
ordinary application functions.
This requirement became clear when a patch to the existing
eventdev/pipeline sample app was modified to use a service-core
for scheduling - and that same core should be capable of running
the "worker()" function from the application too.
This patch refactors the existing running code into a smaller
"service_run" function, which can be called by the dedicated
service-core loop, and the newly added function.
[1] http://dpdk.org/ml/archives/dev/2017-October/079876.html
Signed-off-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
Add Rx adapter queue add and delete API for both generic eth_devices as
well as HW backed eth_octeontx which supports direct event injection to
event device.
The HW injected event needs to be converted into mbuf, previously this
was done in eth_octeontx during rx_burst now it is moved to
event_octeontx as events from Rx adapter are dequeued directly from
event device.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
Reviewed-by: Nikhil Rao <nikhil.rao@intel.com>
Add functions to modify and delete qos responsible for mapping eth queues
to event queues used for configuring event Rx adapter.
The mbox functions have been moved from octeontx_pkivf.c to
octeontx_pkivf.h to allow event_octeontx to access them.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
With the introduction of eventdev-ethdev RX adapter support in event
device, some of the event device will have dependency on their respective
ethernet drivers. This patch adds the net as a dependency for eventdevs.
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>