Do a global replace of snprintf(..."%s",...) with strlcpy, adding in the
rte_string_fns.h header if needed. The function changes in this patch were
auto-generated via command:
spatch --sp-file devtools/cocci/strlcpy.cocci --dir . --in-place
and then the files edited using awk to add in the missing header:
gawk -i inplace '/include <rte_/ && ! seen { \
print "#include <rte_string_fns.h>"; seen=1} {print}'
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
For files that already have rte_string_fns.h included in them, we can
do a straight replacement of snprintf(..."%s",...) with strlcpy. The
changes in this patch were auto-generated via command:
spatch --sp-file devtools/cocci/strlcpy-with-header.cocci --dir . --in-place
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Added meson workarounds to build helloworld on Windows.
Windows currently only supports kvargs and eal libraries.
This change restricts the build flow to supported libraries
only.
Signed-off-by: Anand Rawat <anand.rawat@intel.com>
Signed-off-by: Pallavi Kadam <pallavi.kadam@intel.com>
Reviewed-by: Jeff Shaw <jeffrey.b.shaw@intel.com>
Reviewed-by: Ranjit Menon <ranjit.menon@intel.com>
Acked-by: Harini Ramakrishnan <harini.ramakrishnan@microsoft.com>
The distributor application is bottlenecked by the distributor core,
so if we can give more frequency to this core, then the overall
performance of the application may increase.
This patch uses the rte_power_get_capabilities() API to query the
cores provided in the core mask, and if any high frequency cores are
found (e.g. Turbo Boost is enabled), we will pin the distributor
workload to that core.
Signed-off-by: Liang Ma <liang.j.ma@intel.com>
Signed-off-by: David Hunt <david.hunt@intel.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
Most examples have in their makefiles a default RTE_TARGET directory to be
used in case RTE_TARGET is not set. Rather than just using a hard-coded
default, we can instead detect what the build directory is relative to
RTE_SDK directory.
This fixes a potential issue for anyone who continues to build using
"make install T=x86_64-native-linuxapp-gcc" and skips setting RTE_TARGET
explicitly, instead relying on the fact that they were building in a
directory which corresponded to the example default path - which was
changed to "x86_64-native-linux-gcc" by commit 218c4e68c1 ("mk: use
linux and freebsd in config names").
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
Update for handling negative returned status from functions
call.
Signed-off-by: Lukasz Krakowiak <lukaszx.krakowiak@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
This patch adds the functional test scripts to ipsec-secgw
sample application for both transport and tunnel working
mode.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
This patch adds the functional test scripts to ipsec-secgw
sample application for both transport and tunnel working
mode.
Updated a bit on common_defs to use "mktemp" instead of "tempfile"
as Fedora does not like the command.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
This patch enables plain SHA algorithm CAVP test support
in fips_validation sample application.
Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
Improve debug code in esp.c, sa.c and ipsec-secgw.c
Fixes: f159e70b09 ("examples/ipsec-secgw: support transport mode")
Fixes: ec17993a14 ("examples/ipsec-secgw: support security offload")
Fixes: 0d547ed037 ("examples/ipsec-secgw: support configuration file")
Fixes: 906257e965 ("examples/ipsec-secgw: support IPv6")
Cc: stable@dpdk.org
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch fixes the incorrect block size for AES-CTR in
legacy mode. Originally, wrong block size will cause
esp_inbound() drop AES-CTR encrypted packets if the payload
sizes not equal to multiple times of 16.
Fixes: 4470c22de2 ("examples/ipsec-secgw: add AES-CTR")
Cc: stable@dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
The default config is used if the setup parameter is NULL.
No need to query the default config with rte_eth_dev_info_get().
The function call will be removed with another useless info.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Rami Rosen <ramirose@gmail.com>
Start ethdev after the Rx/Tx adapter setup is complete as in some
architectures it might lead to undefined behaviour or events being
dropped.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Reviewed-by: Nikhil Rao <nikhil.rao@intel.com>
Some eventdevs support configuring max events to be -1 (open system).
Check eventdev and event port configuration with eventdev info before
configuring them.
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Harry van Haaren <harry.van.haaren@intel.com>
Rather than using linuxapp and bsdapp everywhere, we can change things to
use the, more readable, terms "linux" and "freebsd" in our build configs.
Rather than renaming the configs we can just duplicate the existing ones
with the new names using symlinks, and use the new names exclusively
internally. ["make showconfigs" also only shows the new names to keep the
list short] The result is that backward compatibility is kept fully but any
new builds or development can be done using the newer names, i.e. both
"make config T=x86_64-native-linuxapp-gcc" and "T=x86_64-native-linux-gcc"
work.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Rename the macro to make things shorter and more comprehensible. For
both meson and make builds, keep the old macro around for backward
compatibility.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
This patch fixes 2 typos in examples/ethtool:
There is no such thing as ethtool_ops::get_driverinfo
It should be get_drvinfo:
see include/linux/ethtool.h in the kernel tree.
rte_net_change_mtu should be ndo_change_mtu:
see include/linux/netdevice.h in the kernel tree.
Fixes: bda68ab9d1 ("examples/ethtool: add user-space ethtool sample application")
Cc: stable@dpdk.org
Signed-off-by: Rami Rosen <ramirose@gmail.com>
Acked-by: Remy Horton <remy.horton@intel.com>
The vhost_scsi example code is set to build, even if the requisite header
file virtio_scsi.h isn't available. This happens on some Ubuntu systems
when some versions of the libc-dev package aren't available.
Check whether the virtio_scsi.h file exists, and if not, set the build
flag to false.
Signed-off-by: Aaron Conole <aconole@redhat.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
The vhost_crypto example app can't be used without the DPDK vhost
library, so disable the build of the example if the lib hasn't been
built.
Fixes: f5188211c7 ("examples/vhost_crypto: add sample application")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
The ip_pipeline example requires the epoll.h header from linux, so
disable building the example if the header cannot be found.
Fixes: 4bbf8e30aa ("examples/ip_pipeline: add CLI interface")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
The bpf folder didn't actual contain a test application, but instead
basic examples of BPF code for use with testpmd. Therefore we can
move it to the `examples` folder. Being different, it also needs
a README with it, explaining what it is and how to use it. References
to the code from the testpmd docs are suitably updated.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
This patch fixes the missed digest and aad data physical
addresses filling to crypto operations in fips_validation
sample application.
Fixes: 41d561cbdd ("examples/fips_validation: add power on self test")
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
This patch fixes the incorrect session private mempool passing
to cryptodev.
Fixes: ac5e42daca ("vhost/crypto: use separate session mempools")
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Add the missing failure handling for path allocation,
as realloc() may fail.
Fixes: ad0eef4d22 ("examples/vhost: support multiple socket files")
Cc: stable@dpdk.org
Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch fixes the incorrect session private mempool passing
to cryptodev.
Fixes: 41d561cbdd ("examples/fips_validation: add power on self test")
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Previous commit sets mtu to the same value as max_rx_pkt_len.
Though PMDs (at least Intel ones) consider MTU as
max_rx_pkt_len minus ether header, crc bytes, vlan tags.
Fixes: 73d2c1d3f3 ("examples/ip_fragmentation: support big packets")
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
When KNI interface receives RTE_KNI_REQ_CFG_NETWORK_IF request, it
stap/start the physical device which as a result of stop() can free all
the mbufs in its queue.
Meanwhile sample application continues to read from KNI interface queues
and push into device queues. This simultaneous access may cause a crash,
crash log can be found at defect description.
As a solution KNI sample application can do the proper synchronization,
and stop transfer between KNI interface and physical interface while
physical device stop/started.
Bugzilla ID: 116
Fixes: 3fc5ca2f63 ("kni: initial import")
Cc: stable@dpdk.org
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Phil Yang <phil.yang@arm.com>
This minor patch fixes a typo in examples/vhost/main.c.
Fixes: d19533e86f ("examples/vhost: copy old vhost example")
Cc: stable@dpdk.org
Signed-off-by: Rami Rosen <ramirose@gmail.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
The definition of MAX_PRINT_BUFF in examples/tep_termination/main.c
is not necessary as it is not used. This cleanup patch removes it.
Fixes: a50245ede7 ("examples/tep_term: initialize VXLAN sample")
Cc: stable@dpdk.org
Signed-off-by: Rami Rosen <ramirose@gmail.com>
In some vendors the RX and TX configuration must be the same, therefore
the MTU size need to be equal to max_rx_pkt_len.
The MTU is the largest size packet in bytes that can be sent on the
network, therefore before changing this parameter, the NIC could not
receive packets larger than 1500 bytes, which is the default MTU size.
In addition, scatter-gather need to be enabled in order to receive
frames bigger than mbuf size.
Signed-off-by: Noa Ezra <noae@mellanox.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
This patch fixes a bug introduced in the 64-core limitation
enhancement where the core_id is inadvertently converted from
virtual to physical even though it may already be a physical
core_id.
We should be using the core_type field, and only converting via
hypervisor when core_type is set to CORE_TYPE_VIRTUAL
Fixes: 5776b7a371 ("examples/power: allow VM to use lcores over 63")
Signed-off-by: David Hunt <david.hunt@intel.com>
Reviewed-by: Lei Yao <lei.a.yao@intel.com>
Tested-by: Lei Yao <lei.a.yao@intel.com>
The vm_power_manager starts by setting the environment to acpi
using rte_power_set_env(PM_ENV_ACPI_CPUFREQ). This causes a problem
starting vm_power_manager when the system is using the intel_pstate
driver. The env should be set to none, or not called at all, because
the library now auto-detects the environment to be either acpi or
intel_pstate. This patch sets the environment to none so that the
library can successfully auto-detect.
Fixes: e6c6dc0f96 ("power: add p-state driver compatibility")
Signed-off-by: David Hunt <david.hunt@intel.com>
This cleanup patch removes a method and a constant which
are now unnecessary in the VHOST sample application, namely
the validate_num_devices() method and the MAX_DEVICES
constant.
Signed-off-by: Rami Rosen <ramirose@gmail.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Previous patch removed the VLAN item from example code.
This patch fixes the code and documentation accordingly.
Code update includes fix of comments, and removal of redundant
variables and their initialization.
Documentation update reflects the code changes done in previous
patch and in this patch.
Fixes: 9af4eb5657 ("examples/flow_filtering: remove VLAN item")
Cc: stable@dpdk.org
Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
The purpose of these scripts is to automate ipsec-secgw functional testing.
The scripts require two machines (SUT and DUT) connected through
at least 2 NICs and running linux (so far tested only on Ubuntu 18.04).
Introduced test-cases for the following scenarios:
- Transport/Tunnel modes
- AES-CBC SHA1
- AES-GCM
- ESN on/off
- legacy/librte_ipsec code path
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Changes to make ipsec-secgw data-path code to utilize librte_ipsec library.
Note that right now by default current (non-librte_ipsec) code-path will
be used. User has to run application with new command-line option ('-l')
to enable new codepath.
Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Changes to make ipsec-secgw to utilize librte_ipsec library.
That patch provides:
- changes in the related data structures.
- changes in the initialization code.
- new command-line parameters to enable librte_ipsec codepath
and related features.
Note that right now by default current (non-librte_ipsec) code-path will
be used. User has to run application with new command-line option ('-l')
to enable new codepath.
The main reason for that:
- current librte_ipsec doesn't support all ipsec algorithms
and features that the app does.
- allow users to run both versions in parallel for some time
to figure out any functional or performance degradation with the
new code.
It is planned to deprecate and remove non-librte_ipsec code path
in future releases.
Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
In the inbound_sa_check() make sure that sa pointer stored
inside mbuf private area is not NULL.
Fixes: d299106e8e ("examples/ipsec-secgw: add IPsec sample application")
Cc: stable@dpdk.org
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
in sp4.c and sp6.c there are few globals that used only locally.
Define them as static ones.
Cc: stable@dpdk.org
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Looking at process_pkts_outbound_nosp() there seems few issues:
- accessing mbuf after it was freed
- invoking ipsec_outbound() for ipv4 packets only
- copying number of packets, but not the mbuf pointers itself
that patch provides fixes for that issues.
Fixes: 906257e965 ("examples/ipsec-secgw: support IPv6")
Cc: stable@dpdk.org
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
In some cases crypto-ops could never be dequeued from the crypto-device.
The easiest way to reproduce:
start ipsec-secgw with crypto-dev and send to it less then 32 packets.
none packets will be forwarded.
Reason for that is that the application does dequeue() from crypto-queues
only when new packets arrive.
This patch makes the app to call dequeue() on a regular basis.
Also to make code cleaner and easier to understand,
it separates crypto-dev enqueue() and dequeue() code paths.
pkt_process() now only enqueues packets into crypto device,
dequeuing and final processing is done by drain_crypto_queues().
Fixes: c64278c0c1 ("examples/ipsec-secgw: rework processing loop")
Cc: stable@dpdk.org
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
In some cases it is useful to allow user to specify destination
ether address for outgoing packets.
This patch adds such ability by introducing new 'neigh' config
file option.
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Right now ipsec-secgw always enables TX offloads
(DEV_TX_OFFLOAD_MULTI_SEGS, DEV_TX_OFFLOAD_SECURITY),
even when they are not requested by the config.
That causes many PMD to choose full-featured TX function,
which in many cases is much slower then one without offloads.
That patch adds ability for the user to disable unneeded HW offloads.
If DEV_TX_OFFLOAD_IPV4_CKSUM is disabled by user, then
SW version of ip cksum calculation is used.
That allows to use vector TX function, when inline-ipsec is not
requested.
Signed-off-by: Remy Horton <remy.horton@intel.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch adds a sample power on self-test to fips_validate
sample application.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Damian Nowak <damianx.nowak@intel.com>
