git.droids-corp.org - dpdk.git/log

crypto/armv8: fix HMAC supported key sizes

For HMAC algorithms (SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org
Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>

crypto/armv8: fix authentication session configuration

For key sizes greater than digest length, pad with zero rather than
computing hash of the key itself.

Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Cc: stable@dpdk.org
Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>

doc: add cryptodev sample code

In order to illustrate in a simple way how to use
the cryptodev API to perform a basic crypto operation,
sample code has been added in the Programmer's Guide.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>

app/crypto-perf: fix CSV output

When using CSV, the output of the throughput performance numbers
was not correct, representing decimal numbers incorrectly.

Fixes: f8be1786b1b8 ("app/crypto-perf: introduce performance test application")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

app/crypto-perf: add pool size error message

If the crypto operation pool size is too small,
the pool might run out of operations, if all the crypto operations
are still being used and have not been freed.
To inform the user about this, the application should display
an error message, asking the user to increase the pool size
through the app parameters.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

doc: complete crypto sample command line

Documentation of some virtual crypto PMDs have a sample command line
to show how to initialize the device on a specific application,
L2fwd-crypto.

This was meant to be used as a reference, but these lines themselves
do not work, as the sample application used required more parameters,
which are added in this commit to have a fully functional example.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>

cryptodev: deprecate vdev create function

The function rte_cryptodev_create_vdev is an alias
for rte_vdev_init() which is scheduled to move out of the
rte_eal library. Lets deprecate this function to be able to
remove it from the cryptodev library in 17.11.

Signed-off-by: Jan Blunck <jblunck@infradead.org>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>

cryptodev: fix doxygen comment of bulk alloc

When calling rte_crypto_op_bulk_alloc, the function may
return either a 0, if not enough objects are available
in the mempool or the number of operations requested,
it there are enough available. However, the Doxygen comments
were not matching these two cases.

Fixes: c0f87eb5252b ("cryptodev: change burst API to be crypto op oriented")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

doc: fix missing section underline in crypto guide

Fixes: b59502a5e3d0 ("cryptodev: add AEAD parameters in crypto operation")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

doc: fix l2fwd-crypto sample code

L2fwd-crypto app was modified with various changes
in its code. The application user guide contains
some code snippets that needed to be updated.

Fixes: 2661f4fbe93d ("examples/l2fwd-crypto: add AEAD parameters")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

cryptodev: fix session init return value

When calling rte_cryptodev_sym_session_init(),
if there was an error, it returned -1, instead
of returning the specific error code, which can
be valuable for the application for error handling.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/qat: fix SHA384-HMAC block size

Block size of SHA384-HMAC algorithm is 128 bytes,
and not 64 bytes.

Fixes: d905ee32d0dc ("crypto/qat: add aes-sha384-hmac capability")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/qat: fix HMAC supported key sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 26c2e4ad5ad4 ("cryptodev: add capabilities discovery")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/openssl: fix HMAC supported key sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

crypto/aesni_mb: fix HMAC supported key sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 26c2e4ad5ad4 ("cryptodev: add capabilities discovery")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

crypto/dpaa2_sec: add check for gcc toolchain

Fixes: 6a95466d78de ("crypto/dpaa2_sec: fix build with gcc 7.1")

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/dpaa2_sec: fix HMAC supported key sizes

For HMAC algorithms (MD5-HMAC, SHAx-HMAC), the supported
key sizes are not a fixed value, but a range between
1 and the block size.

Fixes: 623326dded3a ("crypto/dpaa2_sec: introduce poll mode driver")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>

doc: support new ZUC library version

A new version of the LibSSO ZUC library has been released.
This version includes shared library support and bug fixes.

This commit extends the instructions to install and initialize
the PMD with the new library, enabling also the PMD to be
compiled as a shared library.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/openssl: fix typo

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/dpaa2_sec: reduce init log prints

Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>

version: 17.08-rc2

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>

doc: remove driver interface header from API index

The file rte_flow_driver.h is a driver interface,
thus it should not be listed in the API index.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>

pci: move NUMA node check from scan to probe

Commit 8a04cb612589 ("pci: set default numa node for broken systems")
added logic to default to NUMA node 0 when sysfs numa_node information
was wrong or not available.

Unfortunately there are many devices with wrong NUMA node information
that DPDK does not care about but still show warnings for them.

Instead, only check for invalid NUMA node information for devices
managed by the DPDK.

Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>

doc: notify ethdev callback process API change

The _rte_eth_dev_callback_process function has been modified.
The return value has been changed form void to int and an
extra parameter "void *ret_param" has been added.

Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>

gro: fix doxygen

This patch updates GRO API comments to generate correct
API documentation by doxygen.

Signed-off-by: Jiayu Hu <jiayu.hu@intel.com>

examples/qos_sched: fix build for less lcores

APP_MAX_LCORES is hardcoded as 64.
This will cause build err when RTE_MAX_LCORE is less then 64.

"args.c:127:22: error: iteration 8 invokes undefined behavior
[-Werror=aggressive-loop-optimizations]
   if (cfg->lcore_role[i] == ROLE_RTE)
       ~~~~~~~~~~~~~~~^~~
args.c:126:2: note: within this loop
  for (i = 0; i < APP_MAX_LCORE; i++) {"

Fixes: d52b5e735aa3 ("examples/qos_sched: fix lcore limit")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

examples/load_balancer: fix build for less lcores

load_balancer app can also work for lower number of cores.
Limit the cores Worker and IO cores to 16 as defined in original
App. Otherwise use the actual number of lcores as MAX.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

app/testpmd: fix bonding initialization

when creating a bond device in testpmd, a name for a device must meet
the correct convention described in the documentation:
The device name must start with the net_bonding prefix
followed by numbers or letters.
Change for ALB mempool allocation - mem_name was too long.

Fixes: 9bf4901d1a11 ("bus/vdev: remove probe with driver name option")
Cc: stable@dpdk.org
Signed-off-by: Michal Jastrzebski <michalx.k.jastrzebski@intel.com>
Reviewed-by: Jingjing Wu <jingjing.wu@intel.com>

mempool/dpaa2: fix freeing bp list

The dpaa2_bp_list is being allocated using "rte_malloc",
but the free is done using "free". Fixing it to use
"rte_free".

Fixes: 5dc43d22b5ad ("mempool/dpaa2: add hardware offloaded mempool")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>

mempool/dpaa2: fix error code for allocation failure

In case the alloc api is not able to allocate the required
number of buffer, it can return '0', which will not indicate
the failure to the calling function.
This patch fix the return value to indicate the failure.

Fixes: 5dc43d22b5ad ("mempool/dpaa2: add hardware offloaded mempool")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>

mempool/dpaa2: allocate pool data dynamically

In order to support multiprocess applications, pool data is to be
allocated on dynamic memory instead of existing usages of global
variable.

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>

doc: fix literal block in testpmd guide

There were mising :: so file was parsed in wrong way

Fixes: c735b831b0c1 ("app/testpmd: add cmd for dedicated LACP Rx/Tx queues")

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>

igb_uio: issue FLR during open and release of device file

Set UIO info device file operations open and release. Call pci reset
function inside open and release to clear device state at start and end.
Copied this behaviour from vfio_pci kernel module code. With this patch,
it is not mandatory to issue FLR by PMD's during init and close.

Bus master enable and disable are added in open and release respectively
to take care of device DMA.

Signed-off-by: Shijith Thotton <shijith.thotton@caviumnetworks.com>
Reviewed-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Gregory Etelson <gregory@weka.io>

app/testpmd: fix token matching in flow command

While matching user input against a token name or any other fixed string,
comparison stops at the end of user input if shorter (e.g. "foo" matches
token name "foobar").

Although the unintended consequence of this behavior allows users to
abbreviate command names and various parameters yet generate valid
commands, the parser was not designed to support this and does not prevent
ambiguous tokens.

For instance, entering "i" for a pattern item matches "ipv4", "ipv6" and
"icmp" then defaults to one of them in an unspecified manner.

Prevent this behavior by taking the length of fixed strings into account.

Fixes: 19c90af6285c ("app/testpmd: add flow command")
Fixes: 5ac3502ed1be ("app/testpmd: add flow query command")
Fixes: abc3d81aca1b ("app/testpmd: add item raw to flow command")
Fixes: 05d34c6e9d2c ("app/testpmd: add queue actions to flow command")
Cc: stable@dpdk.org
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>

cmdline: fix dynamic tokens interface

Support for dynamic tokens was added in order to implement the flow command
in testpmd, for which static tokens were not versatile enough due to the
large number of possible parameter combinations.

However, due to its reliance on a temporary array to store dynamic tokens,
this interface suffers from various limitations that need to be addressed
in order to implement more commands in the future:

- The maximum number of dynamic tokens is determined at compilation time
  (CMDLINE_PARSE_DYNAMIC_TOKENS). The larger this value, the more stack
  space is wasted (one pointer per potential token, i.e. 1kB of stack space
  on 64-bit architectures with the default value).

- This temporary array is actually a cache in which entries already present
  are not regenerated. This behavior is not documented, which makes dynamic
  tokens practically unusable by applications as they do not know which
  token is current.

- The cache does not really reduce the number of function calls needed to
  retrieve tokens, it was mainly deemed useful to provide context about
  other tokens to the generator callback.

- Like testpmd, most users will likely use repeated pointers to a fixed
  token header structure (cmdline_token_hdr_t), with internal context-aware
  callbacks that do not need to look at other entries; knowing the index of
  the current token is enough.

Getting rid of the temporary array and properly documenting usage of the
token generator callback greatly simplifies this interface.

Fixes: 4fffc05a2b2c ("cmdline: support dynamic tokens")
Fixes: 19c90af6285c ("app/testpmd: add flow command")
Cc: stable@dpdk.org
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

cmdline: fix dynamic tokens initialization

To avoid redundant calls to the token-generating function and provide it
with helpful context, a temporary fixed-size array allocated on the stack
of cmdline_parse() and cmdline_complete() keeps the address of preceding
tokens for the command instance being processed (cmdline_parse_inst_t).

Like the static tokens array in cmdline_parse_inst_t, it must be
NULL-terminated, however this is not properly enforced as it is initialized
once at the beginning of each function and a NULL terminator is never
appended once replaced with generated tokens.

When several commands rely on dynamic tokens, subsequent ones inherit an
already initialized array whose tokens are not regenerated, which causes
various issues such as mixed and repeated tokens from the first command.

Enforcing NULL termination of the dynamic tokens array and reinitializing
its first entry at each iteration solves these issues. Doing so is also
less expensive than a full memset() at each iteration.

Fixes: 4fffc05a2b2c ("cmdline: support dynamic tokens")
Cc: stable@dpdk.org
Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>

net/failsafe: fix build on FreeBSD 10 with GCC 4.8

ctype.h is not compilable in BSD 10 on GCC 4.8 in C11 mode.

  CC failsafe.o
In file included from /usr/include/_ctype.h:94:0,
                 from /usr/include/ctype.h:46,
                 from /root/dpdk.org/build/include/rte_common.h:50,
                 from /root/dpdk.org/build/include/rte_memory.h:57,
                 from /root/dpdk.org/build/include/rte_malloc.h:45,
                 from /root/dpdk.org/drivers/net/failsafe/failsafe.c:35:
/usr/include/runetype.h:92:22: error: expected '=', ',', ';', 'asm' or
'__attribute__' before 'const'
extern _Thread_local const _RuneLocale *_ThreadRuneLocale;
                      ^
/usr/include/runetype.h: In function '__getCurrentRuneLocale':
/usr/include/runetype.h:96:6: error: '_ThreadRuneLocale' undeclareds
(first use in this function)
  if (_ThreadRuneLocale)
      ^

The fix is to put GCC in gnu99 mode instead.

Fixes: a46f8d584eb8 ("net/failsafe: add fail-safe PMD")

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>

examples/l2fwd-crypto: add option to update MAC address

This patch adds a new option to enable/disable the
MAC addresses updating done at forwarding time: --[no-]mac-updating

By default, MAC address updating remains enabled, to keep consistency
with previous usage.

Signed-off-by: Kuba Kozak <kubax.kozak@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/scheduler: fix multicore reordering

Operations can be dequeued from the reordering ring only after they
were dequeued from the crypto pmd with rte_cryptodev_dequeue_burst()
function. It is not correct to dequeue them when status just changed
from RTE_CRYPTO_OP_STATUS_NOT_PROCESSED to any other value, as the
operations still can be processed by crypto pmd internally.
Now multicore scheduler workers mark status of all dequeued from
crypto pmd operations with CRYPTO_OP_STATUS_BIT_COMPLETE bit set.
Scheduler will dequeue crypto operations from reordering ring only
when this status bit is set. Prior to put this operation to output
buffer, scheduler clears this bit, so the application gets
unmodified status from crypto pmd.

Fixes: 4c07e0552f0a ("crypto/scheduler: add multicore scheduling mode")

Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

cryptodev: remove crypto operation status value

Crypto operation status RTE_CRYPTO_OP_STATUS_ENQUEUED is removed
from rte_crypto.h as it is not needed for crypto operation processing.
This status value is redundant to RTE_CRYPTO_OP_STATUS_NOT_PROCESSED value
and it was not intended to be part of public API.

Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

crypto/qat: fix session initialization

When creating a session, if there is a failure when
setting some of the parameters, QAT was not propagating
the error to the session initialization function.
Therefore, it was reporting a success, when it should
be report a failure.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

app/crypto-perf: stop crypto devices after test

Call of rte_cryptodev_stop() function from test destructors
is added.

Fixes: f8be1786b1b8 ("app/crypto-perf: introduce performance test application")
Cc: stable@dpdk.org
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

examples/l2fwd-crypto: fix AEAD key setting

AEAD key was being set using the cipher key parameters,
instead of the AEAD key parameters.

Fixes: 2661f4fbe93d ("examples/l2fwd-crypto: add AEAD parameters")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

examples/l2fwd-crypto: fix AEAD IV setting

IV was not being set for AEAD algorithms.

Fixes: 2661f4fbe93d ("examples/l2fwd-crypto: add AEAD parameters")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

examples/l2fwd-crypto: fix digest length

Digest length was not being set when using authentication
algorithms.

Fixes: 2661f4fbe93d ("examples/l2fwd-crypto: add AEAD parameters")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

doc: extend info on multi-core scheduler

The corelist parameter for the multi-core scheduling mode
needed some extra explanation on how to use it.

Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>

crypto/scheduler: fix strings not null terminated

Coverity issue: 143431
Fixes: 31439ee72b2c ("crypto/scheduler: add API implementations")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

cryptodev: reorder auth transform

IV was positioned differently in authentication
transform structure, compared to the other two
transforms (cipher and AEAD).
To keep consistency, digest length is moved to
the end of the transform.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

cryptodev: rename ADD field

Additional Authenticated Data (AAD) is called "aad" in most
places of cryptodev, but it was called "add_auth_data"
in the AEAD transform transform (aead_xform).

This field is renamed to "aad_length" in order to keep
consistency.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

cryptodev: decrease key and digest sizes

Crypto keys and digests are not expected
to be big, so using a uint16_t to store
their lengths should be enough.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/qat: fix handle device-agnostic session

Older generations of QuickAssist hardware
may not support all algorithms supported by newer
generations. When sessions were specific to the device
this only needed to be handled on session creation.
With device-agnostic sessions, a session created
for a newer device may get routed to an older device which
can't support it.
This patch adds an enum to define QAT device generations
and uses this to detect and handle the above case on the
data path.
It also renames the capabilities structures and #defines
to match the generation names and adds the generation
to the device table in the documentation.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/aesni_mb: fix zero burst dequeue

In the unlikely scenario that an application
calls rte_cryptodev_dequeue_burst with nb_ops = 0,
there was a job leak, as a job would be created
but would not be populated, as no operation is passed.

Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

cryptodev: fix KASUMI F9 expected parameters

For KASUMI F9 algorithm, COUNT, FRESH and DIRECTION
input values need to be contiguous with
the message, as described in the KASUMI and QAT PMD
documentation.

Before, the COUNT and FRESH values were set
as part of the AAD (now IV), but always set before
the beginning of the message.
Since now the IV is set after the crypto operation,
it is not possible to have these values in the
expected location.

Therefore, as these are required to be contiguous,
cryptodev API will expect these them to be passed
as a single buffer, already constructed, so
authentication IV parameters not needed anymore.

Fixes: 681f540da52b ("cryptodev: do not use AAD in wireless algorithms")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

doc: extend installation section for SNOW3G/KASUMI

SNOW3G and KASUMI SW libraries encrypt buffers
assuming that they are padded to a specific block size.
This behaviour can be changed to avoid buffer overflow,
by modifying the Makefile of these libraries.
Therefore, the Installation section in the SNOW3G and
KASUMI documentation has been extended, to document
this case.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

doc: add missing algorithm in limitations for QAT

For KASUMI, SNOW3G and ZUC algorithms, offsets and lengths
of the data to cipher or authenticate is provided in bits,
but QAT does not support non-byte aligned values,
although only KASUMI and SNOW3G were mentioned.

Fixes: d9b7d5bbc845 ("crypto/qat: add ZUC EEA3/EIA3 capability")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

doc: remove incorrect limitation on AESNI-MB PMD

AESNI MB PMD supports sessionless operations,
but the documentation was stating that only
operations with session were supported.

Fixes: 924e84f87306 ("aesni_mb: add driver for multi buffer based crypto")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

doc: remove incorrect limitation on QAT PMD

QAT supports authentication only operations,
for any authentication algorithm (such as SHA1-HMAC),
as long as it is supported by QAT, so it means
that it is not necessary to create a chained operation
in order to use these algorithms.

Fixes: 1703e94ac5ce ("qat: add driver for QuickAssist devices")
CC: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

doc: fix supported algorithm table for AESNI-GCM PMD

AESNI GCM PMD now supports 192-bit keys for AES-GCM,
so the supported algorithm table should be updated.

Fixes: 6f16aab09a91 ("crypto/aesni_gcm: migrate to Multi-buffer library")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

test/crypto-perf: fix ARMv8 session creation

Session was NULL as test_crypto_session not initialised.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")

Signed-off-by: Srisivasubramanian S <ssrinivasan@caviumnetworks.com>

crypto/qat: fix authentication offset and length for GMAC

Authentication length and offset need to be set like for any other
authentication algorithms as it no longer uses aad pointer

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

cryptodev: remove AAD size in auth capabilities

Additional Authenticated Data (AAD) was removed from the
authentication parameters, but still the supported size
was part of the authentication capabilities of a PMD.

Fixes: 4428eda8bb75 ("cryptodev: remove AAD from authentication structure")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

crypto/aesni_mb: fix possible crypto job leak

When dequeueing operations from an AESNI-MB device,
crypto jobs are dequeued from the internal scheduler
in the Multi-buffer library.

If the number of jobs available to retrieve
are higher than the number of crypto operations
that are required, then an extra job is retrieved
(due to an incorrect conditional), but not used.
This leads to a job leak and the operation associated
to that job will not be ever dequeued.

Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

doc: add missing devices in test-crypto-perf

crypto_armv8, crypto_scheduler and crypto_dpaa2_sec
are added in the documentation

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

crypto/dpaa2_sec: fix typo in PMD name

Comment for device name is corrected.
Also the name string is made similar to other pmds.

Fixes: a3277ad47feb ("cryptodev: remove crypto device driver name")

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/dpaa2_sec: fix free usage for dpsec

dpseci is allocated using rte_calloc() but it is freed
using free(). Fixing it to use rte_free()

Fixes: e5cbdfc53765 ("crypto/dpaa2_sec: add basic operations")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>

crypto/qat: fix NULL authentication hang

To avoid a possible HW problem when dealing with
NULL authentication case, the state sizes
in the request descriptor are set.

Fixes: db0e952a5c01 ("crypto/qat: add NULL capability")
Cc: stable@dpdk.org
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

crypto/scheduler: fix slave name parsing

This patch fixes the incorrect index checking in parse_slave
function.

Fixes: 503e9c5afb38 ("crypto/scheduler: register as vdev driver")
Cc: stable@dpdk.org
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

doc: use new crypto driver names

Crypto driver names were changed in 16.11,
but some guides were still using the old ones
(which are still valid, only kept for compatibility
reasons).

To keep consistency and avoid confusion, all guides
should be using the same driver names.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

doc: fix crypto scheduler command line examples

Sample command lines for crypto scheduler were not correct,
due to:
- Typo in "crypto_scheduler" driver name
- Multiple virtual devices require having unique names,
driver name + a suffix, otherwise, just a single device is
created.

Fixes: d58a3f312545 ("crypto/scheduler: add documentation")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>

crypto/qat: remove unused ablkcipher

This commit removes unused ablkcipher struct and functions

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>

eventdev: fix memory realloc check in port config

This commit fixes the check to use the just reallocated
links_map variable, instead of stale dev->data->links_map.
Later the new variable is written to the dev->data->links_map,
so the stale-ness is only temporary.

Coverity issue: 143456
Fixes: 4f0804bbdfb9 ("eventdev: implement the northbound APIs")

Signed-off-by: Harry van Haaren <harry.van.haaren@intel.com>
Reviewed-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>

event/dpaa2: advertise burst mode capability

Burst mode capability flag was introduced in 73e6b8c9 for event drivers.
DPAA2 event driver supports burst mode so this patch adds this capability
flag in DPAA2 event driver

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Reviewed-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>

test/bonding: add test case for agg selection in mode4

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

app/testpmd: support different aggregation modes

This patch add support for different aggregator modes in similar manner
that is provided in linux kernel.

testpmd> set bonding agg_mode <port_id> <agg_name>
testpmd> show bonding config <port_id>

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

net/bonding: add other aggregator modes

This patch add support for setting additional aggregator modes for
IEEE802.3AD in similar manner that are supported in kernel mode.

This will add support for other manner:
stable - default mode taken from IEEE802.11AX this is default
aggregator mode
bandwidth - takes aggregator with highest bandwidth
count - takes aggregator with biggest number of slaves

Signed-off-by: Daniel Mrzyglod <danielx.t.mrzyglod@intel.com>
Acked-by: Declan Doherty <declan.doherty@intel.com>

net/i40e: fix VF add/del MAC

i40e VF close would stop the VF first, if VF already stopped this
result duplicate add/del MAC address which cause failure in executing
admin command.

Fix this by adding VF stop status check and sync up VF MAC address count
during add/del.

Fixes: d42aaf30008b ("i40e: support port hotplug")
Cc: stable@dpdk.org
Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>

net/ixgbe: fix Rx/Tx queue interrupt for x550 devices

x550 devices don't map interrupt vector before enabling Rx/Tx queue
interrupt.
Because of this interrupt mode is not working for x550 devices.

Fixes: d2e72774e58c ("ixgbe/base: support X550")
Cc: stable@dpdk.org
Signed-off-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Wei Dai <wei.dai@intel.com>

net/ixgbe: add queue index check in filter

Add queue index check when create filter rule, or
filter with invalid queue id can be created successfully.

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>

net/failsafe: support flow API isolation mode

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>

net/failsafe: support link status change event

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>

net/failsafe: support device removal

Listen to INTR_RMV events issued by slaves.
Add atomic flags on slave queues to detect use of slave bursts function.
If a removal is detected, set the recollection flag on this slave.

During a slave upkeep round, if its recollection flag is set and its
burst functions are not in use by any thread, remove that slave.

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: add fast burst functions

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: support Rx offload capabilities

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: support flow API

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: add flexible device definition

Add the "exec" device type.
The parameters given to this type of device will be executed in a shell.
The output of this command is then used as a definition for a device.

That command can be re-interpreted if the related device is not
plugged-in. It allows for a device definition to react to system
changes (e.g. changing PCI bus for a given device).

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: add plug-in support

Periodically check for the existence of a device.
If a device has not been initialized and exists on the system, then it
is probed and configured.

The configuration process strives to synchronize the states between the
plugged-in sub-device and the fail-safe device.

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

net/failsafe: add fail-safe PMD

Introduce the fail-safe poll mode driver initialization and enable its
build infrastructure.

This PMD allows for applications to benefit from true hot-plugging
support without having to implement it.

It intercepts and manages Ethernet device removal events issued by
slave PMDs and re-initializes them transparently when brought back.
It also allows defining a contingency to the removal of a device, by
designating a fail-over device that will take on transmitting operations
if the preferred device is removed.

Applications only see a fail-safe instance, without caring for
underlying activity ensuring their continued operations.

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Olga Shern <olgas@mellanox.com>

ethdev: count devices consistently

Make the rte_eth_dev_count() return the number of available devices even
after some are detached by the hotplug API or put in a deferred state.

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>

ethdev: add deferred intermediate device state

This device state means that the device is managed externally, by
whichever party has set this state (PMD or application).

Note: this new device state is only an information. The related device
structure and operators are still valid and can be used normally.

It is however made private by device management helpers within ethdev,
making the device invisible to applications.

Signed-off-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>

doc: add known issue for i40e VF performance

VF performance is limited by the kernel PCI extended tag setting.
Update the document to explain the known issue and the workaround.

Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>

net/ixgbe: fix IPv6 flow create limitation for x550

The x550 family does not support ipv6-other flow as well as
ipv4-other flow, so add this limitation.

Fixes: 7d629cacedee ("net/ixgbe: enable IPv6 for consistent API")

Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>

net/ixgbe: support 82599ES SCTP packet drop action

82599ES can support SCTP packet drop action, but the
configuration is different from TCP or UDP packet, so
it need to rework some FDIR related code to adapt
drop action rule of SCTP packet.

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>

net/i40e: fix ethertype filter for new FW

Previously SW workaround for GL_SWR_PRI_JOIN_MAP is added for X710
performance. As new FW version 6.0 supports ADQ,
value for GL_SWR_PRI_JOIN_MAP should be changed, otherwise
ehtertype filter will be impacted.

Fixes: 973273c7a4b7 ("i40e: workaround for X710 performance")
Cc: stable@dpdk.org
Signed-off-by: Beilei Xing <beilei.xing@intel.com>

net/tap: remove Linux version check

Remove checks of Linux kernel version
in order to support kernel with backported features.

the expected behavior with a kernel that doesn't support flower
and other bits is the following:
-flow validate can return successfully
-flow create using the same rule fails.

Using the "remote" feature without kernel flower does not fail silently.
The TAP instance is not initialized if the requested parameters cannot
be satisfied.

it has been tested on an old kernel without required support:

PMD: Kernel refused TC filter rule creation (2): No such file or directory
PMD: tap0 failed to create implicit rules.
PMD: Can't set up remote feature: No such file of directory(2)
PMD: TAP Unable to initialize net_tap0

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>

net/ixgbe: fix drop action for signature match

Drop action is not supported by signature match, should return
error when try to create a signature match flow with drop action.

Fixes: a948d33bc05a ("net/ixgbe: enable signature match for consistent API")

Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>

net/dpaa2: support secondary process attach

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>

net/i40e: fix virtchnl message response timeout

PF driver and VF driver communicated with each other by virtual
channel message. When VF sends message to PF to enable some
offload capability, PF should response if it is successful or not.
VIRTCHNL_OP_ENABLE_VLAN_STRIPPING is a new added message and the
old PF driver doesn’t support that. So no response is received by
DPDK VF. Then VF is blocked on this message and cannot roll back.
This patch clears pending command on VF side when the waiting duration
expires to avoid blocking following communication.

Fixes: 5f0b95d59a98 ("net/i40e: support VLAN stripping for VF")
Cc: stable@dpdk.org
Signed-off-by: Beilei Xing <beilei.xing@intel.com>

net/virtio: refactor coding style in Rx

Make the code more readable. No functional change.

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>

net/ixgbe: remove an unnecessary goto

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>

net/i40e: remove an unnecessary goto

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>