rte_cryptodev_get_header_session_size() and
rte_cryptodev_get_private_session_size() functions are
targeting symmetric sessions.
With the future addition of asymmetric operations,
these functions need to be renamed from *cryptodev_*_session_*
to *cryptodev_sym_*_session_* to be symmetric specific.
The two original functions are marked as deprecated
and will be removed in 18.08, so applications can still
use the functions in 18.05.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Shally Verma <shally.verma@caviumnetworks.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Deepak Kumar Jain <deepak.k.jain@intel.com>
The basic operations for ports enumeration should not be
considered as experimental in DPDK 18.05.
The iterator RTE_ETH_FOREACH_DEV was introduced in DPDK 17.05.
It uses the function the rte_eth_find_next_owned_by() to get
only ownerless ports. Its API can be considered stable.
So the flag experimental is removed from rte_eth_find_next_owned_by().
The flag experimental is removed from rte_eth_dev_count_avail()
which is the new name of the old function rte_eth_dev_count().
The flag experimental is set to rte_eth_dev_count_total()
in the .c file for consistency with the declaration in the .h file.
A lot of internal applications are fixed to not allow experimental API.
Fixes: 8728ccf376 ("fix ethdev ports enumeration")
Fixes: d9a42a69fe ("ethdev: deprecate port count function")
Fixes: e70e26861e ("net/mvpp2: fix build")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Tested-by: David Marchand <david.marchand@6wind.com>
The code is incorrectly updating the authxform instead of
aead xforms.
Fixes: b79e4c00af ("cryptodev: use AES-GCM/CCM as AEAD algorithms")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Some DPDK applications wrongly assume these requirements:
- no hotplug, i.e. ports are never detached
- all allocated ports are available to the application
Such application iterates over ports by its own mean.
The most common pattern is to request the port count and
assume ports with index in the range [0..count[ can be used.
In order to fix this common mistake in all external applications,
the function rte_eth_dev_count is deprecated, while introducing
the new functions rte_eth_dev_count_avail and rte_eth_dev_count_total.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Some DPDK applications wrongly assume these requirements:
- no hotplug, i.e. ports are never detached
- all allocated ports are available to the application
Such application iterates over ports by its own mean.
The most common pattern is to request the port count and
assume ports with index in the range [0..count[ can be used.
There are three consequences when using such wrong design:
- new ports having an index higher than the port count won't be seen
- old ports being detached (RTE_ETH_DEV_UNUSED) can be seen as ghosts
- failsafe sub-devices (RTE_ETH_DEV_DEFERRED) will be seen by the application
Such mistake will be less common with growing hotplug awareness.
All applications and examples inside this repository - except testpmd -
must be fixed to use the iterator RTE_ETH_FOREACH_DEV.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Increase the default RX/TX ring sizes to 1024/1024 to
accommodate for NICs with higher throughput (25G, 40G etc)
Signed-off-by: Kevin Laatz <kevin.laatz@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Since the DPDK build now includes both static and shared libraries, we need
a new way to enable building the examples using either method from the one
installation. To do this, we add in a default "shared" target, and a
separate "static" target which links in the DPDK static libraries. In both
cases, the final application name is symlinked to the last-built static or
shared target, with both binaries able to co-exist in the build directory.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
Change the example app Makefiles to query if DPDK is installed and
registered using pkg-config. If so, build directly using pkg-config info,
otherwise fall back to using the original build system with RTE_SDK and
RTE_TARGET
This commit changes the makefiles for the basic examples, i.e. those which
do not have multiple subdirectories underneath the main examples dir.
Examples not covered are:
* ethtool
* multi_process
* performance-thread
* quota_watermark
* netmap_compat
* server_node_efd
* vm_power_manager
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Luca Boccassi <bluca@debian.org>
Reorder the text in the makefiles, so that the app name and the source
files are listed first. This then will allow them to be shared later in a
combined makefile building with pkg-config and RTE_SDK-based build system.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Luca Boccassi <bluca@debian.org>
Add support for having selected example apps built as part of a meson,
ninja build. By default none are built, and those to be built should be
named directly in the -Dexamples='' meson configuration argument.
This is useful for developers working on a feature who want to use a
suitable example, or examples, to test that feature, as they can compile
everything up in one go, and run the example without having to do a ninja
install first.
This commit adds examples which don't consist of multiple apps in
subdirectories to the meson build, so they can be built by default by
passing -Dexamples parameter to meson.
Not included are the following examples:
* ethtool
* multi-process
* netmap_compat
* performance-thread
* quota_watermark
* server_node_efd
* vm_power_manager
To test the apps added here, use the following command, merged to one line,
to add them to your meson build (command to be run inside the build
directory):
meson configure -Dexamples=bbdev_app,bond,cmdline,distributor,\
eventdev_pipeline_sw_pmd, exception_path,helloworld,\
ip_fragmentation,ip_pipeline,ip_reassembly, ipsec-secgw,\
ipv4_multicast,kni,l2fwd-cat,l2fwd-crypto,l2fwd-jobstats,\
l2fwd-keepalive,l2fwd,l3fwd-acl,l3fwd-power,l3fwd-vf,l3fwd,\
link_status_interrupt,load_balancer,packet_ordering,ptpclient,\
qos_meter,qos_sched,rxtx_callbacks,skeleton,tep_termination,\
timer,vhost,vhost_scsi,vmdq,vmdq_dcb
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Reviewed-by: Luca Boccassi <bluca@debian.org>
Replace the BSD license header with the SPDX tag for files
with only an Intel copyright on them.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
All PCI functionality should be hidden from apps via the PCI bus driver,
the EAL and individual device drivers. Therefore remove the inclusion of
rte_pci.h from sample apps.
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Renamed data type from phys_addr_t to rte_iova_t.
Signed-off-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
The following inline functions and macros have been renamed to be
consistent with the IOVA wording:
rte_mbuf_data_dma_addr -> rte_mbuf_data_iova
rte_mbuf_data_dma_addr_default -> rte_mbuf_data_iova_default
rte_pktmbuf_mtophys -> rte_pktmbuf_iova
rte_pktmbuf_mtophys_offset -> rte_pktmbuf_iova_offset
The deprecated functions and macros are kept to avoid breaking the API.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
The function rte_malloc_virt2phy() is renamed to rte_malloc_virt2iova().
The deprecated name is kept as an alias to avoid breaking the API.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
The memzone header is often included without good reason.
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
For AEAD algorithms, the physical address for the digest
was being set incorrectly.
Fixes: 2661f4fbe9 ("examples/l2fwd-crypto: add AEAD parameters")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Fix port id issues and keep variables related to port ids in
consistent data type definition "uint16_t".
Remove unnecessary cast in the meanwhile.
Fixes: f8244c6399 ("ethdev: increase port id range")
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
According to the API, AES-CCM has special requirements
when setting IV and AAD fields.
The L2fwd-crypto app is updated to set the nonce (IV)
and AAD in the right positions in these two fields
(1 byte after start of IV field and 18 bytes after start
of AAD).
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
errno should be initialized to 0 before calling strtol
Fixes: 1df9c0109f ("examples/l2fwd-crypto: parse key parameters")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
rte_cryptodev_socket_id() returns the socket id of
a crypto device, unless the device id is not valid,
in which case, it returns -1.
This should not happen, as the device id is controlled
by the application, but just for safety, a check is added.
Coverity issue: 158628, 158638, 158656, 158662
Fixes: b3bbd9e5f2 ("cryptodev: support device independent sessions")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
This patch adds a new option to enable/disable the
MAC addresses updating done at forwarding time: --[no-]mac-updating
By default, MAC address updating remains enabled, to keep consistency
with previous usage.
Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
AEAD key was being set using the cipher key parameters,
instead of the AEAD key parameters.
Fixes: 2661f4fbe9 ("examples/l2fwd-crypto: add AEAD parameters")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
IV was not being set for AEAD algorithms.
Fixes: 2661f4fbe9 ("examples/l2fwd-crypto: add AEAD parameters")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Digest length was not being set when using authentication
algorithms.
Fixes: 2661f4fbe9 ("examples/l2fwd-crypto: add AEAD parameters")
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Additional Authenticated Data (AAD) is called "aad" in most
places of cryptodev, but it was called "add_auth_data"
in the AEAD transform transform (aead_xform).
This field is renamed to "aad_length" in order to keep
consistency.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
The session mempool pointer is needed in each queue pair,
if session-less operations are being handled.
Therefore, the API is changed to accept this parameter,
as the session mempool is created outside the
device configuration function, similar to what ethdev
does with the rx queues.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Change crypto device's session management to make it
device independent and simplify architecture when session
is intended to be used on more than one device.
Sessions private data is agnostic to underlying device
by adding an indirection in the sessions private data
using the crypto driver identifier.
A single session can contain indirections to multiple device types.
New function rte_cryptodev_sym_session_init has been created,
to initialize the driver private session data per driver to be
used on a same session, and rte_cryptodev_sym_session_clear
to clear this data before calling rte_cryptodev_sym_session_free.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Instead of creating the session mempool while configuring
the crypto device, apps will create the mempool themselves.
This way, it gives flexibility to the user to have a single
mempool for all devices (as long as the objects are big
enough to contain the biggest private session size) or
separate mempools for different drivers.
Also, since the mempool is now created outside the
device configuration function, now it needs to be passed
through this function, which will be eventually passed
when setting up the queue pairs, as ethernet devices do.
Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz@intel.com>
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Now that all the structures/functions for AEAD algorithms
are in place, migrate the two supported algorithms
AES-GCM and AES-CCM to these, instead of using
cipher and authentication parameters.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Since there is a new operation type (AEAD), add parameters
for this in the application.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Some extra functions have been created to avoid
too many nested conditionals.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Digest length was duplicated in the authentication transform
and the crypto operation structures.
Since digest length is not expected to change in a same
session, it is removed from the crypto operation.
Also, the length has been shrunk to 16 bits,
which should be sufficient for any digest.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Additional authenticated data (AAD) information was duplicated
in the authentication transform and in the crypto
operation structures.
Since AAD length is not meant to be changed in a same session,
it is removed from the crypto operation structure.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Authentication algorithms, such as AES-GMAC or the wireless
algorithms (like SNOW3G) use IV, like cipher algorithms.
So far, AES-GMAC has used the IV from the cipher structure,
and the wireless algorithms have used the AAD field,
which is not technically correct.
Therefore, authentication IV parameters have been added,
so API is more correct. Like cipher IV, auth IV is expected
to be copied after the crypto operation.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Since IV parameters (offset and length) should not
change for operations in the same session, these parameters
are moved to the crypto transform structure, so they will
be stored in the sessions.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Since IV now is copied after the crypto operation, in
its private size, IV can be passed only with offset
and length.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Usually, IV will change for each crypto operation.
Therefore, instead of pointing at the same location,
IV is copied after each crypto operation.
This will let the IV to be passed as an offset from
the beginning of the crypto operation, instead of
a pointer.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Chain parameter can be CIPHER_HASH, HASH_CIPHER,
CIPHER_ONLY or HASH_ONLY, but only the first two
were shown in the application help.
Fixes: 1a75e9f3fa ("examples/l2fwd-crypto: add cipher/hash only cases")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Statistics period time option is parsed with -T argument,
but -t was accepted by mistake, instead.
Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Fixes: c0f87eb525 ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
For padding calculation, it is necessary to know if algorithm
is a block cipher or stream cipher algorithm, and know the
block size for the algorithm.
In the application, this block size should be only the
cipher block size, but if authentication was used too,
it was being overwritten by the authentication block size,
which is not needed.
Fixes: 27cf2d1b18 ("examples/l2fwd-crypto: discover capabilities")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Previously, l2fwd-crypto application did not give user the
flexibility to decide which crypto device(s) will be used.
In this patch, a new cryptodev_mask option is added to the
application. Same as portmask, the cryptodev_mask avails the
user to mask out the unwanted crypto devices in the system.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
For AEAD algorithms, additional authenticated data (AAD)
can be passed, but it is optional, so its size can be zero.
However, it is required to set this length to zero in the crypto
operation to avoid undefined behaviour.
Fixes: 617a7949c9 ("examples/l2fwd-crypto: parse AAD parameter")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Since VF can not disable/enable HW CRC strip for non-DPDK PF drivers,
and kernel driver almost default enable that feature, if disable it in
example app's rxmode, VF driver will report the VF launch failure. So
this patch default to enable HW CRC strip to let VF launch successful.
Cc: stable@dpdk.org
Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Jingjing Wu <jingjing.wu@intel.com>
