[dpdk-stable] patch 'net/i40e: fix get RSS conf' has been queued to LTS release 18.11.1

[dpdk-stable] patch 'net/i40e: fix get RSS conf' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From f21e93ea57ffb277b2da7206bc4ab522a4fab4be Mon Sep 17 00:00:00 2001
From: Qiming Yang <qiming.yang@intel.com>
Date: Mon, 24 Dec 2018 23:34:02 +0800
Subject: [PATCH] net/i40e: fix get RSS conf

[ upstream commit 286a809c99c033f895c6b08c2af4b741f17ae29b ]

rte_eth_dev_rss_hash_conf_get API doesn't force 'rss_conf.rss_key'
to be not NULL, so rss_key = NULL should be alllowed in i40e
driver.

Fixes: 16321de09396 ("ethdev: allow to get RSS hash functions and key")

Signed-off-by: Qiming Yang <qiming.yang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
---
 drivers/net/i40e/i40e_ethdev.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/net/i40e/i40e_ethdev.c b/drivers/net/i40e/i40e_ethdev.c
index 8dc1a4af8..a6b97e164 100644
--- a/drivers/net/i40e/i40e_ethdev.c
+++ b/drivers/net/i40e/i40e_ethdev.c
@@ -7408,5 +7408,5 @@ i40e_get_rss_key(struct i40e_vsi *vsi, uint8_t *key, uint8_t *key_len)
 
 	if (!key || !key_len)
-		return -EINVAL;
+		return 0;
 
 	if (pf->flags & I40E_FLAG_RSS_AQ_CAPABLE) {
@@ -7493,4 +7493,7 @@ i40e_dev_rss_hash_conf_get(struct rte_eth_dev *dev,
 	int ret;
 
+	if (!rss_conf)
+		return -EINVAL;
+
 	ret = i40e_get_rss_key(pf->main_vsi, rss_conf->rss_key,
 			 &rss_conf->rss_key_len);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.768062227 +0000
+++ 0001-net-i40e-fix-get-RSS-conf.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 286a809c99c033f895c6b08c2af4b741f17ae29b Mon Sep 17 00:00:00 2001
+From f21e93ea57ffb277b2da7206bc4ab522a4fab4be Mon Sep 17 00:00:00 2001
 From: Qiming Yang <qiming.yang@intel.com>
 Date: Mon, 24 Dec 2018 23:34:02 +0800
 Subject: [PATCH] net/i40e: fix get RSS conf
 
+[ upstream commit 286a809c99c033f895c6b08c2af4b741f17ae29b ]
+
 rte_eth_dev_rss_hash_conf_get API doesn't force 'rss_conf.rss_key'
 to be not NULL, so rss_key = NULL should be alllowed in i40e
 driver.
 
 Fixes: 16321de09396 ("ethdev: allow to get RSS hash functions and key")
-Cc: stable@dpdk.org
 
 Signed-off-by: Qiming Yang <qiming.yang@intel.com>
 Acked-by: Qi Zhang <qi.z.zhang@intel.com>

[dpdk-stable] patch 'devtools: fix wrong headline lowercase for arm' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 42837f02e7bdec7bb57d8c647c921955addb54c9 Mon Sep 17 00:00:00 2001
From: Gavin Hu <gavin.hu@arm.com>
Date: Fri, 21 Dec 2018 14:02:56 +0800
Subject: [PATCH] devtools: fix wrong headline lowercase for arm

[ upstream commit 40fd87486799d50c78e24ff90337ca1dc1debc13 ]

Change to the new wording according to Arm corp:
https://mails.dpdk.org/archives/dev/2018-October/115174.html
otherwise, "Wrong headline lowercase" may be falsely reported.

Fixes: f146ada21d1e ("scripts: add more git log checks")

Signed-off-by: Gavin Hu <gavin.hu@arm.com>
Acked-by: Jerin Jacob <jerinj@marvell.com>
---
 devtools/check-git-log.sh | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/devtools/check-git-log.sh b/devtools/check-git-log.sh
index 85d67fb9a..d39064f9d 100755
--- a/devtools/check-git-log.sh
+++ b/devtools/check-git-log.sh
@@ -91,7 +91,8 @@ bad=$(echo "$headlines" | grep -E --color=always \
 	-e ':.*\<l[234]\>' \
 	-e ':.*\<api\>' \
-	-e ':.*\<arm\>' \
-	-e ':.*\<armv7\>' \
-	-e ':.*\<armv8\>' \
+	-e ':.*\<ARM\>' \
+	-e ':.*\<(Aarch64|AArch64|AARCH64|Aarch32|AArch32|AARCH32)\>' \
+	-e ':.*\<(Armv7|ARMv7|ArmV7|armV7|ARMV7)\>' \
+	-e ':.*\<(Armv8|ARMv8|ArmV8|armV8|ARMV8)\>' \
 	-e ':.*\<crc\>' \
 	-e ':.*\<dma\>' \
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.801137689 +0000
+++ 0002-devtools-fix-wrong-headline-lowercase-for-arm.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 40fd87486799d50c78e24ff90337ca1dc1debc13 Mon Sep 17 00:00:00 2001
+From 42837f02e7bdec7bb57d8c647c921955addb54c9 Mon Sep 17 00:00:00 2001
 From: Gavin Hu <gavin.hu@arm.com>
 Date: Fri, 21 Dec 2018 14:02:56 +0800
 Subject: [PATCH] devtools: fix wrong headline lowercase for arm
 
+[ upstream commit 40fd87486799d50c78e24ff90337ca1dc1debc13 ]
+
 Change to the new wording according to Arm corp:
 https://mails.dpdk.org/archives/dev/2018-October/115174.html
 otherwise, "Wrong headline lowercase" may be falsely reported.
 
 Fixes: f146ada21d1e ("scripts: add more git log checks")
-Cc: stable@dpdk.org
 
 Signed-off-by: Gavin Hu <gavin.hu@arm.com>
 Acked-by: Jerin Jacob <jerinj@marvell.com>

[dpdk-stable] patch 'drivers/crypto: fix PMDs memory leak' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 335ec2a082b6e368354792fe2e13b58051a87f18 Mon Sep 17 00:00:00 2001
From: Fan Zhang <roy.fan.zhang@intel.com>
Date: Fri, 21 Dec 2018 14:11:05 +0000
Subject: [PATCH] drivers/crypto: fix PMDs memory leak

[ upstream commit a4d69a5150e3597df170f595784b4f0472cd98c4 ]

This patch fixes the memory leak during queue pair release.
Originally the operation ring is not freed when releasing
queue pair, causing the next queue_pair configure call fail
and memory leak.

Fixes: eec136f3c54f ("aesni_gcm: add driver for AES-GCM crypto operations")
Fixes: cf7685d68f00 ("crypto/zuc: add driver for ZUC library")
Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
Fixes: 94b0ad8e0aa5 ("null_crypto: add driver for null crypto operations")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c | 5 +++++
 drivers/crypto/null/null_crypto_pmd_ops.c    | 5 +++++
 drivers/crypto/openssl/rte_openssl_pmd_ops.c | 5 +++++
 drivers/crypto/snow3g/rte_snow3g_pmd_ops.c   | 5 +++++
 drivers/crypto/zuc/rte_zuc_pmd_ops.c         | 5 +++++
 5 files changed, 25 insertions(+)

diff --git a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
index c343a393f..cd15245bd 100644
--- a/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
+++ b/drivers/crypto/aesni_gcm/aesni_gcm_pmd_ops.c
@@ -154,4 +154,9 @@ aesni_gcm_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
 {
 	if (dev->data->queue_pairs[qp_id] != NULL) {
+		struct aesni_gcm_qp *qp = dev->data->queue_pairs[qp_id];
+
+		if (qp->processed_pkts)
+			rte_ring_free(qp->processed_pkts);
+
 		rte_free(dev->data->queue_pairs[qp_id]);
 		dev->data->queue_pairs[qp_id] = NULL;
diff --git a/drivers/crypto/null/null_crypto_pmd_ops.c b/drivers/crypto/null/null_crypto_pmd_ops.c
index 2bdcd019e..319ca34e7 100644
--- a/drivers/crypto/null/null_crypto_pmd_ops.c
+++ b/drivers/crypto/null/null_crypto_pmd_ops.c
@@ -134,4 +134,9 @@ null_crypto_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
 {
 	if (dev->data->queue_pairs[qp_id] != NULL) {
+		struct null_crypto_qp *qp = dev->data->queue_pairs[qp_id];
+
+		if (qp->processed_pkts)
+			rte_ring_free(qp->processed_pkts);
+
 		rte_free(dev->data->queue_pairs[qp_id]);
 		dev->data->queue_pairs[qp_id] = NULL;
diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
index c2b029ec2..a65f9e582 100644
--- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
+++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
@@ -658,4 +658,9 @@ openssl_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
 {
 	if (dev->data->queue_pairs[qp_id] != NULL) {
+		struct openssl_qp *qp = dev->data->queue_pairs[qp_id];
+
+		if (qp->processed_ops)
+			rte_ring_free(qp->processed_ops);
+
 		rte_free(dev->data->queue_pairs[qp_id]);
 		dev->data->queue_pairs[qp_id] = NULL;
diff --git a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
index cfbc9522a..a367ee9a0 100644
--- a/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
+++ b/drivers/crypto/snow3g/rte_snow3g_pmd_ops.c
@@ -143,4 +143,9 @@ snow3g_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
 {
 	if (dev->data->queue_pairs[qp_id] != NULL) {
+		struct snow3g_qp *qp = dev->data->queue_pairs[qp_id];
+
+		if (qp->processed_ops)
+			rte_ring_free(qp->processed_ops);
+
 		rte_free(dev->data->queue_pairs[qp_id]);
 		dev->data->queue_pairs[qp_id] = NULL;
diff --git a/drivers/crypto/zuc/rte_zuc_pmd_ops.c b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
index 6da396542..04d45e449 100644
--- a/drivers/crypto/zuc/rte_zuc_pmd_ops.c
+++ b/drivers/crypto/zuc/rte_zuc_pmd_ops.c
@@ -143,4 +143,9 @@ zuc_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)
 {
 	if (dev->data->queue_pairs[qp_id] != NULL) {
+		struct zuc_qp *qp = dev->data->queue_pairs[qp_id];
+
+		if (qp->processed_ops)
+			rte_ring_free(qp->processed_ops);
+
 		rte_free(dev->data->queue_pairs[qp_id]);
 		dev->data->queue_pairs[qp_id] = NULL;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.823788173 +0000
+++ 0003-drivers-crypto-fix-PMDs-memory-leak.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From a4d69a5150e3597df170f595784b4f0472cd98c4 Mon Sep 17 00:00:00 2001
+From 335ec2a082b6e368354792fe2e13b58051a87f18 Mon Sep 17 00:00:00 2001
 From: Fan Zhang <roy.fan.zhang@intel.com>
 Date: Fri, 21 Dec 2018 14:11:05 +0000
 Subject: [PATCH] drivers/crypto: fix PMDs memory leak
 
+[ upstream commit a4d69a5150e3597df170f595784b4f0472cd98c4 ]
+
 This patch fixes the memory leak during queue pair release.
 Originally the operation ring is not freed when releasing
 queue pair, causing the next queue_pair configure call fail
@@ -13,7 +15,6 @@
 Fixes: d61f70b4c918 ("crypto/libcrypto: add driver for OpenSSL library")
 Fixes: 3aafc423cf4d ("snow3g: add driver for SNOW 3G library")
 Fixes: 94b0ad8e0aa5 ("null_crypto: add driver for null crypto operations")
-Cc: stable@dpdk.org
 
 Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
 Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
@@ -54,7 +55,7 @@
  		rte_free(dev->data->queue_pairs[qp_id]);
  		dev->data->queue_pairs[qp_id] = NULL;
 diff --git a/drivers/crypto/openssl/rte_openssl_pmd_ops.c b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
-index bdaf937a3..d382476a6 100644
+index c2b029ec2..a65f9e582 100644
 --- a/drivers/crypto/openssl/rte_openssl_pmd_ops.c
 +++ b/drivers/crypto/openssl/rte_openssl_pmd_ops.c
 @@ -658,4 +658,9 @@ openssl_pmd_qp_release(struct rte_cryptodev *dev, uint16_t qp_id)

[dpdk-stable] patch 'doc: fix AESNI_MB guide' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 4dddae31586c00043386cffd55eeaddc6eb9e78a Mon Sep 17 00:00:00 2001
From: Fan Zhang <roy.fan.zhang@intel.com>
Date: Wed, 9 Jan 2019 12:11:12 +0000
Subject: [PATCH] doc: fix AESNI_MB guide

[ upstream commit 2977a13657ab9e4e0cbdf37946d2349eaca02a84 ]

This patch fixes the incorrect intel multi buffer library support
version and missed limitation of GCM algorithm support.

Fixes: 0e9f8507afcb ("crypto/aesni_mb: support AES-GCM algorithm")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 doc/guides/cryptodevs/aesni_mb.rst | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/doc/guides/cryptodevs/aesni_mb.rst b/doc/guides/cryptodevs/aesni_mb.rst
index 63e060d75..d9fd41ae5 100644
--- a/doc/guides/cryptodevs/aesni_mb.rst
+++ b/doc/guides/cryptodevs/aesni_mb.rst
@@ -1,4 +1,4 @@
 ..  SPDX-License-Identifier: BSD-3-Clause
-    Copyright(c) 2015-2017 Intel Corporation.
+    Copyright(c) 2015-2018 Intel Corporation.
 
 AESN-NI Multi Buffer Crypto Poll Mode Driver
@@ -52,4 +52,6 @@ Limitations
 * Chained mbufs are not supported.
 * Only in-place is currently supported (destination address is the same as source address).
+* RTE_CRYPTO_AEAD_AES_GCM only works properly when the multi-buffer library is
+  0.51.0 or newer.
 
 
@@ -60,6 +62,6 @@ To build DPDK with the AESNI_MB_PMD the user is required to download the multi-b
 library from `here <https://github.com/01org/intel-ipsec-mb>`_
 and compile it on their user system before building DPDK.
-The latest version of the library supported by this PMD is v0.50, which
-can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.50.zip>`_.
+The latest version of the library supported by this PMD is v0.51, which
+can be downloaded from `<https://github.com/01org/intel-ipsec-mb/archive/v0.51.zip>`.
 
 .. code-block:: console
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.847411874 +0000
+++ 0004-doc-fix-AESNI_MB-guide.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 2977a13657ab9e4e0cbdf37946d2349eaca02a84 Mon Sep 17 00:00:00 2001
+From 4dddae31586c00043386cffd55eeaddc6eb9e78a Mon Sep 17 00:00:00 2001
 From: Fan Zhang <roy.fan.zhang@intel.com>
 Date: Wed, 9 Jan 2019 12:11:12 +0000
 Subject: [PATCH] doc: fix AESNI_MB guide
 
+[ upstream commit 2977a13657ab9e4e0cbdf37946d2349eaca02a84 ]
+
 This patch fixes the incorrect intel multi buffer library support
 version and missed limitation of GCM algorithm support.
 
 Fixes: 0e9f8507afcb ("crypto/aesni_mb: support AES-GCM algorithm")
-Cc: stable@dpdk.org
 
 Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
 Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

[dpdk-stable] patch 'compress/qat: fix returned status on overflow' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 210b4407288a9ad4d001723535610adc0559bce6 Mon Sep 17 00:00:00 2001
From: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Date: Thu, 27 Dec 2018 11:42:19 +0100
Subject: [PATCH] compress/qat: fix returned status on overflow

[ upstream commit 3dc9ef2d23fe4787947f58758394444e677ea311 ]

This patch fixes correct status in case of overflow on
QAT is detected.
In that case RTE_COMP_OP_STATUS_OUT_OF_SPACE_TERMINATED value is set in
rte_comp_op.status field instead of RTE_COMP_OP_STATUS_ERROR

Fixes: 32842f2a6d7d ("compress/qat: create FW request and process response")

Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
---
 drivers/compress/qat/qat_comp.c | 35 ++++++++++++++++++++++-----------
 1 file changed, 24 insertions(+), 11 deletions(-)

diff --git a/drivers/compress/qat/qat_comp.c b/drivers/compress/qat/qat_comp.c
index bb006104f..450cfd659 100644
--- a/drivers/compress/qat/qat_comp.c
+++ b/drivers/compress/qat/qat_comp.c
@@ -118,4 +118,7 @@ qat_comp_process_response(void **op, uint8_t *resp, uint64_t *dequeue_err_count)
 	struct qat_comp_xform *qat_xform = (struct qat_comp_xform *)
 				(rx_op->private_xform);
+	int err = resp_msg->comn_resp.comn_status &
+			((1 << QAT_COMN_RESP_CMP_STATUS_BITPOS) |
+			 (1 << QAT_COMN_RESP_XLAT_STATUS_BITPOS));
 
 #if RTE_LOG_DP_LEVEL >= RTE_LOG_DEBUG
@@ -141,19 +144,29 @@ qat_comp_process_response(void **op, uint8_t *resp, uint64_t *dequeue_err_count)
 	}
 
-	if ((ICP_QAT_FW_COMN_RESP_CMP_STAT_GET(resp_msg->comn_resp.comn_status)
-		| ICP_QAT_FW_COMN_RESP_XLAT_STAT_GET(
-				resp_msg->comn_resp.comn_status)) !=
-				ICP_QAT_FW_COMN_STATUS_FLAG_OK) {
-
-		if (unlikely((ICP_QAT_FW_COMN_RESP_XLAT_STAT_GET(
-				resp_msg->comn_resp.comn_status) !=
-				ICP_QAT_FW_COMN_STATUS_FLAG_OK) &&
-				(qat_xform->qat_comp_request_type
-				== QAT_COMP_REQUEST_DYNAMIC_COMP_STATELESS)))
+	if (err) {
+		if (unlikely((err & (1 << QAT_COMN_RESP_XLAT_STATUS_BITPOS))
+			     &&	(qat_xform->qat_comp_request_type
+				 == QAT_COMP_REQUEST_DYNAMIC_COMP_STATELESS))) {
 			QAT_DP_LOG(ERR, "QAT intermediate buffer may be too "
 			    "small for output, try configuring a larger size");
+		}
+
+		int8_t cmp_err_code =
+			(int8_t)resp_msg->comn_resp.comn_error.cmp_err_code;
+		int8_t xlat_err_code =
+			(int8_t)resp_msg->comn_resp.comn_error.xlat_err_code;
+
+		if ((cmp_err_code == ERR_CODE_OVERFLOW_ERROR && !xlat_err_code)
+				||
+		    (!cmp_err_code && xlat_err_code == ERR_CODE_OVERFLOW_ERROR)
+				||
+		    (cmp_err_code == ERR_CODE_OVERFLOW_ERROR &&
+		     xlat_err_code == ERR_CODE_OVERFLOW_ERROR))
+			rx_op->status =
+				RTE_COMP_OP_STATUS_OUT_OF_SPACE_TERMINATED;
+		else
+			rx_op->status = RTE_COMP_OP_STATUS_ERROR;
 
 		++(*dequeue_err_count);
-		rx_op->status = RTE_COMP_OP_STATUS_ERROR;
 		rx_op->debug_status =
 			*((uint16_t *)(&resp_msg->comn_resp.comn_error));
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.868608611 +0000
+++ 0005-compress-qat-fix-returned-status-on-overflow.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From 3dc9ef2d23fe4787947f58758394444e677ea311 Mon Sep 17 00:00:00 2001
+From 210b4407288a9ad4d001723535610adc0559bce6 Mon Sep 17 00:00:00 2001
 From: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
 Date: Thu, 27 Dec 2018 11:42:19 +0100
 Subject: [PATCH] compress/qat: fix returned status on overflow
 
+[ upstream commit 3dc9ef2d23fe4787947f58758394444e677ea311 ]
+
 This patch fixes correct status in case of overflow on
 QAT is detected.
 In that case RTE_COMP_OP_STATUS_OUT_OF_SPACE_TERMINATED value is set in
 rte_comp_op.status field instead of RTE_COMP_OP_STATUS_ERROR
 
 Fixes: 32842f2a6d7d ("compress/qat: create FW request and process response")
-Cc: stable@dpdk.org
 
 Signed-off-by: Tomasz Jozwiak <tomaszx.jozwiak@intel.com>
 Acked-by: Fiona Trahe <fiona.trahe@intel.com>
@@ -18,7 +19,7 @@
  1 file changed, 24 insertions(+), 11 deletions(-)
 
 diff --git a/drivers/compress/qat/qat_comp.c b/drivers/compress/qat/qat_comp.c
-index e745d1362..32ca753b7 100644
+index bb006104f..450cfd659 100644
 --- a/drivers/compress/qat/qat_comp.c
 +++ b/drivers/compress/qat/qat_comp.c
 @@ -118,4 +118,7 @@ qat_comp_process_response(void **op, uint8_t *resp, uint64_t *dequeue_err_count)

[dpdk-stable] patch 'test/crypto: fix misleading trace message' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 531c084eefe7fb8c5dff6f9439e1e4190d8c9cf7 Mon Sep 17 00:00:00 2001
From: Fiona Trahe <fiona.trahe@intel.com>
Date: Fri, 21 Dec 2018 00:01:25 +0000
Subject: [PATCH] test/crypto: fix misleading trace message

[ upstream commit 1113ba1dcb7e78a8a839c294523e1939d14aae98 ]

Test was reporting digest verification failed for all operation errors.
Fixed so it only reports this if the PMD actually reports an auth failure.

Fixes: 9c0eed2f06ae ("app/test: rework crypto AES unit test")

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>
---
 test/test/test_cryptodev_blockcipher.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/test/test/test_cryptodev_blockcipher.c b/test/test/test_cryptodev_blockcipher.c
index 1c3f29f6b..4f1298ea2 100644
--- a/test/test/test_cryptodev_blockcipher.c
+++ b/test/test/test_cryptodev_blockcipher.c
@@ -402,5 +402,6 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 	/* Verify results */
 	if (op->status != RTE_CRYPTO_OP_STATUS_SUCCESS) {
-		if (t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY)
+		if ((t->op_mask & BLOCKCIPHER_TEST_OP_AUTH_VERIFY) &&
+			(op->status == RTE_CRYPTO_OP_STATUS_AUTH_FAILED))
 			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
 				"FAILED: Digest verification failed "
@@ -408,5 +409,5 @@ test_blockcipher_one_case(const struct blockcipher_test_case *t,
 		else
 			snprintf(test_msg, BLOCKCIPHER_TEST_MSG_LEN, "line %u "
-				"FAILED: Digest verification failed "
+				"FAILED: Operation failed "
 				"(0x%X)", __LINE__, op->status);
 		status = TEST_FAILED;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.891018381 +0000
+++ 0006-test-crypto-fix-misleading-trace-message.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 1113ba1dcb7e78a8a839c294523e1939d14aae98 Mon Sep 17 00:00:00 2001
+From 531c084eefe7fb8c5dff6f9439e1e4190d8c9cf7 Mon Sep 17 00:00:00 2001
 From: Fiona Trahe <fiona.trahe@intel.com>
 Date: Fri, 21 Dec 2018 00:01:25 +0000
 Subject: [PATCH] test/crypto: fix misleading trace message
 
+[ upstream commit 1113ba1dcb7e78a8a839c294523e1939d14aae98 ]
+
 Test was reporting digest verification failed for all operation errors.
 Fixed so it only reports this if the PMD actually reports an auth failure.
 
 Fixes: 9c0eed2f06ae ("app/test: rework crypto AES unit test")
-Cc: stable@dpdk.org
 
 Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
 Acked-by: Pablo de Lara <pablo.de.lara.guarch@intel.com>

[dpdk-stable] patch 'examples/ipsec-secgw: fix crypto-op might never get dequeued' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From b40750c358ccac24239b58de97fae394305d59fe Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev@intel.com>
Date: Thu, 10 Jan 2019 21:09:06 +0000
Subject: [PATCH] examples/ipsec-secgw: fix crypto-op might never get dequeued

[ upstream commit d87152e7968111c16ad79208298a1f54b711d963 ]

In some cases crypto-ops could never be dequeued from the crypto-device.
The easiest way to reproduce:
start ipsec-secgw with crypto-dev and send to it less then 32 packets.
none packets will be forwarded.
Reason for that is that the application does dequeue() from crypto-queues
only when new packets arrive.
This patch makes the app to call dequeue() on a regular basis.
Also to make code cleaner and easier to understand,
it separates crypto-dev enqueue() and dequeue() code paths.
pkt_process() now only enqueues packets into crypto device,
dequeuing and final processing is done by drain_crypto_queues().

Fixes: c64278c0c18b ("examples/ipsec-secgw: rework processing loop")

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 144 ++++++++++++++++++++++++-----
 examples/ipsec-secgw/ipsec.c       |  99 +++++++++++++-------
 examples/ipsec-secgw/ipsec.h       |  11 +++
 3 files changed, 198 insertions(+), 56 deletions(-)

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 1bc0b5b50..2234826de 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -452,36 +452,53 @@ inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip,
 }
 
-static inline void
-process_pkts_inbound(struct ipsec_ctx *ipsec_ctx,
-		struct ipsec_traffic *traffic)
+static void
+split46_traffic(struct ipsec_traffic *trf, struct rte_mbuf *mb[], uint32_t num)
 {
+	uint32_t i, n4, n6;
+	struct ip *ip;
 	struct rte_mbuf *m;
-	uint16_t idx, nb_pkts_in, i, n_ip4, n_ip6;
 
-	nb_pkts_in = ipsec_inbound(ipsec_ctx, traffic->ipsec.pkts,
-			traffic->ipsec.num, MAX_PKT_BURST);
+	n4 = trf->ip4.num;
+	n6 = trf->ip6.num;
 
-	n_ip4 = traffic->ip4.num;
-	n_ip6 = traffic->ip6.num;
+	for (i = 0; i < num; i++) {
+
+		m = mb[i];
+		ip = rte_pktmbuf_mtod(m, struct ip *);
 
-	/* SP/ACL Inbound check ipsec and ip4 */
-	for (i = 0; i < nb_pkts_in; i++) {
-		m = traffic->ipsec.pkts[i];
-		struct ip *ip = rte_pktmbuf_mtod(m, struct ip *);
 		if (ip->ip_v == IPVERSION) {
-			idx = traffic->ip4.num++;
-			traffic->ip4.pkts[idx] = m;
-			traffic->ip4.data[idx] = rte_pktmbuf_mtod_offset(m,
+			trf->ip4.pkts[n4] = m;
+			trf->ip4.data[n4] = rte_pktmbuf_mtod_offset(m,
 					uint8_t *, offsetof(struct ip, ip_p));
+			n4++;
 		} else if (ip->ip_v == IP6_VERSION) {
-			idx = traffic->ip6.num++;
-			traffic->ip6.pkts[idx] = m;
-			traffic->ip6.data[idx] = rte_pktmbuf_mtod_offset(m,
+			trf->ip6.pkts[n6] = m;
+			trf->ip6.data[n6] = rte_pktmbuf_mtod_offset(m,
 					uint8_t *,
 					offsetof(struct ip6_hdr, ip6_nxt));
+			n6++;
 		} else
 			rte_pktmbuf_free(m);
 	}
 
+	trf->ip4.num = n4;
+	trf->ip6.num = n6;
+}
+
+
+static inline void
+process_pkts_inbound(struct ipsec_ctx *ipsec_ctx,
+		struct ipsec_traffic *traffic)
+{
+	uint16_t nb_pkts_in, n_ip4, n_ip6;
+
+	n_ip4 = traffic->ip4.num;
+	n_ip6 = traffic->ip6.num;
+
+	nb_pkts_in = ipsec_inbound(ipsec_ctx, traffic->ipsec.pkts,
+			traffic->ipsec.num, MAX_PKT_BURST);
+
+	split46_traffic(traffic, traffic->ipsec.pkts, nb_pkts_in);
+
 	inbound_sp_sa(ipsec_ctx->sp4_ctx, ipsec_ctx->sa_ctx, &traffic->ip4,
 			n_ip4);
@@ -778,5 +795,5 @@ process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
 
 static inline void
-drain_buffers(struct lcore_conf *qconf)
+drain_tx_buffers(struct lcore_conf *qconf)
 {
 	struct buffer *buf;
@@ -792,4 +809,79 @@ drain_buffers(struct lcore_conf *qconf)
 }
 
+static inline void
+drain_crypto_buffers(struct lcore_conf *qconf)
+{
+	uint32_t i;
+	struct ipsec_ctx *ctx;
+
+	/* drain inbound buffers*/
+	ctx = &qconf->inbound;
+	for (i = 0; i != ctx->nb_qps; i++) {
+		if (ctx->tbl[i].len != 0)
+			enqueue_cop_burst(ctx->tbl  + i);
+	}
+
+	/* drain outbound buffers*/
+	ctx = &qconf->outbound;
+	for (i = 0; i != ctx->nb_qps; i++) {
+		if (ctx->tbl[i].len != 0)
+			enqueue_cop_burst(ctx->tbl  + i);
+	}
+}
+
+static void
+drain_inbound_crypto_queues(const struct lcore_conf *qconf,
+		struct ipsec_ctx *ctx)
+{
+	uint32_t n;
+	struct ipsec_traffic trf;
+
+	/* dequeue packets from crypto-queue */
+	n = ipsec_inbound_cqp_dequeue(ctx, trf.ipsec.pkts,
+			RTE_DIM(trf.ipsec.pkts));
+	if (n == 0)
+		return;
+
+	trf.ip4.num = 0;
+	trf.ip6.num = 0;
+
+	/* split traffic by ipv4-ipv6 */
+	split46_traffic(&trf, trf.ipsec.pkts, n);
+
+	/* process ipv4 packets */
+	inbound_sp_sa(ctx->sp4_ctx, ctx->sa_ctx, &trf.ip4, 0);
+	route4_pkts(qconf->rt4_ctx, trf.ip4.pkts, trf.ip4.num);
+
+	/* process ipv6 packets */
+	inbound_sp_sa(ctx->sp6_ctx, ctx->sa_ctx, &trf.ip6, 0);
+	route6_pkts(qconf->rt6_ctx, trf.ip6.pkts, trf.ip6.num);
+}
+
+static void
+drain_outbound_crypto_queues(const struct lcore_conf *qconf,
+		struct ipsec_ctx *ctx)
+{
+	uint32_t n;
+	struct ipsec_traffic trf;
+
+	/* dequeue packets from crypto-queue */
+	n = ipsec_outbound_cqp_dequeue(ctx, trf.ipsec.pkts,
+			RTE_DIM(trf.ipsec.pkts));
+	if (n == 0)
+		return;
+
+	trf.ip4.num = 0;
+	trf.ip6.num = 0;
+
+	/* split traffic by ipv4-ipv6 */
+	split46_traffic(&trf, trf.ipsec.pkts, n);
+
+	/* process ipv4 packets */
+	route4_pkts(qconf->rt4_ctx, trf.ip4.pkts, trf.ip4.num);
+
+	/* process ipv6 packets */
+	route6_pkts(qconf->rt6_ctx, trf.ip6.pkts, trf.ip6.num);
+}
+
 /* main processing loop */
 static int32_t
@@ -849,10 +941,12 @@ main_loop(__attribute__((unused)) void *dummy)
 
 		if (unlikely(diff_tsc > drain_tsc)) {
-			drain_buffers(qconf);
+			drain_tx_buffers(qconf);
+			drain_crypto_buffers(qconf);
 			prev_tsc = cur_tsc;
 		}
 
-		/* Read packet from RX queues */
 		for (i = 0; i < qconf->nb_rx_queue; ++i) {
+
+			/* Read packets from RX queues */
 			portid = rxql[i].port_id;
 			queueid = rxql[i].queue_id;
@@ -862,4 +956,12 @@ main_loop(__attribute__((unused)) void *dummy)
 			if (nb_rx > 0)
 				process_pkts(qconf, pkts, nb_rx, portid);
+
+			/* dequeue and process completed crypto-ops */
+			if (UNPROTECTED_PORT(portid))
+				drain_inbound_crypto_queues(qconf,
+					&qconf->inbound);
+			else
+				drain_outbound_crypto_queues(qconf,
+					&qconf->outbound);
 		}
 	}
diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
index 3d415f1af..72a29bcb1 100644
--- a/examples/ipsec-secgw/ipsec.c
+++ b/examples/ipsec-secgw/ipsec.c
@@ -334,31 +334,33 @@ flow_create_failure:
 }
 
+/*
+ * queue crypto-ops into PMD queue.
+ */
+void
+enqueue_cop_burst(struct cdev_qp *cqp)
+{
+	uint32_t i, len, ret;
+
+	len = cqp->len;
+	ret = rte_cryptodev_enqueue_burst(cqp->id, cqp->qp, cqp->buf, len);
+	if (ret < len) {
+		RTE_LOG_DP(DEBUG, IPSEC, "Cryptodev %u queue %u:"
+			" enqueued %u crypto ops out of %u\n",
+			cqp->id, cqp->qp, ret, len);
+			/* drop packets that we fail to enqueue */
+			for (i = ret; i < len; i++)
+				rte_pktmbuf_free(cqp->buf[i]->sym->m_src);
+	}
+	cqp->in_flight += ret;
+	cqp->len = 0;
+}
+
 static inline void
 enqueue_cop(struct cdev_qp *cqp, struct rte_crypto_op *cop)
 {
-	int32_t ret = 0, i;
-
 	cqp->buf[cqp->len++] = cop;
 
-	if (cqp->len == MAX_PKT_BURST) {
-		int enq_size = cqp->len;
-		if ((cqp->in_flight + enq_size) > MAX_INFLIGHT)
-			enq_size -=
-			    (int)((cqp->in_flight + enq_size) - MAX_INFLIGHT);
-
-		if (enq_size > 0)
-			ret = rte_cryptodev_enqueue_burst(cqp->id, cqp->qp,
-					cqp->buf, enq_size);
-		if (ret < cqp->len) {
-			RTE_LOG_DP(DEBUG, IPSEC, "Cryptodev %u queue %u:"
-					" enqueued %u crypto ops out of %u\n",
-					 cqp->id, cqp->qp,
-					 ret, cqp->len);
-			for (i = ret; i < cqp->len; i++)
-				rte_pktmbuf_free(cqp->buf[i]->sym->m_src);
-		}
-		cqp->in_flight += ret;
-		cqp->len = 0;
-	}
+	if (cqp->len == MAX_PKT_BURST)
+		enqueue_cop_burst(cqp);
 }
 
@@ -474,4 +476,30 @@ ipsec_enqueue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
 }
 
+static inline int32_t
+ipsec_inline_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
+	      struct rte_mbuf *pkts[], uint16_t max_pkts)
+{
+	int32_t nb_pkts, ret;
+	struct ipsec_mbuf_metadata *priv;
+	struct ipsec_sa *sa;
+	struct rte_mbuf *pkt;
+
+	nb_pkts = 0;
+	while (ipsec_ctx->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
+		pkt = ipsec_ctx->ol_pkts[--ipsec_ctx->ol_pkts_cnt];
+		rte_prefetch0(pkt);
+		priv = get_priv(pkt);
+		sa = priv->sa;
+		ret = xform_func(pkt, sa, &priv->cop);
+		if (unlikely(ret)) {
+			rte_pktmbuf_free(pkt);
+			continue;
+		}
+		pkts[nb_pkts++] = pkt;
+	}
+
+	return nb_pkts;
+}
+
 static inline int
 ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
@@ -491,17 +519,4 @@ ipsec_dequeue(ipsec_xform_fn xform_func, struct ipsec_ctx *ipsec_ctx,
 			ipsec_ctx->last_qp %= ipsec_ctx->nb_qps;
 
-		while (ipsec_ctx->ol_pkts_cnt > 0 && nb_pkts < max_pkts) {
-			pkt = ipsec_ctx->ol_pkts[--ipsec_ctx->ol_pkts_cnt];
-			rte_prefetch0(pkt);
-			priv = get_priv(pkt);
-			sa = priv->sa;
-			ret = xform_func(pkt, sa, &priv->cop);
-			if (unlikely(ret)) {
-				rte_pktmbuf_free(pkt);
-				continue;
-			}
-			pkts[nb_pkts++] = pkt;
-		}
-
 		if (cqp->in_flight == 0)
 			continue;
@@ -546,4 +561,11 @@ ipsec_inbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
 	ipsec_enqueue(esp_inbound, ctx, pkts, sas, nb_pkts);
 
+	return ipsec_inline_dequeue(esp_inbound_post, ctx, pkts, len);
+}
+
+uint16_t
+ipsec_inbound_cqp_dequeue(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
+		uint16_t len)
+{
 	return ipsec_dequeue(esp_inbound_post, ctx, pkts, len);
 }
@@ -559,4 +581,11 @@ ipsec_outbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
 	ipsec_enqueue(esp_outbound, ctx, pkts, sas, nb_pkts);
 
+	return ipsec_inline_dequeue(esp_outbound_post, ctx, pkts, len);
+}
+
+uint16_t
+ipsec_outbound_cqp_dequeue(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
+		uint16_t len)
+{
 	return ipsec_dequeue(esp_outbound_post, ctx, pkts, len);
 }
diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
index c998c8076..508d87af3 100644
--- a/examples/ipsec-secgw/ipsec.h
+++ b/examples/ipsec-secgw/ipsec.h
@@ -183,4 +183,12 @@ ipsec_outbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
 		uint32_t sa_idx[], uint16_t nb_pkts, uint16_t len);
 
+uint16_t
+ipsec_inbound_cqp_dequeue(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
+		uint16_t len);
+
+uint16_t
+ipsec_outbound_cqp_dequeue(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
+		uint16_t len);
+
 static inline uint16_t
 ipsec_metadata_size(void)
@@ -240,3 +248,6 @@ void
 rt_init(struct socket_ctx *ctx, int32_t socket_id);
 
+void
+enqueue_cop_burst(struct cdev_qp *cqp);
+
 #endif /* __IPSEC_H__ */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.912228745 +0000
+++ 0007-examples-ipsec-secgw-fix-crypto-op-might-never-get-d.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From d87152e7968111c16ad79208298a1f54b711d963 Mon Sep 17 00:00:00 2001
+From b40750c358ccac24239b58de97fae394305d59fe Mon Sep 17 00:00:00 2001
 From: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Date: Thu, 10 Jan 2019 21:09:06 +0000
 Subject: [PATCH] examples/ipsec-secgw: fix crypto-op might never get dequeued
 
+[ upstream commit d87152e7968111c16ad79208298a1f54b711d963 ]
+
 In some cases crypto-ops could never be dequeued from the crypto-device.
 The easiest way to reproduce:
 start ipsec-secgw with crypto-dev and send to it less then 32 packets.
@@ -16,7 +18,6 @@
 dequeuing and final processing is done by drain_crypto_queues().
 
 Fixes: c64278c0c18b ("examples/ipsec-secgw: rework processing loop")
-Cc: stable@dpdk.org
 
 Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Acked-by: Radu Nicolau <radu.nicolau@intel.com>
@@ -28,10 +29,10 @@
  3 files changed, 198 insertions(+), 56 deletions(-)
 
 diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
-index 0921b08d2..0c2005eea 100644
+index 1bc0b5b50..2234826de 100644
 --- a/examples/ipsec-secgw/ipsec-secgw.c
 +++ b/examples/ipsec-secgw/ipsec-secgw.c
-@@ -470,36 +470,53 @@ inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip,
+@@ -452,36 +452,53 @@ inbound_sp_sa(struct sp_ctx *sp, struct sa_ctx *sa, struct traffic_type *ip,
  }
  
 -static inline void
@@ -103,14 +104,14 @@
 +
  	inbound_sp_sa(ipsec_ctx->sp4_ctx, ipsec_ctx->sa_ctx, &traffic->ip4,
  			n_ip4);
-@@ -796,5 +813,5 @@ process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
+@@ -778,5 +795,5 @@ process_pkts(struct lcore_conf *qconf, struct rte_mbuf **pkts,
  
  static inline void
 -drain_buffers(struct lcore_conf *qconf)
 +drain_tx_buffers(struct lcore_conf *qconf)
  {
  	struct buffer *buf;
-@@ -810,4 +827,79 @@ drain_buffers(struct lcore_conf *qconf)
+@@ -792,4 +809,79 @@ drain_buffers(struct lcore_conf *qconf)
  }
  
 +static inline void
@@ -190,7 +191,7 @@
 +
  /* main processing loop */
  static int32_t
-@@ -871,10 +963,12 @@ main_loop(__attribute__((unused)) void *dummy)
+@@ -849,10 +941,12 @@ main_loop(__attribute__((unused)) void *dummy)
  
  		if (unlikely(diff_tsc > drain_tsc)) {
 -			drain_buffers(qconf);
@@ -205,7 +206,7 @@
 +			/* Read packets from RX queues */
  			portid = rxql[i].port_id;
  			queueid = rxql[i].queue_id;
-@@ -884,4 +978,12 @@ main_loop(__attribute__((unused)) void *dummy)
+@@ -862,4 +956,12 @@ main_loop(__attribute__((unused)) void *dummy)
  			if (nb_rx > 0)
  				process_pkts(qconf, pkts, nb_rx, portid);
 +
@@ -219,7 +220,7 @@
  		}
  	}
 diff --git a/examples/ipsec-secgw/ipsec.c b/examples/ipsec-secgw/ipsec.c
-index 9dc6e173c..c1469094a 100644
+index 3d415f1af..72a29bcb1 100644
 --- a/examples/ipsec-secgw/ipsec.c
 +++ b/examples/ipsec-secgw/ipsec.c
 @@ -334,31 +334,33 @@ flow_create_failure:
@@ -352,10 +353,10 @@
  	return ipsec_dequeue(esp_outbound_post, ctx, pkts, len);
  }
 diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h
-index 311f116bb..5fe54be93 100644
+index c998c8076..508d87af3 100644
 --- a/examples/ipsec-secgw/ipsec.h
 +++ b/examples/ipsec-secgw/ipsec.h
-@@ -187,4 +187,12 @@ ipsec_outbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
+@@ -183,4 +183,12 @@ ipsec_outbound(struct ipsec_ctx *ctx, struct rte_mbuf *pkts[],
  		uint32_t sa_idx[], uint16_t nb_pkts, uint16_t len);
  
 +uint16_t
@@ -368,8 +369,8 @@
 +
  static inline uint16_t
  ipsec_metadata_size(void)
-@@ -251,3 +259,6 @@ int
- add_dst_ethaddr(uint16_t port, const struct ether_addr *addr);
+@@ -240,3 +248,6 @@ void
+ rt_init(struct socket_ctx *ctx, int32_t socket_id);
  
 +void
 +enqueue_cop_burst(struct cdev_qp *cqp);

[dpdk-stable] patch 'examples/ipsec-secgw: fix outbound codepath for single SA' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 7a842e373828f02e171631782f2ce69be6b22d99 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev@intel.com>
Date: Thu, 10 Jan 2019 21:09:07 +0000
Subject: [PATCH] examples/ipsec-secgw: fix outbound codepath for single SA

[ upstream commit aed6eb10edd12237645d3af7fe116287aefcd7e8 ]

Looking at process_pkts_outbound_nosp() there seems few issues:
- accessing mbuf after it was freed
- invoking ipsec_outbound() for ipv4 packets only
- copying number of packets, but not the mbuf pointers itself

that patch provides fixes for that issues.

Fixes: 906257e965b7 ("examples/ipsec-secgw: support IPv6")

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 examples/ipsec-secgw/ipsec-secgw.c | 33 +++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 2234826de..f88fdb4c4 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -612,5 +612,5 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
 {
 	struct rte_mbuf *m;
-	uint32_t nb_pkts_out, i;
+	uint32_t nb_pkts_out, i, n;
 	struct ip *ip;
 
@@ -619,14 +619,22 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
 		rte_pktmbuf_free(traffic->ipsec.pkts[i]);
 
-	traffic->ipsec.num = 0;
+	n = 0;
 
-	for (i = 0; i < traffic->ip4.num; i++)
-		traffic->ip4.res[i] = single_sa_idx;
+	for (i = 0; i < traffic->ip4.num; i++) {
+		traffic->ipsec.pkts[n] = traffic->ip4.pkts[i];
+		traffic->ipsec.res[n++] = single_sa_idx;
+	}
 
-	for (i = 0; i < traffic->ip6.num; i++)
-		traffic->ip6.res[i] = single_sa_idx;
+	for (i = 0; i < traffic->ip6.num; i++) {
+		traffic->ipsec.pkts[n] = traffic->ip6.pkts[i];
+		traffic->ipsec.res[n++] = single_sa_idx;
+	}
 
-	nb_pkts_out = ipsec_outbound(ipsec_ctx, traffic->ip4.pkts,
-			traffic->ip4.res, traffic->ip4.num,
+	traffic->ip4.num = 0;
+	traffic->ip6.num = 0;
+	traffic->ipsec.num = n;
+
+	nb_pkts_out = ipsec_outbound(ipsec_ctx, traffic->ipsec.pkts,
+			traffic->ipsec.res, traffic->ipsec.num,
 			MAX_PKT_BURST);
 
@@ -634,8 +642,13 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
 	m = traffic->ipsec.pkts[i];
 	ip = rte_pktmbuf_mtod(m, struct ip *);
-	if (ip->ip_v == IPVERSION)
+	if (ip->ip_v == IPVERSION) {
 		traffic->ip4.num = nb_pkts_out;
-	else
+		for (i = 0; i < nb_pkts_out; i++)
+			traffic->ip4.pkts[i] = traffic->ipsec.pkts[i];
+	} else {
 		traffic->ip6.num = nb_pkts_out;
+		for (i = 0; i < nb_pkts_out; i++)
+			traffic->ip6.pkts[i] = traffic->ipsec.pkts[i];
+	}
 }
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.937112912 +0000
+++ 0008-examples-ipsec-secgw-fix-outbound-codepath-for-singl.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From aed6eb10edd12237645d3af7fe116287aefcd7e8 Mon Sep 17 00:00:00 2001
+From 7a842e373828f02e171631782f2ce69be6b22d99 Mon Sep 17 00:00:00 2001
 From: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Date: Thu, 10 Jan 2019 21:09:07 +0000
 Subject: [PATCH] examples/ipsec-secgw: fix outbound codepath for single SA
 
+[ upstream commit aed6eb10edd12237645d3af7fe116287aefcd7e8 ]
+
 Looking at process_pkts_outbound_nosp() there seems few issues:
 - accessing mbuf after it was freed
 - invoking ipsec_outbound() for ipv4 packets only
@@ -11,7 +13,6 @@
 that patch provides fixes for that issues.
 
 Fixes: 906257e965b7 ("examples/ipsec-secgw: support IPv6")
-Cc: stable@dpdk.org
 
 Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Acked-by: Radu Nicolau <radu.nicolau@intel.com>
@@ -21,17 +22,17 @@
  1 file changed, 23 insertions(+), 10 deletions(-)
 
 diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
-index 0c2005eea..a5dfd1826 100644
+index 2234826de..f88fdb4c4 100644
 --- a/examples/ipsec-secgw/ipsec-secgw.c
 +++ b/examples/ipsec-secgw/ipsec-secgw.c
-@@ -630,5 +630,5 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
+@@ -612,5 +612,5 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
  {
  	struct rte_mbuf *m;
 -	uint32_t nb_pkts_out, i;
 +	uint32_t nb_pkts_out, i, n;
  	struct ip *ip;
  
-@@ -637,14 +637,22 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
+@@ -619,14 +619,22 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
  		rte_pktmbuf_free(traffic->ipsec.pkts[i]);
  
 -	traffic->ipsec.num = 0;
@@ -61,7 +62,7 @@
 +			traffic->ipsec.res, traffic->ipsec.num,
  			MAX_PKT_BURST);
  
-@@ -652,8 +660,13 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
+@@ -634,8 +642,13 @@ process_pkts_outbound_nosp(struct ipsec_ctx *ipsec_ctx,
  	m = traffic->ipsec.pkts[i];
  	ip = rte_pktmbuf_mtod(m, struct ip *);
 -	if (ip->ip_v == IPVERSION)

[dpdk-stable] patch 'examples/ipsec-secgw: make local variables static' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 49060a40ee686711441693f21ff7ded24b61e17d Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev@intel.com>
Date: Thu, 10 Jan 2019 21:09:08 +0000
Subject: [PATCH] examples/ipsec-secgw: make local variables static

[ upstream commit d92fc70e14f43d13be4204c51ed7f3a671c1bcc4 ]

in sp4.c and sp6.c there are few globals that used only locally.
Define them as static ones.

Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 examples/ipsec-secgw/sp4.c | 10 +++++-----
 examples/ipsec-secgw/sp6.c | 10 +++++-----
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/examples/ipsec-secgw/sp4.c b/examples/ipsec-secgw/sp4.c
index 8d3d3d8e0..6b05daaa9 100644
--- a/examples/ipsec-secgw/sp4.c
+++ b/examples/ipsec-secgw/sp4.c
@@ -45,5 +45,5 @@ enum {
 };
 
-struct rte_acl_field_def ip4_defs[NUM_FIELDS_IPV4] = {
+static struct rte_acl_field_def ip4_defs[NUM_FIELDS_IPV4] = {
 	{
 	.type = RTE_ACL_FIELD_TYPE_BITMASK,
@@ -86,9 +86,9 @@ struct rte_acl_field_def ip4_defs[NUM_FIELDS_IPV4] = {
 RTE_ACL_RULE_DEF(acl4_rules, RTE_DIM(ip4_defs));
 
-struct acl4_rules acl4_rules_out[MAX_ACL_RULE_NUM];
-uint32_t nb_acl4_rules_out;
+static struct acl4_rules acl4_rules_out[MAX_ACL_RULE_NUM];
+static uint32_t nb_acl4_rules_out;
 
-struct acl4_rules acl4_rules_in[MAX_ACL_RULE_NUM];
-uint32_t nb_acl4_rules_in;
+static struct acl4_rules acl4_rules_in[MAX_ACL_RULE_NUM];
+static uint32_t nb_acl4_rules_in;
 
 void
diff --git a/examples/ipsec-secgw/sp6.c b/examples/ipsec-secgw/sp6.c
index 6002afef3..dc5b94c6a 100644
--- a/examples/ipsec-secgw/sp6.c
+++ b/examples/ipsec-secgw/sp6.c
@@ -35,5 +35,5 @@ enum {
 #define IP6_ADDR_SIZE 16
 
-struct rte_acl_field_def ip6_defs[IP6_NUM] = {
+static struct rte_acl_field_def ip6_defs[IP6_NUM] = {
 	{
 	.type = RTE_ACL_FIELD_TYPE_BITMASK,
@@ -117,9 +117,9 @@ struct rte_acl_field_def ip6_defs[IP6_NUM] = {
 RTE_ACL_RULE_DEF(acl6_rules, RTE_DIM(ip6_defs));
 
-struct acl6_rules acl6_rules_out[MAX_ACL_RULE_NUM];
-uint32_t nb_acl6_rules_out;
+static struct acl6_rules acl6_rules_out[MAX_ACL_RULE_NUM];
+static uint32_t nb_acl6_rules_out;
 
-struct acl6_rules acl6_rules_in[MAX_ACL_RULE_NUM];
-uint32_t nb_acl6_rules_in;
+static struct acl6_rules acl6_rules_in[MAX_ACL_RULE_NUM];
+static uint32_t nb_acl6_rules_in;
 
 void
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.960162001 +0000
+++ 0009-examples-ipsec-secgw-make-local-variables-static.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,13 @@
-From d92fc70e14f43d13be4204c51ed7f3a671c1bcc4 Mon Sep 17 00:00:00 2001
+From 49060a40ee686711441693f21ff7ded24b61e17d Mon Sep 17 00:00:00 2001
 From: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Date: Thu, 10 Jan 2019 21:09:08 +0000
 Subject: [PATCH] examples/ipsec-secgw: make local variables static
 
+[ upstream commit d92fc70e14f43d13be4204c51ed7f3a671c1bcc4 ]
+
 in sp4.c and sp6.c there are few globals that used only locally.
 Define them as static ones.
 
-Cc: stable@dpdk.org
-
 Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Acked-by: Radu Nicolau <radu.nicolau@intel.com>
 Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

[dpdk-stable] patch 'examples/ipsec-secgw: fix inbound SA checking' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From d561eb50a01cacd0cba15b01f5722116d4cdf1c2 Mon Sep 17 00:00:00 2001
From: Konstantin Ananyev <konstantin.ananyev@intel.com>
Date: Thu, 10 Jan 2019 21:09:09 +0000
Subject: [PATCH] examples/ipsec-secgw: fix inbound SA checking

[ upstream commit e0dac065f2a232e8060c479a094c7f58cfc93cf9 ]

In the inbound_sa_check() make sure that sa pointer stored
inside mbuf private area is not NULL.

Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")

Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
Acked-by: Radu Nicolau <radu.nicolau@intel.com>
Acked-by: Akhil Goyal <akhil.goyal@nxp.com>
Signed-off-by: Konstantin Ananyev <konstantin.ananyev@intel.com>
---
 examples/ipsec-secgw/sa.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index d2d3550a4..640f1d793 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -948,8 +948,13 @@ inbound_sa_check(struct sa_ctx *sa_ctx, struct rte_mbuf *m, uint32_t sa_idx)
 {
 	struct ipsec_mbuf_metadata *priv;
+	struct ipsec_sa *sa;
 
 	priv = get_priv(m);
+	sa = priv->sa;
+	if (sa != NULL)
+		return (sa_ctx->sa[sa_idx].spi == sa->spi);
 
-	return (sa_ctx->sa[sa_idx].spi == priv->sa->spi);
+	RTE_LOG(ERR, IPSEC, "SA not saved in private data\n");
+	return 0;
 }
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:05.982433662 +0000
+++ 0010-examples-ipsec-secgw-fix-inbound-SA-checking.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From e0dac065f2a232e8060c479a094c7f58cfc93cf9 Mon Sep 17 00:00:00 2001
+From d561eb50a01cacd0cba15b01f5722116d4cdf1c2 Mon Sep 17 00:00:00 2001
 From: Konstantin Ananyev <konstantin.ananyev@intel.com>
 Date: Thu, 10 Jan 2019 21:09:09 +0000
 Subject: [PATCH] examples/ipsec-secgw: fix inbound SA checking
 
+[ upstream commit e0dac065f2a232e8060c479a094c7f58cfc93cf9 ]
+
 In the inbound_sa_check() make sure that sa pointer stored
 inside mbuf private area is not NULL.
 
 Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application")
-Cc: stable@dpdk.org
 
 Signed-off-by: Bernard Iremonger <bernard.iremonger@intel.com>
 Acked-by: Radu Nicolau <radu.nicolau@intel.com>
@@ -18,7 +19,7 @@
  1 file changed, 6 insertions(+), 1 deletion(-)
 
 diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
-index f6271bc60..839aaca0c 100644
+index d2d3550a4..640f1d793 100644
 --- a/examples/ipsec-secgw/sa.c
 +++ b/examples/ipsec-secgw/sa.c
 @@ -948,8 +948,13 @@ inbound_sa_check(struct sa_ctx *sa_ctx, struct rte_mbuf *m, uint32_t sa_idx)

[dpdk-stable] patch 'app/bbdev: fix return value check' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 89be0f56e1b3ec4939a09f8843acaa1a674a5508 Mon Sep 17 00:00:00 2001
From: Amr Mokhtar <amr.mokhtar@intel.com>
Date: Wed, 2 Jan 2019 14:09:02 +0000
Subject: [PATCH] app/bbdev: fix return value check

[ upstream commit 4280cd350bab73d06c454d259d782f3a68b581d6 ]

Added assert check for rte_bbdev_*_op_alloc_bulk in bbdev test app

Coverity issue: 328516, 328525
Fixes: f714a18885a6 ("app/testbbdev: add test application for bbdev")

Signed-off-by: Amr Mokhtar <amr.mokhtar@intel.com>
---
 app/test-bbdev/test_bbdev_perf.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/test-bbdev/test_bbdev_perf.c b/app/test-bbdev/test_bbdev_perf.c
index fbe6cc91c..fa26deb1e 100644
--- a/app/test-bbdev/test_bbdev_perf.c
+++ b/app/test-bbdev/test_bbdev_perf.c
@@ -1954,5 +1954,8 @@ offload_latency_test_dec(struct rte_mempool *mempool, struct test_buffers *bufs,
 			burst_sz = num_to_process - dequeued;
 
-		rte_bbdev_dec_op_alloc_bulk(mempool, ops_enq, burst_sz);
+		ret = rte_bbdev_dec_op_alloc_bulk(mempool, ops_enq, burst_sz);
+		TEST_ASSERT_SUCCESS(ret, "Allocation failed for %d ops",
+				burst_sz);
+
 		if (test_vector.op_type != RTE_BBDEV_OP_NONE)
 			copy_reference_dec_op(ops_enq, burst_sz, dequeued,
@@ -2036,5 +2039,8 @@ offload_latency_test_enc(struct rte_mempool *mempool, struct test_buffers *bufs,
 			burst_sz = num_to_process - dequeued;
 
-		rte_bbdev_enc_op_alloc_bulk(mempool, ops_enq, burst_sz);
+		ret = rte_bbdev_enc_op_alloc_bulk(mempool, ops_enq, burst_sz);
+		TEST_ASSERT_SUCCESS(ret, "Allocation failed for %d ops",
+				burst_sz);
+
 		if (test_vector.op_type != RTE_BBDEV_OP_NONE)
 			copy_reference_enc_op(ops_enq, burst_sz, dequeued,
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.004268292 +0000
+++ 0011-app-bbdev-fix-return-value-check.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 4280cd350bab73d06c454d259d782f3a68b581d6 Mon Sep 17 00:00:00 2001
+From 89be0f56e1b3ec4939a09f8843acaa1a674a5508 Mon Sep 17 00:00:00 2001
 From: Amr Mokhtar <amr.mokhtar@intel.com>
 Date: Wed, 2 Jan 2019 14:09:02 +0000
 Subject: [PATCH] app/bbdev: fix return value check
 
+[ upstream commit 4280cd350bab73d06c454d259d782f3a68b581d6 ]
+
 Added assert check for rte_bbdev_*_op_alloc_bulk in bbdev test app
 
 Coverity issue: 328516, 328525
 Fixes: f714a18885a6 ("app/testbbdev: add test application for bbdev")
-Cc: stable@dpdk.org
 
 Signed-off-by: Amr Mokhtar <amr.mokhtar@intel.com>
 ---
@@ -15,10 +16,10 @@
  1 file changed, 8 insertions(+), 2 deletions(-)
 
 diff --git a/app/test-bbdev/test_bbdev_perf.c b/app/test-bbdev/test_bbdev_perf.c
-index 1c4a6452f..d18ddae0e 100644
+index fbe6cc91c..fa26deb1e 100644
 --- a/app/test-bbdev/test_bbdev_perf.c
 +++ b/app/test-bbdev/test_bbdev_perf.c
-@@ -2105,5 +2105,8 @@ offload_latency_test_dec(struct rte_mempool *mempool, struct test_buffers *bufs,
+@@ -1954,5 +1954,8 @@ offload_latency_test_dec(struct rte_mempool *mempool, struct test_buffers *bufs,
  			burst_sz = num_to_process - dequeued;
  
 -		rte_bbdev_dec_op_alloc_bulk(mempool, ops_enq, burst_sz);
@@ -28,7 +29,7 @@
 +
  		if (test_vector.op_type != RTE_BBDEV_OP_NONE)
  			copy_reference_dec_op(ops_enq, burst_sz, dequeued,
-@@ -2187,5 +2190,8 @@ offload_latency_test_enc(struct rte_mempool *mempool, struct test_buffers *bufs,
+@@ -2036,5 +2039,8 @@ offload_latency_test_enc(struct rte_mempool *mempool, struct test_buffers *bufs,
  			burst_sz = num_to_process - dequeued;
  
 -		rte_bbdev_enc_op_alloc_bulk(mempool, ops_enq, burst_sz);

[dpdk-stable] patch 'crypto/dpaa2_sec: fix FLC address for physical mode' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From d0dbd3c4c354278bb5f6b147fb8cb7a931783b7b Mon Sep 17 00:00:00 2001
From: Akhil Goyal <akhil.goyal@nxp.com>
Date: Wed, 9 Jan 2019 15:14:21 +0000
Subject: [PATCH] crypto/dpaa2_sec: fix FLC address for physical mode

[ upstream commit 2932ee2ad8124304e339845317e4578b1ae61d23 ]

Fixes: 547a4d40e7bf ("crypto/dpaa2_sec: support out of place protocol offload")
Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")

Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
---
 drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
index 6095c6021..c24562b80 100644
--- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
+++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
@@ -109,5 +109,5 @@ build_proto_compound_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FD_ADDR(fd, DPAA2_VADDR_TO_IOVA(op_fle));
 	DPAA2_SET_FD_COMPOUND_FMT(fd);
-	DPAA2_SET_FD_FLC(fd, (ptrdiff_t)flc);
+	DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc));
 
 	/* Configure Output FLE with dst mbuf data  */
@@ -161,5 +161,5 @@ build_proto_fd(dpaa2_sec_session *sess,
 	DPAA2_SET_FD_OFFSET(fd, sym_op->m_src->data_off);
 	DPAA2_SET_FD_LEN(fd, sym_op->m_src->pkt_len);
-	DPAA2_SET_FD_FLC(fd, (ptrdiff_t)flc);
+	DPAA2_SET_FD_FLC(fd, DPAA2_VADDR_TO_IOVA(flc));
 
 	/* save physical address of mbuf */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.028538657 +0000
+++ 0012-crypto-dpaa2_sec-fix-FLC-address-for-physical-mode.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,11 +1,12 @@
-From 2932ee2ad8124304e339845317e4578b1ae61d23 Mon Sep 17 00:00:00 2001
+From d0dbd3c4c354278bb5f6b147fb8cb7a931783b7b Mon Sep 17 00:00:00 2001
 From: Akhil Goyal <akhil.goyal@nxp.com>
 Date: Wed, 9 Jan 2019 15:14:21 +0000
 Subject: [PATCH] crypto/dpaa2_sec: fix FLC address for physical mode
 
+[ upstream commit 2932ee2ad8124304e339845317e4578b1ae61d23 ]
+
 Fixes: 547a4d40e7bf ("crypto/dpaa2_sec: support out of place protocol offload")
 Fixes: 0a23d4b6f4c2 ("crypto/dpaa2_sec: support protocol offload IPsec")
-Cc: stable@dpdk.org
 
 Signed-off-by: Akhil Goyal <akhil.goyal@nxp.com>
 ---
@@ -13,7 +14,7 @@
  1 file changed, 2 insertions(+), 2 deletions(-)
 
 diff --git a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
-index 82220ac4f..ef6e9c151 100644
+index 6095c6021..c24562b80 100644
 --- a/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
 +++ b/drivers/crypto/dpaa2_sec/dpaa2_sec_dpseci.c
 @@ -109,5 +109,5 @@ build_proto_compound_fd(dpaa2_sec_session *sess,

[dpdk-stable] patch 'build: use static deps for pkg-config libs.private' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 1d39413aa5625b4b2ce6925f383b323d52497ae2 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <bluca@debian.org>
Date: Fri, 11 Jan 2019 16:12:44 +0000
Subject: [PATCH] build: use static deps for pkg-config libs.private

[ upstream commit d3588176716e6f8733a2534d7d3ab0dec8e550ec ]

Dependencies of the RTE libraries were not being added to the
Requires.private field of the pc file since the variable used for
dynamic linking was passed to the related field of pkg.generate.
Use the static one so that dependencies are included.

Fixes: 57ae0ec62620 ("build: add dependency on telemetry to apps with meson")

Signed-off-by: Luca Boccassi <bluca@debian.org>
---
 meson.build | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meson.build b/meson.build
index 4122be83d..636626ae5 100644
--- a/meson.build
+++ b/meson.build
@@ -82,5 +82,5 @@ pkg.generate(name: meson.project_name(),
 	version: meson.project_version(),
 	libraries: dpdk_libraries,
-	libraries_private: dpdk_drivers + dpdk_libraries +
+	libraries_private: dpdk_drivers + dpdk_static_libraries +
 			['-Wl,-Bdynamic'] + dpdk_extra_ldflags,
 	description: 'The Data Plane Development Kit (DPDK)',
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.052132104 +0000
+++ 0013-build-use-static-deps-for-pkg-config-libs.private.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From d3588176716e6f8733a2534d7d3ab0dec8e550ec Mon Sep 17 00:00:00 2001
+From 1d39413aa5625b4b2ce6925f383b323d52497ae2 Mon Sep 17 00:00:00 2001
 From: Luca Boccassi <bluca@debian.org>
 Date: Fri, 11 Jan 2019 16:12:44 +0000
 Subject: [PATCH] build: use static deps for pkg-config libs.private
 
+[ upstream commit d3588176716e6f8733a2534d7d3ab0dec8e550ec ]
+
 Dependencies of the RTE libraries were not being added to the
 Requires.private field of the pc file since the variable used for
 dynamic linking was passed to the related field of pkg.generate.
 Use the static one so that dependencies are included.
 
 Fixes: 57ae0ec62620 ("build: add dependency on telemetry to apps with meson")
-Cc: stable@dpdk.org
 
 Signed-off-by: Luca Boccassi <bluca@debian.org>
 ---
@@ -17,7 +18,7 @@
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/meson.build b/meson.build
-index 7cee3c94a..617e88589 100644
+index 4122be83d..636626ae5 100644
 --- a/meson.build
 +++ b/meson.build
 @@ -82,5 +82,5 @@ pkg.generate(name: meson.project_name(),

[dpdk-stable] patch 'build: fix variable name in dependency error message' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From bd235b9741a4de1eec2c9f7f18ebdedc5fafa2cd Mon Sep 17 00:00:00 2001
From: Bruce Richardson <bruce.richardson@intel.com>
Date: Thu, 10 Jan 2019 10:29:19 +0000
Subject: [PATCH] build: fix variable name in dependency error message

[ upstream commit efa8088663e3917780f9cb257f2366743e9bfe2f ]

The variable name in the error message had an extra '_' which caused
an actual meson error when the message would otherwise be printed to
give meaningful information about what was going wrong.

Fixes: 203b61dc5e18 ("build: improve error message for missing dependency")

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
---
 lib/meson.build | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/meson.build b/lib/meson.build
index bb7f443f9..df4226c51 100644
--- a/lib/meson.build
+++ b/lib/meson.build
@@ -80,5 +80,5 @@ foreach l:libraries
 				if not is_variable('shared_rte_' + d)
 					error('Missing dependency ' + d +
-						' for library ' + lib_name)
+						' for library ' + libname)
 				endif
 				shared_deps += [get_variable('shared_rte_' + d)]
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.074503364 +0000
+++ 0014-build-fix-variable-name-in-dependency-error-message.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From efa8088663e3917780f9cb257f2366743e9bfe2f Mon Sep 17 00:00:00 2001
+From bd235b9741a4de1eec2c9f7f18ebdedc5fafa2cd Mon Sep 17 00:00:00 2001
 From: Bruce Richardson <bruce.richardson@intel.com>
 Date: Thu, 10 Jan 2019 10:29:19 +0000
 Subject: [PATCH] build: fix variable name in dependency error message
 
+[ upstream commit efa8088663e3917780f9cb257f2366743e9bfe2f ]
+
 The variable name in the error message had an extra '_' which caused
 an actual meson error when the message would otherwise be printed to
 give meaningful information about what was going wrong.
 
 Fixes: 203b61dc5e18 ("build: improve error message for missing dependency")
-Cc: stable@dpdk.org
 
 Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
 Acked-by: Luca Boccassi <bluca@debian.org>
@@ -17,10 +18,10 @@
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/lib/meson.build b/lib/meson.build
-index 179c2ef37..e8b40f546 100644
+index bb7f443f9..df4226c51 100644
 --- a/lib/meson.build
 +++ b/lib/meson.build
-@@ -82,5 +82,5 @@ foreach l:libraries
+@@ -80,5 +80,5 @@ foreach l:libraries
  				if not is_variable('shared_rte_' + d)
  					error('Missing dependency ' + d +
 -						' for library ' + lib_name)

[dpdk-stable] patch 'devtools: fix build check for whether meson has run' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 951452235c5d10b1bfa4badf8e486c74a85e334f Mon Sep 17 00:00:00 2001
From: Bruce Richardson <bruce.richardson@intel.com>
Date: Thu, 10 Jan 2019 10:37:26 +0000
Subject: [PATCH] devtools: fix build check for whether meson has run

[ upstream commit 85e5fd8be0c1f5ad07870b1d4dfba11cd6f27cdd ]

The current check to see whether we need to call meson or just ninja
simply checked if the build directory existed. However, if meson was run
but failed, the build directory would still exist. We can fix this by
instead checking for the build.ninja file inside the directory. Once that
is present, we can use ninja safely and let it worry about rerunning
meson if necessary.

Fixes: a55277a788df ("devtools: add test script for meson builds")

Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
Acked-by: Luca Boccassi <bluca@debian.org>
---
 devtools/test-meson-builds.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devtools/test-meson-builds.sh b/devtools/test-meson-builds.sh
index 79109b757..3edc805f6 100755
--- a/devtools/test-meson-builds.sh
+++ b/devtools/test-meson-builds.sh
@@ -25,5 +25,5 @@ build () # <directory> <meson options>
 	builddir=$1
 	shift
-	if [ ! -d "$builddir" ] ; then
+	if [ ! -f "$builddir/build.ninja" ] ; then
 		options="--werror -Dexamples=all $*"
 		echo "$MESON $options $srcdir $builddir"
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.096767770 +0000
+++ 0015-devtools-fix-build-check-for-whether-meson-has-run.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 85e5fd8be0c1f5ad07870b1d4dfba11cd6f27cdd Mon Sep 17 00:00:00 2001
+From 951452235c5d10b1bfa4badf8e486c74a85e334f Mon Sep 17 00:00:00 2001
 From: Bruce Richardson <bruce.richardson@intel.com>
 Date: Thu, 10 Jan 2019 10:37:26 +0000
 Subject: [PATCH] devtools: fix build check for whether meson has run
 
+[ upstream commit 85e5fd8be0c1f5ad07870b1d4dfba11cd6f27cdd ]
+
 The current check to see whether we need to call meson or just ninja
 simply checked if the build directory existed. However, if meson was run
 but failed, the build directory would still exist. We can fix this by
@@ -11,7 +13,6 @@
 meson if necessary.
 
 Fixes: a55277a788df ("devtools: add test script for meson builds")
-Cc: stable@dpdk.org
 
 Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
 Acked-by: Luca Boccassi <bluca@debian.org>

[dpdk-stable] patch 'kni: fix build on RHEL 8' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 772062b6e3e92d0f7101fdfc968f6fe1ecfe407b Mon Sep 17 00:00:00 2001
From: Xiao Liang <xiliang@redhat.com>
Date: Wed, 19 Dec 2018 15:07:58 +0800
Subject: [PATCH] kni: fix build on RHEL 8
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[ upstream commit 4c820b22c08dea1ff6cd5db8b5a17b6568fcc4a5 ]

'ndo_change_mtu_rh74' was changed to 'ndo_change_mtu' in RHEL8.

Build error log:
/home/dpdk-18.11/kernel/linux/kni/compat.h:107:24: error: ‘const struct
net_device_ops’ has no member named ‘ndo_change_mtu_rh74’; did you mean
‘ndo_change_mtu’?
 #define ndo_change_mtu ndo_change_mtu_rh74
                        ^~~~~~~~~~~~~~~~~~~

Signed-off-by: Xiao Liang <xiliang@redhat.com>
Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
---
 kernel/linux/kni/compat.h              | 3 ++-
 kernel/linux/kni/ethtool/igb/kcompat.h | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/kernel/linux/kni/compat.h b/kernel/linux/kni/compat.h
index 5aadebbcd..bc81d0c8d 100644
--- a/kernel/linux/kni/compat.h
+++ b/kernel/linux/kni/compat.h
@@ -104,5 +104,6 @@
 
 #if (defined(RHEL_RELEASE_CODE) && \
-	(RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(7, 5)))
+	(RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(7, 5)) && \
+	(RHEL_RELEASE_CODE < RHEL_RELEASE_VERSION(8, 0)))
 #define ndo_change_mtu ndo_change_mtu_rh74
 #endif
diff --git a/kernel/linux/kni/ethtool/igb/kcompat.h b/kernel/linux/kni/ethtool/igb/kcompat.h
index ae1b53093..2681be684 100644
--- a/kernel/linux/kni/ethtool/igb/kcompat.h
+++ b/kernel/linux/kni/ethtool/igb/kcompat.h
@@ -3931,5 +3931,6 @@ skb_set_hash(struct sk_buff *skb, __u32 hash, __always_unused int type)
 
 #if (defined(RHEL_RELEASE_CODE) && \
-	(RHEL_RELEASE_VERSION(7, 5) <= RHEL_RELEASE_CODE))
+	(RHEL_RELEASE_CODE >= RHEL_RELEASE_VERSION(7, 5)) && \
+	(RHEL_RELEASE_CODE < RHEL_RELEASE_VERSION(8, 0)))
 #define ndo_change_mtu ndo_change_mtu_rh74
 #endif
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.117599956 +0000
+++ 0016-kni-fix-build-on-RHEL-8.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,4 +1,4 @@
-From 4c820b22c08dea1ff6cd5db8b5a17b6568fcc4a5 Mon Sep 17 00:00:00 2001
+From 772062b6e3e92d0f7101fdfc968f6fe1ecfe407b Mon Sep 17 00:00:00 2001
 From: Xiao Liang <xiliang@redhat.com>
 Date: Wed, 19 Dec 2018 15:07:58 +0800
 Subject: [PATCH] kni: fix build on RHEL 8
@@ -6,6 +6,8 @@
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 
+[ upstream commit 4c820b22c08dea1ff6cd5db8b5a17b6568fcc4a5 ]
+
 'ndo_change_mtu_rh74' was changed to 'ndo_change_mtu' in RHEL8.
 
 Build error log:
@@ -15,8 +17,6 @@
  #define ndo_change_mtu ndo_change_mtu_rh74
                         ^~~~~~~~~~~~~~~~~~~
 
-Cc: stable@dpdk.org
-
 Signed-off-by: Xiao Liang <xiliang@redhat.com>
 Acked-by: Ferruh Yigit <ferruh.yigit@intel.com>
 ---

[dpdk-stable] patch 'eal: fix strdup usages in internal config' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From bae45ffef2d71e077d76412ed40168e801730e2a Mon Sep 17 00:00:00 2001
From: Anatoly Burakov <anatoly.burakov@intel.com>
Date: Thu, 10 Jan 2019 13:38:59 +0000
Subject: [PATCH] eal: fix strdup usages in internal config

[ upstream commit 66d9f61de0885bd07662a016542600fe139d4eed ]

Currently, we use strdup in a few places to store command-line
parameter values for certain internal config values. There are
several issues with that.

First of all, they're never freed, so memory ends up leaking
either after EAL exit, or when these command-line options are
supplied multiple times.

Second of all, they're defined as `const char *`, so they
*cannot* be freed even if we wanted to.

Finally, strdup may return NULL, which will be stored in the
config. For most fields, NULL is a valid value, but for the
default prefix, the value is always expected to be valid.

To fix all of this, three things are done. First, we change
the definitions of these values to `char *` as opposed to
`const char *`. This does not break the ABI, and previous
code assumes constness (which is more restrictive), so it's
safe to do so.

Then, fix all usages of strdup to check return value, and add
a cleanup function that will free the memory occupied by
these strings, as well as freeing them before assigning a new
value to prevent leaks when parameter is specified multiple
times.

And finally, add an internal API to query hugefile prefix, so
that, absent of a valid value, a default value will be
returned, and also fix up all usages of hugefile prefix to
use this API instead of accessing hugefile prefix directly.

Bugzilla ID: 108

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/bsdapp/eal/eal.c            | 19 +++++++--
 lib/librte_eal/common/eal_common_options.c | 25 +++++++++++-
 lib/librte_eal/common/eal_filesystem.h     |  6 ++-
 lib/librte_eal/common/eal_internal_cfg.h   |  6 +--
 lib/librte_eal/common/eal_options.h        |  1 +
 lib/librte_eal/linuxapp/eal/eal.c          | 46 ++++++++++++++++++----
 lib/librte_eal/linuxapp/eal/eal_memory.c   |  2 +-
 7 files changed, 87 insertions(+), 18 deletions(-)

diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/eal.c
index b6f96e0ab..f01495e33 100644
--- a/lib/librte_eal/bsdapp/eal/eal.c
+++ b/lib/librte_eal/bsdapp/eal/eal.c
@@ -116,5 +116,5 @@ eal_create_runtime_dir(void)
 	/* create prefix-specific subdirectory under DPDK runtime dir */
 	ret = snprintf(runtime_dir, sizeof(runtime_dir), "%s/%s",
-			tmp, internal_config.hugefile_prefix);
+			tmp, eal_get_hugefile_prefix());
 	if (ret < 0 || ret == sizeof(runtime_dir)) {
 		RTE_LOG(ERR, EAL, "Error creating prefix-specific runtime path name\n");
@@ -458,7 +458,19 @@ eal_parse_args(int argc, char **argv)
 		switch (opt) {
 		case OPT_MBUF_POOL_OPS_NAME_NUM:
-			internal_config.user_mbuf_pool_ops_name =
-			    strdup(optarg);
+		{
+			char *ops_name = strdup(optarg);
+			if (ops_name == NULL)
+				RTE_LOG(ERR, EAL, "Could not store mbuf pool ops name\n");
+			else {
+				/* free old ops name */
+				if (internal_config.user_mbuf_pool_ops_name !=
+						NULL)
+					free(internal_config.user_mbuf_pool_ops_name);
+
+				internal_config.user_mbuf_pool_ops_name =
+						ops_name;
+			}
 			break;
+		}
 		case 'h':
 			eal_usage(prgname);
@@ -843,4 +855,5 @@ rte_eal_cleanup(void)
 	rte_service_finalize();
 	rte_mp_channel_cleanup();
+	eal_cleanup_config(&internal_config);
 	return 0;
 }
diff --git a/lib/librte_eal/common/eal_common_options.c b/lib/librte_eal/common/eal_common_options.c
index e31eca5c0..bcf5f1b00 100644
--- a/lib/librte_eal/common/eal_common_options.c
+++ b/lib/librte_eal/common/eal_common_options.c
@@ -169,4 +169,12 @@ eal_option_device_parse(void)
 }
 
+const char *
+eal_get_hugefile_prefix(void)
+{
+	if (internal_config.hugefile_prefix != NULL)
+		return internal_config.hugefile_prefix;
+	return HUGEFILE_PREFIX_DEFAULT;
+}
+
 void
 eal_reset_internal_config(struct internal_config *internal_cfg)
@@ -177,5 +185,5 @@ eal_reset_internal_config(struct internal_config *internal_cfg)
 	internal_cfg->force_nrank = 0;
 	internal_cfg->force_nchannel = 0;
-	internal_cfg->hugefile_prefix = HUGEFILE_PREFIX_DEFAULT;
+	internal_cfg->hugefile_prefix = NULL;
 	internal_cfg->hugepage_dir = NULL;
 	internal_cfg->force_sockets = 0;
@@ -1347,4 +1355,17 @@ eal_auto_detect_cores(struct rte_config *cfg)
 }
 
+int
+eal_cleanup_config(struct internal_config *internal_cfg)
+{
+	if (internal_cfg->hugefile_prefix != NULL)
+		free(internal_cfg->hugefile_prefix);
+	if (internal_cfg->hugepage_dir != NULL)
+		free(internal_cfg->hugepage_dir);
+	if (internal_cfg->user_mbuf_pool_ops_name != NULL)
+		free(internal_cfg->user_mbuf_pool_ops_name);
+
+	return 0;
+}
+
 int
 eal_adjust_config(struct internal_config *internal_cfg)
@@ -1387,5 +1408,5 @@ eal_check_common_options(struct internal_config *internal_cfg)
 		return -1;
 	}
-	if (index(internal_cfg->hugefile_prefix, '%') != NULL) {
+	if (index(eal_get_hugefile_prefix(), '%') != NULL) {
 		RTE_LOG(ERR, EAL, "Invalid char, '%%', in --"OPT_FILE_PREFIX" "
 			"option\n");
diff --git a/lib/librte_eal/common/eal_filesystem.h b/lib/librte_eal/common/eal_filesystem.h
index 64a028db7..89a3added 100644
--- a/lib/librte_eal/common/eal_filesystem.h
+++ b/lib/librte_eal/common/eal_filesystem.h
@@ -29,4 +29,8 @@ int
 eal_clean_runtime_dir(void);
 
+/** Function to return hugefile prefix that's currently set up */
+const char *
+eal_get_hugefile_prefix(void);
+
 #define RUNTIME_CONFIG_FNAME "config"
 static inline const char *
@@ -90,5 +94,5 @@ eal_get_hugefile_path(char *buffer, size_t buflen, const char *hugedir, int f_id
 {
 	snprintf(buffer, buflen, HUGEFILE_FMT, hugedir,
-			internal_config.hugefile_prefix, f_id);
+			eal_get_hugefile_prefix(), f_id);
 	buffer[buflen - 1] = '\0';
 	return buffer;
diff --git a/lib/librte_eal/common/eal_internal_cfg.h b/lib/librte_eal/common/eal_internal_cfg.h
index 737f17e35..783ce7de8 100644
--- a/lib/librte_eal/common/eal_internal_cfg.h
+++ b/lib/librte_eal/common/eal_internal_cfg.h
@@ -65,7 +65,7 @@ struct internal_config {
 	/** default interrupt mode for VFIO */
 	volatile enum rte_intr_mode vfio_intr_mode;
-	const char *hugefile_prefix;      /**< the base filename of hugetlbfs files */
-	const char *hugepage_dir;         /**< specific hugetlbfs directory to use */
-	const char *user_mbuf_pool_ops_name;
+	char *hugefile_prefix;      /**< the base filename of hugetlbfs files */
+	char *hugepage_dir;         /**< specific hugetlbfs directory to use */
+	char *user_mbuf_pool_ops_name;
 			/**< user defined mbuf pool ops name */
 	unsigned num_hugepage_sizes;      /**< how many sizes on this system */
diff --git a/lib/librte_eal/common/eal_options.h b/lib/librte_eal/common/eal_options.h
index 5271f9449..327c95e96 100644
--- a/lib/librte_eal/common/eal_options.h
+++ b/lib/librte_eal/common/eal_options.h
@@ -76,4 +76,5 @@ int eal_parse_common_option(int opt, const char *argv,
 int eal_option_device_parse(void);
 int eal_adjust_config(struct internal_config *internal_cfg);
+int eal_cleanup_config(struct internal_config *internal_cfg);
 int eal_check_common_options(struct internal_config *internal_cfg);
 void eal_common_usage(void);
diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/eal/eal.c
index bcea22463..0226b7f6a 100644
--- a/lib/librte_eal/linuxapp/eal/eal.c
+++ b/lib/librte_eal/linuxapp/eal/eal.c
@@ -126,5 +126,5 @@ eal_create_runtime_dir(void)
 	/* create prefix-specific subdirectory under DPDK runtime dir */
 	ret = snprintf(runtime_dir, sizeof(runtime_dir), "%s/%s",
-			tmp, internal_config.hugefile_prefix);
+			tmp, eal_get_hugefile_prefix());
 	if (ret < 0 || ret == sizeof(runtime_dir)) {
 		RTE_LOG(ERR, EAL, "Error creating prefix-specific runtime path name\n");
@@ -727,11 +727,29 @@ eal_parse_args(int argc, char **argv)
 
 		case OPT_HUGE_DIR_NUM:
-			internal_config.hugepage_dir = strdup(optarg);
+		{
+			char *hdir = strdup(optarg);
+			if (hdir == NULL)
+				RTE_LOG(ERR, EAL, "Could not store hugepage directory\n");
+			else {
+				/* free old hugepage dir */
+				if (internal_config.hugepage_dir != NULL)
+					free(internal_config.hugepage_dir);
+				internal_config.hugepage_dir = hdir;
+			}
 			break;
-
+		}
 		case OPT_FILE_PREFIX_NUM:
-			internal_config.hugefile_prefix = strdup(optarg);
+		{
+			char *prefix = strdup(optarg);
+			if (prefix == NULL)
+				RTE_LOG(ERR, EAL, "Could not store file prefix\n");
+			else {
+				/* free old prefix */
+				if (internal_config.hugefile_prefix != NULL)
+					free(internal_config.hugefile_prefix);
+				internal_config.hugefile_prefix = prefix;
+			}
 			break;
-
+		}
 		case OPT_SOCKET_MEM_NUM:
 			if (eal_parse_socket_arg(optarg,
@@ -783,8 +801,19 @@ eal_parse_args(int argc, char **argv)
 
 		case OPT_MBUF_POOL_OPS_NAME_NUM:
-			internal_config.user_mbuf_pool_ops_name =
-			    strdup(optarg);
-			break;
+		{
+			char *ops_name = strdup(optarg);
+			if (ops_name == NULL)
+				RTE_LOG(ERR, EAL, "Could not store mbuf pool ops name\n");
+			else {
+				/* free old ops name */
+				if (internal_config.user_mbuf_pool_ops_name !=
+						NULL)
+					free(internal_config.user_mbuf_pool_ops_name);
 
+				internal_config.user_mbuf_pool_ops_name =
+						ops_name;
+			}
+			break;
+		}
 		default:
 			if (opt < OPT_LONG_MIN_NUM && isprint(opt)) {
@@ -1231,4 +1260,5 @@ rte_eal_cleanup(void)
 	rte_service_finalize();
 	rte_mp_channel_cleanup();
+	eal_cleanup_config(&internal_config);
 	return 0;
 }
diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
index 32feb415d..e05da74ca 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
@@ -435,5 +435,5 @@ find_numasocket(struct hugepage_file *hugepg_tbl, struct hugepage_info *hpi)
 
 	snprintf(hugedir_str, sizeof(hugedir_str),
-			"%s/%s", hpi->hugedir, internal_config.hugefile_prefix);
+			"%s/%s", hpi->hugedir, eal_get_hugefile_prefix());
 
 	/* parse numa map */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.143716658 +0000
+++ 0017-eal-fix-strdup-usages-in-internal-config.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 66d9f61de0885bd07662a016542600fe139d4eed Mon Sep 17 00:00:00 2001
+From bae45ffef2d71e077d76412ed40168e801730e2a Mon Sep 17 00:00:00 2001
 From: Anatoly Burakov <anatoly.burakov@intel.com>
 Date: Thu, 10 Jan 2019 13:38:59 +0000
 Subject: [PATCH] eal: fix strdup usages in internal config
 
+[ upstream commit 66d9f61de0885bd07662a016542600fe139d4eed ]
+
 Currently, we use strdup in a few places to store command-line
 parameter values for certain internal config values. There are
 several issues with that.
@@ -49,17 +51,17 @@
  7 files changed, 87 insertions(+), 18 deletions(-)
 
 diff --git a/lib/librte_eal/bsdapp/eal/eal.c b/lib/librte_eal/bsdapp/eal/eal.c
-index c8e0da097..1ba9bd7cf 100644
+index b6f96e0ab..f01495e33 100644
 --- a/lib/librte_eal/bsdapp/eal/eal.c
 +++ b/lib/librte_eal/bsdapp/eal/eal.c
-@@ -118,5 +118,5 @@ eal_create_runtime_dir(void)
+@@ -116,5 +116,5 @@ eal_create_runtime_dir(void)
  	/* create prefix-specific subdirectory under DPDK runtime dir */
  	ret = snprintf(runtime_dir, sizeof(runtime_dir), "%s/%s",
 -			tmp, internal_config.hugefile_prefix);
 +			tmp, eal_get_hugefile_prefix());
  	if (ret < 0 || ret == sizeof(runtime_dir)) {
  		RTE_LOG(ERR, EAL, "Error creating prefix-specific runtime path name\n");
-@@ -536,7 +536,19 @@ eal_parse_args(int argc, char **argv)
+@@ -458,7 +458,19 @@ eal_parse_args(int argc, char **argv)
  		switch (opt) {
  		case OPT_MBUF_POOL_OPS_NAME_NUM:
 -			internal_config.user_mbuf_pool_ops_name =
@@ -81,17 +83,17 @@
 +		}
  		case 'h':
  			eal_usage(prgname);
-@@ -924,4 +936,5 @@ rte_eal_cleanup(void)
+@@ -843,4 +855,5 @@ rte_eal_cleanup(void)
  	rte_service_finalize();
  	rte_mp_channel_cleanup();
 +	eal_cleanup_config(&internal_config);
  	return 0;
  }
 diff --git a/lib/librte_eal/common/eal_common_options.c b/lib/librte_eal/common/eal_common_options.c
-index 6e3a83b98..a2d862b5f 100644
+index e31eca5c0..bcf5f1b00 100644
 --- a/lib/librte_eal/common/eal_common_options.c
 +++ b/lib/librte_eal/common/eal_common_options.c
-@@ -170,4 +170,12 @@ eal_option_device_parse(void)
+@@ -169,4 +169,12 @@ eal_option_device_parse(void)
  }
  
 +const char *
@@ -104,14 +106,14 @@
 +
  void
  eal_reset_internal_config(struct internal_config *internal_cfg)
-@@ -178,5 +186,5 @@ eal_reset_internal_config(struct internal_config *internal_cfg)
+@@ -177,5 +185,5 @@ eal_reset_internal_config(struct internal_config *internal_cfg)
  	internal_cfg->force_nrank = 0;
  	internal_cfg->force_nchannel = 0;
 -	internal_cfg->hugefile_prefix = HUGEFILE_PREFIX_DEFAULT;
 +	internal_cfg->hugefile_prefix = NULL;
  	internal_cfg->hugepage_dir = NULL;
  	internal_cfg->force_sockets = 0;
-@@ -1348,4 +1356,17 @@ eal_auto_detect_cores(struct rte_config *cfg)
+@@ -1347,4 +1355,17 @@ eal_auto_detect_cores(struct rte_config *cfg)
  }
  
 +int
@@ -129,7 +131,7 @@
 +
  int
  eal_adjust_config(struct internal_config *internal_cfg)
-@@ -1388,5 +1409,5 @@ eal_check_common_options(struct internal_config *internal_cfg)
+@@ -1387,5 +1408,5 @@ eal_check_common_options(struct internal_config *internal_cfg)
  		return -1;
  	}
 -	if (index(internal_cfg->hugefile_prefix, '%') != NULL) {
@@ -157,10 +159,10 @@
  	buffer[buflen - 1] = '\0';
  	return buffer;
 diff --git a/lib/librte_eal/common/eal_internal_cfg.h b/lib/librte_eal/common/eal_internal_cfg.h
-index 98e314fef..60eaead8f 100644
+index 737f17e35..783ce7de8 100644
 --- a/lib/librte_eal/common/eal_internal_cfg.h
 +++ b/lib/librte_eal/common/eal_internal_cfg.h
-@@ -67,7 +67,7 @@ struct internal_config {
+@@ -65,7 +65,7 @@ struct internal_config {
  	/** default interrupt mode for VFIO */
  	volatile enum rte_intr_mode vfio_intr_mode;
 -	const char *hugefile_prefix;      /**< the base filename of hugetlbfs files */
@@ -172,17 +174,17 @@
  			/**< user defined mbuf pool ops name */
  	unsigned num_hugepage_sizes;      /**< how many sizes on this system */
 diff --git a/lib/librte_eal/common/eal_options.h b/lib/librte_eal/common/eal_options.h
-index 1480c5d77..58ee9ae33 100644
+index 5271f9449..327c95e96 100644
 --- a/lib/librte_eal/common/eal_options.h
 +++ b/lib/librte_eal/common/eal_options.h
-@@ -78,4 +78,5 @@ int eal_parse_common_option(int opt, const char *argv,
+@@ -76,4 +76,5 @@ int eal_parse_common_option(int opt, const char *argv,
  int eal_option_device_parse(void);
  int eal_adjust_config(struct internal_config *internal_cfg);
 +int eal_cleanup_config(struct internal_config *internal_cfg);
  int eal_check_common_options(struct internal_config *internal_cfg);
  void eal_common_usage(void);
 diff --git a/lib/librte_eal/linuxapp/eal/eal.c b/lib/librte_eal/linuxapp/eal/eal.c
-index 2d8d470b8..a386829f3 100644
+index bcea22463..0226b7f6a 100644
 --- a/lib/librte_eal/linuxapp/eal/eal.c
 +++ b/lib/librte_eal/linuxapp/eal/eal.c
 @@ -126,5 +126,5 @@ eal_create_runtime_dir(void)
@@ -192,7 +194,7 @@
 +			tmp, eal_get_hugefile_prefix());
  	if (ret < 0 || ret == sizeof(runtime_dir)) {
  		RTE_LOG(ERR, EAL, "Error creating prefix-specific runtime path name\n");
-@@ -728,11 +728,29 @@ eal_parse_args(int argc, char **argv)
+@@ -727,11 +727,29 @@ eal_parse_args(int argc, char **argv)
  
  		case OPT_HUGE_DIR_NUM:
 -			internal_config.hugepage_dir = strdup(optarg);
@@ -226,7 +228,7 @@
 +		}
  		case OPT_SOCKET_MEM_NUM:
  			if (eal_parse_socket_arg(optarg,
-@@ -784,8 +802,19 @@ eal_parse_args(int argc, char **argv)
+@@ -783,8 +801,19 @@ eal_parse_args(int argc, char **argv)
  
  		case OPT_MBUF_POOL_OPS_NAME_NUM:
 -			internal_config.user_mbuf_pool_ops_name =
@@ -247,19 +249,19 @@
 +			}
 +			break;
 +		}
- 		case OPT_MATCH_ALLOCATIONS_NUM:
- 			internal_config.match_allocations = 1;
-@@ -1239,4 +1268,5 @@ rte_eal_cleanup(void)
+ 		default:
+ 			if (opt < OPT_LONG_MIN_NUM && isprint(opt)) {
+@@ -1231,4 +1260,5 @@ rte_eal_cleanup(void)
  	rte_service_finalize();
  	rte_mp_channel_cleanup();
 +	eal_cleanup_config(&internal_config);
  	return 0;
  }
 diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
-index 7d922a965..1b96b576e 100644
+index 32feb415d..e05da74ca 100644
 --- a/lib/librte_eal/linuxapp/eal/eal_memory.c
 +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
-@@ -439,5 +439,5 @@ find_numasocket(struct hugepage_file *hugepg_tbl, struct hugepage_info *hpi)
+@@ -435,5 +435,5 @@ find_numasocket(struct hugepage_file *hugepg_tbl, struct hugepage_info *hpi)
  
  	snprintf(hugedir_str, sizeof(hugedir_str),
 -			"%s/%s", hpi->hugedir, internal_config.hugefile_prefix);

[dpdk-stable] patch 'vfio: do not unregister callback in secondary process' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From f478a01ab9a5380595430b052b6d0eb681c9a786 Mon Sep 17 00:00:00 2001
From: Anatoly Burakov <anatoly.burakov@intel.com>
Date: Thu, 10 Jan 2019 16:33:39 +0000
Subject: [PATCH] vfio: do not unregister callback in secondary process

[ upstream commit c0f8d50d1c3930c560f244b66c6820879be9297c ]

Callbacks are only registered in the primary, so do not attempt to
unregister callbacks in secondary processes.

Fixes: 43e463137154 ("vfio: support memory event callbacks")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/linuxapp/eal/eal_vfio.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_vfio.c b/lib/librte_eal/linuxapp/eal/eal_vfio.c
index 0516b1597..72cc65151 100644
--- a/lib/librte_eal/linuxapp/eal/eal_vfio.c
+++ b/lib/librte_eal/linuxapp/eal/eal_vfio.c
@@ -858,5 +858,6 @@ rte_vfio_release_device(const char *sysfs_base, const char *dev_addr,
 	 * avoid spurious attempts to map/unmap memory from VFIO.
 	 */
-	if (vfio_cfg == default_vfio_cfg && vfio_cfg->vfio_active_groups == 0)
+	if (vfio_cfg == default_vfio_cfg && vfio_cfg->vfio_active_groups == 0 &&
+			rte_eal_process_type() != RTE_PROC_SECONDARY)
 		rte_mem_event_callback_unregister(VFIO_MEM_EVENT_CLB_NAME,
 				NULL);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.171753374 +0000
+++ 0018-vfio-do-not-unregister-callback-in-secondary-process.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From c0f8d50d1c3930c560f244b66c6820879be9297c Mon Sep 17 00:00:00 2001
+From f478a01ab9a5380595430b052b6d0eb681c9a786 Mon Sep 17 00:00:00 2001
 From: Anatoly Burakov <anatoly.burakov@intel.com>
 Date: Thu, 10 Jan 2019 16:33:39 +0000
 Subject: [PATCH] vfio: do not unregister callback in secondary process
 
+[ upstream commit c0f8d50d1c3930c560f244b66c6820879be9297c ]
+
 Callbacks are only registered in the primary, so do not attempt to
 unregister callbacks in secondary processes.
 
 Fixes: 43e463137154 ("vfio: support memory event callbacks")
-Cc: stable@dpdk.org
 
 Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
 ---

[dpdk-stable] patch 'mem: fix variable shadowing' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 8e01e6ebbea97ee04f8e940dc6b94e57e75a27ca Mon Sep 17 00:00:00 2001
From: Anatoly Burakov <anatoly.burakov@intel.com>
Date: Tue, 8 Jan 2019 16:33:59 +0000
Subject: [PATCH] mem: fix variable shadowing

[ upstream commit 199629022c5832f72431570d4f9d615f7a90f2ca ]

A local variable ``flags`` was shadowing another variable from outer
scope. Fix this by renaming the variable and make it const.

Fixes: c127be93f619 ("mem: support using memfd segments for in-memory mode")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/linuxapp/eal/eal_memalloc.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_memalloc.c b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
index a93548b8c..10b176d09 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memalloc.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
@@ -637,11 +637,11 @@ alloc_seg(struct rte_memseg *ms, void *addr, int socket_id,
 
 	if (internal_config.in_memory && !memfd_create_supported) {
-		int pagesz_flag, flags;
-
-		pagesz_flag = pagesz_flags(alloc_sz);
-		flags = pagesz_flag | MAP_HUGETLB | MAP_FIXED |
+		const int in_memory_flags = MAP_HUGETLB | MAP_FIXED |
 				MAP_PRIVATE | MAP_ANONYMOUS;
+		int pagesz_flag;
+
+		pagesz_flag = pagesz_flags(alloc_sz);
 		fd = -1;
-		mmap_flags = flags;
+		mmap_flags = in_memory_flags | pagesz_flag;
 
 		/* single-file segments codepath will never be active
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.194210212 +0000
+++ 0019-mem-fix-variable-shadowing.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 199629022c5832f72431570d4f9d615f7a90f2ca Mon Sep 17 00:00:00 2001
+From 8e01e6ebbea97ee04f8e940dc6b94e57e75a27ca Mon Sep 17 00:00:00 2001
 From: Anatoly Burakov <anatoly.burakov@intel.com>
 Date: Tue, 8 Jan 2019 16:33:59 +0000
 Subject: [PATCH] mem: fix variable shadowing
 
+[ upstream commit 199629022c5832f72431570d4f9d615f7a90f2ca ]
+
 A local variable ``flags`` was shadowing another variable from outer
 scope. Fix this by renaming the variable and make it const.
 
 Fixes: c127be93f619 ("mem: support using memfd segments for in-memory mode")
-Cc: stable@dpdk.org
 
 Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
 ---
@@ -15,10 +16,10 @@
  1 file changed, 5 insertions(+), 5 deletions(-)
 
 diff --git a/lib/librte_eal/linuxapp/eal/eal_memalloc.c b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
-index 60a0a680f..5b421f1d7 100644
+index a93548b8c..10b176d09 100644
 --- a/lib/librte_eal/linuxapp/eal/eal_memalloc.c
 +++ b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
-@@ -622,11 +622,11 @@ alloc_seg(struct rte_memseg *ms, void *addr, int socket_id,
+@@ -637,11 +637,11 @@ alloc_seg(struct rte_memseg *ms, void *addr, int socket_id,
  
  	if (internal_config.in_memory && !memfd_create_supported) {
 -		int pagesz_flag, flags;

[dpdk-stable] patch 'mem: fix storing old policy' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From ea3ae1eefd27e5bc6111fc0aa1959bd189ebe97a Mon Sep 17 00:00:00 2001
From: Anatoly Burakov <anatoly.burakov@intel.com>
Date: Tue, 8 Jan 2019 16:46:28 +0000
Subject: [PATCH] mem: fix storing old policy

[ upstream commit ba07193e0343680ae5665efd45ecc41c0ec0059d ]

The original code was supposed to overwrite the value pointed to
by the pointer, but the new one is instead overwriting the
pointer value itself, which has no effect outside that function.
Fix it by adding a pointer dereference.

Fixes: 582bed1e1d1d ("mem: support mapping hugepages at runtime")

Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
 lib/librte_eal/linuxapp/eal/eal_memalloc.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_memalloc.c b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
index 10b176d09..f63d9ca66 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memalloc.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
@@ -177,5 +177,5 @@ prepare_numa(int *oldpolicy, struct bitmask *oldmask, int socket_id)
 			"Failed to get current mempolicy: %s. "
 			"Assuming MPOL_DEFAULT.\n", strerror(errno));
-		oldpolicy = MPOL_DEFAULT;
+		*oldpolicy = MPOL_DEFAULT;
 	}
 	RTE_LOG(DEBUG, EAL,
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.217641017 +0000
+++ 0020-mem-fix-storing-old-policy.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From ba07193e0343680ae5665efd45ecc41c0ec0059d Mon Sep 17 00:00:00 2001
+From ea3ae1eefd27e5bc6111fc0aa1959bd189ebe97a Mon Sep 17 00:00:00 2001
 From: Anatoly Burakov <anatoly.burakov@intel.com>
 Date: Tue, 8 Jan 2019 16:46:28 +0000
 Subject: [PATCH] mem: fix storing old policy
 
+[ upstream commit ba07193e0343680ae5665efd45ecc41c0ec0059d ]
+
 The original code was supposed to overwrite the value pointed to
 by the pointer, but the new one is instead overwriting the
 pointer value itself, which has no effect outside that function.
 Fix it by adding a pointer dereference.
 
 Fixes: 582bed1e1d1d ("mem: support mapping hugepages at runtime")
-Cc: stable@dpdk.org
 
 Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
 ---
@@ -17,7 +18,7 @@
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/lib/librte_eal/linuxapp/eal/eal_memalloc.c b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
-index 5b421f1d7..b6fb183db 100644
+index 10b176d09..f63d9ca66 100644
 --- a/lib/librte_eal/linuxapp/eal/eal_memalloc.c
 +++ b/lib/librte_eal/linuxapp/eal/eal_memalloc.c
 @@ -177,5 +177,5 @@ prepare_numa(int *oldpolicy, struct bitmask *oldmask, int socket_id)

[dpdk-stable] patch 'mk: fix scope of disabling AVX512F support' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From b96963c2df2779080b57f350df885a7d03d0ada3 Mon Sep 17 00:00:00 2001
From: Ferruh Yigit <ferruh.yigit@intel.com>
Date: Mon, 14 Jan 2019 15:49:35 +0000
Subject: [PATCH] mk: fix scope of disabling AVX512F support

[ upstream commit a32ca9a4ebc1350ce48df0222decef95a72b742b ]

AVX512 was disabled for GCC because of Bugzilla issue 97 [1],
the GCC defect submitted for the issue [2] highlighted that this is
a known binutils version 2.30 issue.

Narrowed the scope of no-avx512 to the this specific binutils version.

[1]
https://bugs.dpdk.org/show_bug.cgi?id=97

[2]
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88096

Fixes: 8d07c82b239f ("mk: disable gcc AVX512F support")

Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
---
 config/meson.build                       |  8 ++++++
 doc/guides/rel_notes/known_issues.rst    | 35 ++++++++++++++++++++++++
 mk/rte.cpuflags.mk                       |  4 +--
 mk/toolchain/gcc/rte.toolchain-compat.mk | 10 +++++++
 4 files changed, 55 insertions(+), 2 deletions(-)

diff --git a/config/meson.build b/config/meson.build
index db32499b3..40802fc88 100644
--- a/config/meson.build
+++ b/config/meson.build
@@ -44,4 +44,12 @@ dpdk_conf.set_quoted('RTE_TOOLCHAIN', toolchain)
 dpdk_conf.set('RTE_TOOLCHAIN_' + toolchain.to_upper(), 1)
 
+# get binutils version for the workaround of Bug 97
+ldver = run_command('ld', '-v').stdout().strip()
+if ldver.contains('2.30')
+	if cc.has_argument('-mno-avx512f')
+		machine_args += '-mno-avx512f'
+	endif
+endif
+
 add_project_link_arguments('-Wl,--no-as-needed', language: 'c')
 dpdk_extra_ldflags += '-Wl,--no-as-needed'
diff --git a/doc/guides/rel_notes/known_issues.rst b/doc/guides/rel_notes/known_issues.rst
index a1face9c1..358dfa321 100644
--- a/doc/guides/rel_notes/known_issues.rst
+++ b/doc/guides/rel_notes/known_issues.rst
@@ -827,2 +827,37 @@ Kernel crash when hot-unplug igb_uio device while DPDK application is running
 **Driver/Module**:
    ``igb_uio`` module.
+
+
+AVX-512 support disabled
+------------------------
+
+**Description**:
+   ``AVX-512`` support has been disabled on some conditions.
+   This shouldn't be confused with ``CONFIG_RTE_ENABLE_AVX512`` config option which is already
+   disabled by default. This config option defines if ``AVX-512`` specific implementations of
+   some file to be used or not. What has been disabled is compiler feature to produce ``AVX-512``
+   instructions from any source code.
+
+   On DPDK v18.11 ``AVX-512`` is disabled for all ``GCC`` builds which reported to cause a performance
+   drop.
+
+   On DPDK v19.02 ``AVX-512`` disable scope is reduced to ``GCC`` and ``binutils version 2.30`` based
+   on information accured from the GCC community defect.
+
+**Reason**:
+   Generated ``AVX-512`` code cause crash:
+   https://bugs.dpdk.org/show_bug.cgi?id=97
+   https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88096
+
+**Resolution/Workaround**:
+   * Update ``binutils`` to newer version than ``2.30``.
+
+   OR
+
+   * Use different compiler, like ``clang`` for this case.
+
+**Affected Environment/Platform**:
+    ``GCC`` and ``binutils version 2.30``.
+
+**Driver/Module**:
+    ALL.
diff --git a/mk/rte.cpuflags.mk b/mk/rte.cpuflags.mk
index c3291b17a..541211c61 100644
--- a/mk/rte.cpuflags.mk
+++ b/mk/rte.cpuflags.mk
@@ -70,6 +70,6 @@ ifeq ($(CONFIG_RTE_ENABLE_AVX512),y)
 CPUFLAGS += AVX512F
 else
-# disable AVX512F support of gcc as a workaround for Bug 97
-ifeq ($(CONFIG_RTE_TOOLCHAIN_GCC),y)
+# disable AVX512F support for GCC & binutils 2.30 as a workaround for Bug 97
+ifeq ($(FORCE_DISABLE_AVX512),y)
 MACHINE_CFLAGS += -mno-avx512f
 endif
diff --git a/mk/toolchain/gcc/rte.toolchain-compat.mk b/mk/toolchain/gcc/rte.toolchain-compat.mk
index 44904295c..dbddc986e 100644
--- a/mk/toolchain/gcc/rte.toolchain-compat.mk
+++ b/mk/toolchain/gcc/rte.toolchain-compat.mk
@@ -21,4 +21,14 @@ HOST_GCC_PATCHLEVEL = $(shell echo __GNUC_PATCHLEVEL__ | $(HOSTCC) -E -x c - | t
 HOST_GCC_VERSION = $(HOST_GCC_MAJOR)$(HOST_GCC_MINOR)
 
+LD_VERSION = $(shell $(LD) -v)
+# disable AVX512F support for GCC & binutils 2.30 as a workaround for Bug 97
+ifneq ($(filter 2.30%,$(LD_VERSION)),)
+FORCE_DISABLE_AVX512 := y
+# print warning only once for librte_eal
+ifneq ($(filter %librte_eal,$(CURDIR)),)
+$(warning AVX512 support disabled because of ld 2.30. See Bug 97)
+endif
+endif
+
 # if GCC is older than 4.x
 ifeq ($(shell test $(GCC_VERSION) -lt 40 && echo 1), 1)
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.240890131 +0000
+++ 0021-mk-fix-scope-of-disabling-AVX512F-support.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From a32ca9a4ebc1350ce48df0222decef95a72b742b Mon Sep 17 00:00:00 2001
+From b96963c2df2779080b57f350df885a7d03d0ada3 Mon Sep 17 00:00:00 2001
 From: Ferruh Yigit <ferruh.yigit@intel.com>
 Date: Mon, 14 Jan 2019 15:49:35 +0000
 Subject: [PATCH] mk: fix scope of disabling AVX512F support
 
+[ upstream commit a32ca9a4ebc1350ce48df0222decef95a72b742b ]
+
 AVX512 was disabled for GCC because of Bugzilla issue 97 [1],
 the GCC defect submitted for the issue [2] highlighted that this is
 a known binutils version 2.30 issue.
@@ -16,17 +18,15 @@
 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88096
 
 Fixes: 8d07c82b239f ("mk: disable gcc AVX512F support")
-Cc: stable@dpdk.org
 
 Signed-off-by: Ferruh Yigit <ferruh.yigit@intel.com>
 Acked-by: Thomas Monjalon <thomas@monjalon.net>
 ---
  config/meson.build                       |  8 ++++++
  doc/guides/rel_notes/known_issues.rst    | 35 ++++++++++++++++++++++++
- doc/guides/rel_notes/release_19_02.rst   | 15 ++++++++++
  mk/rte.cpuflags.mk                       |  4 +--
  mk/toolchain/gcc/rte.toolchain-compat.mk | 10 +++++++
- 5 files changed, 70 insertions(+), 2 deletions(-)
+ 4 files changed, 55 insertions(+), 2 deletions(-)
 
 diff --git a/config/meson.build b/config/meson.build
 index db32499b3..40802fc88 100644
@@ -87,30 +87,6 @@
 +
 +**Driver/Module**:
 +    ALL.
-diff --git a/doc/guides/rel_notes/release_19_02.rst b/doc/guides/rel_notes/release_19_02.rst
-index 832ac8c2a..5a2f62ca9 100644
---- a/doc/guides/rel_notes/release_19_02.rst
-+++ b/doc/guides/rel_notes/release_19_02.rst
-@@ -335,4 +335,19 @@ Known Issues
-    =========================================================
- 
-+* ``AVX-512`` support has been disabled for ``GCC`` builds when ``binutils 2.30``
-+  is detected [1] because of a crash [2]. This can affect ``native`` machine type
-+  build targets on the platforms that support ``AVX512F`` like ``Intel Skylake``
-+  processors, and can cause a possible performance drop. The immediate workaround
-+  is to use ``clang`` compiler on these platforms.
-+  Initial workaround in DPDK v18.11 was to disable ``AVX-512`` support for ``GCC``
-+  completely, but based on information on defect submitted to GCC community [3],
-+  issue has been identified as ``binutils 2.30`` issue. Since currently only GCC
-+  generates ``AVX-512`` instructions, the scope is limited to ``GCC`` and
-+  ``binutils 2.30``
-+
-+  - [1]: Commit ("mk: fix scope of disabling AVX512F support")
-+  - [2]: https://bugs.dpdk.org/show_bug.cgi?id=97
-+  - [3]: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88096
-+
- 
- Tested Platforms
 diff --git a/mk/rte.cpuflags.mk b/mk/rte.cpuflags.mk
 index c3291b17a..541211c61 100644
 --- a/mk/rte.cpuflags.mk

[dpdk-stable] patch 'eal: fix build of external app with clang on armv8' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 6b6824d8b5d9c6ea55f995dbee4131407c151645 Mon Sep 17 00:00:00 2001
From: Ilya Maximets <i.maximets@samsung.com>
Date: Mon, 14 Jan 2019 19:14:42 +0300
Subject: [PATCH] eal: fix build of external app with clang on armv8

[ upstream commit 9726aa990731508390319ac5ba213f95b595f550 ]

In case DPDK built using GCC, RTE_TOOLCHAIN_CLANG is not defined.
But 'rte_atomic.h' is a generic header that included to the
external apps like OVS while building with DPDK. As a result,
clang build of OVS fails on armv8 if DPDK built using gcc:

    include/generic/rte_atomic.h:215:9: error:
            implicit declaration of function '__atomic_exchange_2'
            is invalid in C99
    include/generic/rte_atomic.h:494:9: error:
            implicit declaration of function '__atomic_exchange_4'
            is invalid in C99
    include/generic/rte_atomic.h:772:9: error:
            implicit declaration of function '__atomic_exchange_8'
            is invalid in C99

We need to check for current compiler, not the compiler used for
DPDK build.

Fixes: 7bdccb93078e ("eal: fix ARM build with clang")

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Thomas Monjalon <thomas@monjalon.net>
---
 lib/librte_eal/common/include/generic/rte_atomic.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/librte_eal/common/include/generic/rte_atomic.h b/lib/librte_eal/common/include/generic/rte_atomic.h
index b99ba4688..d0c464fb1 100644
--- a/lib/librte_eal/common/include/generic/rte_atomic.h
+++ b/lib/librte_eal/common/include/generic/rte_atomic.h
@@ -213,5 +213,5 @@ static inline uint16_t
 rte_atomic16_exchange(volatile uint16_t *dst, uint16_t val)
 {
-#if defined(RTE_ARCH_ARM64) && defined(RTE_TOOLCHAIN_CLANG)
+#if defined(RTE_ARCH_ARM64) && defined(__clang__)
 	return __atomic_exchange_n(dst, val, __ATOMIC_SEQ_CST);
 #else
@@ -496,5 +496,5 @@ static inline uint32_t
 rte_atomic32_exchange(volatile uint32_t *dst, uint32_t val)
 {
-#if defined(RTE_ARCH_ARM64) && defined(RTE_TOOLCHAIN_CLANG)
+#if defined(RTE_ARCH_ARM64) && defined(__clang__)
 	return __atomic_exchange_n(dst, val, __ATOMIC_SEQ_CST);
 #else
@@ -778,5 +778,5 @@ static inline uint64_t
 rte_atomic64_exchange(volatile uint64_t *dst, uint64_t val)
 {
-#if defined(RTE_ARCH_ARM64) && defined(RTE_TOOLCHAIN_CLANG)
+#if defined(RTE_ARCH_ARM64) && defined(__clang__)
 	return __atomic_exchange_n(dst, val, __ATOMIC_SEQ_CST);
 #else
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.263552860 +0000
+++ 0022-eal-fix-build-of-external-app-with-clang-on-armv8.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 9726aa990731508390319ac5ba213f95b595f550 Mon Sep 17 00:00:00 2001
+From 6b6824d8b5d9c6ea55f995dbee4131407c151645 Mon Sep 17 00:00:00 2001
 From: Ilya Maximets <i.maximets@samsung.com>
 Date: Mon, 14 Jan 2019 19:14:42 +0300
 Subject: [PATCH] eal: fix build of external app with clang on armv8
 
+[ upstream commit 9726aa990731508390319ac5ba213f95b595f550 ]
+
 In case DPDK built using GCC, RTE_TOOLCHAIN_CLANG is not defined.
 But 'rte_atomic.h' is a generic header that included to the
 external apps like OVS while building with DPDK. As a result,
@@ -22,7 +24,6 @@
 DPDK build.
 
 Fixes: 7bdccb93078e ("eal: fix ARM build with clang")
-Cc: stable@dpdk.org
 
 Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
 Acked-by: Thomas Monjalon <thomas@monjalon.net>

[dpdk-stable] patch 'net/mlx5: fix shared counter allocation logic' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From b432ddcabd6eaf94b6572e1487f77dc244734ac2 Mon Sep 17 00:00:00 2001
From: Moti Haimovsky <motih@mellanox.com>
Date: Thu, 3 Jan 2019 15:06:36 +0000
Subject: [PATCH] net/mlx5: fix shared counter allocation logic

[ upstream commit 5f09e80cf8b248348cc635e518dfcab3126f1ca1 ]

This commit fixes the logic for searching and allocating a shared
counter in mlx5_flow_verbs.
Now only the shared counters in the counters list are checked for
a match and not all the counters as before.

Fixes: 84c406e74524 ("net/mlx5: add flow translate function")

Signed-off-by: Moti Haimovsky <motih@mellanox.com>
Acked-by: Shahaf Shuler <shahafs@mellanox.com>
---
 drivers/net/mlx5/mlx5_flow_verbs.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/drivers/net/mlx5/mlx5_flow_verbs.c b/drivers/net/mlx5/mlx5_flow_verbs.c
index 81ec59d78..409e1cd0c 100644
--- a/drivers/net/mlx5/mlx5_flow_verbs.c
+++ b/drivers/net/mlx5/mlx5_flow_verbs.c
@@ -122,11 +122,11 @@ flow_verbs_counter_new(struct rte_eth_dev *dev, uint32_t shared, uint32_t id)
 	int ret;
 
-	LIST_FOREACH(cnt, &priv->flow_counters, next) {
-		if (!cnt->shared || cnt->shared != shared)
-			continue;
-		if (cnt->id != id)
-			continue;
-		cnt->ref_cnt++;
-		return cnt;
+	if (shared) {
+		LIST_FOREACH(cnt, &priv->flow_counters, next) {
+			if (cnt->shared && cnt->id == id) {
+				cnt->ref_cnt++;
+				return cnt;
+			}
+		}
 	}
 	cnt = rte_calloc(__func__, 1, sizeof(*cnt), 0);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.286131952 +0000
+++ 0023-net-mlx5-fix-shared-counter-allocation-logic.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From 5f09e80cf8b248348cc635e518dfcab3126f1ca1 Mon Sep 17 00:00:00 2001
+From b432ddcabd6eaf94b6572e1487f77dc244734ac2 Mon Sep 17 00:00:00 2001
 From: Moti Haimovsky <motih@mellanox.com>
 Date: Thu, 3 Jan 2019 15:06:36 +0000
 Subject: [PATCH] net/mlx5: fix shared counter allocation logic
 
+[ upstream commit 5f09e80cf8b248348cc635e518dfcab3126f1ca1 ]
+
 This commit fixes the logic for searching and allocating a shared
 counter in mlx5_flow_verbs.
 Now only the shared counters in the counters list are checked for
 a match and not all the counters as before.
 
 Fixes: 84c406e74524 ("net/mlx5: add flow translate function")
-Cc: stable@dpdk.org
 
 Signed-off-by: Moti Haimovsky <motih@mellanox.com>
 Acked-by: Shahaf Shuler <shahafs@mellanox.com>

[dpdk-stable] patch 'net/ixgbe: fix over using multicast table for VF' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From bf484e4ce727bb2c28eb9b68f74213b01769dd24 Mon Sep 17 00:00:00 2001
From: Wei Zhao <wei.zhao1@intel.com>
Date: Mon, 7 Jan 2019 15:22:56 +0800
Subject: [PATCH] net/ixgbe: fix over using multicast table for VF

[ upstream commit dc5a6e74224094ae702fa971c4ce039b4a2e3560 ]

According to the current implementation, all VFs will set bit
IXGBE_VMOLR_ROMPE during initialization, this cause any VF
will accept packets that match the MTA table. Since the MTA
table is shared by all VFs which means if one VF update MTA
table in function ixgbe_vf_set_multicast, then all other VFs
will receive multicast packets which cause unnecessary
performance overhead.

So it's better to set VF's ROPE bit of register VMOLR only
if multicast address filter is required on that VF.
Also, the ROPE bit should be reset when multicast address
filter is requested to clean.

This patch also aligns to the related fix on ixgbe
kernel driver 5.3.7.

Fixes: 00e30184daa0 ("ixgbe: add PF support")

Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
---
 drivers/net/ixgbe/ixgbe_pf.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/drivers/net/ixgbe/ixgbe_pf.c b/drivers/net/ixgbe/ixgbe_pf.c
index 4b833ffab..be0c0768c 100644
--- a/drivers/net/ixgbe/ixgbe_pf.c
+++ b/drivers/net/ixgbe/ixgbe_pf.c
@@ -352,5 +352,5 @@ ixgbe_vf_reset_event(struct rte_eth_dev *dev, uint16_t vf)
 	uint32_t vmolr = IXGBE_READ_REG(hw, IXGBE_VMOLR(vf));
 
-	vmolr |= (IXGBE_VMOLR_ROPE | IXGBE_VMOLR_ROMPE |
+	vmolr |= (IXGBE_VMOLR_ROPE |
 			IXGBE_VMOLR_BAM | IXGBE_VMOLR_AUPE);
 	IXGBE_WRITE_REG(hw, IXGBE_VMOLR(vf), vmolr);
@@ -504,4 +504,5 @@ ixgbe_vf_set_multicast(struct rte_eth_dev *dev, uint32_t vf, uint32_t *msgbuf)
 	uint32_t reg_val;
 	int i;
+	u32 vmolr = IXGBE_READ_REG(hw, IXGBE_VMOLR(vf));
 
 	/* Disable multicast promiscuous first */
@@ -517,4 +518,10 @@ ixgbe_vf_set_multicast(struct rte_eth_dev *dev, uint32_t vf, uint32_t *msgbuf)
 	}
 
+	if (nb_entries == 0) {
+		vmolr &= ~IXGBE_VMOLR_ROMPE;
+		IXGBE_WRITE_REG(hw, IXGBE_VMOLR(vf), vmolr);
+		return 0;
+	}
+
 	for (i = 0; i < vfinfo->num_vf_mc_hashes; i++) {
 		mta_idx = (vfinfo->vf_mc_hashes[i] >> IXGBE_MTA_BIT_SHIFT)
@@ -526,4 +533,7 @@ ixgbe_vf_set_multicast(struct rte_eth_dev *dev, uint32_t vf, uint32_t *msgbuf)
 	}
 
+	vmolr |= IXGBE_VMOLR_ROMPE;
+	IXGBE_WRITE_REG(hw, IXGBE_VMOLR(vf), vmolr);
+
 	return 0;
 }
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.309193333 +0000
+++ 0024-net-ixgbe-fix-over-using-multicast-table-for-VF.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From dc5a6e74224094ae702fa971c4ce039b4a2e3560 Mon Sep 17 00:00:00 2001
+From bf484e4ce727bb2c28eb9b68f74213b01769dd24 Mon Sep 17 00:00:00 2001
 From: Wei Zhao <wei.zhao1@intel.com>
 Date: Mon, 7 Jan 2019 15:22:56 +0800
 Subject: [PATCH] net/ixgbe: fix over using multicast table for VF
 
+[ upstream commit dc5a6e74224094ae702fa971c4ce039b4a2e3560 ]
+
 According to the current implementation, all VFs will set bit
 IXGBE_VMOLR_ROMPE during initialization, this cause any VF
 will accept packets that match the MTA table. Since the MTA
@@ -20,7 +22,6 @@
 kernel driver 5.3.7.
 
 Fixes: 00e30184daa0 ("ixgbe: add PF support")
-Cc: stable@dpdk.org
 
 Signed-off-by: Wei Zhao <wei.zhao1@intel.com>
 Acked-by: Qi Zhang <qi.z.zhang@intel.com>

[dpdk-stable] patch 'vhost: fix possible out of bound access in vector filling' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 98f3d3de13c66bba2234bc17447591d7102b9d38 Mon Sep 17 00:00:00 2001
From: Tiwei Bie <tiwei.bie@intel.com>
Date: Fri, 4 Jan 2019 12:06:40 +0800
Subject: [PATCH] vhost: fix possible out of bound access in vector filling

[ upstream commit 06fc8545fd6302f70de9ef5008a204e467d8cedb ]

Fixes: 7f74b95c444f ("vhost: pre update used ring for Tx and Rx")

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/virtio_net.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c
index 68b72e7a5..8ddee4ca5 100644
--- a/lib/librte_vhost/virtio_net.c
+++ b/lib/librte_vhost/virtio_net.c
@@ -339,4 +339,7 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
 	struct vring_desc *idesc = NULL;
 
+	if (unlikely(idx >= vq->size))
+		return -1;
+
 	*desc_chain_head = idx;
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.330307530 +0000
+++ 0025-vhost-fix-possible-out-of-bound-access-in-vector-fil.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,10 +1,11 @@
-From 06fc8545fd6302f70de9ef5008a204e467d8cedb Mon Sep 17 00:00:00 2001
+From 98f3d3de13c66bba2234bc17447591d7102b9d38 Mon Sep 17 00:00:00 2001
 From: Tiwei Bie <tiwei.bie@intel.com>
 Date: Fri, 4 Jan 2019 12:06:40 +0800
 Subject: [PATCH] vhost: fix possible out of bound access in vector filling
 
+[ upstream commit 06fc8545fd6302f70de9ef5008a204e467d8cedb ]
+
 Fixes: 7f74b95c444f ("vhost: pre update used ring for Tx and Rx")
-Cc: stable@dpdk.org
 
 Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
@@ -13,10 +14,10 @@
  1 file changed, 3 insertions(+)
 
 diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c
-index 474acf64d..d64c355b9 100644
+index 68b72e7a5..8ddee4ca5 100644
 --- a/lib/librte_vhost/virtio_net.c
 +++ b/lib/librte_vhost/virtio_net.c
-@@ -313,4 +313,7 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
+@@ -339,4 +339,7 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
  	struct vring_desc *idesc = NULL;
  
 +	if (unlikely(idx >= vq->size))

[dpdk-stable] patch 'vhost: fix possible dead loop in vector filling' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From ef846dc5243732117953303e500f29d7386611f2 Mon Sep 17 00:00:00 2001
From: Tiwei Bie <tiwei.bie@intel.com>
Date: Fri, 4 Jan 2019 12:06:41 +0800
Subject: [PATCH] vhost: fix possible dead loop in vector filling

[ upstream commit 450539b47ec89bcb49973a24b4c85c5f0bc8f37b ]

Fix a possible dead loop which may happen, e.g. when driver
created a loop in the desc list and lens in descs are zero.

Fixes: fd68b4739d2c ("vhost: use buffer vectors in dequeue path")
Fixes: 2f3225a7d69b ("vhost: add vector filling support for packed ring")

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/virtio_net.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c
index 8ddee4ca5..ed9c0847f 100644
--- a/lib/librte_vhost/virtio_net.c
+++ b/lib/librte_vhost/virtio_net.c
@@ -336,4 +336,5 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
 	uint32_t len    = 0;
 	uint64_t dlen;
+	uint32_t nr_descs = vq->size;
 	struct vring_desc *descs = vq->desc;
 	struct vring_desc *idesc = NULL;
@@ -346,4 +347,8 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
 	if (vq->desc[idx].flags & VRING_DESC_F_INDIRECT) {
 		dlen = vq->desc[idx].len;
+		nr_descs = dlen / sizeof(struct vring_desc);
+		if (unlikely(nr_descs > vq->size))
+			return -1;
+
 		descs = (struct vring_desc *)(uintptr_t)
 			vhost_iova_to_vva(dev, vq, vq->desc[idx].addr,
@@ -375,4 +380,9 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
 		}
 
+		if (unlikely(nr_descs-- == 0)) {
+			free_ind_table(idesc);
+			return -1;
+		}
+
 		len += descs[idx].len;
 
@@ -537,4 +547,7 @@ fill_vec_buf_packed(struct virtio_net *dev, struct vhost_virtqueue *vq,
 			return -1;
 
+		if (unlikely(*desc_count >= vq->size))
+			return -1;
+
 		*desc_count += 1;
 		*buf_id = descs[avail_idx].id;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.352457433 +0000
+++ 0026-vhost-fix-possible-dead-loop-in-vector-filling.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 450539b47ec89bcb49973a24b4c85c5f0bc8f37b Mon Sep 17 00:00:00 2001
+From ef846dc5243732117953303e500f29d7386611f2 Mon Sep 17 00:00:00 2001
 From: Tiwei Bie <tiwei.bie@intel.com>
 Date: Fri, 4 Jan 2019 12:06:41 +0800
 Subject: [PATCH] vhost: fix possible dead loop in vector filling
 
+[ upstream commit 450539b47ec89bcb49973a24b4c85c5f0bc8f37b ]
+
 Fix a possible dead loop which may happen, e.g. when driver
 created a loop in the desc list and lens in descs are zero.
 
 Fixes: fd68b4739d2c ("vhost: use buffer vectors in dequeue path")
 Fixes: 2f3225a7d69b ("vhost: add vector filling support for packed ring")
-Cc: stable@dpdk.org
 
 Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
@@ -17,16 +18,16 @@
  1 file changed, 13 insertions(+)
 
 diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c
-index d64c355b9..0893a1d04 100644
+index 8ddee4ca5..ed9c0847f 100644
 --- a/lib/librte_vhost/virtio_net.c
 +++ b/lib/librte_vhost/virtio_net.c
-@@ -310,4 +310,5 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
+@@ -336,4 +336,5 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
  	uint32_t len    = 0;
  	uint64_t dlen;
 +	uint32_t nr_descs = vq->size;
  	struct vring_desc *descs = vq->desc;
  	struct vring_desc *idesc = NULL;
-@@ -320,4 +321,8 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
+@@ -346,4 +347,8 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
  	if (vq->desc[idx].flags & VRING_DESC_F_INDIRECT) {
  		dlen = vq->desc[idx].len;
 +		nr_descs = dlen / sizeof(struct vring_desc);
@@ -35,7 +36,7 @@
 +
  		descs = (struct vring_desc *)(uintptr_t)
  			vhost_iova_to_vva(dev, vq, vq->desc[idx].addr,
-@@ -349,4 +354,9 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
+@@ -375,4 +380,9 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq,
  		}
  
 +		if (unlikely(nr_descs-- == 0)) {
@@ -45,7 +46,7 @@
 +
  		len += descs[idx].len;
  
-@@ -511,4 +521,7 @@ fill_vec_buf_packed(struct virtio_net *dev, struct vhost_virtqueue *vq,
+@@ -537,4 +547,7 @@ fill_vec_buf_packed(struct virtio_net *dev, struct vhost_virtqueue *vq,
  			return -1;
  
 +		if (unlikely(*desc_count >= vq->size))

[dpdk-stable] patch 'vhost: ensure event idx is mapped when negotiated' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 278a62cd2f3378857a57f6198334677b5ce2cc53 Mon Sep 17 00:00:00 2001
From: Tiwei Bie <tiwei.bie@intel.com>
Date: Fri, 4 Jan 2019 12:06:42 +0800
Subject: [PATCH] vhost: ensure event idx is mapped when negotiated

[ upstream commit 61ec8f58b040b2822cb5c33bb79e9e17b83fd45f ]

Fixes: 30920b1e2b15 ("vhost: ensure all range is mapped when translating QVAs")

Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/vhost_user.c | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 557213491..401c4aa7b 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -542,5 +542,5 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index)
 	struct vhost_virtqueue *vq = dev->virtqueue[vq_index];
 	struct vhost_vring_addr *addr = &vq->ring_addrs;
-	uint64_t len;
+	uint64_t len, expected_len;
 
 	if (vq_is_packed(dev)) {
@@ -608,9 +608,10 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index)
 
 	len = sizeof(struct vring_avail) + sizeof(uint16_t) * vq->size;
+	if (dev->features & (1ULL << VIRTIO_RING_F_EVENT_IDX))
+		len += sizeof(uint16_t);
+	expected_len = len;
 	vq->avail = (struct vring_avail *)(uintptr_t)ring_addr_to_vva(dev,
 			vq, addr->avail_user_addr, &len);
-	if (vq->avail == 0 ||
-			len != sizeof(struct vring_avail) +
-			sizeof(uint16_t) * vq->size) {
+	if (vq->avail == 0 || len != expected_len) {
 		RTE_LOG(DEBUG, VHOST_CONFIG,
 			"(%d) failed to map avail ring.\n",
@@ -621,8 +622,10 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index)
 	len = sizeof(struct vring_used) +
 		sizeof(struct vring_used_elem) * vq->size;
+	if (dev->features & (1ULL << VIRTIO_RING_F_EVENT_IDX))
+		len += sizeof(uint16_t);
+	expected_len = len;
 	vq->used = (struct vring_used *)(uintptr_t)ring_addr_to_vva(dev,
 			vq, addr->used_user_addr, &len);
-	if (vq->used == 0 || len != sizeof(struct vring_used) +
-			sizeof(struct vring_used_elem) * vq->size) {
+	if (vq->used == 0 || len != expected_len) {
 		RTE_LOG(DEBUG, VHOST_CONFIG,
 			"(%d) failed to map used ring.\n",
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.375756464 +0000
+++ 0027-vhost-ensure-event-idx-is-mapped-when-negotiated.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,10 +1,11 @@
-From 61ec8f58b040b2822cb5c33bb79e9e17b83fd45f Mon Sep 17 00:00:00 2001
+From 278a62cd2f3378857a57f6198334677b5ce2cc53 Mon Sep 17 00:00:00 2001
 From: Tiwei Bie <tiwei.bie@intel.com>
 Date: Fri, 4 Jan 2019 12:06:42 +0800
 Subject: [PATCH] vhost: ensure event idx is mapped when negotiated
 
+[ upstream commit 61ec8f58b040b2822cb5c33bb79e9e17b83fd45f ]
+
 Fixes: 30920b1e2b15 ("vhost: ensure all range is mapped when translating QVAs")
-Cc: stable@dpdk.org
 
 Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
@@ -13,7 +14,7 @@
  1 file changed, 9 insertions(+), 6 deletions(-)
 
 diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
-index 8fec773d5..1843e032f 100644
+index 557213491..401c4aa7b 100644
 --- a/lib/librte_vhost/vhost_user.c
 +++ b/lib/librte_vhost/vhost_user.c
 @@ -542,5 +542,5 @@ translate_ring_addresses(struct virtio_net *dev, int vq_index)

[dpdk-stable] patch 'vhost/crypto: fix possible dead loop' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 25b041012ca317971230bb563daa144aef58a0ea Mon Sep 17 00:00:00 2001
From: Fan Zhang <roy.fan.zhang@intel.com>
Date: Fri, 4 Jan 2019 11:22:45 +0000
Subject: [PATCH] vhost/crypto: fix possible dead loop

[ upstream commit c7e7244b82ad174a8ca51a385e6ad2eb508261d8 ]

This patch fixes a possible infinite loop caused by incorrect
descriptor chain created by the driver.

Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/vhost_crypto.c | 121 ++++++++++++++++++++++----------
 1 file changed, 82 insertions(+), 39 deletions(-)

diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
index dd01afc08..80b83ef77 100644
--- a/lib/librte_vhost/vhost_crypto.c
+++ b/lib/librte_vhost/vhost_crypto.c
@@ -467,5 +467,6 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
 
 static __rte_always_inline struct vring_desc *
-find_write_desc(struct vring_desc *head, struct vring_desc *desc)
+find_write_desc(struct vring_desc *head, struct vring_desc *desc,
+		uint32_t *nb_descs)
 {
 	if (desc->flags & VRING_DESC_F_WRITE)
@@ -473,4 +474,8 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
 
 	while (desc->flags & VRING_DESC_F_NEXT) {
+		if (unlikely(*nb_descs == 0))
+			return NULL;
+		(*nb_descs)--;
+
 		desc = &head[desc->next];
 		if (desc->flags & VRING_DESC_F_WRITE)
@@ -482,11 +487,16 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
 
 static struct virtio_crypto_inhdr *
-reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc)
+reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
+		uint32_t *nb_descs)
 {
 	uint64_t dlen;
 	struct virtio_crypto_inhdr *inhdr;
 
-	while (desc->flags & VRING_DESC_F_NEXT)
+	while (desc->flags & VRING_DESC_F_NEXT) {
+		if (unlikely(*nb_descs == 0))
+			return NULL;
+		(*nb_descs)--;
 		desc = &vc_req->head[desc->next];
+	}
 
 	dlen = desc->len;
@@ -501,13 +511,14 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc)
 static __rte_always_inline int
 move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
-		uint32_t size)
+		uint32_t size, uint32_t *nb_descs)
 {
 	struct vring_desc *desc = *cur_desc;
-	int left = size;
-
-	rte_prefetch0(&head[desc->next]);
-	left -= desc->len;
+	int left = size - desc->len;
 
 	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
+		(*nb_descs)--;
+		if (unlikely(*nb_descs == 0))
+			return -1;
+
 		desc = &head[desc->next];
 		rte_prefetch0(&head[desc->next]);
@@ -518,5 +529,8 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
 		return -1;
 
-	*cur_desc = &head[desc->next];
+	if (unlikely(*nb_descs == 0))
+		*cur_desc = NULL;
+	else
+		*cur_desc = &head[desc->next];
 	return 0;
 }
@@ -540,5 +554,5 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
 static int
 copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
-		struct vring_desc **cur_desc, uint32_t size)
+		struct vring_desc **cur_desc, uint32_t size, uint32_t *nb_descs)
 {
 	struct vring_desc *desc = *cur_desc;
@@ -549,5 +563,4 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 	int left = size;
 
-	rte_prefetch0(&vc_req->head[desc->next]);
 	to_copy = RTE_MIN(desc->len, (uint32_t)left);
 	dlen = to_copy;
@@ -583,4 +596,10 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 
 	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
+		if (unlikely(*nb_descs == 0)) {
+			VC_LOG_ERR("Invalid descriptors");
+			return -1;
+		}
+		(*nb_descs)--;
+
 		desc = &vc_req->head[desc->next];
 		rte_prefetch0(&vc_req->head[desc->next]);
@@ -625,5 +644,8 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 	}
 
-	*cur_desc = &vc_req->head[desc->next];
+	if (unlikely(*nb_descs == 0))
+		*cur_desc = NULL;
+	else
+		*cur_desc = &vc_req->head[desc->next];
 
 	return 0;
@@ -685,5 +707,6 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 		uint8_t *src,
 		uint32_t offset,
-		uint64_t write_back_len)
+		uint64_t write_back_len,
+		uint32_t *nb_descs)
 {
 	struct vhost_crypto_writeback_data *wb_data, *head;
@@ -732,4 +755,10 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 
 	while (write_back_len) {
+		if (unlikely(*nb_descs == 0)) {
+			VC_LOG_ERR("Invalid descriptors");
+			goto error_exit;
+		}
+		(*nb_descs)--;
+
 		desc = &vc_req->head[desc->next];
 		if (unlikely(!(desc->flags & VRING_DESC_F_WRITE))) {
@@ -771,5 +800,8 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 	}
 
-	*cur_desc = &vc_req->head[desc->next];
+	if (unlikely(*nb_descs == 0))
+		*cur_desc = NULL;
+	else
+		*cur_desc = &vc_req->head[desc->next];
 
 	*end_wb_data = wb_data;
@@ -788,5 +820,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		struct vhost_crypto_data_req *vc_req,
 		struct virtio_crypto_cipher_data_req *cipher,
-		struct vring_desc *cur_desc)
+		struct vring_desc *cur_desc,
+		uint32_t *nb_descs)
 {
 	struct vring_desc *desc = cur_desc;
@@ -798,6 +831,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 	/* prepare */
 	/* iv */
-	if (unlikely(copy_data(iv_data, vc_req, &desc,
-			cipher->para.iv_len) < 0)) {
+	if (unlikely(copy_data(iv_data, vc_req, &desc, cipher->para.iv_len,
+			nb_descs) < 0)) {
 		ret = VIRTIO_CRYPTO_BADMSG;
 		goto error_exit;
@@ -819,5 +852,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				cipher->para.src_data_len) < 0)) {
+				cipher->para.src_data_len, nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -836,6 +869,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		}
 		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
-				vc_req, &desc, cipher->para.src_data_len)
-				< 0)) {
+				vc_req, &desc, cipher->para.src_data_len,
+				nb_descs) < 0)) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -848,5 +881,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 	/* dst */
-	desc = find_write_desc(vc_req->head, desc);
+	desc = find_write_desc(vc_req->head, desc, nb_descs);
 	if (unlikely(!desc)) {
 		VC_LOG_ERR("Cannot find write location");
@@ -867,5 +900,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				cipher->para.dst_data_len) < 0)) {
+				cipher->para.dst_data_len, nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -878,5 +911,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		vc_req->wb = prepare_write_back_data(vc_req, &desc, &ewb,
 				rte_pktmbuf_mtod(m_src, uint8_t *), 0,
-				cipher->para.dst_data_len);
+				cipher->para.dst_data_len, nb_descs);
 		if (unlikely(vc_req->wb == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -920,5 +953,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		struct vhost_crypto_data_req *vc_req,
 		struct virtio_crypto_alg_chain_data_req *chain,
-		struct vring_desc *cur_desc)
+		struct vring_desc *cur_desc,
+		uint32_t *nb_descs)
 {
 	struct vring_desc *desc = cur_desc, *digest_desc;
@@ -933,5 +967,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 	/* iv */
 	if (unlikely(copy_data(iv_data, vc_req, &desc,
-			chain->para.iv_len) < 0)) {
+			chain->para.iv_len, nb_descs) < 0)) {
 		ret = VIRTIO_CRYPTO_BADMSG;
 		goto error_exit;
@@ -954,5 +988,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.src_data_len) < 0)) {
+				chain->para.src_data_len, nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -970,5 +1004,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		}
 		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
-				vc_req, &desc, chain->para.src_data_len)) < 0) {
+				vc_req, &desc, chain->para.src_data_len,
+				nb_descs)) < 0) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -982,5 +1017,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 	/* dst */
-	desc = find_write_desc(vc_req->head, desc);
+	desc = find_write_desc(vc_req->head, desc, nb_descs);
 	if (unlikely(!desc)) {
 		VC_LOG_ERR("Cannot find write location");
@@ -1001,5 +1036,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.dst_data_len) < 0)) {
+				chain->para.dst_data_len, nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1018,5 +1053,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.hash_result_len) < 0)) {
+				chain->para.hash_result_len, nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1030,5 +1065,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 				chain->para.cipher_start_src_offset,
 				chain->para.dst_data_len -
-				chain->para.cipher_start_src_offset);
+				chain->para.cipher_start_src_offset, nb_descs);
 		if (unlikely(vc_req->wb == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1043,5 +1078,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		/** create a wb_data for digest */
 		ewb->next = prepare_write_back_data(vc_req, &desc, &ewb2,
-				digest_addr, 0, chain->para.hash_result_len);
+				digest_addr, 0, chain->para.hash_result_len,
+				nb_descs);
 		if (unlikely(ewb->next == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1050,5 +1086,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(copy_data(digest_addr, vc_req, &digest_desc,
-				chain->para.hash_result_len)) < 0) {
+				chain->para.hash_result_len, nb_descs)) < 0) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -1109,4 +1145,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 	uint64_t session_id;
 	uint64_t dlen;
+	uint32_t nb_descs = vq->size;
 	int err = 0;
 
@@ -1117,4 +1154,8 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 	if (likely(head->flags & VRING_DESC_F_INDIRECT)) {
 		dlen = head->len;
+		nb_descs = dlen / sizeof(struct vring_desc);
+		/* drop invalid descriptors */
+		if (unlikely(nb_descs > vq->size))
+			return -1;
 		desc = IOVA_TO_VVA(struct vring_desc *, vc_req, head->addr,
 				&dlen, VHOST_ACCESS_RO);
@@ -1139,6 +1180,6 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 		case RTE_VHOST_CRYPTO_ZERO_COPY_DISABLE:
 			req = &tmp_req;
-			if (unlikely(copy_data(req, vc_req, &desc, sizeof(*req))
-					< 0)) {
+			if (unlikely(copy_data(req, vc_req, &desc, sizeof(*req),
+					&nb_descs) < 0)) {
 				err = VIRTIO_CRYPTO_BADMSG;
 				VC_LOG_ERR("Invalid descriptor");
@@ -1153,5 +1194,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 	} else {
 		if (unlikely(move_desc(vc_req->head, &desc,
-				sizeof(*req)) < 0)) {
+				sizeof(*req), &nb_descs) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			goto error_exit;
@@ -1194,9 +1235,11 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 		case VIRTIO_CRYPTO_SYM_OP_CIPHER:
 			err = prepare_sym_cipher_op(vcrypto, op, vc_req,
-					&req->u.sym_req.u.cipher, desc);
+					&req->u.sym_req.u.cipher, desc,
+					&nb_descs);
 			break;
 		case VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING:
 			err = prepare_sym_chain_op(vcrypto, op, vc_req,
-					&req->u.sym_req.u.chain, desc);
+					&req->u.sym_req.u.chain, desc,
+					&nb_descs);
 			break;
 		}
@@ -1216,5 +1259,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 error_exit:
 
-	inhdr = reach_inhdr(vc_req, desc);
+	inhdr = reach_inhdr(vc_req, desc, &nb_descs);
 	if (likely(inhdr != NULL))
 		inhdr->status = (uint8_t)err;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.398900413 +0000
+++ 0028-vhost-crypto-fix-possible-dead-loop.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From c7e7244b82ad174a8ca51a385e6ad2eb508261d8 Mon Sep 17 00:00:00 2001
+From 25b041012ca317971230bb563daa144aef58a0ea Mon Sep 17 00:00:00 2001
 From: Fan Zhang <roy.fan.zhang@intel.com>
 Date: Fri, 4 Jan 2019 11:22:45 +0000
 Subject: [PATCH] vhost/crypto: fix possible dead loop
 
+[ upstream commit c7e7244b82ad174a8ca51a385e6ad2eb508261d8 ]
+
 This patch fixes a possible infinite loop caused by incorrect
 descriptor chain created by the driver.
 
 Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")
-Cc: stable@dpdk.org
 
 Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
@@ -16,10 +17,10 @@
  1 file changed, 82 insertions(+), 39 deletions(-)
 
 diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
-index 598196fb7..e12458ce0 100644
+index dd01afc08..80b83ef77 100644
 --- a/lib/librte_vhost/vhost_crypto.c
 +++ b/lib/librte_vhost/vhost_crypto.c
-@@ -468,5 +468,6 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
+@@ -467,5 +467,6 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
  
  static __rte_always_inline struct vring_desc *
 -find_write_desc(struct vring_desc *head, struct vring_desc *desc)
@@ -27,7 +28,7 @@
 +		uint32_t *nb_descs)
  {
  	if (desc->flags & VRING_DESC_F_WRITE)
-@@ -474,4 +475,8 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
+@@ -473,4 +474,8 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
  
  	while (desc->flags & VRING_DESC_F_NEXT) {
 +		if (unlikely(*nb_descs == 0))
@@ -36,7 +37,7 @@
 +
  		desc = &head[desc->next];
  		if (desc->flags & VRING_DESC_F_WRITE)
-@@ -483,11 +488,16 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
+@@ -482,11 +487,16 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc)
  
  static struct virtio_crypto_inhdr *
 -reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc)
@@ -55,7 +56,7 @@
 +	}
  
  	dlen = desc->len;
-@@ -502,13 +512,14 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc)
+@@ -501,13 +511,14 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc)
  static __rte_always_inline int
  move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
 -		uint32_t size)
@@ -75,7 +76,7 @@
 +
  		desc = &head[desc->next];
  		rte_prefetch0(&head[desc->next]);
-@@ -519,5 +530,8 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
+@@ -518,5 +529,8 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
  		return -1;
  
 -	*cur_desc = &head[desc->next];
@@ -85,20 +86,20 @@
 +		*cur_desc = &head[desc->next];
  	return 0;
  }
-@@ -541,5 +555,5 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
+@@ -540,5 +554,5 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
  static int
  copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 -		struct vring_desc **cur_desc, uint32_t size)
 +		struct vring_desc **cur_desc, uint32_t size, uint32_t *nb_descs)
  {
  	struct vring_desc *desc = *cur_desc;
-@@ -550,5 +564,4 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
+@@ -549,5 +563,4 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
  	int left = size;
  
 -	rte_prefetch0(&vc_req->head[desc->next]);
  	to_copy = RTE_MIN(desc->len, (uint32_t)left);
  	dlen = to_copy;
-@@ -584,4 +597,10 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
+@@ -583,4 +596,10 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
  
  	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
 +		if (unlikely(*nb_descs == 0)) {
@@ -109,7 +110,7 @@
 +
  		desc = &vc_req->head[desc->next];
  		rte_prefetch0(&vc_req->head[desc->next]);
-@@ -626,5 +645,8 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
+@@ -625,5 +644,8 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
  	}
  
 -	*cur_desc = &vc_req->head[desc->next];
@@ -119,7 +120,7 @@
 +		*cur_desc = &vc_req->head[desc->next];
  
  	return 0;
-@@ -686,5 +708,6 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -685,5 +707,6 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  		uint8_t *src,
  		uint32_t offset,
 -		uint64_t write_back_len)
@@ -127,7 +128,7 @@
 +		uint32_t *nb_descs)
  {
  	struct vhost_crypto_writeback_data *wb_data, *head;
-@@ -733,4 +756,10 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -732,4 +755,10 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  
  	while (write_back_len) {
 +		if (unlikely(*nb_descs == 0)) {
@@ -138,7 +139,7 @@
 +
  		desc = &vc_req->head[desc->next];
  		if (unlikely(!(desc->flags & VRING_DESC_F_WRITE))) {
-@@ -772,5 +801,8 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -771,5 +800,8 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  	}
  
 -	*cur_desc = &vc_req->head[desc->next];
@@ -148,7 +149,7 @@
 +		*cur_desc = &vc_req->head[desc->next];
  
  	*end_wb_data = wb_data;
-@@ -789,5 +821,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -788,5 +820,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		struct vhost_crypto_data_req *vc_req,
  		struct virtio_crypto_cipher_data_req *cipher,
 -		struct vring_desc *cur_desc)
@@ -156,7 +157,7 @@
 +		uint32_t *nb_descs)
  {
  	struct vring_desc *desc = cur_desc;
-@@ -799,6 +832,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -798,6 +831,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  	/* prepare */
  	/* iv */
 -	if (unlikely(copy_data(iv_data, vc_req, &desc,
@@ -165,14 +166,14 @@
 +			nb_descs) < 0)) {
  		ret = VIRTIO_CRYPTO_BADMSG;
  		goto error_exit;
-@@ -820,5 +853,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -819,5 +852,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				cipher->para.src_data_len) < 0)) {
 +				cipher->para.src_data_len, nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -837,6 +870,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -836,6 +869,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		}
  		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
 -				vc_req, &desc, cipher->para.src_data_len)
@@ -181,28 +182,28 @@
 +				nb_descs) < 0)) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -849,5 +882,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -848,5 +881,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  	/* dst */
 -	desc = find_write_desc(vc_req->head, desc);
 +	desc = find_write_desc(vc_req->head, desc, nb_descs);
  	if (unlikely(!desc)) {
  		VC_LOG_ERR("Cannot find write location");
-@@ -868,5 +901,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -867,5 +900,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				cipher->para.dst_data_len) < 0)) {
 +				cipher->para.dst_data_len, nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -879,5 +912,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -878,5 +911,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		vc_req->wb = prepare_write_back_data(vc_req, &desc, &ewb,
  				rte_pktmbuf_mtod(m_src, uint8_t *), 0,
 -				cipher->para.dst_data_len);
 +				cipher->para.dst_data_len, nb_descs);
  		if (unlikely(vc_req->wb == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -921,5 +954,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -920,5 +953,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		struct vhost_crypto_data_req *vc_req,
  		struct virtio_crypto_alg_chain_data_req *chain,
 -		struct vring_desc *cur_desc)
@@ -210,21 +211,21 @@
 +		uint32_t *nb_descs)
  {
  	struct vring_desc *desc = cur_desc, *digest_desc;
-@@ -934,5 +968,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -933,5 +967,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  	/* iv */
  	if (unlikely(copy_data(iv_data, vc_req, &desc,
 -			chain->para.iv_len) < 0)) {
 +			chain->para.iv_len, nb_descs) < 0)) {
  		ret = VIRTIO_CRYPTO_BADMSG;
  		goto error_exit;
-@@ -955,5 +989,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -954,5 +988,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.src_data_len) < 0)) {
 +				chain->para.src_data_len, nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -971,5 +1005,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -970,5 +1004,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		}
  		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
 -				vc_req, &desc, chain->para.src_data_len)) < 0) {
@@ -232,35 +233,35 @@
 +				nb_descs)) < 0) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -983,5 +1018,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -982,5 +1017,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  	/* dst */
 -	desc = find_write_desc(vc_req->head, desc);
 +	desc = find_write_desc(vc_req->head, desc, nb_descs);
  	if (unlikely(!desc)) {
  		VC_LOG_ERR("Cannot find write location");
-@@ -1002,5 +1037,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1001,5 +1036,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.dst_data_len) < 0)) {
 +				chain->para.dst_data_len, nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1019,5 +1054,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1018,5 +1053,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.hash_result_len) < 0)) {
 +				chain->para.hash_result_len, nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1031,5 +1066,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1030,5 +1065,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  				chain->para.cipher_start_src_offset,
  				chain->para.dst_data_len -
 -				chain->para.cipher_start_src_offset);
 +				chain->para.cipher_start_src_offset, nb_descs);
  		if (unlikely(vc_req->wb == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1044,5 +1079,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1043,5 +1078,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		/** create a wb_data for digest */
  		ewb->next = prepare_write_back_data(vc_req, &desc, &ewb2,
 -				digest_addr, 0, chain->para.hash_result_len);
@@ -268,20 +269,20 @@
 +				nb_descs);
  		if (unlikely(ewb->next == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1051,5 +1087,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1050,5 +1086,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(copy_data(digest_addr, vc_req, &digest_desc,
 -				chain->para.hash_result_len)) < 0) {
 +				chain->para.hash_result_len, nb_descs)) < 0) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -1110,4 +1146,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1109,4 +1145,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  	uint64_t session_id;
  	uint64_t dlen;
 +	uint32_t nb_descs = vq->size;
  	int err = 0;
  
-@@ -1118,4 +1155,8 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1117,4 +1154,8 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  	if (likely(head->flags & VRING_DESC_F_INDIRECT)) {
  		dlen = head->len;
 +		nb_descs = dlen / sizeof(struct vring_desc);
@@ -290,7 +291,7 @@
 +			return -1;
  		desc = IOVA_TO_VVA(struct vring_desc *, vc_req, head->addr,
  				&dlen, VHOST_ACCESS_RO);
-@@ -1140,6 +1181,6 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1139,6 +1180,6 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  		case RTE_VHOST_CRYPTO_ZERO_COPY_DISABLE:
  			req = &tmp_req;
 -			if (unlikely(copy_data(req, vc_req, &desc, sizeof(*req))
@@ -299,14 +300,14 @@
 +					&nb_descs) < 0)) {
  				err = VIRTIO_CRYPTO_BADMSG;
  				VC_LOG_ERR("Invalid descriptor");
-@@ -1154,5 +1195,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1153,5 +1194,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  	} else {
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				sizeof(*req)) < 0)) {
 +				sizeof(*req), &nb_descs) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			goto error_exit;
-@@ -1195,9 +1236,11 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1194,9 +1235,11 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  		case VIRTIO_CRYPTO_SYM_OP_CIPHER:
  			err = prepare_sym_cipher_op(vcrypto, op, vc_req,
 -					&req->u.sym_req.u.cipher, desc);
@@ -320,7 +321,7 @@
 +					&nb_descs);
  			break;
  		}
-@@ -1217,5 +1260,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1216,5 +1259,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  error_exit:
  
 -	inhdr = reach_inhdr(vc_req, desc);

[dpdk-stable] patch 'vhost/crypto: fix possible out of bound access' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From fd9dd27602a6494663ace53f0d52122ed9f0de1c Mon Sep 17 00:00:00 2001
From: Fan Zhang <roy.fan.zhang@intel.com>
Date: Fri, 4 Jan 2019 11:22:46 +0000
Subject: [PATCH] vhost/crypto: fix possible out of bound access

[ upstream commit 16d2e718b8ce7b775cd9118e6256dbad081433c3 ]

This patch fixes a out of bound access possbility in vhost
crypto. Originally the incorrect next descriptor index may
cause the library read invalid memory content and crash
the application.

Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
 lib/librte_vhost/vhost_crypto.c | 89 ++++++++++++++++++++-------------
 1 file changed, 53 insertions(+), 36 deletions(-)

diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
index 80b83ef77..0694c0a74 100644
--- a/lib/librte_vhost/vhost_crypto.c
+++ b/lib/librte_vhost/vhost_crypto.c
@@ -468,5 +468,5 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
 static __rte_always_inline struct vring_desc *
 find_write_desc(struct vring_desc *head, struct vring_desc *desc,
-		uint32_t *nb_descs)
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	if (desc->flags & VRING_DESC_F_WRITE)
@@ -474,5 +474,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
 
 	while (desc->flags & VRING_DESC_F_NEXT) {
-		if (unlikely(*nb_descs == 0))
+		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
 			return NULL;
 		(*nb_descs)--;
@@ -488,5 +488,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
 static struct virtio_crypto_inhdr *
 reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
-		uint32_t *nb_descs)
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	uint64_t dlen;
@@ -494,5 +494,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
 
 	while (desc->flags & VRING_DESC_F_NEXT) {
-		if (unlikely(*nb_descs == 0))
+		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
 			return NULL;
 		(*nb_descs)--;
@@ -511,5 +511,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
 static __rte_always_inline int
 move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
-		uint32_t size, uint32_t *nb_descs)
+		uint32_t size, uint32_t *nb_descs, uint32_t vq_size)
 {
 	struct vring_desc *desc = *cur_desc;
@@ -518,5 +518,5 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
 	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
 		(*nb_descs)--;
-		if (unlikely(*nb_descs == 0))
+		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
 			return -1;
 
@@ -531,6 +531,10 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
 	if (unlikely(*nb_descs == 0))
 		*cur_desc = NULL;
-	else
+	else {
+		if (unlikely(desc->next >= vq_size))
+			return -1;
 		*cur_desc = &head[desc->next];
+	}
+
 	return 0;
 }
@@ -554,5 +558,6 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
 static int
 copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
-		struct vring_desc **cur_desc, uint32_t size, uint32_t *nb_descs)
+		struct vring_desc **cur_desc, uint32_t size,
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	struct vring_desc *desc = *cur_desc;
@@ -596,5 +601,5 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 
 	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
-		if (unlikely(*nb_descs == 0)) {
+		if (unlikely(*nb_descs == 0 || desc->next >= vq_size)) {
 			VC_LOG_ERR("Invalid descriptors");
 			return -1;
@@ -646,6 +651,9 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 	if (unlikely(*nb_descs == 0))
 		*cur_desc = NULL;
-	else
+	else {
+		if (unlikely(desc->next >= vq_size))
+			return -1;
 		*cur_desc = &vc_req->head[desc->next];
+	}
 
 	return 0;
@@ -658,5 +666,4 @@ write_back_data(struct vhost_crypto_data_req *vc_req)
 
 	while (wb_data) {
-		rte_prefetch0(wb_data->next);
 		rte_memcpy(wb_data->dst, wb_data->src, wb_data->len);
 		wb_last = wb_data;
@@ -708,5 +715,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 		uint32_t offset,
 		uint64_t write_back_len,
-		uint32_t *nb_descs)
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	struct vhost_crypto_writeback_data *wb_data, *head;
@@ -755,5 +762,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 
 	while (write_back_len) {
-		if (unlikely(*nb_descs == 0)) {
+		if (unlikely(*nb_descs == 0 || desc->next >= vq_size)) {
 			VC_LOG_ERR("Invalid descriptors");
 			goto error_exit;
@@ -802,6 +809,9 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
 	if (unlikely(*nb_descs == 0))
 		*cur_desc = NULL;
-	else
+	else {
+		if (unlikely(desc->next >= vq_size))
+			goto error_exit;
 		*cur_desc = &vc_req->head[desc->next];
+	}
 
 	*end_wb_data = wb_data;
@@ -821,5 +831,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		struct virtio_crypto_cipher_data_req *cipher,
 		struct vring_desc *cur_desc,
-		uint32_t *nb_descs)
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	struct vring_desc *desc = cur_desc;
@@ -832,5 +842,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 	/* iv */
 	if (unlikely(copy_data(iv_data, vc_req, &desc, cipher->para.iv_len,
-			nb_descs) < 0)) {
+			nb_descs, vq_size) < 0)) {
 		ret = VIRTIO_CRYPTO_BADMSG;
 		goto error_exit;
@@ -852,5 +862,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				cipher->para.src_data_len, nb_descs) < 0)) {
+				cipher->para.src_data_len, nb_descs,
+				vq_size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -870,5 +881,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
 				vc_req, &desc, cipher->para.src_data_len,
-				nb_descs) < 0)) {
+				nb_descs, vq_size) < 0)) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -881,5 +892,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 	/* dst */
-	desc = find_write_desc(vc_req->head, desc, nb_descs);
+	desc = find_write_desc(vc_req->head, desc, nb_descs, vq_size);
 	if (unlikely(!desc)) {
 		VC_LOG_ERR("Cannot find write location");
@@ -900,5 +911,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				cipher->para.dst_data_len, nb_descs) < 0)) {
+				cipher->para.dst_data_len,
+				nb_descs, vq_size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -911,5 +923,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		vc_req->wb = prepare_write_back_data(vc_req, &desc, &ewb,
 				rte_pktmbuf_mtod(m_src, uint8_t *), 0,
-				cipher->para.dst_data_len, nb_descs);
+				cipher->para.dst_data_len, nb_descs, vq_size);
 		if (unlikely(vc_req->wb == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -954,5 +966,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		struct virtio_crypto_alg_chain_data_req *chain,
 		struct vring_desc *cur_desc,
-		uint32_t *nb_descs)
+		uint32_t *nb_descs, uint32_t vq_size)
 {
 	struct vring_desc *desc = cur_desc, *digest_desc;
@@ -967,5 +979,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 	/* iv */
 	if (unlikely(copy_data(iv_data, vc_req, &desc,
-			chain->para.iv_len, nb_descs) < 0)) {
+			chain->para.iv_len, nb_descs, vq_size) < 0)) {
 		ret = VIRTIO_CRYPTO_BADMSG;
 		goto error_exit;
@@ -988,5 +1000,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.src_data_len, nb_descs) < 0)) {
+				chain->para.src_data_len,
+				nb_descs, vq_size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1005,5 +1018,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
 				vc_req, &desc, chain->para.src_data_len,
-				nb_descs)) < 0) {
+				nb_descs, vq_size)) < 0) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -1017,5 +1030,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 	/* dst */
-	desc = find_write_desc(vc_req->head, desc, nb_descs);
+	desc = find_write_desc(vc_req->head, desc, nb_descs, vq_size);
 	if (unlikely(!desc)) {
 		VC_LOG_ERR("Cannot find write location");
@@ -1036,5 +1049,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.dst_data_len, nb_descs) < 0)) {
+				chain->para.dst_data_len,
+				nb_descs, vq_size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1053,5 +1067,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(move_desc(vc_req->head, &desc,
-				chain->para.hash_result_len, nb_descs) < 0)) {
+				chain->para.hash_result_len,
+				nb_descs, vq_size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1065,5 +1080,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 				chain->para.cipher_start_src_offset,
 				chain->para.dst_data_len -
-				chain->para.cipher_start_src_offset, nb_descs);
+				chain->para.cipher_start_src_offset,
+				nb_descs, vq_size);
 		if (unlikely(vc_req->wb == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1079,5 +1095,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 		ewb->next = prepare_write_back_data(vc_req, &desc, &ewb2,
 				digest_addr, 0, chain->para.hash_result_len,
-				nb_descs);
+				nb_descs, vq_size);
 		if (unlikely(ewb->next == NULL)) {
 			ret = VIRTIO_CRYPTO_ERR;
@@ -1086,5 +1102,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
 
 		if (unlikely(copy_data(digest_addr, vc_req, &digest_desc,
-				chain->para.hash_result_len, nb_descs)) < 0) {
+				chain->para.hash_result_len,
+				nb_descs, vq_size)) < 0) {
 			ret = VIRTIO_CRYPTO_BADMSG;
 			goto error_exit;
@@ -1181,5 +1198,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 			req = &tmp_req;
 			if (unlikely(copy_data(req, vc_req, &desc, sizeof(*req),
-					&nb_descs) < 0)) {
+					&nb_descs, vq->size) < 0)) {
 				err = VIRTIO_CRYPTO_BADMSG;
 				VC_LOG_ERR("Invalid descriptor");
@@ -1194,5 +1211,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 	} else {
 		if (unlikely(move_desc(vc_req->head, &desc,
-				sizeof(*req), &nb_descs) < 0)) {
+				sizeof(*req), &nb_descs, vq->size) < 0)) {
 			VC_LOG_ERR("Incorrect descriptor");
 			goto error_exit;
@@ -1236,10 +1253,10 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 			err = prepare_sym_cipher_op(vcrypto, op, vc_req,
 					&req->u.sym_req.u.cipher, desc,
-					&nb_descs);
+					&nb_descs, vq->size);
 			break;
 		case VIRTIO_CRYPTO_SYM_OP_ALGORITHM_CHAINING:
 			err = prepare_sym_chain_op(vcrypto, op, vc_req,
 					&req->u.sym_req.u.chain, desc,
-					&nb_descs);
+					&nb_descs, vq->size);
 			break;
 		}
@@ -1259,5 +1276,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
 error_exit:
 
-	inhdr = reach_inhdr(vc_req, desc, &nb_descs);
+	inhdr = reach_inhdr(vc_req, desc, &nb_descs, vq->size);
 	if (likely(inhdr != NULL))
 		inhdr->status = (uint8_t)err;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.421740311 +0000
+++ 0029-vhost-crypto-fix-possible-out-of-bound-access.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From 16d2e718b8ce7b775cd9118e6256dbad081433c3 Mon Sep 17 00:00:00 2001
+From fd9dd27602a6494663ace53f0d52122ed9f0de1c Mon Sep 17 00:00:00 2001
 From: Fan Zhang <roy.fan.zhang@intel.com>
 Date: Fri, 4 Jan 2019 11:22:46 +0000
 Subject: [PATCH] vhost/crypto: fix possible out of bound access
 
+[ upstream commit 16d2e718b8ce7b775cd9118e6256dbad081433c3 ]
+
 This patch fixes a out of bound access possbility in vhost
 crypto. Originally the incorrect next descriptor index may
 cause the library read invalid memory content and crash
 the application.
 
 Fixes: 3bb595ecd682 ("vhost/crypto: add request handler")
-Cc: stable@dpdk.org
 
 Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
@@ -18,52 +19,52 @@
  1 file changed, 53 insertions(+), 36 deletions(-)
 
 diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
-index e12458ce0..ebf26f030 100644
+index 80b83ef77..0694c0a74 100644
 --- a/lib/librte_vhost/vhost_crypto.c
 +++ b/lib/librte_vhost/vhost_crypto.c
-@@ -469,5 +469,5 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
+@@ -468,5 +468,5 @@ vhost_crypto_msg_post_handler(int vid, void *msg)
  static __rte_always_inline struct vring_desc *
  find_write_desc(struct vring_desc *head, struct vring_desc *desc,
 -		uint32_t *nb_descs)
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	if (desc->flags & VRING_DESC_F_WRITE)
-@@ -475,5 +475,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
+@@ -474,5 +474,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
  
  	while (desc->flags & VRING_DESC_F_NEXT) {
 -		if (unlikely(*nb_descs == 0))
 +		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
  			return NULL;
  		(*nb_descs)--;
-@@ -489,5 +489,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
+@@ -488,5 +488,5 @@ find_write_desc(struct vring_desc *head, struct vring_desc *desc,
  static struct virtio_crypto_inhdr *
  reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
 -		uint32_t *nb_descs)
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	uint64_t dlen;
-@@ -495,5 +495,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
+@@ -494,5 +494,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
  
  	while (desc->flags & VRING_DESC_F_NEXT) {
 -		if (unlikely(*nb_descs == 0))
 +		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
  			return NULL;
  		(*nb_descs)--;
-@@ -512,5 +512,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
+@@ -511,5 +511,5 @@ reach_inhdr(struct vhost_crypto_data_req *vc_req, struct vring_desc *desc,
  static __rte_always_inline int
  move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
 -		uint32_t size, uint32_t *nb_descs)
 +		uint32_t size, uint32_t *nb_descs, uint32_t vq_size)
  {
  	struct vring_desc *desc = *cur_desc;
-@@ -519,5 +519,5 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
+@@ -518,5 +518,5 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
  	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
  		(*nb_descs)--;
 -		if (unlikely(*nb_descs == 0))
 +		if (unlikely(*nb_descs == 0 || desc->next >= vq_size))
  			return -1;
  
-@@ -532,6 +532,10 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
+@@ -531,6 +531,10 @@ move_desc(struct vring_desc *head, struct vring_desc **cur_desc,
  	if (unlikely(*nb_descs == 0))
  		*cur_desc = NULL;
 -	else
@@ -75,7 +76,7 @@
 +
  	return 0;
  }
-@@ -555,5 +559,6 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
+@@ -554,5 +558,6 @@ get_data_ptr(struct vhost_crypto_data_req *vc_req, struct vring_desc *cur_desc,
  static int
  copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
 -		struct vring_desc **cur_desc, uint32_t size, uint32_t *nb_descs)
@@ -83,14 +84,14 @@
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	struct vring_desc *desc = *cur_desc;
-@@ -597,5 +602,5 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
+@@ -596,5 +601,5 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
  
  	while ((desc->flags & VRING_DESC_F_NEXT) && left > 0) {
 -		if (unlikely(*nb_descs == 0)) {
 +		if (unlikely(*nb_descs == 0 || desc->next >= vq_size)) {
  			VC_LOG_ERR("Invalid descriptors");
  			return -1;
-@@ -647,6 +652,9 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
+@@ -646,6 +651,9 @@ copy_data(void *dst_data, struct vhost_crypto_data_req *vc_req,
  	if (unlikely(*nb_descs == 0))
  		*cur_desc = NULL;
 -	else
@@ -101,27 +102,27 @@
 +	}
  
  	return 0;
-@@ -659,5 +667,4 @@ write_back_data(struct vhost_crypto_data_req *vc_req)
+@@ -658,5 +666,4 @@ write_back_data(struct vhost_crypto_data_req *vc_req)
  
  	while (wb_data) {
 -		rte_prefetch0(wb_data->next);
  		rte_memcpy(wb_data->dst, wb_data->src, wb_data->len);
  		wb_last = wb_data;
-@@ -709,5 +716,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -708,5 +715,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  		uint32_t offset,
  		uint64_t write_back_len,
 -		uint32_t *nb_descs)
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	struct vhost_crypto_writeback_data *wb_data, *head;
-@@ -756,5 +763,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -755,5 +762,5 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  
  	while (write_back_len) {
 -		if (unlikely(*nb_descs == 0)) {
 +		if (unlikely(*nb_descs == 0 || desc->next >= vq_size)) {
  			VC_LOG_ERR("Invalid descriptors");
  			goto error_exit;
-@@ -803,6 +810,9 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
+@@ -802,6 +809,9 @@ prepare_write_back_data(struct vhost_crypto_data_req *vc_req,
  	if (unlikely(*nb_descs == 0))
  		*cur_desc = NULL;
 -	else
@@ -132,21 +133,21 @@
 +	}
  
  	*end_wb_data = wb_data;
-@@ -822,5 +832,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -821,5 +831,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		struct virtio_crypto_cipher_data_req *cipher,
  		struct vring_desc *cur_desc,
 -		uint32_t *nb_descs)
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	struct vring_desc *desc = cur_desc;
-@@ -833,5 +843,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -832,5 +842,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  	/* iv */
  	if (unlikely(copy_data(iv_data, vc_req, &desc, cipher->para.iv_len,
 -			nb_descs) < 0)) {
 +			nb_descs, vq_size) < 0)) {
  		ret = VIRTIO_CRYPTO_BADMSG;
  		goto error_exit;
-@@ -853,5 +863,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -852,5 +862,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				cipher->para.src_data_len, nb_descs) < 0)) {
@@ -154,21 +155,21 @@
 +				vq_size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -871,5 +882,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -870,5 +881,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
  				vc_req, &desc, cipher->para.src_data_len,
 -				nb_descs) < 0)) {
 +				nb_descs, vq_size) < 0)) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -882,5 +893,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -881,5 +892,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  	/* dst */
 -	desc = find_write_desc(vc_req->head, desc, nb_descs);
 +	desc = find_write_desc(vc_req->head, desc, nb_descs, vq_size);
  	if (unlikely(!desc)) {
  		VC_LOG_ERR("Cannot find write location");
-@@ -901,5 +912,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -900,5 +911,6 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				cipher->para.dst_data_len, nb_descs) < 0)) {
@@ -176,28 +177,28 @@
 +				nb_descs, vq_size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -912,5 +924,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -911,5 +923,5 @@ prepare_sym_cipher_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		vc_req->wb = prepare_write_back_data(vc_req, &desc, &ewb,
  				rte_pktmbuf_mtod(m_src, uint8_t *), 0,
 -				cipher->para.dst_data_len, nb_descs);
 +				cipher->para.dst_data_len, nb_descs, vq_size);
  		if (unlikely(vc_req->wb == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -955,5 +967,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -954,5 +966,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		struct virtio_crypto_alg_chain_data_req *chain,
  		struct vring_desc *cur_desc,
 -		uint32_t *nb_descs)
 +		uint32_t *nb_descs, uint32_t vq_size)
  {
  	struct vring_desc *desc = cur_desc, *digest_desc;
-@@ -968,5 +980,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -967,5 +979,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  	/* iv */
  	if (unlikely(copy_data(iv_data, vc_req, &desc,
 -			chain->para.iv_len, nb_descs) < 0)) {
 +			chain->para.iv_len, nb_descs, vq_size) < 0)) {
  		ret = VIRTIO_CRYPTO_BADMSG;
  		goto error_exit;
-@@ -989,5 +1001,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -988,5 +1000,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.src_data_len, nb_descs) < 0)) {
@@ -205,21 +206,21 @@
 +				nb_descs, vq_size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1006,5 +1019,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1005,5 +1018,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		if (unlikely(copy_data(rte_pktmbuf_mtod(m_src, uint8_t *),
  				vc_req, &desc, chain->para.src_data_len,
 -				nb_descs)) < 0) {
 +				nb_descs, vq_size)) < 0) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -1018,5 +1031,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1017,5 +1030,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  	/* dst */
 -	desc = find_write_desc(vc_req->head, desc, nb_descs);
 +	desc = find_write_desc(vc_req->head, desc, nb_descs, vq_size);
  	if (unlikely(!desc)) {
  		VC_LOG_ERR("Cannot find write location");
-@@ -1037,5 +1050,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1036,5 +1049,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.dst_data_len, nb_descs) < 0)) {
@@ -227,7 +228,7 @@
 +				nb_descs, vq_size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1054,5 +1068,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1053,5 +1067,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				chain->para.hash_result_len, nb_descs) < 0)) {
@@ -235,7 +236,7 @@
 +				nb_descs, vq_size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1066,5 +1081,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1065,5 +1080,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  				chain->para.cipher_start_src_offset,
  				chain->para.dst_data_len -
 -				chain->para.cipher_start_src_offset, nb_descs);
@@ -243,14 +244,14 @@
 +				nb_descs, vq_size);
  		if (unlikely(vc_req->wb == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1080,5 +1096,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1079,5 +1095,5 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  		ewb->next = prepare_write_back_data(vc_req, &desc, &ewb2,
  				digest_addr, 0, chain->para.hash_result_len,
 -				nb_descs);
 +				nb_descs, vq_size);
  		if (unlikely(ewb->next == NULL)) {
  			ret = VIRTIO_CRYPTO_ERR;
-@@ -1087,5 +1103,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
+@@ -1086,5 +1102,6 @@ prepare_sym_chain_op(struct vhost_crypto *vcrypto, struct rte_crypto_op *op,
  
  		if (unlikely(copy_data(digest_addr, vc_req, &digest_desc,
 -				chain->para.hash_result_len, nb_descs)) < 0) {
@@ -258,21 +259,21 @@
 +				nb_descs, vq_size)) < 0) {
  			ret = VIRTIO_CRYPTO_BADMSG;
  			goto error_exit;
-@@ -1182,5 +1199,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1181,5 +1198,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  			req = &tmp_req;
  			if (unlikely(copy_data(req, vc_req, &desc, sizeof(*req),
 -					&nb_descs) < 0)) {
 +					&nb_descs, vq->size) < 0)) {
  				err = VIRTIO_CRYPTO_BADMSG;
  				VC_LOG_ERR("Invalid descriptor");
-@@ -1195,5 +1212,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1194,5 +1211,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  	} else {
  		if (unlikely(move_desc(vc_req->head, &desc,
 -				sizeof(*req), &nb_descs) < 0)) {
 +				sizeof(*req), &nb_descs, vq->size) < 0)) {
  			VC_LOG_ERR("Incorrect descriptor");
  			goto error_exit;
-@@ -1237,10 +1254,10 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1236,10 +1253,10 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  			err = prepare_sym_cipher_op(vcrypto, op, vc_req,
  					&req->u.sym_req.u.cipher, desc,
 -					&nb_descs);
@@ -285,7 +286,7 @@
 +					&nb_descs, vq->size);
  			break;
  		}
-@@ -1260,5 +1277,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
+@@ -1259,5 +1276,5 @@ vhost_crypto_process_one_req(struct vhost_crypto *vcrypto,
  error_exit:
  
 -	inhdr = reach_inhdr(vc_req, desc, &nb_descs);

[dpdk-stable] patch 'net/fm10k: fix internal switch initial status' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 35234c648c24823524900c82202d6716c63f5599 Mon Sep 17 00:00:00 2001
From: Julien Meunier <julien.meunier@nokia.com>
Date: Wed, 2 Jan 2019 17:57:45 +0200
Subject: [PATCH] net/fm10k: fix internal switch initial status

[ upstream commit 04018a4552e630a2c019bade0c6b5f822aded0c1 ]

sm_down is a boolean in order to check if the internal switch of the
fm10k is up or down. This variable is configured though an interrupt by
fm10k_dev_interrupt_handler_pf.

If sm_down is uninitialized, we are not sure of its value at the first
bring up. For example, if FM10K_EICR_SWITCHREADY is raised, the PMD will
try to reconfigure the switch, but it does not make sense, as it's the
first startup.

The sm_down implementation has been introduced
commit 6c9f37245583 ("net/fm10k: support switch restart on PF").

Fixes: 6f22f2f67268 ("net/fm10k: redefine link status semantics")

Signed-off-by: Julien Meunier <julien.meunier@nokia.com>
Acked-by: Xiao Wang <xiao.w.wang@intel.com>
---
 drivers/net/fm10k/fm10k_ethdev.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/drivers/net/fm10k/fm10k_ethdev.c b/drivers/net/fm10k/fm10k_ethdev.c
index 85fb6c5cb..caf4d1bc0 100644
--- a/drivers/net/fm10k/fm10k_ethdev.c
+++ b/drivers/net/fm10k/fm10k_ethdev.c
@@ -3004,4 +3004,5 @@ fm10k_params_init(struct rte_eth_dev *dev)
 
 	info->rx_vec_allowed = true;
+	info->sm_down = false;
 }
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.445861170 +0000
+++ 0030-net-fm10k-fix-internal-switch-initial-status.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 04018a4552e630a2c019bade0c6b5f822aded0c1 Mon Sep 17 00:00:00 2001
+From 35234c648c24823524900c82202d6716c63f5599 Mon Sep 17 00:00:00 2001
 From: Julien Meunier <julien.meunier@nokia.com>
 Date: Wed, 2 Jan 2019 17:57:45 +0200
 Subject: [PATCH] net/fm10k: fix internal switch initial status
 
+[ upstream commit 04018a4552e630a2c019bade0c6b5f822aded0c1 ]
+
 sm_down is a boolean in order to check if the internal switch of the
 fm10k is up or down. This variable is configured though an interrupt by
 fm10k_dev_interrupt_handler_pf.
@@ -16,7 +18,6 @@
 commit 6c9f37245583 ("net/fm10k: support switch restart on PF").
 
 Fixes: 6f22f2f67268 ("net/fm10k: redefine link status semantics")
-Cc: stable@dpdk.org
 
 Signed-off-by: Julien Meunier <julien.meunier@nokia.com>
 Acked-by: Xiao Wang <xiao.w.wang@intel.com>

[dpdk-stable] patch 'bus/dpaa: fix logical to physical core affine logic' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 8b38e808b5320a11ff70690876a2eab2d6c05d8b Mon Sep 17 00:00:00 2001
From: Hemant Agrawal <hemant.agrawal@nxp.com>
Date: Wed, 26 Dec 2018 11:33:47 +0000
Subject: [PATCH] bus/dpaa: fix logical to physical core affine logic

[ upstream commit afb2f8fd5a0fb82d38c51d6e100cc14220b7db7b ]

The code was treating the lcore id as physical core id.
The code is updated to use actual physical core value
for any core affinity logic.

Note that DPAA devices are single cluster systems.

Fixes: 5d944582d028 ("bus/dpaa: check portal presence in the caller function")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/bus/dpaa/dpaa_bus.c | 41 +++++++++++++++++++------------------
 1 file changed, 21 insertions(+), 20 deletions(-)

diff --git a/drivers/bus/dpaa/dpaa_bus.c b/drivers/bus/dpaa/dpaa_bus.c
index 204a50b1e..c7da96f8d 100644
--- a/drivers/bus/dpaa/dpaa_bus.c
+++ b/drivers/bus/dpaa/dpaa_bus.c
@@ -251,7 +251,6 @@ dpaa_clean_device_list(void)
 int rte_dpaa_portal_init(void *arg)
 {
-	cpu_set_t cpuset;
 	pthread_t id;
-	uint32_t cpu = rte_lcore_id();
+	unsigned int cpu, lcore = rte_lcore_id();
 	int ret;
 	struct dpaa_portal *dpaa_io_portal;
@@ -259,19 +258,19 @@ int rte_dpaa_portal_init(void *arg)
 	BUS_INIT_FUNC_TRACE();
 
-	if ((size_t)arg == 1 || cpu == LCORE_ID_ANY)
-		cpu = rte_get_master_lcore();
-	/* if the core id is not supported */
+	if ((size_t)arg == 1 || lcore == LCORE_ID_ANY)
+		lcore = rte_get_master_lcore();
 	else
-		if (cpu >= RTE_MAX_LCORE)
+		if (lcore >= RTE_MAX_LCORE)
 			return -1;
 
-	/* Set CPU affinity for this thread */
-	CPU_ZERO(&cpuset);
-	CPU_SET(cpu, &cpuset);
+	cpu = lcore_config[lcore].core_id;
+
+	/* Set CPU affinity for this thread.*/
 	id = pthread_self();
-	ret = pthread_setaffinity_np(id, sizeof(cpu_set_t), &cpuset);
+	ret = pthread_setaffinity_np(id, sizeof(cpu_set_t),
+			&lcore_config[lcore].cpuset);
 	if (ret) {
-		DPAA_BUS_LOG(ERR, "pthread_setaffinity_np failed on "
-			"core :%d with ret: %d", cpu, ret);
+		DPAA_BUS_LOG(ERR, "pthread_setaffinity_np failed on core :%u"
+			     " (lcore=%u) with ret: %d", cpu, lcore, ret);
 		return ret;
 	}
@@ -280,21 +279,23 @@ int rte_dpaa_portal_init(void *arg)
 	ret = bman_thread_init();
 	if (ret) {
-		DPAA_BUS_LOG(ERR, "bman_thread_init failed on "
-			"core %d with ret: %d", cpu, ret);
+		DPAA_BUS_LOG(ERR, "bman_thread_init failed on core %u"
+			     " (lcore=%u) with ret: %d", cpu, lcore, ret);
 		return ret;
 	}
 
-	DPAA_BUS_LOG(DEBUG, "BMAN thread initialized");
+	DPAA_BUS_LOG(DEBUG, "BMAN thread initialized - CPU=%d lcore=%d",
+		     cpu, lcore);
 
 	/* Initialise qman thread portals */
 	ret = qman_thread_init();
 	if (ret) {
-		DPAA_BUS_LOG(ERR, "bman_thread_init failed on "
-			"core %d with ret: %d", cpu, ret);
+		DPAA_BUS_LOG(ERR, "qman_thread_init failed on core %u"
+			    " (lcore=%u) with ret: %d", cpu, lcore, ret);
 		bman_thread_finish();
 		return ret;
 	}
 
-	DPAA_BUS_LOG(DEBUG, "QMAN thread initialized");
+	DPAA_BUS_LOG(DEBUG, "QMAN thread initialized - CPU=%d lcore=%d",
+		     cpu, lcore);
 
 	dpaa_io_portal = rte_malloc(NULL, sizeof(struct dpaa_portal),
@@ -313,6 +314,6 @@ int rte_dpaa_portal_init(void *arg)
 	ret = pthread_setspecific(dpaa_portal_key, (void *)dpaa_io_portal);
 	if (ret) {
-		DPAA_BUS_LOG(ERR, "pthread_setspecific failed on "
-			    "core %d with ret: %d", cpu, ret);
+		DPAA_BUS_LOG(ERR, "pthread_setspecific failed on core %u"
+			     " (lcore=%u) with ret: %d", cpu, lcore, ret);
 		dpaa_portal_finish(NULL);
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.469698848 +0000
+++ 0031-bus-dpaa-fix-logical-to-physical-core-affine-logic.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From afb2f8fd5a0fb82d38c51d6e100cc14220b7db7b Mon Sep 17 00:00:00 2001
+From 8b38e808b5320a11ff70690876a2eab2d6c05d8b Mon Sep 17 00:00:00 2001
 From: Hemant Agrawal <hemant.agrawal@nxp.com>
 Date: Wed, 26 Dec 2018 11:33:47 +0000
 Subject: [PATCH] bus/dpaa: fix logical to physical core affine logic
 
+[ upstream commit afb2f8fd5a0fb82d38c51d6e100cc14220b7db7b ]
+
 The code was treating the lcore id as physical core id.
 The code is updated to use actual physical core value
 for any core affinity logic.
@@ -10,7 +12,6 @@
 Note that DPAA devices are single cluster systems.
 
 Fixes: 5d944582d028 ("bus/dpaa: check portal presence in the caller function")
-Cc: stable@dpdk.org
 
 Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
 ---

[dpdk-stable] patch 'net/dpaa: fix secondary process' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 48d364bc9422810b57a9549c262b8d4055daeb6d Mon Sep 17 00:00:00 2001
From: Hemant Agrawal <hemant.agrawal@nxp.com>
Date: Wed, 26 Dec 2018 11:33:51 +0000
Subject: [PATCH] net/dpaa: fix secondary process

[ upstream commit 7c0304f3fae2e900f0fd0332f0e1aeecc66404f6 ]

In order to support I/O from secondary process, the
burst APIs and OPS APIs shall be mapped/plugged. This
patch fixes the code to remap the ops and burst apis.

Fixes: ff9e112d7870 ("net/dpaa: add NXP DPAA PMD driver skeleton")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/net/dpaa/dpaa_ethdev.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/drivers/net/dpaa/dpaa_ethdev.c b/drivers/net/dpaa/dpaa_ethdev.c
index d0572b3d9..5448a2ca7 100644
--- a/drivers/net/dpaa/dpaa_ethdev.c
+++ b/drivers/net/dpaa/dpaa_ethdev.c
@@ -1224,6 +1224,10 @@ dpaa_dev_init(struct rte_eth_dev *eth_dev)
 
 	/* For secondary processes, the primary has done all the work */
-	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		eth_dev->dev_ops = &dpaa_devops;
+		/* Plugging of UCODE burst API not supported in Secondary */
+		eth_dev->rx_pkt_burst = dpaa_eth_queue_rx;
 		return 0;
+	}
 
 	dpaa_device = DEV_TO_DPAA_DEVICE(eth_dev->device);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.491602693 +0000
+++ 0032-net-dpaa-fix-secondary-process.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 7c0304f3fae2e900f0fd0332f0e1aeecc66404f6 Mon Sep 17 00:00:00 2001
+From 48d364bc9422810b57a9549c262b8d4055daeb6d Mon Sep 17 00:00:00 2001
 From: Hemant Agrawal <hemant.agrawal@nxp.com>
 Date: Wed, 26 Dec 2018 11:33:51 +0000
 Subject: [PATCH] net/dpaa: fix secondary process
 
+[ upstream commit 7c0304f3fae2e900f0fd0332f0e1aeecc66404f6 ]
+
 In order to support I/O from secondary process, the
 burst APIs and OPS APIs shall be mapped/plugged. This
 patch fixes the code to remap the ops and burst apis.
 
 Fixes: ff9e112d7870 ("net/dpaa: add NXP DPAA PMD driver skeleton")
-Cc: stable@dpdk.org
 
 Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
 ---

[dpdk-stable] patch 'examples/flow_filtering: fix example documentation' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 6917704c7d09ff160237903d6d787fa109c8e923 Mon Sep 17 00:00:00 2001
From: Dekel Peled <dekelp@mellanox.com>
Date: Tue, 25 Dec 2018 09:42:18 +0200
Subject: [PATCH] examples/flow_filtering: fix example documentation

[ upstream commit d67b3f11d352544063fbdf2a8232563d88870d6a ]

Previous patch removed the VLAN item from example code.
This patch fixes the code and documentation accordingly.

Code update includes fix of comments, and removal of redundant
variables and their initialization.
Documentation update reflects the code changes done in previous
patch and in this patch.

Fixes: 9af4eb565710 ("examples/flow_filtering: remove VLAN item")

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
---
 doc/guides/sample_app_ug/flow_filtering.rst | 74 +++++----------------
 examples/flow_filtering/flow_blocks.c       | 18 ++---
 2 files changed, 21 insertions(+), 71 deletions(-)

diff --git a/doc/guides/sample_app_ug/flow_filtering.rst b/doc/guides/sample_app_ug/flow_filtering.rst
index 840d557c5..9dba85acf 100644
--- a/doc/guides/sample_app_ug/flow_filtering.rst
+++ b/doc/guides/sample_app_ug/flow_filtering.rst
@@ -54,5 +54,5 @@ Explanation
 -----------
 
-The example is build from 2 main files,
+The example is built from 2 files,
 ``main.c`` which holds the example logic and ``flow_blocks.c`` that holds the
 implementation for building the flow rule.
@@ -381,11 +381,7 @@ This function is located in the ``flow_blocks.c`` file.
            struct rte_flow_attr attr;
            struct rte_flow_item pattern[MAX_PATTERN_NUM];
-           struct rte_flow_action action[MAX_PATTERN_NUM];
+           struct rte_flow_action action[MAX_ACTION_NUM];
            struct rte_flow *flow = NULL;
            struct rte_flow_action_queue queue = { .index = rx_q };
-           struct rte_flow_item_eth eth_spec;
-           struct rte_flow_item_eth eth_mask;
-           struct rte_flow_item_vlan vlan_spec;
-           struct rte_flow_item_vlan vlan_mask;
            struct rte_flow_item_ipv4 ip_spec;
            struct rte_flow_item_ipv4 ip_mask;
@@ -405,5 +401,4 @@ This function is located in the ``flow_blocks.c`` file.
             * one action only,  move packet to queue
             */
-
            action[0].type = RTE_FLOW_ACTION_TYPE_QUEUE;
            action[0].conf = &queue;
@@ -411,29 +406,12 @@ This function is located in the ``flow_blocks.c`` file.
 
            /*
-            * set the first level of the pattern (eth).
+            * set the first level of the pattern (ETH).
             * since in this example we just want to get the
             * ipv4 we set this level to allow all.
             */
-           memset(&eth_spec, 0, sizeof(struct rte_flow_item_eth));
-           memset(&eth_mask, 0, sizeof(struct rte_flow_item_eth));
-           eth_spec.type = 0;
-           eth_mask.type = 0;
            pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;
-           pattern[0].spec = &eth_spec;
-           pattern[0].mask = &eth_mask;
 
            /*
-            * setting the second level of the pattern (vlan).
-            * since in this example we just want to get the
-            * ipv4 we also set this level to allow all.
-            */
-           memset(&vlan_spec, 0, sizeof(struct rte_flow_item_vlan));
-           memset(&vlan_mask, 0, sizeof(struct rte_flow_item_vlan));
-           pattern[1].type = RTE_FLOW_ITEM_TYPE_VLAN;
-           pattern[1].spec = &vlan_spec;
-           pattern[1].mask = &vlan_mask;
-
-           /*
-            * setting the third level of the pattern (ip).
+            * setting the second level of the pattern (IP).
             * in this example this is the level we care about
             * so we set it according to the parameters.
@@ -445,10 +423,10 @@ This function is located in the ``flow_blocks.c`` file.
            ip_spec.hdr.src_addr = htonl(src_ip);
            ip_mask.hdr.src_addr = src_mask;
-           pattern[2].type = RTE_FLOW_ITEM_TYPE_IPV4;
-           pattern[2].spec = &ip_spec;
-           pattern[2].mask = &ip_mask;
+           pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV4;
+           pattern[1].spec = &ip_spec;
+           pattern[1].mask = &ip_mask;
 
            /* the final level must be always type end */
-           pattern[3].type = RTE_FLOW_ITEM_TYPE_END;
+           pattern[2].type = RTE_FLOW_ITEM_TYPE_END;
 
            int res = rte_flow_validate(port_id, &attr, pattern, action, error);
@@ -465,12 +443,8 @@ The first part of the function is declaring the structures that will be used.
    struct rte_flow_attr attr;
    struct rte_flow_item pattern[MAX_PATTERN_NUM];
-   struct rte_flow_action action[MAX_PATTERN_NUM];
+   struct rte_flow_action action[MAX_ACTION_NUM];
    struct rte_flow *flow;
    struct rte_flow_error error;
    struct rte_flow_action_queue queue = { .index = rx_q };
-   struct rte_flow_item_eth eth_spec;
-   struct rte_flow_item_eth eth_mask;
-   struct rte_flow_item_vlan vlan_spec;
-   struct rte_flow_item_vlan vlan_mask;
    struct rte_flow_item_ipv4 ip_spec;
    struct rte_flow_item_ipv4 ip_mask;
@@ -492,6 +466,6 @@ the rule. In this case send the packet to queue.
    action[1].type = RTE_FLOW_ACTION_TYPE_END;
 
-The forth part is responsible for creating the pattern and is build from
-number of step. In each step we build one level of the pattern starting with
+The fourth part is responsible for creating the pattern and is built from
+number of steps. In each step we build one level of the pattern starting with
 the lowest one.
 
@@ -500,23 +474,7 @@ Setting the first level of the pattern ETH:
 .. code-block:: c
 
-   memset(&eth_spec, 0, sizeof(struct rte_flow_item_eth));
-   memset(&eth_mask, 0, sizeof(struct rte_flow_item_eth));
-   eth_spec.type = 0;
-   eth_mask.type = 0;
    pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;
-   pattern[0].spec = &eth_spec;
-   pattern[0].mask = &eth_mask;
 
-Setting the second level of the pattern VLAN:
-
-.. code-block:: c
-
-   memset(&vlan_spec, 0, sizeof(struct rte_flow_item_vlan));
-   memset(&vlan_mask, 0, sizeof(struct rte_flow_item_vlan));
-   pattern[1].type = RTE_FLOW_ITEM_TYPE_VLAN;
-   pattern[1].spec = &vlan_spec;
-   pattern[1].mask = &vlan_mask;
-
-Setting the third level ip:
+Setting the second level of the pattern IP:
 
 .. code-block:: c
@@ -528,7 +486,7 @@ Setting the third level ip:
    ip_spec.hdr.src_addr = htonl(src_ip);
    ip_mask.hdr.src_addr = src_mask;
-   pattern[2].type = RTE_FLOW_ITEM_TYPE_IPV4;
-   pattern[2].spec = &ip_spec;
-   pattern[2].mask = &ip_mask;
+   pattern[1].type = RTE_FLOW_ITEM_TYPE_IPV4;
+   pattern[1].spec = &ip_spec;
+   pattern[1].mask = &ip_mask;
 
 Closing the pattern part.
@@ -536,5 +494,5 @@ Closing the pattern part.
 .. code-block:: c
 
-   pattern[3].type = RTE_FLOW_ITEM_TYPE_END;
+   pattern[2].type = RTE_FLOW_ITEM_TYPE_END;
 
 The last part of the function is to validate the rule and create it.
diff --git a/examples/flow_filtering/flow_blocks.c b/examples/flow_filtering/flow_blocks.c
index bae711699..1edf6f9c6 100644
--- a/examples/flow_filtering/flow_blocks.c
+++ b/examples/flow_filtering/flow_blocks.c
@@ -3,5 +3,6 @@
  */
 
-#define MAX_PATTERN_NUM		4
+#define MAX_PATTERN_NUM		3
+#define MAX_ACTION_NUM		2
 
 struct rte_flow *
@@ -42,9 +43,7 @@ generate_ipv4_flow(uint16_t port_id, uint16_t rx_q,
 	struct rte_flow_attr attr;
 	struct rte_flow_item pattern[MAX_PATTERN_NUM];
-	struct rte_flow_action action[MAX_PATTERN_NUM];
+	struct rte_flow_action action[MAX_ACTION_NUM];
 	struct rte_flow *flow = NULL;
 	struct rte_flow_action_queue queue = { .index = rx_q };
-	struct rte_flow_item_eth eth_spec;
-	struct rte_flow_item_eth eth_mask;
 	struct rte_flow_item_ipv4 ip_spec;
 	struct rte_flow_item_ipv4 ip_mask;
@@ -65,5 +64,4 @@ generate_ipv4_flow(uint16_t port_id, uint16_t rx_q,
 	 * one action only,  move packet to queue
 	 */
-
 	action[0].type = RTE_FLOW_ACTION_TYPE_QUEUE;
 	action[0].conf = &queue;
@@ -71,18 +69,12 @@ generate_ipv4_flow(uint16_t port_id, uint16_t rx_q,
 
 	/*
-	 * set the first level of the pattern (eth).
+	 * set the first level of the pattern (ETH).
 	 * since in this example we just want to get the
 	 * ipv4 we set this level to allow all.
 	 */
-	memset(&eth_spec, 0, sizeof(struct rte_flow_item_eth));
-	memset(&eth_mask, 0, sizeof(struct rte_flow_item_eth));
-	eth_spec.type = 0;
-	eth_mask.type = 0;
 	pattern[0].type = RTE_FLOW_ITEM_TYPE_ETH;
-	pattern[0].spec = &eth_spec;
-	pattern[0].mask = &eth_mask;
 
 	/*
-	 * setting the third level of the pattern (ip).
+	 * setting the second level of the pattern (IP).
 	 * in this example this is the level we care about
 	 * so we set it according to the parameters.
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.514407309 +0000
+++ 0033-examples-flow_filtering-fix-example-documentation.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From d67b3f11d352544063fbdf2a8232563d88870d6a Mon Sep 17 00:00:00 2001
+From 6917704c7d09ff160237903d6d787fa109c8e923 Mon Sep 17 00:00:00 2001
 From: Dekel Peled <dekelp@mellanox.com>
 Date: Tue, 25 Dec 2018 09:42:18 +0200
 Subject: [PATCH] examples/flow_filtering: fix example documentation
 
+[ upstream commit d67b3f11d352544063fbdf2a8232563d88870d6a ]
+
 Previous patch removed the VLAN item from example code.
 This patch fixes the code and documentation accordingly.
 
@@ -12,7 +14,6 @@
 patch and in this patch.
 
 Fixes: 9af4eb565710 ("examples/flow_filtering: remove VLAN item")
-Cc: stable@dpdk.org
 
 Signed-off-by: Dekel Peled <dekelp@mellanox.com>
 Acked-by: Ori Kam <orika@mellanox.com>

[dpdk-stable] patch 'doc: fix a typo in testpmd guide' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From c8ff817d54ddd549b84e01e57c81ab9fa4da0fdd Mon Sep 17 00:00:00 2001
From: Rami Rosen <ramirose@gmail.com>
Date: Thu, 27 Dec 2018 21:59:05 +0200
Subject: [PATCH] doc: fix a typo in testpmd guide

[ upstream commit 3caef7e1625f9ef1cf6785522917cb844eab5168 ]

This patch fixes a typo in testpmd user guide.

Fixes: aac6f11f5864 ("app/testpmd: add ethernet peer command")

Signed-off-by: Rami Rosen <ramirose@gmail.com>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 doc/guides/testpmd_app_ug/testpmd_funcs.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/guides/testpmd_app_ug/testpmd_funcs.rst b/doc/guides/testpmd_app_ug/testpmd_funcs.rst
index cbf23e928..ab40b9f5f 100644
--- a/doc/guides/testpmd_app_ug/testpmd_funcs.rst
+++ b/doc/guides/testpmd_app_ug/testpmd_funcs.rst
@@ -1150,5 +1150,5 @@ set eth-peer
 Set the forwarding peer address for certain port::
 
-   testpmd> set eth-peer (port_id) (perr_addr)
+   testpmd> set eth-peer (port_id) (peer_addr)
 
 This is equivalent to the ``--eth-peer`` command-line option.
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.536347889 +0000
+++ 0034-doc-fix-a-typo-in-testpmd-guide.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,12 +1,13 @@
-From 3caef7e1625f9ef1cf6785522917cb844eab5168 Mon Sep 17 00:00:00 2001
+From c8ff817d54ddd549b84e01e57c81ab9fa4da0fdd Mon Sep 17 00:00:00 2001
 From: Rami Rosen <ramirose@gmail.com>
 Date: Thu, 27 Dec 2018 21:59:05 +0200
 Subject: [PATCH] doc: fix a typo in testpmd guide
 
+[ upstream commit 3caef7e1625f9ef1cf6785522917cb844eab5168 ]
+
 This patch fixes a typo in testpmd user guide.
 
 Fixes: aac6f11f5864 ("app/testpmd: add ethernet peer command")
-Cc: stable@dpdk.org
 
 Signed-off-by: Rami Rosen <ramirose@gmail.com>
 Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>

[dpdk-stable] patch 'doc: fix a parameter name in testpmd guide' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 5baba9097ab8732608f572951181b3e36193c7e0 Mon Sep 17 00:00:00 2001
From: Rami Rosen <ramirose@gmail.com>
Date: Fri, 4 Jan 2019 11:10:46 +0200
Subject: [PATCH] doc: fix a parameter name in testpmd guide

[ upstream commit 132a08b5879e4633f5a800c1774b36c26b72c5f3 ]

There is no parameter called "eth-peer-configfile" in testpmd.
It should be "eth-peers-configfile". See the usage() method in
app/test-pmd/parameters.c.

Fixes: a67857e97ba8 ("doc: clarify usage of testpmd MAC forward mode")

Signed-off-by: Rami Rosen <ramirose@gmail.com>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 doc/guides/testpmd_app_ug/testpmd_funcs.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/guides/testpmd_app_ug/testpmd_funcs.rst b/doc/guides/testpmd_app_ug/testpmd_funcs.rst
index ab40b9f5f..854af2d5f 100644
--- a/doc/guides/testpmd_app_ug/testpmd_funcs.rst
+++ b/doc/guides/testpmd_app_ug/testpmd_funcs.rst
@@ -305,5 +305,5 @@ The available information categories are:
   Default application behaviour is to set source Ethernet address to that of the transmitting interface, and destination
   address to a dummy value (set during init). The user may specify a target destination Ethernet address via the 'eth-peer' or
-  'eth-peer-configfile' command-line options. It is not currently possible to specify a specific source Ethernet address.
+  'eth-peers-configfile' command-line options. It is not currently possible to specify a specific source Ethernet address.
 
 * ``macswap``: MAC swap forwarding mode.
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.561977906 +0000
+++ 0035-doc-fix-a-parameter-name-in-testpmd-guide.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 132a08b5879e4633f5a800c1774b36c26b72c5f3 Mon Sep 17 00:00:00 2001
+From 5baba9097ab8732608f572951181b3e36193c7e0 Mon Sep 17 00:00:00 2001
 From: Rami Rosen <ramirose@gmail.com>
 Date: Fri, 4 Jan 2019 11:10:46 +0200
 Subject: [PATCH] doc: fix a parameter name in testpmd guide
 
+[ upstream commit 132a08b5879e4633f5a800c1774b36c26b72c5f3 ]
+
 There is no parameter called "eth-peer-configfile" in testpmd.
 It should be "eth-peers-configfile". See the usage() method in
 app/test-pmd/parameters.c.
 
 Fixes: a67857e97ba8 ("doc: clarify usage of testpmd MAC forward mode")
-Cc: stable@dpdk.org
 
 Signed-off-by: Rami Rosen <ramirose@gmail.com>
 Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>

[dpdk-stable] patch 'app/testpmd: fix quit to stop all ports before close' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From ca1931382bce5246f06bc5514ea972d9b021723b Mon Sep 17 00:00:00 2001
From: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Date: Fri, 4 Jan 2019 12:28:33 +0000
Subject: [PATCH] app/testpmd: fix quit to stop all ports before close

[ upstream commit 08fd782b8454ab9019290d35f4e5334b4235923e ]

This patch proposes a slightly different test-pmd quit operation: stop
all devices before starting to close any device. Basically, stop all
moving parts before beginning to remove them. The current test-pmd quit
is stopping and closing each device before moving to the next device.

If all devices in the system are independent of each other, this
difference is usually not important. In case of Soft NIC devices, any
such virtual device typically depends on one or more physical devices
being alive, as it accesses their queues, so this difference becomes
important.

Without this straightforward fix, all the Soft NIC devices need to be
manually stopped before the quit command is issued, otherwise the quit
command can sometimes crash the test-pmd application.

Fixes: d3a274ce9dee ("app/testpmd: handle SIGINT and SIGTERM")

Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
---
 app/test-pmd/testpmd.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/test-pmd/testpmd.c b/app/test-pmd/testpmd.c
index 4c75587d0..7b0c8e682 100644
--- a/app/test-pmd/testpmd.c
+++ b/app/test-pmd/testpmd.c
@@ -2407,7 +2407,11 @@ pmd_test_exit(void)
 		no_link_check = 1;
 		RTE_ETH_FOREACH_DEV(pt_id) {
-			printf("\nShutting down port %d...\n", pt_id);
+			printf("\nStopping port %d...\n", pt_id);
 			fflush(stdout);
 			stop_port(pt_id);
+		}
+		RTE_ETH_FOREACH_DEV(pt_id) {
+			printf("\nShutting down port %d...\n", pt_id);
+			fflush(stdout);
 			close_port(pt_id);
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.586619948 +0000
+++ 0036-app-testpmd-fix-quit-to-stop-all-ports-before-close.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 08fd782b8454ab9019290d35f4e5334b4235923e Mon Sep 17 00:00:00 2001
+From ca1931382bce5246f06bc5514ea972d9b021723b Mon Sep 17 00:00:00 2001
 From: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
 Date: Fri, 4 Jan 2019 12:28:33 +0000
 Subject: [PATCH] app/testpmd: fix quit to stop all ports before close
 
+[ upstream commit 08fd782b8454ab9019290d35f4e5334b4235923e ]
+
 This patch proposes a slightly different test-pmd quit operation: stop
 all devices before starting to close any device. Basically, stop all
 moving parts before beginning to remove them. The current test-pmd quit
@@ -19,7 +21,6 @@
 command can sometimes crash the test-pmd application.
 
 Fixes: d3a274ce9dee ("app/testpmd: handle SIGINT and SIGTERM")
-Cc: stable@dpdk.org
 
 Signed-off-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
 Acked-by: Bernard Iremonger <bernard.iremonger@intel.com>
@@ -28,10 +29,10 @@
  1 file changed, 5 insertions(+), 1 deletion(-)
 
 diff --git a/app/test-pmd/testpmd.c b/app/test-pmd/testpmd.c
-index 8d584b008..15a948828 100644
+index 4c75587d0..7b0c8e682 100644
 --- a/app/test-pmd/testpmd.c
 +++ b/app/test-pmd/testpmd.c
-@@ -2392,7 +2392,11 @@ pmd_test_exit(void)
+@@ -2407,7 +2407,11 @@ pmd_test_exit(void)
  		no_link_check = 1;
  		RTE_ETH_FOREACH_DEV(pt_id) {
 -			printf("\nShutting down port %d...\n", pt_id);

[dpdk-stable] patch 'net/bonding: fix possible null pointer reference' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From bd4ccb020058a258f7bb76b1495aeee5694cd51c Mon Sep 17 00:00:00 2001
From: Declan Doherty <declan.doherty@intel.com>
Date: Tue, 8 Jan 2019 11:17:56 +0000
Subject: [PATCH] net/bonding: fix possible null pointer reference

[ upstream commit e6b8757bb72caa565d24282ad8e405f28e3a34a9 ]

In function check_for_bonded_ethdev the driver name is used without
validating the pointer references in the passed ethdev object.

Fixes: 740feaf349b1 ("ethdev: remove driver name from device private data")

Signed-off-by: Declan Doherty <declan.doherty@intel.com>
---
 drivers/net/bonding/rte_eth_bond_api.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/drivers/net/bonding/rte_eth_bond_api.c b/drivers/net/bonding/rte_eth_bond_api.c
index 21bcd5044..e5e146540 100644
--- a/drivers/net/bonding/rte_eth_bond_api.c
+++ b/drivers/net/bonding/rte_eth_bond_api.c
@@ -20,5 +20,8 @@ check_for_bonded_ethdev(const struct rte_eth_dev *eth_dev)
 {
 	/* Check valid pointer */
-	if (eth_dev->device->driver->name == NULL)
+	if (eth_dev == NULL ||
+		eth_dev->device == NULL ||
+		eth_dev->device->driver == NULL ||
+		eth_dev->device->driver->name == NULL)
 		return -1;
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.610730007 +0000
+++ 0037-net-bonding-fix-possible-null-pointer-reference.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From e6b8757bb72caa565d24282ad8e405f28e3a34a9 Mon Sep 17 00:00:00 2001
+From bd4ccb020058a258f7bb76b1495aeee5694cd51c Mon Sep 17 00:00:00 2001
 From: Declan Doherty <declan.doherty@intel.com>
 Date: Tue, 8 Jan 2019 11:17:56 +0000
 Subject: [PATCH] net/bonding: fix possible null pointer reference
 
+[ upstream commit e6b8757bb72caa565d24282ad8e405f28e3a34a9 ]
+
 In function check_for_bonded_ethdev the driver name is used without
 validating the pointer references in the passed ethdev object.
 
 Fixes: 740feaf349b1 ("ethdev: remove driver name from device private data")
-Cc: stable@dpdk.org
 
 Signed-off-by: Declan Doherty <declan.doherty@intel.com>
 ---

[dpdk-stable] patch 'net/sfc: add missing header guard to TSO header file' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 5682610971d6e9a2e4c6fff4f1ac37ef40214dac Mon Sep 17 00:00:00 2001
From: Ivan Malov <ivan.malov@oktetlabs.ru>
Date: Wed, 9 Jan 2019 11:05:13 +0000
Subject: [PATCH] net/sfc: add missing header guard to TSO header file

[ upstream commit d542b9577f535b9dc18047b30a9b48acb383c7f8 ]

Add missing header guard, including compiler directive for cplusplus.

Fixes: f1f575be9b76 ("net/sfc: put generalised TSO declarations in a header")

Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
---
 drivers/net/sfc/sfc_tso.h | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/drivers/net/sfc/sfc_tso.h b/drivers/net/sfc/sfc_tso.h
index 3d2faf549..f89aef07c 100644
--- a/drivers/net/sfc/sfc_tso.h
+++ b/drivers/net/sfc/sfc_tso.h
@@ -8,4 +8,11 @@
  */
 
+#ifndef _SFC_TSO_H
+#define _SFC_TSO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
 /** Standard TSO header length */
 #define SFC_TSOH_STD_LEN	256
@@ -22,2 +29,8 @@
 unsigned int sfc_tso_prepare_header(uint8_t *tsoh, size_t header_len,
 				    struct rte_mbuf **in_seg, size_t *in_off);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  /* _SFC_TSO_H */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.633635430 +0000
+++ 0038-net-sfc-add-missing-header-guard-to-TSO-header-file.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,12 +1,13 @@
-From d542b9577f535b9dc18047b30a9b48acb383c7f8 Mon Sep 17 00:00:00 2001
+From 5682610971d6e9a2e4c6fff4f1ac37ef40214dac Mon Sep 17 00:00:00 2001
 From: Ivan Malov <ivan.malov@oktetlabs.ru>
 Date: Wed, 9 Jan 2019 11:05:13 +0000
 Subject: [PATCH] net/sfc: add missing header guard to TSO header file
 
+[ upstream commit d542b9577f535b9dc18047b30a9b48acb383c7f8 ]
+
 Add missing header guard, including compiler directive for cplusplus.
 
 Fixes: f1f575be9b76 ("net/sfc: put generalised TSO declarations in a header")
-Cc: stable@dpdk.org
 
 Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
 Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>

[dpdk-stable] patch 'net/sfc: discard last seen VLAN TCI if Tx packet is dropped' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From ca3d65836161370e7593d4b85fe944b71e551fd8 Mon Sep 17 00:00:00 2001
From: Ivan Malov <ivan.malov@oktetlabs.ru>
Date: Wed, 9 Jan 2019 11:06:39 +0000
Subject: [PATCH] net/sfc: discard last seen VLAN TCI if Tx packet is dropped

[ upstream commit 649885c08e51bcb8680ed2aa522d0f5160dd8fb1 ]

Early processing of a packet on transmit may change last seen
VLAN TCI in the queue context. If such a packet is eventually
dropped, last seen VLAN TCI must be set to its previous value.

Fixes: 7fd636815a43 ("net/sfc: support VLAN offload on transmit path")

Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
---
 drivers/net/sfc/sfc_tx.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/drivers/net/sfc/sfc_tx.c b/drivers/net/sfc/sfc_tx.c
index cce823954..aa73d2642 100644
--- a/drivers/net/sfc/sfc_tx.c
+++ b/drivers/net/sfc/sfc_tx.c
@@ -713,4 +713,5 @@ sfc_efx_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts)
 	     (pkts_sent < nb_pkts) && (fill_level <= soft_max_fill);
 	     pkts_sent++, pktp++) {
+		uint16_t		hw_vlan_tci_prev = txq->hw_vlan_tci;
 		struct rte_mbuf		*m_seg = *pktp;
 		size_t			pkt_len = m_seg->pkt_len;
@@ -751,4 +752,5 @@ sfc_efx_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts)
 				 */
 				pend -= pkt_descs;
+				txq->hw_vlan_tci = hw_vlan_tci_prev;
 
 				rte_pktmbuf_free(*pktp);
@@ -820,8 +822,10 @@ sfc_efx_xmit_pkts(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts)
 				if (fill_level > hard_max_fill) {
 					pend -= pkt_descs;
+					txq->hw_vlan_tci = hw_vlan_tci_prev;
 					break;
 				}
 			} else {
 				pend -= pkt_descs;
+				txq->hw_vlan_tci = hw_vlan_tci_prev;
 				break;
 			}
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.655119402 +0000
+++ 0039-net-sfc-discard-last-seen-VLAN-TCI-if-Tx-packet-is-d.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From 649885c08e51bcb8680ed2aa522d0f5160dd8fb1 Mon Sep 17 00:00:00 2001
+From ca3d65836161370e7593d4b85fe944b71e551fd8 Mon Sep 17 00:00:00 2001
 From: Ivan Malov <ivan.malov@oktetlabs.ru>
 Date: Wed, 9 Jan 2019 11:06:39 +0000
 Subject: [PATCH] net/sfc: discard last seen VLAN TCI if Tx packet is dropped
 
+[ upstream commit 649885c08e51bcb8680ed2aa522d0f5160dd8fb1 ]
+
 Early processing of a packet on transmit may change last seen
 VLAN TCI in the queue context. If such a packet is eventually
 dropped, last seen VLAN TCI must be set to its previous value.
 
 Fixes: 7fd636815a43 ("net/sfc: support VLAN offload on transmit path")
-Cc: stable@dpdk.org
 
 Signed-off-by: Ivan Malov <ivan.malov@oktetlabs.ru>
 Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>

[dpdk-stable] patch 'net/sfc/base: fix Tx descriptor max number check' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From c778554d184f01acfd6aa2ec9fdae4ccdb0ac511 Mon Sep 17 00:00:00 2001
From: Igor Romanov <igor.romanov@oktetlabs.ru>
Date: Wed, 9 Jan 2019 11:12:07 +0000
Subject: [PATCH] net/sfc/base: fix Tx descriptor max number check

[ upstream commit 31c2379bad4157ca0beb05c9d2b49395b68f373b ]

Fix check of maximum descriptor number (compare with maximum Tx
descriptor number instead of maximum EVQ events number).

Fixes: f7dc06bf35f2 ("net/sfc/base: import 5xxx/6xxx family support")

Signed-off-by: Igor Romanov <igor.romanov@oktetlabs.ru>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
---
 drivers/net/sfc/base/efx_tx.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/net/sfc/base/efx_tx.c b/drivers/net/sfc/base/efx_tx.c
index bf1180a1e..9fa9e2ed1 100644
--- a/drivers/net/sfc/base/efx_tx.c
+++ b/drivers/net/sfc/base/efx_tx.c
@@ -927,5 +927,6 @@ siena_tx_qcreate(
 
 	if (!ISP2(ndescs) ||
-	    (ndescs < EFX_TXQ_MINNDESCS) || (ndescs > EFX_EVQ_MAXNEVS)) {
+	    (ndescs < EFX_TXQ_MINNDESCS) ||
+	    (ndescs > encp->enc_txq_max_ndescs)) {
 		rc = EINVAL;
 		goto fail1;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.676922460 +0000
+++ 0040-net-sfc-base-fix-Tx-descriptor-max-number-check.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 31c2379bad4157ca0beb05c9d2b49395b68f373b Mon Sep 17 00:00:00 2001
+From c778554d184f01acfd6aa2ec9fdae4ccdb0ac511 Mon Sep 17 00:00:00 2001
 From: Igor Romanov <igor.romanov@oktetlabs.ru>
 Date: Wed, 9 Jan 2019 11:12:07 +0000
 Subject: [PATCH] net/sfc/base: fix Tx descriptor max number check
 
+[ upstream commit 31c2379bad4157ca0beb05c9d2b49395b68f373b ]
+
 Fix check of maximum descriptor number (compare with maximum Tx
 descriptor number instead of maximum EVQ events number).
 
 Fixes: f7dc06bf35f2 ("net/sfc/base: import 5xxx/6xxx family support")
-Cc: stable@dpdk.org
 
 Signed-off-by: Igor Romanov <igor.romanov@oktetlabs.ru>
 Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>

[dpdk-stable] patch 'net/virtio: add barrier before reading the flags' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 60b2f24165822233009a22a81e2bfa2d90650f12 Mon Sep 17 00:00:00 2001
From: Ilya Maximets <i.maximets@samsung.com>
Date: Wed, 9 Jan 2019 17:50:13 +0300
Subject: [PATCH] net/virtio: add barrier before reading the flags

[ upstream commit d21d05c7a9c1c49ec927f961c4ab797a598af5ca ]

Reading the used->flags could be reordered with avail->idx update.
vhost in kernel disables notifications for the time of packets
receiving, like this:

    1. disable notify
    2. process packets
    3. enable notify
    4. has more packets ? goto 1

In case of reordering, virtio driver could read the flags on
step 2 while notifications disabled and update avail->idx after
the step 4, i.e. vhost will exit the loop on step 4 with
notifications enabled, but virtio will not notify.

Fixes: c1f86306a026 ("virtio: add new driver")

Reported-by: Shahaf Shuler <shahafs@mellanox.com>
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
---
 drivers/net/virtio/virtqueue.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/drivers/net/virtio/virtqueue.h b/drivers/net/virtio/virtqueue.h
index 26518ed98..2e2abf15b 100644
--- a/drivers/net/virtio/virtqueue.h
+++ b/drivers/net/virtio/virtqueue.h
@@ -337,4 +337,9 @@ static inline int
 virtqueue_kick_prepare(struct virtqueue *vq)
 {
+	/*
+	 * Ensure updated avail->idx is visible to vhost before reading
+	 * the used->flags.
+	 */
+	virtio_mb();
 	return !(vq->vq_ring.used->flags & VRING_USED_F_NO_NOTIFY);
 }
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.699131544 +0000
+++ 0041-net-virtio-add-barrier-before-reading-the-flags.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From d21d05c7a9c1c49ec927f961c4ab797a598af5ca Mon Sep 17 00:00:00 2001
+From 60b2f24165822233009a22a81e2bfa2d90650f12 Mon Sep 17 00:00:00 2001
 From: Ilya Maximets <i.maximets@samsung.com>
 Date: Wed, 9 Jan 2019 17:50:13 +0300
 Subject: [PATCH] net/virtio: add barrier before reading the flags
 
+[ upstream commit d21d05c7a9c1c49ec927f961c4ab797a598af5ca ]
+
 Reading the used->flags could be reordered with avail->idx update.
 vhost in kernel disables notifications for the time of packets
 receiving, like this:
@@ -18,21 +20,20 @@
 notifications enabled, but virtio will not notify.
 
 Fixes: c1f86306a026 ("virtio: add new driver")
-Cc: stable@dpdk.org
 
 Reported-by: Shahaf Shuler <shahafs@mellanox.com>
 Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
 Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
 Acked-by: Michael S. Tsirkin <mst@redhat.com>
 ---
- drivers/net/virtio/virtqueue.h | 8 ++++++++
- 1 file changed, 8 insertions(+)
+ drivers/net/virtio/virtqueue.h | 5 +++++
+ 1 file changed, 5 insertions(+)
 
 diff --git a/drivers/net/virtio/virtqueue.h b/drivers/net/virtio/virtqueue.h
-index d8ae5cdec..dffa03669 100644
+index 26518ed98..2e2abf15b 100644
 --- a/drivers/net/virtio/virtqueue.h
 +++ b/drivers/net/virtio/virtqueue.h
-@@ -416,4 +416,9 @@ static inline int
+@@ -337,4 +337,9 @@ static inline int
  virtqueue_kick_prepare(struct virtqueue *vq)
  {
 +	/*
@@ -42,14 +43,6 @@
 +	virtio_mb();
  	return !(vq->vq_ring.used->flags & VRING_USED_F_NO_NOTIFY);
  }
-@@ -424,4 +429,7 @@ virtqueue_kick_prepare_packed(struct virtqueue *vq)
- 	uint16_t flags;
- 
-+	/*
-+	 * Ensure updated data is visible to vhost before reading the flags.
-+	 */
- 	virtio_mb();
- 	flags = vq->ring_packed.device_event->desc_event_flags;
 -- 
 2.19.0
 

[dpdk-stable] patch 'bus/fslmc: fix to reset portal memory before use' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 2f43b079d4591d9302997847b4fd1ed3e2e5a33a Mon Sep 17 00:00:00 2001
From: Sachin Saxena <sachin.saxena@nxp.com>
Date: Fri, 11 Jan 2019 12:24:04 +0000
Subject: [PATCH] bus/fslmc: fix to reset portal memory before use

[ upstream commit 34cb995cde6136c75951b72be9867c2677f2a493 ]

Uninitialized portal memory is causing unwanted issues.

Fixes: 293c0ca94c36 ("bus/fslmc: support memory backed portals with QBMAN 5.0")

Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index ce0699842..4fc6efec5 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -370,4 +370,6 @@ dpaa2_create_dpio_device(int vdev_fd,
 
 	dpio_dev->dpio = malloc(sizeof(struct fsl_mc_io));
+	memset(dpio_dev->dpio, 0, sizeof(struct fsl_mc_io));
+
 	if (!dpio_dev->dpio) {
 		DPAA2_BUS_ERR("Memory allocation failure");
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.721188756 +0000
+++ 0042-bus-fslmc-fix-to-reset-portal-memory-before-use.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,12 +1,13 @@
-From 34cb995cde6136c75951b72be9867c2677f2a493 Mon Sep 17 00:00:00 2001
+From 2f43b079d4591d9302997847b4fd1ed3e2e5a33a Mon Sep 17 00:00:00 2001
 From: Sachin Saxena <sachin.saxena@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:04 +0000
 Subject: [PATCH] bus/fslmc: fix to reset portal memory before use
 
+[ upstream commit 34cb995cde6136c75951b72be9867c2677f2a493 ]
+
 Uninitialized portal memory is causing unwanted issues.
 
 Fixes: 293c0ca94c36 ("bus/fslmc: support memory backed portals with QBMAN 5.0")
-Cc: stable@dpdk.org
 
 Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
 Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>

[dpdk-stable] patch 'bus/fslmc: fix ring mode to use correct cache settings' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 5c07eee5a50de593e760d8879b94be02a0897723 Mon Sep 17 00:00:00 2001
From: Youri Querry <youri.querry_1@nxp.com>
Date: Fri, 11 Jan 2019 12:24:08 +0000
Subject: [PATCH] bus/fslmc: fix ring mode to use correct cache settings

[ upstream commit 2557cf8f9e5b187622d8a863e0f452773f5e0082 ]

The code was incorrectly using the cache inhibited access.
It shall use cached enabled access for better performance.

Fixes: 293c0ca94c36 ("bus/fslmc: support memory backed portals with QBMAN 5.0")

Signed-off-by: Youri Querry <youri.querry_1@nxp.com>
Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>
---
 drivers/bus/fslmc/qbman/qbman_portal.c | 12 ++++++------
 drivers/bus/fslmc/qbman/qbman_sys.h    |  1 +
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/drivers/bus/fslmc/qbman/qbman_portal.c b/drivers/bus/fslmc/qbman/qbman_portal.c
index 3380e54f5..bbea37efc 100644
--- a/drivers/bus/fslmc/qbman/qbman_portal.c
+++ b/drivers/bus/fslmc/qbman/qbman_portal.c
@@ -684,6 +684,6 @@ static int qbman_swp_enqueue_ring_mode_mem_back(struct qbman_swp *s,
 	if (!s->eqcr.available) {
 		eqcr_ci = s->eqcr.ci;
-		s->eqcr.ci = qbman_cinh_read(&s->sys,
-				QBMAN_CENA_SWP_EQCR_CI) & full_mask;
+		s->eqcr.ci = qbman_cena_read_reg(&s->sys,
+				QBMAN_CENA_SWP_EQCR_CI_MEMBACK) & full_mask;
 		s->eqcr.available = qm_cyc_diff(s->eqcr.pi_ring_size,
 				eqcr_ci, s->eqcr.ci);
@@ -810,6 +810,6 @@ static int qbman_swp_enqueue_multiple_mem_back(struct qbman_swp *s,
 	if (!s->eqcr.available) {
 		eqcr_ci = s->eqcr.ci;
-		s->eqcr.ci = qbman_cinh_read(&s->sys,
-				QBMAN_CENA_SWP_EQCR_CI) & full_mask;
+		s->eqcr.ci = qbman_cena_read_reg(&s->sys,
+				QBMAN_CENA_SWP_EQCR_CI_MEMBACK) & full_mask;
 		s->eqcr.available = qm_cyc_diff(s->eqcr.pi_ring_size,
 					eqcr_ci, s->eqcr.ci);
@@ -942,6 +942,6 @@ static int qbman_swp_enqueue_multiple_desc_mem_back(struct qbman_swp *s,
 	if (!s->eqcr.available) {
 		eqcr_ci = s->eqcr.ci;
-		s->eqcr.ci = qbman_cinh_read(&s->sys,
-				QBMAN_CENA_SWP_EQCR_CI) & full_mask;
+		s->eqcr.ci = qbman_cena_read_reg(&s->sys,
+				QBMAN_CENA_SWP_EQCR_CI_MEMBACK) & full_mask;
 		s->eqcr.available = qm_cyc_diff(s->eqcr.pi_ring_size,
 					eqcr_ci, s->eqcr.ci);
diff --git a/drivers/bus/fslmc/qbman/qbman_sys.h b/drivers/bus/fslmc/qbman/qbman_sys.h
index d41af8358..0571097ab 100644
--- a/drivers/bus/fslmc/qbman/qbman_sys.h
+++ b/drivers/bus/fslmc/qbman/qbman_sys.h
@@ -56,4 +56,5 @@
 #define QBMAN_CENA_SWP_VDQCR   0x780
 #define QBMAN_CENA_SWP_EQCR_CI 0x840
+#define QBMAN_CENA_SWP_EQCR_CI_MEMBACK 0x1840
 
 /* CENA register offsets in memory-backed mode */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.742782804 +0000
+++ 0043-bus-fslmc-fix-ring-mode-to-use-correct-cache-setting.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 2557cf8f9e5b187622d8a863e0f452773f5e0082 Mon Sep 17 00:00:00 2001
+From 5c07eee5a50de593e760d8879b94be02a0897723 Mon Sep 17 00:00:00 2001
 From: Youri Querry <youri.querry_1@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:08 +0000
 Subject: [PATCH] bus/fslmc: fix ring mode to use correct cache settings
 
+[ upstream commit 2557cf8f9e5b187622d8a863e0f452773f5e0082 ]
+
 The code was incorrectly using the cache inhibited access.
 It shall use cached enabled access for better performance.
 
 Fixes: 293c0ca94c36 ("bus/fslmc: support memory backed portals with QBMAN 5.0")
-Cc: stable@dpdk.org
 
 Signed-off-by: Youri Querry <youri.querry_1@nxp.com>
 Acked-by: Shreyansh Jain <shreyansh.jain@nxp.com>

[dpdk-stable] patch 'bus/fslmc: fix to use correct physical core for logical core' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From e6ca4a30daf21815100b6d1cc4b0d05c35151573 Mon Sep 17 00:00:00 2001
From: Hemant Agrawal <hemant.agrawal@nxp.com>
Date: Fri, 11 Jan 2019 12:24:12 +0000
Subject: [PATCH] bus/fslmc: fix to use correct physical core for logical core

[ upstream commit 69a63c17fe79190b5caf6f91b02592106b96ce63 ]

Existing code is using the lcore id as the physical core
id. Add code to get the right physical id.

Also, dpaa2 can not support one lcore mapping to multiple cpus,
print err on such cases.

Fixes: ce9efbf5bb09 ("bus/fslmc: support dynamic logging")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 76 ++++++++++++++++++++----
 1 file changed, 63 insertions(+), 13 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 4fc6efec5..ba2e28ce1 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -54,4 +54,8 @@ static uint32_t io_space_count;
 uint32_t dpaa2_svr_family;
 
+/* Physical core id for lcores running on dpaa2. */
+/* DPAA2 only support 1 lcore to 1 phy cpu mapping */
+static unsigned int dpaa2_cpu[RTE_MAX_LCORE];
+
 /* Variable to store DPAA2 DQRR size */
 uint8_t dpaa2_dqrr_size;
@@ -93,5 +97,6 @@ dpaa2_core_cluster_sdest(int cpu_id)
 
 #ifdef RTE_LIBRTE_PMD_DPAA2_EVENTDEV
-static void dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id)
+static void
+dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int lcoreid)
 {
 #define STRING_LEN	28
@@ -126,5 +131,5 @@ static void dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id)
 	}
 
-	cpu_mask = cpu_mask << rte_lcore_id();
+	cpu_mask = cpu_mask << dpaa2_cpu[lcoreid];
 	snprintf(command, COMMAND_LEN, "echo %X > /proc/irq/%s/smp_affinity",
 		 cpu_mask, token);
@@ -140,5 +145,5 @@ static void dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id)
 }
 
-static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)
+static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev, int lcoreid)
 {
 	struct epoll_event epoll_ev;
@@ -177,5 +182,5 @@ static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)
 	dpio_dev->epoll_fd = dpio_epoll_fd;
 
-	dpaa2_affine_dpio_intr_to_respective_core(dpio_dev->hw_id);
+	dpaa2_affine_dpio_intr_to_respective_core(dpio_dev->hw_id, lcoreid);
 
 	return 0;
@@ -184,16 +189,20 @@ static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)
 
 static int
-dpaa2_configure_stashing(struct dpaa2_dpio_dev *dpio_dev, int cpu_id)
+dpaa2_configure_stashing(struct dpaa2_dpio_dev *dpio_dev, int lcoreid)
 {
 	int sdest, ret;
+	int cpu_id;
 
 	/* Set the Stashing Destination */
-	if (cpu_id < 0) {
-		cpu_id = rte_get_master_lcore();
-		if (cpu_id < 0) {
+	if (lcoreid < 0) {
+		lcoreid = rte_get_master_lcore();
+		if (lcoreid < 0) {
 			DPAA2_BUS_ERR("Getting CPU Index failed");
 			return -1;
 		}
 	}
+
+	cpu_id = dpaa2_cpu[lcoreid];
+
 	/* Set the STASH Destination depending on Current CPU ID.
 	 * Valid values of SDEST are 4,5,6,7. Where,
@@ -201,6 +210,6 @@ dpaa2_configure_stashing(struct dpaa2_dpio_dev *dpio_dev, int cpu_id)
 
 	sdest = dpaa2_core_cluster_sdest(cpu_id);
-	DPAA2_BUS_DEBUG("Portal= %d  CPU= %u SDEST= %d",
-			dpio_dev->index, cpu_id, sdest);
+	DPAA2_BUS_DEBUG("Portal= %d  CPU= %u lcore id =%u SDEST= %d",
+			dpio_dev->index, cpu_id, lcoreid, sdest);
 
 	ret = dpio_set_stashing_destination(dpio_dev->dpio, CMD_PRI_LOW,
@@ -212,5 +221,5 @@ dpaa2_configure_stashing(struct dpaa2_dpio_dev *dpio_dev, int cpu_id)
 
 #ifdef RTE_LIBRTE_PMD_DPAA2_EVENTDEV
-	if (dpaa2_dpio_intr_init(dpio_dev)) {
+	if (dpaa2_dpio_intr_init(dpio_dev, lcoreid)) {
 		DPAA2_BUS_ERR("Interrupt registration failed for dpio");
 		return -1;
@@ -221,5 +230,5 @@ dpaa2_configure_stashing(struct dpaa2_dpio_dev *dpio_dev, int cpu_id)
 }
 
-struct dpaa2_dpio_dev *dpaa2_get_qbman_swp(int cpu_id)
+struct dpaa2_dpio_dev *dpaa2_get_qbman_swp(int lcoreid)
 {
 	struct dpaa2_dpio_dev *dpio_dev = NULL;
@@ -237,5 +246,5 @@ struct dpaa2_dpio_dev *dpaa2_get_qbman_swp(int cpu_id)
 			dpio_dev, dpio_dev->index, syscall(SYS_gettid));
 
-	ret = dpaa2_configure_stashing(dpio_dev, cpu_id);
+	ret = dpaa2_configure_stashing(dpio_dev, lcoreid);
 	if (ret)
 		DPAA2_BUS_ERR("dpaa2_configure_stashing failed");
@@ -341,4 +350,37 @@ dpaa2_affine_qbman_ethrx_swp(void)
 }
 
+/*
+ * This checks for not supported lcore mappings as well as get the physical
+ * cpuid for the lcore.
+ * one lcore can only map to 1 cpu i.e. 1@10-14 not supported.
+ * one cpu can be mapped to more than one lcores.
+ */
+static int
+dpaa2_check_lcore_cpuset(void)
+{
+	unsigned int lcore_id, i;
+	int ret = 0;
+
+	for (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++)
+		dpaa2_cpu[lcore_id] = 0xffffffff;
+
+	for (lcore_id = 0; lcore_id < RTE_MAX_LCORE; lcore_id++) {
+		for (i = 0; i < RTE_MAX_LCORE; i++) {
+			if (CPU_ISSET(i, &lcore_config[lcore_id].cpuset)) {
+				RTE_LOG(DEBUG, EAL, "lcore id = %u cpu=%u\n",
+					lcore_id, i);
+				if (dpaa2_cpu[lcore_id] != 0xffffffff) {
+					DPAA2_BUS_ERR(
+				    "ERR:lcore map to multi-cpu not supported");
+					ret = -1;
+				} else  {
+					dpaa2_cpu[lcore_id] = i;
+				}
+			}
+		}
+	}
+	return ret;
+}
+
 static int
 dpaa2_create_dpio_device(int vdev_fd,
@@ -350,4 +392,5 @@ dpaa2_create_dpio_device(int vdev_fd,
 	struct qbman_swp_desc p_des;
 	struct dpio_attr attr;
+	static int check_lcore_cpuset;
 
 	if (obj_info->num_regions < NUM_DPIO_REGIONS) {
@@ -369,4 +412,11 @@ dpaa2_create_dpio_device(int vdev_fd,
 	dpio_dev->mc_portal = rte_mcp_ptr_list[MC_PORTAL_INDEX];
 
+	if (!check_lcore_cpuset) {
+		check_lcore_cpuset = 1;
+
+		if (dpaa2_check_lcore_cpuset() < 0)
+			goto err;
+	}
+
 	dpio_dev->dpio = malloc(sizeof(struct fsl_mc_io));
 	memset(dpio_dev->dpio, 0, sizeof(struct fsl_mc_io));
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.766310661 +0000
+++ 0044-bus-fslmc-fix-to-use-correct-physical-core-for-logic.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 69a63c17fe79190b5caf6f91b02592106b96ce63 Mon Sep 17 00:00:00 2001
+From e6ca4a30daf21815100b6d1cc4b0d05c35151573 Mon Sep 17 00:00:00 2001
 From: Hemant Agrawal <hemant.agrawal@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:12 +0000
 Subject: [PATCH] bus/fslmc: fix to use correct physical core for logical core
 
+[ upstream commit 69a63c17fe79190b5caf6f91b02592106b96ce63 ]
+
 Existing code is using the lcore id as the physical core
 id. Add code to get the right physical id.
 
@@ -10,7 +12,6 @@
 print err on such cases.
 
 Fixes: ce9efbf5bb09 ("bus/fslmc: support dynamic logging")
-Cc: stable@dpdk.org
 
 Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
 ---

[dpdk-stable] patch 'net/dpaa2: fix bad check for not-null' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 25c6d79a6fce3c3220b88772acea76f93186e048 Mon Sep 17 00:00:00 2001
From: Hemant Agrawal <hemant.agrawal@nxp.com>
Date: Fri, 11 Jan 2019 12:24:16 +0000
Subject: [PATCH] net/dpaa2: fix bad check for not-null

[ upstream commit de2060055cf1184a4b724786a8d73e646a2f07a0 ]

The check !dpaa2->cscn is not correct to check non-null value.

Fixes: 5d9a1e4d23fe ("net/dpaa2: enhance queue memory cleanup")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/net/dpaa2/dpaa2_ethdev.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/drivers/net/dpaa2/dpaa2_ethdev.c b/drivers/net/dpaa2/dpaa2_ethdev.c
index fa71807e6..8d4ea1bca 100644
--- a/drivers/net/dpaa2/dpaa2_ethdev.c
+++ b/drivers/net/dpaa2/dpaa2_ethdev.c
@@ -312,6 +312,5 @@ dpaa2_free_rx_tx_queues(struct rte_eth_dev *dev)
 		for (i = 0; i < priv->nb_tx_queues; i++) {
 			dpaa2_q = (struct dpaa2_queue *)priv->tx_vq[i];
-			if (!dpaa2_q->cscn)
-				rte_free(dpaa2_q->cscn);
+			rte_free(dpaa2_q->cscn);
 		}
 		/*free memory for all queues (RX+TX) */
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.788127787 +0000
+++ 0045-net-dpaa2-fix-bad-check-for-not-null.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,12 +1,13 @@
-From de2060055cf1184a4b724786a8d73e646a2f07a0 Mon Sep 17 00:00:00 2001
+From 25c6d79a6fce3c3220b88772acea76f93186e048 Mon Sep 17 00:00:00 2001
 From: Hemant Agrawal <hemant.agrawal@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:16 +0000
 Subject: [PATCH] net/dpaa2: fix bad check for not-null
 
+[ upstream commit de2060055cf1184a4b724786a8d73e646a2f07a0 ]
+
 The check !dpaa2->cscn is not correct to check non-null value.
 
 Fixes: 5d9a1e4d23fe ("net/dpaa2: enhance queue memory cleanup")
-Cc: stable@dpdk.org
 
 Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
 ---

[dpdk-stable] patch 'bus/fslmc: fix to convert error msg to warning' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 9710fa152bc6c795427834f4cd4563e19d6949f7 Mon Sep 17 00:00:00 2001
From: Hemant Agrawal <hemant.agrawal@nxp.com>
Date: Fri, 11 Jan 2019 12:24:19 +0000
Subject: [PATCH] bus/fslmc: fix to convert error msg to warning

[ upstream commit 7bf59396043c4f997196ff5f2a01b13531acf778 ]

This is just a information. No need to print
it as a error.

Fixes: ce9efbf5bb09 ("bus/fslmc: support dynamic logging")

Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
---
 drivers/bus/fslmc/fslmc_vfio.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/bus/fslmc/fslmc_vfio.c b/drivers/bus/fslmc/fslmc_vfio.c
index 493b6e5be..ce82a99f6 100644
--- a/drivers/bus/fslmc/fslmc_vfio.c
+++ b/drivers/bus/fslmc/fslmc_vfio.c
@@ -177,5 +177,5 @@ static int vfio_map_irq_region(struct fslmc_vfio_group *group)
 		PROT_READ, MAP_SHARED, container_device_fd, 0x6030000);
 	if (vaddr == MAP_FAILED) {
-		DPAA2_BUS_ERR("Unable to map region (errno = %d)", errno);
+		DPAA2_BUS_INFO("Unable to map region (errno = %d)", errno);
 		return -errno;
 	}
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.811904491 +0000
+++ 0046-bus-fslmc-fix-to-convert-error-msg-to-warning.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 7bf59396043c4f997196ff5f2a01b13531acf778 Mon Sep 17 00:00:00 2001
+From 9710fa152bc6c795427834f4cd4563e19d6949f7 Mon Sep 17 00:00:00 2001
 From: Hemant Agrawal <hemant.agrawal@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:19 +0000
 Subject: [PATCH] bus/fslmc: fix to convert error msg to warning
 
+[ upstream commit 7bf59396043c4f997196ff5f2a01b13531acf778 ]
+
 This is just a information. No need to print
 it as a error.
 
 Fixes: ce9efbf5bb09 ("bus/fslmc: support dynamic logging")
-Cc: stable@dpdk.org
 
 Signed-off-by: Hemant Agrawal <hemant.agrawal@nxp.com>
 ---

[dpdk-stable] patch 'bus/fslmc: fix parse method for bus devices' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From f5fa62421415fb43e3605d8a54e27e606a0c777f Mon Sep 17 00:00:00 2001
From: Shreyansh Jain <shreyansh.jain@nxp.com>
Date: Fri, 11 Jan 2019 12:24:23 +0000
Subject: [PATCH] bus/fslmc: fix parse method for bus devices

[ upstream commit 68f5637bcba7ecace57e12b85d82fdeadaa58843 ]

Current code expects that bus->parse() would get a string containing
the name of the bus. That is incorrect. bus->parse() is expected
to have strings like:
  dpni.1,key=val
  dpio.2,key=val

when user passed:
  -b fslmc:dpni.1,key=val

This commit fixes this behavior.

Fixes: 50245be05d1a ("bus/fslmc: support device blacklisting")

Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
---
 drivers/bus/fslmc/fslmc_bus.c | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/drivers/bus/fslmc/fslmc_bus.c b/drivers/bus/fslmc/fslmc_bus.c
index 89af9385a..565e0148f 100644
--- a/drivers/bus/fslmc/fslmc_bus.c
+++ b/drivers/bus/fslmc/fslmc_bus.c
@@ -1,5 +1,5 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  *
- *   Copyright 2016 NXP
+ *   Copyright 2016,2018 NXP
  *
  */
@@ -228,18 +228,14 @@ rte_fslmc_parse(const char *name, void *addr)
 {
 	uint16_t dev_id;
-	char *t_ptr;
-	char *sep = strchr(name, ':');
+	char *t_ptr = NULL, *dname = NULL;
 
-	if (strncmp(name, RTE_STR(FSLMC_BUS_NAME),
-		strlen(RTE_STR(FSLMC_BUS_NAME)))) {
-		return -EINVAL;
-	}
+	/* 'name' is expected to contain name of device, for example, dpio.1,
+	 * dpni.2, etc.
+	 */
 
-	if (!sep) {
-		DPAA2_BUS_ERR("Incorrect device name observed");
+	dname = strdup(name);
+	if (!dname)
 		return -EINVAL;
-	}
-
-	t_ptr = (char *)(sep + 1);
+	t_ptr = dname;
 
 	if (strncmp("dpni", t_ptr, 4) &&
@@ -252,5 +248,5 @@ rte_fslmc_parse(const char *name, void *addr)
 	    strncmp("dpdmai", t_ptr, 6)) {
 		DPAA2_BUS_ERR("Unknown or unsupported device");
-		return -EINVAL;
+		goto err_out;
 	}
 
@@ -258,5 +254,5 @@ rte_fslmc_parse(const char *name, void *addr)
 	if (!t_ptr) {
 		DPAA2_BUS_ERR("Incorrect device string observed (%s)", t_ptr);
-		return -EINVAL;
+		goto err_out;
 	}
 
@@ -264,10 +260,15 @@ rte_fslmc_parse(const char *name, void *addr)
 	if (sscanf(t_ptr, "%hu", &dev_id) <= 0) {
 		DPAA2_BUS_ERR("Incorrect device string observed (%s)", t_ptr);
-		return -EINVAL;
+		goto err_out;
 	}
+	free(dname);
 
 	if (addr)
-		strcpy(addr, (char *)(sep + 1));
+		strcpy(addr, name);
+
 	return 0;
+err_out:
+	free(dname);
+	return -EINVAL;
 }
 
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.834038607 +0000
+++ 0047-bus-fslmc-fix-parse-method-for-bus-devices.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,8 +1,10 @@
-From 68f5637bcba7ecace57e12b85d82fdeadaa58843 Mon Sep 17 00:00:00 2001
+From f5fa62421415fb43e3605d8a54e27e606a0c777f Mon Sep 17 00:00:00 2001
 From: Shreyansh Jain <shreyansh.jain@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:23 +0000
 Subject: [PATCH] bus/fslmc: fix parse method for bus devices
 
+[ upstream commit 68f5637bcba7ecace57e12b85d82fdeadaa58843 ]
+
 Current code expects that bus->parse() would get a string containing
 the name of the bus. That is incorrect. bus->parse() is expected
 to have strings like:
@@ -15,7 +17,6 @@
 This commit fixes this behavior.
 
 Fixes: 50245be05d1a ("bus/fslmc: support device blacklisting")
-Cc: stable@dpdk.org
 
 Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
 ---

[dpdk-stable] patch 'net/dpaa2: fix device init for secondary process' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 33c75697f14c6d01076f5e45c1f6bbf958b0d19d Mon Sep 17 00:00:00 2001
From: Shreyansh Jain <shreyansh.jain@nxp.com>
Date: Fri, 11 Jan 2019 12:24:27 +0000
Subject: [PATCH] net/dpaa2: fix device init for secondary process

[ upstream commit e7b187db191901ebaf6ab0aefe3c13d53bd6ecf1 ]

In order to support I/O from secondary process, the
burst APIs and OPS APIs shall be mapped/plugged.

Fixes: c147eae01cb3 ("net/dpaa2: introduce NXP DPAA2 driver")

Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
---
 drivers/net/dpaa2/dpaa2_ethdev.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/drivers/net/dpaa2/dpaa2_ethdev.c b/drivers/net/dpaa2/dpaa2_ethdev.c
index 8d4ea1bca..39f85ae7b 100644
--- a/drivers/net/dpaa2/dpaa2_ethdev.c
+++ b/drivers/net/dpaa2/dpaa2_ethdev.c
@@ -1919,6 +1919,13 @@ dpaa2_dev_init(struct rte_eth_dev *eth_dev)
 
 	/* For secondary processes, the primary has done all the work */
-	if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+	if (rte_eal_process_type() != RTE_PROC_PRIMARY) {
+		/* In case of secondary, only burst and ops API need to be
+		 * plugged.
+		 */
+		eth_dev->dev_ops = &dpaa2_ethdev_ops;
+		eth_dev->rx_pkt_burst = dpaa2_dev_prefetch_rx;
+		eth_dev->tx_pkt_burst = dpaa2_dev_tx;
 		return 0;
+	}
 
 	dpaa2_dev = container_of(dev, struct rte_dpaa2_device, device);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.855618947 +0000
+++ 0048-net-dpaa2-fix-device-init-for-secondary-process.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From e7b187db191901ebaf6ab0aefe3c13d53bd6ecf1 Mon Sep 17 00:00:00 2001
+From 33c75697f14c6d01076f5e45c1f6bbf958b0d19d Mon Sep 17 00:00:00 2001
 From: Shreyansh Jain <shreyansh.jain@nxp.com>
 Date: Fri, 11 Jan 2019 12:24:27 +0000
 Subject: [PATCH] net/dpaa2: fix device init for secondary process
 
+[ upstream commit e7b187db191901ebaf6ab0aefe3c13d53bd6ecf1 ]
+
 In order to support I/O from secondary process, the
 burst APIs and OPS APIs shall be mapped/plugged.
 
 Fixes: c147eae01cb3 ("net/dpaa2: introduce NXP DPAA2 driver")
-Cc: stable@dpdk.org
 
 Signed-off-by: Shreyansh Jain <shreyansh.jain@nxp.com>
 ---

[dpdk-stable] patch 'doc: fix MAC address rewrite actions in prog guide' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 6837bdb60beb5dcb45eb6cb8b85dde23ca217568 Mon Sep 17 00:00:00 2001
From: Dekel Peled <dekelp@mellanox.com>
Date: Wed, 9 Jan 2019 13:37:59 +0200
Subject: [PATCH] doc: fix MAC address rewrite actions in prog guide

[ upstream commit e76d76b27be270b0eaba52b3a6bbc7860a9197af ]

This patch fixes a typo in SET_MAC_DST action description.
It also adds restriction note for set MAC src/dst actions description.

Fixes: 15dbcdaada77 ("ethdev: add generic MAC address rewrite actions")

Signed-off-by: Dekel Peled <dekelp@mellanox.com>
Acked-by: Ori Kam <orika@mellanox.com>
---
 doc/guides/prog_guide/rte_flow.rst | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/doc/guides/prog_guide/rte_flow.rst b/doc/guides/prog_guide/rte_flow.rst
index c18637500..dbf4999aa 100644
--- a/doc/guides/prog_guide/rte_flow.rst
+++ b/doc/guides/prog_guide/rte_flow.rst
@@ -2315,5 +2315,8 @@ Action: ``SET_MAC_SRC``
 ^^^^^^^^^^^^^^^^^^^^^^^
 
-Set source MAC address
+Set source MAC address.
+
+It must be used with a valid RTE_FLOW_ITEM_TYPE_ETH flow pattern item.
+Otherwise, RTE_FLOW_ERROR_TYPE_ACTION error will be returned.
 
 .. _table_rte_flow_action_set_mac_src:
@@ -2330,5 +2333,8 @@ Action: ``SET_MAC_DST``
 ^^^^^^^^^^^^^^^^^^^^^^^
 
-Set source MAC address
+Set destination MAC address.
+
+It must be used with a valid RTE_FLOW_ITEM_TYPE_ETH flow pattern item.
+Otherwise, RTE_FLOW_ERROR_TYPE_ACTION error will be returned.
 
 .. _table_rte_flow_action_set_mac_dst:
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.878895180 +0000
+++ 0049-doc-fix-MAC-address-rewrite-actions-in-prog-guide.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From e76d76b27be270b0eaba52b3a6bbc7860a9197af Mon Sep 17 00:00:00 2001
+From 6837bdb60beb5dcb45eb6cb8b85dde23ca217568 Mon Sep 17 00:00:00 2001
 From: Dekel Peled <dekelp@mellanox.com>
 Date: Wed, 9 Jan 2019 13:37:59 +0200
 Subject: [PATCH] doc: fix MAC address rewrite actions in prog guide
 
+[ upstream commit e76d76b27be270b0eaba52b3a6bbc7860a9197af ]
+
 This patch fixes a typo in SET_MAC_DST action description.
 It also adds restriction note for set MAC src/dst actions description.
 
 Fixes: 15dbcdaada77 ("ethdev: add generic MAC address rewrite actions")
-Cc: stable@dpdk.org
 
 Signed-off-by: Dekel Peled <dekelp@mellanox.com>
 Acked-by: Ori Kam <orika@mellanox.com>

[dpdk-stable] patch 'net/sfc: fix typo in preprocessor check' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 07b13f6ef15eefbb98c7ae63b10309e967974aa8 Mon Sep 17 00:00:00 2001
From: Andrew Rybchenko <arybchenko@solarflare.com>
Date: Sun, 13 Jan 2019 14:50:13 +0000
Subject: [PATCH] net/sfc: fix typo in preprocessor check

[ upstream commit c69f5e0cb1944e7699e64f8f476571a4e9b6acb9 ]

ISP2() macro function misspelled in a check just before it.

Fixes: e1b944598579 ("net/sfc: build libefx")

Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
---
 drivers/net/sfc/efsys.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/sfc/efsys.h b/drivers/net/sfc/efsys.h
index 0b4795da1..f7bcc74d9 100644
--- a/drivers/net/sfc/efsys.h
+++ b/drivers/net/sfc/efsys.h
@@ -85,5 +85,5 @@ typedef bool boolean_t;
 #endif
 
-#ifndef IS2P
+#ifndef ISP2
 #define ISP2(x)			rte_is_power_of_2(x)
 #endif
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.903127893 +0000
+++ 0050-net-sfc-fix-typo-in-preprocessor-check.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,12 +1,13 @@
-From c69f5e0cb1944e7699e64f8f476571a4e9b6acb9 Mon Sep 17 00:00:00 2001
+From 07b13f6ef15eefbb98c7ae63b10309e967974aa8 Mon Sep 17 00:00:00 2001
 From: Andrew Rybchenko <arybchenko@solarflare.com>
 Date: Sun, 13 Jan 2019 14:50:13 +0000
 Subject: [PATCH] net/sfc: fix typo in preprocessor check
 
+[ upstream commit c69f5e0cb1944e7699e64f8f476571a4e9b6acb9 ]
+
 ISP2() macro function misspelled in a check just before it.
 
 Fixes: e1b944598579 ("net/sfc: build libefx")
-Cc: stable@dpdk.org
 
 Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
 ---

[dpdk-stable] patch 'net/tap: allow full length names' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 22c87d3f946e3addf0dec7c553347198b02362df Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen@networkplumber.org>
Date: Fri, 11 Jan 2019 12:35:15 -0800
Subject: [PATCH] net/tap: allow full length names

[ upstream commit 12ad0b6572d0793d0dc100b32caec5a2859399ed ]

The code for set_interface_name was incorrectly assuming that
space for null byte was necessary with snprintf/strlcpy.

Fixes: 02f96a0a82d1 ("net/tap: add TUN/TAP device PMD")

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by Keith Wiles <keith.wiles@intel.com>
---
 drivers/net/tap/rte_eth_tap.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/drivers/net/tap/rte_eth_tap.c b/drivers/net/tap/rte_eth_tap.c
index 0ec030bef..aef8b0b9f 100644
--- a/drivers/net/tap/rte_eth_tap.c
+++ b/drivers/net/tap/rte_eth_tap.c
@@ -1893,8 +1893,8 @@ set_interface_name(const char *key __rte_unused,
 
 	if (value)
-		strlcpy(name, value, RTE_ETH_NAME_MAX_LEN - 1);
+		strlcpy(name, value, RTE_ETH_NAME_MAX_LEN);
 	else
-		snprintf(name, RTE_ETH_NAME_MAX_LEN - 1, "%s%d",
-			 DEFAULT_TAP_NAME, (tap_unit - 1));
+		snprintf(name, RTE_ETH_NAME_MAX_LEN, "%s%d",
+			 DEFAULT_TAP_NAME, tap_unit - 1);
 
 	return 0;
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.924515000 +0000
+++ 0051-net-tap-allow-full-length-names.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,13 +1,14 @@
-From 12ad0b6572d0793d0dc100b32caec5a2859399ed Mon Sep 17 00:00:00 2001
+From 22c87d3f946e3addf0dec7c553347198b02362df Mon Sep 17 00:00:00 2001
 From: Stephen Hemminger <stephen@networkplumber.org>
 Date: Fri, 11 Jan 2019 12:35:15 -0800
 Subject: [PATCH] net/tap: allow full length names
 
+[ upstream commit 12ad0b6572d0793d0dc100b32caec5a2859399ed ]
+
 The code for set_interface_name was incorrectly assuming that
 space for null byte was necessary with snprintf/strlcpy.
 
 Fixes: 02f96a0a82d1 ("net/tap: add TUN/TAP device PMD")
-Cc: stable@dpdk.org
 
 Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
 Acked-by Keith Wiles <keith.wiles@intel.com>
@@ -16,7 +17,7 @@
  1 file changed, 3 insertions(+), 3 deletions(-)
 
 diff --git a/drivers/net/tap/rte_eth_tap.c b/drivers/net/tap/rte_eth_tap.c
-index 1c00681ba..11e402e42 100644
+index 0ec030bef..aef8b0b9f 100644
 --- a/drivers/net/tap/rte_eth_tap.c
 +++ b/drivers/net/tap/rte_eth_tap.c
 @@ -1893,8 +1893,8 @@ set_interface_name(const char *key __rte_unused,

[dpdk-stable] patch 'net/tap: let kernel choose tun device name' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From d3034e04e58ca7bed78182fa9a1439afe4a73d4b Mon Sep 17 00:00:00 2001
From: Stephen Hemminger <stephen@networkplumber.org>
Date: Fri, 11 Jan 2019 12:35:18 -0800
Subject: [PATCH] net/tap: let kernel choose tun device name

[ upstream commit b5235d61f3b7d2b1c2b9ee2601f3aca2b151b508 ]

Assigning tun and tap index in DPDK tap device driver is racy
and fails if used with primary/secondary. Instead use the kernel
feature of device wildcarding where if a name with %d is used
the kernel will fill in the next available device.

Fixes: 02f96a0a82d1 ("net/tap: add TUN/TAP device PMD")

Reported-by: Haifeng Li <hfli@netitest.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Acked-by Keith Wiles <keith.wiles@intel.com>
---
 drivers/net/tap/rte_eth_tap.c | 33 +++++++++++++++++----------------
 1 file changed, 17 insertions(+), 16 deletions(-)

diff --git a/drivers/net/tap/rte_eth_tap.c b/drivers/net/tap/rte_eth_tap.c
index aef8b0b9f..a93429973 100644
--- a/drivers/net/tap/rte_eth_tap.c
+++ b/drivers/net/tap/rte_eth_tap.c
@@ -79,7 +79,4 @@ static const char *valid_arguments[] = {
 };
 
-static unsigned int tap_unit;
-static unsigned int tun_unit;
-
 static char tuntap_name[8];
 
@@ -151,6 +148,4 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
 	snprintf(ifr.ifr_name, IFNAMSIZ, "%s", pmd->name);
 
-	TAP_LOG(DEBUG, "ifr_name '%s'", ifr.ifr_name);
-
 	fd = open(TUN_TAP_DEV_PATH, O_RDWR);
 	if (fd < 0) {
@@ -186,4 +181,11 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
 	}
 
+	/*
+	 * Name passed to kernel might be wildcard like dtun%d
+	 * and need to find the resulting device.
+	 */
+	TAP_LOG(DEBUG, "Device name is '%s'", ifr.ifr_name);
+	strlcpy(pmd->name, ifr.ifr_name, RTE_ETH_NAME_MAX_LEN);
+
 	if (is_keepalive) {
 		/*
@@ -1756,4 +1758,5 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, char *tap_name,
 		goto error_exit;
 	}
+	TAP_LOG(DEBUG, "allocated %s", pmd->name);
 
 	ifr.ifr_mtu = dev->data->mtu;
@@ -1895,6 +1898,6 @@ set_interface_name(const char *key __rte_unused,
 		strlcpy(name, value, RTE_ETH_NAME_MAX_LEN);
 	else
-		snprintf(name, RTE_ETH_NAME_MAX_LEN, "%s%d",
-			 DEFAULT_TAP_NAME, tap_unit - 1);
+		/* use tap%d which causes kernel to choose next available */
+		strlcpy(name, DEFAULT_TAP_NAME "%d", RTE_ETH_NAME_MAX_LEN);
 
 	return 0;
@@ -2003,6 +2006,6 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
 	}
 
-	snprintf(tun_name, sizeof(tun_name), "%s%u",
-		 DEFAULT_TUN_NAME, tun_unit++);
+	/* use tun%d which causes kernel to choose next available */
+	strlcpy(tun_name, DEFAULT_TUN_NAME "%d", RTE_ETH_NAME_MAX_LEN);
 
 	if (params && (params[0] != '\0')) {
@@ -2024,9 +2027,8 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
 	pmd_link.link_speed = ETH_SPEED_NUM_10G;
 
-	TAP_LOG(NOTICE, "Initializing pmd_tun for %s as %s",
-		name, tun_name);
+	TAP_LOG(NOTICE, "Initializing pmd_tun for %s", name);
 
 	ret = eth_dev_tap_create(dev, tun_name, remote_iface, 0,
-		ETH_TUNTAP_TYPE_TUN);
+				 ETH_TUNTAP_TYPE_TUN);
 
 leave:
@@ -2034,5 +2036,4 @@ leave:
 		TAP_LOG(ERR, "Failed to create pmd for %s as %s",
 			name, tun_name);
-		tun_unit--; /* Restore the unit number */
 	}
 	rte_kvargs_free(kvlist);
@@ -2190,6 +2191,7 @@ rte_pmd_tap_probe(struct rte_vdev_device *dev)
 
 	speed = ETH_SPEED_NUM_10G;
-	snprintf(tap_name, sizeof(tap_name), "%s%u",
-		 DEFAULT_TAP_NAME, tap_unit++);
+
+	/* use tap%d which causes kernel to choose next available */
+	strlcpy(tap_name, DEFAULT_TAP_NAME "%d", RTE_ETH_NAME_MAX_LEN);
 	memset(remote_iface, 0, RTE_ETH_NAME_MAX_LEN);
 
@@ -2255,5 +2257,4 @@ leave:
 			tap_devices_count--;
 		}
-		tap_unit--;		/* Restore the unit number */
 	}
 	rte_kvargs_free(kvlist);
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.948575581 +0000
+++ 0052-net-tap-let-kernel-choose-tun-device-name.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,15 +1,16 @@
-From b5235d61f3b7d2b1c2b9ee2601f3aca2b151b508 Mon Sep 17 00:00:00 2001
+From d3034e04e58ca7bed78182fa9a1439afe4a73d4b Mon Sep 17 00:00:00 2001
 From: Stephen Hemminger <stephen@networkplumber.org>
 Date: Fri, 11 Jan 2019 12:35:18 -0800
 Subject: [PATCH] net/tap: let kernel choose tun device name
 
+[ upstream commit b5235d61f3b7d2b1c2b9ee2601f3aca2b151b508 ]
+
 Assigning tun and tap index in DPDK tap device driver is racy
 and fails if used with primary/secondary. Instead use the kernel
 feature of device wildcarding where if a name with %d is used
 the kernel will fill in the next available device.
 
 Fixes: 02f96a0a82d1 ("net/tap: add TUN/TAP device PMD")
-Cc: stable@dpdk.org
 
 Reported-by: Haifeng Li <hfli@netitest.com>
 Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
@@ -19,10 +20,10 @@
  1 file changed, 17 insertions(+), 16 deletions(-)
 
 diff --git a/drivers/net/tap/rte_eth_tap.c b/drivers/net/tap/rte_eth_tap.c
-index d699b4fb0..ed8483cb9 100644
+index aef8b0b9f..a93429973 100644
 --- a/drivers/net/tap/rte_eth_tap.c
 +++ b/drivers/net/tap/rte_eth_tap.c
-@@ -80,7 +80,4 @@ static const char *valid_arguments[] = {
+@@ -79,7 +79,4 @@ static const char *valid_arguments[] = {
  };
  
 -static unsigned int tap_unit;
@@ -30,14 +31,14 @@
 -
  static char tuntap_name[8];
  
-@@ -152,6 +149,4 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
- 	strlcpy(ifr.ifr_name, pmd->name, IFNAMSIZ);
+@@ -151,6 +148,4 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
+ 	snprintf(ifr.ifr_name, IFNAMSIZ, "%s", pmd->name);
  
 -	TAP_LOG(DEBUG, "ifr_name '%s'", ifr.ifr_name);
 -
  	fd = open(TUN_TAP_DEV_PATH, O_RDWR);
  	if (fd < 0) {
-@@ -187,4 +182,11 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
+@@ -186,4 +181,11 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive)
  	}
  
 +	/*
@@ -49,22 +50,22 @@
 +
  	if (is_keepalive) {
  		/*
-@@ -1757,4 +1759,5 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, char *tap_name,
+@@ -1756,4 +1758,5 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, char *tap_name,
  		goto error_exit;
  	}
 +	TAP_LOG(DEBUG, "allocated %s", pmd->name);
  
  	ifr.ifr_mtu = dev->data->mtu;
-@@ -1919,6 +1922,6 @@ set_interface_name(const char *key __rte_unused,
+@@ -1895,6 +1898,6 @@ set_interface_name(const char *key __rte_unused,
  		strlcpy(name, value, RTE_ETH_NAME_MAX_LEN);
- 	} else {
+ 	else
 -		snprintf(name, RTE_ETH_NAME_MAX_LEN, "%s%d",
 -			 DEFAULT_TAP_NAME, tap_unit - 1);
 +		/* use tap%d which causes kernel to choose next available */
 +		strlcpy(name, DEFAULT_TAP_NAME "%d", RTE_ETH_NAME_MAX_LEN);
- 	}
+ 
  	return 0;
-@@ -2033,6 +2036,6 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
+@@ -2003,6 +2006,6 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
  	}
  
 -	snprintf(tun_name, sizeof(tun_name), "%s%u",
@@ -73,25 +74,25 @@
 +	strlcpy(tun_name, DEFAULT_TUN_NAME "%d", RTE_ETH_NAME_MAX_LEN);
  
  	if (params && (params[0] != '\0')) {
-@@ -2054,9 +2057,8 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
+@@ -2024,9 +2027,8 @@ rte_pmd_tun_probe(struct rte_vdev_device *dev)
  	pmd_link.link_speed = ETH_SPEED_NUM_10G;
  
--	TAP_LOG(DEBUG, "Initializing pmd_tun for %s as %s",
+-	TAP_LOG(NOTICE, "Initializing pmd_tun for %s as %s",
 -		name, tun_name);
-+	TAP_LOG(DEBUG, "Initializing pmd_tun for %s", name);
++	TAP_LOG(NOTICE, "Initializing pmd_tun for %s", name);
  
  	ret = eth_dev_tap_create(dev, tun_name, remote_iface, 0,
 -		ETH_TUNTAP_TYPE_TUN);
 +				 ETH_TUNTAP_TYPE_TUN);
  
  leave:
-@@ -2064,5 +2066,4 @@ leave:
+@@ -2034,5 +2036,4 @@ leave:
  		TAP_LOG(ERR, "Failed to create pmd for %s as %s",
  			name, tun_name);
 -		tun_unit--; /* Restore the unit number */
  	}
  	rte_kvargs_free(kvlist);
-@@ -2220,6 +2221,7 @@ rte_pmd_tap_probe(struct rte_vdev_device *dev)
+@@ -2190,6 +2191,7 @@ rte_pmd_tap_probe(struct rte_vdev_device *dev)
  
  	speed = ETH_SPEED_NUM_10G;
 -	snprintf(tap_name, sizeof(tap_name), "%s%u",
@@ -101,7 +102,7 @@
 +	strlcpy(tap_name, DEFAULT_TAP_NAME "%d", RTE_ETH_NAME_MAX_LEN);
  	memset(remote_iface, 0, RTE_ETH_NAME_MAX_LEN);
  
-@@ -2284,5 +2286,4 @@ leave:
+@@ -2255,5 +2257,4 @@ leave:
  			tap_devices_count--;
  		}
 -		tap_unit--;		/* Restore the unit number */

[dpdk-stable] patch 'net/i40e: perform basic validation on VF messages' has been queued to LTS release 18.11.1

[Kevin Traynor]

Hi,

FYI, your patch has been queued to LTS release 18.11.1

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001
From: Haiyue Wang <haiyue.wang@intel.com>
Date: Thu, 10 Jan 2019 20:07:31 +0800
Subject: [PATCH] net/i40e: perform basic validation on VF messages

[ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ]

Do the VF message basic validation such as OPCODE message length check,
some special OPCODE message format check, to protect the i40e PMD from
malicious VF message attack.

Fixes: 4861cde46116 ("i40e: new poll mode driver")

Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
---
 drivers/net/i40e/i40e_pf.c | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c
index dd3962d38..1e2d1746f 100644
--- a/drivers/net/i40e/i40e_pf.c
+++ b/drivers/net/i40e/i40e_pf.c
@@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
 	struct rte_pmd_i40e_mb_event_param ret_param;
 	bool b_op = TRUE;
+	int ret;
 
 	if (vf_id > pf->vf_num - 1 || !pf->vfs) {
@@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
 	}
 
+	/* perform basic checks on the msg */
+	ret = virtchnl_vc_validate_vf_msg(&vf->version, opcode, msg, msglen);
+
+	/* perform additional checks specific to this driver */
+	if (opcode == VIRTCHNL_OP_CONFIG_RSS_KEY) {
+		struct virtchnl_rss_key *vrk = (struct virtchnl_rss_key *)msg;
+
+		if (vrk->key_len != ((I40E_PFQF_HKEY_MAX_INDEX + 1) * 4))
+			ret = VIRTCHNL_ERR_PARAM;
+	} else if (opcode == VIRTCHNL_OP_CONFIG_RSS_LUT) {
+		struct virtchnl_rss_lut *vrl = (struct virtchnl_rss_lut *)msg;
+
+		if (vrl->lut_entries != ((I40E_VFQF_HLUT1_MAX_INDEX + 1) * 4))
+			ret = VIRTCHNL_ERR_PARAM;
+	}
+
+	if (ret) {
+		PMD_DRV_LOG(ERR, "Invalid message from VF %u, opcode %u, len %u",
+			    vf_id, opcode, msglen);
+		i40e_pf_host_send_msg_to_vf(vf, opcode,
+					    I40E_ERR_PARAM, NULL, 0);
+		return;
+	}
+
 	/**
 	 * initialise structure to send to user application
-- 
2.19.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-01-31 15:44:06.972593595 +0000
+++ 0053-net-i40e-perform-basic-validation-on-VF-messages.patch	2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From cc0ed2f849e7ec14e0da69f716ce6ad784a1725a Mon Sep 17 00:00:00 2001
+From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001
 From: Haiyue Wang <haiyue.wang@intel.com>
 Date: Thu, 10 Jan 2019 20:07:31 +0800
 Subject: [PATCH] net/i40e: perform basic validation on VF messages
 
+[ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ]
+
 Do the VF message basic validation such as OPCODE message length check,
 some special OPCODE message format check, to protect the i40e PMD from
 malicious VF message attack.
 
 Fixes: 4861cde46116 ("i40e: new poll mode driver")
-Cc: stable@dpdk.org
 
 Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
 Acked-by: Qi Zhang <qi.z.zhang@intel.com>
@@ -17,16 +18,16 @@
  1 file changed, 25 insertions(+)
 
 diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c
-index 092e0d3e9..d6e83e340 100644
+index dd3962d38..1e2d1746f 100644
 --- a/drivers/net/i40e/i40e_pf.c
 +++ b/drivers/net/i40e/i40e_pf.c
-@@ -1296,4 +1296,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
+@@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
  	struct rte_pmd_i40e_mb_event_param ret_param;
  	bool b_op = TRUE;
 +	int ret;
  
  	if (vf_id > pf->vf_num - 1 || !pf->vfs) {
-@@ -1310,4 +1311,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
+@@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
  	}
  
 +	/* perform basic checks on the msg */

Re: [dpdk-stable] patch 'net/virtio: add barrier before reading the flags' has been queued to LTS release 18.11.1

[Kevin Traynor]

On 01/31/2019 03:48 PM, Kevin Traynor wrote:
> Hi,
> 
> FYI, your patch has been queued to LTS release 18.11.1
> 
> Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
> It will be pushed if I get no objections before 02/07/19. So please
> shout if anyone has objections.
> 
> Also note that after the patch there's a diff of the upstream commit vs the
> patch applied to the branch. This will indicate if there was any rebasing
> needed to apply to the stable branch. If there were code changes for rebasing
> (ie: not only metadata diffs), please double check that the rebase was
> correctly done.
> 

Note: packed case is not in 18.11, so just done for non-packed case

> Thanks.
> 
> Kevin Traynor
> 
> ---
> From 60b2f24165822233009a22a81e2bfa2d90650f12 Mon Sep 17 00:00:00 2001
> From: Ilya Maximets <i.maximets@samsung.com>
> Date: Wed, 9 Jan 2019 17:50:13 +0300
> Subject: [PATCH] net/virtio: add barrier before reading the flags
> 
> [ upstream commit d21d05c7a9c1c49ec927f961c4ab797a598af5ca ]
> 
> Reading the used->flags could be reordered with avail->idx update.
> vhost in kernel disables notifications for the time of packets
> receiving, like this:
> 
>     1. disable notify
>     2. process packets
>     3. enable notify
>     4. has more packets ? goto 1
> 
> In case of reordering, virtio driver could read the flags on
> step 2 while notifications disabled and update avail->idx after
> the step 4, i.e. vhost will exit the loop on step 4 with
> notifications enabled, but virtio will not notify.
> 
> Fixes: c1f86306a026 ("virtio: add new driver")
> 
> Reported-by: Shahaf Shuler <shahafs@mellanox.com>
> Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
> Acked-by: Michael S. Tsirkin <mst@redhat.com>
> ---
>  drivers/net/virtio/virtqueue.h | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/drivers/net/virtio/virtqueue.h b/drivers/net/virtio/virtqueue.h
> index 26518ed98..2e2abf15b 100644
> --- a/drivers/net/virtio/virtqueue.h
> +++ b/drivers/net/virtio/virtqueue.h
> @@ -337,4 +337,9 @@ static inline int
>  virtqueue_kick_prepare(struct virtqueue *vq)
>  {
> +	/*
> +	 * Ensure updated avail->idx is visible to vhost before reading
> +	 * the used->flags.
> +	 */
> +	virtio_mb();
>  	return !(vq->vq_ring.used->flags & VRING_USED_F_NO_NOTIFY);
>  }
>