dpdk.git
4 years agodoc: fix project version in guides
Thomas Monjalon [Fri, 16 Oct 2020 02:45:59 +0000 (04:45 +0200)]
doc: fix project version in guides

The DPDK version should appear in the top left corner of the HTML guides.
When dropping make, the variable version has been removed,
so Sphinx stopped integrating the version number.

Fixes: a4362f150204 ("doc: build without using make")

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
4 years agocrypto/bcmfs: fix features documentation
Vikas Gupta [Fri, 16 Oct 2020 04:49:44 +0000 (10:19 +0530)]
crypto/bcmfs: fix features documentation

Fix documentation error in bcmfs.ini.
Add a section for asymmetric algorithms.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
4 years agobus/pci: clear undefined bits in Windows segment parsing
Tal Shnaiderman [Wed, 14 Oct 2020 19:30:01 +0000 (22:30 +0300)]
bus/pci: clear undefined bits in Windows segment parsing

When reading bus and segment values using SPDRP_BUSNUMBER
bits 24-31 are undefined.

They are cleared to verify we read the segment number correctly.

Fixes: c3adf8144a17 ("bus/pci: support segment as address domain on Windows")
Cc: stable@dpdk.org
Signed-off-by: Tal Shnaiderman <talshn@nvidia.com>
Acked-by: Ranjit Menon <ranjit.menon@intel.com>
Acked-by: Narcisa Vasile <navasile@linux.microsoft.com>
4 years agoeal: add cache line demotion API
Omkar Maslekar [Thu, 15 Oct 2020 23:20:03 +0000 (16:20 -0700)]
eal: add cache line demotion API

rte_cldemote is similar to a prefetch hint - in reverse.
On x86, cldemote(addr) enables software to hint to hardware that line is
likely to be shared. This is quite useful in core-to-core communications
where cache-line is likely to be shared.
ARM and PPC implementation is provided with NOP and can be added if any
equivalent instructions could be used for implementation on those
architectures.

Signed-off-by: Omkar Maslekar <omkar.maslekar@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: David Christensen <drc@linux.vnet.ibm.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
4 years agodevtools: check Windows export files
David Marchand [Fri, 16 Oct 2020 10:27:11 +0000 (12:27 +0200)]
devtools: check Windows export files

Updating export files (supposed to disappear at some point, but still
there) might be missed when removing symbols in the API / map files.
Add a check for this case.

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
4 years agoeal/windows: fix symbol export
David Marchand [Fri, 16 Oct 2020 10:27:10 +0000 (12:27 +0200)]
eal/windows: fix symbol export

The incriminated commit forgot to clean the Windows export file.

Fixes: 3cd73a1a1c4d ("eal: simplify exit functions")

Signed-off-by: David Marchand <david.marchand@redhat.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
4 years agotest/service: fix race condition on stopping lcore
Kevin Laatz [Fri, 16 Oct 2020 09:08:04 +0000 (10:08 +0100)]
test/service: fix race condition on stopping lcore

There is a potential race condition in 'service_attr_get' which will cause
test failures since the service core thread is still running while the
values are being retrieved/reset.

This patch fixes the race condition by waiting for the service core thread
to stop before continuing with the unit test checks.

Fixes: 4d55194d76a4 ("service: add attribute get function")

Signed-off-by: Kevin Laatz <kevin.laatz@intel.com>
Acked-by: Harry van Haaren <harry.van.haaren@intel.com>
4 years agoeventdev: add PCI probe named convenience function
Timothy McDaniel [Thu, 15 Oct 2020 14:16:46 +0000 (09:16 -0500)]
eventdev: add PCI probe named convenience function

Add new internal wrapper function for use by pci drivers as a
.probe function to attach to an event interface.  Same as
rte_event_pmd_pci_probe, except the caller can specify the name.

Updated rte_event_pmd_pci_probe so as to not duplicate
code.

Signed-off-by: Timothy McDaniel <timothy.mcdaniel@intel.com>
Reviewed-by: Gage Eads <gage.eads@intel.com>
4 years agoeventdev: express DLB/DLB2 PMD constraints
Timothy McDaniel [Thu, 15 Oct 2020 18:07:15 +0000 (13:07 -0500)]
eventdev: express DLB/DLB2 PMD constraints

This commit implements the eventdev ABI changes required by
the DLB/DLB2 PMDs.  Several data structures and constants are modified
or added in this patch, thereby requiring modifications to the
dependent apps and examples.

The DLB/DLB2 hardware does not conform exactly to the eventdev interface.
1) It has a limit on the number of queues that may be linked to a port.
2) Some ports a further restricted to a maximum of 1 linked queue.
3) DLB does not have the ability to carry the flow_id as part
   of the event (QE) payload. Note that the DLB2 hardware is capable of
   carrying the flow_id.

Following is a detailed description of the changes that have been made.

1) Add new fields to the rte_event_dev_info struct. These fields allow
the device to advertise its capabilities so that applications can take
the appropriate actions based on those capabilities.

    struct rte_event_dev_info {
uint32_t max_event_port_links;
/**< Maximum number of queues that can be linked to a single event
 * port by this device.
 */

uint8_t max_single_link_event_port_queue_pairs;
/**< Maximum number of event ports and queues that are optimized for
 * (and only capable of) single-link configurations supported by this
 * device. These ports and queues are not accounted for in
 * max_event_ports or max_event_queues.
 */
    }

2) Add a new field to the rte_event_dev_config struct. This field allows
the application to specify how many of its ports are limited to a single
link, or will be used in single link mode.

    /** Event device configuration structure */
    struct rte_event_dev_config {
uint8_t nb_single_link_event_port_queues;
/**< Number of event ports and queues that will be singly-linked to
 * each other. These are a subset of the overall event ports and
 * queues; this value cannot exceed *nb_event_ports* or
 * *nb_event_queues*. If the device has ports and queues that are
 * optimized for single-link usage, this field is a hint for how many
 * to allocate; otherwise, regular event ports and queues can be used.
 */
    }

3) Replace the dedicated implicit_release_disabled field with a bit field
of explicit port capabilities. The implicit_release_disable functionality
is assigned to one bit, and a port-is-single-link-only  attribute is
assigned to other, with the remaining bits available for future assignment.

* Event port configuration bitmap flags */
#define RTE_EVENT_PORT_CFG_DISABLE_IMPL_REL    (1ULL << 0)
/**< Configure the port not to release outstanding events in
 * rte_event_dev_dequeue_burst(). If set, all events received through
 * the port must be explicitly released with RTE_EVENT_OP_RELEASE or
 * RTE_EVENT_OP_FORWARD. Must be unset if the device is not
 * RTE_EVENT_DEV_CAP_IMPLICIT_RELEASE_DISABLE capable.
 */
#define RTE_EVENT_PORT_CFG_SINGLE_LINK         (1ULL << 1)

/**< This event port links only to a single event queue.
 *
 *  @see rte_event_port_setup(), rte_event_port_link()
 */

#define RTE_EVENT_PORT_ATTR_IMPLICIT_RELEASE_DISABLE 3
/**
 * The implicit release disable attribute of the port
 */

struct rte_event_port_conf {
uint32_t event_port_cfg;
/**< Port cfg flags(EVENT_PORT_CFG_) */
}

This patch also removes the depreciation notice and announce
the new eventdev ABI changes in release note.

Signed-off-by: Timothy McDaniel <timothy.mcdaniel@intel.com>
Acked-by: Harry van Haaren <harry.van.haaren@intel.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agoevent/sw: improve performance
Radu Nicolau [Wed, 7 Oct 2020 13:51:00 +0000 (13:51 +0000)]
event/sw: improve performance

Add minimum burst throughout the scheduler pipeline and a flush counter.
Use a single threaded ring implementation for the reorder buffer free list.

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Harry van Haaren <harry.van.haaren@intel.com>
4 years agoapp/eventdev: enable fast free offload
Harman Kalra [Thu, 8 Oct 2020 18:48:46 +0000 (00:18 +0530)]
app/eventdev: enable fast free offload

Since we are not holding the mbufs or creating any references
in the app, hence mbuf fast free offload can be enabled.

Signed-off-by: Harman Kalra <hkalra@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agonet/octeontx2: fix jumbo frame crash
Harman Kalra [Thu, 8 Oct 2020 18:48:45 +0000 (00:18 +0530)]
net/octeontx2: fix jumbo frame crash

Issue has been observed in case of multi segments where mbuf
data gets corrupted due to missing barriers. Changes made to
mbuf just before LMTST by one core gets updatded when the
same mbuf is in use by another core, leading to corruption.
It should be ensured that all changes made to mbuf should be
written before LMTST.

Fixes: cbd5710db48d ("net/octeontx2: add Tx multi segment version")
Cc: stable@dpdk.org
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Signed-off-by: Harman Kalra <hkalra@marvell.com>
4 years agoevent/octeontx2: improve single flow performance
Pavan Nikhilesh [Thu, 8 Oct 2020 18:48:44 +0000 (00:18 +0530)]
event/octeontx2: improve single flow performance

Improve single flow performance by moving the point of coherence
to the end of transmit sequence.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agoevent/octeontx2: add switch tag flush operation
Pavan Nikhilesh [Thu, 8 Oct 2020 18:48:43 +0000 (00:18 +0530)]
event/octeontx2: add switch tag flush operation

Add SWTAG flush operation at the end of transmit sequence to
immediately release the tag held by the core.
Reuse Tag address to check SWTAG completion status.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agoevent/octeontx2: add crypto adapter datapath
Ankur Dwivedi [Thu, 8 Oct 2020 10:34:35 +0000 (16:04 +0530)]
event/octeontx2: add crypto adapter datapath

In the op new mode of crypto adapter, the completed crypto operation
is submitted to the event device by the OCTEON TX2 crypto PMD.
During event device dequeue the result of crypto operation is checked.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agoevent/octeontx2: add crypto adapter framework
Ankur Dwivedi [Thu, 8 Oct 2020 10:34:34 +0000 (16:04 +0530)]
event/octeontx2: add crypto adapter framework

The crypto adapter callback functions and associated data structures
are added.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agocrypto/octeontx2: move functions to helper file
Ankur Dwivedi [Thu, 8 Oct 2020 10:34:33 +0000 (16:04 +0530)]
crypto/octeontx2: move functions to helper file

Some functions are common across cryptodev pmd and the event
crypto adapter. This patch moves them into a helper file.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agotest/event: free resources after crypto adapter test
Ankur Dwivedi [Thu, 8 Oct 2020 12:52:34 +0000 (18:22 +0530)]
test/event: free resources after crypto adapter test

The resources held by crypto adapter should be freed when the
test suite exits.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
4 years agotest/event: fix function arguments for crypto adapter
Ankur Dwivedi [Thu, 8 Oct 2020 12:52:33 +0000 (18:22 +0530)]
test/event: fix function arguments for crypto adapter

The arguments passed to rte_event_crypto_adapter_caps_get() and
rte_event_crypto_adapter_create() are incorrect.

In the rte_event_crypto_adapter_caps_get(), event device id should
be the first argument and cryptodev id should be the second argument.
In the rte_event_crypto_adapter_create(), the event device id should
be the second argument.

Fixes: 3c2c535ecfc0 ("test: add event crypto adapter auto-test")
Cc: stable@dpdk.org
Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
4 years agotest/event: check unsupported crypto adapter mode
Ankur Dwivedi [Thu, 8 Oct 2020 12:52:32 +0000 (18:22 +0530)]
test/event: check unsupported crypto adapter mode

The capability of a hardware event device should be checked before
creating a event crypto adapter in a particular mode. The test case
returns error if the mode is not supported.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
4 years agotest/event: add null dev creation in Rx adapter autotest
Jay Jayatheerthan [Sat, 3 Oct 2020 09:05:41 +0000 (14:35 +0530)]
test/event: add null dev creation in Rx adapter autotest

Allows creation of net_null if vdev EAL option is not specified and
uninit vdev created in the test. The change also adds error checks
for vdev init and uninit.

Signed-off-by: Jay Jayatheerthan <jay.jayatheerthan@intel.com>
Reviewed-by: Nikhil Rao <nikhil.rao@intel.com>
4 years agotest/event: uninit vdevs in Rx adapter autotest
Jay Jayatheerthan [Sat, 3 Oct 2020 09:05:40 +0000 (14:35 +0530)]
test/event: uninit vdevs in Rx adapter autotest

adapter_multi_eth_add_del() does vdev init but doesn't uninit them.
This causes issues when running event_eth_rx_adapter_autotest multiple
times.

The fix does vdev uninit before exiting the test.

Signed-off-by: Jay Jayatheerthan <jay.jayatheerthan@intel.com>
Reviewed-by: Nikhil Rao <nikhil.rao@intel.com>
4 years agoeventdev: fix adapter leak in error path
Yunjian Wang [Tue, 29 Sep 2020 13:46:33 +0000 (21:46 +0800)]
eventdev: fix adapter leak in error path

In rte_event_crypto_adapter_create_ext() allocated memory for
adapter, we should free it when error happens, otherwise it
will lead to memory leak.

Fixes: 7901eac3409a ("eventdev: add crypto adapter implementation")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agoevent/dpaa2: fix dereference before null check
Yunjian Wang [Wed, 26 Aug 2020 13:07:40 +0000 (21:07 +0800)]
event/dpaa2: fix dereference before null check

Coverity flags that 'portal' variable is used before
it's checked for NULL. This patch fixes this issue.

Coverity issue: 323516
Fixes: 4ab57b042e7c ("event/dpaa2: affine portal at runtime during I/O")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Nipun Gupta <nipun.gupta@nxp.com>
4 years agoevent/octeontx: validate events requested against available
Pavan Nikhilesh [Tue, 28 Jul 2020 18:22:23 +0000 (23:52 +0530)]
event/octeontx: validate events requested against available

Validate events configured in ssopf against the total number of
events configured across all the RX/TIM event adapters.

Events available to ssopf can be reconfigured by passing the required
amount to kernel bootargs and are only limited by DRAM size.
Example:
ssopf.max_events= 2097152

Cc: stable@dpdk.org
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
4 years agoeventdev: check allocation in Tx adapter
Yunjian Wang [Mon, 27 Jul 2020 14:03:14 +0000 (22:03 +0800)]
eventdev: check allocation in Tx adapter

The function rte_zmalloc() could return NULL, the return value
need to be checked.

Fixes: a3bbf2e09756 ("eventdev: add eth Tx adapter implementation")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Reviewed-by: Nikhil Rao <nikhil.rao@intel.com>
4 years agoeventdev: support telemetry with xstats info
Mike Ximing Chen [Fri, 18 Sep 2020 17:39:22 +0000 (13:39 -0400)]
eventdev: support telemetry with xstats info

The telemetry library is connected with eventdev xstats and
port link info. The following new telemetry commands are added:

/eventdev/dev_list
/eventdev/port_list,DevID
/eventdev/queue_list,DevID
/eventdev/dev_xstats,DevID
/eventdev/port_xstats,DevID,PortID
/eventdev/queue_xstats,DevID,PortID
/eventdev/queue_links,DevID,PortID

queue_links command displays a list of queues linked with a specified
eventdev port and a service priority associated with each link.

Signed-off-by: Mike Ximing Chen <mike.ximing.chen@intel.com>
Reviewed-by: Ciara Power <ciara.power@intel.com>
Reviewed-by: Gage Eads <gage.eads@intel.com>
4 years agoethdev: make flow API thread safe
Suanming Mou [Thu, 15 Oct 2020 01:07:47 +0000 (09:07 +0800)]
ethdev: make flow API thread safe

Currently, the rte_flow functions are not defined as thread safe.
DPDK applications either call the functions in single thread or
protect any concurrent calling for the rte_flow operations using
a lock.

For PMDs support the flow operations thread safe natively, the
redundant protection in application hurts the performance of the
rte_flow operation functions.

And the restriction of thread safe is not guaranteed for the
rte_flow functions also limits the applications' expectation.

This feature is going to change the rte_flow functions to be thread
safe. As different PMDs have different flow operations, some may
support thread safe already and others may not. For PMDs don't
support flow thread safe operation, a new lock is defined in ethdev
in order to protects thread unsafe PMDs from rte_flow level.

A new RTE_ETH_DEV_FLOW_OPS_THREAD_SAFE device flag is added to
determine whether the PMD supports thread safe flow operation or not.
For PMDs support thread safe flow operations, set the
RTE_ETH_DEV_FLOW_OPS_THREAD_SAFE flag, rte_flow level functions will
skip the thread safe helper lock for these PMDs. Again the rte_flow
level thread safe lock only works when PMD operation functions are
not thread safe.

For the PMDs which don't want the default mutex lock, just set the
flag in the PMD, and add the prefer type of lock in the PMD. Then
the default mutex lock is easily replaced by the PMD level lock.

The change has no effect on the current DPDK applications. No change
is required for the current DPDK applications. For the standard posix
pthread_mutex, if no lock contention with the added rte_flow level
mutex, the mutex only does the atomic increasing in
pthread_mutex_lock() and decreasing in
pthread_mutex_unlock(). No futex() syscall will be involved.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Acked-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Ori Kam <orika@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
4 years agoeal/windows: add pthread mutex
Suanming Mou [Thu, 15 Oct 2020 01:07:46 +0000 (09:07 +0800)]
eal/windows: add pthread mutex

Add pthread mutex lock as it is needed for the thread safe rte_flow
functions.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Tested-by: Tal Shnaiderman <talshn@nvidia.com>
Acked-by: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
Acked-by: Ranjit Menon <ranjit.menon@intel.com>
Acked-by: Narcisa Vasile <navasile@linux.microsoft.com>
4 years agombuf: extend meaning of QinQ stripped bit
Somnath Kotur [Tue, 6 Oct 2020 07:22:32 +0000 (09:22 +0200)]
mbuf: extend meaning of QinQ stripped bit

Clarify the documentation of QinQ flags, and extend the meaning of the
flag: if PKT_RX_QINQ_STRIPPED is set and PKT_RX_VLAN_STRIPPED is unset,
only the outer VLAN is removed from packet data, but both tci are saved
in mbuf->vlan_tci (inner) and mbuf->vlan_tci_outer (outer).

Signed-off-by: Somnath Kotur <somnath.kotur@broadcom.com>
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
4 years agocrypto/bcmfs: optimize crypto request processing
Vikas Gupta [Tue, 13 Oct 2020 07:47:13 +0000 (13:17 +0530)]
crypto/bcmfs: optimize crypto request processing

Reduce number of source BDs to submit a request to crypto engine.
This improves the performance as crypto engine fetches all the BDs in
single cycle. Adjust optional metadata (OMD) in continuation of
fixed meta data (FMD).

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
4 years agotest/crypto: add PDCP-SDAP cases
Franck Lenormand [Mon, 12 Oct 2020 14:10:06 +0000 (19:40 +0530)]
test/crypto: add PDCP-SDAP cases

A new functions which uses the structure of the test vectors for SDAP
is added and call a functions responsible to call the test_pdcp_proto
with the test vector both for encapsulation and decapsulation.

Signed-off-by: Franck Lenormand <franck.lenormand@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/crypto: rework PDCP function
Franck Lenormand [Mon, 12 Oct 2020 14:10:05 +0000 (19:40 +0530)]
test/crypto: rework PDCP function

The function test_pdcp_proto was relying to heavily on the structure
of test vectors for PDCP making it difficult to be reusable.

The function is changed to take all the test parameters as input and
does not need access to the tests vectors anymore.

Signed-off-by: Franck Lenormand <franck.lenormand@nxp.com>
4 years agotest/crypto: add test vectors for PDCP-SDAP
Franck Lenormand [Mon, 12 Oct 2020 14:10:04 +0000 (19:40 +0530)]
test/crypto: add test vectors for PDCP-SDAP

The test vectors are structured in a more readable way compared
to test vector for PDCP. This structure allows to have all the
information about a test vector at the same place.

Signed-off-by: Franck Lenormand <franck.lenormand@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa_sec: enable PDCP-SDAP sessions
Akhil Goyal [Mon, 12 Oct 2020 14:10:03 +0000 (19:40 +0530)]
crypto/dpaa_sec: enable PDCP-SDAP sessions

Based on the new field in PDCP xform, a decision is made
to create a PDCP session with or without SDAP enabled.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa2_sec: enable PDCP-SDAP sessions
Akhil Goyal [Mon, 12 Oct 2020 14:10:02 +0000 (19:40 +0530)]
crypto/dpaa2_sec: enable PDCP-SDAP sessions

Based on the new field in PDCP xform, a decision is made
to create a PDCP session with or without SDAP enabled.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agodoc: remove unnecessary API code from security guide
Akhil Goyal [Mon, 12 Oct 2020 14:10:01 +0000 (19:40 +0530)]
doc: remove unnecessary API code from security guide

Various xform structures are being copied in
rte_security guide which can be referred from the
API documentation generated by Doxygen. The security guide
does not talk about specific details of these xforms and
thus are removed from the security guide.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agosecurity: modify PDCP xform to support SDAP
Akhil Goyal [Mon, 12 Oct 2020 14:10:00 +0000 (19:40 +0530)]
security: modify PDCP xform to support SDAP

The SDAP is a protocol in the LTE stack on top of PDCP for
QOS. A particular PDCP session may or may not have
SDAP enabled. But if it is enabled, SDAP header should be
authenticated but not encrypted if both confidentiality and
integrity is enabled. Hence, the driver should be intimated
from the xform so that it skip the SDAP header while encryption.

A new field is added in the PDCP xform to specify SDAP is enabled.
The overall size of the xform is not changed, as hfn_ovrd is just
a flag and does not need uint32. Hence, it is converted to uint8_t
and a 16 bit reserved field is added for future.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
4 years agocommon/dpaax/caamflib: support PDCP-SDAP
Franck Lenormand [Mon, 12 Oct 2020 14:09:59 +0000 (19:39 +0530)]
common/dpaax/caamflib: support PDCP-SDAP

The SDAP is a protocol in the LTE stack on top of PDCP. It is
dedicated to QoS.

The difficulty of implementing this protocol is because the
PDCP change behavior regarding encryption and authentication
of the SDU it receives. In effect PDCP shall not encrypt the
SDAP SDU but must authenticate it (when encryption and
authentication is enabled).

The current version of SEC does not support the SDAP and the
change of behavior of PDCP prevent the use of the PDCP
protocol command available.

The way to do it is to reuse the PDCP implementation but to
not use the PDCP protocol and to have descriptors which
performs the PDCP protocol.

It is implemented by doing small changes of code:
        #ifdef SDAP_SUPPORT
                length += SDAP_BYTE_SIZE;
                offset -= SDAP_BYTE_SIZE;
        #endif
after having computed the size of the SN to read from the
input data, then
        #ifdef SDAP_SUPPORT
                MATHI(p, MATH0, LSHIFT, 8, MATH1, 8, 0);
                MATHB(p, MATH1, AND, sn_mask, MATH1, 8, IFB | IMMED2);
        #else
                MATHB(p, MATH0, AND, sn_mask, MATH1, 8, IFB | IMMED2);
        #endif
It will keep the SN and the SDAP header in MATH0, then shift
it to remove the SDAP header and store the result in MATH1.

Signed-off-by: Franck Lenormand <franck.lenormand@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocryptodev: remove algo lists end
Arek Kusztal [Mon, 12 Oct 2020 19:21:24 +0000 (20:21 +0100)]
cryptodev: remove algo lists end

This patch removes enumerators RTE_CRYPTO_CIPHER_LIST_END,
RTE_CRYPTO_AUTH_LIST_END, RTE_CRYPTO_AEAD_LIST_END to prevent
ABI breakage that may arise when adding new crypto algorithms.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/event_crypto_adapter: fix configuration
Abhinandan Gujjar [Thu, 17 Sep 2020 01:14:35 +0000 (06:44 +0530)]
test/event_crypto_adapter: fix configuration

This patch updates the xform with right configuration.
For session based ops, sym session pool is created with
valid userdata size.

Fixes: 24054e3640a2 ("test/crypto: use separate session mempools")
Cc: stable@dpdk.org
Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/crypto: add cases for raw datapath API
Fan Zhang [Sun, 11 Oct 2020 00:38:54 +0000 (01:38 +0100)]
test/crypto: add cases for raw datapath API

This patch adds the cryptodev raw API test support to unit test.
In addition a new test-case for QAT PMD for the test type is
enabled.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/qat: support raw datapath API
Fan Zhang [Sun, 11 Oct 2020 00:38:53 +0000 (01:38 +0100)]
crypto/qat: support raw datapath API

This patch updates QAT PMD to add raw data-path API support.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
4 years agocryptodev: add raw crypto datapath API
Fan Zhang [Sun, 11 Oct 2020 00:38:52 +0000 (01:38 +0100)]
cryptodev: add raw crypto datapath API

This patch adds raw data-path APIs for enqueue and dequeue
operations to cryptodev. The APIs support flexible user-define
enqueue and dequeue behaviors.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocryptodev: change crypto symmetric vector structure
Fan Zhang [Sun, 11 Oct 2020 00:38:51 +0000 (01:38 +0100)]
cryptodev: change crypto symmetric vector structure

This patch updates ``rte_crypto_sym_vec`` structure to add
support for both cpu_crypto synchronous operation and
asynchronous raw data-path APIs. The patch also includes
AESNI-MB and AESNI-GCM PMD changes, unit test changes and
documentation updates.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/aesni_mb: support AES-CCM-256
Pablo de Lara [Fri, 9 Oct 2020 12:18:59 +0000 (12:18 +0000)]
crypto/aesni_mb: support AES-CCM-256

This patch adds support for AES-CCM-256 when using AESNI-MB

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agocrypto/aesni_mb: support Chacha20-Poly1305
Pablo de Lara [Fri, 9 Oct 2020 12:05:21 +0000 (12:05 +0000)]
crypto/aesni_mb: support Chacha20-Poly1305

Add support for Chacha20-Poly1305 AEAD algorithm.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agocrypto/aesni_mb: fix GCM digest size check
Pablo de Lara [Fri, 9 Oct 2020 12:05:20 +0000 (12:05 +0000)]
crypto/aesni_mb: fix GCM digest size check

GCM digest sizes should be between 1 and 16 bytes.

Fixes: 7b2d4706c90e ("crypto/aesni_mb: support newer library version only")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agocrypto/aesni_mb: fix CCM digest size check
Pablo de Lara [Fri, 9 Oct 2020 12:05:19 +0000 (12:05 +0000)]
crypto/aesni_mb: fix CCM digest size check

Digest size for CCM was being checked for other algorithms
apart from CCM.

Fixes: c4c0c312a823 ("crypto/aesni_mb: check for invalid digest size")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agotest/crypto: add GMAC SGL
Pablo de Lara [Mon, 12 Oct 2020 11:30:00 +0000 (11:30 +0000)]
test/crypto: add GMAC SGL

Add Scatter-Gather List tests for AES-GMAC.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agocrypto/aesni_gcm: support SGL on AES-GMAC
Pablo de Lara [Mon, 12 Oct 2020 11:29:59 +0000 (11:29 +0000)]
crypto/aesni_gcm: support SGL on AES-GMAC

Add Scatter-gather list support for AES-GMAC.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tested-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
4 years agoexamples/fips_validation: update GCM test
Fan Zhang [Fri, 9 Oct 2020 20:08:22 +0000 (21:08 +0100)]
examples/fips_validation: update GCM test

This patch updates fips validation GCM test capabilities:

- In NIST GCMVS spec GMAC test vectors are the GCM ones with
plaintext length as 0 and uses AAD as input data. Originally
fips_validation tests treats them both as GCM test vectors.
This patch introduce automatic test type recognition between
the two: when plaintext length is 0 the prepare_gmac_xform
and prepare_auth_op functions are called, otherwise
prepare_gcm_xform and prepare_aead_op functions are called.

- NIST GCMVS also specified externally or internally IV
generation. When IV is to be generated by IUT internally IUT
shall store the generated IV in the response file. This patch
also adds the support to that.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Weqaar Janjua <weqaar.a.janjua@intel.com>
Acked-by: John Griffin <john.griffin@intel.com>
4 years agoexamples/fips_validation: support scatter gather list
Fan Zhang [Fri, 9 Oct 2020 20:08:21 +0000 (21:08 +0100)]
examples/fips_validation: support scatter gather list

This patch adds SGL support to FIPS sample application.
Originally the application allocates single mbuf of 64KB - 1
bytes data room. With the change the user may reduce the
mbuf dataroom size by using the add cmdline option. If the
input test data is longer than the user provided data room
size the application will automatically build chained mbufs
for the target cryptodev PMD to test.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: John Griffin <john.griffin@intel.com>
4 years agocrypto/mvsam: remove algo lists end
Michael Shamis [Wed, 30 Sep 2020 08:01:57 +0000 (11:01 +0300)]
crypto/mvsam: remove algo lists end

Remove enumerators RTE_CRYPTO_CIPHER_LIST_END,
RTE_CRYPTO_AUTH_LIST_END, RTE_CRYPTO_AEAD_LIST_END to prevent
ABI breakages that may arise when adding new crypto algorithms.

Signed-off-by: Michael Shamis <michaelsh@marvell.com>
4 years agocrypto/armv8: remove algo lists end
Ruifeng Wang [Fri, 18 Sep 2020 05:45:17 +0000 (13:45 +0800)]
crypto/armv8: remove algo lists end

Removed references to RTE_CRYPTO_CIPHER_LIST_END and
RTE_CRYPTO_AUTH_LIST_END to prevent ABI breakages
that may arise when adding new crypto algorithms.

Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Phil Yang <phil.yang@arm.com>
4 years agocrypto/aesni_mb: fix security session clearing
David Coyle [Tue, 6 Oct 2020 11:40:21 +0000 (12:40 +0100)]
crypto/aesni_mb: fix security session clearing

When destroying a security session, the AESNI-MB PMD attempted to clear
the private aesni_mb session object to remove any key material. However,
the function aesni_mb_pmd_sec_sess_destroy() cleared the security session
object instead of the private session object.

This patch fixes this issue by now clearing the private session object.

Fixes: fda5216fba55 ("crypto/aesni_mb: support DOCSIS protocol")
Cc: stable@dpdk.org
Signed-off-by: David Coyle <david.coyle@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agocrypto/dpaa2_sec: change descriptor sharing for ERA10
Akhil Goyal [Thu, 3 Sep 2020 17:07:34 +0000 (22:37 +0530)]
crypto/dpaa2_sec: change descriptor sharing for ERA10

In case of LX2160 or SEC ERA 10, share wait has performance
optimizations wrt to ok-to-share signal which allows multiple
DECOs to work together even in case of single queue and single SA.
Hence updated the descriptor sharing only in case of ERA10.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agocrypto/dpaa2_sec: increase max anti-replay window size
Akhil Goyal [Thu, 3 Sep 2020 17:07:33 +0000 (22:37 +0530)]
crypto/dpaa2_sec: increase max anti-replay window size

In case of LX2160 or SEC ERA >= 10, max anti replay window
size supported is 1024. For all other versions of SEC, the
maximum value is capped at 128 even if application gives
more than that.

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Yi Liu <yi.liu@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agocrypto/dpaa2_sec: support non-HMAC auth algo versions
Akhil Goyal [Thu, 3 Sep 2020 16:33:08 +0000 (22:03 +0530)]
crypto/dpaa2_sec: support non-HMAC auth algo versions

added support for non-HMAC for auth algorithms
(SHA1, SHA2, MD5).
Corresponding capabilities are enabled so that test
application can enable those test cases.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa2_sec: support DES-CBC
Akhil Goyal [Thu, 3 Sep 2020 16:33:07 +0000 (22:03 +0530)]
crypto/dpaa2_sec: support DES-CBC

add DES-CBC support for cipher_only, chain and ipsec protocol.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa2_sec: support stats for secondary process
Hemant Agrawal [Thu, 3 Sep 2020 17:17:45 +0000 (22:47 +0530)]
crypto/dpaa2_sec: support stats for secondary process

DPAA2 crypto object access need availability of MCP object
pointer. In case of secondary process, we need to use local
MCP pointer instead of primary process.

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa2_sec: fix stats query without queue pair
Hemant Agrawal [Thu, 3 Sep 2020 17:17:44 +0000 (22:47 +0530)]
crypto/dpaa2_sec: fix stats query without queue pair

dpdk-procinfo calls the crypto stats API, which results segmentation
fault on DPAA2_SEC.
The queue pair array will be NULL, when it is used without
configuring the SEC device.

Fixes: 02f35eee264b ("crypto/dpaa2_sec: support statistics")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agonet/octeontx2: add replay check for inline inbound packets
Ankur Dwivedi [Fri, 18 Sep 2020 11:09:43 +0000 (16:39 +0530)]
net/octeontx2: add replay check for inline inbound packets

The function handling anti replay is added. If replay window
is enabled the rx packets will be validated against the window. The
rx offload fails in case of error.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agonet/octeontx2: support anti-replay for security session
Ankur Dwivedi [Fri, 18 Sep 2020 11:09:42 +0000 (16:39 +0530)]
net/octeontx2: support anti-replay for security session

Initialize the inbound session for anti replay. The replay
window is allocated during session create and freed in session destroy.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agoexamples/fips_validation: fix version compatibility
Archana Muniganti [Wed, 9 Sep 2020 16:26:35 +0000 (21:56 +0530)]
examples/fips_validation: fix version compatibility

Separate out CAVS request file version 21.4 code to support
lower versions.

Fixes: 32440cdf2af9 ("examples/fips_validation: fix parsing of TDES vectors")
Fixes: 2b84d2bd47df ("examples/fips_validation: fix count overwrite for TDES")
Cc: stable@dpdk.org
Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Tested-by: Yu Jiang <yux.jiang@intel.com>
4 years agoexamples/fips_validation: bypass unsupported vectors
Archana Muniganti [Wed, 16 Sep 2020 10:41:51 +0000 (16:11 +0530)]
examples/fips_validation: bypass unsupported vectors

Bypass the test vectors of unsupported crypto transform
for SHA.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
4 years agoexamples/fips_validation: support self-test only
Olivier Matz [Tue, 6 Oct 2020 07:41:43 +0000 (09:41 +0200)]
examples/fips_validation: support self-test only

Make it possible to pass the self-tests when no req path is set.

Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
4 years agoexamples/fips_validation: fix buffer overflow
Olivier Matz [Tue, 6 Oct 2020 07:41:41 +0000 (09:41 +0200)]
examples/fips_validation: fix buffer overflow

If the file name is larger than MAX_STRING_SIZE (64), strcpy()
will overwrite the content of memory.

Replace strcpy() by rte_strscpy(), check its return value, and
increase file_name size to 256.

Fixes: 3d0fad56b74a ("examples/fips_validation: add crypto FIPS application")
Cc: stable@dpdk.org
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
4 years agocryptodev: fix parameter parsing
Haggai Eran [Thu, 8 Oct 2020 19:42:14 +0000 (22:42 +0300)]
cryptodev: fix parameter parsing

The rte_cryptodev_pmd_parse_input_args function crashes with a
segmentation fault when passing a non-empty argument string.

The function passes cryptodev_pmd_valid_params to rte_kvargs_parse,
which accepts a NULL-terminated list of valid keys, yet
cryptodev_pmd_valid_params does not end with NULL. The patch adds the
missing NULL pointer.

Fixes: 9e6edea41805 ("cryptodev: add APIs to assist PMD initialisation")
Cc: stable@dpdk.org
Signed-off-by: Haggai Eran <haggaie@nvidia.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocryptodev: remove v20 ABI compatibility
Adam Dybkowski [Thu, 8 Oct 2020 08:32:22 +0000 (10:32 +0200)]
cryptodev: remove v20 ABI compatibility

This reverts commit a0f0de06d457753c94688d551a6e8659b4d4e041 as the
rte_cryptodev_info_get function versioning was a temporary solution
to maintain ABI compatibility for ChaCha20-Poly1305 and is not
needed in 20.11.

Fixes: a0f0de06d457 ("cryptodev: fix ABI compatibility for ChaCha20-Poly1305")

Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Reviewed-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/crypto: add bcmfs
Vikas Gupta [Wed, 7 Oct 2020 17:19:00 +0000 (22:49 +0530)]
test/crypto: add bcmfs

Add global test suite for bcmfs crypto pmd

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: add crypto HW module
Vikas Gupta [Wed, 7 Oct 2020 17:18:59 +0000 (22:48 +0530)]
crypto/bcmfs: add crypto HW module

Add crypto h/w module to process crypto op. Crypto op is processed via
sym_engine module before submitting the crypto request to HW queues.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: add session handling and capabilities
Vikas Gupta [Wed, 7 Oct 2020 17:18:58 +0000 (22:48 +0530)]
crypto/bcmfs: add session handling and capabilities

Add session handling and capabilities supported by crypto HW
accelerator

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: create a symmetric cryptodev
Vikas Gupta [Wed, 7 Oct 2020 17:18:57 +0000 (22:48 +0530)]
crypto/bcmfs: create a symmetric cryptodev

Create a symmetric crypto device and add supported cryptodev ops.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: add HW queue pair operations
Vikas Gupta [Wed, 7 Oct 2020 17:18:56 +0000 (22:48 +0530)]
crypto/bcmfs: add HW queue pair operations

Add queue pair operations exported by supported devices.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: add queue pair management
Vikas Gupta [Wed, 7 Oct 2020 17:18:55 +0000 (22:48 +0530)]
crypto/bcmfs: add queue pair management

Add queue pair management APIs which will be used by Crypto device to
manage h/w queues. A bcmfs device structure owns multiple queue-pairs
based on the mapped address allocated to it.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: support VFIO
Vikas Gupta [Wed, 7 Oct 2020 17:18:54 +0000 (22:48 +0530)]
crypto/bcmfs: support VFIO

Add VFIO support for BCMFS PMD.
The BCMFS PMD functionality is dependent on the VFIO_PRESENT flag,
which gets enabled in the rte_vfio.h.
If this flag is not enabled in the compiling platform driver will
silently return with error, when executed.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/bcmfs: introduce BCMFS driver
Vikas Gupta [Wed, 7 Oct 2020 17:18:53 +0000 (22:48 +0530)]
crypto/bcmfs: introduce BCMFS driver

Add Broadcom FlexSparc(FS) device creation driver which registers to a
vdev and create a device. Add APIs for logs, supportive documentation and
maintainers file.

Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/aesni_mb: support KASUMI F8/F9
Pablo de Lara [Fri, 9 Oct 2020 11:29:54 +0000 (11:29 +0000)]
crypto/aesni_mb: support KASUMI F8/F9

Add support for KASUMI-F8/F9 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/aesni_mb: support SNOW3G-UEA2/UIA2
Pablo de Lara [Fri, 9 Oct 2020 11:29:53 +0000 (11:29 +0000)]
crypto/aesni_mb: support SNOW3G-UEA2/UIA2

Add support for SNOW3G-UEA2/UIA2 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/aesni_mb: support ZUC-EEA3/EIA3
Pablo de Lara [Fri, 9 Oct 2020 11:29:52 +0000 (11:29 +0000)]
crypto/aesni_mb: support ZUC-EEA3/EIA3

Add support for ZUC-EEA3/EIA3 algorithms through the intel-ipsec-mb
job API, allowing the mix of these algorithms with others.

Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocommon/cpt: check MAC length
Archana Muniganti [Wed, 16 Sep 2020 10:37:00 +0000 (16:07 +0530)]
common/cpt: check MAC length

HMAC/HASH opcode algorithms supports fixed mac length.
Allowed session creation to fail when requested for
unsupported MAC length for HMAC/HASH-only use cases.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
4 years agocommon/cpt: remove useless macros
Archana Muniganti [Wed, 16 Sep 2020 10:36:59 +0000 (16:06 +0530)]
common/cpt: remove useless macros

The macros can be replaced with actual constants.

Signed-off-by: Archana Muniganti <marchana@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/nitrox: support cipher-only operations
Nagadheeraj Rottela [Fri, 9 Oct 2020 05:57:25 +0000 (11:27 +0530)]
crypto/nitrox: support cipher-only operations

This patch adds cipher only crypto operation support.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
4 years agocrypto/nitrox: support AES-GCM
Nagadheeraj Rottela [Fri, 9 Oct 2020 05:57:24 +0000 (11:27 +0530)]
crypto/nitrox: support AES-GCM

This patch adds AES-GCM AEAD algorithm.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
4 years agocrypto/octeontx2: support lookaside IPsec IPv6
Tejasree Kondoj [Fri, 9 Oct 2020 10:03:28 +0000 (15:33 +0530)]
crypto/octeontx2: support lookaside IPsec IPv6

Adding IPv6 tunnel mode support in lookaside IPsec PMD.

Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/octeontx2: check cpt kernel driver version
Tejasree Kondoj [Fri, 31 Jul 2020 13:51:53 +0000 (19:21 +0530)]
crypto/octeontx2: check cpt kernel driver version

This patch checks if cpt pmd is compatible with kernel
cpt driver.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
4 years agocommon/octeontx2: sync cpt mailbox
Tejasree Kondoj [Fri, 31 Jul 2020 13:51:52 +0000 (19:21 +0530)]
common/octeontx2: sync cpt mailbox

This patch syncs the pmd mailbox with the cpt pf driver.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Anoob Joseph <anoobj@marvell.com>
4 years agotest/crypto: replace armv8 test suite
Ruifeng Wang [Mon, 31 Aug 2020 08:51:45 +0000 (16:51 +0800)]
test/crypto: replace armv8 test suite

Switched from device specific test suite to unified
cryptodev test suite. Removed the armv8 device specific test suite.

Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/armv8: fix mempool object returning
Ruifeng Wang [Mon, 31 Aug 2020 08:51:44 +0000 (16:51 +0800)]
crypto/armv8: fix mempool object returning

Crypto session and device session private data were put back
to wrong pools.
This caused data corruption when the object was reallocated and used.
Because objects from different mempools have different element size,
and wrong mempool info caused out of bound write.
Fix the issue by putting back objects to correct mempools.

Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions")
Fixes: 725d2a7fbf71 ("cryptodev: change queue pair configure structure")
Cc: stable@dpdk.org
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/crypto: fix stats test
Ruifeng Wang [Mon, 31 Aug 2020 08:51:43 +0000 (16:51 +0800)]
test/crypto: fix stats test

ut_setup / ut_teardown are invoked for each test case by test framework.
The call inside test_stats is unnecessary and even incorrect.
This caused double free of objects such as crypto operation structure.
Trapped the issue when RTE_LIBRTE_MEMPOOL_DEBUG was enabled.
Fix issue by removing ut_setup / ut_teardown from test case implementation.

Fixes: 202d375c60bc ("app/test: add cryptodev unit and performance tests")
Cc: stable@dpdk.org
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
Tested-by: Adam Dybkowski <adamx.dybkowski@intel.com>
4 years agocrypto/aesni_mb: support AES-ECB
Marcel Cornu [Fri, 11 Sep 2020 15:49:26 +0000 (16:49 +0100)]
crypto/aesni_mb: support AES-ECB

This patch adds AES-ECB 128, 192 and 256 support to the aesni_mb PMD.
AES-ECB 128, 192 and 256 test vectors added to cryptodev tests.

Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
4 years agobaseband/turbo_sw: detect dependencies automatically
Nicolas Chautru [Fri, 4 Sep 2020 01:05:35 +0000 (18:05 -0700)]
baseband/turbo_sw: detect dependencies automatically

The meson for the turbo_sw PMD is updated to prevent the
requirement for any device specific toplevel flags to be
passed down (unlike what used to be the case with make).
The linking to the optional libraries is purely auto
detected at build time and flags are then set appropriately.

Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
4 years agodoc: update bbdev guide
Nicolas Chautru [Thu, 20 Aug 2020 20:58:00 +0000 (13:58 -0700)]
doc: update bbdev guide

Clarify the capability assumptions for LLR and HARQ
compression format.
Correct one historical typo.

Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Acked-by: Aidan Goddard <aidan.goddard@accelercomm.com>
4 years agobaseband/fpga_lte_fec: fix crash with debug
Maxime Coquelin [Tue, 6 Oct 2020 10:04:21 +0000 (12:04 +0200)]
baseband/fpga_lte_fec: fix crash with debug

When RTE_LIBRTE_BBDEV_DEBUG is enabled, rte_device's driver
pointer is dereferenced twice in fpga_lte_fec's probe callback.
It causes a segmentation fault because this pointer is only
assigned after probe callback call.

This patch makes use of rte_pci_driver pointer instead

Fixes: efd453698c49 ("baseband/fpga_lte_fec: add driver for FEC on FPGA")
Cc: stable@dpdk.org
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Nicolas Chautru <nicolas.chautru@intel.com>
4 years agobaseband/fpga_5gnr_fec: fix crash with debug
Maxime Coquelin [Tue, 6 Oct 2020 10:04:20 +0000 (12:04 +0200)]
baseband/fpga_5gnr_fec: fix crash with debug

When RTE_LIBRTE_BBDEV_DEBUG is enabled, rte_device's driver
pointer is dereferenced twice in fpga_5gnr_fec's probe callback.
It causes a segmentation fault because this pointer is only
assigned after probe callback call.

This patch makes use of rte_pci_driver pointer instead.

Fixes: 0b5927cbcba7 ("baseband/fpga_5gnr_fec: add PMD for FPGA 5GNR FEC")
Cc: stable@dpdk.org
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Nicolas Chautru <nicolas.chautru@intel.com>
4 years agoapp/bbdev: fix test vector symlink
Nicolas Chautru [Wed, 9 Sep 2020 21:15:51 +0000 (14:15 -0700)]
app/bbdev: fix test vector symlink

5G DL default symlink was pointing to a 4G vector.

Fixes: d762705308c4 ("app/bbdev: add test vectors for 5GNR")
Cc: stable@dpdk.org
Signed-off-by: Nicolas Chautru <nicolas.chautru@intel.com>
Acked-by: Aidan Goddard <aidan.goddard@accelercomm.com>
Acked-by: Dave Burley <dave.burley@accelercomm.com>
Acked-by: Liu Tianjiao <tianjiao.liu@intel.com>
4 years agocrypto/scheduler: rename slave to worker
Adam Dybkowski [Mon, 28 Sep 2020 14:16:33 +0000 (16:16 +0200)]
crypto/scheduler: rename slave to worker

This patch replaces the usage of the word 'slave' with more
appropriate word 'worker' in QAT PMD and Scheduler PMD
as well as in their docs. Also the test app was modified
to use the new wording.

The Scheduler PMD's public API was modified according to the
previous deprecation notice:
rte_cryptodev_scheduler_slave_attach is now called
rte_cryptodev_scheduler_worker_attach,
rte_cryptodev_scheduler_slave_detach is
rte_cryptodev_scheduler_worker_detach,
rte_cryptodev_scheduler_slaves_get is
rte_cryptodev_scheduler_workers_get.

Also, the configuration value RTE_CRYPTODEV_SCHEDULER_MAX_NB_SLAVES
was renamed to RTE_CRYPTODEV_SCHEDULER_MAX_NB_WORKERS.

Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/dpaa_sec: fix a null pointer dereference
Yunjian Wang [Sat, 5 Sep 2020 10:26:02 +0000 (18:26 +0800)]
crypto/dpaa_sec: fix a null pointer dereference

This patch fixes a null pointer dereference after null check detected by
coverity scan.

Coverity issue: 349904
Fixes: 6a0c9d364afc ("crypto/dpaax_sec: support HFN override")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agotest/crypto: replace NITROX PMD specific test suite
Nagadheeraj Rottela [Thu, 24 Sep 2020 13:04:12 +0000 (18:34 +0530)]
test/crypto: replace NITROX PMD specific test suite

Replace NITROX PMD specific tests with generic test suite.

Signed-off-by: Nagadheeraj Rottela <rnagadheeraj@marvell.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>