dpdk.git
4 years agonet/hinic: fix queues resource free
Xiaoyun Wang [Thu, 14 May 2020 09:29:16 +0000 (17:29 +0800)]
net/hinic: fix queues resource free

Adds tx_queues and rx_queues non-null judgment before free tx or
rx resources, because some app may set tx_queues or rx_queues to
be null before call free resource interfaces, which may cause
a segfault.

Fixes: 64727024d2fd ("net/hinic: add device initialization")
Cc: stable@dpdk.org
Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
4 years agonet/vmxnet3: handle bad host framing
Stephen Hemminger [Tue, 12 May 2020 20:40:03 +0000 (13:40 -0700)]
net/vmxnet3: handle bad host framing

The VMXNet3 protocol has a start-of-packet (SOP) and end-of-packet (EOP)
marker. If there was a bug where mbuf arrived without SOP the code that
chains the mbuf would dereference a null pointer.
Also, record any mbuf's dropped in statistics.

Although did the initial code no longer have access to VMware.
Compile tested only!

Coverity issue: 124563
Fixes: 8ee787ce80a8 ("vmxnet3: remove asserts that confuse coverity")
Cc: stable@dpdk.org
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Yong Wang <yongwang@vmware.com>
4 years agodoc: remove limitation for mlx5 TSO over VM
Raslan Darawsheh [Wed, 13 May 2020 11:00:31 +0000 (14:00 +0300)]
doc: remove limitation for mlx5 TSO over VM

Removing the current limitation for TSO over VM
due to the fact that mlx5 currently support it.

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Acked-by: Asaf Penso <asafp@mellanox.com>
4 years agonet/mlx5: fix VLAN flow action with wildcard VLAN item
Dekel Peled [Wed, 13 May 2020 19:49:19 +0000 (22:49 +0300)]
net/mlx5: fix VLAN flow action with wildcard VLAN item

Previous patch added support of VLAN item without VLAN ID value,
i.e. using wildcard VLAN item, to match VLAN with any VLAN ID.
The implication on VLAN actions was not taken into consideration.
VLAN actions (e.g. push vlan) use the VLAN ID value in the VLAN item,
and expect it to be valid.

This patch updates function flow_dev_get_vlan_info_from_items() to
check the VLAN item contents before trying to use it.

Fixes: 92818d839e8e ("net/mlx5: fix match on empty VLAN item in DV mode")
Cc: stable@dpdk.org
Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
4 years agonet/mlx5: fix flow counter container resize
Matan Azrad [Tue, 12 May 2020 12:52:13 +0000 (12:52 +0000)]
net/mlx5: fix flow counter container resize

The design of counter container resize used double buffer algorithm in
order to synchronize between the query thread to the control thread.
When the control thread detected resize need, it created new bigger
buffer for the counter pools in a new container and change the container
index atomically.
In case the query thread had not detect the previous resize before a new
one need was detected by the control thread, the control thread returned
EAGAIN to the flow creation API used a COUNT action.

The rte_flow API doesn't allow unblocked commands and doesn't expect to
get EAGAIN error type.

So, when a lot of flows were created between 2 different periodic
queries, 2 different resizes might try to be created and caused EAGAIN
error.
This behavior may blame flow creations.

Change the synchronization way to use lock instead of double buffer
algorithm.

The critical section of this lock is very small, so flow insertion
rate should not be decreased.

Fixes: ebbac312e448 ("net/mlx5: resize a full counter container")
Cc: stable@dpdk.org
Signed-off-by: Matan Azrad <matan@mellanox.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
4 years agodoc: add required Linux capabilities in mlx5 guide
Thomas Monjalon [Mon, 2 Mar 2020 23:08:53 +0000 (00:08 +0100)]
doc: add required Linux capabilities in mlx5 guide

If running DPDK as non-root, some extra capabilities may be required.
The Mellanox devices, using a bifurcated model with Linux drivers,
have some specific requirements summarized in mlx5 PMD guide.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Reviewed-by: Raslan Darawsheh <rasland@mellanox.com>
4 years agonet/qede: fix link state configuration
Rasesh Mody [Thu, 14 May 2020 04:09:02 +0000 (21:09 -0700)]
net/qede: fix link state configuration

Move link state enable/disable to dev_start() and dev_stop()
respectively. This will ensure when devices are stopped,
link status will be appropriately shown as down.

Fixes: dd28bc8c6ef4 ("net/qede: fix VF port creation sequence")
Cc: stable@dpdk.org
Signed-off-by: Shahed Shaikh <shshaikh@marvell.com>
Signed-off-by: Rasesh Mody <rmody@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
4 years agonet/i40e: fix RSS rule creation with L2 payload
Shougang Wang [Thu, 7 May 2020 09:44:01 +0000 (09:44 +0000)]
net/i40e: fix RSS rule creation with L2 payload

This patch fixes the issue that failed to create an RSS rule with type
L2-payload.

Fixes: feaae285b342 ("net/i40e: support hash configuration in RSS flow")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Tested-by: Hailin Xu <hailinx.xu@intel.com>
Reviewed-by: Jeff Guo <jia.guo@intel.com>
4 years agonet/iavf: fix RSS algorithm configuration
Jeff Guo [Wed, 13 May 2020 20:21:28 +0000 (16:21 -0400)]
net/iavf: fix RSS algorithm configuration

When configure RSS rule, the etherdev rss hash function type should be
mapped to the corresponding virtchnl rss algorithm type.

Fixes: 7be10c3004be ("net/iavf: add RSS configuration for VF")

Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
4 years agocommon/iavf: fix RSS algorithm type
Jeff Guo [Wed, 13 May 2020 20:21:27 +0000 (16:21 -0400)]
common/iavf: fix RSS algorithm type

A typo need to be fixed for Simple XOR algorithm configuration.

Fixes: 57094d594324 ("common/iavf: support advanced RSS input set change")

Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/bnxt: support 200G link speed
Kalesh AP [Wed, 13 May 2020 04:51:25 +0000 (10:21 +0530)]
net/bnxt: support 200G link speed

When the driver is loaded on a 200G NIC, the port speed is not
displayed correctly. Parse the 200G speed before displaying it.

Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Somnath Kotur <somnath.kotur@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
4 years agocommon/mlx5: disable relaxed ordering in unsuitable CPUs
Shiri Kuzin [Tue, 12 May 2020 12:21:46 +0000 (15:21 +0300)]
common/mlx5: disable relaxed ordering in unsuitable CPUs

Relaxed ordering is a PCI optimization that enables reordering
reads/writes in order to improve performance.

Relaxed ordering was enabled for all processors causing
a degradation in performance in Haswell and Broadwell processors
that don't support this optimization.

In order to avoid that we check if the processor is Haswell
or Broadwell and if so we disable relaxed ordering.

Signed-off-by: Shiri Kuzin <shirik@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agocommon/mlx5: fix relaxed ordering count object
Shiri Kuzin [Tue, 12 May 2020 12:21:45 +0000 (15:21 +0300)]
common/mlx5: fix relaxed ordering count object

In order to improve performance relaxed ordering was enabled
when creating count object using Devx.

Currently rte enables this optimization by default when using
Devx.

This causes an issue when using firmware that does not have this
capability causing a count object failure.

In order to fix this issue a check of firmware capabilities was
added before enabling relaxed ordering.

Fixes: 53ac93f71ad1 ("net/mlx5: create relaxed ordering memory regions")

Signed-off-by: Shiri Kuzin <shirik@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agocommon/mlx5: fix relaxed ordering support detection
Shiri Kuzin [Tue, 12 May 2020 12:21:44 +0000 (15:21 +0300)]
common/mlx5: fix relaxed ordering support detection

Relaxed ordering is a PCI optimization that allows reordering
of reads/writes in order to improve performance.

In order to enable this optimization only when relaxed ordering
is supported, it is checked if IBV_ACCESS_RELAXED_ORDERING is
defined in verbs.h.

Since IBV_ACCESS_RELAXED_ORDERING is an enum and not
defined relaxed ordering wasn't enabled even when supported.

This issue is fixed by using AUTOCONF to check if relaxed
ordering is supported and disabling only if it isn't.

Fixes: 53ac93f71ad1 ("net/mlx5: create relaxed ordering memory regions")

Signed-off-by: Shiri Kuzin <shirik@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/i40e: fix flow director MAC rule creation
Shougang Wang [Wed, 13 May 2020 02:54:50 +0000 (02:54 +0000)]
net/i40e: fix flow director MAC rule creation

This patch fixes the issue that the flow which both source MAC mask
and destination MAC mask are all zeros can not be created.

Fixes: ea0c22fd8227 ("net/i40e: enable MAC address as flow director input set")

Signed-off-by: Shougang Wang <shougangx.wang@intel.com>
Tested-by: Hailin Xu <hailinx.xu@intel.com>
Reviewed-by: Jeff Guo <jia.guo@intel.com>
4 years agonet/ixgbe: fix statistics in flow control mode
Guinan Sun [Tue, 12 May 2020 08:13:06 +0000 (08:13 +0000)]
net/ixgbe: fix statistics in flow control mode

The register autoneg can't be updated synchronously with flow control
mode setting in the state of port start, so NIC statistics error occurs.
AUTO_NEG Advt register should be updated by ixgbe_setup_fc() when
enabling flow control.
The patch fixes the issue.

Fixes: a524f550da6e ("net/ixgbe: fix flow control mode setting")
Cc: stable@dpdk.org
Signed-off-by: Guinan Sun <guinanx.sun@intel.com>
Reviewed-by: Wei Zhao <wei.zhao1@intel.com>
4 years agocommon/mlx5: fix umem buffer alignment
Dekel Peled [Mon, 11 May 2020 10:02:45 +0000 (13:02 +0300)]
common/mlx5: fix umem buffer alignment

The value MLX5_WQE_BUF_ALIGNMENT is defined as 512.
In some cases this alignment size is not adequate, which results in
memory registration that is not accepted by FW.
The result error can be "page_offset is not aligned to page_size/64,
bad umem_offset" (syndrome 0x357275).

This patch updates the definition to match the running system.

Fixes: 18a68e046b51 ("net/mlx5: fix DevX Rx queue memory alignment")
Cc: stable@dpdk.org
Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx5: prefer DevX API to create Rx objects
Dekel Peled [Sun, 10 May 2020 11:18:32 +0000 (14:18 +0300)]
net/mlx5: prefer DevX API to create Rx objects

Currently, DevX API is used to create Rx objects (RQ, RQT, TIR) only
if LRO or hairpin features are enabled on this RQ.

This patch uses DevX API by default, if DevX is supported and can be
used. Otherwise, Verbs API is used.

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agocommon/mlx5: remove DevX dependency on Verbs and DV
Ophir Munk [Thu, 7 May 2020 11:31:13 +0000 (11:31 +0000)]
common/mlx5: remove DevX dependency on Verbs and DV

File mlx5_devx_cmds.c should contain pure DevX calls. It must be OS
agnostic and not include any references to ibv or dv structs (defined in
ibverbs and rdma-core linux libraries).  This commit replaces all ibv
and dv references with 'void *'.  Specifically, the following struct
were replaced:
1. struct ibv_context *
2. struct ibv_qp *
3. struct mlx5dv_devx_cmd_comp *

Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agocommon/mlx5: mark internal symbols
Ophir Munk [Thu, 7 May 2020 11:31:12 +0000 (11:31 +0000)]
common/mlx5: mark internal symbols

Move mlx5 symbols in the map file to the INTERNAL section and add
__internal tags to their definitions.
Those symbols were exported in 20.02 and now (20.05) they are removed.
Avoid ABI comparison issues between 20.05/20.08 and 20.02 by adding the
suppress_file directive to libabigail.abignore file. This directive will
prevent loading mlx5 common symbols and no comparison will be performed.

In addition move symbols from the EXPERIMENTAL section to the INTERNAL
section.

Fixes: 7b4f1e6bd367 ("common/mlx5: introduce common library")

Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agodoc: fix multicast filter feature announcement
Qiming Yang [Fri, 8 May 2020 14:04:09 +0000 (22:04 +0800)]
doc: fix multicast filter feature announcement

Multicast MAC filter flag means device ops set_mc_addr_list support
or not. This patch fixes the wrong flag value in Intel driver's document.

Fixes: 9db3f52126fb ("doc: generate NIC overview table from ini files")
Fixes: cb25d4323fbf ("net/avf: enable MAC VLAN and promisc ops")
Fixes: 26e887343321 ("net/ice: support MAC ops")
Cc: stable@dpdk.org
Signed-off-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/iavf: remove useless assignment in Rx
Leyi Rong [Mon, 11 May 2020 08:36:55 +0000 (16:36 +0800)]
net/iavf: remove useless assignment in Rx

Fix coverity defects of unused value.

Coverity issue: 357745, 357769
Fixes: b8b4c54ef9b0 ("net/iavf: support flexible Rx descriptor in normal path")

Signed-off-by: Leyi Rong <leyi.rong@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/igc: fix boundary checks for RSS
Alvin Zhang [Fri, 8 May 2020 08:54:37 +0000 (16:54 +0800)]
net/igc: fix boundary checks for RSS

Fix some out-of-bounds memory issues, they may lead to wrong results
or affect application stability.

Coverity issue: 357759, 357713
Fixes: bd3fcf0d0fa1 ("net/igc: support RSS")

Signed-off-by: Alvin Zhang <alvinx.zhang@intel.com>
Reviewed-by: Jeff Guo <jia.guo@intel.com>
4 years agonet/e1000: fix port hotplug for multi-process
Alvin Zhang [Wed, 29 Apr 2020 06:37:24 +0000 (14:37 +0800)]
net/e1000: fix port hotplug for multi-process

Enable detach device on secondary process.

Fixes: b9eee2cb8c29 ("e1000: support port hotplug")
Cc: stable@dpdk.org
Signed-off-by: Alvin Zhang <alvinx.zhang@intel.com>
Tested-by: Jianwei Mei <jianweix.mei@intel.com>
Reviewed-by: Jeff Guo <jia.guo@intel.com>
4 years agodoc: fix build issue in ABI guide
Raslan Darawsheh [Tue, 19 May 2020 07:36:53 +0000 (10:36 +0300)]
doc: fix build issue in ABI guide

doc/guides/contributing/abi_versioning.rst:416:
 ERROR: Error in "code-block" directive:
1 argument(s) required, 0 supplied.

.. code-block::

   use_function_versioning = true

Fixes: 45a4103e680d ("doc: fix default symbol binding in ABI guide")

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Acked-by: David Marchand <david.marchand@redhat.com>
4 years agoeal: fix C++17 compilation
Stephen Hemminger [Fri, 8 May 2020 23:25:05 +0000 (16:25 -0700)]
eal: fix C++17 compilation

Compiling a C++ application that includes directly or indirectly
rte_common.h will cause a warning:

include/rte_common.h:350:37: warning: ISO C++17 does not allow
  ‘register’ storage class specifier [-Wregister]
 rte_combine32ms1b(register uint32_t x)

C++ is pickier than standard C and flags this antique usage.

The register keyword is an old K&R legacy and should be removed
everywhere in DPDK. For now, fix it where it hurts.

Fixes: 08f683174e94 ("eal: add functions for previous power of 2 alignment")
Cc: stable@dpdk.org
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
4 years agocompat: provide experimental alias for matured ABI
Ferruh Yigit [Fri, 15 May 2020 15:01:53 +0000 (16:01 +0100)]
compat: provide experimental alias for matured ABI

On v20.02 some APIs matured and symbols moved from EXPERIMENTAL to
DPDK_20.0.1 block.

This had the affect of breaking the applications that were using these
APIs on v19.11. Although there is no modification of the APIs and the
action is positive and matures the APIs, the affect can be negative to
applications.

When a maintainer is promoting an API to become part of the next major
ABI version by removing the experimental tag. The maintainer may
choose to offer an alias to the experimental tag, to prevent these
breakages in future.

The following changes are made to enabling aliasing:

Updated to the ABI policy and ABI versioning documents.

Created VERSION_SYMBOL_EXPERIMENTAL helper macro.

Updated the 'check-symbols.sh' tool, which was complaining that the
symbol is in EXPERIMENTAL tag in .map file but it is not in the
.experimental section (__rte_experimental tag is missing).
Updated tool in a way it won't complain if the symbol in the
EXPERIMENTAL tag duplicated in some other block in .map file (versioned)

Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
4 years agodoc: fix default symbol binding in ABI guide
Ray Kinsella [Wed, 6 May 2020 15:41:05 +0000 (16:41 +0100)]
doc: fix default symbol binding in ABI guide

The document abi_versioning.rst incorrectly instructs the developer to
add BIND_DEFAULT_SYMBOL to the public header, not the source file. This
commit fixes the issue and adds some clarifications.

The commit also clarifies the use of use_function_versioning in the
meson/ninja build system, and does some minor re-organization of the
document.

Fixes: f1ef9794f9bd ("doc: add ABI guidelines")
Cc: stable@dpdk.org
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
4 years agodoc: add reason for three-part ABI versioning
Ray Kinsella [Tue, 5 May 2020 08:56:48 +0000 (09:56 +0100)]
doc: add reason for three-part ABI versioning

Clarify the reasons behind the three part version numbering scheme.
Documents the fixes made in f26c2b3.

Fixes: f26c2b39b271 ("build: fix soname info for 19.11 compatibility")
Cc: stable@dpdk.org
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
4 years agodoc: add RCU defer queue API in release notes
Honnappa Nagarahalli [Wed, 6 May 2020 03:54:15 +0000 (22:54 -0500)]
doc: add RCU defer queue API in release notes

Added a note about RCU defer queue APIs.

Signed-off-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
4 years agodoc: fix LTO config option
Matteo Croce [Tue, 12 May 2020 19:48:56 +0000 (21:48 +0200)]
doc: fix LTO config option

The documentation says that CONFIG_ENABLE_LTO enables LTO during the
build, but the correct value actually is CONFIG_RTE_ENABLE_LTO.

Fixes: 098cc0fea3be ("build: add option to enable LTO")
Cc: stable@dpdk.org
Signed-off-by: Matteo Croce <mcroce@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
Acked-by: Andrzej Ostruszka <aostruszka@marvell.com>
4 years agomempool/octeontx2: mark internal symbols
Pavan Nikhilesh [Wed, 13 May 2020 09:55:57 +0000 (15:25 +0530)]
mempool/octeontx2: mark internal symbols

Move the internal symbols to INTERNAL sections so that any
change in them is not reported as ABI breakage.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: David Marchand <david.marchand@redhat.com>
4 years agocommon/octeontx2: mark internal symbols
Pavan Nikhilesh [Wed, 13 May 2020 09:55:56 +0000 (15:25 +0530)]
common/octeontx2: mark internal symbols

Move the internal symbols to INTERNAL sections so that any
change in them is not reported as ABI breakage.

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: David Marchand <david.marchand@redhat.com>
4 years agovhost: fix potential fd leak
Xuan Ding [Mon, 18 May 2020 13:17:04 +0000 (14:17 +0100)]
vhost: fix potential fd leak

Vhost will create temporary file when receiving VHOST_USER_GET_INFLIGHT_FD
message. Malicious guest can send endless this message to drain out the
resource of host.

When receiving VHOST_USER_GET_INFLIGHT_FD message repeatedly, closing the
file created during the last handling of this message.

CVE-2020-10726
Fixes: d87f1a1cb7b666550 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org
Signed-off-by: Xuan Ding <xuan.ding@intel.com>
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
4 years agovhost: fix potential memory space leak
Xiaolong Ye [Mon, 18 May 2020 13:17:03 +0000 (14:17 +0100)]
vhost: fix potential memory space leak

A malicious container which has direct access to the vhost-user socket
can keep sending VHOST_USER_GET_INFLIGHT_FD messages which may cause
leaking resources until resulting a DOS. Fix it by unmapping the
dev->inflight_info->addr before assigning new mapped addr to it.

CVE-2020-10726
Fixes: d87f1a1cb7b6 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
4 years agovhost: fix translated address not checked
Marvin Liu [Mon, 18 May 2020 13:17:02 +0000 (14:17 +0100)]
vhost: fix translated address not checked

Malicious guest can construct desc with invalid address and zero buffer
length. That will request vhost to check both translated address and
translated data length. This patch will add missed address check.

CVE-2020-10725
Fixes: 75ed51697820 ("vhost: add packed ring batch dequeue")
Fixes: ef861692c398 ("vhost: add packed ring batch enqueue")
Cc: stable@dpdk.org
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
4 years agovhost/crypto: validate keys lengths
Maxime Coquelin [Mon, 18 May 2020 13:17:01 +0000 (14:17 +0100)]
vhost/crypto: validate keys lengths

transform_cipher_param() and transform_chain_param() handle
the payload data for the VHOST_USER_CRYPTO_CREATE_SESS
message. These payloads have to be validated, since it
could come from untrusted sources.

Two buffers and their lengths are defined in this payload,
one the the auth key and one for the cipher key. But above
functions do not validate the key length inputs, which could
lead to read out of bounds, as buffers have static sizes of
64 bytes for the cipher key and 512 bytes for the auth key.

This patch adds necessary checks on the key length field
before being used.

CVE-2020-10724
Fixes: e80a98708166 ("vhost/crypto: add session message handler")
Cc: stable@dpdk.org
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
4 years agovhost: fix vring index check
Maxime Coquelin [Mon, 18 May 2020 13:17:00 +0000 (14:17 +0100)]
vhost: fix vring index check

vhost_user_check_and_alloc_queue_pair() is used to extract
a vring index from a payload. This function validates the
index and is called early on in when performing message
handling. Most message handlers depend on it correctly
validating the vring index.

Depending on the message type the vring index is in
different parts of the payload. The function contains a
switch/case for each type and copies the index. This is
stored in a uint16. This index is then validated. Depending
on the message, the source index is an unsigned int. If
integer truncation occurs (uint->uint16) the top 16 bits
of the index are never validated.

When they are used later on  (e.g. in
vhost_user_set_vring_num() or vhost_user_set_vring_addr())
it can lead to out of bound indexing. The out of bound
indexed data gets written to, and hence this can cause
memory corruption.

This patch fixes this vulnerability by declaring vring
index as an unsigned int in
vhost_user_check_and_alloc_queue_pair().

CVE-2020-10723
Fixes: 160cbc815b41 ("vhost: remove a hack on queue allocation")
Cc: stable@dpdk.org
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
4 years agovhost: check log mmap offset and size overflow
Maxime Coquelin [Mon, 18 May 2020 13:16:59 +0000 (14:16 +0100)]
vhost: check log mmap offset and size overflow

vhost_user_set_log_base() is a message handler that is
called to handle the VHOST_USER_SET_LOG_BASE message.
Its payload contains a 64 bit size and offset. Both are
added up and used as a size when calling mmap().

There is no integer overflow check. If an integer overflow
occurs a smaller memory map would be created than
requested. Since the returned mapping is mapped as writable
and used for logging, a memory corruption could occur.

CVE-2020-10722
Fixes: fbc4d248b198 ("vhost: fix offset while mmaping log base address")
Cc: stable@dpdk.org
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
4 years agobuild: disable gcc 10 zero-length-bounds warning
Kevin Traynor [Thu, 14 May 2020 13:18:57 +0000 (14:18 +0100)]
build: disable gcc 10 zero-length-bounds warning

gcc 10 issues warnings about the use of rearm_data marker
from struct rte_mbuf.

e.g.
../drivers/net/enic/enic_rxtx_vec_avx2.c: In function ‘rx_one’:
../drivers/net/enic/enic_rxtx_vec_avx2.c:21:2:
warning:
array subscript 0 is outside the bounds of an interior zero-length array
‘RTE_MARKER64’ {aka ‘long unsigned int[0]’} [-Wzero-length-bounds]
   21 |  *(uint64_t *)&mb->rearm_data = enic->mbuf_initializer;
      |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../lib/librte_mbuf/rte_mbuf.h:45,
                 from ../drivers/net/enic/enic_rxtx_vec_avx2.c:6:
../lib/librte_mbuf/rte_mbuf_core.h:484:15:
note: while referencing ‘rearm_data’
  484 |  RTE_MARKER64 rearm_data;
      |

Disable this warning for gcc 10 in order to allow v20.05 to build
without changes to struct rte_mbuf.

Bugzilla ID: 396
Cc: stable@dpdk.org
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: David Marchand <david.marchand@redhat.com>
4 years agohash: fix gcc 10 maybe-uninitialized warning
Kevin Traynor [Fri, 15 May 2020 14:28:08 +0000 (15:28 +0100)]
hash: fix gcc 10 maybe-uninitialized warning

gcc 10.1.1 reports a warning for the ext_bkt_id variable:

../lib/librte_hash/rte_cuckoo_hash.c:
In function ‘__rte_hash_add_key_with_hash’:
../lib/librte_hash/rte_cuckoo_hash.c:1104:29:
warning: ‘ext_bkt_id’ may be used uninitialized in this function
[-Wmaybe-uninitialized]
 1104 |  (h->buckets_ext[ext_bkt_id - 1]).sig_current[0] = short_sig;
      |                  ~~~~~~~~~~~^~~

The return value of rte_ring_sc_dequeue_elem() is already checked,
but also initialize ext_bkt_id to zero (invalid value) and check
that it also overwritten.

Fixes: fbfe568103b0 ("hash: use 32-bit elements rings to save memory")
Cc: stable@dpdk.org
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Acked-by: Yipeng Wang <yipeng1.wang@intel.com>
4 years agocrypto/virtio: enable OOP feature flag
Jay Zhou [Fri, 15 May 2020 09:31:27 +0000 (17:31 +0800)]
crypto/virtio: enable OOP feature flag

Since it will check the feature mask before running out-of-place
test cases and the virtio-crypto device supports OOP_LB_IN_LB_OUT mode.

Signed-off-by: Jay Zhou <jianjay.zhou@huawei.com>
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/octeontx: improve symmetric session-less path
Anoob Joseph [Sat, 16 May 2020 09:26:58 +0000 (14:56 +0530)]
crypto/octeontx: improve symmetric session-less path

Cleanup sessionless code path and improve error handling.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/octeontx: enable non-byte aligned data
Ankur Dwivedi [Sat, 16 May 2020 09:26:57 +0000 (14:56 +0530)]
crypto/octeontx: enable non-byte aligned data

The OCTEON TX crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/octeontx2: improve symmetric session algos check
Anoob Joseph [Sat, 16 May 2020 09:26:56 +0000 (14:56 +0530)]
crypto/octeontx2: improve symmetric session algos check

Session configure should return -ENOTSUP in case of unsupported xform
requests. Moving the validation of combinations out of cpt, as the
feature support will not be same across OCTEON TX and OCTEON TX2.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/octeontx2: enable non-byte aligned data
Ankur Dwivedi [Sat, 16 May 2020 09:26:55 +0000 (14:56 +0530)]
crypto/octeontx2: enable non-byte aligned data

The OCTEON TX2 crypto PMD supports non-byte aligned data as
input for SNOW and ZUC algos. Adding the same to the feature list.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
4 years agonet/octeontx2: update max packet length for inline IPsec
Tejasree Kondoj [Sat, 16 May 2020 09:26:54 +0000 (14:56 +0530)]
net/octeontx2: update max packet length for inline IPsec

Update max packet length supported by Inline IPsec Rx to
NIX_MAX_FRS

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
4 years agocommon/octeontx2: fix port ID bound check
Anoob Joseph [Sat, 16 May 2020 09:26:53 +0000 (14:56 +0530)]
common/octeontx2: fix port ID bound check

Fix out of bounds access.

Coverity issue: 354230, 354231
Fixes: f44e71637755 ("net/octeontx2: add security session operations")
Fixes: 3fe4d07d1678 ("crypto/octeontx2: enable CPT to share QP with ethdev")
Cc: stable@dpdk.org
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
4 years agocrypto/caam_jr: fix IRQ functions return type
Yunjian Wang [Thu, 14 May 2020 11:00:07 +0000 (19:00 +0800)]
crypto/caam_jr: fix IRQ functions return type

The caam_jr_enable_irqs() and caam_jr_disable_irqs() methods maybe return a
negative error. So use int instead of uint32_t int the functions.

Fixes: e7a45f3cc245 ("crypto/caam_jr: add UIO specific operations")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Gagandeep Singh <g.singh@nxp.com>
4 years agocrypto/caam_jr: fix check of file descriptors
Yunjian Wang [Thu, 14 May 2020 10:59:55 +0000 (18:59 +0800)]
crypto/caam_jr: fix check of file descriptors

Zero is a valid fd. It will fail to check the fd if the fd is zero.
The "job_ring->uio_fd" is an fd, so define it as "int".

Fixes: e7a45f3cc245 ("crypto/caam_jr: add UIO specific operations")
Fixes: a5e1018d5e67 ("crypto/caam_jr: add routines to configure HW")
Cc: stable@dpdk.org
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Acked-by: Gagandeep Singh <g.singh@nxp.com>
4 years agotest/crypto: fix statistics case
Apeksha Gupta [Fri, 15 May 2020 17:24:22 +0000 (22:54 +0530)]
test/crypto: fix statistics case

The test case - test_stats is directly accessing the
cryptodev and its dev_ops which are internal to library
and should not be used directly by the application.
However, the test case is also missing to check for the
error ENOTSUP. It should skip the case if the API returns
ENOTSUP. This patch fixes these two issues.

Fixes: 202d375c60bc ("app/test: add cryptodev unit and performance tests")
Cc: stable@dpdk.org
Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agocrypto/qat: add DOCSIS AES-256 to release notes
Mairtin o Loingsigh [Fri, 15 May 2020 10:08:25 +0000 (11:08 +0100)]
crypto/qat: add DOCSIS AES-256 to release notes

Add release notes update for QAT DOCSIS AES-256 support

Fixes: 2aab3ff3d8cf ("crypto/qat: support DOCSIS AES-256")

Signed-off-by: Mairtin o Loingsigh <mairtin.oloingsigh@intel.com>
4 years agodrivers/crypto: fix build with -fno-common
Akhil Goyal [Wed, 13 May 2020 11:50:26 +0000 (17:20 +0530)]
drivers/crypto: fix build with -fno-common

gcc 10 defaults to -fno-common and as a result when linking
with crypto drivers:

drivers/librte_pmd_dpaa_sec.a(crypto_dpaa_sec_dpaa_sec.c.o):
(.bss+0x4): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here

drivers/librte_pmd_dpaa2_sec.a(crypto_dpaa2_sec_dpaa2_sec_dpseci.c.o):
(.data+0x0): multiple definition of `rta_sec_era';
drivers/librte_pmd_caam_jr.a(crypto_caam_jr_caam_jr.c.o):
(.bss+0x0): first defined here

This patch fixes the blunt workaround in the following commit.

Fixes: 50b03f3b8eaf ("drivers/crypto: disable gcc 10 no-common errors")

Bugzilla ID: 469
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Tested-by: Kevin Traynor <ktraynor@redhat.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Ray Kinsella <mdr@ashroe.eu>
4 years agotest/crypto: remove tests for unsupported descriptors
Anoob Joseph [Tue, 12 May 2020 07:12:24 +0000 (12:42 +0530)]
test/crypto: remove tests for unsupported descriptors

Cryptodev doesn't limit the number of descriptors that can be supported
by the PMD.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
4 years agoapp/eventdev: check Tx adapter service ID
Pavan Nikhilesh [Wed, 13 May 2020 20:22:48 +0000 (01:52 +0530)]
app/eventdev: check Tx adapter service ID

Fix unchecked return values reported by coverity.

Coverity issue: 357755
Fixes: 032a965a8f1d ("app/eventdev: support Tx adapter")
Cc: stable@dpdk.org
Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agoevent/dsw: update release notes
Mattias Rönnblom [Mon, 11 May 2020 07:53:14 +0000 (09:53 +0200)]
event/dsw: update release notes

Update release notes with recent DSW event device improvements.

Signed-off-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agoevent/dsw: fix enqueue burst return value
Yuri Chipchev [Wed, 6 May 2020 20:18:37 +0000 (23:18 +0300)]
event/dsw: fix enqueue burst return value

The returned number from rte_event_enqueue_*()
wouldn't include events marked with RTE_EVENT_OP_RELEASE.

Fixes: 1c8e3caa3 ("event/dsw: add event scheduling and device start/stop")
Cc: stable@dpdk.org
Signed-off-by: Yuri Chipchev <yuric@marvell.com>
Reviewed-by: Liron Himi <lironh@marvell.com>
Acked-by: Mattias Rönnblom <mattias.ronnblom@ericsson.com>
4 years agotest/graph: fix memory leaks in performance tests
Pavan Nikhilesh [Wed, 13 May 2020 20:56:00 +0000 (02:26 +0530)]
test/graph: fix memory leaks in performance tests

Fix memory leaks reported by Coverity.

Fixes: 61d77071ab99 ("test/graph: add performance tests")

Signed-off-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agotest/graph: fix memory leaks in functional tests
Kiran Kumar K [Fri, 15 May 2020 07:28:24 +0000 (12:58 +0530)]
test/graph: fix memory leaks in functional tests

Fix memory leaks reported by Coverity.

Fixes: 6b89650418 ("test/graph: add functional tests")

Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agotest/graph: use better randomness
Kiran Kumar K [Fri, 15 May 2020 07:28:24 +0000 (12:58 +0530)]
test/graph: use better randomness

Fix weak crypto issues reported by Coverity.

Fixes: 6b89650418 ("test/graph: add functional tests")

Signed-off-by: Kiran Kumar K <kirankumark@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agonode: fix arm64 build with old gcc
Nithin Dabilpuram [Wed, 13 May 2020 12:06:04 +0000 (17:36 +0530)]
node: fix arm64 build with old gcc

Older GCC(~4) complains about uninitialized 'dip'
var though all the lanes of the vec register are set.
Hence this patch explicitly initializes vec register
to fix the issue.

In file included from ip4_lookup.c:34:0:
ip4_lookup_neon.h: n function ‘ip4_lookup_node_process’: \
ip4_lookup_neon.h:25:12: error: ‘dip’ may be used uninitialized in \
this function [-Werror=maybe-uninitialized]
  int32x4_t dip;
            ^

Fixes: 16df6a2c6671 ("node: add IPv4 lookup for arm64")

Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Nithin Dabilpuram <ndabilpuram@marvell.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
Reviewed-by: Jerin Jacob <jerinj@marvell.com>
4 years agoversion: 20.05-rc2
Thomas Monjalon [Tue, 12 May 2020 02:09:20 +0000 (04:09 +0200)]
version: 20.05-rc2

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
4 years agoexamples: remove extra new line after link duplex
Ivan Dyukov [Thu, 7 May 2020 18:26:02 +0000 (21:26 +0300)]
examples: remove extra new line after link duplex

This patch removes extra 'new line' in few app examples.

Fixes: d3641ae863 ("examples: update link status checks")
Fixes: 387259bd6c ("examples/l2fwd-crypto: add sample application")
Fixes: 4ff457986f ("examples/l2fwd-event: add default poll mode routines")
Fixes: e64833f227 ("examples/l2fwd-keepalive: add sample application")
Fixes: 204896f8d6 ("examples/l2fwd-jobstats: add new example")
Fixes: c8e6ceeceb ("examples/ioat: add new sample app for ioat driver")
Fixes: cc8f4d020c ("examples/ip_reassembly: initial import")
Fixes: d299106e8e ("examples/ipsec-secgw: add IPsec sample application")
Fixes: 39aad0e88c ("examples/flow_distributor: new example to demonstrate EFD")
Fixes: d48415e1fe ("examples/performance-thread: add l3fwd-thread app")
Fixes: 20c78ac9ee ("examples/vm_power_mgr: add port initialisation")
Fixes: 361b2e9559 ("acl: new sample l3fwd-acl")
Fixes: de3cfa2c98 ("sched: initial import")
Fixes: d7937e2e3d ("power: initial import")
Fixes: 3fc5ca2f63 ("kni: initial import")
Cc: stable@dpdk.org
Signed-off-by: Ivan Dyukov <i.dyukov@samsung.com>
4 years agoapp: remove extra new line after link duplex
Ivan Dyukov [Thu, 7 May 2020 18:26:01 +0000 (21:26 +0300)]
app: remove extra new line after link duplex

This is testpmd part of new line cleanup.

Fixes: 002ade70e9 ("app/test: measure cycles per packet in Rx/Tx")
Fixes: ce8d561418 ("app/testpmd: add port configuration settings")
Cc: stable@dpdk.org
Signed-off-by: Ivan Dyukov <i.dyukov@samsung.com>
Acked-by: Andrew Rybchenko <arybchenko@solarflare.com>
4 years agonet/virtio: fix AVX512 datapath selection
Maxime Coquelin [Mon, 11 May 2020 14:47:20 +0000 (16:47 +0200)]
net/virtio: fix AVX512 datapath selection

The AVX512 packed ring datapath selection was only done
at build time, but it should also be checked at runtime
that the CPU supports it.

This patch add a CPU flags check so that non-vectorized
path is selected at runtime if AVX512 is not supported.

Also in meson build enable vectorization only for relevant file, not for
all driver.

Fixes: ccb10995c2ad ("net/virtio: add election for vectorized path")

Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Maxime Coquelin <maxime.coquelin@redhat.com>
4 years agonet/hinic/base: support IPv6 flow rules
Xiaoyun Wang [Sat, 9 May 2020 04:04:16 +0000 (12:04 +0800)]
net/hinic/base: support IPv6 flow rules

The patch supports ipv6 flow rules for BGP or ICMP packets.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
4 years agonet/hinic: fail initialization for not supported device
Xiaoyun Wang [Sat, 9 May 2020 04:04:15 +0000 (12:04 +0800)]
net/hinic: fail initialization for not supported device

If hardware mode for this card does not support nic,
the network features for this card will not be supported
and driver will be initialized failed.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
4 years agonet/hinic: set jumbo frame offload flag
Xiaoyun Wang [Sat, 9 May 2020 04:04:14 +0000 (12:04 +0800)]
net/hinic: set jumbo frame offload flag

The patch adds DEV_RX_OFFLOAD_JUMBO_FRAME flag for jumbo when set mtu.

Signed-off-by: Xiaoyun Wang <cloud.wangxiaoyun@huawei.com>
4 years agonet/mlx5: support match on GTP flags
Dekel Peled [Wed, 6 May 2020 17:13:38 +0000 (20:13 +0300)]
net/mlx5: support match on GTP flags

This patch adds to MLX5 PMD the support of matching on
GTP header item v_pt_rsv_flags.

This item is contained in 1 byte of the format:
-------------------------------------------
| bit   | 0 - 2   | 3  | 4   | 5 | 6 | 7  |
|-----------------------------------------|
| value | Version | PT | Res | E | S | PN |
-------------------------------------------

Matching is supported only for GTP flags E, S, PN.
Therefore values 0 to 7 are supported.

Mask must be set accordingly:
... gtp v_pt_rsv_flags is 1 v_pt_rsv_flags mask 0x07 ...

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx5: fix Tx queue release debug log timing
Alexander Kozyrev [Wed, 6 May 2020 18:10:59 +0000 (18:10 +0000)]
net/mlx5: fix Tx queue release debug log timing

Program received signal SIGSEGV, Segmentation fault.
0x00000000008ef7c4 in mlx5_tx_queue_release (dpdk_txq=0x17ce01680) at
drivers/net/mlx5/mlx5_txq.c:302
301 mlx5_txq_release(ETH_DEV(priv), i);
302 DRV_LOG(DEBUG, "port %u removing Tx queue %u from list",
303         PORT_ID(priv), txq->idx);
The problem is txq is freed inside the mlx5_txq_release() function
and no longer valid in the debug log right after this invocation.
Move the debug log before the mlx5_txq_release() function to fix this.

Fixes: a6d83b6a9209 ("net/mlx5: standardize on negative errno values")
Cc: stable@dpdk.org
Signed-off-by: Alexander Kozyrev <akozyrev@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx4: fix drop queue error handling
Michael Baum [Wed, 6 May 2020 16:27:54 +0000 (16:27 +0000)]
net/mlx4: fix drop queue error handling

The function mlx4_drop_get() creates pointer to a struct mlx4_drop and
if needed allocates by rte_malloc.

If the allocation is failed the function goes to label “error”, and
there does dereference to a null pointer.

Skip resources cleaning when the memory allocation is failed.

Coverity issue: 146206
Coverity issue: 146146
Fixes: d3a7e09234e4 ("net/mlx4: allocate drop flow resources on demand")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx5: fix meter color register consideration
Michael Baum [Wed, 6 May 2020 16:24:06 +0000 (16:24 +0000)]
net/mlx5: fix meter color register consideration

The mlx5_flow_get_reg_id() function translates tag ID to register
from the registers that are supported and available for use. The
user does not know which register is available at a time and therefore
there is an array that represents mapping to the available registers.
Usually the free registers are continuous in the flow_mreg_c array but
sometimes the mtr_color_reg register is between them and it must be
skipped and the next register returned, in which case the function
returns the mapping of the next entity in the array.

When the function reads from the next entity in the array, it does not
check whether such an entity exists and in some situation invalid access
to memory occurs beyond the array boundaries.

So, when all the registers are valid from HW perspective and the meter
color register is not the default, the tag id 5 causes an out of bound
access.

Validate registers availability when meter color register is not the
default.

Coverity issue: 146355
Fixes: 792e749e92d5 ("net/mlx5: fix register usage in meter")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx5: fix matching for UDP tunnels with Verbs
Raslan Darawsheh [Wed, 6 May 2020 06:57:56 +0000 (09:57 +0300)]
net/mlx5: fix matching for UDP tunnels with Verbs

When creating flow rule with zero specs it will cause
matching all UDP packets like following:
 eth / ipv4 / udp / vxlan / end
Such rule will match all udp packets.

This change the behavior to match the dv flow engine
which will automatically set the match on relative
outer UDP port if the user didn't specify any.

Fixes: 84c406e74524 ("net/mlx5: add flow translate function")
Cc: stable@dpdk.org
Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Acked-by: Matan Azrad <matan@mellanox.com>
4 years agonet/mlx5: fix match on empty VLAN item in DV mode
Dekel Peled [Tue, 5 May 2020 12:57:54 +0000 (15:57 +0300)]
net/mlx5: fix match on empty VLAN item in DV mode

In existing implementation, using wild card VLAN item is not allowed.
A VLAN item in flow pattern must include VLAN ID (vid) value.
This obligation contradict the flow API specification [1].

This patch updates the VLAN item validation and translation, to allow
wild card VLAN item, without VLAN ID value.
User guide and release notes are updated accordingly.

[1]
commit 40513808b165 ("doc: refine ethernet and VLAN flow rule items")

Fixes: 00f75a40576b ("net/mlx5: fix VLAN match for DV mode")
Cc: stable@dpdk.org
Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@mellanox.com>
4 years agodoc: remove Intel PMD examples in flow bifurcation guide
Xiaolong Ye [Fri, 8 May 2020 08:48:23 +0000 (16:48 +0800)]
doc: remove Intel PMD examples in flow bifurcation guide

Now this feature is no longer supported by kernel side, (i40e kernel
driver doesn't support it from v2.3.2 and ixgbe kernel driver isn't
guaranteed to support this feature as well in the future), so remove the
Intel PMD examples to avoid confusion.

Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
4 years agonet/ring: fix device pointer on allocation
Gaetan Rivet [Wed, 6 May 2020 18:09:49 +0000 (20:09 +0200)]
net/ring: fix device pointer on allocation

When a net_ring device is allocated, its device pointer is not set
before calling rte_eth_dev_probing_finish, which is incorrect.

The following:
  commit 96cb19521147 ("net/ring: use EAL APIs in PMD specific API")
  commit a6992e961050 ("net/ring: set ethernet device field")

already fixed the same issue in 17.08, which was fine at the time.
Adding the hook rte_eth_dev_probing_finish() however created this bug,
as the eth_dev exposed when this hook is executed is expected to be
complete.

Remove the prior attempts to fix the issue in rte_pmd_ring_probe() and
write the pointer properly in do_eth_dev_ring_create().

Fixes: fbe90cdd776c ("ethdev: add probing finish function")
Cc: stable@dpdk.org
Signed-off-by: Gaetan Rivet <grive@u256.net>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
4 years agonet/tap: fix build for glibc < 2.24
Raslan Darawsheh [Sun, 10 May 2020 12:23:47 +0000 (15:23 +0300)]
net/tap: fix build for glibc < 2.24

When trying to compile with glibc < 2.24 that doesn't
support SOL_NETLINK it will cause compilation failure:

drivers/net/tap/tap_netlink.c:70:17: error:
 'SOL_NETLINK' undeclared (first use in this function)
  setsockopt(fd, SOL_NETLINK, NETLINK_EXT_ACK, &one, sizeof(one));

The glibc commits adds the SOL_NETLINK support:
https://github.com/bminor/glibc/commit/f9b437d5efce93800b51ad2a437c8b1c9

Fixes: 647909bcf34b ("net/tap: use netlink extended ack support")

Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
4 years agonet/octeontx2: fix minimum length to SMQ config
Sunil Kumar Kori [Mon, 11 May 2020 06:21:56 +0000 (11:51 +0530)]
net/octeontx2: fix minimum length to SMQ config

NIX exposes NIX_AF_SMQ(0..511)_CFG to configure minimum length
of the packet which is being used for zero padding if packet is
less than configured value.

Setting it to default minimum length i.e. 60 bytes.

Fixes: ec8ddd4fb1be ("net/octeontx2: restructure TM helper functions")

Signed-off-by: Sunil Kumar Kori <skori@marvell.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
4 years agocommon/octeontx2: upgrade mbox definition to version 7
Jerin Jacob [Thu, 7 May 2020 08:58:07 +0000 (14:28 +0530)]
common/octeontx2: upgrade mbox definition to version 7

Upgrade mailbox definitions to version 0x0007 of kernel AF driver.

Signed-off-by: Jerin Jacob <jerinj@marvell.com>
4 years agonet/bnx2x: add Rx descriptor MTU segment limitation
Rasesh Mody [Tue, 5 May 2020 03:08:12 +0000 (20:08 -0700)]
net/bnx2x: add Rx descriptor MTU segment limitation

Add Rx descriptor limit for number of segments per MTU.
PMD doesn't support Jumbo Rx scatter gather hence set 1 segment per
MTU. Some applications can adjust mbuf_size based on this value.
For others PMD detects the condition where Rx packet length cannot
be held by configured mbuf size and logs the message.

Signed-off-by: Rasesh Mody <rmody@marvell.com>
Signed-off-by: Igor Russkikh <irusskikh@marvell.com>
4 years agonet/ice: fix variable initialization
Qi Zhang [Wed, 6 May 2020 10:43:15 +0000 (18:43 +0800)]
net/ice: fix variable initialization

Fix coverity defect due to uninitialized scalar variable.

Coverity issue: 357763
Fixes: 47d460d63233 ("net/ice: rework switch filter")
Cc: stable@dpdk.org
Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/igc: remove useless log
Alvin Zhang [Thu, 7 May 2020 09:36:36 +0000 (17:36 +0800)]
net/igc: remove useless log

Some log will always be printed when the device is initialized
and shut down, which will mislead users and should be removed.

Fixes: 746664d546fb ("net/igc: support flow API")

Signed-off-by: Alvin Zhang <alvinx.zhang@intel.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/ice/base: fix PPPoE-IPv6 dummy packet
Wei Zhao [Thu, 7 May 2020 01:15:41 +0000 (09:15 +0800)]
net/ice/base: fix PPPoE-IPv6 dummy packet

The dummy packet for pppoe-ipv6 has an error, we should
use 0x3b for next header in ipv6 header in the dummy packet,
or some case can not be download, such as:

"eth / pppoes seid is 3 / pppoe_proto_id is 0x0057 /
end actions vf id 1 / end"

Fixes: 55d61fb27a5e ("net/ice/base: add PPPoE IPv6 dummy packet")

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
Tested-by: Nannan Lu <nannan.lu@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
4 years agonet/iavf: fix flow API error logs
Jeff Guo [Fri, 8 May 2020 20:58:30 +0000 (16:58 -0400)]
net/iavf: fix flow API error logs

When processing a rte flow, such as creating a parse engine, or
creating or destroying a RSS rule, if they are failed, they all
need to construct the flow error structure before return the error
message back to app. If not so, it will cause app crash when
app printing the message out of a flow error.

Fixes: 7be10c3004be ("net/iavf: add RSS configuration for VF")
Fixes: ff2d0c345c3b ("net/iavf: support generic flow API")

Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
4 years agonet/ixgbe: fix link state timing on fiber ports
Phil Yang [Fri, 8 May 2020 10:28:27 +0000 (18:28 +0800)]
net/ixgbe: fix link state timing on fiber ports

In ixgbe_dev_link_update_share(), if the media type is fiber and the
link is down, a flag (IXGBE_FLAG_NEED_LINK_CONFIG) is set. A callback
to ixgbe_dev_setup_link_thread_handler() is scheduled which should
try to set up the link and clear the flag afterwards. This flag works
as a guard variable between threads.

To avoid potential race condition between threads, set the
IXGBE_FLAG_NEED_LINK_CONFIG flag only when there is no link thread
running.

Bugzilla ID: 388
Fixes: 819d0d1d57f1 ("net/ixgbe: fix blocking system events")
Cc: stable@dpdk.org
Signed-off-by: Phil Yang <phil.yang@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Acked-by: Xiaolong Ye <xiaolong.ye@intel.com>
4 years agonet/iavf: fix input set for RSS hash
Jeff Guo [Sat, 9 May 2020 19:29:34 +0000 (15:29 -0400)]
net/iavf: fix input set for RSS hash

Since some specific RSS hash type need to combine with the protocol
hash type when configure a RSS hash rule, so add the corresponding
input set to support these case for iavf hash.

Fixes: 7be10c3004be ("net/iavf: add RSS configuration for VF")

Signed-off-by: Jeff Guo <jia.guo@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
4 years agonet/dpaa2: support additional link speeds
Hemant Agrawal [Fri, 8 May 2020 13:02:11 +0000 (18:32 +0530)]
net/dpaa2: support additional link speeds

This patch adds the support for additional link speed
supported by LX2160A platforms.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agobus/fslmc: fix size of qman fq descriptor
Hemant Agrawal [Fri, 8 May 2020 13:02:10 +0000 (18:32 +0530)]
bus/fslmc: fix size of qman fq descriptor

Correct the qman_fq_desc as per the HW defined size

Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
Cc: stable@dpdk.org
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: fix congestion ID for multiple traffic classes
Jun Yang [Fri, 8 May 2020 13:02:09 +0000 (18:32 +0530)]
net/dpaa2: fix congestion ID for multiple traffic classes

When using a single TC, flow id is same as congestion group id.
However in case of multiple traffic classes, same flow id values
are used within each traffic class, which causes incorrect
traffic behavior e.g. halting of traffic.
This patches changes to use the cgid as the index which works
for single as well as multiple traffic classes.

Fixes: 13b856ac02a8 ("net/dpaa2: support taildrop on frame count basis")
Cc: stable@dpdk.org
Signed-off-by: Jun Yang <jun.yang@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: reduce logs in Rx queue count
Hemant Agrawal [Fri, 8 May 2020 13:02:08 +0000 (18:32 +0530)]
net/dpaa2: reduce logs in Rx queue count

Changing them to DP as it is impacting l3fwd-power apps

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: support UDP destination port based muxing
Nipun Gupta [Fri, 8 May 2020 13:02:07 +0000 (18:32 +0530)]
net/dpaa2: support UDP destination port based muxing

This change adds DPDMUX support to bifurcate traffic on
the basis of UDP destination port.

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agodrivers: enhance DPAA2 portal allocation error logs
Nipun Gupta [Fri, 8 May 2020 13:02:06 +0000 (18:32 +0530)]
drivers: enhance DPAA2 portal allocation error logs

Update the portal allocation failure log to print the thread id
as well.

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: add default Rx/Tx configuration
Hemant Agrawal [Fri, 8 May 2020 13:02:05 +0000 (18:32 +0530)]
net/dpaa2: add default Rx/Tx configuration

This patch adds default/preferred rx/tx params in dev info,
specially the advertised burst size.

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: do not prefetch annotation for physical mode
Nipun Gupta [Fri, 8 May 2020 13:02:04 +0000 (18:32 +0530)]
net/dpaa2: do not prefetch annotation for physical mode

When IOVA is physical address do not prefetch the annotation
of the next frame, as there is a cost involved there to convert
the physical address to virtual address.

Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agonet/dpaa2: fix 10G port negotiation
Rohit Raj [Fri, 8 May 2020 13:02:03 +0000 (18:32 +0530)]
net/dpaa2: fix 10G port negotiation

Fixed 10G port negotiation issue with another 10G/non 10G port.

When running testpmd with 10G interfaces on 10BaseT interface
on LS2088ARDB, the ports were showing link as down.

This was identified to be caused by the setting of link as down
during config.
Also, the line rate was not being updated in device link params,
thus having the incorrect link speed in status (as 0).

Fixes: c5acbb5ea20e ("net/dpaa2: support link status event")
Cc: stable@dpdk.org
Signed-off-by: Rohit Raj <rohit.raj@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agobus/fslmc: fix dereferencing null pointer
Apeksha Gupta [Fri, 8 May 2020 13:02:02 +0000 (18:32 +0530)]
bus/fslmc: fix dereferencing null pointer

Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
Cc: stable@dpdk.org
Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
4 years agoapp/testpmd: fix memory failure handling for i40e DDP
Kalesh AP [Fri, 8 May 2020 04:50:24 +0000 (10:20 +0530)]
app/testpmd: fix memory failure handling for i40e DDP

In cmd_ddp_get_list_parsed(), elements of "p_list" are accessed
even after the memory allocation for "p_list" fails.

With this patch, this null pointer dereference is avoided as we
return when there is malloc failure.

Fixes: e088907bb851 ("app/testpmd: add command for getting loaded DDP profiles")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
4 years agonet/ice/base: fix flow director rule completion report
Simei Su [Fri, 8 May 2020 01:36:50 +0000 (09:36 +0800)]
net/ice/base: fix flow director rule completion report

IAVF FDIR needs to check program status from FD completion descriptors
for both successful and failed case, rather than only ask for completion
on error. This patch corrects completion report value so that the called
can determine whether to report completion on error or other cases.

Fixes: 55daca4e45fc ("net/ice/base: change function to static")

Signed-off-by: Simei Su <simei.su@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
4 years agonet/bnxt: fix FW version query
Ajit Khaparde [Thu, 7 May 2020 05:43:28 +0000 (22:43 -0700)]
net/bnxt: fix FW version query

bnxt_fw_version_get is not indicating the complete FW version.
Fix it to indicate complete version string.

Fixes: e2652b0a20a0 ("net/bnxt: support get FW version")
Cc: stable@dpdk.org
Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
4 years agonet/bnxt: fix uninitialized variable
Ajit Khaparde [Thu, 30 Apr 2020 04:11:51 +0000 (21:11 -0700)]
net/bnxt: fix uninitialized variable

Fix uninitialized variable error reported by coverity.

Coverity issue: 357771
Fixes: 69c410b8448d ("net/bnxt: support EM/EEM")

Signed-off-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Reviewed-by: Somnath Kotur <somnath.kotur@broadcom.com>
Reviewed-by: Randy Schacher <stuart.schacher@broadcom.com>