Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH
Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
rte_cryptodev_pmd_init_params should use NUMA node of the QAT device
for its socket_id rather than the socket_id of the initializing process.
Signed-off-by: Lee Roberts <lee.roberts@hpe.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
While trying to do a shared build one will get linkage error
since a couple of library dependencies are missing from a makefile.
At some point there was a batch update of all PMDs but mrvl crypto was
missed back then.
Necessary makefile changes were introduced in
commit cbc12b0a96 ("mk: do not generate LDLIBS from directory dependencies")
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
MRVL Crypto PMD supports most of the hash algorithms covered
by test suites thus specific bits should be set in pmd_masks.
Otherwise blockcipher authonly test returns success even though no
real tests have been executed.
Fixes: 84e0ded38a ("test/crypto: add mrvl crypto unit tests")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Pass an rte_driver to the RTE_PMD_REGISTER_CRYPTO_DRIVER macro
rather than an unspecified container which holds an rte_driver.
All the macro actually needs is the rte_driver, not the
container holding it.
This paves the way for a later patch in which a driver
will be registered which does not naturally derive from a
container and so avoids having to create an arbitrary container
to pass in the rte_driver.
This patch changes the cryptodev lib macro and all the
PMDs which use it.
Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
This patch marks rte_vhost_gpa_to_vva() as deprecated because
it is unsafe. Application relying on this API should move
to the new rte_vhost_va_from_guest_pa() API, and check
returned length to avoid out-of-bound accesses.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch uses the new rte_vhost_va_from_guest_pa() API
to ensure all the descriptor buffer is mapped contiguously
in the application virtual address space.
It does not handle buffers discontiguous in host virtual
address space, but only return an error.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch uses the new rte_vhost_va_from_guest_pa() API
to ensure all the descriptor buffer is mapped contiguously
in the application virtual address space.
As the application did not checked return of previous API,
this patch just print an error if the buffer address isn't in
the vhost memory regions or if it is scattered. Ideally, it
should handle scattered buffers gracefully.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch uses the new rte_vhost_va_from_guest_pa() API
to ensure the application doesn't perform out-of-bound
accesses either because of a malicious guest providing an
incorrect descriptor length, or because the buffer is
contiguous in guest physical address space but not in the
host process virtual address space.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch enables the handling of buffers non-contiguous in
process virtual address space in the enqueue path when mergeable
buffers are used.
When virtio-net header doesn't fit in a single chunck, it is
computed in a local variable and copied to the buffer chuncks
afterwards.
For packet content, the copy length is limited to the chunck
size, next chuncks VAs being fetched afterward.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch enables the handling of buffers non-contiguous in
process virtual address space in the enqueue path when mergeable
buffers aren't used.
When virtio-net header doesn't fit in a single chunck, it is
computed in a local variable and copied to the buffer chuncks
afterwards.
For packet content, the copy length is limited to the chunck
size, next chuncks VAs being fetched afterward.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch enables the handling of buffers non-contiguous in
process virtual address space in the dequeue path.
When virtio-net header doesn't fit in a single chunck, it is
copied into a local variablei before being processed.
For packet content, the copy length is limited to the chunck
size, next chuncks VAs being fetched afterward.
This issue has been assigned CVE-2018-1059.
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch adds support for non-contiguous indirect descriptor
tables in VA space.
When it happens, which is unlikely, a table is allocated and the
non-contiguous content is copied into it.
This issue has been assigned CVE-2018-1059.
Reported-by: Yongji Xie <xieyongji@baidu.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch ensures that all the address range is mapped when
translating addresses from master's addresses (e.g. QEMU host
addressess) to process VAs.
This issue has been assigned CVE-2018-1059.
Reported-by: Yongji Xie <xieyongji@baidu.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This new rte_vhost_va_from_guest_pa API takes an extra len
parameter, used to specify the size of the range to be mapped.
Effective mapped range is returned via len parameter.
This issue has been assigned CVE-2018-1059.
Reported-by: Yongji Xie <xieyongji@baidu.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
There is currently no check done on the length when translating
guest addresses into host virtual addresses. Also, there is no
guanrantee that the guest addresses range is contiguous in
the host virtual address space.
This patch prepares vhost_iova_to_vva() and its callers to
return and check the mapped size. If the mapped size is smaller
than the requested size, the caller handle it as an error.
This issue has been assigned CVE-2018-1059.
Reported-by: Yongji Xie <xieyongji@baidu.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
This patch fixes the size passed at the indirect descriptor
table translation time, which is the len field of the descriptor,
and not a single descriptor.
This issue has been assigned CVE-2018-1059.
Fixes: 62fdb8255a ("vhost: use the guest IOVA to host VA helper")
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Support of strlcpy has recently been added to DPDK.
This replacement has been generated by the coccinelle script:
devtools/cocci.sh devtools/cocci/strlcpy.cocci
Fixes: 0d0f478d04 ("eal/linux: add uevent parse and process")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Add few details to remind TSO flag, checksum flags and header lengths.
The doxygen syntax for MPLS-in-UDP is fixed.
Fixes: d95188551f ("mbuf: introduce new Tx offload flag for MPLS-in-UDP")
Cc: stable@dpdk.org
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
When introducing rte_eth_tx_prepare(), the constraints on checksum
pre-filling for Tx offloads were relaxed because implemented in
the PMDs with rte_net_intel_cksum_flags_prepare() helper.
As a consequence, these old requirements are removed for:
- PKT_TX_OUTER_IP_CKSUM
- PKT_TX_IP_CKSUM
- PKT_TX_[L4]_CKSUM
- PKT_TX_TCP_SEG
Not sure SCTP offload is properly implemented though.
A reference to rte_eth_tx_prepare() is added in rte_eth_tx_burst() doc.
Fixes: 609dd68ef1 ("mbuf: enhance the API documentation of offload flags")
Fixes: 4fb7e803eb ("ethdev: add Tx preparation")
Cc: stable@dpdk.org
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Fix logical/alphabetical ordering, spacing, and syntax typo.
Fixes: 8fb3b25760 ("maintainers: call out subtree committers")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Add support for building MRVL MVPP2 PMD with meson. To avoid cluttering
the build environment and to keep all relevant settings local to a cross
build we get MUSDK library installation path from a meson option.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Rename the version file to follow standard naming convention.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
The make based build system has crc+crypto instruction
support for the default arm64 build.
http://dpdk.org/browse/dpdk/tree/mk/machine/armv8a/rte.vars.mk#n31
This patch fixes the disparity with meson build flags for armv8.
As a bonus, This patch fixes the following errors with
ip_pipeline example application.
Assembler messages:
Error: selected processor does not support `crc32cx w3,w3,x0'
Fixes: c6e536e384 ("build: add more implementers IDs and PNs for ARM")
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Tested-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Add librte_rawdev to the meson build of DPDK.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Meson build currently tracks the dependencies between libraries, which
can often make things easier, but has the side-effect of slowing down
the initial meson run if too many duplicated dependencies are provided.
Therefore, we remove dependencies from the dpaa items where other
dependencies already depend on those. This provides a noticable speed-up
in meson configuration runs when lots of sample apps are included in the
build.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
When a required library is missing on a platform, rather than having
meson report an error about the missing variable, catch the problem
earlier and provide a more readable message.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
To test building all relevant example applications as part of a build, we
add support for the "all" keyword to be passed to the "examples" build
option. Since not all examples can actually be built on all systems,
we also add support for the "build" option inside the sub-dirs. However,
in case where "all" is not used, and a particular example is requested
to be built, we will error out if building the requested app is not
possible.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
When building with meson, set build to false when building unsupported
example apps on FreeBSD.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
The l2fwd-cat example uses the pqos library to work, so make the meson
build dependent on the presence of that library
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
A number of example apps are not supported by the meson build system yet,
but to allow future testing with "-Dexamples=all" we add in a placeholder
meson.build file indicating that the apps should not be built.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Harry van Haaren <harry.van.haaren@intel.com>
Unless a library cannot be built for a specific platform (generally
BSD), it will always be available. Therefore remove checks for IP
fragmentation and ACL libraries, since these are built for all
platforms.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
The meson.build files for building the kernel modules directory could
be improved now that it is extracted from the EAL. For example, no
global processing is necessary inside the kernel folder, just need to
subdir to the appropriate bsd or linux folder to do the actual work.
To avoid potential race conditions with the BSD module builds when
the kernel build system is creating the dev_if.h and other files,
we serialize the kernel module builds (all 2 of them!) by setting
up each module to depend on all the previous.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Tested-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Meson reports the toolchain using cc.get_id and we can set RTE_TOOLCHAIN,
RTE_TOOLCHAIN_X in dpdk_conf so that it can be used by both x86 and arm.
Suggested-by: Bruce Richardson <bruce.richardson@intel.com>
Signed-off-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
This patch fixes a trivial typo in the programmer's guide.
Fixes: 1733be6d31 ("doc: new eal multi-pthread feature")
Cc: stable@dpdk.org
Signed-off-by: Rami Rosen <rami.rosen@intel.com>
In case of application build with shared library mode unless
option '-d' is passed, poll mode driver for devices is not
initialized. Notifying the user just after rte_eal_init is
pro active way of intimating the user.
Signed-off-by: Vipin Varghese <vipin.varghese@intel.com>
Acked-by: Reshma Pattan <reshma.pattan@intel.com>
Which per port offloads are enabled is not clear. Printing offloads
values at forwarding start.
CRC strip offload value was printed in more verbose manner, it is
removed since Rx/Tx offload values covers it and printing only CRC one
can cause confusion.
Hexadecimal offloads values are not very user friendly but preferred to
not create to much noise during forwarding start.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Yongseok Koh <yskoh@mellanox.com>
Starting from Linux v3.16 pci_is_bridge() is in linux/pci.h,
in previous versions it is in drivers/pci/pci.h which is private header.
Fix build error when calling pci_is_bridge by not calling/supporting
pci_is_bridge with kernel versions before 3.16.
Fixes: 6f0841b770 ("igb_uio: bind error if PCIe bridge")
Reported-by: Ferruh Yigit <ferruh.yigit@intel.com>
Signed-off-by: Scott Branden <scott.branden@broadcom.com>
Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
ICC complains about variable being used before its value is set.
Since the variable is only assigned in the for loop,
its declaration is moved inside and is initialized.
lib/librte_eventdev/rte_event_timer_adapter.c(708): error #592:
variable "ret" is used before its value is set
RTE_SET_USED(ret);
Fixes: 6750b21bd6 ("eventdev: add default software timer adapter")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com>
Unused variables will appear when setting RTE_LIBRTE_I40E_PMD
to be disabled.
The fix was to move these variables to the I40E_PMD scope,
since only I40E_PMD is using it.
Fixes: a9dbe18022 ("fix ethdev port id validation")
Signed-off-by: Wisam Jaddo <wisamm@mellanox.com>
The hugedir returned by get_hugepage_dir is allocated by strdup
but not released. Replace snprintf with a more suitable strlcpy.
Coverity issue: 272585
Fixes: cb97d93e9d ("mem: share hugepage info primary and secondary")
Signed-off-by: Yangchao Zhou <zhouyates@gmail.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
Sometimes gcc does not inline the function despite keyword *inline*,
we observe rte_movX is not inline when doing performance profiling,
so use *always_inline* keyword to force gcc to inline the function.
Signed-off-by: Junjie Chen <junjie.j.chen@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
The original code replies on the private channel for primary and
secondary communication. Change to use the generic multi-process
channel.
Note with this change, dpdk-pdump will be not compatible with
old version DPDK applications.
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Reshma Pattan <reshma.pattan@intel.com>
