vpp.git
2 years agoip-neighbor: add ip neighbor flush 74/39674/3
Ole Troan [Fri, 13 Oct 2023 06:52:47 +0000 (08:52 +0200)]
ip-neighbor: add ip neighbor flush

Flushing the neighbor cache was only available through API.
Add CLI command. Either flushes whole table (IP4,IP6)
or all neighbors on specified interface.

Type: improvement
Change-Id: Ia8c68fb032a2dfd940a136edc2aee80db5c37685
Signed-off-by: Ole Troan <[email protected]>
2 years agofeature: remove unused code 79/39679/3
Damjan Marion [Sat, 14 Oct 2023 08:41:54 +0000 (08:41 +0000)]
feature: remove unused code

Type: improvement
Change-Id: If775b1d145e462346de562a3c893f302e8c7b814
Signed-off-by: Damjan Marion <[email protected]>
2 years agolinux-cp: check if lcp_itf_pair exists before creating tap 86/39486/3
Stanislav Zaikin [Tue, 5 Sep 2023 08:40:07 +0000 (10:40 +0200)]
linux-cp: check if lcp_itf_pair exists before creating tap

Now we create tun/tap and then check whether lcp_itf_pair was already
created. Move the check in the beginning.

Type: fix

Signed-off-by: Stanislav Zaikin <[email protected]>
Change-Id: I848685a9cfdbe92a5e38ecb8e5d5322262b4e384

2 years agoethernet: run callbacks for subifs too when mac changes 60/38860/8
Alexander Chernavin [Mon, 22 May 2023 14:27:24 +0000 (14:27 +0000)]
ethernet: run callbacks for subifs too when mac changes

When MAC address changes for an interface, address change callbacks are
executed for it. In turn adjacencies register a callback for MAC address
changes to be able to update their rewrite strings accordingly.

Subinterfaces inherit MAC address from the parent interface. When MAC
address of the parent interface changes, it also implies MAC address
change for its subinterfaces. The problem is that this is currently not
considered when address change callbacks are executed. After MAC address
change on the parent interface, packets sent from subinterfaces might
have wrong source MAC address as the result of stale adjacencies. For
example, ARP messages might be sent with the wrong (previous) MAC
address and address resolution will fail.

With this fix, when address change callbacks are executed for an
interface, they will be also executed for its subinterfaces. And
adjacencies will be able to update accordingly.

Type: fix
Change-Id: I87349698c10b9c3a31a28c0287e6dc711d9413a2
Signed-off-by: Alexander Chernavin <[email protected]>
2 years agovlib: properly replicate nexts when sibling node is created on runtime 69/39669/2
Damjan Marion [Thu, 12 Oct 2023 17:38:52 +0000 (17:38 +0000)]
vlib: properly replicate nexts when sibling node is created on runtime

Change-Id: I5aff21b5ca32e7eb84b11cca8387e7ac42fbbe23
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
2 years agovlib: allow unpriviledged vlib_pci_get_device_info() 70/39670/2
Damjan Marion [Thu, 12 Oct 2023 17:41:14 +0000 (17:41 +0000)]
vlib: allow unpriviledged vlib_pci_get_device_info()

When running unpriviledged sysfs allows reading only first
64 bytes of PCI config space.

Change-Id: I62d18328925a2e4936406c2842154b20182cacb9
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
2 years agonpt66: add show command and rx/tx counters 67/39667/2
Ole Troan [Thu, 12 Oct 2023 11:38:38 +0000 (13:38 +0200)]
npt66: add show command and rx/tx counters

Add show npt66 bindings.
Add RX/TX and translation error counters.

Type: improvement
Change-Id: I4513b111f815a15d5a7537ce503f0c084b523aa1
Signed-off-by: Ole Troan <[email protected]>
2 years agosession: fix duplicate rx events 71/39671/3
Florin Coras [Thu, 12 Oct 2023 19:39:15 +0000 (12:39 -0700)]
session: fix duplicate rx events

Be less aggressive with rx events on connect/accept notification.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ie93a08c7eef69383bf0301a163fd2131dd51372a

2 years agoflowprobe: fix sending L2 flows using L2_IP6 template 57/39657/2
Alexander Chernavin [Wed, 11 Oct 2023 12:15:55 +0000 (12:15 +0000)]
flowprobe: fix sending L2 flows using L2_IP6 template

Currently, L2 flows are exported using L2_IP6 template if L3 or L4
recording is enabled on L2 datapath. That occurs because during feature
enable, L2 template is added and its ID is not saved immediately. Then
L2_IP4 and L2_IP6 templates are added overwriting "template_id" each
time. And in the end, the current value of "template_id" is saved for L2
template. The problem is that "template_id" at that point contains the
ID of L2_IP6 template.

With this fix, save the template ID immediately after adding a template
for all variants (datapaths). Also, cover the case with a test.

Type: fix
Change-Id: Id27288043b3b8f0e89e77f45ae9a01fa7439e20e
Signed-off-by: Alexander Chernavin <[email protected]>
2 years agodpdk: add Mellanox BlueField NICs 83/39583/8
Alexander Kozyrev [Mon, 25 Sep 2023 15:11:55 +0000 (15:11 +0000)]
dpdk: add Mellanox BlueField NICs

List BlueField NICs as a supported PCI devices.

Type: feature
Change-Id: Ida2300df516ab9cd2fcde1f816bbdc081016039a
Signed-off-by: Alexander Kozyrev <[email protected]>
2 years agosession: ignore connecting half_open session in session_tx_fifo_dequeue_internal 63/39663/2
Steven Luong [Wed, 11 Oct 2023 21:09:21 +0000 (14:09 -0700)]
session: ignore connecting half_open session in session_tx_fifo_dequeue_internal

s->tx_fifo is 0 for the connecting half open session.

Type: fix

Change-Id: I2ba1ae99a2fa4fae1896587f40e0e4fb73c1edcb
Signed-off-by: Steven Luong <[email protected]>
2 years agotls: Fix SSL_CTX leak on every client session 61/39661/5
Brian Morris [Wed, 11 Oct 2023 17:36:59 +0000 (17:36 +0000)]
tls: Fix SSL_CTX leak on every client session

Type: fix

Change-Id: I35b3920288269073cdd35f79c938396128d169c9
Signed-off-by: Brian Morris <[email protected]>
2 years agosession: ignore app rx ntf if transport closed 34/39634/3
Florin Coras [Tue, 10 Oct 2023 19:39:55 +0000 (12:39 -0700)]
session: ignore app rx ntf if transport closed

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Id56a101a6350903b00f7c96705fb86039e70e12c

2 years agosession: fix tx deq ntf assert for cl 33/39633/3
Florin Coras [Tue, 10 Oct 2023 17:21:01 +0000 (10:21 -0700)]
session: fix tx deq ntf assert for cl

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I97a04ed0417f1a3433665f6aa1a9424138fd54cb

2 years agolb: fix intermittent per-port-vip idx lookup failure 35/39635/1
Dave Wallace [Wed, 11 Oct 2023 03:19:18 +0000 (23:19 -0400)]
lb: fix intermittent per-port-vip idx lookup failure

- Causes per-port-vip testcases to fail when the
  uninitialized reserved field in the stack variable
  key for the hash lookup was a non-zero stack memory
  location.

Type: fix

Change-Id: I56afa15e7df60bc2340514f2c7ce5e71a9cb47a9
Signed-off-by: Dave Wallace <[email protected]>
2 years agosession: maintain old state on premature close 31/39631/2
Florin Coras [Tue, 10 Oct 2023 01:25:39 +0000 (18:25 -0700)]
session: maintain old state on premature close

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I2ea821e0499a3874c4579f5480ea86f30ebe615f

2 years agovppinfra: fix coverity issue CID 323952 30/39630/1
Dave Wallace [Mon, 9 Oct 2023 22:05:47 +0000 (18:05 -0400)]
vppinfra: fix coverity issue CID 323952

Type: fix
Fixes: 08600ccfa

Change-Id: I53ba0d96507b55ab7cd735073d6c4cf20a3cc948
Signed-off-by: Dave Wallace <[email protected]>
2 years agobuffers: buffer allocation improvements 21/39621/3
Damjan Marion [Fri, 6 Oct 2023 08:59:32 +0000 (10:59 +0200)]
buffers: buffer allocation improvements

- pass buffer pool name trough va
- make buffers naturaly aligned
- fix calculation of total number of buffers

Type: improvement
Change-Id: I6aebf249ebd67823b4632ac08905bfa3aa7d1ee5
Signed-off-by: Damjan Marion <[email protected]>
2 years agotls: propagate reads to app irrespective of state 28/39628/2
Florin Coras [Sat, 7 Oct 2023 21:27:52 +0000 (14:27 -0700)]
tls: propagate reads to app irrespective of state

Session input node handles rx notifications even if session not fully
accepted/connected

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I6560c45db8f8e0b7f0dc3bdd0939f13ca2f43f15

2 years agotls: report error if connected cannot be initialized 26/39626/3
Florin Coras [Sat, 7 Oct 2023 02:06:35 +0000 (19:06 -0700)]
tls: report error if connected cannot be initialized

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I987ac6b461b473836917bce6ce0d4ac109cc8ddb

2 years agotls: no read after app close 25/39625/3
Florin Coras [Sat, 7 Oct 2023 00:31:32 +0000 (17:31 -0700)]
tls: no read after app close

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I34f8ee2e36d07e8e55e21561528fc6b73feb852f

2 years agosession: propagate delayed rx evts after connect/accept 27/39627/1
Florin Coras [Sat, 7 Oct 2023 21:22:52 +0000 (14:22 -0700)]
session: propagate delayed rx evts after connect/accept

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I4a2e8f864df7269ec5a3c4fd4d8785a67b687d58

2 years agosession: handle accept and connect errors 24/39624/5
Florin Coras [Fri, 6 Oct 2023 23:45:04 +0000 (16:45 -0700)]
session: handle accept and connect errors

If builtin apps refuse connections, they should be cleaned up.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I95ef22902ac3fe873e15e250aa5f03031c2dc0c4

2 years agocnat: add flow hash config to cnat translation 07/39507/13
hedi bouattour [Mon, 11 Sep 2023 14:48:12 +0000 (14:48 +0000)]
cnat: add flow hash config to cnat translation

Type: feature

this patch adds a hash config field to cnat translation
to use it in load balancing instead of always using default one

Change-Id: I5b79642ca8b365b5dcc06664f6c100a9d3830a29
Signed-off-by: hedi bouattour <[email protected]>
2 years agovpp-swan: fix config to run containers 96/39596/4
Gabriel Oginski [Mon, 25 Sep 2023 10:41:06 +0000 (10:41 +0000)]
vpp-swan: fix config to run containers

This patch changes config to run containers on Ubuntu 22.04.

Type: fix
Signed-off-by: Gabriel Oginski <[email protected]>
Change-Id: I3be48099cb48d2c4a04526c15780244614bef3d4

2 years agovppinfra: fix string termination in clib_file_get_resolved_basename 12/39612/1
Damjan Marion [Wed, 4 Oct 2023 16:03:18 +0000 (18:03 +0200)]
vppinfra: fix string termination in clib_file_get_resolved_basename

Type: fix
Fixes: 40f4810
Change-Id: Idf51462c8154663de23154f17a894b7245c9fbf0
Signed-off-by: Damjan Marion <[email protected]>
2 years agosession: make port range configurable 05/39605/3
Nathan Skrzypczak [Tue, 3 Oct 2023 11:54:15 +0000 (13:54 +0200)]
session: make port range configurable

Type: feature

This patch makes the port range used by the transport layer
configurable in the manner of sysctl's ip_local_port_range.

Change-Id: Ie17f776538311b29d1dca64643a3a0bd74cb90a6
Signed-off-by: Nathan Skrzypczak <[email protected]>
2 years agobuild: add ability to disable some plugins from packaging and tests 50/39150/8
Andrew Yourtchenko [Tue, 26 Sep 2023 14:01:21 +0000 (16:01 +0200)]
build: add ability to disable some plugins from packaging and tests

When custom-packaging the VPP artifacts, it can be useful to exclude
some of the core plugins from packaging/testing, for some reasons.
A removal of a plugin(s) from the worktree needs to be tracked as
a separate change, and thus is tricky from the maintenance
point of view.

This change adds the ability to "pretend they do not exist" -
plugins which are added to the comma-separated environment
variable "VPP_EXCLUDED_PLUGINS" will not be added to the build
process and not packaged.

The tests do not have the 1:1 relationship as plugins,
so they might need to be modified separately. This change
includes some of these modifications as an example.

Type: feature
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: Id31562d00a01ced1acbb4996a633517cbd6f09d8

2 years agovppinfra: add foreach_int macro 97/39597/4
Damjan Marion [Fri, 29 Sep 2023 12:31:08 +0000 (14:31 +0200)]
vppinfra: add foreach_int macro

  foreach_int(x, 1, 3, 5, 7)
   {
     fformat(stdout, "x is %u\n", x);
   }

Type: improvement
Change-Id: Idc355f4a284f421b150e3acb7a3a57bcede408c7
Signed-off-by: Damjan Marion <[email protected]>
2 years agovppinfra: splat and gather vector inlines 98/39598/4
Damjan Marion [Fri, 29 Sep 2023 13:09:11 +0000 (15:09 +0200)]
vppinfra: splat and gather vector inlines

Type: improvement

Change-Id: I4b00b3a6ff63fc8b313c89217ccdea356c0783a3
Signed-off-by: Damjan Marion <[email protected]>
2 years agonat: nat66 cli bug fix 03/35903/4
Filip Varga [Wed, 6 Apr 2022 10:56:50 +0000 (12:56 +0200)]
nat: nat66 cli bug fix

Two similar CLI paths in nat66 plugin cause
unexpected behavior. Bug fix following [1] fix.

[1] https://gerrit.fd.io/r/c/vpp/+/35859

Change-Id: I771dd230fa6edb6bab3936652770a388d6e41a3f
Type: fix
Signed-off-by: Filip Varga <[email protected]>
2 years agostats: added optional CLI arg "port" to specify non-default port 91/39591/2
Fahad Khan [Thu, 28 Sep 2023 06:09:16 +0000 (06:09 +0000)]
stats: added optional CLI arg "port" to specify non-default port

There are cases where default port for prometheus exporter is not
available e.g. when multiple vpp are running on single node.

Type: improvement
Change-Id: I39701486f9dfaf4dc9f08aab56e88126687b507a
Signed-off-by: Fahad Khan <[email protected]>
2 years agotls: limit openssl engine max read burst 00/39600/3
Florin Coras [Sat, 30 Sep 2023 22:21:08 +0000 (15:21 -0700)]
tls: limit openssl engine max read burst

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ic7a8fd37d79fc9c09c8b1539d630f3b8983b8bb3

2 years agotls: fix formatting of half open connections 04/39604/2
Florin Coras [Mon, 2 Oct 2023 17:41:54 +0000 (10:41 -0700)]
tls: fix formatting of half open connections

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: If96dc748a716a261edfcb1020210bd73058e382f

2 years agoflow dpdk avf: add support for using l2tpv3 as RSS type 01/38901/2
Xinyao Cai [Thu, 25 May 2023 01:16:57 +0000 (09:16 +0800)]
flow dpdk avf: add support for using l2tpv3 as RSS type

This patch adds support for using l2tpv3 as RSS type

Type: feature
Signed-off-by: Xinyao Cai <[email protected]>
Change-Id: Ic3e0935a4754d084184f1cc38ea9531ddfd9e7bc

2 years agobuild: modify N_PREFETCH on Arm N2 to achieve best perf 53/39353/8
Jieqiang Wang [Tue, 4 Jul 2023 04:05:33 +0000 (12:05 +0800)]
build: modify N_PREFETCH on Arm N2 to achieve best perf

From GCC 12, march=armv9-a option is supported, which includes the sve
and crc options needed. Furthermore, VPP L3Fwd benchmark results on N2
based servers show that N_PREFETCH set to 6 gives the best performance.

Type: feature

Signed-off-by: Lijian Zhang <[email protected]>
Signed-off-by: Jieqiang Wang <[email protected]>
Change-Id: I9c4fcad84d4db1189d956dabab22b26d020fbfd6

2 years agofib: Crash when specify a big prefix length from CLI. 76/39076/4
Gavril Florian [Thu, 15 Jun 2023 18:39:57 +0000 (18:39 +0000)]
fib: Crash when specify a big prefix length from CLI.

The VPP is crashing when specify a very big prefix length, like
ip route add 1.1.1.1/55 via 2.2.2.2

Type: fix

Signed-off-by: Gavril Florian <[email protected]>
Change-Id: Ic491c0b24e07be897ff35ae1e835280f04ab3ea5

2 years agocrypto: update maintainer email 52/39552/4
Fan Zhang [Fri, 22 Sep 2023 10:35:18 +0000 (11:35 +0100)]
crypto: update maintainer email

Update my email address in maintainer document.

Type: improvement

Change-Id: I8ba518fa4c9cb414342383e1461f3f94b661ac33
Signed-off-by: Fan Zhang <[email protected]>
2 years agodpdk-cryptodev: improve dequeue behavior, fix cache stats logging 35/39535/8
Piotr Bronowski [Thu, 14 Sep 2023 17:41:13 +0000 (17:41 +0000)]
dpdk-cryptodev: improve dequeue behavior, fix cache stats logging

This patch provides minor improvements to the logic governing dequeuing
from the ring. Previously whenever a frame was dequeued
we've been trying to dequeue from the ring another one till
inflight == 0. Now threshold is set for 8 frames pending in the cache
to be consumed by the vnet. This threshold has been chosen based on
cache ring stats observation in the system under load.
Some unnecessary logic for setting deq_tail has been removed.
Also logging has been corrected, and cache ring logic simplied.

Type: improvement
Signed-off-by: Piotr Bronowski <[email protected]>
Change-Id: I19f3daf5913006e9cb23e142a163f596e85f5bda

2 years agodpdk: add ConnectX-6LX and ConnectX-7 support 33/39133/8
Alexander Kozyrev [Tue, 27 Jun 2023 15:20:51 +0000 (15:20 +0000)]
dpdk: add ConnectX-6LX and ConnectX-7 support

List Mellanox ConnectX-6LX and ConnectX-7 as a supported PCI devices.

Type: feature
Change-Id: Ieeca3f214d08f29238c387354055ac1320cab75f
Signed-off-by: Alexander Kozyrev <[email protected]>
2 years agotls: init connection for prealloced app sessions 85/39585/2
Florin Coras [Tue, 26 Sep 2023 02:50:48 +0000 (19:50 -0700)]
tls: init connection for prealloced app sessions

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Icd62dc110e3a73b24372f3a5162f8008b7edee9f

2 years agoping: Simple binary API for running ping based on events 28/39528/10
NikitaSkrynnik [Thu, 14 Sep 2023 09:00:38 +0000 (16:00 +0700)]
ping: Simple binary API for running ping based on events

Type: improvement
Change-Id: I02846a2420637470cb0f9472c86471b6a3421a75
Signed-off-by: NikitaSkrynnik <[email protected]>
2 years agocrypto-ipsecmb: bump intel-ipsec-mb version to 1.4 24/39224/16
Ranjan Raj [Fri, 7 Jul 2023 06:09:50 +0000 (06:09 +0000)]
crypto-ipsecmb: bump intel-ipsec-mb version to 1.4

Type: feature

This patch update the Intel IPsec-MB lib to v1.4
Remove v0.54 and v0.55 support, as the compatible IMB APIs
are deprecated in v1.4

Signed-off-by: Ranjan Raj <[email protected]>
Change-Id: I01f71134c6bd17a68ec20b7bb4b0b0ff43fc644b

2 years agofib: fix mpls label dpo drop proto 78/39578/2
Vladislav Grishenko [Mon, 10 Apr 2023 20:17:29 +0000 (01:17 +0500)]
fib: fix mpls label dpo drop proto

Next drop node should be related to payload protocol.

Type: fix
Signed-off-by: Vladislav Grishenko <[email protected]>
Change-Id: If12e8dc8b19c61f8c96c275b3f9e565e91ecdbed

2 years agofib: fix mpls label dpo packets prefetching 77/39577/1
Vladislav Grishenko [Mon, 10 Apr 2023 13:02:12 +0000 (18:02 +0500)]
fib: fix mpls label dpo packets prefetching

Four packets are batched after 696e88da9799056036f329676213f3c0c0a1db9c,
so prefetch is required for the next 4-7 packets, not for 2-5.

Type: fix
Signed-off-by: Vladislav Grishenko <[email protected]>
Change-Id: I4ab01e66c3b446caf113a154915473e96ab32198

2 years agofib: Don't use an address from an attached prefix when sending ARP requests. 39/39539/2
Neale Ranns [Wed, 8 Mar 2023 04:53:37 +0000 (04:53 +0000)]
fib: Don't use an address from an attached prefix when sending ARP requests.

Change-Id: I4c3144794dd0bd7de6150929e53f6d305c496b17

Type: fix
Signed-off-by: Neale Ranns <[email protected]>
Change-Id: I7b0c2c2dec5e867970599b8f2f2da17f2ff0b17c

2 years agoudp: fix udp encap tracing 45/39545/2
Dmitry Valter [Thu, 21 Sep 2023 17:46:26 +0000 (17:46 +0000)]
udp: fix udp encap tracing

Correct trace functions correspond with the encap type rather than with
the payload type.

Type: fix
Signed-off-by: Dmitry Valter <[email protected]>
Change-Id: Iea1eb08a2ce9d147984ef604c7a39c62c7330e80

2 years agotls: ignore tx events for not fully established sessions 54/39554/1
Florin Coras [Sat, 23 Sep 2023 02:26:33 +0000 (19:26 -0700)]
tls: ignore tx events for not fully established sessions

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I401a116a1a46c0dc5d591115de5ff0eef2f6440b

2 years agomisc: Initial 24.02-rc0 commit 48/39148/1 v24.02-rc0
Andrew Yourtchenko [Wed, 20 Sep 2023 13:59:48 +0000 (15:59 +0200)]
misc: Initial 24.02-rc0 commit

Type: docs
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: I42af9706461034957f83103e2756cc6bfab054f7

2 years agotests: remove unsupported qemu feature 37/39437/3
Naveen Joy [Wed, 23 Aug 2023 20:27:55 +0000 (13:27 -0700)]
tests: remove unsupported qemu feature

pretty=on|off has been removed from qemu and its presence
causes VM boot up issues.

Type: fix

Change-Id: I4a9f15dba5015e81fbd32278b1c74b2606c32c8f
Signed-off-by: Naveen Joy <[email protected]>
2 years agonpt66: ensure feature is not configured multiple times 06/39506/3
Ole Troan [Fri, 8 Sep 2023 09:32:33 +0000 (11:32 +0200)]
npt66: ensure feature is not configured multiple times

If the control agent enabled a binding on an interface multiple times,
we would add the node in the feature arc multiple times.

Type: fix
Change-Id: I2ca247db0a0211f5fa3974a18ca4fcae8485cb12
Signed-off-by: Ole Troan <[email protected]>
2 years agovcl: unset fifo evt before size check 36/39536/1
Florin Coras [Mon, 18 Sep 2023 16:56:21 +0000 (09:56 -0700)]
vcl: unset fifo evt before size check

For blocking sessions, if fifo event still active before size check it
could lead to vpp not generating an event because of race to check flag
in vpp and to eventually unset flag in vcl.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I0e350b9ff92a4e08a9249345ae224589c09d305b

2 years agovapi: fix coverity warnings 10/39410/2
Dave Wallace [Tue, 22 Aug 2023 18:18:32 +0000 (14:18 -0400)]
vapi: fix coverity warnings

- CID-322713, CID-322712, CID-314881, CID-314880,
  CID-314878 COPY_INSTEAD_OF_MOVE

Type: fix

Change-Id: Idad6806fcd4e1a89a750dcc0584b5b1f0432bf3c
Signed-off-by: Dave Wallace <[email protected]>
2 years agomisc: VPP 23.06 Release Notes 25/39425/1
Andrew Yourtchenko [Mon, 26 Jun 2023 11:50:58 +0000 (13:50 +0200)]
misc: VPP 23.06 Release Notes

Type: docs
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: Id39d7d6a6340e65885ab0845b6fc9a2b81e4f565
(cherry picked from commit 493b8990d1185f818890560101e13e1b69f54b1d)

2 years agovpp-swan: fix configuration of policies 34/39534/1
Gabriel Oginski [Thu, 14 Sep 2023 09:03:36 +0000 (09:03 +0000)]
vpp-swan: fix configuration of policies

This patch fixes configuration of priority, port and type of protocol
for inbound and outbound policies in policy-based IPsec of this plugin.

Type: fix
Signed-off-by: Gabriel Oginski <[email protected]>
Change-Id: I01ddc2e13ebbe87380e66a525aac1b615f619604

2 years agonat: fix nat44_ed set_session_limit crash 41/37241/5
Vladislav Grishenko [Mon, 5 Sep 2022 05:32:46 +0000 (10:32 +0500)]
nat: fix nat44_ed set_session_limit crash

Setting session limit should return error for unknown fib.
Optimize max_translations_per_fib expanding and drop unnecessary
trailing fib entry.

Type: fix
Change-Id: Ie7d2b363ade48f53598faa617a49cce7b2db6400
Signed-off-by: Vladislav Grishenko <[email protected]>
2 years agoquic: fix quic sessions state updates 01/39501/5
Florin Coras [Thu, 7 Sep 2023 02:09:30 +0000 (19:09 -0700)]
quic: fix quic sessions state updates

Session state cannot be updated after async notification event is
generated for app. Instead, make sure quic sessions that accept new
streams are switched to listening state only on accept.

Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I9663ccadbea99d555ad49e871f7dff897239dc84

2 years agosr: mark sr_policies_v2_details message as production 44/39144/2
Andrew Yourtchenko [Tue, 1 Aug 2023 11:00:13 +0000 (13:00 +0200)]
sr: mark sr_policies_v2_details message as production

As per discussion on the VPP community call,
since the message is used in CSIT tests and did
not see the changes in a while, mark as production
for the purposes of change process.

Type: improvement
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: I4a79aafb1a9f37ac87faea7abea28cf01d1ffb4c

2 years agoadl: stabilize the API 40/39140/2
Andrew Yourtchenko [Tue, 1 Aug 2023 10:43:46 +0000 (12:43 +0200)]
adl: stabilize the API

As discussed on the VPP call, since CSIT tests use these messages
and they have not been changedfor quite a while, bump the version
so these messages are considered as "production" from the change
process standpoint.

Type: improvement
Change-Id: I93a04b10b273d5904c0678fa0b85d47f9f683a9b
Signed-off-by: Andrew Yourtchenko <[email protected]>
2 years agoflow: mark API as production 43/39143/3
Andrew Yourtchenko [Tue, 1 Aug 2023 10:54:36 +0000 (12:54 +0200)]
flow: mark API as production

As per discussion on the VPP call - since the APIs are used
in CSIT tests, mark them as production from the change process
perspective.

Type: improvement
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: I9164073425384e8aa281445a2852fee49b777e2f

2 years agowireguard: stabilize the API 42/39142/2
Andrew Yourtchenko [Tue, 1 Aug 2023 10:52:04 +0000 (12:52 +0200)]
wireguard: stabilize the API

As per discussion on VPP call - since the APIs are used in CSIT tests,
and there has not been changes in a while, mark them as stable from
the API change process PoV.

Type: improvement
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: Ia644e1dfcd9d182cc6f10089fc44397a61e8aaf6

2 years agocrypto-sw-scheduler: stabilize the API 41/39141/2
Andrew Yourtchenko [Tue, 1 Aug 2023 10:49:20 +0000 (12:49 +0200)]
crypto-sw-scheduler: stabilize the API

As per discussion on the VPP call: since the CSIT tests use these
APIs and the APIs have not changed in quite a while, stabilize the API
from the change process point of view.

Type: improvement
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: Id81999d03cce37764f6ed7d4f77ef5a71fe41ad1

2 years agohsa: fix coverity issue CID-313635 11/39411/3
Dave Wallace [Wed, 23 Aug 2023 03:17:54 +0000 (23:17 -0400)]
hsa: fix coverity issue CID-313635

Type: fix

Change-Id: Ieb50ab548bb34bdbb44d973037ee452d48f412ea
Signed-off-by: Dave Wallace <[email protected]>
2 years agoapi: fix vlibmemory coverity warning CID-300152 13/39413/2
Dave Wallace [Wed, 23 Aug 2023 03:42:02 +0000 (23:42 -0400)]
api: fix vlibmemory coverity warning CID-300152

Type: fix

Change-Id: Icdebc8629946e0e7c8dde3e45ee93ff9027e7c68
Signed-off-by: Dave Wallace <[email protected]>
2 years agovppinfra: add ARM Neoverse-N2 support 23/39523/3
Damjan Marion [Tue, 12 Sep 2023 13:08:58 +0000 (15:08 +0200)]
vppinfra: add ARM Neoverse-N2 support

Type: improvement

Change-Id: Ief77ae7338667ede290aece6933bb5ae2e76ffc6
Signed-off-by: Damjan Marion <[email protected]>
2 years agobuild: fix clang-16 build 00/39500/3
Damjan Marion [Wed, 6 Sep 2023 19:18:18 +0000 (21:18 +0200)]
build: fix clang-16 build

Change-Id: I882bef6f45fd276587fb93944ff4e21dc57dbca2
Type: fix
Fixes: 1c82cd4
Signed-off-by: Damjan Marion <[email protected]>
2 years agoidpf: make plugin default disabled until issues are fixed 22/39522/2
Damjan Marion [Tue, 12 Sep 2023 13:00:46 +0000 (15:00 +0200)]
idpf: make plugin default disabled until issues are fixed

Type: improvement
Change-Id: I2daa8fc338289555649135e7f0898e139807fdce
Signed-off-by: Damjan Marion <[email protected]>
2 years agodocs: mention how to build VPP outside git 05/39505/7
Vratko Polak [Wed, 13 Sep 2023 08:22:57 +0000 (10:22 +0200)]
docs: mention how to build VPP outside git

Type: docs

Change-Id: Iceee9ef489f7f68049882651bb338311295ca12d
Signed-off-by: Vratko Polak <[email protected]>
2 years agobuild: add vpp_plugins include directory 15/39415/3
Benoît Ganne [Mon, 21 Aug 2023 07:24:38 +0000 (09:24 +0200)]
build: add vpp_plugins include directory

Type: fix

Change-Id: Iacb04846c634231854f26348cc17cc729d6e0d87
Signed-off-by: Benoît Ganne <[email protected]>
2 years agovppinfra: fix coverity warning CID-313632 12/39412/2
Dave Wallace [Wed, 23 Aug 2023 03:24:01 +0000 (23:24 -0400)]
vppinfra: fix coverity warning CID-313632

Type: fix

Change-Id: Idc036d5967495cc2522b2a30e3acd3ec4c0cd3ff
Signed-off-by: Dave Wallace <[email protected]>
2 years agovlib: deuglify the offset finding loop in pci.c 36/39436/2
Vratko Polak [Wed, 23 Aug 2023 16:39:25 +0000 (18:39 +0200)]
vlib: deuglify the offset finding loop in pci.c

Type: style
Fixes: 054229ebbdeb3f87d96c1abf93b511c86cd6ff0f

Change-Id: I7c3080db94566af249e5082d59a4e6373c616888
Signed-off-by: Vratko Polak <[email protected]>
2 years agoperfmon: fix perf_user_access_enabled type 69/39469/2
Tianyu Li [Tue, 29 Aug 2023 07:59:12 +0000 (07:59 +0000)]
perfmon: fix perf_user_access_enabled type

perf_user_access_enabled is defined as u8,
clib_sysfs_read format type is %u, this is for unsigned int,
change type from u8 to u32.

Type: fix
Fixes: 268d7be66b8b ("perfmon: enable perfmon plugin for Arm")

Signed-off-by: Tianyu Li <[email protected]>
Change-Id: I48ec00605e496d185370e77d894d7852d6d22124

2 years agovppinfra: fix setns typo 03/39503/2
Artem Glazychev [Thu, 7 Sep 2023 07:16:56 +0000 (14:16 +0700)]
vppinfra: fix setns typo

Type: fix

Signed-off-by: Artem Glazychev <[email protected]>
Change-Id: Ib8eb70336956bc2e8d0454f3c1f2c62ec98cb009

2 years agopci: fix coverity issue CID-322372 09/39409/2
Dave Wallace [Tue, 22 Aug 2023 16:51:09 +0000 (12:51 -0400)]
pci: fix coverity issue CID-322372

Type: fix

Change-Id: Iaf16bb720d76ea3ae04afb8123b7cac15771ef2b
Signed-off-by: Dave Wallace <[email protected]>
2 years agoipsec: improve fast path policy searching performance 33/38733/5
Xiaoming Jiang [Wed, 26 Apr 2023 11:58:25 +0000 (11:58 +0000)]
ipsec: improve fast path policy searching performance

Type: improvement
Signed-off-by: Xiaoming Jiang <[email protected]>
Change-Id: Ib8bb300f5b62648f6b634046415742bdf5365982

2 years agocrypto: allow changing dispatch mode 86/39386/6
Vratko Polak [Thu, 17 Aug 2023 14:22:48 +0000 (16:22 +0200)]
crypto: allow changing dispatch mode

This change aims to affect crypto_sw_scheduler behavior,
but all the edits end up in vnet/crypto.

Previous release CSIT tests were testing async crypto in polling mode.
After 9a9604b09f15691d7c4ddf29afd99a31e7e31eed introduced adaptive mode
for crypto dispatch, the CSIT performance got way worse.

Possibly, there is another VPP bug related to adaptive mode
(it should not lose as many packets as seen in CSIT),
but the next release is too close for trying to fix that.

This change (instead of fixing adaptive mode)
allows CSIT to continue testing polling mode (after explicit API call),
while keeping the adaptive mode as default behavior.

The deprecated crypto_set_async_dispatch always disable adaptive mode,
crypto_set_async_dispatch_v2 has parameter to enable or disable it.
The mode parameter is still used for the inital state of adaptive mode.

Type: feature

Change-Id: Ib98080eefb4be291207af543884f2c3837f92f59
Signed-off-by: Vratko Polak <[email protected]>
2 years agocrypto-sw-scheduler: improve function indentation 70/39370/3
Vratko Polak [Thu, 17 Aug 2023 14:15:38 +0000 (16:15 +0200)]
crypto-sw-scheduler: improve function indentation

The checkstyle --fix command remains confused
around the def/foreach/undef usage in convert_async_crypto_id,
but at least the other functions now look correctly indented to me.

Type: style

Change-Id: Ic8f7b580267386b7a6b07d33d9ba7ae9787c0e0a
Signed-off-by: Vratko Polak <[email protected]>
2 years agosession: make sure rx evt flag is cleared for builtin rx 02/39502/3
Florin Coras [Thu, 7 Sep 2023 02:38:44 +0000 (19:38 -0700)]
session: make sure rx evt flag is cleared for builtin rx

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I99631b1be6e19f0cefd1cefa82a51e6f8e9be2ac

2 years agoipsec: clear L4-cksum flags when decap'ing packets 38/39238/8
Frédéric Perrin [Fri, 14 Jul 2023 10:13:42 +0000 (11:13 +0100)]
ipsec: clear L4-cksum flags when decap'ing packets

Type: fix

Signed-off-by: Frédéric Perrin <[email protected]>
Change-Id: I45191b7316c88038bcd57d62aeb07bb109cf4a4d

2 years agodpdk-cryptodev: fix cache ring stats cli command 91/39491/2
Piotr Bronowski [Tue, 5 Sep 2023 21:18:59 +0000 (21:18 +0000)]
dpdk-cryptodev: fix cache ring stats cli command

The logic for calcuating processed elements in the cache ring was broken.
In case tail and deq_tail equals and frame element pointed by the tile
is not NULL it means there is exactly one processed element in the ring.

Type: fix

Signed-off-by: Piotr Bronowski <[email protected]>
Change-Id: I69c978334fc952049393214ccc9cc5245351f7f7

2 years agobuild: add option to specify native -march= flag with VPP_BUILD_NATIVE_ARCH 62/39462/2
Damjan Marion [Thu, 31 Aug 2023 15:00:16 +0000 (17:00 +0200)]
build: add option to specify native -march= flag with VPP_BUILD_NATIVE_ARCH

Type: improvement
Change-Id: I98eeba1ad2f9ed0531a7c615e0e70e535f24f813
Signed-off-by: Damjan Marion <[email protected]>
2 years agonat: improve nat44-ed outside address distribution 21/38521/3
Vladislav Grishenko [Thu, 16 Mar 2023 14:31:00 +0000 (19:31 +0500)]
nat: improve nat44-ed outside address distribution

Use client address hash to pick the first outside address
instead of just address high octet, becasue it may denegerate
into stable 10/172/192, depending on nat address count.

Fix outside address distribution test to acually test the
distribution, not the algo, so previous distribution will
fail with 65 nat addresses and 100 clients:

FAIL: Outside address distribution based on source address
Traceback (most recent call last):
  File ".../test/test_nat44_ed.py", line 2048, in test_outside_address_distribution
    msg="Bad outside address distribution")
AssertionError: 156.25 not less than 0.33 : Bad outside address distribution

Type: improvement
Change-Id: I604b1294422f20d211db5614c47559557a78a193
Signed-off-by: Vladislav Grishenko <[email protected]>
2 years agovirtio: add support for tx-queue-size 25/36725/6
Mohsin Kazmi [Tue, 29 Aug 2023 09:18:20 +0000 (09:18 +0000)]
virtio: add support for tx-queue-size

Type: improvement

DBGvpp# set loggin class virtio level debug
DBGvpp# create int virtio 0000:00:03.0 tx-queue-size 1024

show virtio pci
```
  Virtqueue (TX) 1
    qsz 1024, last_used_idx 0, desc_next 0, desc_in_use 0
    avail.flags 0x1 avail.idx 0 used.flags 0x0 used.idx 0
```

show logging
```
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, default-size 256
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, new size 1024
```

Change-Id: Ib1a3ebe742b3a6c9fe72bd1c5accfe07682cbdd1
Signed-off-by: Mohsin Kazmi <[email protected]>
2 years agoip: punt add punt socket support for icmp6 84/39484/6
Ole Troan [Tue, 5 Sep 2023 06:27:53 +0000 (08:27 +0200)]
ip: punt add punt socket support for icmp6

Punt support for ICMP6 messages allows for an external IPv6 RA advertisement agent.

Type: feature
Change-Id: I0cc928b747ac1f8335ee9f7c42a3231424825dbc
Signed-off-by: Ole Troan <[email protected]>
2 years agoapi: fix mp-safe mark for some messages and add more 25/38525/2
Vladislav Grishenko [Sat, 18 Mar 2023 21:57:01 +0000 (02:57 +0500)]
api: fix mp-safe mark for some messages and add more

Several api messages were not mp-safe although marked as such
because non-zero base id was not taken into account, and therefore
some other (from zero base id) were falsely mp-safe instead.

Keep messages as mp-safe, as they falsely were before:
    10   get_first_msg_id                              0       1
    12   api_versions                                  0       1

Messages that are no longer mp-safe as they weren't marked:
    15   sockclnt_create                               0       1
    33   proxy_arp_intfc_dump                          0       1

Fix messages to be really mp-safe:
    809  bridge_domain_dump                            0       1
    920  ip_route_add_del                              0       1
    921  ip_route_add_del_v2                           0       1
    1362 get_node_graph                                0       1
    1671 create_vhost_user_if                          0       1
    1675 create_vhost_user_if_v2                       0       1

Additionally mark messages as mp-safe, seems they need no barrier:
    1360 show_threads                                  0       1
    1370 show_version                                  0       1
    1372 show_vpe_system_time                          0       1

Type: fix
Change-Id: Ie6c1e3aa89f26bf51bfbcb7e7c4d9fee885487b7
Signed-off-by: Vladislav Grishenko <[email protected]>
2 years agovapi: fix verification for reply message 92/39292/4
Sylvain Cadilhac [Wed, 26 Jul 2023 14:16:47 +0000 (16:16 +0200)]
vapi: fix verification for reply message

Type: fix
Byte swapping should be done before verifying message otherwise the message length will be wrongly computed.

Change-Id: I90b2f60bd33e5362e0edd5ee425f6a6f07886f1e
Signed-off-by: Sylvain Cadilhac <[email protected]>
2 years agohs-test: point gdb to vpp source files 89/39489/2
Filip Tehlar [Tue, 5 Sep 2023 13:36:28 +0000 (15:36 +0200)]
hs-test: point gdb to vpp source files

Type: test

Change-Id: Ie5867737e5d49fd45cc15b690af3493263fb2f6f
Signed-off-by: Filip Tehlar <[email protected]>
2 years agohs-test: verbose output on single test run 90/39490/1
Filip Tehlar [Tue, 5 Sep 2023 13:58:28 +0000 (15:58 +0200)]
hs-test: verbose output on single test run

Type: test

Change-Id: I12ae7db36a6f7f9758fd195088877dfcd5606f84
Signed-off-by: Filip Tehlar <[email protected]>
2 years agonpt66: make plugin default disabled 71/39471/4
Ole Troan [Fri, 1 Sep 2023 12:18:23 +0000 (14:18 +0200)]
npt66: make plugin default disabled

Plugin is still in experimental state. No reason why it needs
to be default enabled.

Type: fix
Change-Id: Ibf1810215d4c8079a068bfc60aa7dd49306ee4e4
Signed-off-by: Ole Troan <[email protected]>
2 years agohs-test: log external apps 61/39461/3
Filip Tehlar [Sat, 2 Sep 2023 06:54:21 +0000 (08:54 +0200)]
hs-test: log external apps

Type: test

Change-Id: Id2b0d408bd46f20b81422506f9db4eb655feddac
Signed-off-by: Filip Tehlar <[email protected]>
2 years agohs-test: fix gdb attach 74/39474/2
Filip Tehlar [Sat, 2 Sep 2023 06:39:25 +0000 (08:39 +0200)]
hs-test: fix gdb attach

Type: test

Change-Id: Ic48ca7a3aab47df50d4e38e6123c90140c944172
Signed-off-by: Filip Tehlar <[email protected]>
2 years agoudp: buffer packets for connections in accepting state 73/39473/3
Florin Coras [Sat, 2 Sep 2023 00:19:33 +0000 (17:19 -0700)]
udp: buffer packets for connections in accepting state

Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I6e313000bccce749b813f20a52432154bfd494ed

2 years agoarping: api to return responder mac address 58/39458/4
Ole Troan [Thu, 31 Aug 2023 07:48:45 +0000 (09:48 +0200)]
arping: api to return responder mac address

The new arping_acd call includes the responders mac address in the reply.
Enabling a client doing address conflict detection to identify if it
is itself that is replying or that it is another host uses the IP
address.

Type: feature
Change-Id: Ia4bab2af1086f06ed71ba42e2e07368d4e330a27
Signed-off-by: Ole Troan <[email protected]>
2 years agonpt66: checksum applied to src address instead of dst address on rx 70/39470/2
Ole Troan [Fri, 1 Sep 2023 12:15:39 +0000 (14:15 +0200)]
npt66: checksum applied to src address instead of dst address on rx

Applied the checksum delta to the source address instead of the destination address
in the RX direction.

Cleaned up tests a little.

Type: fix
Change-Id: I871f3448365587e5319dfbca6ea356935321ff9b
Signed-off-by: Ole Troan <[email protected]>
2 years agotracenode: filtering feature 13/39213/15
Maxime Peim [Tue, 11 Jul 2023 07:45:56 +0000 (09:45 +0200)]
tracenode: filtering feature

In order to be able to filter on encapsulated packet, a new node
has been added to the ip4/6-unicast arcs.

Type: feature
Change-Id: I1e8ee05bc6d0fce20cadd8319c81bab260c17d21
Signed-off-by: Maxime Peim <[email protected]>
2 years agosession: fix allocation of proxy fifos 67/39467/7
Florin Coras [Fri, 1 Sep 2023 00:33:47 +0000 (17:33 -0700)]
session: fix allocation of proxy fifos

Fifos need to be synchronously allocated once a transport like tcp
accepts a session. Since events are now delivered asynchronously,
proxy apps must explicitly register a cb function that manages
fifo allocation prior to being notified of connect event.

Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I7df973b7014e53e0766ea2bdc61e9871160bc18b

2 years agomap: test fix feature disabling 04/39304/8
Maxime Peim [Tue, 1 Aug 2023 09:29:15 +0000 (11:29 +0200)]
map: test fix feature disabling

Upon test teardown, MAP features were not disabled, potentially
leading packets to be treated by the wrong node.

Type: test
Change-Id: I0c1c614318d1308f825c5cc0bf95688e92f6d00a
Signed-off-by: Maxime Peim <[email protected]>
2 years agovcl: set min threshold for tx ntf 48/39448/5
Florin Coras [Mon, 28 Aug 2023 06:14:50 +0000 (23:14 -0700)]
vcl: set min threshold for tx ntf

Make sure there's at least 3% space in the tx fifo before notifying vcl
of a tx event. The threshold is somewhat arbibrary but for a 4M fifo, it
now means that ~120kB of space should be available.

Should help minimize the amount of tx notifications generated by
session layer when apps are faster.

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I11dd0931dca8f989000a2481f1f495bd267589c4

2 years agofateshare: a plugin for managing child processes 38/35638/23
Andrew Yourtchenko [Mon, 14 Mar 2022 09:49:15 +0000 (09:49 +0000)]
fateshare: a plugin for managing child processes

For the reasons of modularity and security, it is useful
to have various functionality split into processes different from VPP.
However, this approach presents the challenges of managing those processes,
and is markedly different from simply running everything within VPP process.

This plugin is an experiment in having the VPP itself start off a monitor
process which in turn starts the child processes, and restarts them if they
quit.

If the VPP process ceases to exist, the monitor process terminates all
the descendant processes and quits itself.

This allows to preserve the "single entity to manage" approach of
simply running a barebones VPP.

An example of running it:

export DPDK_CONFIG=""
export DISABLED_PLUGINS=dpdk
export EXTRA_VPP_CONFIG="fateshare { monitor ./build-root/install-vpp_debug-native/vpp/bin/vpp_fateshare_monitor command ./test1 }"
make run

Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: I66221fd7403f220d9652fe76958ca499cfd070a7
Type: feature

2 years agosession: fix compilation when SESSION_DEBUG is on 50/39450/5
Florin Coras [Mon, 28 Aug 2023 06:30:39 +0000 (23:30 -0700)]
session: fix compilation when SESSION_DEBUG is on

Wrap SESSION_EVT in do loop to avoid complaints about if statement
having no arguments which can happen if debugging for groups is not
enabled.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I35af179b806ed47a1e20816a19291c31fdb7566a