Marco Varlese [Tue, 13 Mar 2018 14:44:56 +0000 (15:44 +0100)]
 
SCTP: data retransmission & snd_space fix
This patch addresses two things:
1) The data retransmission which needs to be taken care of when the
SCTP_TIMER_T3_RXTX;
2) The correct calculation of the amount of data transmittable
considered: the local window, the peer window and any data inflight.
Change-Id: I2d03a6cb43e4e7770c4910f8547c66e1026aeace
Signed-off-by: Marco Varlese <[email protected]>
Neale Ranns [Mon, 12 Mar 2018 13:59:36 +0000 (06:59 -0700)]
 
Common form of fib-path reproting in dumps
Change-Id: I8f6fdbbeef2ac7e9fe5d87490ae5cba6e9a0b294
Signed-off-by: Neale Ranns <[email protected]>
Neale Ranns [Tue, 13 Mar 2018 14:51:50 +0000 (07:51 -0700)]
 
FIB: DVR paths are not considered L3 attached
Change-Id: Ie473dca3264b480b007d2eb500aaa557b889c7c1
Signed-off-by: Neale Ranns <[email protected]>
Jakub Grajciar [Tue, 13 Mar 2018 12:57:50 +0000 (13:57 +0100)]
 
libmemif: ubuntu 18.04 build fix
Change-Id: I6624cacd625eea6a9b8214f67d14ec162e2c0195
Signed-off-by: Jakub Grajciar <[email protected]>
Dave Barach [Mon, 12 Mar 2018 21:38:31 +0000 (17:38 -0400)]
 
Rationalize plugin symbol error reporting
Change-Id: I64f2b2007f30fc1c6bd2990ba0d7ccbcd43cdb38
Signed-off-by: Dave Barach <[email protected]>
Marco Varlese [Mon, 12 Mar 2018 11:36:59 +0000 (12:36 +0100)]
 
SCTP: cumulative SACK fix
A bug was found affecting the cumulative sending of SACK messages.
Because the next0 was never assigned to the next_output the SACK message
was never leaving the peer.
Further, two new flags have been added to distinguish when a peer is
AWAITING a SACK message (e.g. DATA is inflight and waiting to be
acknowledged).
Change-Id: Ibb5a98f7e5fed15cdc76710b74195cac031d59ed
Signed-off-by: Marco Varlese <[email protected]>
Jon Loeliger [Mon, 12 Mar 2018 19:50:08 +0000 (14:50 -0500)]
 
SPAN: Add 'is_l2" flag to DETAILS response messages.
Change-Id: I375bb0e663bc082d98a29fb101c653557ddc8f55
Signed-off-by: Jon Loeliger <[email protected]>
Dave Barach [Mon, 12 Mar 2018 19:56:41 +0000 (15:56 -0400)]
 
Remove md5.[ch] from vppinfra
Removed the sole use of it from ip6_neighbor.c
Change-Id: Ie53cb3b6a3a41ec0917ec2042e5006d0cfaefc01
Signed-off-by: Dave Barach <[email protected]>
Dave Barach [Mon, 12 Mar 2018 13:31:36 +0000 (09:31 -0400)]
 
License text cleanup
Change-Id: I105375c653b1a1dce8f0f71005b281ff137c6f42
Signed-off-by: Dave Barach <[email protected]>
Matus Fabian [Fri, 9 Mar 2018 13:07:35 +0000 (05:07 -0800)]
 
NAT44: fix nat_not_translate_output_feature in dual loop (VPP-1194)
Change-Id: Icb858414145db0e5fef495e155903b3b935e50ba
Signed-off-by: Matus Fabian <[email protected]>
Matus Fabian [Wed, 7 Mar 2018 12:57:22 +0000 (04:57 -0800)]
 
NAT44: fix nat_not_translate_output_feature for ICMP (VPP-1191)
Change-Id: I1552e1418b704fdf1f1fa2c0174313b9b82a37a3
Signed-off-by: Matus Fabian <[email protected]>
Andrew Yourtchenko [Wed, 7 Mar 2018 16:35:59 +0000 (17:35 +0100)]
 
vnet: l2-classify: prefetch (n+2, n+3) rather than (n+1, n+2) inside dual loop code
The dual loop within the L2 classifier processes the (n, n+1) packets,
the prefetching was trying to prefetch (n+1, n+2) - thus half of the
prefetches were not used - because the next iteration needs (n+2, n+3).
Change-Id: I827d20845dbdd0dcdcf463ee25661a7921428992
Signed-off-by: Andrew Yourtchenko <[email protected]>
John Lo [Sat, 10 Mar 2018 00:48:42 +0000 (19:48 -0500)]
 
dpdk-input node packet trace intermittent on IP forwading path
Packet trace initiated by dpdk-input node would occasionally
not fully function if next node is ip4-input.
Change packet trace saving order in the quad-loop so "sho trace"
will display trace in packet receive order.
Fold calling of vlib_trace_buffer() into dpdk_add_trace().
Change-Id: I9d7a9bf3b9391f95590e66150b26b0b15912d803
Signed-off-by: John Lo <[email protected]>
Dave Barach [Sat, 10 Mar 2018 19:57:00 +0000 (14:57 -0500)]
 
Move the vnet cdp protocol implementation to a plugin
Add a binary API and debug cli to enable/disable cdp. cdp is disabled
by default.
Change-Id: I307c7e38dfda38e36ff3325f65de7036c34d89b1
Signed-off-by: Dave Barach <[email protected]>
Lee Roberts [Thu, 8 Mar 2018 02:57:49 +0000 (19:57 -0700)]
 
Assign correct NUMA node for DPDK crypto devices
DPDK rte_cryptodev_socket_id() is returning zero for QAT devices.
Apply DPDK patch where correct NUMA node can be obtained with pci_dev->device.numa_node.
Change-Id: I1c7a77bb13e2db8615189e97b67d68d043127787
Signed-off-by: Lee Roberts <[email protected]>
Lee Roberts [Thu, 8 Mar 2018 03:18:48 +0000 (20:18 -0700)]
 
Coordinate known Ethernet speeds with Linux kernel and DPDK
Linux kernel and DPDK recognize the following Ethernet speeds:
10M, 100M, 1G, 2.5G, 5G, 10G, 20G, 25G, 40G, 50G, 56G and 100G.
Add consistent Ethernet speeds to VPP.
Change-Id: I4cfcf378fb34425c1206db5aa2f6bdcc66e0a6ab
Signed-off-by: Lee Roberts <[email protected]>
Lee Roberts [Thu, 8 Mar 2018 02:47:00 +0000 (19:47 -0700)]
 
Correct address calculation for VPP-1168
Use (u64) cast to ensure proper address calculations.
Change-Id: I6bad50010b140189f1b0af177e55da0045bd7a93
Signed-off-by: Lee Roberts <[email protected]>
Keith Burns (alagalah) [Tue, 6 Mar 2018 23:55:22 +0000 (15:55 -0800)]
 
VCL API for external callback for listener/connect event
Change-Id: Ic59355683b581945d10a2df97d9b2deae87a998e
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Damjan Marion [Fri, 9 Mar 2018 15:05:56 +0000 (16:05 +0100)]
 
dpdk: move DPDK vfio hack to dpdk plugin
Change-Id: I806cbf8c6c49643fe6c317bcceab93c1b9d441ab
Signed-off-by: Damjan Marion <[email protected]>
Dave Wallace [Fri, 9 Mar 2018 17:04:10 +0000 (12:04 -0500)]
 
make test: Force VCL test timeouts to FAIL test.
Change-Id: Ie8d3bcb9021d9272bd27dba35d30e5081023f061
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Thu, 8 Mar 2018 21:39:28 +0000 (16:39 -0500)]
 
VCL: add event registration to listen session in select()
Change-Id: Ie2e8f4ec3a7ec1018e5f9ca6f28f8cb18beaa814
Signed-off-by: Dave Wallace <[email protected]>
ahdj007 [Thu, 8 Mar 2018 02:02:17 +0000 (10:02 +0800)]
 
when exceed max reass,
frag packet can't get reass.
adding bihash,it can rewrite new hash value.
so need to delete hash after compare hash value.
Change-Id: I83b5c47890110e9a598b78cfbe8fcd27bbe291bb
Signed-off-by: ahdj007 <[email protected]>
Neale Ranns [Fri, 23 Feb 2018 13:29:09 +0000 (05:29 -0800)]
 
MPLS Unifom mode
- support both pipe and uniform modes for all MPLS LSP
- all API programming for output-labels requires that the mode (and associated data) is specificed
   - API changes in MPLS, BIER and IP are involved
- new DPO [sub] types for MPLS labels to handle the two modes.
Change-Id: I87b76401e996f10dfbdbe4552ff6b19af958783c
Signed-off-by: Neale Ranns <[email protected]>
Mohsin Kazmi [Thu, 8 Mar 2018 16:45:33 +0000 (17:45 +0100)]
 
ACL: Fix the detail for ethertype whitelist
Change-Id: Ie8b4effbd25e1e26b625d451ec059bac58a5a5a1
Signed-off-by: Mohsin Kazmi <[email protected]>
Keith Burns (alagalah) [Fri, 9 Mar 2018 00:46:25 +0000 (16:46 -0800)]
 
VCL event handling changes
- added vce_get_event_handler()
- added check for event before blocking on mutex in vppcom_session_accept()
Change-Id: I8e19ea5fcbaa40279cb28152b9923ca8f1328670
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Florin Coras [Wed, 7 Mar 2018 16:49:27 +0000 (08:49 -0800)]
 
tls: make tls engines pluggable
- add infra for pluggable tls "engines"
- makes mbedtls specific code a plugin
Change-Id: I2c5b099e2b69d2be0038e3ef02b208ff907727e7
Signed-off-by: Florin Coras <[email protected]>
Keith Burns (alagalah) [Wed, 7 Mar 2018 17:26:38 +0000 (09:26 -0800)]
 
VCL refactoring
- simplified event handling and unregister
- removed fixed need to bit flip event hash key
- added spinlock for client_session_fifo (was using sessions_lockp)
- removed redundant vars
Change-Id: I3c7645da660fb5560efdc4e9347e105df9650a16
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Dave Wallace [Thu, 8 Mar 2018 16:40:28 +0000 (11:40 -0500)]
 
VCL: cleanup namespace_secret env-var cfg code.
Change-Id: I9de8dd822494abe1b8701a72a9b8bede34dea8dc
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Thu, 8 Mar 2018 16:35:03 +0000 (11:35 -0500)]
 
VCL: Add full hoststack test option to socket_test.sh
Change-Id: I3e5e179daa9d6f1c46adb85b05dd810bdd312054
Signed-off-by: Dave Wallace <[email protected]>
Andrew Yourtchenko [Tue, 6 Mar 2018 15:27:55 +0000 (16:27 +0100)]
 
acl-plugin: add the support for dumping the ethertype whitelist (VPP-1163)
The gerrit 10434 which added the support for whitelist model on ethertypes,
did not include the support to dump the current state.
This patch fills that gap.
Change-Id: I3222078ccb1839dc366140fa5f6b8999b2926fd2
Signed-off-by: Andrew Yourtchenko <[email protected]>
Marek Gradzki [Tue, 6 Mar 2018 11:25:02 +0000 (12:25 +0100)]
 
vppapigen: require reply/details messages for requests/dumps
Throw exception if details/reply is not defined instead
of logger warning.
Change-Id: I6eb39c51eecca6521e5f563ba09dfd62311b45ec
Signed-off-by: Marek Gradzki <[email protected]>
Steve Shin [Wed, 7 Mar 2018 21:29:29 +0000 (13:29 -0800)]
 
Fix Avoid crash in vnet_delete_sub_interface routine
vnet_get_sw_interface shoud be called after sw_if_index is validated.
Change-Id: I36f1d90999c740803386404ba9b32703b659cd54
Signed-off-by: Steve Shin <[email protected]>
Damjan Marion [Wed, 7 Mar 2018 18:25:51 +0000 (19:25 +0100)]
 
fix physmem mappings
Change-Id: Ie0763e20c36a29a8ef866511903c85027dd133c3
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Wed, 7 Mar 2018 12:06:40 +0000 (13:06 +0100)]
 
features: extend 'feature node not found' warning message
Change-Id: I8f45fdb3865e2e0cbb5162ac622c07fec5e42b9d
Signed-off-by: Damjan Marion <[email protected]>
Matus Fabian [Wed, 7 Mar 2018 11:17:57 +0000 (03:17 -0800)]
 
NAT44: allow to configure one interface only as output or input feature (VPP-1192)
following is not possible:
set interface nat44 out GigabitEthernet0/3/0 output-feature
set interface nat44 out GigabitEthernet0/3/0
Change-Id: I1592cc18390881fda66f98316700886b8f5295f0
Signed-off-by: Matus Fabian <[email protected]>
Neale Ranns [Wed, 7 Mar 2018 12:59:18 +0000 (04:59 -0800)]
 
GBP: fix the runs before statement against the ACL node
Change-Id: I0ff13962ab6855663b9aec31c95e4a88cc809ff0
Signed-off-by: Neale Ranns <[email protected]>
Damjan Marion [Wed, 7 Mar 2018 12:21:04 +0000 (13:21 +0100)]
 
packet-generator: use default free list
Change-Id: I2a34546f9b32edc9bfb86b5492dde34aaef49ccc
Signed-off-by: Damjan Marion <[email protected]>
Florin Coras [Tue, 6 Mar 2018 00:53:07 +0000 (16:53 -0800)]
 
tls: enforce certificate verification
- add option to use test certificate in the ca chain
- add hostname to extended session endpoint fields and connect api
  parameters. If hostname is present, certificate validation is
  enforced.
- use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A
  different path can be provided via startup config
Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb
Signed-off-by: Florin Coras <[email protected]>
Damjan Marion [Wed, 7 Mar 2018 10:48:58 +0000 (11:48 +0100)]
 
test: disable reassembly tests and system modification script
One of basic requirements from day one for maek test is that it should
run unpriviledged, so modifying system paremeters is unacceptable.
Disabling script and reassembly tests as they need to be done in
different way.
Change-Id: I063c73eb82f2ebd7499e8adb1574a9fd2475fb5b
Signed-off-by: Damjan Marion <[email protected]>
Ole Troan [Wed, 7 Mar 2018 07:40:58 +0000 (08:40 +0100)]
 
VPPAPIGEN: Run tool directly from source tree.
This ensures that tool changes do not require re-bootstrap.
Disabled generation of temporary files (gentab / .pyc) to avoid polluting the source tree.
Change-Id: I4d6bc035fbb46550fa8f4e99f4091eef90e2d86c
Signed-off-by: Ole Troan <[email protected]>
Ole Troan [Tue, 6 Mar 2018 16:45:32 +0000 (17:45 +0100)]
 
VAPI: Ensure type definitions are generated in same order as .api file.
The previous use of a dictionary instead of a list led to typedefs being generated in wrong order.
Change-Id: Iee6ff73f920883ce6e599180c1b47fe997c1702e
Signed-off-by: Ole Troan <[email protected]>
Damjan Marion [Tue, 6 Mar 2018 17:46:54 +0000 (18:46 +0100)]
 
vlib: avoid crash if fill_free_list returns 0 buffers
Change-Id: If1284696e10df71b4029191b5e3adb32c21c0c5f
Signed-off-by: Damjan Marion <[email protected]>
Keith Burns (alagalah) [Tue, 6 Mar 2018 13:55:27 +0000 (05:55 -0800)]
 
VCL registration handler added to session for polling sessions
Change-Id: I5f0f3b07a7aa3f243c3d44a9a15cf0670dbb2d46
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Yusuke Tatsumi [Mon, 5 Mar 2018 04:01:04 +0000 (13:01 +0900)]
 
LB plugin: Fix Layer-4 checksum error in L3DSR.
Though dst-IP address would be change in LB plugin with L3DSR method,
layer-4 checksum would not be recomputed after this change.
Related changes:
- L3DSR: https://gerrit.fd.io/r/#/c/10203/
Change-Id: I98de7b8d80186ac77608a68050208c08d90b7c3b
Signed-off-by: Yusuke Tatsumi <[email protected]>
ahdj007 [Tue, 6 Mar 2018 08:15:44 +0000 (16:15 +0800)]
 
when lb tcp in2out flow,
in2out and out2in protocol are not same
Change-Id: I4ce680ad1f088cb079e1f2aeb15ca59225fca0d1
Signed-off-by: ahdj007 <[email protected]>
ahdj007 [Tue, 6 Mar 2018 07:46:54 +0000 (15:46 +0800)]
 
reass frag_n should to be inited to 0
Change-Id: I8a4a7a85e86acbfe411e6dfa22e3976d7d4c903b
Signed-off-by: ahdj007 <[email protected]>
Mohsin Kazmi [Mon, 26 Feb 2018 17:36:17 +0000 (18:36 +0100)]
 
VOM: Fix state reconciliation
This commit also fixes the acl and arp handle for
inspector to view internal state of VOM.
Change-Id: Ibc8ff6cb51d2a77b4c04993ac7212564b8892337
Signed-off-by: Mohsin Kazmi <[email protected]>
Marco Varlese [Tue, 6 Mar 2018 07:09:04 +0000 (08:09 +0100)]
 
glibc 2.27 fix
With glibc 2.27 the memfd_create has been added to the devel libraries.
That's causing the internally defined static function to clash with the
system wide one. This patch addresses that issue on systems with latest
glibc libraries.
Change-Id: I788bf49b23d5b5f1cb1c0374e243d8a429178a71
Signed-off-by: Marco Varlese <[email protected]>
Marek Gradzki [Tue, 6 Mar 2018 10:42:36 +0000 (11:42 +0100)]
 
vppapigen: require service definition for singleton messages
Change-Id: Ie7b1c5e50588f65657c3c0900e5914ea82ebb50f
Signed-off-by: Marek Gradzki <[email protected]>
Marek Gradzki [Tue, 6 Mar 2018 10:10:56 +0000 (11:10 +0100)]
 
vppapigen: do not allow to define message as both request and reply
Change-Id: I0738fac32dd0c5d927c52d2eb2c1100d14c147cf
Signed-off-by: Marek Gradzki <[email protected]>
Marek Gradzki [Tue, 6 Mar 2018 09:56:26 +0000 (10:56 +0100)]
 
vppapigen: require reply ID different than caller ID
Change-Id: I316dc99881bce6a36904863d3c1c049b4f5cf658
Signed-off-by: Marek Gradzki <[email protected]>
Marek Gradzki [Tue, 6 Mar 2018 09:05:44 +0000 (10:05 +0100)]
 
API: Add service definitions for events and singleton messages (second attempt)
Based on https://gerrit.fd.io/r/#/c/10920/
Updates service definition in stats.api with correct reply message names.
Change-Id: I3282bee5304e667e23bc1fab3f43d967a50d880d
Signed-off-by: Marek Gradzki <[email protected]>
Ole Trøan [Mon, 5 Mar 2018 21:53:35 +0000 (21:53 +0000)]
 
Revert "API: Add service definitions for events and singleton messages."
This reverts commit 
f7b7fa53b7eaec81d8c00c1023fb7d01f1f9761f.
Change-Id: I87496342943248e94f01ada31459f387c0a3a610
Signed-off-by: Ole Troan <[email protected]>
Damjan Marion [Mon, 5 Mar 2018 19:08:28 +0000 (20:08 +0100)]
 
physmem: keep only one physmem_main
We don't need per vlib_main physmem_main, so keep it separatelly instead
of trying to keep them in sync.
Change-Id: I0fbeecf4d9672d31af7a43c640a7d8f05dd6e46f
Signed-off-by: Damjan Marion <[email protected]>
Keith Burns (alagalah) [Fri, 23 Feb 2018 18:17:01 +0000 (10:17 -0800)]
 
VCL async event handler
- provides async handling of events such as accept/connect
Change-Id: Id95947237ef16629371b3c99822059d423e2f918
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Marco Varlese [Mon, 5 Mar 2018 14:12:29 +0000 (15:12 +0100)]
 
SCTP: API to configure some tunables
This patch adds the possibility to configure some behaviors of the SCTP
stack based on some tunable parameters (mainly ON/OFF). For the time
being, that is limited to the bundling option (multiplexing messages)
and to delaying the SACK message.
Change-Id: I696493e0309e47163c1e119c7d9f82f7d8ee6b87
Signed-off-by: Marco Varlese <[email protected]>
Neale Ranns [Sat, 24 Feb 2018 10:11:19 +0000 (02:11 -0800)]
 
IP6 link-local table
- IPv6 link local table is a per-SW interface array of IPv6 unicast FIBs
- the per-interface ocst is sizeof(fib_table_t) which is small,
  w.r.t. the cost of an interface
- FE80::/10 in the 'global' table points to a DPO that performs a lookup in the
  input interface's LL fib.
Change-Id: Ice834b25ebeeacb2e929d7c864d7ec8c09918cbe
Signed-off-by: Neale Ranns <[email protected]>
Amir Zeidner [Mon, 5 Mar 2018 12:32:22 +0000 (14:32 +0200)]
 
Set DPDK_MLX4_PMD and DPDK_MLX5_PMD compile with default dlopen links
dlopen linkage allow more transparent use for Mellanox nics.
Mellanox shared library librte_pmd_mlx5/4_glue.so* placed in LD_LIBRARY_PATH
At run time Mellanox code will be loaded only when Mellanox nics explicty used.
i.e if VPP is used with other vendor Mellanox code is not loaded.
Change-Id: Ib05bdbfc4cbb6e447c67186c98361f9c5b447140
Signed-off-by: Amir Zeidner <[email protected]>
Ole Troan [Thu, 1 Mar 2018 13:53:12 +0000 (14:53 +0100)]
 
API: Add service definitions for events and singleton messages.
Change-Id: I7de987c30b263d43521e6280c5273f30b5f6e11c
Signed-off-by: Ole Troan <[email protected]>
Damjan Marion [Mon, 5 Mar 2018 13:08:33 +0000 (14:08 +0100)]
 
vlib: add functions to dynamically open/close PCI device
Old code was only allowing PCIdevices to be scanned during startup,
now driver can open and close device without restart of vpp.
Change-Id: I1a06511e3f16f896101b43dac2bad420b6e6c35e
Signed-off-by: Damjan Marion <[email protected]>
Marco Varlese [Mon, 5 Mar 2018 11:31:45 +0000 (12:31 +0100)]
 
SCTP: retransmission in INIT/SHUTDOWN phase
This patch addresses the need to handle timers timeouts (e.g. sent
chunks not being acked) for both the INIT and SHUTDOWN phases.
The INIT phase requires the handling of two timers the T1-init and
T1-cookie timers whilst the SHUTDOWN phase requires the handling of the
T2-shutdown timer only for the retransmission case.
Left to be implemented is the handling of the DATA chunks retransmission
(e.g. T3-rxtx expiration) but that will be submitted with a separate
patch.
Change-Id: I2b2e13dce11000aea3c7d965f02b27b76c97e605
Signed-off-by: Marco Varlese <[email protected]>
Damjan Marion [Mon, 5 Mar 2018 08:36:31 +0000 (09:36 +0100)]
 
vlib: vlib_buffer_free_internal optimizations
Change-Id: Ia819b630b824002c59680836a8833df7e5af90e9
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Sun, 4 Mar 2018 16:19:08 +0000 (17:19 +0100)]
 
vlib: vfio code rework
Change-Id: I99cf3e7cc991aa7d32385a155c707a6516516117
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Mon, 5 Mar 2018 09:18:50 +0000 (10:18 +0100)]
 
vlib: rework PCI INTx support
Change-Id: I6df5a01416993c213e06645a6d9b48dfe77c8227
Signed-off-by: Damjan Marion <[email protected]>
Florin Coras [Sun, 4 Mar 2018 15:24:30 +0000 (07:24 -0800)]
 
tls: add stop listen handler
Change-Id: I233d02a669b6a0504cd54590c6c8e4fefadc4713
Signed-off-by: Florin Coras <[email protected]>
Matthew Smith [Fri, 2 Mar 2018 17:31:26 +0000 (11:31 -0600)]
 
NAT44 - unknown protocols work with forwarding
If forwarding is enabled, inbound packets on an outside
interface should not be dropped and instead pass on to
the FIB lookup. This works for TCP and UDP but not other
IP protocols. Enable it for unknown protocols.
Change-Id: I1da84b5633a36b3e5e64079754db2fcc50f29819
Signed-off-by: Matthew Smith <[email protected]>
Damjan Marion [Sun, 4 Mar 2018 18:35:23 +0000 (19:35 +0100)]
 
vlib: add PCI MSI-X interrupt support (vfio only)
Change-Id: Iae2ddf93d1705354175e3dcae26b66e6f98a5c32
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Sun, 4 Mar 2018 16:37:15 +0000 (17:37 +0100)]
 
vlib: map pci region by using vfio FD when vfio is used
Change-Id: Ib94e9e9e9fcdad9cdb0e3402b3de7d78bd644abe
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Sun, 4 Mar 2018 15:44:26 +0000 (16:44 +0100)]
 
vlib: fix vlib_pci_get_device_info on when not running as root
While comment properly says that only first 64 bytes can be read, actual
code was returning error instead being happy with 64 bytes received.
Change-Id: I09c0d1d5c9fc8e1f6c59c093d81bb1ce1924281b
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Sun, 4 Mar 2018 15:41:35 +0000 (16:41 +0100)]
 
vppinfra: fix clib_mem_vm_ext_alloc non-shared allocations
Change-Id: I6d049c0875b91f67f008dc04ae7efe2f8ddc276e
Signed-off-by: Damjan Marion <[email protected]>
Ole Troan [Thu, 1 Mar 2018 12:33:39 +0000 (13:33 +0100)]
 
VPPAPIGEN: Improve output module finding for out-of-tree builds.
Change-Id: I3b646d84586dd61018f71cbf21c971c97fda75c1
Signed-off-by: Ole Troan <[email protected]>
Jon Loeliger [Fri, 2 Mar 2018 19:05:12 +0000 (13:05 -0600)]
 
netlink: Use nl_pid 0 to play nice with others.
While the netlink field is named nl_pid, and typically
contains a process id, setting it to a pid value directly
prevents other modules from also using a netlink socket.
On the other hand, setting it to 0 allows multiple modules
to use a netlink socket by letting the kernel assign the
nl_pid a value.
This allows the verito tap code to interact nicely with
the router plugin's librtnl after, say, tap-inject has
been enabled.
Change-Id: I9771929f34d15497a5f7b8c5fd78dac28e31383b
Signed-off-by: Jon Loeliger <[email protected]>
Florin Coras [Fri, 2 Mar 2018 17:23:42 +0000 (09:23 -0800)]
 
tls: clib_mem_alloc context to avoid dangling references
Change-Id: I1e3b48dfd21c9dbebdbcc0af0d6e888b416b3ac5
Signed-off-by: Florin Coras <[email protected]>
Dave Wallace [Fri, 2 Mar 2018 18:19:30 +0000 (13:19 -0500)]
 
make test: VCL extended test cases
- Add VCL cut thru uni-direction test over multiple sockets
- Add VCL cut thru bi-direction test over multiple sockets
- Add LDP cut thru uni-directional test over multiple sockets
- Add LDP cut thru bi-directional test over multiple sockets
- Add VCL thru host stack uni-direction test over multiple sockets
- Add VCL thru host stack bi-direction test over multiple sockets
- Add LDP thru host stack uni-directional test over multiple sockets
- Add LDP thru host stack bi-directional test over multiple sockets
- Fix validateResults to ensure worker_server process is killed if
  it still exists after running the test.
Change-Id: I77ea9acef172667558dbcec23af1e4c72b29f376
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Fri, 2 Mar 2018 18:33:45 +0000 (13:33 -0500)]
 
make test: add "EXTENDED_TESTS" to help output.
Change-Id: I89540e93f3c8839bf6fc4363f4736e9c01d91927
Signed-off-by: Dave Wallace <[email protected]>
Marek Gradzki [Thu, 1 Mar 2018 12:54:22 +0000 (13:54 +0100)]
 
gitignore: negate "No core files" pattern in 'vpp-api/java'
The 'vpp-api/java' includes 'core' subdir which should be tracked.
This patch adds .gitignore for 'vpp-api/java'
to negate pattern that matches 'core' files/dirs,
introduced by https://gerrit.fd.io/r/#/c/9848/.
Change-Id: I4e10ca10a891a2d95d6b45e479ee8d2196749132
Signed-off-by: Marek Gradzki <[email protected]>
Matthew Smith [Fri, 2 Mar 2018 14:39:17 +0000 (08:39 -0600)]
 
Add RPM buildtime dependency on mbedtls-devel
Update RPM spec to know about it
Change-Id: I61c7c1ce96071e3b84d792c18ff8880217b14fce
Signed-off-by: Matthew Smith <[email protected]>
Marek Gradzki [Fri, 9 Feb 2018 12:42:12 +0000 (13:42 +0100)]
 
jvpp: object model for jvpp generator (VPP-1184)
Introduces JSON parser which builds object model of Java API.
Also rewrites JNI translation of typedefs
to use per type translation functions
instead of code inlining.
Not covered:
- integrate with vappigen plugin (VPP-1154) or vapi parser (VPP-1155)
- use better templating engine (VPP-480)
- improvements of generator structure (e.g. VPP-1186)
Change-Id: I9e12d76c2f3c6ee041669f58e8a37917f656aa90
Signed-off-by: Marek Gradzki <[email protected]>
Florin Coras [Wed, 21 Feb 2018 20:07:41 +0000 (12:07 -0800)]
 
session: first approximation implementation of tls
It consists of two main parts. First, add an application transport type
whereby applications can offer transport to other applications. For
instance, a tls app can offer transport services to other applications.
And second, a tls transport app that leverages the mbedtls library for
tls protocol implementation.
Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838
Signed-off-by: Florin Coras <[email protected]>
Steven [Thu, 1 Mar 2018 17:36:01 +0000 (09:36 -0800)]
 
tapv2: CLI and binary API fixes
1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"
DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#
2. multiple issues exist with api_format.c with the below command
binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024
- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format
Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <[email protected]>
Matus Fabian [Thu, 1 Mar 2018 12:48:33 +0000 (04:48 -0800)]
 
NAT44: interface output feature and service host direct access (VPP-1176)
forwarding mode:
session initiaded from service host - translate
session initiaded from remote host - do not translate
Change-Id: I48170ee8e4ad14d3d3083ee31a40ef8d10d6ff32
Signed-off-by: Matus Fabian <[email protected]>
John DeNisco [Thu, 1 Mar 2018 20:05:22 +0000 (15:05 -0500)]
 
Change tcp config to reflect some recent changes.
Change-Id: Ic151be9ff7114c1fdec22d5ad056654960cf12b2
Signed-off-by: John DeNisco <[email protected]>
Marco Varlese [Thu, 1 Mar 2018 13:01:46 +0000 (14:01 +0100)]
 
SCTP: API to delete a sub-connection
This patch adds an API to delete a sub-connection following a SRC/DST IP
mapping as required by the RFC4960.
Change-Id: I7673dd07352557442ffeed6c6c00da274b24953d
Signed-off-by: Marco Varlese <[email protected]>
Ole Troan [Mon, 12 Feb 2018 17:14:39 +0000 (18:14 +0100)]
 
6RD: Rewritten 6RD RFC5969 support.
Change-Id: Ic30fbcb2630f39e45345d7215babf5d7ed4b33a0
Signed-off-by: Ole Troan <[email protected]>
Ole Troan [Thu, 1 Mar 2018 12:49:00 +0000 (13:49 +0100)]
 
STN: Fix stn_rules_dump/details to follow API convention
Change-Id: I94f6c35bf751d25ca7fe7c67054e676a3ad2241b
Signed-off-by: Ole Troan <[email protected]>
John Lo [Tue, 27 Feb 2018 21:35:03 +0000 (16:35 -0500)]
 
Fix ERSPAN encap to set EN bits in the header and add test case
For ERSPAN encap, both bits in the EN field of the header should
be set to indicate any VLAN tag in the original Ethernet frame is
preserved.
Added SPAN L2 test case where the mirrored packet output is a GRE
ERSPAN tunnel.
Change-Id: Ie7a40992a9278469c24aa6fa9e122b4505797d10
Signed-off-by: John Lo <[email protected]>
Marco Varlese [Thu, 1 Mar 2018 10:19:59 +0000 (11:19 +0100)]
 
SCTP: API to add a sub-connection
This patch adds an API to add a sub-connection following a SRC/DST IP
mapping as required by the RFC4960.
At the same time, it changes the way the next available sub-connection
is being calculated: rather than having an index in the parent
connection which is prone to many issues at run-time, the next available
sub-connection is being calculated by looking at the state of the set
sub-connections and if marked as DOWN it means that is an available slot
to be used.
Change-Id: I662be6a247bfbbe8bf9aaf3f485183c07ef862fe
Signed-off-by: Marco Varlese <[email protected]>
Ole Troan [Wed, 28 Feb 2018 13:55:20 +0000 (14:55 +0100)]
 
PAPI: pycodestyle on vpp_papi.py
Change-Id: I15cf4a9fd2d2518df4bfffc1ba3c556a87ca5afa
Signed-off-by: Ole Troan <[email protected]>
Florin Coras [Tue, 27 Feb 2018 18:05:57 +0000 (10:05 -0800)]
 
session: zero out ips in local endpoint lookup only if local
Change-Id: I3425b1533b3d31210166e7b3798685464ad1c489
Signed-off-by: Florin Coras <[email protected]>
Dave Wallace [Wed, 28 Feb 2018 22:55:23 +0000 (17:55 -0500)]
 
make test: Add VCL LD_PRELOAD tests
- Refactor test code into VclTestCase object.
- Add LDP cut thru and thru host stack tests.
Change-Id: I2b16473df108004c79cc86fe1b7a789485b2dc5b
Signed-off-by: Dave Wallace <[email protected]>
Matthew Smith [Fri, 23 Feb 2018 03:12:11 +0000 (21:12 -0600)]
 
Adjust vpp-selinux-policy postinstall
Only run semodule command on hosts where selinux
is enabled.
Change-Id: I7bcfc758e44bb0f41ec657ad395352ddb92766eb
Signed-off-by: Matthew Smith <[email protected]>
Steven [Wed, 28 Feb 2018 19:00:34 +0000 (11:00 -0800)]
 
tapv2: abort in tap_create_if (VPP-1179)
The following command sequences cause the crash:
create tap id 0 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
set interface state tap0 up
set interface state tap1 up
delete tap tap0
delete tap tap1
create tap id 0 rx-ring-size 1024 tx-ring-size 1024
0: /home/sluong/vpp2/vpp/build-data/../src/vnet/interface_funcs.h:46
 (vnet_get_hw_interface) assertion `! pool_is_free (vnm->interface_main.hw_interfaces, _e)' fails
The reason for the crash is because when the tap interface is deleted,
the code does not remove the entry from the device queue. But the interface
is deleted anyway from vnet_main.interface_main.hw_interfaces.
When an interface is created again, it may encounter
the deleted entry in the device queue and crash. Notice create and delete a
single entry does not cause a crash. Need to create and delete 2 interfaces
to create a "hole" in the device queue.
Change-Id: I42ce0b7943d73b3eab32a16751a0a3183de62d9f
Signed-off-by: Steven <[email protected]>
Chaoyu Jin [Wed, 28 Feb 2018 18:15:53 +0000 (10:15 -0800)]
 
at af_packet input, drop partial packets to prevent l4 checksum deadloop at ouptut
Change-Id: I6f75b7328fd0aa71d00a701e36c8b4ad06bff3c4
Signed-off-by: Chaoyu Jin <[email protected]>
Fix SELinux capabilities. Creating a tap interface with 'tap connect' was returning an error when VPP was launched as a service (tested on CentOS 7.3). Adding 'net_admin' to SELinux capabilities for VPP solves the issue.
Change-Id: Icd0529b49adb86e7b371283a6f39af03816951c5
Signed-off-by: Victor Nguyen <[email protected]>
Marco Varlese [Tue, 27 Feb 2018 08:38:31 +0000 (09:38 +0100)]
 
SCTP: handle COOKIE while in SHUTDOWN phase
This patch address the requirement to handle a COOKIE chunk whilst in
SHUTDOWN phase. The COOKIE shouldn't just be dropped but an OPERATION
ERROR chunk shall be sent to the peer to inform about the current
situation.
Change-Id: I1a47652402d49cfee3b0c810304d7902f3a62f40
Signed-off-by: Marco Varlese <[email protected]>
Steven [Tue, 27 Feb 2018 22:43:40 +0000 (14:43 -0800)]
 
vnet/interface: vnet_(put|get)frame_to_sw_interface is not worker thread aware
When heavy traffic is running using worker threads, it may crash here
DBGvpp# 0: /home/sluong/vpp3/vpp/build-data/../src/vlib/main.c:1128 (dispatch_pending_node) assertion `f->flags & VLIB_FRAME_PENDING' fails
Thread 1 "vpp_main" received signal SIGABRT, Aborted.
0x00007ffff5d50428 in __GI_raise (sig=sig@entry=6)
    at ../sysdeps/unix/sysv/linux/raise.c:54
54	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb)
No crash was observed if only main thread was used.
Change-Id: I96f8b02ec23accc85c0f1ddecfeff6043b5e3c2b
Signed-off-by: Steven <[email protected]>
Jon Loeliger [Tue, 27 Feb 2018 19:58:47 +0000 (13:58 -0600)]
 
memif: Fix a message initialization problem in VAT
The VAT calls to MEMIF_SOCKET_FILENAME_ADD_DEL erroneously
cleared the message memory after the M() macro call and
thus lost their message id.  Don't do that.
While in the neighborhood, prevent a string copy from
referencing data that doesn't belong to the filename string.
Change-Id: Ib4309608ed617ef4f193880ecf4a0b35fda65e51
Signed-off-by: Jon Loeliger <[email protected]>
Steven [Tue, 27 Feb 2018 18:29:32 +0000 (10:29 -0800)]
 
sctp: sctp_output.c failed to compile when VLIB_BUFFER_TRACE_TRAJECTORY is enabled
Fixed a typo in sctp_push_header(). It was inherited from tcp_output.c
Change-Id: I810fcb4c24cfd3d54f15da72a5184cfc4df24592
Signed-off-by: Steven <[email protected]>
Mohsin Kazmi [Tue, 27 Feb 2018 13:05:15 +0000 (14:05 +0100)]
 
VOM: interface: Fix the vhost user interface
Change-Id: I38904dafb4110322ec0138f7a5b3a65c96426b2b
Signed-off-by: Mohsin Kazmi <[email protected]>
Dave Wallace [Mon, 26 Feb 2018 19:40:13 +0000 (14:40 -0500)]
 
make test: refactor vcl test cases
- Reduce replicated code in test cases
- Configure separate namespace secrets for thru hoststack
  test case to validate namespace secret functionality.
- Pass per-instance environment variables to Worker class
  init function.
Change-Id: I3cd5d4538f105cbfb09671c4d761541b40714b8f
Signed-off-by: Dave Wallace <[email protected]>