dpdk.git
7 years agonet/mlx4: refactor flow item validation code
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:30 +0000 (14:19 +0200)]
net/mlx4: refactor flow item validation code

Since flow rule validation and creation have been refactored into a common
two-pass function, having separate callback functions to validate and
convert individual items seems redundant.

The purpose of these item validation functions is to reject partial masks
as those are not supported by hardware, before handing over the item to a
separate function that performs basic sanity checks.

The current approach and related code have the following issues:

- Lack of flow handle context in validation code requires kludges such as
  the special treatment reserved to spec-less Ethernet pattern items.
- Lack of useful error reporting; users need as much help as possible to
  understand what they did wrong, particularly when they hit hardware
  limitations that aren't mentioned by the flow API. Preventing them from
  going berserk after getting a generic "item not supported" message for no
  apparent reason is mandatory.
- Generic checks should be performed by the caller, not by item-specific
  validation functions.
- Mask checks either missing or too lax in some cases (Ethernet, VLAN).

This commit addresses all the above by combining validation and conversion
callbacks as "merge" callbacks that take an additional error context
parameter. Also:

- Support for source MAC address matching is removed as it has no effect.
- Providing an empty mask no longer bypasses the Ethernet specification
  check that causes a rule to become promiscuous-like.
- VLAN VIDs must be matched exactly, as matching all VLAN traffic while
  excluding non-VLAN traffic is not supported.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: simplify trigger code for flow rules
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:29 +0000 (14:19 +0200)]
net/mlx4: simplify trigger code for flow rules

Since flow rules synchronization function mlx4_flow_sync() takes into
account the state of the device (whether it is started), trigger functions
mlx4_flow_start() and mlx4_flow_stop() are redundant. Standardize on
mlx4_flow_sync().

Use this opportunity to enhance this function with better error reporting
as the inability to start the device due to a problem with a flow rule
otherwise results in a nondescript error code.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: generalize flow rule priority support
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:28 +0000 (14:19 +0200)]
net/mlx4: generalize flow rule priority support

Since both internal and user-defined flow rules are handled by a common
implementation, flow rule priority overlaps are easier to detect. No need
to restrict their use to isolated mode only.

With this patch, only the lowest priority level remains inaccessible to
users outside isolated mode.

Also, the PMD no longer automatically assigns a fixed priority level to
user-defined flow rules, which means collisions between overlapping rules
matching a different number of protocol layers at a given priority level
won't be avoided anymore (e.g. "eth" vs. "eth / ipv4 / udp").

As a reminder, the outcome of overlapping rules for a given priority level
was, and still is, undefined territory according to API documentation.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: refactor internal flow rules
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:27 +0000 (14:19 +0200)]
net/mlx4: refactor internal flow rules

When not in isolated mode, a flow rule is automatically configured by the
PMD to receive traffic addressed to the MAC address of the device. This
somewhat duplicates flow API functionality.

Remove legacy support for internal flow rules to instead handle them
through the flow API implementation.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: relax check on missing flow rule target
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:26 +0000 (14:19 +0200)]
net/mlx4: relax check on missing flow rule target

Creating a flow rule targeting a missing (unconfigured) queue is not
possible. However, nothing really prevents the destruction of a queue with
existing flow rules still pointing at it, except currently the port must be
in a stopped state in order to avoid crashing.

Problem is that the port cannot be restarted if flow rules cannot be
re-applied due to missing queues. This flexibility will be needed by
subsequent work on this PMD.

Given that a PMD cannot decide on its own to remove problematic
user-defined flow rules in order to restart a port, work around this
restriction by making the affected ones drop-like, i.e. rules targeting
nonexistent queues drop packets instead.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: allocate drop flow resources on demand
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:25 +0000 (14:19 +0200)]
net/mlx4: allocate drop flow resources on demand

Verbs QP and CQ resources for drop flow rules do not need to be permanently
allocated, only when at least one rule needs them.

Besides, struct rte_flow_drop is outside the mlx4 PMD name space and should
never have been defined there. struct rte_flow is currently the only
exception to this rule.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: merge flow creation and validation code
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:24 +0000 (14:19 +0200)]
net/mlx4: merge flow creation and validation code

These functions share a significant amount of code and require extra
internal objects to parse and build flow rule handles.

All this can be simplified by relying directly on the internal rte_flow
structure definition, whose QP pointer (destination Verbs queue) is
replaced by a DPDK queue ID and other properties, making it more versatile
without increasing its size (at least on 64-bit platforms).

This commit also gets rid of a few unnecessary debugging messages.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: add iovec-like allocation wrappers
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:23 +0000 (14:19 +0200)]
net/mlx4: add iovec-like allocation wrappers

These wrappers implement the ability to allocate room for several disparate
objects as a single contiguous allocation while complying with their
respective alignment constraints.

This is usually more efficient than allocating and freeing them
individually if they are not expected to be reallocated with rte_realloc().

A typical use case is when several objects that cannot be dissociated must
be allocated together, as shown in the following example:

 struct b {
    ...
    struct d *d;
 }

 struct a {
     ...
     struct b *b;
     struct c *c;
 }

 struct mlx4_malloc_vec vec[] = {
     { .size = sizeof(struct a), .addr = &ptr_a, },
     { .size = sizeof(struct b), .addr = &ptr_b, },
     { .size = sizeof(struct c), .addr = &ptr_c, },
     { .size = sizeof(struct d), .addr = &ptr_d, },
 };

 if (!mlx4_mallocv(NULL, vec, RTE_DIM(vec)))
     goto error;

 struct a *a = ptr_a;

 a->b = ptr_b;
 a->c = ptr_c;
 a->b->d = ptr_d;
 ...
 rte_free(a);

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: compact flow rule error reporting
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:22 +0000 (14:19 +0200)]
net/mlx4: compact flow rule error reporting

Relying on rte_errno is not necessary where the return value of
rte_flow_error_set() can be used directly.

A related minor change is switching from RTE_FLOW_ERROR_TYPE_HANDLE to
RTE_FLOW_ERROR_TYPE_UNSPECIFIED when no rte_flow handle is involved in the
error, specifically when none is allocated yet.

This commit does not cause any functional change.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: tidy up flow rule handling code
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:21 +0000 (14:19 +0200)]
net/mlx4: tidy up flow rule handling code

- Remove unnecessary casts.
- Replace consecutive if/else blocks with switch statements.
- Use proper big endian definitions for mask values.
- Make end marker checks of item and action lists less verbose since they
  are explicitly documented as being equal to 0.
- Remove unnecessary NULL check on action configuration structure.

This commit does not cause any functional change.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: clarify flow objects naming scheme
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:20 +0000 (14:19 +0200)]
net/mlx4: clarify flow objects naming scheme

In several instances, "items" refers either to a flow pattern or a single
item, and "actions" either to the entire list of actions or only one of
them.

The fact the target of a rule (struct mlx4_flow_action) is also named
"action" and item-processing objects (struct mlx4_flow_items) as "cur_item"
("token" in one instance) contributes to the confusion.

Use this opportunity to clarify related comments and remove the unused
valid_actions[] global, whose sole purpose is to be referred by
item-processing objects as "actions".

This commit does not cause any functional change.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: expose support for flow rule priorities
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:19 +0000 (14:19 +0200)]
net/mlx4: expose support for flow rule priorities

This PMD supports up to 4096 flow rule priority levels (0 to 4095).

Applications were not allowed to use them until now due to overlaps with
the default flows (e.g. MAC address, promiscuous mode).

This is not an issue in isolated mode when such flows do not exist.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: enhance header files comments
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:18 +0000 (14:19 +0200)]
net/mlx4: enhance header files comments

Add missing comments and fix those not Doxygen-friendly.

Since the private structure definition is modified, use this opportunity to
add one remaining missing include required by one of its fields
(sys/queue.h for LIST_HEAD()).

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: remove Rx QP initializer function
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:17 +0000 (14:19 +0200)]
net/mlx4: remove Rx QP initializer function

There is no benefit in having this as a separate function.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agonet/mlx4: replace bit-field type
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:16 +0000 (14:19 +0200)]
net/mlx4: replace bit-field type

Make clear it's 32-bit wide.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agoethdev: expose flow API error helper
Adrien Mazarguil [Thu, 12 Oct 2017 12:19:15 +0000 (14:19 +0200)]
ethdev: expose flow API error helper

rte_flow_error_set() is a convenient helper to initialize error objects.

Since there is no fundamental reason to prevent applications from using it,
expose it through the public interface after modifying its return value
from positive to negative. This is done for consistency with the rest of
the public interface.

Documentation is updated accordingly.

Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
7 years agodoc: fix GSO guide
Mark Kavanagh [Thu, 12 Oct 2017 16:05:29 +0000 (17:05 +0100)]
doc: fix GSO guide

Correct two minor issues in the GSO programmer's guide:
- a note is rendered incorrectly in the middle of an unordered list;
  this results in the remainder of the list appearing inside the note.
  Correct indentation of the note to resolve same.
- two minor visual artifacts are present in the 'three-part-output-segment'
  diagram. Remove same.

Fixes: f6010c7655cc ("doc: add GSO programmer's guide")

Signed-off-by: Mark Kavanagh <mark.b.kavanagh@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
7 years agoapp/testpmd: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:52 +0000 (17:32 +0800)]
app/testpmd: fix port id type

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agoapp/proc_info: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:51 +0000 (17:32 +0800)]
app/proc_info: fix port id type

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agoapp/pdump: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:50 +0000 (17:32 +0800)]
app/pdump: fix port id type

Increase port id range to 16 bits and remove the unnecessary cast.

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agonet/liquidio: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:49 +0000 (17:32 +0800)]
net/liquidio: fix port id type

port_id in struct lio_device should be increased range to uint16_t since
port id in rte_eth_dev_data has already been defined as uint16_t.

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agonet/bnxt: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:48 +0000 (17:32 +0800)]
net/bnxt: fix port id type

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agoethdev: fix port id type
Zhiyong Yang [Thu, 12 Oct 2017 09:32:47 +0000 (17:32 +0800)]
ethdev: fix port id type

Some features applied were still developed based on older version uint8_t
port_id, but port_id has been increased range to uint16_t. The patch fixes
the issue.

Fixes: f8244c6399d9 ("ethdev: increase port id range")

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
7 years agoconfig: remove unused mrvl debug option
Tomasz Duszynski [Thu, 12 Oct 2017 08:49:35 +0000 (10:49 +0200)]
config: remove unused mrvl debug option

Remove unused MRVL_DEBUG configuration option and update driver
documentation accordingly.

Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
7 years agonet/i40e: fix mbuf free in vector Tx
Qi Zhang [Tue, 10 Oct 2017 13:22:05 +0000 (09:22 -0400)]
net/i40e: fix mbuf free in vector Tx

vPMD tx does not set sw_ring's mbuf to NULL after free.
Therefore, in cases where the vector transmit function is in
use, we must use the appropriate index and threshold values
for the queue to only free the unreleased mbufs

Fixes: b4669bb95038 ("i40e: add vector Tx")
Cc: stable@dpdk.org
Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
7 years agonet/i40e: fix flexible payload configuration
Andrey Chilikin [Fri, 6 Oct 2017 18:11:26 +0000 (19:11 +0100)]
net/i40e: fix flexible payload configuration

Removed legacy writes to ORT/PIT registers from
i40e_GLQF_reg_init(struct i40e_hw *hw) function.
Latest NVM versions contain all relevant values
and these values should not be overwritten by SW to
maintain driver/firmware compatibility and to avoid
conflicts with dynamic device personalization profiles.

Fixes: f05ec7d77e41 ("i40e: initialize flow director flexible payload setting")
Cc: stable@dpdk.org
Signed-off-by: Andrey Chilikin <andrey.chilikin@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
7 years agotest: verify bitmap operations
Pavan Bhagavatula [Thu, 21 Sep 2017 11:50:21 +0000 (17:20 +0530)]
test: verify bitmap operations

This patch adds a test for verifying the bitmap operations.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
7 years agoeal: move bitmap from sched library
Pavan Bhagavatula [Thu, 21 Sep 2017 11:50:20 +0000 (17:20 +0530)]
eal: move bitmap from sched library

The librte_sched uses rte_bitmap to manage large arrays of bits in an
optimized method so, moving it to eal/common would allow other libraries
and applications to use it.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@caviumnetworks.com>
Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
7 years agomk: install symlinks before build step
Luca Boccassi [Thu, 12 Oct 2017 13:15:54 +0000 (14:15 +0100)]
mk: install symlinks before build step

A race condition can happen during parallel builds, where a header
might be installed in RTE_OUT/include before CFLAGS is recursively
expanded. This causes GCC to sometimes pick the header path as
SRCDIR/... and sometimes as RTE_OUT/include/... making the build
unreproducible, as the full path is used for the expansion of
__FILE__ and in the DWARF directory listing.

Installing all symlinks before all builds solves the problem. It is
still suboptimal, as the (fixed) path recorded in the DWARF dir
listing will include the user-configurable build output directory,
and thus will result in a different binary between different users
despite all other conditions being equal, but it is a simpler
approach that will anyway be obsolete once the build system is
switched to Meson.

Suggested-by: Ferruh Yigit <ferruh.yigit@intel.com>
Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agomk: sort libraries in dependency lists
Luca Boccassi [Thu, 12 Oct 2017 13:15:53 +0000 (14:15 +0100)]
mk: sort libraries in dependency lists

In order to achieve reproducible builds, always use the same
order when listing object files to build dependencies lists.

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agomk: sort source files before compilation
Luca Boccassi [Thu, 12 Oct 2017 13:15:52 +0000 (14:15 +0100)]
mk: sort source files before compilation

In order to achieve reproducible builds, always use the same
order when listing files for compilation.

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agomk: sort headers before wildcard inclusion
Luca Boccassi [Thu, 12 Oct 2017 13:15:51 +0000 (14:15 +0100)]
mk: sort headers before wildcard inclusion

In order to achieve fully reproducible builds, always use the same
inclusion order for headers in the Makefiles.

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agomk: sort list of examples files in doc
Luca Boccassi [Thu, 12 Oct 2017 13:15:50 +0000 (14:15 +0100)]
mk: sort list of examples files in doc

The result of find might not be stable depending on external
conditions.
Pipe it through LC_ALL=C sort to ensure reproducible results when
generating examples.dox.

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agomk: sort list of shared objects in linker script
Luca Boccassi [Thu, 12 Oct 2017 13:15:49 +0000 (14:15 +0100)]
mk: sort list of shared objects in linker script

The output of wildcard might not be stable and depend on the
filesystem and other factors.
This means the content libdpdk.so linker script might change between
builds from the same sources.
Run the list through sort to ensure reproducibility.

Signed-off-by: Luca Boccassi <luca.boccassi@gmail.com>
7 years agodrivers/net: enable IOVA mode for Intel PMDs
Jianfeng Tan [Wed, 11 Oct 2017 10:33:48 +0000 (10:33 +0000)]
drivers/net: enable IOVA mode for Intel PMDs

If we want to enable IOVA mode, introduced by
commit 93878cf0255e ("eal: introduce helper API for IOVA mode"),
we need PMDs (for PCI devices) to expose this flag.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
Reviewed-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
7 years agomem: honor IOVA mode for no-huge case
Jianfeng Tan [Wed, 11 Oct 2017 10:33:47 +0000 (10:33 +0000)]
mem: honor IOVA mode for no-huge case

With the introduction of IOVA mode, the only blocker to run
with 4KB pages for NICs binding to vfio-pci, is that
RTE_BAD_PHYS_ADDR is not a valid IOVA address.

We can refine this by using VA as IOVA if it's IOVA mode.

Signed-off-by: Jianfeng Tan <jianfeng.tan@intel.com>
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
7 years agotest/crypto: add mrvl crypto unit tests
Tomasz Duszynski [Tue, 10 Oct 2017 12:17:22 +0000 (14:17 +0200)]
test/crypto: add mrvl crypto unit tests

Add unit tests for MRVL CRYPTO PMD driver.

Signed-off-by: Jacek Siuda <jck@semihalf.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
7 years agodoc: add mrvl crypto guide
Tomasz Duszynski [Tue, 10 Oct 2017 12:17:20 +0000 (14:17 +0200)]
doc: add mrvl crypto guide

Add documentation for the MRVL CRYPTO PMD driver.

Signed-off-by: Jacek Siuda <jck@semihalf.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
7 years agocrypto/mrvl: add mrvl crypto driver
Tomasz Duszynski [Tue, 10 Oct 2017 12:17:19 +0000 (14:17 +0200)]
crypto/mrvl: add mrvl crypto driver

Add support for the Marvell Security Crypto Accelerator EIP197.
Driver is based on external, publicly available, Marvell MUSDK
library that provides access to the hardware with minimum overhead
and high performance.

Driver comes with support for the following features:

* Symmetric crypto
* Sym operation chaining
* AES CBC (128)
* AES CBC (192)
* AES CBC (256)
* AES CTR (128)
* AES CTR (192)
* AES CTR (256)
* 3DES CBC
* 3DES CTR
* MD5
* MD5 HMAC
* SHA1
* SHA1 HMAC
* SHA256
* SHA256 HMAC
* SHA384
* SHA384 HMAC
* SHA512
* SHA512 HMAC
* AES GCM (128)

Driver was engineered cooperatively by Semihalf and Marvell teams.

Semihalf:
Jacek Siuda <jck@semihalf.com>
Tomasz Duszynski <tdu@semihalf.com>

Marvell:
Dmitri Epshtein <dima@marvell.com>
Natalie Samsonov <nsamsono@marvell.com>

Signed-off-by: Jacek Siuda <jck@semihalf.com>
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
7 years agodrivers/crypto: use snprintf return value correctly
Tomasz Duszynski [Wed, 11 Oct 2017 11:05:07 +0000 (13:05 +0200)]
drivers/crypto: use snprintf return value correctly

snprintf return value is the length of was encoded into destination
array excluding '\0'. Thus return value equal to the length of the
destination array or more means truncation.

This commit fixes improper use of the return value.

Fixes: eec136f3c54f ("aesni_gcm: add driver for AES-GCM crypto operations")
Fixes: 924e84f87306 ("aesni_mb: add driver for multi buffer based crypto")
Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Fixes: 169ca3db550c ("crypto/armv8: add PMD optimized for ARMv8 processors")
Fixes: 2773c86d061a ("crypto/kasumi: add driver for KASUMI library")
Fixes: 94b0ad8e0aa5 ("null_crypto: add driver for null crypto operations")
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
7 years agodoc: add NXP DPAA SEC
Akhil Goyal [Mon, 9 Oct 2017 14:21:42 +0000 (19:51 +0530)]
doc: add NXP DPAA SEC

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
7 years agotest/crypto: add dpaa crypto test cases
Akhil Goyal [Mon, 9 Oct 2017 14:21:41 +0000 (19:51 +0530)]
test/crypto: add dpaa crypto test cases

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agocrypto/dpaa_sec: add crypto driver for NXP DPAA platform
Akhil Goyal [Mon, 9 Oct 2017 14:21:40 +0000 (19:51 +0530)]
crypto/dpaa_sec: add crypto driver for NXP DPAA platform

Signed-off-by: Forrest Shi <xuelin.shi@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
7 years agobus/dpaa: scan for DPAA Crypto devices
Akhil Goyal [Mon, 9 Oct 2017 14:21:39 +0000 (19:51 +0530)]
bus/dpaa: scan for DPAA Crypto devices

Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agotest/crypto: add AES-CCM tests
Pablo de Lara [Thu, 21 Sep 2017 13:11:22 +0000 (14:11 +0100)]
test/crypto: add AES-CCM tests

Added AES-CCM tests for Intel QAT PMD and OpenSSL PMD.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agotest/crypto: rename GCM test code
Pablo de Lara [Thu, 21 Sep 2017 13:11:21 +0000 (14:11 +0100)]
test/crypto: rename GCM test code

Before adding AES-CCM tests, some test code used
for AES-GCM can be renamed, so it can be reused
for AES-CCM, as both need similar parameters.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/qat: support AES-CCM
Arek Kusztal [Thu, 21 Sep 2017 13:11:20 +0000 (14:11 +0100)]
crypto/qat: support AES-CCM

This patch adds AES-CCM AEAD cipher and hash algorithm to
Intel QuickAssist Technology driver.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/openssl: support AES-CCM
Pablo de Lara [Thu, 21 Sep 2017 13:11:19 +0000 (14:11 +0100)]
crypto/openssl: support AES-CCM

Add support to AES-CCM, for 128, 192 and 256-bit keys.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/openssl: init GCM key at session creation
Pablo de Lara [Thu, 21 Sep 2017 13:11:18 +0000 (14:11 +0100)]
crypto/openssl: init GCM key at session creation

When creating a session for AES-GCM, since the key is going
to be constant, the OpenSSL context can initialize the key
at that moment, leaving the setting of the IV for the
operation handling.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/openssl: fix AEAD parameters
Pablo de Lara [Thu, 21 Sep 2017 13:11:17 +0000 (14:11 +0100)]
crypto/openssl: fix AEAD parameters

When using AES-GCM with OpenSSL, cipher direction
and authentication operation were being set incorrectly,
as the PMD was looking at the cipher and authentication
transform, instead of the new AEAD.

Fixes: b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agoapp/crypto-perf: support AES-CCM
Pablo de Lara [Thu, 21 Sep 2017 13:11:16 +0000 (14:11 +0100)]
app/crypto-perf: support AES-CCM

According to the API, AES-CCM has special requirements
when setting IV and AAD fields.
The L2fwd-crypto app is updated to set the nonce (IV)
and AAD in the right positions in these two fields
(1 byte after start of IV field and 18 bytes after start
of AAD).

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agoexamples/l2fwd-crypto: support AES-CCM
Pablo de Lara [Thu, 21 Sep 2017 13:11:15 +0000 (14:11 +0100)]
examples/l2fwd-crypto: support AES-CCM

According to the API, AES-CCM has special requirements
when setting IV and AAD fields.
The L2fwd-crypto app is updated to set the nonce (IV)
and AAD in the right positions in these two fields
(1 byte after start of IV field and 18 bytes after start
of AAD).

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocryptodev: clarify API for AES-CCM
Pablo de Lara [Thu, 21 Sep 2017 13:11:14 +0000 (14:11 +0100)]
cryptodev: clarify API for AES-CCM

AES-CCM algorithm has some restrictions when
handling nonce (IV) and AAD information.

As the API stated, the nonce needs to be place 1 byte
after the start of the IV field. This field needs
to be 16 bytes long, regardless the length of the nonce,
but it is important to clarify that the first byte
and the padding added after the nonce may be modified
by the PMDs using this algorithm.

Same happens with the AAD. It needs to be placed 18 bytes
after the start of the AAD field. The field also needs
to be multiple of 16 bytes long and all memory reserved
(the first bytes and the padding (may be modified by the PMDs).

Lastly, nonce is not needed to be placed in the first 16 bytes
of the AAD, as the API stated, as that depends on the PMD
used, so the comment has been removed.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agoapp/crypto-perf: use single mempool
Pablo de Lara [Wed, 4 Oct 2017 03:46:13 +0000 (04:46 +0100)]
app/crypto-perf: use single mempool

In order to improve memory utilization, a single mempool
is created, containing the crypto operation and mbufs
(one if operation is in-place, two if out-of-place).
This way, a single object is allocated and freed
per operation, reducing the amount of memory in cache,
which improves scalability.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: support multiple queue pairs
Pablo de Lara [Wed, 4 Oct 2017 03:46:12 +0000 (04:46 +0100)]
app/crypto-perf: support multiple queue pairs

Add support for multiple queue pairs, when there are
more logical cores available than crypto devices enabled.
For instance, if there are 4 cores available and
2 crypto devices, each device will have two queue pairs.

This is useful to have multiple logical cores using
a single crypto device, without needing to initialize
a crypto device per core.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: do not populate the mbufs at init
Pablo de Lara [Wed, 4 Oct 2017 03:46:11 +0000 (04:46 +0100)]
app/crypto-perf: do not populate the mbufs at init

For throughput and latency tests, it is not required
to populate the mbufs with any test vector.
For verify test, there is already a function that rewrites
the mbufs every time they are going to be used with
crypto operations.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: overwrite mbuf when verifying
Pablo de Lara [Wed, 4 Oct 2017 03:46:10 +0000 (04:46 +0100)]
app/crypto-perf: overwrite mbuf when verifying

When running the verify test, mbufs in the pool were
populated with the test vector loaded from a file.
To avoid limiting the number of operations to the pool size,
mbufs will be rewritten with the test vector, before
linking them to the crypto operations.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: parse segment size
Pablo de Lara [Wed, 4 Oct 2017 03:46:09 +0000 (04:46 +0100)]
app/crypto-perf: parse segment size

Instead of parsing number of segments, from the command line,
parse segment size, as it is a more usual case to have
the segment size fixed and then different packet sizes
will require different number of segments.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: parse AEAD data from vectors
Pablo de Lara [Wed, 4 Oct 2017 03:46:08 +0000 (04:46 +0100)]
app/crypto-perf: parse AEAD data from vectors

Since DPDK 17.08, there is specific parameters
for AEAD algorithm, like AES-GCM. When verifying
crypto operations with test vectors, the parser
was not reading AEAD data (such as IV or key).

Fixes: 8a5b494a7f99 ("app/test-crypto-perf: add AEAD parameters")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: set AAD after the crypto operation
Pablo de Lara [Wed, 4 Oct 2017 03:46:07 +0000 (04:46 +0100)]
app/crypto-perf: set AAD after the crypto operation

Instead of prepending the AAD (Additional Authenticated Data)
in the mbuf, it is easier to set after the crypto operation,
as it is a read-only value, like the IV, and then it is not
restricted to the size of the mbuf headroom.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agoapp/crypto-perf: refactor common test code
Pablo de Lara [Wed, 4 Oct 2017 03:46:06 +0000 (04:46 +0100)]
app/crypto-perf: refactor common test code

Currently, there is some duplication in all the test types,
in the crypto performance application.

In order to improve maintainability of this code,
and ease future work on it, common functions have been separated
in a different file that gets included in all the tests.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agocryptodev: add function to retrieve device name
Pablo de Lara [Tue, 3 Oct 2017 02:32:54 +0000 (03:32 +0100)]
cryptodev: add function to retrieve device name

Currently, in order to get the name of a crypto device,
a user needs to access to it using the crypto device structure.

It is a better practise to have a function to retrieve this
name, given a device id.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
7 years agoapp/crypto-perf: fix packet length check
Pablo de Lara [Thu, 5 Oct 2017 05:28:00 +0000 (06:28 +0100)]
app/crypto-perf: fix packet length check

When using DES-CBC, packet size has to be multiple
of 8 bytes, but if a list of packets is provided.
the check was not correct.

Fixes: fc4600fb2520 ("app/crypto-perf: add extra option checks")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
7 years agocrypto/openssl: support DES-CBC
Pablo de Lara [Thu, 5 Oct 2017 05:27:59 +0000 (06:27 +0100)]
crypto/openssl: support DES-CBC

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
7 years agocrypto/aesni_mb: support DES
Pablo de Lara [Thu, 5 Oct 2017 05:27:58 +0000 (06:27 +0100)]
crypto/aesni_mb: support DES

The Multi-buffer library now supports DES-CBC
and DES-DOCSISBPI algorithms, so this commit
extends adds support for them in the PMD.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Radu Nicolau <radu.nicolau@intel.com>
7 years agodoc: update IPSec Multi-buffer lib versioning
Pablo de Lara [Thu, 5 Oct 2017 05:27:57 +0000 (06:27 +0100)]
doc: update IPSec Multi-buffer lib versioning

IPSec Multi-buffer library v0.47 has been released,
which includes, among other features, support for DES-CBC
and DES-DOCSIS.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
7 years agotest/crypto: remove crypto perf tests
Pablo de Lara [Wed, 4 Oct 2017 06:48:38 +0000 (07:48 +0100)]
test/crypto: remove crypto perf tests

Since the crypto perf application is flexible enough
to cover all the crypto performance tests, these are not needed
anymore, so they will be removed to avoid duplications.
Besides, the crypto perf application gives the user more options
to get performance, for every single supported algorithm,
such as varying the buffer size as the user wants.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agotest/crypto: fix dpaa2 sec macros and definitions
Akhil Goyal [Thu, 5 Oct 2017 12:50:08 +0000 (18:20 +0530)]
test/crypto: fix dpaa2 sec macros and definitions

Fixes: 7a364faef185 ("cryptodev: remove crypto device type enumeration")

Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
7 years agocrypto/armv8: rename map file to standard name
Bruce Richardson [Thu, 14 Sep 2017 16:02:14 +0000 (17:02 +0100)]
crypto/armv8: rename map file to standard name

Naming convention for crypto drivers is "rte_pmd_<name>_version.map"

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/aesni_mb: rename map file to standard name
Bruce Richardson [Thu, 14 Sep 2017 16:02:13 +0000 (17:02 +0100)]
crypto/aesni_mb: rename map file to standard name

Naming convention for crypto drivers is "rte_pmd_<name>_version.map"

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agoapp/crypto-perf: add new PMD benchmarking mode
Anatoly Burakov [Tue, 12 Sep 2017 09:36:26 +0000 (10:36 +0100)]
app/crypto-perf: add new PMD benchmarking mode

This patch adds a new benchmarking mode, which is intended for
microbenchmarking individual parts of the cryptodev framework,
specifically crypto ops alloc-build-free, cryptodev PMD enqueue
and cryptodev PMD dequeue.

It works by first benchmarking crypto operation alloc-build-free
loop (no enqueues/dequeues happening), and then benchmarking
enqueue and dequeue separately, by first completely filling up the
TX queue, and then completely draining the RX queue.

Results are shown as cycle counts per alloc/build/free, PMD enqueue
and PMD dequeue.

One new test mode is added: "pmd-cyclecount"
  (called with --ptest=pmd-cyclecount)

New command-line argument is also added:
  --pmd-cyclecount-delay-ms: this is a pmd-cyclecount-specific parameter
      that controls the delay between enqueue and dequeue. This is
      useful for benchmarking hardware acceleration, as hardware may
      not be able to keep up with enqueued packets. This parameter
      can be increased if there are large amounts of dequeue
      retries.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
7 years agoapp/crypto-perf: add nb-desc parameter
Anatoly Burakov [Tue, 12 Sep 2017 09:36:25 +0000 (10:36 +0100)]
app/crypto-perf: add nb-desc parameter

This parameter makes number of cryptodev descriptors adjustable
and defaults to earlier hardcoded default of 2048.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
7 years agocrypto/qat: enable Tx tail writes coalescing
Anatoly Burakov [Tue, 12 Sep 2017 09:31:18 +0000 (10:31 +0100)]
crypto/qat: enable Tx tail writes coalescing

Don't write CSR tail until we processed enough TX descriptors.

To avoid crypto operations sitting in the TX ring indefinitely,
the "force write" threshold is used:
 - on TX, no tail write coalescing will occur if number of inflights
   is below force write threshold
 - on RX, check if we have a number of crypto ops enqueued that is
   below force write threshold that are not yet submitted to
   processing.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
7 years agocrypto/qat: enable Rx head writes coalescing
Anatoly Burakov [Tue, 12 Sep 2017 09:31:17 +0000 (10:31 +0100)]
crypto/qat: enable Rx head writes coalescing

Don't write CSR head until we processed enough RX descriptors.
Also delay marking them as free until we are writing CSR head.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
7 years agocrypto/qat: remove atomics
Anatoly Burakov [Tue, 12 Sep 2017 09:31:16 +0000 (10:31 +0100)]
crypto/qat: remove atomics

Replacing atomics in the QAT driver with simple 16-bit integers for
number of inflight packets.

This adds a new limitation to the QAT driver: each queue pair is
now explicitly single-threaded.

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
7 years agocrypto/aesni_mb: fix invalid session error
Sergio Gonzalez Monroy [Thu, 7 Sep 2017 11:50:36 +0000 (12:50 +0100)]
crypto/aesni_mb: fix invalid session error

Setting an invalid session in the crypto op results in SEGFAULT because
the JOB user_data was never set to the crypto op.

Fixes: 0f548b50a160 ("crypto/aesni_mb: process crypto op on dequeue")
Cc: stable@dpdk.org
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
7 years agotest/crypto: do not allocate extra memory for digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:07 +0000 (03:20 +0100)]
test/crypto: do not allocate extra memory for digest

Now that PMDs do not need extra space in the mbuf
to store temporarily the digest when verifying
an authentication tag, it is not required to allocate
more memory in the mbufs passed to cryptodev.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/aesni_mb: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:06 +0000 (03:20 +0100)]
crypto/aesni_mb: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/zuc: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:05 +0000 (03:20 +0100)]
crypto/zuc: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/snow3g: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:04 +0000 (03:20 +0100)]
crypto/snow3g: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/kasumi: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:03 +0000 (03:20 +0100)]
crypto/kasumi: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/openssl: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:02 +0000 (03:20 +0100)]
crypto/openssl: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/armv8: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:01 +0000 (03:20 +0100)]
crypto/armv8: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocrypto/aesni_gcm: do not append digest
Pablo de Lara [Tue, 5 Sep 2017 02:20:00 +0000 (03:20 +0100)]
crypto/aesni_gcm: do not append digest

When performing an authentication verification,
the PMD was using memory at the end of the input buffer,
to store temporarily the digest.
This operation requires the buffer to have enough
tailroom unnecessarily.
Instead, memory is allocated for each queue pair, to store
temporarily the digest generated by the driver, so it can
be compared with the one provided in the crypto operation,
without needing to touch the input buffer.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
7 years agocryptodev: allocate driver structure statically
Pablo de Lara [Wed, 16 Aug 2017 02:41:51 +0000 (03:41 +0100)]
cryptodev: allocate driver structure statically

When register a crypto driver, a cryptodev driver
structure was being allocated, using malloc.
Since this call may fail, it is safer to allocate
this memory statically in each PMD, so driver registration
will never fail.

Coverity issue: 158645
Fixes: 7a364faef185 ("cryptodev: remove crypto device type enumeration")

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
7 years agocrypto/aesni_gcm: fix zero data operation
Pablo de Lara [Mon, 14 Aug 2017 00:45:21 +0000 (01:45 +0100)]
crypto/aesni_gcm: fix zero data operation

When data length passed to the PMD was zero,
the PMD was trying to get more data from a non-existent
next segment.

Fixes: 9c2a5775c028 ("crypto/aesni_gcm: migrate from MB library to ISA-L")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
7 years agocrypto/openssl: update key and algo during session init
Akhil Goyal [Tue, 5 Sep 2017 05:57:49 +0000 (11:27 +0530)]
crypto/openssl: update key and algo during session init

Key and algo are added in the openssl ctx during
session initialization instead of adding it for
each packet, since it remains constant for that session,
improving the performance.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
7 years agocrypto/openssl: replace evp APIs with HMAC APIs
Akhil Goyal [Tue, 5 Sep 2017 05:57:48 +0000 (11:27 +0530)]
crypto/openssl: replace evp APIs with HMAC APIs

in case of HMAC the openssl APIs HMAC_XXX give
better performance for all HMAC cases as compared with
EVP_XXX

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Reviewed-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
7 years agoapp/crypto-perf: fix uninitialized errno value
Hemant Agrawal [Tue, 5 Sep 2017 06:17:01 +0000 (11:47 +0530)]
app/crypto-perf: fix uninitialized errno value

errno should be initialized to 0 before calling strtol

Fixes: f6cefe253cc8 ("app/crypto-perf: add range/list of sizes")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
7 years agoexamples/l2fwd-crypto: fix uninitialized errno value
Hemant Agrawal [Wed, 23 Aug 2017 12:24:03 +0000 (17:54 +0530)]
examples/l2fwd-crypto: fix uninitialized errno value

errno should be initialized to 0 before calling strtol

Fixes: 1df9c0109f4c ("examples/l2fwd-crypto: parse key parameters")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Reviewed-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
7 years agomempool/dpaa2: improve error handling
Hemant Agrawal [Tue, 10 Oct 2017 14:12:03 +0000 (19:42 +0530)]
mempool/dpaa2: improve error handling

Reverting the config on encountering errors.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
7 years agomempool: remove get capability debug log
Hemant Agrawal [Tue, 10 Oct 2017 14:17:11 +0000 (19:47 +0530)]
mempool: remove get capability debug log

This is not required to be printed for every mempool call.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Reviewed-by: Santosh Shukla <santosh.shukla@caviumnetworks.com>
7 years agoapp/testpmd: remove unnecessary cast
Zhiyong Yang [Wed, 11 Oct 2017 06:59:50 +0000 (14:59 +0800)]
app/testpmd: remove unnecessary cast

Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
7 years agonet/ixgbe: fix uninitialized variable
Yong Wang [Tue, 19 Sep 2017 03:17:24 +0000 (23:17 -0400)]
net/ixgbe: fix uninitialized variable

In func ixgbe_dev_link_update(), "link.link_autoneg" is used in func
call rte_ixgbe_dev_atomic_write_link_status(), but is uninitialized.

Fixes: 82113036e4e5 ("ethdev: redesign link speed config")
Cc: stable@dpdk.org
Signed-off-by: Yong Wang <wang.yong19@zte.com.cn>
Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
7 years agoethdev: revert use port name from device structure
Ferruh Yigit [Fri, 22 Sep 2017 11:30:07 +0000 (12:30 +0100)]
ethdev: revert use port name from device structure

This reverts commit a1e7c17555e8f77d520ba5f06ed26c00e77a2bd1.

Original commit assumes there is 1:1 mapping between physical device and
ethdev port, so that device name can be used per port instead of ethdev
name field.

But one physical device may have multiple ethdev ports and each port
needs its own unique name.

One issue reported here:
http://dpdk.org/ml/archives/users/2017-September/002484.html

So reverting back the commit to continue using ethdev name field per
port.

Fixes: a1e7c17555e8 ("ethdev: use device name from device structure")
Cc: stable@dpdk.org
Reported-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
7 years agoapp/testpmd: add commands for RSS queue region
Wei Zhao [Wed, 11 Oct 2017 08:55:33 +0000 (16:55 +0800)]
app/testpmd: add commands for RSS queue region

This patch add a API configuration of queue region in rss.
It can parse the parameters of region index, queue number,
queue start index, user priority, traffic classes and so on.
According to commands from command line, it will call i40e
private API and start the process of set or flush queue region
configure. As this feature is specific for i40e, so private API
will be used. Aslo add a document for these new commands.
Queue region only support PF by now, so this document is
only for configuration of queue region on PF port.

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
7 years agonet/i40e: support queue region set and flush
Wei Zhao [Wed, 11 Oct 2017 08:55:32 +0000 (16:55 +0800)]
net/i40e: support queue region set and flush

This feature enable queue regions configuration for RSS in PF,
so that different traffic classes or different packet
classification types can be separated to different queues in
different queue regions.This patch can set queue region range,
it include queue number in a region and the index of first queue.
This patch enable mapping between different priorities (UP) and
different traffic classes.It also enable mapping between a region
index and a sepcific flowtype(PCTYPE).It also provide the solution
of flush all configuration about queue region the above described.

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
7 years agonet/liquidio: support promiscuous mode
Intiyaz Basha [Wed, 11 Oct 2017 07:47:47 +0000 (13:17 +0530)]
net/liquidio: support promiscuous mode

Signed-off-by: Intiyaz Basha <intiyaz.basha@caviumnetworks.com>
Signed-off-by: Shijith Thotton <shijith.thotton@caviumnetworks.com>
7 years agonet/ixgbe: fix VFIO interrupt mapping in VF
Wei Dai [Thu, 28 Sep 2017 02:28:33 +0000 (10:28 +0800)]
net/ixgbe: fix VFIO interrupt mapping in VF

When a VF port is bound to VFIO-PIC, only miscellaneous interrupt
is mapped to VFIO vector 0 in eth_ixgbevf_dev_init( ).
In ixgbevf_dev_start(), if previous VFIO interrupt mapping set in
eth_ixgbevf_dev_init( ) is not cleard, it will fail when calling
rte_intr_enable( ) tries to map Rx queue interrupt to other VFIO
vectors. This patch clears the VFIO interrupt mappings before
setting both miscellaneous and Rx queue interrupt mappings again
to avoid failure.

Fixes: 77234603fba0 ("net/ixgbe: support VF mailbox interrupt for link up/down")
Cc: stable@dpdk.org
Signed-off-by: Wei Dai <wei.dai@intel.com>
Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
Tested-by: Jianwei Ma <jianwei.ma@intel.com>
7 years agonet/ixgbe: fix Rx queue interrupt mapping in VF
Wei Dai [Wed, 20 Sep 2017 10:18:13 +0000 (18:18 +0800)]
net/ixgbe: fix Rx queue interrupt mapping in VF

When a VF port is bound to VFIO-PCI, miscellaneous interrupt is
mapped to MSI-X vector 0 and Rx queues interrupt are mapped to
other vectors in vfio_enable_msix( ). To simplify implementation,
all VFIO-PCI bound ixgbe VF Rx queue interrupts can be mapped in
vector 1. And as current igb_uio only support only one vector,
ixgbe VF PMD should use vector 0 for igb_uio and vector 1 for
VFIO-PCI. Without this patch, VF Rx queue interrupt is mapped
to vector 0 in register settings and mapped to VFIO vector 1
in vfio_enable_msix( ), and then all Rx queue interrupts will
be missed.

Fixes: b13bfab4cdbe ("eal: reserve VFIO vector zero for misc interrupt")
Cc: stable@dpdk.org
Signed-off-by: Wei Dai <wei.dai@intel.com>
Acked-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
Tested-by: Jianwei Ma <jianwei.ma@intel.com>