git.droids-corp.org - dpdk.git/log

eal: set affinity for control threads

The management threads must not bother the dataplane or service cores.
Set the affinity of these threads accordingly.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

eal: set name when creating a control thread

To avoid code duplication, add a parameter to rte_ctrl_thread_create()
to specify the name of the thread.

This requires to add a wrapper for the thread start routine in
rte_thread_init(), which will first wait that the thread is configured.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

eal: add function to create control threads

Many parts of dpdk use their own management threads. Introduce a new
wrapper for thread creation that will be extended in next commits to set
the name and affinity.

To be consistent with other DPDK APIs, the return value is negative in
case of error, which was not the case for pthread_create().

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

use sizeof to avoid double use of a length define

Only a cosmetic change: the *_LEN defines are already used
when defining the buffer. Using sizeof() ensures that the length
stays consistent, even if the definition is modified.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

test/power: fix build with shared library

Using private api `guest_channel_host_connect()`
will cause shared library build failure:
test_power_kvm_vm.c:(.text+0x2cb):
undefined reference to `guest_channel_host_connect'

So revert the changes done.

Fixes: d550a8cc31f3 ("app/test: enhance power manager unit tests")

Reported-by: Bruce Richardson <bruce.richardson@intel.com>
Suggested-by: David Hunt <david.hunt@intel.com>
Signed-off-by: Jananee Parthasarathy <jananeex.m.parthasarathy@intel.com>
Signed-off-by: Reshma Pattan <reshma.pattan@intel.com>

drivers/net: share vdev data to secondary process

dpdk-procinfo, as a secondary process, cannot fetch stats for vdev.

This patch enables that by attaching the port from the shared data.
We also fill the eth dev ops, with only some ops works in secondary
process, for example, stats_get().

Note that, we still cannot Rx/Tx packets on the ports which do not
support multi-process.

Reported-by: Signed-off-by: Vipin Varghese <vipin.varghese@intel.com>
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Qi Zhang <qi.z.zhang@intel.com>

drivers/net: do not use private ethdev data

We introduced private rte_eth_dev_data to allow vdev to be created
both in primary process and secondary process(es). This is not
friendly to multi-process model, for example, it leads to port id
contention issue if two processes both find the data entry is free.

And to get stats of primary vdev in secondary, we must allocate
from the pre-defined array so that we can find it.

Suggested-by: Bruce Richardson <bruce.richardson@intel.com>
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Qi Zhang <qi.z.zhang@intel.com>

bus/vdev: scan by multi-process channel

To scan the vdevs in primary, we send request to primary process
to obtain the names for vdevs.

Only the name is shared from the primary. In probe(), the device
driver is supposed to locate (or request more) the detail
information from the primary.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Qi Zhang <qi.z.zhang@intel.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

bus/vdev: add lock on device list

As we could add virtual devices from different threads now, we
add a spin lock to protect the vdev device list.

Suggested-by: Anatoly Burakov <anatoly.burakov@intel.com>
Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>

eal: bring forward multi-process channel init

Adjust the init sequence: put mp channel init before bus scan
so that we can init the vdev bus through mp channel in the
secondary process before the bus scan.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Reviewed-by: Qi Zhang <qi.z.zhang@intel.com>

mempool: support flushing the default cache

Mempool get/put API cares about cache itself, but sometimes it is
required to flush the cache explicitly.

The function is moved in the file since it now requires
rte_mempool_default_cache().

Signed-off-by: Artem V. Andreev <artem.andreev@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: remove callback to register memory area

The callback is not required any more since there is a new callback
to populate objects using provided memory area which provides
the same information.

Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool/dpaa: prepare to remove register memory area op

Populate mempool driver callback is executed a bit later than
register memory area, provides the same information and will
substitute the later since it gives more flexibility and in addition
to notification about memory area allows to customize how mempool
objects are stored in memory.

Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

mempool/octeontx: prepare to remove register memory area op

Callback to populate pool objects has all required information and
executed a bit later than register memory area callback.

Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>

mempool: deprecate xmem functions

Move rte_mempool_xmem_size() code to internal helper function
since it is required in two places: deprecated rte_mempool_xmem_size()
and non-deprecated rte_mempool_op_calc_mem_size_default().

Suggested-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: remove callback to get capabilities

The callback was introduced to let generic code to know octeontx
mempool driver requirements to use single physically contiguous
memory chunk to store all objects and align object address to
total object size. Now these requirements are met using a new
callbacks to calculate required memory chunk size and to populate
objects using provided memory chunk.

These capability flags are not used anywhere else.

Restricting capabilities to flags is not generic and likely to
be insufficient to describe mempool driver features. If required
in the future, API which returns structured information may be
added.

Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: add op to populate objects using provided memory

The callback allows to customize how objects are stored in the
memory chunk. Default implementation of the callback which simply
puts objects one by one is available.

Suggested-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: add op to calculate memory size to be allocated

Size of memory chunk required to populate mempool objects depends
on how objects are stored in the memory. Different mempool drivers
may have different requirements and a new operation allows to
calculate memory size in accordance with driver requirements and
advertise requirements on minimum memory chunk size and alignment
in a generic way.

Bump ABI version since the patch breaks it.

Suggested-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>

mempool: ensure mempool is initialized before populating

Callback to calculate required memory area size may require mempool
driver data to be already allocated and initialized.

Signed-off-by: Artem V. Andreev <artem.andreev@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: rename flag to control IOVA-contiguous objects

Flag MEMPOOL_F_NO_PHYS_CONTIG is renamed as MEMPOOL_F_NO_IOVA_CONTIG
to follow IO memory contiguous terminology.
MEMPOOL_F_NO_PHYS_CONTIG is kept for backward compatibility and
deprecated.

Suggested-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

mempool: fix leak when no objects are populated

Fixes: 84121f197187 ("mempool: store memory chunks in a list")
Cc: stable@dpdk.org
Suggested-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

app/test: enhance power manager unit tests

Unit Testcases are added for power_acpi_cpu_freq,
power_kvm_vm_test to improve coverage

Signed-off-by: Jananee Parthasarathy <jananeex.m.parthasarathy@intel.com>
Acked-by: David Hunt <david.hunt@intel.com>

mk: fix make defconfig on FreeBSD

On FreeBSD, make defconfig generates the config as
"defconfig_x86_64-bsdapp-", which does not resolve to any known
config file.

On FreeBSD, we get amd64 out of "uname -m", which was not handled by
the list of checks, but which now resolves to x86_64-native.

Then we run '$CC --version', and use grep -o with the list of known
compilers, and set to either gcc, icc or clang. Grep's '-o' option
returns the matched word rather than the whole line, making the
result easier to use.

The remaining code in the patch then takes ${compiler}, the "uname -m"
output and assembles them all together into a valid freebsd config name,
i.e. "defconfig_x86_64-native-bsdapp-clang".

Fixes: bce6c42c4ad5 ("mk: add sensible default target with defconfig")
Cc: stable@dpdk.org
Signed-off-by: David Hunt <david.hunt@intel.com>
Tested-by: Anatoly Burakov <anatoly.burakov@intel.com>

ipc: fix timeout handling in async

In original implementation, timeout event for an async request
will be ignored. As a result, an async request will never
trigger the action if it cannot receive any reply any more.

We fix this by counting timeout as a processed reply.

Fixes: f05e26051c15 ("eal: add IPC asynchronous request")

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>

ipc: clean up code

Following below commit, we change some internal function and variable
names:
commit ce3a7312357b ("eal: rename IPC request as synchronous one")

Also use calloc to supersede malloc + memset for code clean up.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>

ipc: fix resource leak in init failure

Coverity issue: 272609
Fixes: f05e26051c15 ("eal: add IPC asynchronous request")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Jianfeng Tan <jianfeng.tan@intel.com>

ipc: fix return without mutex unlock

gettimeofday() returning a negative value is highly unlikely,
but if it ever happens, we will exit without unlocking the mutex.
Arguably at that point we'll have bigger problems, but fix this
issue anyway.

Coverity issue: 272595
Fixes: f05e26051c15 ("eal: add IPC asynchronous request")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Jianfeng Tan <jianfeng.tan@intel.com>

ipc: use strlcpy where applicable

This also silences (or should silence) a few Coverity false
positives where we used strcpy before (Coverity complained
about not checking buffer size, but source buffers were
always known to be sized correctly).

Coverity issue: 260407, 272565, 272582
Fixes: bacaa2754017 ("eal: add channel for multi-process communication")
Fixes: f05e26051c15 ("eal: add IPC asynchronous request")
Fixes: 783b6e54971d ("eal: add synchronous multi-process communication")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Jianfeng Tan <jianfeng.tan@intel.com>

fbarray: check sysconf failure

sysconf() may return a negative value, check for it.

Coverity issue: 272586
Fixes: c44d09811b40 ("eal: add shared indexed file-backed array")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>

fbarray: fix potential null-dereference

We get pointer to mask before we check if fbarray is NULL. Fix
by moving getting mask pointer to until after NULL check.

Coverity issue: 272579
Fixes: c44d09811b40 ("eal: add shared indexed file-backed array")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>

fbarray: check for open failure

Coverity issue: 272564
Fixes: c44d09811b40 ("eal: add shared indexed file-backed array")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>

fbarray: use strlcpy instead of snprintf

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>

fbarray: make all fbarrays hidden files

fbarray stores its data in a shared file, which is not hidden.
This leads to polluting user's HOME directory with visible
files when running DPDK as non-root. Change fbarray to always
create hidden files by default.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>

app/testpmd: allow none shaper profile

Private shaper profiles are attached to nodes defined
in traffic manager hierarchy.

Since not every node must have a configured shaper
testpmd should allow setting shaper profile id to
invalid (RTE_TM_SHAPER_PROFILE_ID_NONE) easily.

This patch follows same approach as in case of setting
parent id of the root node i.e passing a negative value
sets node id to RTE_TM_NODE_ID_NULL.

In case of private shaper profile negative value will set
shaper profile id to RTE_TM_SHAPER_PROFILE_ID_NONE.

Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Reviewed-by: Jasvinder Singh <jasvinder.singh@intel.com>

cmdline: standardize conversion of IP address strings

The code to convert IPv4 and IPv6 address strings into a binary format
(inet_ntop) was included in the cmdline library because the DPDK was
historically compiled in environments where the standard inet_ntop()
function is not available. Today, this is not the case and the standard
inet_ntop() can be used.

This patch removes the internal inet_ntop*() functions and their
specific license.

There is a small functional impact: IP addresses like 012.34.56.78
are not valid anymore.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>

vfio: fix boundary check in region search

A previously mapped region is skipped during the search, leading to
DMA unmap fails.

This patch fixes it and rewords the comment.

Fixes: 73a639085938 ("vfio: allow to map other memory regions")

Signed-off-by: Xiao Wang <xiao.w.wang@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>

crypto/dpaa2_sec: fix HMAC supported digest sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
digest sizes are not a fixed value, but a range between
1 and the maximum digest size for those algorithms.

Fixes: f947fd77185f ("crypto/dpaa2_sec: fix HMAC supported key sizes")
Cc: stable@dpdk.org
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/dpaa_sec: fix HMAC supported digest sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
digest sizes are not a fixed value, but a range between
1 and the maximum digest size for those algorithms.
Also setting iv_size as 0.

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/dpaa_sec: support dynamic logging

This patch adds the support for dynamic logging in dpaa_sec.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/zuc: batch ops with same transform

The ZUC API to encrypt packets does not require the operations
to share the same key. Currently, the operations were being
batched only when they shared the same key, but this is not needed.

Instead, now operations will be batched based on the transform
(cipher only, auth only...).

Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/zuc: remove unnecessary check

When processing operations, the operation type was being
checked to avoid if it was set to NOT SUPPORTED.
In data path, doing so is not required since that is already
checked when creating the crypto session,
so that case will not ever happen.

Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/zuc: do not set default op status

When crypto operations are allocated from the operation
pool, their status get reset to NOT_PROCESSED.
Therefore, there is no need to set this status again.

Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

maintainers: update MRVL crypto PMD

Jacek will no longer be maintaining mrvl crypto PMD.
Special thanks to him for development and support.

Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>

app/testpmd: support IPsec event

Adding support for IPsec event

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

examples/ipsec-secgw: handle ESN soft limit event

For inline protocol processing, the PMD/device is required to maintain
the ESN. But the application is required to monitor ESN overflow to
initiate SA expiry.

For such cases, application would set the ESN soft limit. An IPsec event
would be raised by rte_eth_event framework, when ESN hits the soft limit
set by the application.

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

security: extend userdata for IPsec events

Extending 'userdata' to be used for IPsec events too.

IPsec events would have some metadata which would uniquely identify the
security session for which the event is raised. But application would
need some construct which it can understand. The 'userdata' solves a
similar problem for inline processed inbound traffic. Updating the
documentation to extend the usage of 'userdata'.

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

security: add ESN soft limit in config

Adding ESN soft limit in conf. This will be used in case of protocol
offload. Per SA, application could specify for what ESN the security
device need to notify application. In case of eth dev(inline protocol),
rte_eth_event framework would raise an IPsec event.

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

ethdev: support inline IPsec events

Adding support for IPsec events in rte_eth_event framework. In inline
IPsec offload, the per packet protocol defined variables, like ESN,
would be managed by PMD. In such cases, PMD would need IPsec events
to notify application about various conditions like, ESN overflow.

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>

examples/ipsec-secgw: fix usage print

The usage print was not updated when jumbo frames & crypto_dev mask
support was added. Fixing that. Also, the optional arguments were not
properly highlighted in the usage header. This is also fixed.

General cleanup of the usage print was also done to make it look more
cleaner and similar to what is existing in other applications like
l3fwd.

Fixes: bbabfe6e4ee4 ("examples/ipsec_secgw: support jumbo frames")
Fixes: 2c68fe791538 ("examples/ipsec-secgw: add cryptodev mask option")
Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
Cc: stable@dpdk.org
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>

doc: add virtio crypto PMD guide

This patch adds the guide for virtio crypto PMD.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

test/crypto: add tests for virtio-crypto

Only RTE_CRYPTO_CIPHER_AES_CBC cipher
algorithm are tested as unit test, it is supported both by the
cryptodev-backend-builtin and cryptodev-vhost-user of qemu side.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support HMAC-SHA1

The AES-CBC with HMAC-SHA1 has been supported now.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support AES-CBC

The AES-CBC cipher only algorithm has been supported now.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support stats related ops

This patch implements the statistics of the packets.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support burst enqueue/dequeue

This patch implements the functions of virtio_crypto_pkt_tx_burst()
and virtio_crypto_pkt_rx_burst(). The encryption and decryption requests
are placed in the data queue and are ultimately handled by
the backend crypto accelerators.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support session related ops

This patch implements session related operations, which includes creating
and destroying the session. For now, it only supports the session-oriented
API implementation. The control queue used to create or destroy sessions
for symmetric algorithms.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support basic PMD ops

This patch implements the basic operations of virtio crypto PMD, which
includes start, stop, close, information getting, queue setup and
release of the device.
The virtio crypto device has two types of queues, data queue and
control queue. It has one data queue at least and has one and only one
control queue. For example, if a virtio crypto device has N queues,
then [0, N-2] is the data queue index, N-1 is the control
queue index.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: support device init

This patch implements the initialization of the virtio crypto device.
The virtio crypto device conforms to virtio-1.0, so this patch only
supports modern mode operation.
The cryptodev is created at the virtio crypto pci device probing stage.
The function of virtio_crypto_pkt_tx_burst() is used to burst transfer
packets and virtio_crypto_pkt_rx_burst() is used to burst receive packets.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/virtio: add virtio crypto PMD

The virtio crypto device is a virtual cryptography device
as well as a kind of virtual hardware accelerator for
virtual machines. The linux kernel virtio-crypto driver
has been merged, and this patch introduces virtio crypto
PMD to achieve better performance.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com>

crypto/qat: use SPDX license

Use SPDK license for dual-licensed files
and update license date in all files

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>

app/crypto-perf: add missing SPDX identifier

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

examples/l2fwd-crypto: fix the default aead assignments

The code is incorrectly updating the authxform instead of
aead xforms.

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/dpaa2_sec: improve error handling

Fixed as reported by NXP's internal coverity.
Also part of dpdk coverity.

Coverity issue: 268331
Coverity issue: 268333

Fixes: 8d1f3a5d751b ("crypto/dpaa2_sec: support crypto operation")
Cc: stable@dpdk.org
Signed-off-by: Sunil Kumar Kori <sunil.kori@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/dpaa_sec: improve the error checking

Reported by NXP's internal coverity

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Sunil Kumar Kori <sunil.kori@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

doc: add private data info in crypto guide

Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

cryptodev: support session private data setting

The application may want to store private data along with the
rte_cryptodev that is transparent to the rte_cryptodev layer.
For e.g., If an eventdev based application is submitting a
rte_cryptodev_sym_session operation and wants to indicate event
information required to construct a new event that will be
enqueued to eventdev after completion of the rte_cryptodev_sym_session
operation. This patch provides a mechanism for the application
to associate this information with the rte_cryptodev_sym_session session.
The application can set the private data using
rte_cryptodev_sym_session_set_private_data() and retrieve it using
rte_cryptodev_sym_session_get_private_data().

Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Signed-off-by: Nikhil Rao <nikhil.rao@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

cryptodev: set private data for session-less mode

The application may want to store private data along with the
rte_crypto_op that is transparent to the rte_cryptodev layer.
For e.g., If an eventdev based application is submitting a
crypto session-less operation and wants to indicate event
information required to construct a new event that will be
enqueued to eventdev after completion of the crypto
operation. This patch provides a mechanism for the application
to associate this information with the rte_crypto_op in
session-less mode.

Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Signed-off-by: Nikhil Rao <nikhil.rao@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

app/crypto-perf: support non default mempools

The current code usages the default mempool ops while
creating the mempool for crypto usages. Adding the support
for best_mempool_ops to enable it for devices using
non default mempools.

Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

app/crypto-perf: fix excess crypto device error

If number of available devices are more than logical core,
there is no need to throw an error.
Just use the less number of devices instead.

Fixes: f8be1786b1b8 ("app/crypto-perf: introduce performance test application")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

test/crypto: add macro for dpaa device name

Fixes: b674d6d0381a ("test/crypto: add dpaa crypto test cases")
Cc: stable@dpdk.org
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/dpaa2_sec: fix OP storage for physical IOVA mode

op storage in fle is just for reference for post dq.
So, don't convert it to iova mode.

Fixes: 37f96eb01bce ("crypto/dpaa2_sec: support scatter gather")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

crypto/dpaa_sec: move mempool allocation to config

Currently, the context mempools are allocated during device probe. Thus,
even if the DPAA SEC devices are not used, any application would still
allocate the memory required for working with the contexts.

This patch moves the allocation to configuration time so that when the
CAAM devices are configured, this allocation would be done.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>
Tested-by: Shreyansh Jain <shreyansh.jain@nxp.com>

crypto/dpaa_sec: fix null check in uninit

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: akhil.goyal@nxp.com
Cc: stable@dpdk.org
Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>

crypto/dpaa_sec: add portal presence check

Adding a check to do portal configuration if not already
configured before packet enqueue. This check is only done
during dpaa_sec_attach_sess_q for initial packets,
so this change wont affect the data path and hence performance.

Fixes: e79416d10fa3 ("crypto/dpaa_sec: support multiple sessions per queue pair")
Cc: stable@dpdk.org
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>

crypto/dpaa_sec: add macro for device name

Fixes: c3e85bdcc6e6 ("crypto/dpaa_sec: add crypto driver for NXP DPAA platform")
Cc: stable@dpdk.org
Signed-off-by: Ashish Jain <ashish.jain@nxp.com>

doc: add AMD CCP guide

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

test/crypto: add tests for AMD CCP

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support CPU based MD5 and SHA2 family

Auth operations can be performed on CPU without offloading
to CCP if CONFIG_RTE_LIBRTE_PMD_CCP_CPU_AUTH is enabled in
DPDK configuration. CCP PMD skip offloading auth operations
to hardware engines and perform them using openssl APIs.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support SHA3 family

Add SHA3 family authentication algorithm support for
CCP crypto PMD. This patch defines new macros for SHA3
algorithms in the DPDK crypto framework.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support SHA2 family

Add SHA2 family authentication algorithm support for
CCP crypto PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support SHA1

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support AES-GCM

Support AES-GCM-128/192/256 AEAD algorithm for
CCP crypto PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support AES-CMAC

Support AES-CMAC-128/192/256 authentication algorithm for
CCP crypto PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support 3DES

Support 3DES-CBC cipher algorithm for CCP crypto PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support AES

Added CCP cipher support for following algorithms:
AES-CBC-128/192/256
AES-CTR-128/192/256
AES-ECB-128/192/256

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support hwrng

CCP engines support true hardware random generation feature.
This patch implements api to read random number from CCP to be
used within PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support stats related ops

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support sessionless ops

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support burst enqueue/dequeue

Added support for burst oriented data path.

CCP PMD selects appropriate CCP engine available
on the platform and schedule the batch of crypto ops to a
selected hardware queue of the respective crypto engine.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support queue pair related ops

Added crypto queue pair specific crypto ops callback functions
to setup and manage a CCP crypto queue pair object. CCP PMD
exposes only a single crypto queue pair object and handles the
actual hardware queues underneath.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support session related ops

Added crypto session specific basic crypto ops callback functions.
Added different crypto engine types and definitions.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support basic PMD ops

Added device specific basic crypto ops callback functions.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: support device init

CCP PMD is a virtual crypto PMD which schedules a number of available
actual CCP hardware engines underneath. The PMD
manages all devices by its own. The PMD supports CCP_5a and
CCP_5b versions of crypto engines and this patch adds support
to initialize and use such devices.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

crypto/ccp: add AMD ccp skeleton PMD

Added DPDK crypto PMD for AMD Cryptographic Co-Processors.
This patch adds a basic skeleton for PMD.

Signed-off-by: Ravi Kumar <ravi1.kumar@amd.com>

examples/ipsec-secgw: remove redundant string compare

Removing redundant strncmp in parsing long arguments. The getopt library
provides means to identify long options using the "val" field of
structure option. The existing code gets 0 as "val" for all long
arguments and then uses strncmp to figure out which long option was
being referred to. Fixing this.

In addition, the macros and enums used for long arguments have been
renamed and repositioned adhering to the general convention followed in
various other apps, like l3fwd.

Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>

crypto/aesni_mb: support AES CMAC

Added support for AES CMAC hash algorithm with 128-bit key,
which has been added in the v0.49 of the IPSec Multi-buffer lib.

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/aesni_gcm: support IPsec Multi-buffer lib v0.49

Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/aesni_mb: support IPsec Multi-buffer lib v0.49

Adds support for the v0.49 of the IPsec Multi-buffer lib,
which now gets compiled and installed as a shared object.
Therefore, there is no need to pass the AESNI_MULTI_BUFFER_LIB_PATH

Signed-off-by: Marko Kovacevic <marko.kovacevic@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/qat: assign device to correct NUMA node

rte_cryptodev_pmd_init_params should use NUMA node of the QAT device
for its socket_id rather than the socket_id of the initializing process.

Signed-off-by: Lee Roberts <lee.roberts@hpe.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/mrvl: add missing library dependencies

While trying to do a shared build one will get linkage error
since a couple of library dependencies are missing from a makefile.

At some point there was a batch update of all PMDs but mrvl crypto was
missed back then.

Necessary makefile changes were introduced in
commit cbc12b0a96f5 ("mk: do not generate LDLIBS from directory dependencies")

Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>