pool/dpdk
SHA256
4
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Accepting request 825700 from network

Browse Source 
- update to v19.11.3:
    app/crypto-perf: fix display of sample test vector
    app/eventdev: check Tx adapter service ID
    app: fix usage help of options separated by dashes
    app/pipeline: fix build with gcc 10
    app: remove extra new line after link duplex
    app/testpmd: add parsing for QinQ VLAN headers
    app/testpmd: fix DCB set
    app/testpmd: fix memory failure handling for i40e DDP
    app/testpmd: fix PPPoE flow command
    app/testpmd: fix statistics after reset
    baseband/turbo_sw: fix exposed LLR decimals assumption
    bbdev: fix doxygen comments
    build: disable gcc 10 zero-length-bounds warning
    build: fix linker warnings with clang on Windows
    build: support MinGW-w64 with Meson
    buildtools: get static mlx dependencies for meson
    bus/fslmc: fix dereferencing null pointer
    bus/fslmc: fix size of qman fq descriptor
    bus/pci: fix devargs on probing again
    bus/pci: fix UIO resource access from secondary process
    bus/vmbus: fix comment spelling
    ci: fix telemetry dependency in Travis
    common/iavf: update copyright
    common/mlx5: fix build with -fno-common
    common/mlx5: fix build with rdma-core 21
    common/mlx5: fix netlink buffer allocation from stack
    common/mlx5: fix umem buffer alignment
    common/octeontx: fix gcc 9.1 ABI break
    common/qat: fix GEN3 marketing name

OBS-URL: https://build.opensuse.org/request/show/825700
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/dpdk?expand=0&rev=44
This commit is contained in:
Dominique Leuenberger 2020-08-12 08:35:38 +00:00 committed by Git OBS Bridge
commit 3e225bc710
10 changed files with 399 additions and 379 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
0001-vhost-check-log-mmap-offset-and-size-overflow.patch
View File

@ -1,49 +0,0 @@
From 342f6d57f417303b12f86d040b87f27448e4a0ae Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin@redhat.com>
Date: Tue, 21 Apr 2020 11:16:56 +0200
Subject: [PATCH 1/6] vhost: check log mmap offset and size overflow
vhost_user_set_log_base() is a message handler that is
called to handle the VHOST_USER_SET_LOG_BASE message.
Its payload contains a 64 bit size and offset. Both are
added up and used as a size when calling mmap().
There is no integer overflow check. If an integer overflow
occurs a smaller memory map would be created than
requested. Since the returned mapping is mapped as writable
and used for logging, a memory corruption could occur.
Fixes: fbc4d248b198 ("vhost: fix offset while mmaping log base address")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10722
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
---
lib/librte_vhost/vhost_user.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 40c4520c08..02962fcdbc 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -2059,10 +2059,10 @@ vhost_user_set_log_base(struct virtio_net **pdev, struct VhostUserMsg *msg,
size = msg->payload.log.mmap_size;
off = msg->payload.log.mmap_offset;
- /* Don't allow mmap_offset to point outside the mmap region */
- if (off > size) {
+ /* Check for mmap size and offset overflow. */
+ if (off >= -size) {
RTE_LOG(ERR, VHOST_CONFIG,
- "log offset %#"PRIx64" exceeds log size %#"PRIx64"\n",
+ "log offset %#"PRIx64" and log size %#"PRIx64" overflow\n",
off, size);
return RTE_VHOST_MSG_RESULT_ERR;
}
--
2.25.2

58
0002-vhost-fix-vring-index-check.patch
View File

@ -1,58 +0,0 @@
From 7e74c33644452051cc4193fd2516d97e1e4009e0 Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin@redhat.com>
Date: Tue, 21 Apr 2020 18:17:43 +0200
Subject: [PATCH 2/6] vhost: fix vring index check
vhost_user_check_and_alloc_queue_pair() is used to extract
a vring index from a payload. This function validates the
index and is called early on in when performing message
handling. Most message handlers depend on it correctly
validating the vring index.
Depending on the message type the vring index is in
different parts of the payload. The function contains a
switch/case for each type and copies the index. This is
stored in a uint16. This index is then validated. Depending
on the message, the source index is an unsigned int. If
integer truncation occurs (uint->uint16) the top 16 bits
of the index are never validated.
When they are used later on (e.g. in
vhost_user_set_vring_num() or vhost_user_set_vring_addr())
it can lead to out of bound indexing. The out of bound
indexed data gets written to, and hence this can cause
memory corruption.
This patch fixes this vulnerability by declaring vring
index as an unsigned int in
vhost_user_check_and_alloc_queue_pair().
Fixes: 160cbc815b41 ("vhost: remove a hack on queue allocation")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10723
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
---
lib/librte_vhost/vhost_user.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 02962fcdbc..d19614265b 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -2526,7 +2526,7 @@ static int
vhost_user_check_and_alloc_queue_pair(struct virtio_net *dev,
struct VhostUserMsg *msg)
{
- uint16_t vring_idx;
+ uint32_t vring_idx;
switch (msg->request.master) {
case VHOST_USER_SET_VRING_KICK:
--
2.25.2

77
0003-vhost-crypto-validate-keys-lengths.patch
View File

@ -1,77 +0,0 @@
From 5216718e4837d4dcc6020cd5f6d5d629222bad8c Mon Sep 17 00:00:00 2001
From: Maxime Coquelin <maxime.coquelin@redhat.com>
Date: Tue, 21 Apr 2020 19:10:09 +0200
Subject: [PATCH 3/6] vhost/crypto: validate keys lengths
transform_cipher_param() and transform_chain_param() handle
the payload data for the VHOST_USER_CRYPTO_CREATE_SESS
message. These payloads have to be validated, since it
could come from untrusted sources.
Two buffers and their lenghts are defined in this payload,
one the the auth key and one for the cipher key. But above
functions do not validate the key length inputs, which could
lead to read out of bounds, as buffers have static sizes of
64 bytes for the cipher key and 512 bytes for the auth key.
This patch adds necessary checks on the key length field
before being used.
Fixes: e80a98708166 ("vhost/crypto: add session message handler")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10724
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Maxime Coquelin <maxime.coquelin@redhat.com>
Reviewed-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
---
lib/librte_vhost/vhost_crypto.c | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c
index 68911972b6..07a4115482 100644
--- a/lib/librte_vhost/vhost_crypto.c
+++ b/lib/librte_vhost/vhost_crypto.c
@@ -237,6 +237,11 @@ transform_cipher_param(struct rte_crypto_sym_xform *xform,
if (unlikely(ret < 0))
return ret;
+ if (param->cipher_key_len > VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH) {
+ VC_LOG_DBG("Invalid cipher key length\n");
+ return -VIRTIO_CRYPTO_BADMSG;
+ }
+
xform->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
xform->cipher.key.length = param->cipher_key_len;
if (xform->cipher.key.length > 0)
@@ -287,6 +292,12 @@ transform_chain_param(struct rte_crypto_sym_xform *xforms,
&xform_cipher->cipher.algo);
if (unlikely(ret < 0))
return ret;
+
+ if (param->cipher_key_len > VHOST_USER_CRYPTO_MAX_CIPHER_KEY_LENGTH) {
+ VC_LOG_DBG("Invalid cipher key length\n");
+ return -VIRTIO_CRYPTO_BADMSG;
+ }
+
xform_cipher->type = RTE_CRYPTO_SYM_XFORM_CIPHER;
xform_cipher->cipher.key.length = param->cipher_key_len;
xform_cipher->cipher.key.data = param->cipher_key_buf;
@@ -301,6 +312,12 @@ transform_chain_param(struct rte_crypto_sym_xform *xforms,
ret = auth_algo_transform(param->hash_algo, &xform_auth->auth.algo);
if (unlikely(ret < 0))
return ret;
+
+ if (param->auth_key_len > VHOST_USER_CRYPTO_MAX_HMAC_KEY_LENGTH) {
+ VC_LOG_DBG("Invalid auth key length\n");
+ return -VIRTIO_CRYPTO_BADMSG;
+ }
+
xform_auth->auth.digest_length = param->digest_len;
xform_auth->auth.key.length = param->auth_key_len;
xform_auth->auth.key.data = param->auth_key_buf;
--
2.25.2

46
0004-vhost-fix-translated-address-not-checked.patch
View File

@ -1,46 +0,0 @@
From c74f5a29dbb505bb31bec932a9bd77325e2ceea6 Mon Sep 17 00:00:00 2001
From: Marvin Liu <yong.liu@intel.com>
Date: Wed, 8 Apr 2020 17:13:55 +0800
Subject: [PATCH 4/6] vhost: fix translated address not checked
Malicious guest can construct desc with invalid address and zero buffer
length. That will request vhost to check both translated address and
translated data length. This patch will add missed address check.
Fixes: 75ed51697820 ("vhost: add packed ring batch dequeue")
Fixes: ef861692c398 ("vhost: add packed ring batch enqueue")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10725
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/virtio_net.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c
index ac2842b2d2..33f10258cf 100644
--- a/lib/librte_vhost/virtio_net.c
+++ b/lib/librte_vhost/virtio_net.c
@@ -1086,6 +1086,8 @@ virtio_dev_rx_batch_packed(struct virtio_net *dev,
VHOST_ACCESS_RW);
vhost_for_each_try_unroll(i, 0, PACKED_BATCH_SIZE) {
+ if (unlikely(!desc_addrs[i]))
+ return -1;
if (unlikely(lens[i] != descs[avail_idx + i].len))
return -1;
}
@@ -1841,6 +1843,8 @@ vhost_reserve_avail_batch_packed(struct virtio_net *dev,
}
vhost_for_each_try_unroll(i, 0, PACKED_BATCH_SIZE) {
+ if (unlikely(!desc_addrs[i]))
+ return -1;
if (unlikely((lens[i] != descs[avail_idx + i].len)))
return -1;
}
--
2.25.2

52
0005-vhost-fix-potential-memory-space-leak.patch
View File

@ -1,52 +0,0 @@
From 9566391031723e854e818bb7d965e9e677784dc4 Mon Sep 17 00:00:00 2001
From: Xiaolong Ye <xiaolong.ye@intel.com>
Date: Wed, 8 Apr 2020 15:31:35 +0800
Subject: [PATCH 5/6] vhost: fix potential memory space leak
A malicious container which has direct access to the vhost-user socket
can keep sending VHOST_USER_GET_INFLIGHT_FD messages which may cause
leaking resources until resulting a DOS. Fix it by unmapping the
dev->inflight_info->addr before assigning new mapped addr to it.
Fixes: d87f1a1cb7b6 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10726
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/vhost_user.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index d19614265b..2a4ba205cf 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -1433,6 +1433,11 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev,
}
memset(addr, 0, mmap_size);
+ if (dev->inflight_info->addr) {
+ munmap(dev->inflight_info->addr, dev->inflight_info->size);
+ dev->inflight_info->addr = NULL;
+ }
+
dev->inflight_info->addr = addr;
dev->inflight_info->size = msg->payload.inflight.mmap_size = mmap_size;
dev->inflight_info->fd = msg->fds[0] = fd;
@@ -1517,8 +1522,10 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg,
}
}
- if (dev->inflight_info->addr)
+ if (dev->inflight_info->addr) {
munmap(dev->inflight_info->addr, dev->inflight_info->size);
+ dev->inflight_info->addr = NULL;
+ }
addr = mmap(0, mmap_size, PROT_READ | PROT_WRITE, MAP_SHARED,
fd, mmap_offset);
--
2.25.2

80
0006-vhost-fix-potential-fd-leak.patch
View File

@ -1,80 +0,0 @@
From 1cb6dbef9c15e739da9b253c53b558e93906c6c5 Mon Sep 17 00:00:00 2001
From: Xuan Ding <xuan.ding@intel.com>
Date: Wed, 8 Apr 2020 10:19:51 +0000
Subject: [PATCH 6/6] vhost: fix potential fd leak
Vhost will create temporary file when receiving VHOST_USER_GET_INFLIGHT_FD
message. Malicious guest can send endless this message to drain out the
resource of host.
When receiving VHOST_USER_GET_INFLIGHT_FD message repeatedly, closing the
file created during the last handling of this message.
Fixes: d87f1a1cb7b666550 ("vhost: support inflight info sharing")
Cc: stable@dpdk.org
This issue has been assigned CVE-2020-10726
Signed-off-by: Xuan Ding <xuan.ding@intel.com>
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
---
lib/librte_vhost/vhost_user.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c
index 2a4ba205cf..8954f7930e 100644
--- a/lib/librte_vhost/vhost_user.c
+++ b/lib/librte_vhost/vhost_user.c
@@ -206,7 +206,7 @@ vhost_backend_cleanup(struct virtio_net *dev)
dev->inflight_info->addr = NULL;
}
- if (dev->inflight_info->fd > 0) {
+ if (dev->inflight_info->fd >= 0) {
close(dev->inflight_info->fd);
dev->inflight_info->fd = -1;
}
@@ -1408,6 +1408,7 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev,
"failed to alloc dev inflight area\n");
return RTE_VHOST_MSG_RESULT_ERR;
}
+ dev->inflight_info->fd = -1;
}
num_queues = msg->payload.inflight.num_queues;
@@ -1438,6 +1439,11 @@ vhost_user_get_inflight_fd(struct virtio_net **pdev,
dev->inflight_info->addr = NULL;
}
+ if (dev->inflight_info->fd >= 0) {
+ close(dev->inflight_info->fd);
+ dev->inflight_info->fd = -1;
+ }
+
dev->inflight_info->addr = addr;
dev->inflight_info->size = msg->payload.inflight.mmap_size = mmap_size;
dev->inflight_info->fd = msg->fds[0] = fd;
@@ -1520,6 +1526,7 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg,
"failed to alloc dev inflight area\n");
return RTE_VHOST_MSG_RESULT_ERR;
}
+ dev->inflight_info->fd = -1;
}
if (dev->inflight_info->addr) {
@@ -1534,8 +1541,10 @@ vhost_user_set_inflight_fd(struct virtio_net **pdev, VhostUserMsg *msg,
return RTE_VHOST_MSG_RESULT_ERR;
}
- if (dev->inflight_info->fd)
+ if (dev->inflight_info->fd >= 0) {
close(dev->inflight_info->fd);
+ dev->inflight_info->fd = -1;
+ }
dev->inflight_info->fd = fd;
dev->inflight_info->addr = addr;
--
2.25.2

3
dpdk-19.11.1.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:4d7f8e854d00f67297e8d22ae358d64528e9ad4b7c9a9b886453026b07f52e6e
size 12396260

3
dpdk-19.11.3.tar.xz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c0114e0293428d25a492b352236ebd8829fbee328ca63d799dfc272a0f63134d
size 12416036

393
dpdk.changes
View File

@ -1,3 +1,395 @@
-------------------------------------------------------------------
Tue Aug 11 06:56:10 UTC 2020 - Dirk Mueller <dmueller@suse.com>
- update to v19.11.3:
app/crypto-perf: fix display of sample test vector
app/eventdev: check Tx adapter service ID
app: fix usage help of options separated by dashes
app/pipeline: fix build with gcc 10
app: remove extra new line after link duplex
app/testpmd: add parsing for QinQ VLAN headers
app/testpmd: fix DCB set
app/testpmd: fix memory failure handling for i40e DDP
app/testpmd: fix PPPoE flow command
app/testpmd: fix statistics after reset
baseband/turbo_sw: fix exposed LLR decimals assumption
bbdev: fix doxygen comments
build: disable gcc 10 zero-length-bounds warning
build: fix linker warnings with clang on Windows
build: support MinGW-w64 with Meson
buildtools: get static mlx dependencies for meson
bus/fslmc: fix dereferencing null pointer
bus/fslmc: fix size of qman fq descriptor
bus/pci: fix devargs on probing again
bus/pci: fix UIO resource access from secondary process
bus/vmbus: fix comment spelling
ci: fix telemetry dependency in Travis
common/iavf: update copyright
common/mlx5: fix build with -fno-common
common/mlx5: fix build with rdma-core 21
common/mlx5: fix netlink buffer allocation from stack
common/mlx5: fix umem buffer alignment
common/octeontx: fix gcc 9.1 ABI break
common/qat: fix GEN3 marketing name
contigmem: cleanup properly when load fails
crypto/caam_jr: fix check of file descriptors
crypto/caam_jr: fix IRQ functions return type
crypto/ccp: fix fd leak on probe failure
cryptodev: add asymmetric session-less feature name
cryptodev: fix missing device id range checking
cryptodev: fix SHA-1 digest enum comment
crypto/kasumi: fix extern declaration
crypto/nitrox: fix CSR register address generation
crypto/nitrox: fix oversized device name
crypto/octeontx2: fix build with gcc 10
crypto/openssl: fix out-of-place encryption
crypto/qat: fix cipher descriptor for ZUC and SNOW
crypto/qat: support plain SHA1..SHA512 hashes
devtools: fix symbol map change check
doc: add i40e limitation for flow director
doc: add NASM installation steps
doc: fix API index
doc: fix build issue in ABI guide
doc: fix build with doxygen 1.8.18
doc: fix default symbol binding in ABI guide
doc: fix log level example in Linux guide
doc: fix LTO config option
doc: fix matrix CSS for recent sphinx
doc: fix multicast filter feature announcement
doc: fix number of failsafe sub-devices
doc: fix reference in ABI guide
doc: fix sphinx compatibility
doc: fix typo in contributors guide
doc: fix typo in contributors guide
doc: fix typos in ABI policy
doc: prefer https when pointing to dpdk.org
drivers: add crypto as dependency for event drivers
drivers/crypto: disable gcc 10 no-common errors
drivers/crypto: fix build with make 4.3
drivers/crypto: fix log type variables for -fno-common
drivers: fix log type variables for -fno-common
eal/arm64: fix precise TSC
eal: fix C++17 compilation
eal: fix comments spelling
eal: fix log message print for regex
eal: fix PRNG init with HPET enabled
eal: fix typo in endian conversion macros
eal/freebsd: fix queuing duplicate alarm callbacks
eal/ppc: fix bool type after altivec include
eal/ppc: fix build with gcc 9.3
eal/x86: ignore gcc 10 stringop-overflow warnings
ethdev: fix build when vtune profiling is on
ethdev: fix spelling
eventdev: fix probe and remove for secondary process
event/dsw: avoid reusing previously recorded events
event/dsw: fix enqueue burst return value
event/dsw: remove redundant control ring poll
event/dsw: remove unnecessary read barrier
event/octeontx2: fix build for O1 optimization
event/octeontx2: fix queue removal from Rx adapter
examples/eventdev: fix build with gcc 10
examples/eventdev: fix crash on exit
examples/fips_validation: fix parsing of algorithms
examples/ip_pipeline: remove check of null response
examples/ipsec-gw: fix gcc 10 maybe-uninitialized warning
examples/kni: fix crash during MTU set
examples/kni: fix MTU change to setup Tx queue
examples/l2fwd-keepalive: fix mbuf pool size
examples/qos_sched: fix build with gcc 10
examples: remove extra new line after link duplex
examples/vhost_blk: fix build with gcc 10
examples/vmdq: fix output of pools/queues
examples/vmdq: fix RSS configuration
examples/vm_power: drop Unix path limit redefinition
examples/vm_power: fix build with -fno-common
fib: fix headers for C++ support
fix same typo in multiple places
fix various typos found by Lintian
ipsec: check SAD lookup error
ipsec: fix build dependency on hash lib
kvargs: fix buffer overflow when parsing list
kvargs: fix invalid token parsing on FreeBSD
kvargs: fix strcmp helper documentation
log: fix level picked with globbing on type register
lpm6: fix comments spelling
lpm6: fix size of tbl8 group
mem: fix overflow on allocation
mem: mark pages as not accessed when freeing memory
mem: mark pages as not accessed when reserving VA
mempool/dpaa2: install missing header with meson
mempool/octeontx2: fix build for gcc O1 optimization
mempool: remove inline functions from export list
mem: preallocate VA space in no-huge mode
mk: fix static linkage of mlx dependency
net/avp: fix gcc 10 maybe-uninitialized warning
net/bnxt: do not use PMD log type
net/bnxt: fix error log for command timeout
net/bnxt: fix FW version query
net/bnxt: fix HWRM command during FW reset
net/bnxt: fix max ring count
net/bnxt: fix memory leak during queue restart
net/bnxt: fix number of TQM ring
net/bnxt: fix port start failure handling
net/bnxt: fix possible stack smashing
net/bnxt: fix Rx ring producer index
net/bnxt: fix storing MAC address twice
net/bnxt: fix TQM ring context memory size
net/bnxt: fix using RSS config struct
net/bnxt: fix VLAN add when port is stopped
net/bnxt: fix VNIC Rx queue count on VNIC free
net/bnxt: use true/false for bool types
net/dpaa2: fix 10G port negotiation
net/dpaa2: fix congestion ID for multiple traffic classes
net/dpaa: use dynamic log type
net/e1000: fix port hotplug for multi-process
net/ena/base: fix documentation of functions
net/ena/base: fix indentation in CQ polling
net/ena/base: fix indentation of multiple defines
net/ena/base: fix testing for supported hash function
net/ena/base: make allocation macros thread-safe
net/ena/base: prevent allocation of zero sized memory
net/ena: fix build for O1 optimization
net/ena: set IO ring size to valid value
net/enetc: fix Rx lock-up
net/enic: fix flow action reordering
net/failsafe: fix fd leak
net/hinic: allocate IO memory with socket id
net/hinic/base: fix PF firmware hot-active problem
net/hinic/base: fix port start during FW hot update
net/hinic: fix LRO
net/hinic: fix queues resource free
net/hinic: fix repeating cable log and length check
net/hinic: fix snprintf length of cable info
net/hinic: fix TSO
net/hinic: fix Tx mbuf length while copying
net/hns3: add free threshold in Rx
net/hns3: add RSS hash offload to capabilities
net/hns3: clear residual flow rules on init
net/hns3: fix configuring illegal VLAN PVID
net/hns3: fix configuring RSS hash when rules are flushed
net/hns3: fix crash when flushing RSS flow rules with FLR
net/hns3: fix default error code of command interface
net/hns3: fix default VLAN filter configuration for PF
net/hns3: fix mailbox opcode data type
net/hns3: fix MSI-X interrupt during initialization
net/hns3: fix packets offload features flags in Rx
net/hns3: fix promiscuous mode for PF
net/hns3: fix return value of setting VLAN offload
net/hns3: fix return value when clearing statistics
net/hns3: fix RSS indirection table configuration
net/hns3: fix RSS key length
net/hns3: fix Rx interrupt after reset
net/hns3: fix status after repeated resets
net/hns3: fix Tx interrupt when enabling Rx interrupt
net/hns3: fix VLAN filter when setting promisucous mode
net/hns3: fix VLAN PVID when configuring device
net/hns3: reduce judgements of free Tx ring space
net/hns3: remove one IO barrier in Rx
net/hns3: remove unnecessary assignments in Tx
net/hns3: replace memory barrier with data dependency order
net/hns3: support different numbers of Rx and Tx queues
net/hns3: support Rx interrupt
net/i40e/base: update copyright
net/i40e: fix flow director enabling
net/i40e: fix flow director for ARP packets
net/i40e: fix flow director initialisation
net/i40e: fix flush of flow director filter
net/i40e: fix queue region in RSS flow
net/i40e: fix queue related exception handling
net/i40e: fix setting L2TAG
net/i40e: fix wild pointer
net/i40e: fix X722 performance
net/i40e: relax barrier in Tx
net/i40e: relax barrier in Tx for NEON
net/iavf: fix link speed
net/iavf: fix setting L2TAG
net/iavf: fix stats query error code
net/ice: add action number check for switch
net/ice/base: check memory pointer before copying
net/ice/base: fix binary order for GTPU filter
net/ice/base: fix MAC write command
net/ice/base: fix uninitialized stack variables
net/ice/base: minor fixes
net/ice/base: read PSM clock frequency from register
net/ice/base: remove unused code in switch rule
net/ice/base: update copyright
net/ice: change default tunnel type
net/ice: fix crash in switch filter
net/ice: fix hash flow crash
net/ice: fix input set of VLAN item
net/ice: fix RSS advanced rule
net/ice: fix RSS for GTPU
net/ice: fix setting L2TAG
net/ice: fix variable initialization
net/ice: remove bulk alloc option
net/ice: remove unnecessary variable
net/ice: support mark only action for flow director
net/ipn3ke: use control thread to check link status
net/ixgbe/base: update copyright
net/ixgbe: check driver type in MACsec API
net/ixgbe: fix link state timing on fiber ports
net/ixgbe: fix link status after port reset
net/ixgbe: fix link status inconsistencies
net/ixgbe: fix link status synchronization on BSD
net/ixgbe: fix resource leak after thread exits normally
net/ixgbe: fix statistics in flow control mode
net/memif: fix init when already connected
net/memif: fix resource leak
net/mlx4: fix build with -fno-common
net/mlx4: fix drop queue error handling
net/mlx5: add device parameter for MPRQ stride size
net/mlx5: add multi-segment packets in MPRQ mode
net/mlx5: enable MPRQ multi-stride operations
net/mlx5: fix actions validation on root table
net/mlx5: fix assert in doorbell lookup
net/mlx5: fix assert in dynamic metadata handling
net/mlx5: fix assert in modify converting
net/mlx5: fix build with separate glue lib for dlopen
net/mlx5: fix call to modify action without init item
net/mlx5: fix counter container usage
net/mlx5: fix crash when releasing meter table
net/mlx5: fix CVLAN tag set in IP item translation
net/mlx5: fix doorbell bitmap management offsets
net/mlx5: fix gcc 10 enum-conversion warning
net/mlx5: fix header modify action validation
net/mlx5: fix imissed counter overflow
net/mlx5: fix jump table leak
net/mlx5: fix mask used for IPv6 item validation
net/mlx5: fix matching for UDP tunnels with Verbs
net/mlx5: fix match on empty VLAN item in DV mode
net/mlx5: fix metadata for compressed Rx CQEs
net/mlx5: fix meter color register consideration
net/mlx5: fix meter suffix table leak
net/mlx5: fix packet length assert in MPRQ
net/mlx5: fix push VLAN action to use item info
net/mlx5: fix RSS enablement
net/mlx5: fix RSS key copy to TIR context
net/mlx5: fix Tx queue release debug log timing
net/mlx5: fix validation of push VLAN without full mask
net/mlx5: fix validation of VXLAN/VXLAN-GPE specs
net/mlx5: fix VLAN flow action with wildcard VLAN item
net/mlx5: fix VLAN ID check
net/mlx5: fix VLAN PCP item calculation
net/mlx5: fix zero metadata action
net/mlx5: fix zero value validation for metadata
net/mlx5: improve logging of MPRQ selection
net/mlx5: reduce Tx completion index memory loads
net/mlx5: set dynamic flow metadata in Rx queues
net/mlx5: update VLAN and encap actions validation
net/mlx5: use open/read/close for ib stats query
net/mvneta: do not use PMD log type
net/mvpp2: fix build with gcc 10
net/netvsc: avoid possible live lock
net/netvsc: do not configure RSS if disabled
net/netvsc: do RSS across Rx queue only
net/netvsc: fix comment spelling
net/netvsc: fix memory free on device close
net/netvsc: handle Rx packets during multi-channel setup
net/netvsc: handle Tx completions based on burst size
net/netvsc: propagate descriptor limits from VF
net/netvsc: remove process event optimization
net/netvsc: split send buffers from Tx descriptors
net/nfp: fix dangling pointer on probe failure
net/nfp: fix log format specifiers
net/null: fix secondary burst function selection
net/null: remove redundant check
net/octeontx2: disable unnecessary error interrupts
net/octeontx2: enable error and RAS interrupt in configure
net/octeontx2: fix buffer size assignment
net/octeontx2: fix device configuration sequence
net/octeontx2: fix link information for loopback port
net/octeontx: fix dangling pointer on init failure
net/octeontx: fix meson build for disabled drivers
net/pfe: do not use PMD log type
net/pfe: fix double free of MAC address
net/qede: fix link state configuration
net/qede: fix port reconfiguration
net/ring: fix device pointer on allocation
net/sfc/base: fix build when EVB is enabled
net/sfc/base: fix manual filter delete in EF10
net/sfc/base: handle manual and auto filter clashes in EF10
net/sfc/base: reduce filter priorities to implemented only
net/sfc/base: refactor filter lookup loop in EF10
net/sfc/base: reject automatic filter creation by users
net/sfc/base: use simpler EF10 family conditional check
net/sfc/base: use simpler EF10 family run-time checks
net/sfc: fix initialization error path
net/sfc: fix promiscuous and allmulticast toggles errors
net/sfc: fix reported promiscuous/multicast mode
net/sfc: fix Rx queue start failure path
net/sfc: set priority of created filters to manual
net/softnic: fix memory leak for thread
net/softnic: fix resource leak for pipeline
net/tap: do not use PMD log type
net/tap: fix check for mbuf number of segment
net/tap: fix crash in flow destroy
net/tap: fix fd leak on creation failure
net/tap: fix file close on remove
net/tap: fix mbuf and mem leak during queue release
net/tap: fix mbuf double free when writev fails
net/tap: fix queues fd check before close
net/tap: fix unexpected link handler
net/tap: remove unused assert
net/thunderx: use dynamic log type
net/vhost: fix potential memory leak on close
net/virtio: do not use PMD log type
net/virtio: fix crash when device reconnecting
net/virtio: fix outdated comment
net/virtio: fix unexpected event after reconnect
net/virtio-user: fix devargs parsing
net/vmxnet3: fix RSS setting on v4
net/vmxnet3: handle bad host framing
pci: accept 32-bit domain numbers
pci: fix build on FreeBSD
pci: fix build on ppc
pci: reject negative values in PCI id
pci: remove unneeded includes in public header file
remove references to private PCI probe function
Revert “common/qat: fix GEN3 marketing name”
Revert “net/bnxt: fix number of TQM ring”
Revert “net/bnxt: fix TQM ring context memory size”
security: fix crash at accessing non-implemented ops
security: fix return types in documentation
security: fix session counter
security: fix verification of parameters
service: fix crash on exit
service: fix identification of service running on other lcore
service: fix race condition for MT unsafe service
service: remove rte prefix from static functions
telemetry: fix port stats retrieval
test/crypto: fix flag check
test/crypto: fix statistics case
test: fix build with gcc 10
test/flow_classify: enable multi-sockets system
test/ipsec: fix crash in session destroy
test/kvargs: fix invalid cases check
test/kvargs: fix to consider empty elements as valid
test: load drivers when required
test: remove redundant macro
test: skip some subtests in no-huge mode
timer: protect initialization with lock
usertools: check for pci.ids in /usr/share/misc
vfio: fix race condition with sysfs
vfio: fix use after free with multiprocess
vhost/crypto: add missing user protocol flag
vhost: fix packed ring zero-copy
vhost: fix peer close check
vhost: fix shadowed descriptors not flushed
vhost: fix shadow update
vhost: fix zero-copy server mode
vhost: handle mbuf allocation failure
vhost: make IOTLB cache name unique among processes
vhost: prevent zero-copy with incompatible client mode
vhost: remove unused variable
- remove the security backport patches as they're already included
upstream:
* 0001-vhost-check-log-mmap-offset-and-size-overflow.patch
* 0002-vhost-fix-vring-index-check.patch
* 0003-vhost-crypto-validate-keys-lengths.patch
* 0004-vhost-fix-translated-address-not-checked.patch
* 0005-vhost-fix-potential-memory-space-leak.patch
* 0006-vhost-fix-potential-fd-leak.patch
-------------------------------------------------------------------
Tue May 19 11:41:34 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
@ -13,7 +405,6 @@ Tue May 19 11:41:34 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>
* 0005-vhost-fix-potential-memory-space-leak.patch
* 0006-vhost-fix-potential-fd-leak.patch
-------------------------------------------------------------------
Wed Apr 29 11:45:24 UTC 2020 - Jaime Caamaño Ruiz <jcaamano@suse.com>

17
dpdk.spec
View File

@ -53,7 +53,7 @@
# Add option to build without tools
%bcond_without tools
Name: dpdk%{name_tag}
Version: 19.11.1
Version: 19.11.3
Release: 0
Summary: Set of libraries and drivers for fast packet processing
License: BSD-3-Clause AND GPL-2.0-only AND LGPL-2.1-only
@ -62,12 +62,6 @@ URL: http://dpdk.org
Source: http://fast.dpdk.org/rel/dpdk-%{version}.tar.xz
Source1: preamble
Patch1: 0001-fix-cpu-compatibility.patch
Patch2: 0001-vhost-check-log-mmap-offset-and-size-overflow.patch
Patch3: 0002-vhost-fix-vring-index-check.patch
Patch4: 0003-vhost-crypto-validate-keys-lengths.patch
Patch5: 0004-vhost-fix-translated-address-not-checked.patch
Patch6: 0005-vhost-fix-potential-memory-space-leak.patch
Patch7: 0006-vhost-fix-potential-fd-leak.patch
BuildRequires: doxygen
BuildRequires: fdupes
BuildRequires: libelf-devel
@ -165,12 +159,6 @@ The DPDK Kernel NIC Interface (KNI) allows userspace applications access to the
# can't use %{name} because of dpdk-thunderx
%setup -q -n dpdk-stable-%{version}
%patch1 -p1 -z .init
%patch2 -p1 -z .init
%patch3 -p1 -z .init
%patch4 -p1 -z .init
%patch5 -p1 -z .init
%patch6 -p1 -z .init
%patch7 -p1 -z .init
# This fixes CROSS compilation (broken) in the mk file for ThunderX
sed -i '/^CROSS /s/^/#/' mk/machine/thunderx/rte.vars.mk
@ -179,6 +167,9 @@ sed -i '/^CROSS /s/^/#/' mk/machine/thunderx/rte.vars.mk
[ "$(cat ABI_VERSION)" = "%{maj}.%{min}" ] || exit 1
%build
cp mk/machine/armv8a/rte.vars.mk mk/machine/thunderx
# set up a method for modifying the resulting .config file
function setconf() {
if grep -q ^$1= $3/.config; then