5535 Commits

Author SHA1 Message Date
Ruifeng Wang
316095eb41 lpm: use atomic store to avoid partial update
Compiler could generate non-atomic stores for whole table entry
updating. This may cause incorrect nexthop to be returned, if
the byte with valid flag is updated prior to the byte with nexthop
is updated.
Besides, field by field updating of table entries follow
read-modify-write sequences. The operations are not atomic,
nor efficient. And could cause entries out of synchronization.

Changed to use atomic store to update whole table entry.

Suggested-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
Suggested-by: Gavin Hu <gavin.hu@arm.com>
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2019-07-19 12:37:14 +02:00
Ruifeng Wang
be8c9ad0c2 lpm: avoid race conditions for v20
When a tbl8 group is getting attached to a tbl24 entry, lookup
might fail even though the entry is configured in the table.

For ex: consider a LPM table configured with 10.10.10.1/24.
When a new entry 10.10.10.32/28 is being added, a new tbl8
group is allocated and tbl24 entry is changed to point to
the tbl8 group. If the tbl24 entry is written without the tbl8
group entries updated, a lookup on 10.10.10.9 will return
failure.

Correct memory orderings are required to ensure that the
store to tbl24 does not happen before the stores to tbl8 group
entries complete.

Besides, explicit structure alignment is used to address atomic
operation building issue with older version clang.

Suggested-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2019-07-19 12:37:09 +02:00
Ruifeng Wang
dd728f9fe1 lpm: avoid race conditions for v1604
When a tbl8 group is getting attached to a tbl24 entry, lookup
might fail even though the entry is configured in the table.

For ex: consider a LPM table configured with 10.10.10.1/24.
When a new entry 10.10.10.32/28 is being added, a new tbl8
group is allocated and tbl24 entry is changed to point to
the tbl8 group. If the tbl24 entry is written without the tbl8
group entries updated, a lookup on 10.10.10.9 will return
failure.

Correct memory orderings are required to ensure that the
store to tbl24 does not happen before the stores to tbl8 group
entries complete.

The ordering patches in general have no notable impact on LPM
performance test on both Arm A72 platform and x86 E5 platform.

Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2019-07-19 12:37:03 +02:00
Ruifeng Wang
c63d004bdd lpm: uninline some functions
Tests showed that the function inlining caused performance drop
on some x86 platforms with the memory ordering patches applied.
By force no-inline functions, the performance was better than
before on x86 and no impact to arm64 platforms.

Besides inlines of other functions are removed to let compiler
to decide whether to inline.

Suggested-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Acked-by: Vladimir Medvedkin <vladimir.medvedkin@intel.com>
2019-07-19 12:36:57 +02:00
Stephen Hemminger
8570a88d42 cfgfile: use calloc
Better to use calloc when allocating arrays.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
2019-07-19 00:48:43 +02:00
Stephen Hemminger
0cfffed310 cfgfile: use log for error messages
In general, DPDK libraries to not print error messages to
stdout because that is often redirected to /dev/null for daemons.
This patch changes cfgfile library to use RTE_LOG with its
own type.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
2019-07-19 00:47:50 +02:00
Stephen Hemminger
1b58407653 cfgfile: remove unnecessary initialization
No need to initialize variable if it is immediately overwritten.
It is better style not do unnecessary initialization with modern
tools since it lets compiler and other static checkers detect
uninitialized data.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
2019-07-19 00:47:44 +02:00
Erik Gabriel Carrillo
c485a5e65a timer: fix null access if not initialized
If the timer subsystem is not initialized before rte_timer_manage (for
example) is invoked, a pointer to a shared hugepage memory region will
still be null and dereferenced when it is checked for validity; handle
this case.

Fixes: c0749f7096c7 ("timer: allow management in shared memory")
Cc: stable@dpdk.org

Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com>
2019-07-18 23:14:53 +02:00
Harman Kalra
acc6e5503e distributor: fix check of workers number
No of workers should never exceed RTE_MAX_LCORE.
RTE_DIST_ALG_SINGLE also require no of workers check.

Fixes: 775003ad2f96 ("distributor: add new burst-capable library")
Cc: stable@dpdk.org

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Acked-by: David Hunt <david.hunt@intel.com>
2019-07-17 22:35:19 +02:00
Thomas Monjalon
b685129c79 eal: update comment about --no-huge option
The old comment, on top of the function rte_eal_has_hugepages(),
is really outdated and not generic enough.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-07-17 19:53:06 +02:00
Gavin Hu
be0330cb1b hash: flush rings instead of dequeuing one by one
Within rte_hash_reset, calling a while loop to dequeue one by
one from the ring, while not using them at all, is wasting cycles,
The patch just flush the ring by resetting the indices can save CPU
cycles.

Signed-off-by: Gavin Hu <gavin.hu@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Acked-by: Yipeng Wang <yipeng1.wang@intel.com>
2019-07-17 19:52:37 +02:00
Gavin Hu
272d87b01b ring: add reset function for flushing
Currently, the flush is done by dequeuing the ring in a while loop. It is
much simpler to flush the queue by resetting the head and tail indices.

Signed-off-by: Gavin Hu <gavin.hu@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2019-07-17 19:51:56 +02:00
Sunil Kumar Kori
d601426a27 ip_frag: remove remaining IP checkum offload flag
Currently PKT_TX_IP_CKSUM is being set into mbuf->ol_flags during
fragmentation operation implicitly by the library. Because of this,
application is forced to use checksum offload whether it is supported
by platform or not.

Also documentation does not provide any expected value of ol_flags in
returned fragmented mbufs so application will never come to know that which
offloads are enabled. So transmission may be failed for the platforms which
does not support checksum offload.

So removing mentioned flag from the library.

Mentioned change is part of http://patches.dpdk.org/patch/53475.
Changes for reassembly operation is already accepted. This patch set
implements the similar change for fragmentation operation.

Fixes: e29fc44370c2 ("ip_frag: remove IP checkum offload flag")

Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
2019-07-16 13:23:04 +02:00
Takeshi Yoshimura
e072d16f89 vfio: fix expanding DMA area in ppc64le
In ppc64le, expanding DMA areas always fail because we cannot remove
a DMA window. As a result, we cannot allocate more than one memseg in
ppc64le. This is because vfio_spapr_dma_mem_map() doesn't unmap all
the mapped DMA before removing the window. This patch fixes this
incorrect behavior.

I also fixed the order of ioctl for unregister and unmap. The ioctl
for unregister sometimes report device busy errors due to the
existence of mapped area.

Signed-off-by: Takeshi Yoshimura <tyos@jp.ibm.com>
Acked-by: David Christensen <drc@linux.vnet.ibm.com>
2019-07-16 12:56:03 +02:00
Harman Kalra
44dc7c0a26 metrics: add function to deinitialise library
Once the library usage is over, it must be deinitialized which
will free the shared memory reserved during initialization.

Observed an issue while running 'metrics_autotest' continuously
without quiting. For the first run 'metrics_autotest' passes
all test cases but second run onwards first test case fails
because metrics library is already initialized during first run.

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Acked-by: Remy Horton <remy.horton@intel.com>
Acked-by: Reshma Pattan <reshma.pattan@intel.com>
2019-07-16 12:45:30 +02:00
Yangchao Zhou
5eb1708ec1 kni: fix kernel crash with multi-segments
va2pa depends on the physical address and virtual address offset of
current mbuf. It may get the wrong physical address of next mbuf which
allocated in another hugepage segment.

In rte_mempool_populate_default(), trying to allocate whole block of
contiguous memory could be failed. Then, it would reserve memory in
several memzones that have different physical address and virtual address
offsets. The rte_mempool_populate_default() is used by
rte_pktmbuf_pool_create().

Fixes: 8451269e6d7b ("kni: remove continuous memory restriction")
Cc: stable@dpdk.org

Signed-off-by: Yangchao Zhou <zhouyates@gmail.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-07-15 22:48:20 +02:00
Stephen Hemminger
dbb69b7b64 kni: fix style
rte_kni does not follow standard style rules.
Noticed some extra \ line continuation etc.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-07-15 19:15:34 +02:00
Anatoly Burakov
e6d3c09282 eal/freebsd: fix config creation
The config create function did not store the mem config address in
the shared memconfig structure, so the secondary processes couldn't
map it at the required address.

Fixes: b149a7064261 ("eal/freebsd: add config reattach in secondary process")
Cc: stable@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
2019-07-14 15:37:19 +02:00
Takeshi Yoshimura
22a55d2eb6 vfio: fix build on Linux < 4.2
The commit db90b4969e2e ("vfio: retry creating sPAPR DMA window")
introduced a build breakage on old Linux. Linux <4.2 does not define ddw in
struct vfio_iommu_spapr_tce_info. Without ddw, we cannot change window size
and so should give up the creation. I just exculuded the retrying code if
ddw is not supported.

Fixes: db90b4969e2e ("vfio: retry creating sPAPR DMA window")

Signed-off-by: Takeshi Yoshimura <tyos@jp.ibm.com>
Tested-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-07-11 11:28:20 +02:00
Bernard Iremonger
8d244bb3a3 flow_classify: fix out-of-bounds access
This patch fixes the out-of-bounds coverity issue by removing the
offending line of code at line 107 in rte_flow_classify_parse.c
which is never executed.

Coverity issue: 343454
Fixes: be41ac2a330f ("flow_classify: introduce flow classify library")
Cc: stable@dpdk.org

Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
2019-07-10 23:41:25 +02:00
Anatoly Burakov
f3330a2650 fbarray: fix destruction
Currently, when fbarray is destroyed, the fbarray structure is not
zeroed out, which leads to stale data being there and confusing
secondary process init in legacy mem mode. Fix it by always
memsetting the fbarray to zero when destroying it.

Fixes: 5b61c62cfd76 ("fbarray: add internal tailq for mapped areas")
Cc: stable@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-07-10 23:27:46 +02:00
David Marchand
89aac60e0b vfio: fix interrupts race condition
Populating the eventfd in rte_intr_enable in each request to vfio
triggers a reconfiguration of the interrupt handler on the kernel side.
The problem is that rte_intr_enable is often used to re-enable masked
interrupts from drivers interrupt handlers.

This reconfiguration leaves a window during which a device could send
an interrupt and then the kernel logs this (unsolicited from the kernel
point of view) interrupt:
[158764.159833] do_IRQ: 9.34 No irq handler for vector

VFIO api makes it possible to set the fd at setup time.
Make use of this and then we only need to ask for masking/unmasking
legacy interrupts and we have nothing to do for MSI/MSIX.

"rxtx" interrupts are left untouched but are most likely subject to the
same issue.

Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1654824
Fixes: 5c782b3928b8 ("vfio: interrupts")
Cc: stable@dpdk.org

Signed-off-by: David Marchand <david.marchand@redhat.com>
Tested-by: Shahed Shaikh <shshaikh@marvell.com>
2019-07-10 18:53:47 +02:00
Stephen Hemminger
6efc06725f cmdline: use new ethernet address parser
Now that there is a version of ether_aton in rte_ether, it can
be used by the cmdline ethernet address parser.

Note: ether_aton_r can not be used in cmdline because
the old code would accept either bytes XX:XX:XX:XX:XX:XX
or words XXXX:XXXX:XXXX and we need to keep compatibility.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2019-07-08 21:26:52 +02:00
Stephen Hemminger
7750b036d8 net: speedup ethernet address comparison with bitops
Using bit operations like or and xor is faster than a loop
on all architectures. Really just explicit unrolling.

Similar cast to uint16 unaligned is already done in
other functions here.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2019-07-08 21:26:52 +02:00
Stephen Hemminger
22d2103dfe ethdev: use new ethernet parsing function
Use rte_eth_unformat_addr, so that ethdev can be built and work
without the cmdline library. The dependency on cmdline was
an arrangement of convenience anyway.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-07-08 21:26:52 +02:00
Stephen Hemminger
596d31092d net: add function to convert string to ethernet address
Make a function that can be used in place of eth_aton_r
to convert a string to rte_ether_addr. This function
allows both byte (xx:xx:xx:xx:xx:xx) and word (XXXX:XXXX:XXXX)
format and has the same lack of error handling as the original.

This also allows ethdev to no longer have a hard dependency
on the cmdline library.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Andrew Rybchenko <arybchenko@solarflare.com>
2019-07-08 21:26:52 +02:00
Stephen Hemminger
3bdd09ae07 net: deinline non-critical ethernet functions
Formatting Ethernet address and getting a random value are
not in critical path so they should not be inlined.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Rami Rosen <ramirose@gmail.com>
Reviewed-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
2019-07-08 21:26:52 +02:00
Xiaoyu Min
3374db1857 ethdev: add GRE key field to flow API
Add new rte_flow_item_gre_key in order to match the optional key field.

Signed-off-by: Xiaoyu Min <jackmin@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
2019-07-08 21:26:52 +02:00
Maxime Coquelin
906accb60b vhost: log virtio and vhost-user negotiated features
Having this info logged by default when analysing bug reports
has proved to be useful.

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Tiwei Bie <tiwei.bie@intel.com>
2019-07-08 21:26:52 +02:00
Honnappa Nagarahalli
b0437f8b02 hash: load value after full key compare
When a hash entry is added, there are 2 sets of stores.

1) The application writes its data to memory (whose address
is provided in rte_hash_add_key_with_hash_data API (or NULL))
2) The rte_hash library writes to its own internal data structures;
key store entry and the hash table.

The only ordering requirement between these 2 is that - store
to the application data must complete before the store to key_index.
There are no ordering requirements between the stores to
key/signature and store to application data. The synchronization
point for application data can be any point between the 'store to
application data' and 'store to the key_index'. So, 'pdata' should not
be a guard variable for the data in hash table. It should be a guard
variable only for the application data written to the memory location
pointed by 'pdata'. Hence, in the lookup functions, 'pdata' can be
loaded after full key comparison succeeds.

The synchronization point for the application data (store-release
to 'pdata' in key store) is changed to be consistent with the order
of loads in lookup function. However, this change is cosmetic and
does not affect the functionality.

Fixes: e605a1d36 ("hash: add lock-free r/w concurrency")
Cc: stable@dpdk.org

Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Yipeng Wang <yipeng1.wang@intel.com>
2019-07-08 20:03:39 +02:00
Honnappa Nagarahalli
4d9ca3ed21 hash: use ordered loads only if signature matches
Relaxed signature comparison is done first. Further ordered loads
are done only if the signature matches. Any false positives are
caught by the full key comparison. This provides performance
benefits as load-acquire is executed only when required.

Fixes: e605a1d36 ("hash: add lock-free r/w concurrency")
Cc: stable@dpdk.org

Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
Tested-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Yipeng Wang <yipeng1.wang@intel.com>
2019-07-08 20:00:23 +02:00
Dilshod Urazov
468d4c4e20 eventdev: fix error sign
Fixes: c9bf83947e2e ("eventdev: add eth Tx adapter APIs")
Fixes: 47d05b292820 ("eventdev: add timer adapter common code")
Fixes: 6750b21bd6af ("eventdev: add default software timer adapter")
Fixes: c75f7897ea35 ("eventdev: set error code in port link/unlink functions")
Fixes: 7d1acc9dde93 ("eventdev: introduce helper function for enqueue burst")
Fixes: 406aed4e0dd9 ("eventdev: add errno-style return values")
Fixes: cc7b73ea9e3b ("eventdev: add new software timer adapter")
Cc: stable@dpdk.org

Signed-off-by: Dilshod Urazov <dilshod.urazov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
2019-07-07 13:23:57 +02:00
Gage Eads
7a0ac7cdb4 service: promote experimental functions to stable
The functions rte_service_may_be_active(), rte_service_lcore_attr_get(),
and rte_service_attr_reset_all() were introduced nearly a year ago in DPDK
18.08. They can be considered non-experimental for the 19.08 release.

rte_service_may_be_active() is used by the sw PMD, and this commit allows
it to not need any experimental API.

Signed-off-by: Gage Eads <gage.eads@intel.com>
2019-07-08 12:35:06 +02:00
Sunil Kumar Kori
e29fc44370 ip_frag: remove IP checkum offload flag
Currently PKT_TX_IP_CKSUM is being set into mbuf->ol_flags
during fragmentation and reassemble operation implicitly.
Because of this, application is forced to use checksum offload
whether it is supported by platform or not.

Also documentation does not provide any expected value of ol_flags
in returned mbuf (reassembled or fragmented) so application will never
come to know that which offloads are enabled. So transmission may be failed
for the platforms which does not support checksum offload.

Also, IPv6 does not contain any checksum field in header so setting
mbuf->ol_flags with PKT_TX_IP_CKSUM is itself invalid.

So removing mentioned flag from the library.

Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2019-07-08 11:04:01 +02:00
Krzysztof Kanas
d32411d034 eal: fix typo in comments
Fixes: a753e53d517b ("eal: add device event monitor framework")
Fixes: af75078fece3 ("first public release")
Cc: stable@dpdk.org

Signed-off-by: Krzysztof Kanas <kkanas@marvell.com>
2019-07-08 10:57:14 +02:00
Phil Yang
2173f3333b mcslock: add MCS queued lock implementation
If there are multiple threads contending, they all attempt to take the
spinlock lock at the same time once it is released. This results in a
huge amount of processor bus traffic, which is a huge performance
killer. Thus, if we somehow order the lock-takers so that they know who
is next in line for the resource we can vastly reduce the amount of bus
traffic.

This patch added MCS lock library. It provides scalability by spinning
on a CPU/thread local variable which avoids expensive cache bouncings.
It provides fairness by maintaining a list of acquirers and passing the
lock to each CPU/thread in the order they acquired the lock.

Signed-off-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Steve Capper <steve.capper@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Gavin Hu <gavin.hu@arm.com>
2019-07-07 23:45:22 +02:00
Takeshi Yoshimura
db90b4969e vfio: retry creating sPAPR DMA window
sPAPR allows only page_shift from VFIO_IOMMU_SPAPR_TCE_GET_INFO ioctl.
However, Linux 4.17 or before returns incorrect page_shift for Power9.
I added the code for retrying creation of sPAPR DMA window.

Signed-off-by: Takeshi Yoshimura <tyos@jp.ibm.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
2019-07-07 23:20:23 +02:00
Fan Zhang
cd5b860c18 ipsec: support header construction
Add support for RFC 4301(5.1.2) to update of
Type of service field and Traffic class field
bits inside ipv4/ipv6 packets for outbound cases
and inbound cases which deals with the update of
the DSCP/ENC bits inside each of the fields.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2019-07-05 15:28:14 +02:00
Nicolas Chautru
b443f318c6 bbdev: extend API for 5G FEC
Extension to BBDEV operations to support 5G
on top of existing 4G operations.

Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Acked-by: Amr Mokhtar <amr.mokhtar@intel.com>
2019-07-05 15:28:14 +02:00
Nicolas Chautru
c4b0d66376 bbdev: rename non-generic LTE specific structure
Renaming of the enums and structure which were LTE specific to
allow for extension and support for 5GNR operations.

Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Acked-by: Amr Mokhtar <amr.mokhtar@intel.com>
2019-07-05 15:28:14 +02:00
Damian Nowak
90197eb094 cryptodev: add digest encrypted feature flag
Some PMDs can only support digest being
encrypted separately in auth-cipher operations.
Thus it is required to add feature flag in PMD
to reflect if it does support digest-appended
both: digest generation with encryption and
decryption with digest verification.
This patch also adds information about new
feature flag to the release notes.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2019-07-05 15:28:14 +02:00
Damian Nowak
735b77dd85 cryptodev: document usage of digest-appended operations
This patch explains what are the conditions
and how to use digest appended for auth-cipher
operations.

Signed-off-by: Damian Nowak <damianx.nowak@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
2019-07-05 15:28:14 +02:00
Junxiao Shi
b482a57863 cryptodev: free memzone when releasing device
When a cryptodev is created in a primary process,
rte_cryptodev_data_alloc reserves a memzone.
However, this memzone was not released when the cryptodev
is uninitialized. After that, new cryptodev cannot be
created due to memzone name conflict.

This commit frees the memzone when a cryptodev is
uninitialized, fixing this bug. This approach is chosen
instead of keeping and reusing the old memzone, because
the new cryptodev could belong to a different NUMA socket.

Also, rte_cryptodev_data pointer is now properly recorded
in cryptodev_globals.data array.

Bugzilla ID: 105

Signed-off-by: Junxiao Shi <git@mail1.yoursunny.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05 15:28:14 +02:00
Lukasz Bartosik
8734e669fc ipsec: include high order bytes of ESN in packet length
When esn is used then high-order 32 bits are included in ICV
calculation however are not transmitted. Update packet length
to be consistent with auth data offset and length before crypto
operation. High-order 32 bits of esn will be removed from packet
length in crypto post processing.

Signed-off-by: Lukasz Bartosik <lbartosik@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05 15:28:14 +02:00
Konstantin Ananyev
e95291f019 ipsec: support multi-segment packets
Add support for packets that consist of multiple segments.
Take into account that trailer bytes (padding, ESP tail, ICV)
can spawn across multiple segments.

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05 15:28:14 +02:00
Marcin Smoczynski
2c1887fad0 ipsec: fix transport mode for IPv6 with extensions
Reconstructing IPv6 header after encryption or decryption requires
updating 'next header' value in the preceding protocol header, which
is determined by parsing IPv6 header and iteratively looking for
next IPv6 header extension.

It is required that 'l3_len' in the mbuf metadata contains a total
length of the IPv6 header with header extensions up to ESP header.

Fixes: 4d7ea3e1459b ("ipsec: implement SA data-path API")
Cc: stable@dpdk.org

Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2019-07-05 15:28:14 +02:00
Marcin Smoczynski
1f79768ca6 net: add IPv6 header extension parsing function
Introduce new function for IPv6 header extension parsing able to
determine extension length and next protocol number.

This function is helpful when implementing IPv6 header traversing.

Signed-off-by: Marcin Smoczynski <marcinx.smoczynski@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
2019-07-05 15:28:14 +02:00
Anoob Joseph
c9030ae382 cryptodev: add feature flags to disable
Adding a new field, ff_disable, to allow applications to control the
features enabled on the crypto device. This would allow for efficient
usage of HW/SW offloads.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
2019-07-05 15:03:25 +02:00
Arek Kusztal
fac52fb26a cryptodev: add option to support both IV and J0 for GCM
This patch adds an option to support both IV (of all supported sizes)
and J0 when using Galois Counter Mode of crypto operation.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
2019-07-05 14:52:25 +02:00
Saleh Alsouqi
2318d8d545 net: define IPv4 IHL and VHL
Define IPv4 Minimum IHL and VHL according to rfc791 (see [1])

    "The Version field indicates the format of the
    internet header."

    "Internet Header Length (ihl) is the length of the
    internet header in 32 bit words, and thus points
    to the beginning of the data. Note that
    the minimum value for a correct header is 5."

[1] https://tools.ietf.org/html/rfc791

Signed-off-by: Saleh Alsouqi <salehals@mellanox.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
2019-07-05 01:52:01 +02:00