| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Update to 19.11.4. For a list of fixes check: https://doc.dpdk.org/guides-19.11/rel_notes/release_19_11.html#id8 - Add patches to fix vulnerability where malicious guest can harm the host using vhost crypto, this includes executing code in host (VM Escape), reading host application memory space to guest and causing partially denial of service in the host (CVE-2020-14374,CVE-2020-14375,CVE-2020-14376, CVE-2020-14377,CVE-2020-14378bsc#1176590). * 0001-vhost-crypto-fix-pool-allocation.patch * 0002-vhost-crypto-fix-incorrect-descriptor-deduction.patch * 0003-vhost-crypto-fix-missed-request-check-for-copy-mode.patch * 0004-vhost-crypto-fix-incorrect-write-back-source.patch * 0005-vhost-crypto-fix-data-length-check.patch * 0006-vhost-crypto-fix-possible-TOCTOU-attack.patch
- update to v19.11.3:
app/crypto-perf: fix display of sample test vector
app/eventdev: check Tx adapter service ID
app: fix usage help of options separated by dashes
app/pipeline: fix build with gcc 10
app: remove extra new line after link duplex
app/testpmd: add parsing for QinQ VLAN headers
app/testpmd: fix DCB set
app/testpmd: fix memory failure handling for i40e DDP
app/testpmd: fix PPPoE flow command
app/testpmd: fix statistics after reset
baseband/turbo_sw: fix exposed LLR decimals assumption
bbdev: fix doxygen comments
build: disable gcc 10 zero-length-bounds warning
build: fix linker warnings with clang on Windows
build: support MinGW-w64 with Meson
buildtools: get static mlx dependencies for meson
bus/fslmc: fix dereferencing null pointer
bus/fslmc: fix size of qman fq descriptor
bus/pci: fix devargs on probing again
bus/pci: fix UIO resource access from secondary process
bus/vmbus: fix comment spelling
ci: fix telemetry dependency in Travis
common/iavf: update copyright
common/mlx5: fix build with -fno-common
common/mlx5: fix build with rdma-core 21
common/mlx5: fix netlink buffer allocation from stack
common/mlx5: fix umem buffer alignment
common/octeontx: fix gcc 9.1 ABI break
common/qat: fix GEN3 marketing name
contigmem: cleanup properly when load fails
crypto/caam_jr: fix check of file descriptors
crypto/caam_jr: fix IRQ functions return type
crypto/ccp: fix fd leak on probe failure
cryptodev: add asymmetric session-less feature name
cryptodev: fix missing device id range checking
cryptodev: fix SHA-1 digest enum comment
crypto/kasumi: fix extern declaration
crypto/nitrox: fix CSR register address generation
crypto/nitrox: fix oversized device name
crypto/octeontx2: fix build with gcc 10
crypto/openssl: fix out-of-place encryption
crypto/qat: fix cipher descriptor for ZUC and SNOW
crypto/qat: support plain SHA1..SHA512 hashes
devtools: fix symbol map change check
doc: add i40e limitation for flow director
doc: add NASM installation steps
doc: fix API index
doc: fix build issue in ABI guide
doc: fix build with doxygen 1.8.18
doc: fix default symbol binding in ABI guide
doc: fix log level example in Linux guide
doc: fix LTO config option
doc: fix matrix CSS for recent sphinx
doc: fix multicast filter feature announcement
doc: fix number of failsafe sub-devices
doc: fix reference in ABI guide
doc: fix sphinx compatibility
doc: fix typo in contributors guide
doc: fix typo in contributors guide
doc: fix typos in ABI policy
doc: prefer https when pointing to dpdk.org
drivers: add crypto as dependency for event drivers
drivers/crypto: disable gcc 10 no-common errors
drivers/crypto: fix build with make 4.3
drivers/crypto: fix log type variables for -fno-common
drivers: fix log type variables for -fno-common
eal/arm64: fix precise TSC
eal: fix C++17 compilation
eal: fix comments spelling
eal: fix log message print for regex
eal: fix PRNG init with HPET enabled
eal: fix typo in endian conversion macros
eal/freebsd: fix queuing duplicate alarm callbacks
eal/ppc: fix bool type after altivec include
eal/ppc: fix build with gcc 9.3
eal/x86: ignore gcc 10 stringop-overflow warnings
ethdev: fix build when vtune profiling is on
ethdev: fix spelling
eventdev: fix probe and remove for secondary process
event/dsw: avoid reusing previously recorded events
event/dsw: fix enqueue burst return value
event/dsw: remove redundant control ring poll
event/dsw: remove unnecessary read barrier
event/octeontx2: fix build for O1 optimization
event/octeontx2: fix queue removal from Rx adapter
examples/eventdev: fix build with gcc 10
examples/eventdev: fix crash on exit
examples/fips_validation: fix parsing of algorithms
examples/ip_pipeline: remove check of null response
examples/ipsec-gw: fix gcc 10 maybe-uninitialized warning
examples/kni: fix crash during MTU set
examples/kni: fix MTU change to setup Tx queue
examples/l2fwd-keepalive: fix mbuf pool size
examples/qos_sched: fix build with gcc 10
examples: remove extra new line after link duplex
examples/vhost_blk: fix build with gcc 10
examples/vmdq: fix output of pools/queues
examples/vmdq: fix RSS configuration
examples/vm_power: drop Unix path limit redefinition
examples/vm_power: fix build with -fno-common
fib: fix headers for C++ support
fix same typo in multiple places
fix various typos found by Lintian
ipsec: check SAD lookup error
ipsec: fix build dependency on hash lib
kvargs: fix buffer overflow when parsing list
kvargs: fix invalid token parsing on FreeBSD
kvargs: fix strcmp helper documentation
log: fix level picked with globbing on type register
lpm6: fix comments spelling
lpm6: fix size of tbl8 group
mem: fix overflow on allocation
mem: mark pages as not accessed when freeing memory
mem: mark pages as not accessed when reserving VA
mempool/dpaa2: install missing header with meson
mempool/octeontx2: fix build for gcc O1 optimization
mempool: remove inline functions from export list
mem: preallocate VA space in no-huge mode
mk: fix static linkage of mlx dependency
net/avp: fix gcc 10 maybe-uninitialized warning
net/bnxt: do not use PMD log type
net/bnxt: fix error log for command timeout
net/bnxt: fix FW version query
net/bnxt: fix HWRM command during FW reset
net/bnxt: fix max ring count
net/bnxt: fix memory leak during queue restart
net/bnxt: fix number of TQM ring
net/bnxt: fix port start failure handling
net/bnxt: fix possible stack smashing
net/bnxt: fix Rx ring producer index
net/bnxt: fix storing MAC address twice
net/bnxt: fix TQM ring context memory size
net/bnxt: fix using RSS config struct
net/bnxt: fix VLAN add when port is stopped
net/bnxt: fix VNIC Rx queue count on VNIC free
net/bnxt: use true/false for bool types
net/dpaa2: fix 10G port negotiation
net/dpaa2: fix congestion ID for multiple traffic classes
net/dpaa: use dynamic log type
net/e1000: fix port hotplug for multi-process
net/ena/base: fix documentation of functions
net/ena/base: fix indentation in CQ polling
net/ena/base: fix indentation of multiple defines
net/ena/base: fix testing for supported hash function
net/ena/base: make allocation macros thread-safe
net/ena/base: prevent allocation of zero sized memory
net/ena: fix build for O1 optimization
net/ena: set IO ring size to valid value
net/enetc: fix Rx lock-up
net/enic: fix flow action reordering
net/failsafe: fix fd leak
net/hinic: allocate IO memory with socket id
net/hinic/base: fix PF firmware hot-active problem
net/hinic/base: fix port start during FW hot update
net/hinic: fix LRO
net/hinic: fix queues resource free
net/hinic: fix repeating cable log and length check
net/hinic: fix snprintf length of cable info
net/hinic: fix TSO
net/hinic: fix Tx mbuf length while copying
net/hns3: add free threshold in Rx
net/hns3: add RSS hash offload to capabilities
net/hns3: clear residual flow rules on init
net/hns3: fix configuring illegal VLAN PVID
net/hns3: fix configuring RSS hash when rules are flushed
net/hns3: fix crash when flushing RSS flow rules with FLR
net/hns3: fix default error code of command interface
net/hns3: fix default VLAN filter configuration for PF
net/hns3: fix mailbox opcode data type
net/hns3: fix MSI-X interrupt during initialization
net/hns3: fix packets offload features flags in Rx
net/hns3: fix promiscuous mode for PF
net/hns3: fix return value of setting VLAN offload
net/hns3: fix return value when clearing statistics
net/hns3: fix RSS indirection table configuration
net/hns3: fix RSS key length
net/hns3: fix Rx interrupt after reset
net/hns3: fix status after repeated resets
net/hns3: fix Tx interrupt when enabling Rx interrupt
net/hns3: fix VLAN filter when setting promisucous mode
net/hns3: fix VLAN PVID when configuring device
net/hns3: reduce judgements of free Tx ring space
net/hns3: remove one IO barrier in Rx
net/hns3: remove unnecessary assignments in Tx
net/hns3: replace memory barrier with data dependency order
net/hns3: support different numbers of Rx and Tx queues
net/hns3: support Rx interrupt
net/i40e/base: update copyright
net/i40e: fix flow director enabling
net/i40e: fix flow director for ARP packets
net/i40e: fix flow director initialisation
net/i40e: fix flush of flow director filter
net/i40e: fix queue region in RSS flow
net/i40e: fix queue related exception handling
net/i40e: fix setting L2TAG
net/i40e: fix wild pointer
net/i40e: fix X722 performance
net/i40e: relax barrier in Tx
net/i40e: relax barrier in Tx for NEON
net/iavf: fix link speed
net/iavf: fix setting L2TAG
net/iavf: fix stats query error code
net/ice: add action number check for switch
net/ice/base: check memory pointer before copying
net/ice/base: fix binary order for GTPU filter
net/ice/base: fix MAC write command
net/ice/base: fix uninitialized stack variables
net/ice/base: minor fixes
net/ice/base: read PSM clock frequency from register
net/ice/base: remove unused code in switch rule
net/ice/base: update copyright
net/ice: change default tunnel type
net/ice: fix crash in switch filter
net/ice: fix hash flow crash
net/ice: fix input set of VLAN item
net/ice: fix RSS advanced rule
net/ice: fix RSS for GTPU
net/ice: fix setting L2TAG
net/ice: fix variable initialization
net/ice: remove bulk alloc option
net/ice: remove unnecessary variable
net/ice: support mark only action for flow director
net/ipn3ke: use control thread to check link status
net/ixgbe/base: update copyright
net/ixgbe: check driver type in MACsec API
net/ixgbe: fix link state timing on fiber ports
net/ixgbe: fix link status after port reset
net/ixgbe: fix link status inconsistencies
net/ixgbe: fix link status synchronization on BSD
net/ixgbe: fix resource leak after thread exits normally
net/ixgbe: fix statistics in flow control mode
net/memif: fix init when already connected
net/memif: fix resource leak
net/mlx4: fix build with -fno-common
net/mlx4: fix drop queue error handling
net/mlx5: add device parameter for MPRQ stride size
net/mlx5: add multi-segment packets in MPRQ mode
net/mlx5: enable MPRQ multi-stride operations
net/mlx5: fix actions validation on root table
net/mlx5: fix assert in doorbell lookup
net/mlx5: fix assert in dynamic metadata handling
net/mlx5: fix assert in modify converting
net/mlx5: fix build with separate glue lib for dlopen
net/mlx5: fix call to modify action without init item
net/mlx5: fix counter container usage
net/mlx5: fix crash when releasing meter table
net/mlx5: fix CVLAN tag set in IP item translation
net/mlx5: fix doorbell bitmap management offsets
net/mlx5: fix gcc 10 enum-conversion warning
net/mlx5: fix header modify action validation
net/mlx5: fix imissed counter overflow
net/mlx5: fix jump table leak
net/mlx5: fix mask used for IPv6 item validation
net/mlx5: fix matching for UDP tunnels with Verbs
net/mlx5: fix match on empty VLAN item in DV mode
net/mlx5: fix metadata for compressed Rx CQEs
net/mlx5: fix meter color register consideration
net/mlx5: fix meter suffix table leak
net/mlx5: fix packet length assert in MPRQ
net/mlx5: fix push VLAN action to use item info
net/mlx5: fix RSS enablement
net/mlx5: fix RSS key copy to TIR context
net/mlx5: fix Tx queue release debug log timing
net/mlx5: fix validation of push VLAN without full mask
net/mlx5: fix validation of VXLAN/VXLAN-GPE specs
net/mlx5: fix VLAN flow action with wildcard VLAN item
net/mlx5: fix VLAN ID check
net/mlx5: fix VLAN PCP item calculation
net/mlx5: fix zero metadata action
net/mlx5: fix zero value validation for metadata
net/mlx5: improve logging of MPRQ selection
net/mlx5: reduce Tx completion index memory loads
net/mlx5: set dynamic flow metadata in Rx queues
net/mlx5: update VLAN and encap actions validation
net/mlx5: use open/read/close for ib stats query
net/mvneta: do not use PMD log type
net/mvpp2: fix build with gcc 10
net/netvsc: avoid possible live lock
net/netvsc: do not configure RSS if disabled
net/netvsc: do RSS across Rx queue only
net/netvsc: fix comment spelling
net/netvsc: fix memory free on device close
net/netvsc: handle Rx packets during multi-channel setup
net/netvsc: handle Tx completions based on burst size
net/netvsc: propagate descriptor limits from VF
net/netvsc: remove process event optimization
net/netvsc: split send buffers from Tx descriptors
net/nfp: fix dangling pointer on probe failure
net/nfp: fix log format specifiers
net/null: fix secondary burst function selection
net/null: remove redundant check
net/octeontx2: disable unnecessary error interrupts
net/octeontx2: enable error and RAS interrupt in configure
net/octeontx2: fix buffer size assignment
net/octeontx2: fix device configuration sequence
net/octeontx2: fix link information for loopback port
net/octeontx: fix dangling pointer on init failure
net/octeontx: fix meson build for disabled drivers
net/pfe: do not use PMD log type
net/pfe: fix double free of MAC address
net/qede: fix link state configuration
net/qede: fix port reconfiguration
net/ring: fix device pointer on allocation
net/sfc/base: fix build when EVB is enabled
net/sfc/base: fix manual filter delete in EF10
net/sfc/base: handle manual and auto filter clashes in EF10
net/sfc/base: reduce filter priorities to implemented only
net/sfc/base: refactor filter lookup loop in EF10
net/sfc/base: reject automatic filter creation by users
net/sfc/base: use simpler EF10 family conditional check
net/sfc/base: use simpler EF10 family run-time checks
net/sfc: fix initialization error path
net/sfc: fix promiscuous and allmulticast toggles errors
net/sfc: fix reported promiscuous/multicast mode
net/sfc: fix Rx queue start failure path
net/sfc: set priority of created filters to manual
net/softnic: fix memory leak for thread
net/softnic: fix resource leak for pipeline
net/tap: do not use PMD log type
net/tap: fix check for mbuf number of segment
net/tap: fix crash in flow destroy
net/tap: fix fd leak on creation failure
net/tap: fix file close on remove
net/tap: fix mbuf and mem leak during queue release
net/tap: fix mbuf double free when writev fails
net/tap: fix queues fd check before close
net/tap: fix unexpected link handler
net/tap: remove unused assert
net/thunderx: use dynamic log type
net/vhost: fix potential memory leak on close
net/virtio: do not use PMD log type
net/virtio: fix crash when device reconnecting
net/virtio: fix outdated comment
net/virtio: fix unexpected event after reconnect
net/virtio-user: fix devargs parsing
net/vmxnet3: fix RSS setting on v4
net/vmxnet3: handle bad host framing
pci: accept 32-bit domain numbers
pci: fix build on FreeBSD
pci: fix build on ppc
pci: reject negative values in PCI id
pci: remove unneeded includes in public header file
remove references to private PCI probe function
Revert ?common/qat: fix GEN3 marketing name?
Revert ?net/bnxt: fix number of TQM ring?
Revert ?net/bnxt: fix TQM ring context memory size?
security: fix crash at accessing non-implemented ops
security: fix return types in documentation
security: fix session counter
security: fix verification of parameters
service: fix crash on exit
service: fix identification of service running on other lcore
service: fix race condition for MT unsafe service
service: remove rte prefix from static functions
telemetry: fix port stats retrieval
test/crypto: fix flag check
test/crypto: fix statistics case
test: fix build with gcc 10
test/flow_classify: enable multi-sockets system
test/ipsec: fix crash in session destroy
test/kvargs: fix invalid cases check
test/kvargs: fix to consider empty elements as valid
test: load drivers when required
test: remove redundant macro
test: skip some subtests in no-huge mode
timer: protect initialization with lock
usertools: check for pci.ids in /usr/share/misc
vfio: fix race condition with sysfs
vfio: fix use after free with multiprocess
vhost/crypto: add missing user protocol flag
vhost: fix packed ring zero-copy
vhost: fix peer close check
vhost: fix shadowed descriptors not flushed
vhost: fix shadow update
vhost: fix zero-copy server mode
vhost: handle mbuf allocation failure
vhost: make IOTLB cache name unique among processes
vhost: prevent zero-copy with incompatible client mode
vhost: remove unused variable
- remove the security backport patches as they're already included
upstream:
* 0001-vhost-check-log-mmap-offset-and-size-overflow.patch
* 0002-vhost-fix-vring-index-check.patch
* 0003-vhost-crypto-validate-keys-lengths.patch
* 0004-vhost-fix-translated-address-not-checked.patch
* 0005-vhost-fix-potential-memory-space-leak.patch
* 0006-vhost-fix-potential-fd-leak.patch
- Add patches to fix vulnerability where malicious guest/container can cause resource leak resulting a Denial-of-Service, or memory corruption and crash, or information leak in vhost-user backend application (bsc#1171477, CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726). * 0001-vhost-check-log-mmap-offset-and-size-overflow.patch * 0002-vhost-fix-vring-index-check.patch * 0003-vhost-crypto-validate-keys-lengths.patch * 0004-vhost-fix-translated-address-not-checked.patch * 0005-vhost-fix-potential-memory-space-leak.patch * 0006-vhost-fix-potential-fd-leak.patch
- Update to v19.11.1. For a list of changes, check: * https://doc.dpdk.org/guides/rel_notes/release_19_11.html#new-features - Removed patches no longer applying to the code base: * 0001-vhost-fix-possible-denial-of-service-on-SET_VRING_NU.patch * 0002-vhost-fix-possible-denial-of-service-by-leaking-FDs.patch * 0002-fix-cpu-compatibility.patch - Rebased patches: * 0001-fix-cpu-compatibility.patch
- Change constraint to ssse3 to fix build issues on x86_64 and i586
- Add version to the PMD driver directory to avoid loading previous version drivers (bsc#1157179). - Update to 18.11.3 (bsc#1156146). For a list of fixes check: * https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#fixes - Add patches to fix vulnerability where malicious container can trigger a denial of service (CVE-2019-14818, bsc#1156146) * 0001-vhost-fix-possible-denial-of-service-on-SET_VRING_NU.patch * 0002-vhost-fix-possible-denial-of-service-by-leaking-FDs.patch - Removed patrches already included upstream: * dpdk-fix-implicit-fallthrough-warning.patch
- Changed to multibuild (bsc#1151455). - Added dpdk-fix-implicit-fallthrough-warning.patch to address build error with recent kernels (bsc#1144704).
- Minor Update to 18.11.2
* List of fixes can be found in
https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#fixes
- Add missing libmnl-devel
- remove -Wno-error=array-bounds as its no longer needed - disable i586 build because lack of sse support
- Add 0002-fix-cpu-compatibility.patch to address issue with older CPUs (bsc#1125961, bsc#1099474) [+ 0002-fix-cpu-compatibility.patch]
- Enable missed MLX PMDs for SLE12SP4 (bsc#1112307)
- Fixed a syntax error affecting csh environment configuration(bsc#1102310)
- Update to 18.02.2; some of the changes are: * Added function to allow releasing internal EAL resources on exit * Added igb, ixgbe and i40e ethernet driver to support RSS with flow API * Updated i40e driver to support PPPoE/PPPoL2TP * Added MAC loopback support for i40e * Added support of run time determination of number of queues per i40e VF * Updated mlx4/mlx5 driver * Added NVGRE and UDP tunnels support in Solarflare network PMD * Added AVF (Adaptive Virtual Function) net PMD * Added feature supports for live migration from vhost-net to vhost-user * Updated the AESNI-MB PMD * Updated the DPAA_SEC crypto driver to support rte_security * Added New eventdev Ordered Packet Distribution Library (OPDL) PMD * Added GRO support for VxLAN-tunneled packets - Removed 0002-dpdk-eal-ppc-rte_smp_mb.patch since incorporated upstream
- Update to 18.02.1 - Restrict untrusted guest to misuse virtio to corrupt host application(ovs-dpdk) memory which can lead all VM to lose connectivity(CVE-2018-1059,bsc#1089638). Changes: * Add deprecation notice for rte_vhost_gpa_to_vva() * Patch vhost-net and vhost-scsi examples * Fixes checkpatch warnings * Take VIRTIO_RING_F_EVENT_IDX into account when ring size (Tiwei) * Fix next chuncks translation access rights in Rx paths (Tiwei) * vhost: fix indirect descriptors table translation size * vhost: check all range is mapped when translating GPAs * vhost: introduce safe API for GPA translation * vhost: ensure all range is mapped when translating QVAs * vhost: add support for non-contiguous indirect descs tables * vhost: handle virtually non-contiguous buffers in Tx * vhost: handle virtually non-contiguous buffers in Rx * vhost: handle virtually non-contiguous buffers in Rx-mrg * examples/vhost: move to safe GPA translation API * examples/vhost_scsi: move to safe GPA translation API * vhost/crypto: move to safe GPA translation API * vhost: deprecate unsafe GPA translation API
- Enable MLX4/5 PMD only in Factory and >= SLES15 It needs rdma-core >= v16.
- Removed 0002-kni-fix-build-on-SLE12-SP3.patch since no longer referenced in .spec files - Added 0002-dpdk-eal-ppc-rte_smp_mb.patch to fix an issue on ppc64le platforms with v18.02 - Updated to version 18.02; some of the changes include: * Added function to allow releasing internal EAL resources on exit * Added igb, ixgbe and i40e ethernet driver to support RSS with flow API * Updated i40e driver to support PPPoE/PPPoL2TP * Added MAC loopback support for i40e * Added support of run time determination of number of queues per i40e VF * Updated mlx5 driver * Updated mlx4 driver * Added NVGRE and UDP tunnels support in Solarflare network PMD * Added AVF (Adaptive Virtual Function) net PMD * Added feature supports for live migration from vhost-net to vhost-user * Updated the AESNI-MB PMD * Updated the DPAA_SEC crypto driver to support rte_security * Added Wireless Base Band Device (bbdev) abstraction * Added New eventdev Ordered Packet Distribution Library (OPDL) PMD * Added new pipeline use case for dpdk-test-eventdev application * Updated Eventdev sample application to support event devices based on capability * Added Rawdev, a generic device support library * Added new multi-process communication channel * Added GRO support for VxLAN-tunneled packets * Increased default Rx and Tx ring size in sample applications * Added new DPDK build system using the tools ?meson? and ?ninja? [EXPERIMENTAL]
- security update - added patches fix CVE-2022-2132 [bsc#1202903], DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs + dpdk-CVE-2022-2132.patch
- Update to 18.11.9. For a list of fixes check: * https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#fixes - Add patches to fix vulnerability where malicious guest can harm the host using vhost crypto, this includes executing code in host (VM Escape), reading host application memory space to guest and causing partially denial of service in the host (CVE-2020-14374,CVE-2020-14375,CVE-2020-14376, CVE-2020-14377,CVE-2020-14378bsc#1176590): * 0001-vhost-crypto-fix-pool-allocation.patch * 0002-vhost-crypto-fix-incorrect-descriptor-deduction.patch * 0003-vhost-crypto-fix-missed-request-check-for-copy-mode.patch * 0004-vhost-crypto-fix-incorrect-write-back-source.patch * 0005-vhost-crypto-fix-data-length-check.patch * 0006-vhost-crypto-fix-possible-TOCTOU-attack.patch - Removed patches that no longer apply to the code base: * 0001-vhost-fix-possible-denial-of-service-on-SET_VRING_NU.patch * 0003-vhost-crypto-validate-keys-lengths.patch * 0001-vhost-check-log-mmap-offset-and-size-overflow.patch * 0002-vhost-fix-possible-denial-of-service-by-leaking-FDs.patch * 0002-vhost-fix-vring-index-check.patch
- Add patches to fix vulnerability where malicious guest/container can cause resource leak resulting a Denial-of-Service, or memory corruption and crash, or information leak in vhost-user backend application (bsc#1171477, CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726). * 0001-vhost-check-log-mmap-offset-and-size-overflow.patch * 0002-vhost-fix-vring-index-check.patch * 0003-vhost-crypto-validate-keys-lengths.patch - Change constraint to ssse3 to fix build issues on x86_64 and i586
- Add version to the PMD driver directory to avoid loading previous version drivers (bsc#1157179). - Update to 18.11.3 (bsc#1156146). For a list of fixes check: * https://doc.dpdk.org/guides-18.11/rel_notes/release_18_11.html#fixes - Add patches to fix vulnerability where malicious container can trigger a denial of service (CVE-2019-14818, bsc#1156146) * 0001-vhost-fix-possible-denial-of-service-on-SET_VRING_NU.patch * 0002-vhost-fix-possible-denial-of-service-by-leaking-FDs.patch - Changed to multibuild (bsc#1151455).
- Added 0002-fix-cpu-compatibility.patch to address issue with older CPUs (bsc#1125961)
- Update to 18.11; some of the changes are(fate#325916, fate#325951 fate#326025, fate#326992): * Added support for using externally allocated memory in DPDK. * Added check for ensuring allocated memory is addressable by devices. * Updated the C11 memory model version of the ring library. * Added NXP CAAM JR PMD. * Added support for GEN3 devices to Intel QAT driver. * Added Distributed Software Eventdev PMD. * Updated KNI kernel module, rte_kni library, and KNI sample application. * Add a new sample application for vDPA. * Updated mlx5 driver. * * Improved security of PMD to prevent the NIC from getting stuck when the application misbehaves. * * Reworked flow engine to supported e-switch flow rules (transfer attribute). * * Added support for header re-write(L2-L4), VXLAN encap/decap, count, match on TCP flags and multiple flow groups with e-switch flow rules. * * Added support for match on metadata, VXLAN and MPLS encap/decap with flow rules. * * Added support for RTE_ETH_DEV_CLOSE_REMOVE flag to provide better support for representors. * * Added support for meson build. * * Fixed build issue with PPC. * * Added support for BlueField VF. * * Added support for externally allocated static memory for DMA. all the changes can be viwed in http://doc.dpdk.org/guides/rel_notes/release_18_11.html [- 0001-enic-fix-Type-punning-and-strict-aliasing-warning.patch, - - 0002-fix-cpu-compatibility.patch]
- Fixed a problem with ABI compatibility; API/ABI compatibility is guaranteed by DPDK upstream community across subsequent bug-fix releases. However, the .spec file broke it by defining the wrong version which included also the bug-fix release number. - Fixed a naming issue with library: did not reflect soname
- Update to 17.11.4 stable release. Some of the fixes include: * app/testpmd: fix buffer leak in TM command, fix DCB config, fix VLAN TCI mask set error for FDIR * bus/dpaa: fix buffer offset setting in FMAN, fix build, fix phandle support for Linux 4.16 * doc: fix bonding command in testpmd, update qede management firmware guide * eal: fix bitmap documentation, fix return codes on thread naming failure, fix invalid syntax in interrupts, fix uninitialized value * eventdev: add event buffer flush in Rx adapter, fix internal port logic in Rx adapter, fix missing update to Rx adaper WRR position, fix port in Rx adapter internal function, fix Rx SW adapter stop * hash: fix a multi-writer race condition, fix doxygen of return values, fix key slot size accuracy, fix multiwriter lock memory allocation * kni:fix build with gcc 8.1, fix crash with null name * vhost: fix missing increment of log cache count, flush IOTLB cache on new mem table handling, improve dirty pages logging performance, release locks on RARP packet failure, retranslate vring addr when memory table changes * PMD drivers: various fixes fro bnxt, dpaa2, mlx5 - Fixed a syntax error affecting csh environment configuration(bsc#1102310)
- do proper cpu compatibility test(bsc#1099474) [+ 0002-fix-cpu-compatibility.patch] - change %doc to %license
- workaround kernelrelease error
- Sync dpdk for SLE15 with SLE12-SP4(fate#324872)
- use gcc-7 to remove EXTRA_CFLAGS hack that was required for gcc-6 in the previous change(bsc#1090668)
- Remove fstack-clash-protection from EXTRA_CFLAGS as gcc-6 cant recognize it(bsc#1090668)
- Update to 17.11.2 restrict untrusted guest to misuse virtio to corrupt host application(ovs-dpdk) memory which can lead all VM to lose connectivity(CVE-2018-1059,bsc#1089638). Changes: * Add deprecation notice for rte_vhost_gpa_to_vva() * Patch vhost-net and vhost-scsi examples * Fixes checkpatch warnings * Take VIRTIO_RING_F_EVENT_IDX into account when ring size (Tiwei) * Fix next chuncks translation access rights in Rx paths (Tiwei) * vhost: fix indirect descriptors table translation size * vhost: check all range is mapped when translating GPAs * vhost: introduce safe API for GPA translation * vhost: ensure all range is mapped when translating QVAs * vhost: add support for non-contiguous indirect descs tables * vhost: handle virtually non-contiguous buffers in Tx * vhost: handle virtually non-contiguous buffers in Rx * vhost: handle virtually non-contiguous buffers in Rx-mrg * examples/vhost: move to safe GPA translation API * examples/vhost_scsi: move to safe GPA translation API * vhost/crypto: move to safe GPA translation API * vhost: deprecate unsafe GPA translation API
- The vm_power example does not work for ppc64le since it uses the IXGBE PMD driver which is not available for that platform(bsc#1082154): * Disable CONFIG_RTE_LIBRTE_POWER for the sample application; * Disable CONFIG_RTE_LIBRTE_IXGBE_PMD for the actual PMD driver;
- Upgraded to latest stable release 17.11.1 (LTS): some of the fixes include: * location changes of the GPL and LGPL licenses; * net/mlx4: - fix drop flow resources leak * net/bnxt: - double increment of idx during Tx ring alloc - group info usage - check for ether type - size of Tx ring in HW - number of pools for RSS - return code in MAC address set - link speed setting with autoneg off * net/nfp: - MTU settings - jumbo settings - CRC strip check behaviour * net/sfc: - multicast address list copy memory leak - DMA memory leak after kvarg processing failure - fix label name to be consistent * net/i40e: - VLAN offload setting issue - FDIR input set conflict - FDIR rule confiliction issue - setting MAC address of VF - flow director Rx resource defect - warn when writing global registers - multiple driver support - interrupt conflict with multi-driver - Rx interrupt - check multi-driver option parsing - flow director filter * net/qede: - enable LRO over tunnels - reject config with no Rx queue - check tunnel L3 header - tunnel header size in Tx BD configuration - VF LRO tunnel configuration * net/mlx5: - Tx checksum offloads - un-supported RSS hash fields use - device operation type - pedantic compilation - fix pedantic compilation - flow item validation - flow RSS configuration - UAR remapping on non configured queues - secondary process verification - port stop by verify flows are still present - flow priority on queue action
- Enable(disabled by default) MLX4 and MLX5 pmd(fate#322609)
- Upgraded to latest major 17.11(fate#322609); some of the fixes include: * Extended port_id range from uint8_t to uint16_t * Added a new driver for Marvell Armada 7k/8k devices * Updated mlx4 driver * Updated mlx5 driver * Added SoftNIC PMD * Added support for NXP DPAA Devices * Updated support for Cavium OCTEONTX Device * Added PF support to the Netronome NFP PMD * Updated bnxt PMD * Added bus agnostic functions to cryptodev for PMD initialization * Updated QAT crypto PMD * Updated the AESNI MB PMD * Updated the OpenSSL PMD * Added NXP DPAA SEC crypto PMD * Add new benchmarking mode to dpdk-test-crypto-perf application * Added IOMMU support to libvhost-user * Added the Generic Segmentation Offload Library * Added the Flow Classification Library - Removed 0002-kni-fix-build-on-SLE12-SP3.patch since patch merged upstream and available in 17.11
- Added missing supported broadcom chipset family Broadcom NetXtreme II BCM57810
- Upgraded to latest stable 17.08.1; some of the fixes include: * net/qede: disable per-VF Tx switching feature * revert "net/virtio: flush Rx queues on start" * various fixes for mlx5 PMD drivers * various fixes for bnxt PMD drivers * various fixes for i40e PMD drivers * various fixes for crypto PMD drivers * testpmd: fix for non-consecutive ports * ethdev: fix ABI version