dpdk.git
3 years agonet/softnic: fix memory leak in arguments parsing
Dapeng Yu [Thu, 15 Jul 2021 05:38:14 +0000 (13:38 +0800)]
net/softnic: fix memory leak in arguments parsing

In function pmd_parse_args(), firmware path is duplicated from device
arguments as character string, but is never freed, which cause memory
leak.

This patch changes the type of firmware member of struct pmd_params to
character array, to make memory resource release unnecessary, and
changes the type of name member to character array, to keep the
consistency of character string handling in struct pmd_params.

Fixes: 7e68bc20f8c8 ("net/softnic: restructure")
Cc: stable@dpdk.org
Signed-off-by: Dapeng Yu <dapengx.yu@intel.com>
Acked-by: Jasvinder Singh <jasvinder.singh@intel.com>
3 years agoraw/cnxk_bphy: support setting FEC
Tomasz Duszynski [Thu, 15 Jul 2021 13:53:30 +0000 (08:53 -0500)]
raw/cnxk_bphy: support setting FEC

Add support for setting FEC for a given LMAC.

Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
3 years agoraw/cnxk_bphy: support reading FEC
Tomasz Duszynski [Thu, 15 Jul 2021 13:53:29 +0000 (08:53 -0500)]
raw/cnxk_bphy: support reading FEC

Allow one to retrieve supported FEC setting for specific LMAC.

Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
3 years agocommon/cnxk: support setting BPHY CGX/RPM FEC
Tomasz Duszynski [Thu, 15 Jul 2021 13:53:28 +0000 (08:53 -0500)]
common/cnxk: support setting BPHY CGX/RPM FEC

Add support for setting FEC for a given LMAC.

Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
3 years agocommon/cnxk: support reading BPHY CGX/RPM FEC
Tomasz Duszynski [Thu, 15 Jul 2021 13:53:27 +0000 (08:53 -0500)]
common/cnxk: support reading BPHY CGX/RPM FEC

Before setting FEC for specific LMAC one needs to know which type is
actually supported because it generally differs between modes
LMAC operates in (SGMII, SFI, etc.).

Signed-off-by: Tomasz Duszynski <tduszynski@marvell.com>
3 years agoeal/windows: check callback parameter of alarm functions
Jie Zhou [Wed, 7 Jul 2021 20:25:38 +0000 (13:25 -0700)]
eal/windows: check callback parameter of alarm functions

EAL functions rte_eal_alarm_set() and rte_eal_alarm_cancel()
did not for invalid parameters in Windows implementation,
which is caught by the unit test alarm_autotest.

Enforce parameter check to fail fast for invalid parameters.

Fixes: f4cbdbc7fbd2 ("eal/windows: implement alarm API")
Cc: stable@dpdk.org
Signed-off-by: Jie Zhou <jizh@linux.microsoft.com>
Acked-by: Dmitry Kozlyuk <dmitry.kozliuk@gmail.com>
3 years agonet/sfc: fix build with clang 3.4.2
Andrew Rybchenko [Thu, 22 Jul 2021 07:49:05 +0000 (10:49 +0300)]
net/sfc: fix build with clang 3.4.2

Old clang requires libatomic as well as gcc. Avoid compiler name and
version based checks. Add custom test for 16-byte atomic operations
to find out if libatomic is required to build.

Bugzilla ID: 760
Fixes: 96fd2bd69b58 ("net/sfc: support flow action count in transfer rules")

Signed-off-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: David Marchand <david.marchand@redhat.com>
3 years agopower: fix multi-queue scale mode
Anatoly Burakov [Wed, 21 Jul 2021 14:26:25 +0000 (14:26 +0000)]
power: fix multi-queue scale mode

Currently in scale mode, multi-queue initialization will attempt to
initialize and de-initialize the per-lcore power library structures
multiple times. Fix it to only do this whenever we either enabling
first queue or disabling last queue.

Fixes: 5dff9a72b0ef ("power: support callbacks for multiple Rx queues")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
Tested-by: David Hunt <david.hunt@intel.com>
3 years agomaintainers: update for crypto API
Akhil Goyal [Thu, 22 Jul 2021 08:37:39 +0000 (14:07 +0530)]
maintainers: update for crypto API

Claim ownership for crypto API layer.
Have been reviewing patches from quite some time.

Signed-off-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
3 years agocrypto/octeontx: enable build on non-Linux OS
Shijith Thotton [Thu, 22 Jul 2021 09:06:51 +0000 (14:36 +0530)]
crypto/octeontx: enable build on non-Linux OS

Enabled build of Octeontx crypto PMD on non linux OS.
Other Octeontx PMDs are enabled already.

This is to avoid ABI test failure on an OS once we add dependency
between a driver which is built to another which is not.

Fixes: 8dc6c2f12ecf ("crypto/octeontx: add crypto adapter framework")

Reported-by: David Marchand <david.marchand@redhat.com>
Signed-off-by: Shijith Thotton <sthotton@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agobuild: check for broken AVX512 compiler support
Liang Ma [Tue, 20 Jul 2021 13:36:45 +0000 (14:36 +0100)]
build: check for broken AVX512 compiler support

GCC 6.3.0 has a known bug which related to _mm512_extracti64x4_epi64.
Please reference https://gcc.gnu.org/bugzilla/show_bug.cgi?id=82887

Some DPDK PMD AVX512 version heavily use _mm512_extracti64x4_epi6,
which cause building failure with debug buildtype.

Therefore, it's helpful to check if compiler work with
_mm512_extracti64x4_epi6.

This patch check the compiler compile result against the test code
snippet. If the checking is failed then disable AVX512.

Bugzilla ID: 717
Fixes: e6a6a138919f ("net/i40e: add AVX512 vector path")
Fixes: 808a17b3c1e6 ("net/ice: add Rx AVX512 offload path")
Fixes: 4b64ccb328c9 ("net/iavf: fix VLAN extraction in AVX512 path")
Cc: stable@dpdk.org
Reported-by: Liang Ma <liangma@liangbit.com>
Signed-off-by: Liang Ma <liangma@bytedance.com>
Acked-by: Bruce Richardson <bruce.richardson@intel.com>
3 years agonet/bnxt: fix null dereference in interrupt handler
Kalesh AP [Tue, 20 Jul 2021 16:21:58 +0000 (21:51 +0530)]
net/bnxt: fix null dereference in interrupt handler

Coverity reports that pointer "cpr->cp_ring_struct" may be
dereferenced with null value. This patch fixes this.

Coverity issue: 372063
Fixes: 5ed30db87fa8 ("net/bnxt: fix missing barriers in completion handling")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Reviewed-by: Lance Richardson <lance.richardson@broadcom.com>
3 years agonet/bnxt: remove workaround for default VNIC
Kalesh AP [Sun, 18 Jul 2021 05:30:59 +0000 (11:00 +0530)]
net/bnxt: remove workaround for default VNIC

On older Wh+ firmware versions, HWRM_FUNC_QCFG returns zero
for the parent default vnic. Commit "3fb93bc7c349" added a
temporary Wh+-specific workaround in the PMD.
This has been fixed in latest firmware and hence removing
the workaround.

Fixes: 3fb93bc7c349 ("net/bnxt: initialize parent PF information")
Cc: stable@dpdk.org
Signed-off-by: Kalesh AP <kalesh-anakkur.purayil@broadcom.com>
Reviewed-by: Ajit Khaparde <ajit.khaparde@broadcom.com>
Reviewed-by: Lance Richardson <lance.richardson@broadcom.com>
3 years agonet/ice: fix L3 RSS with IPv6 fragment
Ting Xu [Sun, 18 Jul 2021 14:50:17 +0000 (22:50 +0800)]
net/ice: fix L3 RSS with IPv6 fragment

Since the header type of IPv6 fragment is wrong, the L3 dst/src RSS hash
fields cannot work properly. This patch changed the header type from any
to outer.

Fixes: f1ea76eb6394 ("net/ice: support RSS hash for IP fragment")
Cc: stable@dpdk.org
Signed-off-by: Ting Xu <ting.xu@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
3 years agonet/ice: clear QoS bandwidth on DCF close
Ting Xu [Thu, 15 Jul 2021 02:16:42 +0000 (10:16 +0800)]
net/ice: clear QoS bandwidth on DCF close

When closing DCF, the bandwidth limit configured for VFs by DCF is not
cleared correctly. The configuration will still take effect when DCF starts
again, if VFs are not re-allocated. This patch cleared VFs bandwidth limit
when DCF closes, and DCF needs to re-configure bandwidth for VFs when it
starts next time.

Fixes: 3a6bfc37eaf4 ("net/ice: support QoS config VF bandwidth in DCF")

Signed-off-by: Ting Xu <ting.xu@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
3 years agonet/mlx5: export PMD-specific API file
Liang Ma [Sun, 18 Jul 2021 10:29:16 +0000 (11:29 +0100)]
net/mlx5: export PMD-specific API file

The file rte_pmd_mlx5.h should be exported by Meson.

Fixes: efa79e68c8cd ("net/mlx5: support fine grain dynamic flag")
Fixes: 23f627e0ed28 ("net/mlx5: add flow sync API")
Cc: stable@dpdk.org
Signed-off-by: Liang Ma <liangma@bytedance.com>
3 years agonet/mlx5: reject inner ethernet matching in GTP
Lior Margalit [Tue, 20 Jul 2021 15:17:18 +0000 (18:17 +0300)]
net/mlx5: reject inner ethernet matching in GTP

The user is able to create a flow rule pattern with ETH after GTP
although it is not supported by the flex-parser configuration.

Failed the rule validation in such case with proper error message.

Fixes: 23c1d42c7138 ("net/mlx5: split flow validation to dedicated function")
Cc: stable@dpdk.org
Signed-off-by: Lior Margalit <lmargalit@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: fix RSS expansion for GTP
Lior Margalit [Sun, 18 Jul 2021 11:15:04 +0000 (14:15 +0300)]
net/mlx5: fix RSS expansion for GTP

The flow did not expand correctly when it included a GTP item.

Added GTP node to the expansion graph as possible next node
after IPv4/IPv6 UDP node.

Fixes: 592f05b29a25 ("net/mlx5: add RSS flow action")
Cc: stable@dpdk.org
Signed-off-by: Lior Margalit <lmargalit@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: fix SF representor probing in isolate mode
Xueming Li [Wed, 7 Jul 2021 11:53:26 +0000 (19:53 +0800)]
net/mlx5: fix SF representor probing in isolate mode

Representor failed to probe in isolated mode due to callback of
retrieving representor info missing. This patch adds it back.

Fixes: cb95feefdd03 ("net/mlx5: support sub-function representor")
Cc: stable@dpdk.org
Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: fix RoCE LAG bond device probing
Viacheslav Ovsiienko [Wed, 21 Jul 2021 08:31:40 +0000 (11:31 +0300)]
net/mlx5: fix RoCE LAG bond device probing

The RoCE LAG bond device requires neither E-Switch nor SR-IOV
configurations. It means the RoCE LAG bond device might be
presented as a single port Infiniband device.

The mlx5 PMD wrongly recognized standalone RoCE LAG bond device
as E-Switch configuration, this triggered the calls of E-Switch
ports related API and the latter failed (over the new OFED kernel
driver, starting since 5.4.1), causing the overall device probe
failure.

If there is a single port Infiniband bond device found the
E-Switch related flags must be cleared indicating standalone
configuration.

Also, it is not true anymore the bond device can exist
over E-Switch configurations only (as it was claimed for VF LAG
bond devices). The related checks are not relevant anymore
and removed.

Fixes: 790164ce1d2d ("net/mlx5: check kernel support for VF LAG bonding")
Cc: stable@dpdk.org
Signed-off-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: reject copy to mark via modify action
Alexander Kozyrev [Fri, 16 Jul 2021 08:43:05 +0000 (11:43 +0300)]
net/mlx5: reject copy to mark via modify action

The Mark action is a two-stage process in the Mellanox driver.
First, a hardware register is filled with the required value,
then this value is registered in the software resource table.

The MODIFY_FIELD action can instruct a Mellanox NIC to copy
some value from an arbitrary packet header field into the
hardware register, associated with the Mark item. But there
is no way NIC can modify the software resource table as well.

Due to these driver limitations the copying of arbitrary value
to the MARK can not be supported and should be rejected in the
MODIFY_FIELD action.

Signed-off-by: Alexander Kozyrev <akozyrev@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: fix meta register conversion for extensive mode
Alexander Kozyrev [Tue, 20 Jul 2021 07:51:38 +0000 (10:51 +0300)]
net/mlx5: fix meta register conversion for extensive mode

Register C is used in the extensive metadata mode number 1 and its
width can vary from 0 to 32 bits depending on the kernel usage of it.

There are several issues associated with this mode (dv_xmeta_en=1):
1. The metadata setting assumes that the width is always 16 bits,
which is the most common case in this mode. Use the proper mask.
2. The same is true for the modify_field Flow API. 16-bits width
is hardcoded for dv_xmeta_en=1. Switch to the register C mask width.
3. Metadata is stored in the most significant bits in CQE in this
mode because the registers copy code was not updated during the
metadata conversion to the big-endian format. Update this code to
avoid shifting the metadata in the datapath.

Fixes: b57e414b48 ("net/mlx5: convert meta register to big-endian")
Cc: stable@dpdk.org
Signed-off-by: Alexander Kozyrev <akozyrev@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: fix indexed pools allocation on Windows
Suanming Mou [Thu, 22 Jul 2021 06:59:40 +0000 (09:59 +0300)]
net/mlx5: fix indexed pools allocation on Windows

Currently, the flow indexed pools are allocated per port,
the allocation was missing in Windows code.

Allocate indexed pool for the Windows case too.

Fixes: b4edeaf3efd5 ("net/mlx5: replace flow list with indexed pool")

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Acked-by: Tal Shnaiderman <talshn@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Tested-by: Odi Assli <odia@nvidia.com>
3 years agonet/mlx5: fix indirect action modify rollback
Dmitry Kozlyuk [Wed, 21 Jul 2021 12:51:12 +0000 (15:51 +0300)]
net/mlx5: fix indirect action modify rollback

mlx5_ind_table_obj_modify() first references queues from the new list,
then applies the new list to HW. In case of apply failure the function
dereferenced queues from the old list, while it should be the new list.

Fixes: fa7ad49e96b5 ("net/mlx5: fix shared RSS action update")
Cc: stable@dpdk.org
Signed-off-by: Dmitry Kozlyuk <dkozlyuk@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: fix Rx/Tx queue checks
Dmitry Kozlyuk [Tue, 20 Jul 2021 07:53:35 +0000 (10:53 +0300)]
net/mlx5: fix Rx/Tx queue checks

When device configuration was interrupted by a signal,
mlx5_rxq/txq_release() could access yet unitinialized array
and crash the application. Add checks whether queue array
is initialized.

Fixes: a1366b1a2be3 ("net/mlx5: add reference counter on DPDK Rx queues")
Fixes: 6e78005a9b30 ("net/mlx5: add reference counter on DPDK Tx queues")
Cc: stable@dpdk.org
Signed-off-by: Dmitry Kozlyuk <dkozlyuk@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: check VLAN push/pop support
Dong Zhou [Thu, 22 Jul 2021 07:48:39 +0000 (10:48 +0300)]
net/mlx5: check VLAN push/pop support

For ConnectX-6 in FDB domain, pop and push VLAN
on both ingress and egress directions are supported.

For ConnectX-6 in NIC domain, and ConnectX-5 in both FWD and NIC domain,
pop VLAN is only supported on ingress direction,
push VLAN is only supported on egress direction.

Signed-off-by: Dong Zhou <dongzhou@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agoregex/mlx5: fix redundancy in device removal
Michael Baum [Mon, 12 Jul 2021 07:06:44 +0000 (10:06 +0300)]
regex/mlx5: fix redundancy in device removal

In the removal function, PMD releases all driver resources and
cancels the regexdev registry.

However, regexdev registration is accidentally canceled twice.
Remove one of them.

Fixes: b34d816363b5 ("regex/mlx5: support rules import")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
3 years agoregex/mlx5: fix leak on device removal
Michael Baum [Mon, 12 Jul 2021 07:06:43 +0000 (10:06 +0300)]
regex/mlx5: fix leak on device removal

In the removal function, PMD releases all driver resources allocated
in the probe function.

The MR btree memory is allocated in the probe function, but it is not
freed in remove function what caused a memory leak.

Release it.

Fixes: cda883bbb655 ("regex/mlx5: add dynamic memory registration to datapath")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
3 years agoregex/mlx5: fix memory region unregistration
Michael Baum [Mon, 12 Jul 2021 07:06:42 +0000 (10:06 +0300)]
regex/mlx5: fix memory region unregistration

The issue can cause illegal physical address access while a huge-page A
is released and huge-page B is allocated on the same virtual address.
The old MR can be matched using the virtual address of huge-page B but
the HW will access the physical address of huge-page A which is no more
part of the DPDK process.

Register a driver callback for memory event in order to free out all the
MRs of memory that is going to be freed from the DPDK process.

Fixes: cda883bbb655 ("regex/mlx5: add dynamic memory registration to datapath")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Ori Kam <orika@nvidia.com>
3 years agonet/mlx5: fix overflow in mempool argument
Michael Baum [Thu, 1 Jul 2021 06:39:16 +0000 (09:39 +0300)]
net/mlx5: fix overflow in mempool argument

The mlx5_mprq_alloc_mp function makes shifting to the numeric constant
1, for sending it as a parameter to rte_mempool_create function.

The rte_mempool_create function expects to get void pointer (uintptr_t,
might be 64-bit) and instead gets a 32-bit variable, because the
numeric constant size is a 32-bit.
In case the shift is greater than 32 the variable might lose its value
even though the function might get 64-bit argument.

Change the size of the numeric constant 1 to uintptr_t.

Fixes: 3a22f3877c9d ("net/mlx5: replace external mbuf shared memory")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agovdpa/mlx5: fix overflow in queue attribute
Michael Baum [Thu, 1 Jul 2021 06:39:15 +0000 (09:39 +0300)]
vdpa/mlx5: fix overflow in queue attribute

The mlx5_vdpa_event_qp_create function makes shifting to the numeric
constant 1, then multiplies it by another constant and finally assigns
it into a uint64_t variable.

The numeric constant type is an int with a 32-bit sign. if after
shifting , its MSB (bit of sign) will change, the uint64 variable will
get into it a different value than what the function intended it to get.

Set the numeric constant 1 to be uint64_t in the first place.

Fixes: 8395927cdfaf ("vdpa/mlx5: prepare HW queues")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agocompress/mlx5: fix overflow in queue size
Michael Baum [Thu, 1 Jul 2021 06:39:14 +0000 (09:39 +0300)]
compress/mlx5: fix overflow in queue size

The mlx5_compress_qp_setup function makes shifting to the numeric
constant 1, then sends it as a parameter to rte_calloc function.

The rte_calloc function expects to get size_t (might be 64 bit) and
instead gets a 32-bit variable, because the numeric constant size is a
32-bit.
In case the shift is greater than 32 bit and it 64-system, the variable
will lose its value even though the function can get 64-bit argument.

Change the size of the numeric constant 1 to size_t.

Fixes: 8619fcd5161b ("compress/mlx5: support queue pair operations")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agoregex/mlx5: fix size of setup constants
Michael Baum [Thu, 1 Jul 2021 06:39:13 +0000 (09:39 +0300)]
regex/mlx5: fix size of setup constants

The constant representing the size of the metadata is defined as an
unsigned int variable with 32-bit.
Similarly the constant representing the maximal output is also defined
as an unsigned int variable with 32-bit.

There is potentially overflowing expression when those constants are
evaluated using 32-bit arithmetic, and then used in a context that
expects an expression of type size_t that might be 64-bit.

Change the size of the above constants to size_t.

Fixes: 30d604bb1504 ("regex/mlx5: fix type of setup constants")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: support meter for trTCM profiles
Bing Zhao [Wed, 21 Jul 2021 08:54:21 +0000 (11:54 +0300)]
net/mlx5: support meter for trTCM profiles

The support of RFC2698 and RFC4115 are added in mlx5 PMD. Only the
ASO metering supports these two profiles.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: check consistency of meter policy and profile
Bing Zhao [Wed, 21 Jul 2021 08:54:20 +0000 (11:54 +0300)]
net/mlx5: check consistency of meter policy and profile

In the previous implementation, only green color policy was
supported in mlx5 PMD. Since yellow color policy is supported now,
the consistency of meter policy and profile should be checked.
  1. If the profile supports yellow but the policy doesn't, an error
     should be returned when creating the meter. Or else, there is
     no explicit steering action for the packets marked with yellow.
  2. If the policy supports yellow but the profile doesn't, it will
     be considered as a valid case. Even if no packet will be
     handled with the yellow steering action, it is just like that
     only the green policy presents.

Usually the green color is supported by default, but when it is
disabled intentionally with setting the CBS to a small value like
zero in the profile, the similar checking on green policy and
profile should also be done.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: support yellow in meter policy validation
Bing Zhao [Wed, 21 Jul 2021 08:54:19 +0000 (11:54 +0300)]
net/mlx5: support yellow in meter policy validation

In the previous implementation, the policy for yellow color was not
supported. The action validation for yellow was skipped.

Since the yellow color policy needs to be supported, the validation
should also be done for the yellow color. In the meanwhile, due to
the fact that color policies of one meter should be used for the
same flow(s), the domains supported of both colors should be the
same. If both of the colors have RSS as the termination actions,
except the queues, all other parameters of RSS should be the same.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: split meter color policy handling
Bing Zhao [Wed, 21 Jul 2021 08:54:18 +0000 (11:54 +0300)]
net/mlx5: split meter color policy handling

If the fate action is either RSS or Queue of a meter policy, the
action will only be created in the flow splitting stage. With queue
as the fate action, only one sub-policy is needed. And RSS will
have more than one sub-policies if there is an expansion.

Since the RSS parameters are the same for both green and yellow
colors except the queues, the expansion result will be unique.
Even if only one color has the RSS action, the checking and possible
expansion will be done then. For each sub-policy, the action rules
need to be created separately on its own policy table.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: support yellow meter policy rules
Bing Zhao [Wed, 21 Jul 2021 08:54:17 +0000 (11:54 +0300)]
net/mlx5: support yellow meter policy rules

When creating a meter policy, both / either of the action rules for
green and yellow colors may be provided. After validation, usually
the actions are created before the meter is using by a flow rule.

If there is action specified for the yellow color, the action rules
should be created together with green color in the same time. The
action of green / yellow color can be empty, then the default
behavior is the jump action of the rule, just the same as that of
the default policy.

If the fate action of either one color is queue / RSS, all the
actions rules will be created on the flow splitting stage instead of
the policy adding stage.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: enable meter bucket overflow for yellow color
Bing Zhao [Wed, 21 Jul 2021 08:54:16 +0000 (11:54 +0300)]
net/mlx5: enable meter bucket overflow for yellow color

To support the meter policy for yellow action, the prerequisite is
that the hardware needs to support the EBS, as defined in the
RFC2697.
  https://datatracker.ietf.org/doc/html/rfc2697
Then some of the packets can be marked as yellow if the tokens of C
bucket is not enough but enough in E bucket. The color could be used
for the further steering of the packets.

In the current implementation EBS and overflow were ignored when
creating a meter profile. With this commit, if EBS is set by the
application, the generation of yellow color will be enabled in the
hardware for flow rules steering of packets.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agonet/mlx5: handle yellow case in default meter policy
Bing Zhao [Wed, 21 Jul 2021 08:54:15 +0000 (11:54 +0300)]
net/mlx5: handle yellow case in default meter policy

In order to support the yellow color for the default meter policy,
the default policy action for yellow should be created together
with the green policy.

The default policy action for yellow action is the same as that for
green. In the same table, the same matcher will be reused for yellow
and the destination group will be the same.

Signed-off-by: Bing Zhao <bingz@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agocommon/mlx5: remove legacy PCI driver
Xueming Li [Wed, 21 Jul 2021 14:37:43 +0000 (22:37 +0800)]
common/mlx5: remove legacy PCI driver

Clean up legacy PCI bus driver since all mlx5 PMDs are moved
to the new bus-agnostic driver interface.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocrypto/mlx5: migrate to bus-agnostic common interface
Xueming Li [Wed, 21 Jul 2021 14:37:42 +0000 (22:37 +0800)]
crypto/mlx5: migrate to bus-agnostic common interface

To support auxiliary bus, upgrade the driver to use mlx5 common driver
structure.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
3 years agocompress/mlx5: migrate to bus-agnostic common interface
Xueming Li [Wed, 21 Jul 2021 14:37:41 +0000 (22:37 +0800)]
compress/mlx5: migrate to bus-agnostic common interface

To support auxiliary bus, upgrade the driver to use mlx5 common driver
structure.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agovdpa/mlx5: support Sub-Function
Thomas Monjalon [Wed, 21 Jul 2021 14:37:40 +0000 (22:37 +0800)]
vdpa/mlx5: support Sub-Function

RoCE disabling requirement is based on PCI address.
In order to support Sub-Function, a conversion is needed
in the case of an auxiliary device.

SF device can be probed with such devargs string:
  auxiliary:mlx5_core.sf.<id>,class=vdpa

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agovdpa/mlx5: migrate to bus-agnostic common interface
Thomas Monjalon [Wed, 21 Jul 2021 14:37:39 +0000 (22:37 +0800)]
vdpa/mlx5: migrate to bus-agnostic common interface

Replace PCI-specific handling with bus-agnostic structures.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agovdpa/mlx5: define driver name as macro
Thomas Monjalon [Wed, 21 Jul 2021 14:37:38 +0000 (22:37 +0800)]
vdpa/mlx5: define driver name as macro

Use a macro for the PMD driver name.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agoregex/mlx5: migrate to bus-agnostic common interface
Xueming Li [Wed, 21 Jul 2021 14:37:37 +0000 (22:37 +0800)]
regex/mlx5: migrate to bus-agnostic common interface

To support auxiliary bus, upgrades driver to use mlx5 common driver
structure.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: check maximum Verbs port number
Xueming Li [Wed, 21 Jul 2021 14:37:36 +0000 (22:37 +0800)]
net/mlx5: check maximum Verbs port number

Verbs API doesn't support device port number larger than 255 by design.
Add check and fail probing with proper error log.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: support Sub-Function
Xueming Li [Wed, 21 Jul 2021 14:37:35 +0000 (22:37 +0800)]
net/mlx5: support Sub-Function

Introduce SF support.
Similar to VF, SF on auxiliary bus is a portion of hardware PF,
no representor or bonding parameters for SF.

Devargs to support SF:
-a auxiliary:mlx5_core.sf.8,dv_flow_en=1

New global syntax to support SF:
-a bus=auxiliary,name=mlx5_core.sf.8/class=eth/driver=mlx5,dv_flow_en=1

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: migrate to bus-agnostic common interface
Xueming Li [Wed, 21 Jul 2021 14:37:34 +0000 (22:37 +0800)]
net/mlx5: migrate to bus-agnostic common interface

To support SubFunction based on auxiliary bus, common driver supports
new bus-agnostic driver.

This patch migrates net driver to new common driver.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/mlx5: reduce PCI dependency
Xueming Li [Wed, 21 Jul 2021 14:37:33 +0000 (22:37 +0800)]
net/mlx5: reduce PCI dependency

To support more bus types, remove PCI dependency where possible.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocommon/mlx5: get PCI device address from any bus
Thomas Monjalon [Wed, 21 Jul 2021 14:37:32 +0000 (22:37 +0800)]
common/mlx5: get PCI device address from any bus

A function is exported to allow retrieving the PCI address
of the parent PCI device of a Sub-Function in auxiliary bus sysfs.
The function mlx5_dev_to_pci_str() is accepting both PCI and auxiliary
devices. In case of a PCI device, it is simply using the device name.

The function mlx5_dev_to_pci_addr(), which is based on sysfs path
and do not use any device object, is renamed to mlx5_get_pci_addr()
for clarity purpose.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocommon/mlx5: support auxiliary bus
Xueming Li [Wed, 21 Jul 2021 14:37:31 +0000 (22:37 +0800)]
common/mlx5: support auxiliary bus

Add auxiliary bus support for Sub-Function.

As a limitation of current driver, NUMA node of device is detected
from PCI bus of device sysfs symbol link.
It will be removed once NUMA node file will be available in sysfs.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocommon/mlx5: move description of PCI sysfs functions
Thomas Monjalon [Wed, 21 Jul 2021 14:37:30 +0000 (22:37 +0800)]
common/mlx5: move description of PCI sysfs functions

The Linux-specific functions mlx5_get_pci_addr() and
mlx5_get_ifname_sysfs() are better described in the .h file.

The requirement for using mlx5_get_pci_addr() is made explicit:
the node /device must exist in the provided sysfs path.

Signed-off-by: Thomas Monjalon <thomas@monjalon.net>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocommon/mlx5: add bus-agnostic layer
Xueming Li [Wed, 21 Jul 2021 14:37:29 +0000 (22:37 +0800)]
common/mlx5: add bus-agnostic layer

To support auxiliary bus, introduces common device driver and callbacks,
supposed to replace mlx5 common PCI bus driver.

Mlx5 class drivers, i.e. eth, vDPA, regex and compress normally consumes
single Verbs device context to probe a device. The Verbs device comes
from PCI address if the device is PCI bus device, from Auxiliary sysfs
if the device is auxiliary bus device. Currently only PCI bus is
supported.

Common device driver is a middle layer between mlx5 class drivers and
bus, resolve and abstract bus info to Verbs device for class drivers.
Both PCI bus driver and Auxiliary bus driver can utilize the common
driver layer to cast bus operations to mlx5 class drivers.

Legacy mlx5 common PCI bus driver still being used by mlx5 eth, vDPA,
regex and compress PMD, will be removed once all PMD drivers
migrate to new common driver.

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agocommon/mlx5: rename ethernet device class
Xueming Li [Wed, 21 Jul 2021 14:37:28 +0000 (22:37 +0800)]
common/mlx5: rename ethernet device class

To align with EAL class driver, rename internal class name
from "net" to "eth"

Signed-off-by: Xueming Li <xuemingl@nvidia.com>
Acked-by: Viacheslav Ovsiienko <viacheslavo@nvidia.com>
3 years agonet/virtio: fix Rx scatter offload
Ivan Ilchenko [Tue, 20 Jul 2021 07:54:45 +0000 (10:54 +0300)]
net/virtio: fix Rx scatter offload

Report Rx scatter offload capability depending on VIRTIO_NET_F_MRG_RXBUF.

If Rx scatter is not requested, ensure that provided Rx buffers on
each Rx queue are big enough to fit Rx packets up to configured MTU.

Fixes: ce17eddefc20 ("ethdev: introduce Rx queue offloads API")
Cc: stable@dpdk.org
Signed-off-by: Ivan Ilchenko <ivan.ilchenko@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: add thread-unsafe async registration
Jiayu Hu [Tue, 6 Jul 2021 08:29:34 +0000 (04:29 -0400)]
vhost: add thread-unsafe async registration

This patch adds thread unsafe version for async register and
unregister functions.

Signed-off-by: Jiayu Hu <jiayu.hu@intel.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: rework async configuration structure
Jiayu Hu [Mon, 19 Jul 2021 15:00:46 +0000 (11:00 -0400)]
vhost: rework async configuration structure

This patch reworks the async configuration structure to improve code
readability. In addition, add preserved padding fields on the structure
for future usage.

Signed-off-by: Jiayu Hu <jiayu.hu@intel.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: fix lock on device readiness notification
Jiayu Hu [Mon, 19 Jul 2021 15:00:45 +0000 (11:00 -0400)]
vhost: fix lock on device readiness notification

The vhost notifies the application of device readiness via
vhost_user_notify_queue_state(), but calling this function
is not protected by the lock. This patch is to make this
function call lock protected.

Fixes: d0fcc38f5fa4 ("vhost: improve device readiness notifications")
Cc: stable@dpdk.org
Signed-off-by: Jiayu Hu <jiayu.hu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: fix packed ring index wrapping
Maxime Coquelin [Wed, 7 Jul 2021 10:30:04 +0000 (12:30 +0200)]
vhost: fix packed ring index wrapping

Unlike split ring, packed ring does not mandate the ring size
to be a power of 2. So we have to use a modulo operation when
wrapping ring index.

Fixes: 873e8dad6f49 ("vhost: support packed ring in async datapath")
Cc: stable@dpdk.org
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Cheng Jiang <cheng1.jiang@intel.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
3 years agonet/virtio: fix refill order in packed ring datapath
Cheng Jiang [Thu, 8 Jul 2021 09:58:01 +0000 (09:58 +0000)]
net/virtio: fix refill order in packed ring datapath

The front-end should refill the descriptor with the mbuf indicated by
the buff_id rather then the index of used descriptor. Back-end may
return buffers out of order if async copy mode is enabled.

When initializing rxq, refill the descriptors in order as buff_id is
not available at that time.

Fixes: a76290c8f1cf ("net/virtio: implement Rx path for packed queues")
Cc: stable@dpdk.org
Signed-off-by: Cheng Jiang <cheng1.jiang@intel.com>
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: allow to check in-flight packets for async vhost
Jiayu Hu [Thu, 8 Jul 2021 10:21:22 +0000 (06:21 -0400)]
vhost: allow to check in-flight packets for async vhost

This patch allows to check the amount of in-flight packets
for the vhost queue using async acceleration.

Signed-off-by: Jiayu Hu <jiayu.hu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: fix async packed ring batch datapath
Cheng Jiang [Thu, 8 Jul 2021 10:25:28 +0000 (10:25 +0000)]
vhost: fix async packed ring batch datapath

We assume that in the sync path, if there is no buffer wrap in the
avail descriptors fetched in a batch, there is no buffer wrap in the
used descriptors which need to be written back in this batch, but
this assumption is wrong in the async path since there are inflight
descriptors which are processed by the DMA device.

This patch refactors the batch copy code and adds used ring buffer
wrap check as a batch copy condition to fix this issue.

Fixes: 873e8dad6f49 ("vhost: support packed ring in async datapath")
Cc: stable@dpdk.org
Signed-off-by: Cheng Jiang <cheng1.jiang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agovhost: fix index overflow for packed ring in async vhost
Cheng Jiang [Thu, 15 Jul 2021 09:50:30 +0000 (09:50 +0000)]
vhost: fix index overflow for packed ring in async vhost

We introduced some new indexes in packed ring of async vhost. They
will eventually overflow and lead to errors if the ring size is not
a power of 2. This patch is to check and keep these indexes within a
reasonable range.

Fixes: 873e8dad6f49 ("vhost: support packed ring in async datapath")
Cc: stable@dpdk.org
Signed-off-by: Cheng Jiang <cheng1.jiang@intel.com>
Reviewed-by: Chenbo Xia <chenbo.xia@intel.com>
3 years agovhost: check header for legacy dequeue offload
Xiao Wang [Mon, 21 Jun 2021 08:21:04 +0000 (16:21 +0800)]
vhost: check header for legacy dequeue offload

When parsing the virtio net header and packet header for dequeue offload,
we need to perform sanity check on the packet header to ensure:
  - No out-of-boundary memory access.
  - The packet header and virtio_net header are valid and aligned.

Fixes: d0cf91303d73 ("vhost: add Tx offload capabilities")
Cc: stable@dpdk.org
Signed-off-by: Xiao Wang <xiao.w.wang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
3 years agotest/crypto: check raw API support
Adam Dybkowski [Tue, 20 Jul 2021 13:11:33 +0000 (14:11 +0100)]
test/crypto: check raw API support

This patch adds checking if RAW API is supported at the start
of the test command "cryptodev_qat_raw_api_autotest".

Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mvsam: support IPsec offload
Michael Shamis [Sun, 11 Jul 2021 06:55:28 +0000 (09:55 +0300)]
crypto/mvsam: support IPsec offload

This patch provides the support for IPsec protocol
offload to the hardware.
Following security operations are added:
- session_create
- session_destroy
- capabilities_get

Signed-off-by: Michael Shamis <michaelsh@marvell.com>
Reviewed-by: Liron Himi <lironh@marvell.com>
Tested-by: Liron Himi <lironh@marvell.com>
3 years agotest/crypto: support mlx5 driver
Shiri Kuzin [Tue, 20 Jul 2021 13:09:44 +0000 (16:09 +0300)]
test/crypto: support mlx5 driver

In order to test the new mlx5 crypto PMD, the driver is added to the
crypto test application.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agotest/crypto: add multi-segment out-of-place AES-XTS
Shiri Kuzin [Tue, 20 Jul 2021 13:09:43 +0000 (16:09 +0300)]
test/crypto: add multi-segment out-of-place AES-XTS

The AES-XTS algorithm can supports wrapped key and data-unit.
The encryption/decryption can be done out of place and using multi
segments.

Add multi segment and out of place tests to the recently added AES-XTS
vectors, which support using data-unit and a wrapped key.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agotest/crypto: add AES-XTS vectors
Shiri Kuzin [Tue, 20 Jul 2021 13:09:42 +0000 (16:09 +0300)]
test/crypto: add AES-XTS vectors

The AES-XTS algorithm supports using a wrapped key.
In AES-XTS the data-unit defines the data block size to be
encrypted\decrypted.

Add AES-XTS vectors with a wrapped key.
Add a variable stating whether the key is wrapped or not.
Add the AES-XTS data-unit.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: support statistics operations
Suanming Mou [Tue, 20 Jul 2021 13:09:41 +0000 (16:09 +0300)]
crypto/mlx5: support statistics operations

This commit adds mlx5 crypto statistic get and reset operations.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Signed-off-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: support enqueue/dequeue operations
Suanming Mou [Tue, 20 Jul 2021 13:09:40 +0000 (16:09 +0300)]
crypto/mlx5: support enqueue/dequeue operations

The crypto operations are done with the WQE set which contains
one UMR WQE and one rdma write WQE. Most segments of the WQE
set are initialized properly during queue setup, only limited
segments are initialized according to the crypto detail in the
datapath process.

This commit adds the enqueue and dequeue operations and updates
the WQE set segments accordingly.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Signed-off-by: Matan Azrad <matan@nvidia.com>
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: add WQE set initialization
Suanming Mou [Tue, 20 Jul 2021 13:09:39 +0000 (16:09 +0300)]
crypto/mlx5: add WQE set initialization

Currently, HW handles the WQEs much faster than the software,
Using the constant WQE set layout can initialize most of the WQE
segments in advanced, and software only needs to configure very
limited segments in datapath. This accelerates the software WQE
organize in datapath.

This commit initializes the fixed WQE set segments.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Signed-off-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: add maximum segments configuration
Suanming Mou [Tue, 20 Jul 2021 13:09:38 +0000 (16:09 +0300)]
crypto/mlx5: add maximum segments configuration

The mlx5 HW crypto operations are done by attaching crypto property
to a memory region. Once done, every access to the memory via the
crypto-enabled memory region will result with in-line encryption or
decryption of the data.

As a result, the design choice is to provide two types of WQEs. One
is UMR WQE which sets the crypto property and the other is rdma write
WQE which sends DMA command to copy data from local MR to remote MR.

The size of the WQEs will be defined by a new devarg called
max_segs_num.

This devarg also defines the maximum segments in mbuf chain that will be
supported for crypto operations.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Signed-off-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: add keytag configuration
Suanming Mou [Tue, 20 Jul 2021 13:09:37 +0000 (16:09 +0300)]
crypto/mlx5: add keytag configuration

A keytag is a piece of data encrypted together with a DEK.

When a DEK is referenced by an MKEY.bsf through its index, the keytag is
also supplied in the BSF as plaintext. The HW will decrypt the DEK (and
the attached keytag) and will fail the operation if the keytags don't
match.

This commit adds the configuration of the keytag with devargs.

Signed-off-by: Suanming Mou <suanmingm@nvidia.com>
Signed-off-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: create login object using DevX
Shiri Kuzin [Tue, 20 Jul 2021 13:09:36 +0000 (16:09 +0300)]
crypto/mlx5: create login object using DevX

To work with crypto engines that are marked with wrapped_import_method,
a login session is required.
A crypto login object needs to be created using DevX.

The crypto login object contains:
- The credential pointer.
- The import_KEK pointer to be used for all secured information
  communicated in crypto commands (key fields), including the
  provided credential in this command.
- The credential secret, wrapped by the import_KEK indicated in
  this command. Size includes 8 bytes IV for wrapping.

Added devargs for the required login values:
- wcs_file - path to the file containing the credential.
- import_kek_id - the import KEK pointer.
- credential_id - the credential pointer.

Create the login DevX object in pci_probe function and destroy it in
pci_remove.
Destroying the crypto login object means logout.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: add memory region management
Shiri Kuzin [Tue, 20 Jul 2021 13:09:35 +0000 (16:09 +0300)]
crypto/mlx5: add memory region management

Mellanox user space drivers don't deal with physical addresses as part
of a memory protection mechanism.
The device translates the given virtual address to a physical address
using the given memory key as an address space identifier.
That's why any mbuf virtual address is moved directly to the HW
descriptor(WQE).

The mapping between the virtual address to the physical address is saved
in MR configured by the kernel to the HW.

Each MR has a key that should also be moved to the WQE by the SW.

When the SW sees an unmapped address, it extends the address range and
creates a MR using a system call.

Add memory region cache management:
- 2 level cache per queue-pair - no locks.
- 1 shared cache between all the queues using a lock.

Using this way, the MR key search per data-path address is optimized.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: support session operations
Shiri Kuzin [Tue, 20 Jul 2021 13:09:34 +0000 (16:09 +0300)]
crypto/mlx5: support session operations

Sessions are used in symmetric transformations in order to prepare
objects and data for packet processing stage.

A mlx5 session includes iv_offset, pointer to mlx5_crypto_dek struct,
bsf_size, bsf_p_type, block size index, encryption_order and encryption
standard.

Implement the next session operations:
        mlx5_crypto_sym_session_get_size- returns the size of the mlx5
session struct.
mlx5_crypto_sym_session_configure- prepares the DEK hash-list
and saves all the session data.
mlx5_crypto_sym_session_clear - destroys the DEK hash-list.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: support queue pairs operations
Shiri Kuzin [Tue, 20 Jul 2021 13:09:33 +0000 (16:09 +0300)]
crypto/mlx5: support queue pairs operations

The HW queue pairs are a pair of send queue and receive queue of
independent work queues packed together in one object for the purpose
of transferring data between nodes of a network.

Completion Queue is a FIFO queue of completed work requests.

In crypto driver we use one QP in loopback in order to encrypt and
decrypt data locally without sending it to the wire.
In the configured QP we only use the SQ to perform the encryption and
decryption operations.

Added implementation for the QP setup function which creates the CQ,
creates the QP and changes its state to RTS (ready to send).

Added implementation for the release QP function to release all the QP
resources.

Added the ops structure that contains any operation which is supported
by the cryptodev.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: support basic operations
Shiri Kuzin [Tue, 20 Jul 2021 13:09:32 +0000 (16:09 +0300)]
crypto/mlx5: support basic operations

The basic dev control operations are configure, close, start, stop and
get info.

Extended the existing support of configure and close:
-mlx5_crypto_dev_configure- function used to configure device.
-mlx5_crypto_dev_close-  function used to close a configured
 device.
-mlx5_crypto_dev_stop- function used to stop device.
-mlx5_crypto_dev_start- function used to start device.
-mlx5_crypto_dev_infos_get- function used to get info.

Added config struct to user private data with the fields socket id,
number of queue pairs and feature flags to be disabled.
Add the dev_start function that is used to start a configured device.
Add the dev_stop function that is used to stop a configured device.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: add DEK object management
Shiri Kuzin [Tue, 20 Jul 2021 13:09:31 +0000 (16:09 +0300)]
crypto/mlx5: add DEK object management

A DEK (Data encryption Key) is an mlx5 HW object which represents
the cipher algorithm key.
The DEKs are used during data encryption/decryption operations.

In symmetric algorithms like AES-XTS, we use the same DEK for both
encryption and decryption.

Use the mlx5 hash-list tool to manage the DEK objects in the PMD.

Provide the compare, create and destroy functions to manage DEKs in
hash-list and introduce an internal API to setup and unset the DEK
management and to prepare and destroy specific DEK object.

The DEK hash-list will be created in dev_configure routine and
destroyed in dev_close routine.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/mlx5: introduce Mellanox crypto driver
Shiri Kuzin [Tue, 20 Jul 2021 13:09:30 +0000 (16:09 +0300)]
crypto/mlx5: introduce Mellanox crypto driver

Add a new PMD for Mellanox devices- crypto PMD.

The crypto PMD will be supported starting Nvidia ConnectX6 and
BlueField2.

The crypto PMD will add the support of encryption and decryption using
the AES-XTS symmetric algorithm.

The crypto PMD requires rdma-core and uses mlx5 DevX.

This patch adds the PCI probing, basic functions, build files and
log utility.

Signed-off-by: Shiri Kuzin <shirik@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agoexamples/ipsec-secgw: support inline UDP encapsulation
Srujana Challa [Tue, 13 Jul 2021 07:42:18 +0000 (13:12 +0530)]
examples/ipsec-secgw: support inline UDP encapsulation

Adds support to allow udp-encap option for
RTE_SECURITY_ACTION_TYPE_INLINE_PROTOCOL mode also.

Signed-off-by: Srujana Challa <schalla@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
3 years agocommon/cnxk: support UDP encapsulation
Srujana Challa [Tue, 13 Jul 2021 07:42:17 +0000 (13:12 +0530)]
common/cnxk: support UDP encapsulation

Adds support for UDP encapsulation in crypto_cn10k
PMD.

Signed-off-by: Srujana Challa <schalla@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agotest/crypto: fix mempool size for session-less
Abhinandan Gujjar [Sun, 18 Jul 2021 12:18:51 +0000 (17:48 +0530)]
test/crypto: fix mempool size for session-less

Currently, private_data_offset for the sessionless is computed
wrongly which includes extra bytes added by
sizeof(struct rte_crypto_sym_xform) * 2. This causes buffer
overflow which leads to test application crash while freeing the
ops mempool. This patch provides fix for the same and also takes
care of increasing the length of ops to accommodate space for
rte_event_crypto_metadata while creating the crypto ops mempool.

Fixes: 3c2c535ecfc0 ("test: add event crypto adapter auto-test")
Cc: stable@dpdk.org
Signed-off-by: Abhinandan Gujjar <abhinandan.gujjar@intel.com>
Reported-by: Ciara Power <ciara.power@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/cnxk: reset feature flags on reconfigure
Anoob Joseph [Thu, 8 Jul 2021 09:44:37 +0000 (15:14 +0530)]
crypto/cnxk: reset feature flags on reconfigure

Feature flag in dev would be updated during config.
On reconfigure, the field need to be set again to
original value.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocompress/isal: support Arm platform
Ruifeng Wang [Thu, 15 Jul 2021 08:05:02 +0000 (16:05 +0800)]
compress/isal: support Arm platform

Isal compress PMD has build failures on Arm platform.

As dependent library ISA-L is supported on Arm platform,
support of the PMD is expanded to Arm architecture.
Fixed build failure caused by architecture specific code,
and made the PMD multi architecture compatible.

Bugzilla ID: 755
Signed-off-by: Ruifeng Wang <ruifeng.wang@arm.com>
3 years agocompress/mlx5: fix memory region unregistration
Michael Baum [Mon, 12 Jul 2021 07:19:34 +0000 (10:19 +0300)]
compress/mlx5: fix memory region unregistration

The issue can cause illegal physical address access while a huge-page A
is released and huge-page B is allocated on the same virtual address.
The old MR can be matched using the virtual address of huge-page B but
the HW will access the physical address of huge-page A which is no more
part of the DPDK process.

Register a driver callback for memory event in order to free out all the
MRs of memory that is going to be freed from the dpdk process.

Fixes: f8c97babc9f4 ("compress/mlx5: add data-path functions")
Cc: stable@dpdk.org
Signed-off-by: Michael Baum <michaelba@nvidia.com>
Acked-by: Matan Azrad <matan@nvidia.com>
3 years agocommon/cpt: allocate auth key dynamically
Anoob Joseph [Wed, 14 Jul 2021 11:18:24 +0000 (16:48 +0530)]
common/cpt: allocate auth key dynamically

Reduce session private data size by allocating
auth_key dynamically as required. Added auth_key_iova
to eliminate any impact on fastpath.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocommon/cnxk: allocate auth key dynamically
Anoob Joseph [Fri, 16 Jul 2021 05:13:29 +0000 (10:43 +0530)]
common/cnxk: allocate auth key dynamically

Reduce session private data size by allocating
auth_key dynamically as required.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/octeontx2: fix lookaside IPsec IV pointer
Tejasree Kondoj [Fri, 16 Jul 2021 10:44:47 +0000 (16:14 +0530)]
crypto/octeontx2: fix lookaside IPsec IV pointer

In case of AES-GCM/CCM, nonce/salt comes along
with IV, hence can be copied in a single memcpy.
This patch fixes the IV copy in lookaside IPsec
outbound instruction.

Fixes: fab634eb87ca ("crypto/octeontx2: support security session data path")
Cc: stable@dpdk.org
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agonet/octeontx2: clear SA valid during session destroy
Anoob Joseph [Tue, 13 Jul 2021 10:27:08 +0000 (15:57 +0530)]
net/octeontx2: clear SA valid during session destroy

SA table entry would be reserved for inline inbound operations. Clear
valid bit of the SA so that CPT would treat SA entry as invalid. Also,
move setting of valid bit to the end in case of session_create() to
eliminate possibility of hardware seeing partial data.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agonet/octeontx2: add lock for inline IPsec tables
Anoob Joseph [Tue, 13 Jul 2021 10:27:07 +0000 (15:57 +0530)]
net/octeontx2: add lock for inline IPsec tables

Add locking for IPsec table updates.

Fixed error handling to clear SA entry if the SA
population functions encounters any error.

Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/octeontx2: fix IPsec session member overlap
Anoob Joseph [Tue, 13 Jul 2021 10:27:06 +0000 (15:57 +0530)]
crypto/octeontx2: fix IPsec session member overlap

The member 'dir' should not overlap with 'ip'. Usage of union for all
members would mean dir would get corrupt.

Fixes: e91b4f45ff54 ("net/octeontx2: support anti-replay for security session")
Cc: stable@dpdk.org
Signed-off-by: Anoob Joseph <anoobj@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/cnxk: update instruction queue in start/stop
Ankur Dwivedi [Thu, 8 Jul 2021 11:47:14 +0000 (17:17 +0530)]
crypto/cnxk: update instruction queue in start/stop

The instruction queue is enabled in dev start and
is disabled in dev stop.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocommon/cnxk: move instruction queue enable to ROC
Ankur Dwivedi [Thu, 8 Jul 2021 11:47:13 +0000 (17:17 +0530)]
common/cnxk: move instruction queue enable to ROC

The code for enabling instruction queue is moved to ROC API.

Signed-off-by: Ankur Dwivedi <adwivedi@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocrypto/qat: update raw data path
Fan Zhang [Mon, 28 Jun 2021 16:34:32 +0000 (17:34 +0100)]
crypto/qat: update raw data path

This commit updates the QAT raw data-path API to support the
changes made to device and sessions. The QAT RAW data-path API
now works on Generation 1-3 devices and is disabled on GEN4.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocommon/qat: add service discovery
Arek Kusztal [Mon, 28 Jun 2021 16:34:31 +0000 (17:34 +0100)]
common/qat: add service discovery

This commit adds service discovery to generation four
of Intel QuickAssist Technology devices.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
3 years agocommon/qat: reset ring pairs before setting GEN4
Arek Kusztal [Mon, 28 Jun 2021 16:34:30 +0000 (17:34 +0100)]
common/qat: reset ring pairs before setting GEN4

This commit resets ring pairs of particular vf before
setting PMD.

Signed-off-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>
Acked-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>