Ophir Munk [Sat, 20 Jan 2018 21:11:35 +0000 (21:11 +0000)]
net/tap: add eBPF API
This commit include BPF API to be used by TAP.
tap_flow_bpf_cls_q() - download to kernel BPF program that classifies
packets to their matching queues
tap_flow_bpf_calc_l3_l4_hash() - download to kernel BPF program that
calculates per packet layer 3 and layer 4 RSS hash
tap_flow_bpf_rss_map_create() - create BPF RSS map for storing RSS
parameters per RSS rule
tap_flow_bpf_update_rss_elem() - update BPF map entry with RSS rule
parameters
Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Ophir Munk [Sat, 20 Jan 2018 21:11:34 +0000 (21:11 +0000)]
net/tap: add eBPF bytes code
File tap_bpf_insns.h was added. It includes eBPF bytes code
which corresponds to source file tap_bpf_program.c
(see "net/tap: add eBPF program file").
The bytes code is in the format of C arrays of struct bpf_insn and
was generated from the C file tap_bpf_program.c
1. The C file was compiled via LLVM into an object file in ELF
format as:
clang -O2 -emit-llvm -c tap_bpf_program.c -o - | llc -march=bpf \
-filetype=obj -o <tap_bpf_program.o>
clang version must be 3.7 and above
The C functions are under different ELF sections and are considered
different BPF programs to be downloaded to the kernel
2. Using an external tool the ELF sections are parsed and the C arrays
of struct bpf_insn are generated. Each C array (corresponding to a
different function under an ELF section) is downloaded to the kernel
using an BPF systm call. The external tool that generates the C arrays
will be added in separate commits.
Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Ophir Munk [Sat, 20 Jan 2018 21:11:33 +0000 (21:11 +0000)]
net/tap: add eBPF program file
File tap_bpf_program.c was added with two ELF sections
corresponding to two BPF programs and one BPF map.
Section cls_q - BPF classifier to classify packets to their
corresponding queue after an RSS hash was calculated on the packet
and saved in skb->cb[1]
Section l3_l4 - BPF action to calculate RSS hash on packet
layers 3 and 4
This file is not part of DPDK tree compilation.
Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Ophir Munk [Sat, 20 Jan 2018 21:11:32 +0000 (21:11 +0000)]
net/tap: support actions for different classifiers
Add a generic TC actions handling for TC actions: "mirred",
"gact", "skbedit". This will be useful when introducing
BPF actions, as it uses TCA_BPF_ACT instead of TCA_FLOWER_ACT
Signed-off-by: Ophir Munk <ophirmu@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Yongseok Koh [Fri, 19 Jan 2018 07:52:55 +0000 (23:52 -0800)]
net/mlx5: fix memory region lookup
This patch reverts:
commit
3a6f2eb8c5c5 ("net/mlx5: fix Memory Region registration")
Although granularity of chunks in a mempool is a cacheline, addresses are
extended to align to page boundary for performance reason in device when
registering a MR (Memory Region). This could make some regions overlap,
then can cause Tx completion error due to incorrect LKEY search. If the
error occurs, the Tx queue will get stuck. It is because buffer address is
compared against aligned addresses for Memory Region. Saving original
addresses of mempool for comparison doesn't create any overlap.
Fixes:
b0b093845793 ("net/mlx5: use buffer address for LKEY search")
Fixes:
3a6f2eb8c5c5 ("net/mlx5: fix Memory Region registration")
Cc: stable@dpdk.org
Reported-by: Xueming Li <xuemingl@mellanox.com>
Signed-off-by: Xueming Li <xuemingl@mellanox.com>
Signed-off-by: Yongseok Koh <yskoh@mellanox.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Beilei Xing [Fri, 19 Jan 2018 07:50:06 +0000 (15:50 +0800)]
net/i40e: ignore case of packet type
Replace strncmp with strncasecmp in i40e_update_customized_ptype
function for compatibility.
Signed-off-by: Beilei Xing <beilei.xing@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Beilei Xing [Fri, 19 Jan 2018 07:50:05 +0000 (15:50 +0800)]
net/i40e: add parser for IPv4/v6 frag
There're new metadata IPV4FRAG and IPV6FRAG in PPP
profile, this patch improves ptype parser to support
IPV4FRAG and IPV6FRAG.
Signed-off-by: Beilei Xing <beilei.xing@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Beilei Xing [Fri, 19 Jan 2018 07:50:04 +0000 (15:50 +0800)]
net/i40e: fix fail to update packet type table
Fail to update SW ptype mapping table when loading
PPP profile, though profile can be loaded successfully.
It will cause fail to parse SW ptype during receiving
packets. This patch fixes this issue.
Fixes:
11556c915a08 ("net/i40e: improve packet type parser")
Cc: stable@dpdk.org
Signed-off-by: Beilei Xing <beilei.xing@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
Beilei Xing [Fri, 19 Jan 2018 05:23:44 +0000 (13:23 +0800)]
net/i40e: fix flow director Rx resource defect
FDIR Rx ring isn't initialized and Rx queue HW tail isn't updated
when there's error detected during programming FDIR flow. There'll
be some potential risk.
This patch updates FDIR Rx resource.
Fixes:
a778a1fa2e4e ("i40e: set up and initialize flow director")
Fixes:
05999aab4ca6 ("i40e: add or delete flow director")
Cc: stable@dpdk.org
Signed-off-by: Beilei Xing <beilei.xing@intel.com>
Acked-by: Jingjing Wu <jingjing.wu@intel.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:46 +0000 (13:51 +0000)]
net/vdev_netvsc: add automatic probing
Using DPDK in Hyper-V VM systems requires vdev_netvsc driver to pair
the NetVSC netdev device with the same MAC address PCI device by
fail-safe PMD.
Add vdev_netvsc custom scan in vdev bus to allow automatic probing in
Hyper-V VM systems unless it was already specified by command line.
Add "ignore" parameter to disable this auto-detection.
Signed-off-by: Matan Azrad <matan@mellanox.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:45 +0000 (13:51 +0000)]
net/vdev_netvsc: add force parameter
This parameter allows specifying any non-NetVSC interface or routed
NetVSC interfaces to use with tap sub-devices for development purposes.
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Signed-off-by: Matan Azrad <matan@mellanox.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:44 +0000 (13:51 +0000)]
net/vdev_netvsc: skip routed netvsc probing
NetVSC netdevices which are already routed should not be probed because
they are used for management purposes by the HyperV.
prevent routed netvsc devices probing.
Signed-off-by: Raslan Darawsheh <rasland@mellanox.com>
Signed-off-by: Matan Azrad <matan@mellanox.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:43 +0000 (13:51 +0000)]
net/vdev_netvsc: implement core functionality
As described in more details in the attached documentation (see patch
contents), this virtual device driver manages NetVSC interfaces in virtual
machines hosted by Hyper-V/Azure platforms.
This driver does not manage traffic nor Ethernet devices directly; it acts
as a thin configuration layer that automatically instantiates and controls
fail-safe PMD instances combining tap and PCI sub-devices, so that each
NetVSC interface is exposed as a single consolidated port to DPDK
applications.
PCI sub-devices being hot-pluggable (e.g. during VM migration),
applications automatically benefit from increased throughput when present
and automatic fallback on NetVSC otherwise without interruption thanks to
fail-safe's hot-plug handling.
Once initialized, the sole job of the vdev_netvsc driver is to regularly
scan for PCI devices to associate with NetVSC interfaces and feed their
addresses to corresponding fail-safe instances.
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Signed-off-by: Matan Azrad <matan@mellanox.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:42 +0000 (13:51 +0000)]
net/vdev_netvsc: introduce Hyper-V platform driver
This patch lays the groundwork for this driver (draft documentation,
copyright notices, code base skeleton and build system hooks). While it can
be successfully compiled and invoked, it's an empty shell at this stage.
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Signed-off-by: Matan Azrad <matan@mellanox.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:41 +0000 (13:51 +0000)]
net/failsafe: add probed device capture
Previous fail-safe code didn't support probed sub-devices capture and
failed when it tried to probe them.
Skip fail-safe sub-device probing when it already was probed.
Signed-off-by: Matan Azrad <matan@mellanox.com>
Acked-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Matan Azrad [Thu, 18 Jan 2018 13:51:40 +0000 (13:51 +0000)]
net/failsafe: add fd parameter
This parameter enables applications to provide device definitions
through an arbitrary file descriptor number.
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Signed-off-by: Matan Azrad <matan@mellanox.com>
Acked-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Adrien Mazarguil [Thu, 18 Jan 2018 13:51:39 +0000 (13:51 +0000)]
net/failsafe: fix invalid free
rte_free() is not supposed to work with pointers returned by calloc().
Fixes:
a0194d828100 ("net/failsafe: add flexible device definition")
Cc: stable@dpdk.org
Signed-off-by: Adrien Mazarguil <adrien.mazarguil@6wind.com>
Acked-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Radu Nicolau [Fri, 19 Jan 2018 11:42:34 +0000 (11:42 +0000)]
ethdev: add security context API documentation
Added missing doxygen for rte_eth_dev_get_sec_ctx
and moved the declaration to the proper place.
Fixes:
4c270218aa26 ("ethdev: support security APIs")
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Andy Moreton [Fri, 19 Jan 2018 06:47:06 +0000 (06:47 +0000)]
net/sfc/base: fix unused argument warning
The type_data argument to ef10_rx_qcreate is only used
in builds with EFSYS_OPT_RX_PACKED_STREAM. note this as
an unused argument to avoid warnings in builds without
packed stream support.
Fixes:
b749646dade4 ("net/sfc/base: add function to create packed stream RxQ")
Signed-off-by: Andy Moreton <amoreton@solarflare.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Zhiyong Yang [Fri, 19 Jan 2018 02:21:11 +0000 (10:21 +0800)]
doc: fix typo in link bonding guide
fix one typo and a grammatical mistake.
Fixes:
b0152b1b40fe ("doc: update bonding")
Cc: stable@dpdk.org
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
Yong Wang [Thu, 18 Jan 2018 11:48:56 +0000 (06:48 -0500)]
net/dpaa: fix potential memory leak
There are several func calls to rte_zmalloc() which don't do null
pointer check on the return value. And before return, the memory is not
freed. Fix it by adding null pointer check and rte_free().
Fixes:
37f9b54bd3cf ("net/dpaa: support Tx and Rx queue setup")
Fixes:
62f53995caaf ("net/dpaa: add frame count based tail drop with CGR")
Cc: stable@dpdk.org
Signed-off-by: Yong Wang <wang.yong19@zte.com.cn>
Reviewed-by: Shreyansh Jain <shreyansh.jain@nxp.com>
Wenzhuo Lu [Fri, 19 Jan 2018 08:41:48 +0000 (16:41 +0800)]
net/avf: fix makefile typo
A typo in makefile that makes the RX/TX vector code
not to be compiled.
Fixes:
319c421f3890 ("net/avf: enable SSE Rx Tx")
Signed-off-by: Wenzhuo Lu <wenzhuo.lu@intel.com>
Yongseok Koh [Wed, 17 Jan 2018 17:44:13 +0000 (09:44 -0800)]
net/mlx5: fix handling link status event
Even though link of a port gets down, device still can receive traffic.
That is the reason why mlx5_set_link_up/down() switches rx/tx_pkt_burst().
However, if link gets down by an external command (e.g. ifconfig), it isn't
effective. It is better to change burst functions when link status change
is detected.
Fixes:
62072098b54e ("mlx5: support setting link up or down")
Cc: stable@dpdk.org
Signed-off-by: Yongseok Koh <yskoh@mellanox.com>
Acked-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Victor Kaplansky [Wed, 17 Jan 2018 13:49:25 +0000 (15:49 +0200)]
vhost: protect active rings from async ring changes
When performing live migration or memory hot-plugging,
the changes to the device and vrings made by message handler
done independently from vring usage by PMD threads.
This causes for example segfaults during live-migration
with MQ enable, but in general virtually any request
sent by qemu changing the state of device can cause
problems.
These patches fixes all above issues by adding a spinlock
to every vring and requiring message handler to start operation
only after ensuring that all PMD threads related to the device
are out of critical section accessing the vring data.
Each vring has its own lock in order to not create contention
between PMD threads of different vrings and to prevent
performance degradation by scaling queue pair number.
See https://bugzilla.redhat.com/show_bug.cgi?id=
1450680
Cc: stable@dpdk.org
Signed-off-by: Victor Kaplansky <victork@redhat.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Yuanhan Liu <yliu@fridaylinux.org>
Junjie Chen [Wed, 17 Jan 2018 15:45:53 +0000 (10:45 -0500)]
vhost: fix mbuf free
dequeue zero copy change buf_addr and buf_iova of mbuf, and return
to mbuf pool without restore them, it breaks vm memory if others allocate
mbuf from same pool since mbuf reset doesn't reset buf_addr and buf_iova.
Fixes:
b0a985d1f340 ("vhost: add dequeue zero copy")
Cc: stable@dpdk.org
Signed-off-by: Junjie Chen <junjie.j.chen@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Yuanhan Liu <yliu@fridaylinux.org>
Xiao Wang [Thu, 18 Jan 2018 02:20:38 +0000 (10:20 +0800)]
net/virtio: support guest announce
When live migration is done, for the backup VM, either the virtio
frontend or the vhost backend needs to send out gratuitous RARP packet
to announce its new network location.
This patch enables VIRTIO_NET_F_GUEST_ANNOUNCE feature to support live
migration scenario where the vhost backend doesn't have the ability to
generate RARP packet.
Brief introduction of the work flow:
1. QEMU finishes live migration, pokes the backup VM with an interrupt.
2. Virtio interrupt handler reads out the interrupt status value, and
realizes it needs to send out RARP packet to announce its location.
3. Pause device to stop worker thread touching the queues.
4. Inject a RARP packet into a Tx Queue.
5. Ack the interrupt via control queue.
6. Resume device to continue packet processing.
Signed-off-by: Xiao Wang <xiao.w.wang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Yuanhan Liu <yliu@fridaylinux.org>
Xiao Wang [Thu, 18 Jan 2018 02:32:24 +0000 (10:32 +0800)]
net: fix RARP generation
Due to a mistake operation from me, older version (v10) was merged to
master branch. It's the v11 should be applied. However, the master branch
is not rebase-able. Thus, this patch is made, from the diff between v10
and v11.
The diffs are:
- Add check for parameter and tailroom in rte_net_make_rarp_packet
- Allocate mbuf in rte_net_make_rarp_packet
Besides that, a link error is fixed when shared lib is enabled.
Fixes:
45ae05df824c ("net: add a helper for making RARP packet")
Fixes:
c3ffdba0e88a ("vhost: use API to make RARP packet")
Signed-off-by: Xiao Wang <xiao.w.wang@intel.com>
Signed-off-by: Yuanhan Liu <yliu@fridaylinux.org>
Junjie Chen [Mon, 15 Jan 2018 11:32:19 +0000 (06:32 -0500)]
vhost: do deep copy while reallocating queue
When vhost reallocate dev and vq for NUMA enabled case, it doesn't perform
deep copy, which lead to 1) zmbuf list not valid 2) remote memory access.
This patch is to re-initlize the zmbuf list and also do the deep copy.
Signed-off-by: Junjie Chen <junjie.j.chen@intel.com>
Reviewed-by: Zhiyong Yang <zhiyong.yang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Yuanhan Liu <yliu@fridaylinux.org>
Maciej Czekaj [Thu, 18 Jan 2018 13:06:13 +0000 (14:06 +0100)]
net/thunderx: convert to new offload API
This patch removes all references to old-style offload API
replacing them with new offload flags.
Signed-off-by: Maciej Czekaj <maciej.czekaj@caviumnetworks.com>
Tomasz Duszynski [Thu, 18 Jan 2018 10:57:37 +0000 (11:57 +0100)]
net/mrvl: allow adding MAC address before port init
Since DPDK restores ether address configuration after device
is started it is safe to add ether address to uninitialized port (ppio).
Fixes:
c0511a8f741f ("net/mrvl: check if ppio is initialized")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Tomasz Duszynski [Thu, 18 Jan 2018 10:57:36 +0000 (11:57 +0100)]
net/mrvl: allow changing MTU before port init
DPDK updates MTU once mtu_set() callback returns success.
Since PMD changes port's MTU to dev->mtu every time device is
started it is safe to call mtu_set() before MUSDK ppio was initialized.
Fixes:
c0511a8f741f ("net/mrvl: check if ppio is initialized")
Cc: stable@dpdk.org
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Ivan Malov [Thu, 18 Jan 2018 09:44:31 +0000 (09:44 +0000)]
net/sfc: convert to new Tx offload API
Ethdev Tx offloads API has changed since:
commit
cba7f53b717d ("ethdev: introduce Tx queue offloads API")
This commit support the new Tx offloads API.
The code which fills in txq_flags in default_txconf is preserved
because rte_eth_dev_info_get() lacks conversion between offloads
and txq_flags fields which means that a legacy application which
relies on default_txconf will fail to configure Tx queues in the
case when some bits in txq_flags are mandatory.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Ivan Malov [Thu, 18 Jan 2018 09:44:30 +0000 (09:44 +0000)]
net/sfc: factor out function to report Tx capabilities
The patch adds a separate function to report supported
Tx capabilities because this function will be required
in more places across the code in the upcoming patches.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Ivan Malov [Thu, 18 Jan 2018 09:44:29 +0000 (09:44 +0000)]
net/sfc: convert to new Rx offload API
Ethdev Rx offloads API has changed since:
commit
ce17eddefc20 ("ethdev: introduce Rx queue offloads API")
This commit support the new Rx offloads API.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Ivan Malov [Thu, 18 Jan 2018 09:44:28 +0000 (09:44 +0000)]
net/sfc: factor out function to report Rx capabilities
The patch adds a separate function to report supported
Rx capabilities because this function will be required
in more places across the code in the upcoming patches.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Ivan Malov [Thu, 18 Jan 2018 09:44:27 +0000 (09:44 +0000)]
ethdev: add function to look up Tx offload names
Commonly, drivers converted to the new offload API
may need to log unsupported offloads as a response
to wrong settings. From this perspective, it would
be convenient to have generic functions to look up
offload names. The patch adds such a helper for Tx.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Ivan Malov [Thu, 18 Jan 2018 09:44:26 +0000 (09:44 +0000)]
ethdev: add function to look up Rx offload names
Commonly, drivers converted to the new offload API
may need to log unsupported offloads as a response
to wrong settings. From this perspective, it would
be convenient to have generic functions to look up
offload names. The patch adds such a helper for Rx.
Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
Roman Zhukov [Thu, 18 Jan 2018 07:32:56 +0000 (07:32 +0000)]
net/sfc: fix flow RSS check in error handling
RSS is a local variable with address which is never NULL.
Fixes:
d77d07391d4d ("net/sfc: support flow API RSS action")
Cc: stable@dpdk.org
Signed-off-by: Roman Zhukov <roman.zhukov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Roman Zhukov [Thu, 18 Jan 2018 07:32:55 +0000 (07:32 +0000)]
net/sfc: fix initialization of flow structure
The rte_flow is already filled in with zeros in the
case of create. So memset() with zeros is needed only
in validation.
Fixes:
a9825ccf5bb8 ("net/sfc: support flow API filters")
Cc: stable@dpdk.org
Signed-off-by: Roman Zhukov <roman.zhukov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Moti Haimovsky [Wed, 17 Jan 2018 14:04:34 +0000 (16:04 +0200)]
net/tap: use new Rx offloads API
Ethdev Rx offloads API has changed since:
commit
ce17eddefc20 ("ethdev: introduce Rx queue offloads API")
This commit adds support for the new Rx offloads API.
Signed-off-by: Moti Haimovsky <motih@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Moti Haimovsky [Wed, 17 Jan 2018 14:04:33 +0000 (16:04 +0200)]
net/tap: use new Tx offloads API
Ethdev Tx offloads API has changed since:
commit
cba7f53b717d ("ethdev: introduce Tx queue offloads API")
This commit adds support for the new Tx offloads API.
Signed-off-by: Moti Haimovsky <motih@mellanox.com>
Acked-by: Pascal Mazon <pascal.mazon@6wind.com>
Rafal Kozik [Wed, 17 Jan 2018 08:26:00 +0000 (09:26 +0100)]
net/ena: convert to new Rx offloads API
Ethdev Rx offloads API has changed since:
commit
ce17eddefc20 ("ethdev: introduce Rx queue offloads API")
This commit support the new Rx offloads API.
Signed-off-by: Rafal Kozik <rk@semihalf.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Michal Krawczyk <mk@semihalf.com>
Rafal Kozik [Wed, 17 Jan 2018 08:23:44 +0000 (09:23 +0100)]
net/ena: convert to new Tx offloads API
Ethdev Tx offloads API has changed since:
commit
cba7f53b717d ("ethdev: introduce Tx queue offloads API")
This commit support the new Tx offloads API. Queue configuration
is stored in ena_ring.offloads. During preparing mbufs for tx, offloads are
allowed only if appropriate flags in this field are set.
Signed-off-by: Rafal Kozik <rk@semihalf.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Michal Krawczyk <mk@semihalf.com>
Shachar Beiser [Tue, 16 Jan 2018 09:17:52 +0000 (11:17 +0200)]
net/mlx5: fix IPv6 header fields
There are parameters that are not copy from
spec to verbs structure in the vtc_label
Fixes:
43e9d9794cde ("net/mlx5: support upstream rdma-core")
Cc: stable@dpdk.org
Signed-off-by: Shachar Beiser <shacharbe@mellanox.com>
Acked-by: Yongseok Koh <yskoh@mellanox.com>
Shachar Beiser [Tue, 16 Jan 2018 09:17:51 +0000 (11:17 +0200)]
net: add IPv6 header fields macros
Support IPv6 header vtc_flow fields : tc , flow_label
Signed-off-by: Shachar Beiser <shacharbe@mellanox.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Kirill Rybalchenko [Mon, 15 Jan 2018 17:33:32 +0000 (17:33 +0000)]
ethdev: increase flow type limit from 32 to 64
Increase the internal limit for flow types from 32 to 64
to support future flow type extensions.
Change type of variables from uint32_t[] to uint64_t[]:
rte_eth_fdir_info.flow_types_mask
rte_eth_hash_global_conf.sym_hash_enable_mask
rte_eth_hash_global_conf.valid_bit_mask
This modification affects the following components:
net/i40e
net/ixgbe
app/testpmd
ABI versioning used to keep ABI stability.
Signed-off-by: Kirill Rybalchenko <kirill.rybalchenko@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
George Wilkie [Wed, 10 Jan 2018 17:08:52 +0000 (17:08 +0000)]
net/vmxnet3: reset packet type for non-IPv4 packets
With bonding, after sending sufficient ipv4 packets,
bond_ethdev_rx_burst_8023ad() no longer recognizes LACP packets
because the packet_type is set to RTE_PTYPE_L3_IPV4.
Ensure packet_type is reset for non-ipv4 packets in vmxnet3_rx_offload.
Signed-off-by: George Wilkie <george.wilkie@intl.att.com>
Acked-by: Shrikrishna Khare <skhare@vmware.com>
Rosen Xu [Mon, 15 Jan 2018 10:05:55 +0000 (18:05 +0800)]
net/i40e: fix packet type for X722
Move setting PCType after setting port's MAC type, which can resolve
the issue of PCType doesn't take effect on X722.
Fixes:
a286ebeb0714 ("net/i40e: add dynamic mapping of SW flow types to HW pctypes")
Cc: stable@dpdk.org
Signed-off-by: Rosen Xu <rosen.xu@intel.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
Igor Ryzhov [Mon, 15 Jan 2018 08:32:18 +0000 (11:32 +0300)]
net/i40e: fix flag for MAC address write
Current flag is in wrong byte order for i40e_aq_mac_address_write,
and just uses the well defined macro instead.
Fixes:
e18e01e92c29 ("i40e: support default MAC address setting")
Cc: stable@dpdk.org
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
Acked-by: Beilei Xing <beilei.xing@intel.com>
Ferruh Yigit [Wed, 17 Jan 2018 18:30:39 +0000 (18:30 +0000)]
doc: update pcap guide
Add note about PMD expects the network interfaces provided to be up,
documented behavior to set expectations right.
Also added minor fix.
Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: John McNamara <john.mcnamara@intel.com>
Moti Haimovsky [Wed, 17 Jan 2018 14:30:13 +0000 (16:30 +0200)]
net/failsafe: use new Rx offloads API
Ethdev Rx offloads API has changed since:
commit
ce17eddefc20 ("ethdev: introduce Rx queue offloads API")
This commit adds support for the new Rx offloads API.
Signed-off-by: Moti Haimovsky <motih@mellanox.com>
Acked-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Moti Haimovsky [Wed, 17 Jan 2018 14:30:12 +0000 (16:30 +0200)]
net/failsafe: use new Tx offloads API
Ethdev Tx offloads API has changed since:
commit
cba7f53b717d ("ethdev: introduce Tx queue offloads API")
This commit adds support for the new Tx offloads API.
Signed-off-by: Moti Haimovsky <motih@mellanox.com>
Acked-by: Gaetan Rivet <gaetan.rivet@6wind.com>
Hemant Agrawal [Mon, 15 Jan 2018 11:38:06 +0000 (17:08 +0530)]
bus/fslmc: adjust to dpaa2 eventdev disabling
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Nipun Gupta [Mon, 15 Jan 2018 11:38:05 +0000 (17:08 +0530)]
net/dpaa2: use hash FLCTYPE only for LX2
Enabling hash results in FD requires setting DPNI_FLCTYPE_HASH in
dpni_set_offload API. Setting this FLCTYPE for DPNI sets the FD[SC]
to 0 for LS2 in the hardware thus disabling data/annotation stashing.
For LX2 this is fixed in hardware and thus hash result and parse
results can be received in FD using this option.
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Hemant Agrawal [Mon, 15 Jan 2018 11:38:04 +0000 (17:08 +0530)]
net/dpaa2: change VLAN filter rule to be called on config
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Hemant Agrawal [Mon, 15 Jan 2018 11:38:03 +0000 (17:08 +0530)]
net/dpaa2: optimize Rx/Tx path
Merge the offload with parse function to save on instructions.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Hemant Agrawal [Mon, 15 Jan 2018 11:38:02 +0000 (17:08 +0530)]
net/dpaa2: support more than 16 burst size in Rx
This patch enhances the Rx function to support more than
16 burst size.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Rasesh Mody [Fri, 12 Jan 2018 21:50:01 +0000 (13:50 -0800)]
net/qede: replace config option with run-time arg
This patch adds support for handling run-time driver arguments.
We have removed config option for per VF Tx switching and added
a run-time argument vf_txswitch. By default, the VF Tx switching is
enabled however it can be disabled using run-time argument.
Sample usage to disable per port VF Tx switching is something like...
-w 05:00.0,vf_txswitch=0 -w 05:00.1,vf_txswitch=0
Fixes:
1282943aa05b ("net/qede: fix default config option")
Cc: stable@dpdk.org
Signed-off-by: Rasesh Mody <rasesh.mody@cavium.com>
Thomas Monjalon [Sun, 21 Jan 2018 22:08:58 +0000 (23:08 +0100)]
examples/eventdev: fix build with GCC < 5
Some errors were seen with GCC 4.8 and 4.9.
It looks to be a bug fixed in GCC 5.
examples/eventdev_pipeline/pipeline_worker_generic.c:474:4: error:
missing initializer for field 'queue_id' of 'struct <anonymous>'
examples/eventdev_pipeline/pipeline_worker_generic.c:475:3: error:
missing initializer for field 'priority' of 'struct <anonymous>'
examples/eventdev_pipeline/pipeline_worker_tx.c:630:2: error:
missing initializer for field 'queue_id' of 'struct <anonymous>'
The workaround is to not use initializer statement,
but to use memset and standard assignment.
Fixes:
84dde5de10a2 ("examples/eventdev: support Rx adapter")
Fixes:
fa8054c8c889 ("examples/eventdev: add thread safe Tx worker pipeline")
Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
Andrew Rybchenko [Sun, 21 Jan 2018 09:48:39 +0000 (09:48 +0000)]
event/opdl: fix build using C99 mode
RHEL 7.4 gcc (GCC) 4.8.5
20150623 (Red Hat 4.8.5-16)
‘for’ loop initial declarations are only allowed in C99 mode
Fixes:
4236ce9bf5bf ("event/opdl: add OPDL ring infrastructure library")
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
Radu Nicolau [Thu, 18 Jan 2018 16:07:38 +0000 (16:07 +0000)]
examples/ipsec-secgw: try end in flow actions before fail
After trying RSS and Queue also try End for flow action
to allow for HW that don't support flow features with
inline crypto.
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Pablo de Lara [Wed, 13 Dec 2017 15:54:08 +0000 (15:54 +0000)]
cryptodev: remove duplicated device name length
Two macros were defined in cryptodev, to serve the same
purpose: RTE_CRYPTODEV_NAME_LEN (in the config file) and
RTE_CRYPTODEV_NAME_MAX_LEN (in the rte_cryptodev.h file).
Since the second one is part of the external API,
the first one has been removed, avoiding duplications.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Tomasz Duszynski <tdu@semihalf.com>
Nélio Laranjeiro [Thu, 11 Jan 2018 09:15:59 +0000 (10:15 +0100)]
examples/ipsec-secgw: fix SPI byte order in flow item
SPI field is defined in the RFC2406 [1] as a big endian field it should be
provided in its final form to the drivers through RTE flow.
[1] https://tools.ietf.org/html/rfc2406
Fixes:
ec17993a145a ("examples/ipsec-secgw: support security offload")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Nélio Laranjeiro [Thu, 11 Jan 2018 09:15:58 +0000 (10:15 +0100)]
net: fix ESP header byte ordering definition
ESP header is defined in the RFC2406 [1] as Big Endian fields it should use
the corresponding types in DPDK as well.
[1] https://tools.ietf.org/html/rfc2406
Fixes:
d4b684f7197a ("net: add ESP header to generic flow steering")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Olivier Matz <olivier.matz@6wind.com>
Radu Nicolau [Thu, 18 Jan 2018 15:41:43 +0000 (15:41 +0000)]
examples/ipsec_secgw: create session mempools for ethdevs
Also moved offloaded packets from cryptodev queues
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Radu Nicolau [Thu, 18 Jan 2018 15:41:42 +0000 (15:41 +0000)]
net/ixgbe: get security session size
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Radu Nicolau [Thu, 18 Jan 2018 15:41:41 +0000 (15:41 +0000)]
security: get session size
Add function to get security session size.
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Nélio Laranjeiro [Mon, 18 Dec 2017 10:24:37 +0000 (11:24 +0100)]
examples/ipsec-secgw: add egress flow actions
Add egress flow create for devices supporting
RTE_SECURITY_TX_HW_TRAILER_OFFLOAD.
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Nélio Laranjeiro [Mon, 18 Dec 2017 10:24:36 +0000 (11:24 +0100)]
examples/ipsec-secgw: add target queues in flow actions
Mellanox INNOVA NIC needs to have final target queue actions to perform
inline crypto.
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Nélio Laranjeiro [Mon, 18 Dec 2017 10:24:35 +0000 (11:24 +0100)]
examples/ipsec-secgw: fix missing ingress flow attribute
Generic flow API have both direction bits, ingress and egress for rules
which may work on both sides.
Fixes:
ec17993a145a ("examples/ipsec-secgw: support security offload")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Akhil Goyal [Thu, 11 Jan 2018 11:55:36 +0000 (17:25 +0530)]
examples/ipsec-secgw: fix corner case for SPI value
IPSec application is using index 0 of SA table as error,
with current value of IPSEC_SA_MAX_ENTRIES(128) it can
not support SA with spi = 128, as it uses sa_idx = 0
in the SA table.
With this patch, sa_idx = 0 can also be used.
PS: spi = 0 is an invalid SPI and application throws error
for it.
Fixes:
d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Akhil Goyal [Thu, 14 Dec 2017 07:19:23 +0000 (12:49 +0530)]
examples/ipsec-secgw: improve IPsec dequeue logic
Since the processing of crypto operations may take time
due to hardware offload, all the packets may not be available
in the single dequeue command.
So it may happen that there is leakage of cops, and there is
nobody to dequeue the packets because dequeue of crypto ops is
done only once for a particular queue pair even if it has more
packets in flight.
This patch dequeue the packets again if the inflight packets are
more than the max packet burst.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Akhil Goyal [Thu, 11 Jan 2018 11:44:06 +0000 (17:14 +0530)]
crypto/dpaa_sec: rewrite Rx/Tx path
Rx and Tx patch are rewritten with improved internal APIs
to improve performance.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Nipun Gupta <nipun.gupta@nxp.com>
Alok Makhariya [Tue, 16 Jan 2018 11:08:17 +0000 (16:38 +0530)]
crypto/dpaa_sec: retire fq while detaching with session
Signed-off-by: Alok Makhariya <alok.makhariya@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Akhil Goyal [Mon, 15 Jan 2018 12:42:12 +0000 (18:12 +0530)]
examples/ipsec-secgw: update incremental checksum
When TTL is decremented or ecn is updated in IP header
before forwarding the packet, checksum needs to be updated.
In this patch an incremental checksum is added for ipv4 case.
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Akhil Goyal [Thu, 14 Dec 2017 07:05:30 +0000 (12:35 +0530)]
examples/ipsec-secgw: update mbuf packet type
Packet_type should be updated to remove/add L4 type for
encrypted/decrypted packet
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Akhil Goyal [Mon, 15 Jan 2018 06:35:53 +0000 (12:05 +0530)]
crypto/dpaa_sec: support IPsec protocol offload
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Hemant Agrawal [Mon, 15 Jan 2018 06:35:52 +0000 (12:05 +0530)]
crypto/dpaa_sec: support multiple sessions per queue pair
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Hemant Agrawal [Mon, 15 Jan 2018 06:35:51 +0000 (12:05 +0530)]
crypto/dpaa_sec: optimize virtual address conversion
Context memory is allocated from mempool. Ideally
it will get all memory from single segment, so simple offset
calculation is used for address conversion for such addresses
from context memory.
Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Akhil Goyal [Thu, 14 Dec 2017 06:52:02 +0000 (12:22 +0530)]
examples/ipsec-secgw: add cryptodev mask option
Previously, ipsec-secgw application did not give user the
flexibility to decide which crypto device(s) will be used.
In this patch, a new cryptodev_mask option is added to the
application. Same as portmask, the cryptodev_mask avails the
user to mask out the unwanted crypto devices in the system.
This patch is similar to the support added in l2fwd-crypto
(
d2797f51cc63: examples/l2fwd-crypto: add cryptodev mask option)
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Anoob Joseph [Mon, 18 Dec 2017 07:15:05 +0000 (07:15 +0000)]
examples/ipsec-secgw: support inline protocol
Adding support for inline protocol processing
In ingress side, application will receive regular IP packets, without
any IPsec related info. Application will do a selector check (SP-SA
check) by making use of the metadata from the packet. The
device-specific metadata in mbuf would aid in determing the security
session which processed the packet.
In egress side, the plain packet would be submitted to the driver. The
packet will have optional metadata, which could be used to identify the
security session associated with the packet.
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Reviewed-by: Akhil Goyal <akhil.goyal@nxp.com>
Anoob Joseph [Mon, 18 Dec 2017 07:15:04 +0000 (07:15 +0000)]
security: support user data retrieval
In case of inline protocol processed ingress traffic, the packet may not
have enough information to determine the security parameters with which
the packet was processed. In such cases, application could get metadata
from the packet which could be used to identify the security parameters
with which the packet was processed.
Application could register "userdata" with the security session, and
this could be retrieved from the metadata of inline processed packets.
The metadata returned by "rte_security_get_pkt_metadata()" will be
device specific. Also the driver is expected to return the application
registered "userdata" as is, without any modifications.
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Pablo de Lara [Wed, 13 Dec 2017 13:14:08 +0000 (13:14 +0000)]
app/crypto-perf: support IMIX
Add support for IMIX performance tests, where a distribution
of various packet sizes can be submitted to a crypto
device, testing a closer to a real world scenario.
A sequence of packet sizes, selected randomly from a list of packet
sizes (with "buffer-sz" parameter) with a list of the weights
per packet size (using "imix" parameter), is generated
(the length of this sequence is the same length as the pool,
set with "pool-sz" parameter).
This sequence is used repeteadly for all the crypto
operations submitted to the crypto device (with "--total-ops" parameter).
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Pablo de Lara [Wed, 13 Dec 2017 15:55:00 +0000 (15:55 +0000)]
cryptodev: fix function prototype
qp_detach_session function was using the attach_session_t
function prototype, instead of detach_session_t.
Since both of them have the same parameters, there were
no compilation issues, but it is not consistent.
Fixes:
d816fdea557c ("cryptodev: add API to associate session with queue pair")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Pablo de Lara [Wed, 13 Dec 2017 15:54:38 +0000 (15:54 +0000)]
cryptodev: add missing CPU flag string
CPU flag AVX512 was added in a previous release,
but it was not added in the list of strings.
Fixes:
84d796586604 ("crypto/aesni_mb: support AVX512")
Cc: stable@dpdk.org
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Tomasz Duszynski [Tue, 9 Jan 2018 09:08:48 +0000 (10:08 +0100)]
doc: update mrvl crypto guide
Update MRVL CRYPTO PMD documentation.
Signed-off-by: Tomasz Duszynski <tdu@semihalf.com>
Acked-by: Jianbo Liu <jianbo.liu@arm.com>
Fan Zhang [Tue, 19 Dec 2017 15:34:30 +0000 (15:34 +0000)]
crypto/aesni_mb: support AES-CCM
Add support to AES-CCM, for 128-bit keys.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Akhil Goyal [Wed, 13 Dec 2017 07:15:08 +0000 (12:45 +0530)]
security: fix enum start value
enum should be initialized with 1 so that unitialized(memset)
memory may not be treated as a valid enum value.
Fixes:
c261d1431bd8 ("security: introduce security API and framework")
Cc: stable@dpdk.org
Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Nélio Laranjeiro [Thu, 23 Nov 2017 10:02:39 +0000 (11:02 +0100)]
security: fix pedantic compilation
/x86_64-native-linuxapp-gcc/include/rte_security.h:229:8:
error: struct has no members [-Werror=pedantic]
struct rte_security_macsec_xform {
^~~~~~~~~~~~~~~~~~~~~~~~~
/x86_64-native-linuxapp-gcc/include/rte_security.h:453:3:
error: struct has no members [-Werror=pedantic]
struct {
^~~~~~
Fixes:
c261d1431bd8 ("security: introduce security API and framework")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Nélio Laranjeiro [Thu, 23 Nov 2017 10:02:38 +0000 (11:02 +0100)]
crypto: fix pedantic compilation
/x86_64-native-linuxapp-gcc/include/rte_crypto.h:126:28:
error: ISO C forbids zero-size array ‘sym’ [-Werror=pedantic]
struct rte_crypto_sym_op sym[0];
^~~
Zero-size array is an extension to the language it cannot be replaced by a
empty size array i.e. [] because structure is inside a union.
Fixes:
d2a4223c4c6d ("cryptodev: do not store pointer to op specific params")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Nélio Laranjeiro [Thu, 23 Nov 2017 10:02:37 +0000 (11:02 +0100)]
security: fix device operation type
Device operation pointers should be constant to avoid any modification
while it is in use.
Fixes:
c261d1431bd8 ("security: introduce security API and framework")
Cc: stable@dpdk.org
Signed-off-by: Nelio Laranjeiro <nelio.laranjeiro@6wind.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Pablo de Lara [Tue, 19 Dec 2017 09:27:55 +0000 (09:27 +0000)]
doc: update IPSec Multi-buffer lib versioning
IPSec Multi-buffer library v0.48 has been released,
which includes, among other features, support for AES-CCM.
Signed-off-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Acked-by: Marko Kovacevic <marko.kovacevic@intel.com>
Anoob Joseph [Tue, 12 Dec 2017 08:32:25 +0000 (08:32 +0000)]
examples/ipsec-secgw: fix usage of incorrect port
When security offload is enabled, the packet should be forwarded on the
port configured in the SA. Security session will be configured on that
port only, and sending the packet on other ports could result in
unencrypted packets being sent out.
This would have performance improvements too, as the per packet LPM
lookup would be avoided for IPsec packets, in inline mode.
Fixes:
ec17993a145a ("examples/ipsec-secgw: support security offload")
Signed-off-by: Anoob Joseph <anoob.joseph@caviumnetworks.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Jerin Jacob [Tue, 28 Nov 2017 12:50:59 +0000 (18:20 +0530)]
test/crypto: fix missing include
time() is defined in time.h
Fixes:
ffbe3be0d4 ("app/test: add libcrypto")
Cc: stable@dpdk.org
Signed-off-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>
Billy O'Mahony [Mon, 27 Nov 2017 11:40:28 +0000 (11:40 +0000)]
cryptodev: extend sym session doxygen info
Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Billy O'Mahony [Mon, 27 Nov 2017 11:13:36 +0000 (11:13 +0000)]
doc: fix typo in QAT quide
Fixes:
1703e94ac5ce ("qat: add driver for QuickAssist devices")
Cc: stable@dpdk.org
Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Andrea Grandi [Wed, 22 Nov 2017 18:03:12 +0000 (10:03 -0800)]
doc: fix format in OpenSSL installation guide
List of supported OpenSSL versions and code block with dependencies were
not properly formatted.
Fixes:
d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Cc: stable@dpdk.org
Signed-off-by: Andrea Grandi <andrea.grandi@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Andrea Grandi [Wed, 22 Nov 2017 18:03:11 +0000 (10:03 -0800)]
doc: fix lists of supported crypto algorithms
Add a missing space must before the first item of the list to display it
correctly in the User Guide.
Fixes:
d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Fixes:
b79e4c00af0e ("cryptodev: use AES-GCM/CCM as AEAD algorithms")
Cc: stable@dpdk.org
Signed-off-by: Andrea Grandi <andrea.grandi@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
Aleksey Baulin [Sun, 19 Nov 2017 22:16:04 +0000 (01:16 +0300)]
eal: improve likely and unlikely macros
A warning is issued when using an argument to likely() or unlikely()
builtins which is evaluated to a pointer value, as __builtin_expect()
expects a 'long int' type for its first argument. With this fix
a pointer value is converted to an integer with the value of 0 or 1.
Signed-off-by: Aleksey Baulin <aleksey.baulin@gmail.com>
Herbert Guan [Fri, 19 Jan 2018 06:10:36 +0000 (14:10 +0800)]
eal/arm64: optimize memcpy
This patch provides an option to do rte_memcpy() using 'restrict'
qualifier, which can induce GCC to do optimizations by using more
efficient instructions, providing some performance gain over memcpy()
on some ARM64 platforms/enviroments.
The memory copy performance differs between different ARM64
platforms. And a more recent glibc (e.g. 2.23 or later)
can provide a better memcpy() performance compared to old glibc
versions. It's always suggested to use a more recent glibc if
possible, from which the entire system can get benefit. If for some
reason an old glibc has to be used, this patch is provided for an
alternative.
This implementation can improve memory copy on some ARM64
platforms, when an old glibc (e.g. 2.19, 2.17...) is being used.
It is disabled by default and needs "RTE_ARCH_ARM64_MEMCPY"
defined to activate. It's not always proving better performance
than memcpy() so users need to run DPDK unit test
"memcpy_perf_autotest" and customize parameters in "customization
section" in rte_memcpy_64.h for best performance.
Compiler version will also impact the rte_memcpy() performance.
It's observed on some platforms and with the same code, GCC 7.2.0
compiled binary can provide better performance than GCC 4.8.5. It's
suggested to use GCC 5.4.0 or later.
Signed-off-by: Herbert Guan <herbert.guan@arm.com>
Acked-by: Jerin Jacob <jerin.jacob@caviumnetworks.com>