Florin Coras [Sun, 21 Feb 2021 01:36:19 +0000 (17:36 -0800)]
svm: free shared fifo on detach
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I639560ee3dd0a1d605ec2866dce5cdd13fda8201
wanghanlin [Mon, 22 Feb 2021 02:38:36 +0000 (10:38 +0800)]
vcl: support sockopt of SO_REUSEPORT and SO_DOMAIN
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: I800cfffb07bf7d4c4d1454b73febdba03f7d6b75
Ivan Shvedunov [Fri, 19 Feb 2021 20:32:18 +0000 (23:32 +0300)]
ip-neighbor: add set ip neighbor-config CLI command
Type: improvement
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Change-Id: I77ade50425e88d2da979f732d2248bed383f4ba4
Florin Coras [Fri, 19 Feb 2021 05:35:23 +0000 (21:35 -0800)]
svm: return chunks to slice on fifo detach
Ensure chunk alloc distribution is maintained on fifo detach.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5aa5524e06a703dc50e90da6d177663d2d997aa4
Fan Zhang [Fri, 19 Feb 2021 12:23:08 +0000 (12:23 +0000)]
dpdk: fix cryptodev offset update
Type: fix
This patch fixes the missed crypto and integ offset update for
every packet. Previously the offset is updated only when the
key is changed. This is ok for encryption but not always true
for decryption.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Iccd0011f4ae488746ce487a14b94ddd24fb0c07c
Brian Russell [Thu, 18 Feb 2021 11:02:29 +0000 (11:02 +0000)]
tests: add input policer thread handoff tests
Test worker thread handoff on an interface input policer.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I1deddcc9711bccfde377290bc66a00f2cd4163e1
Brian Russell [Thu, 18 Feb 2021 11:00:38 +0000 (11:00 +0000)]
policer: add thread handoff for device input
Add worker thread handoff for policers on the device input feature arc
on an interface.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ib795457a09a5b3be3c4e6422c91e33100192b8e2
Brian Russell [Thu, 18 Feb 2021 10:25:23 +0000 (10:25 +0000)]
policer: move handoff checks into policer code
The IP punt policer currently checks if it needs to do worker thread
handoff based on the thread index stored in the policer. Move this
functionality into the policer code so it can be common for all users
of the policer.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ia8d11e62898a58b19d7b27b296f8369baa3e5aa1
Brian Russell [Wed, 17 Feb 2021 15:54:52 +0000 (15:54 +0000)]
tests: test input policer
Apply a policer to an interface, check it's policing packets.
Remove it and check it no longer polices packets.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I6f694c8a9804cadf010b5831770aaae81f42e027
Brian Russell [Wed, 17 Feb 2021 15:51:45 +0000 (15:51 +0000)]
policer: add api to configure input policing
Add a new API to apply a policer to an input interface.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ie8aff9120149b63d85363a9a5afdcaed60a93700
Brian Russell [Wed, 17 Feb 2021 15:45:56 +0000 (15:45 +0000)]
policer: add policing as device-input feature
Add input per-interface policing as an input feature, repurposing
vnet_policer_inline which formermly allowed input policing to be
configured via a CLI.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I2fd00e964ae358a05e507c844f5476372124fae1
Filip Tehlar [Mon, 15 Feb 2021 14:06:45 +0000 (14:06 +0000)]
ikev2: start counting msgid from 0
This fixes an issue when initiator is expecting request with intitial
msgid being 0 but 1 is received instead which results in retransmission
(instead of normally processing the new request).
Type: fix
Change-Id: I60062276bd93de78128847c5b15f5d6cecf1df65
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Thu, 11 Feb 2021 16:44:23 +0000 (08:44 -0800)]
session vppinfra: asan fixes
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie709d76438542783cbc8c6174b5e712ef18a6276
Florin Coras [Thu, 18 Feb 2021 22:43:32 +0000 (14:43 -0800)]
svm: fix active fifo ll on attach
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idf44f8d54c97fc43da5d5760e5ce477af07e5fbf
Brian Russell [Wed, 17 Feb 2021 10:02:47 +0000 (10:02 +0000)]
tests: remove unnecessary setup in policer test
The policer test class overrides setup and teardown methods from
VppTestCase but doesn't do anything other than call the parent's
method.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I76bac084c4cb5cb5195e34afe95b38affd585942
Dave Barach [Wed, 17 Feb 2021 15:25:18 +0000 (10:25 -0500)]
vlib: add a "vpplog" debug CLI
To add arbitrary text to the vlib log. Combines nicely with
comment/uncomment and the macro expander:
define MY_FEATURE uncomment # or comment
...
$(MY_FEATURE) { vpplog { My feature was enabled } }
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia019f0a8fa670d8593ae01595f5ef410796e5b1c
Florin Coras [Thu, 18 Feb 2021 01:35:32 +0000 (17:35 -0800)]
vcl: epoll out deq notifications only if fifo exists
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia37d8474224f6074826c9ffb82feb919b2ef52f7
Andrew Yourtchenko [Wed, 17 Feb 2021 17:39:11 +0000 (17:39 +0000)]
tests: re-enable NAT44ED tests for multiworker
Re-enable the test for 2-worker config test
Change-Id: Ie108c5d244c6704ffa152177ca77f6b6055fe38e
Type: test
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Brian Russell [Mon, 15 Feb 2021 13:39:42 +0000 (13:39 +0000)]
tests: policer test check unformat return values
Keep coverity happy by checking the return value of unformat calls.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Iccd0296da527d079f79cc7bd8b57af1b524299bd
Ole Troan [Wed, 17 Feb 2021 13:10:04 +0000 (14:10 +0100)]
vat2: jsonconvert return checking - coverity
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I8348645927519800d2390d27e01fae612602a6eb
Andrew Yourtchenko [Wed, 17 Feb 2021 21:26:49 +0000 (21:26 +0000)]
misc: fix the linux-cp entry for Neale
Change-Id: I0f51ddfa10ed38d23617a715f8db5a970960d126
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Ole Troan [Wed, 17 Feb 2021 12:26:53 +0000 (13:26 +0100)]
vat2: add sanity checking - coverity errors
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I3cd56690fe52402d4cfa9ea67f1de53d8d919dee
Ole Troan [Wed, 17 Feb 2021 12:46:54 +0000 (13:46 +0100)]
vppapigen: resource leakage in fromjson array - coverity
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I43283c59fd121dcb2486b26151108c90b027748b
Matthew Smith [Tue, 16 Feb 2021 16:02:46 +0000 (10:02 -0600)]
linux-cp: fix coverity defect
Type: fix
If no host interface name is passed to the CLI command which creates
an interface pair, NULL gets passed to lcp_itf_pair_create() and a
seg fault occurs. Check whether a host interface name was provided
and fail gracefully if none was given.
Change-Id: I82886f4c2ee710e206c751c34a74399112e9062c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Ole Troan [Tue, 16 Feb 2021 17:09:51 +0000 (18:09 +0100)]
vppapigen: more _fromjson autogeneration coverity fixes
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9a7bb617a3fa87d6ef49c75277e53425310cdcf9
Signed-off-by: Ole Troan <ot@cisco.com>
Florin Coras [Tue, 16 Feb 2021 15:32:22 +0000 (07:32 -0800)]
hsa: coverity fix
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I30fde452fdeeb9877f3e3fecb0dd723f10f61019
Filip Tehlar [Tue, 16 Feb 2021 08:14:31 +0000 (08:14 +0000)]
ikev2: fix coverity warnings
Type: fix
Change-Id: Ia22b1189b82e885eb380f638ea6d05923a858f01
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Ole Troan [Tue, 16 Feb 2021 00:06:22 +0000 (01:06 +0100)]
stats: coverity errors leaking fd
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I21368e37d70c5a64babd904bcf5f79339a5ab064
Signed-off-by: Ole Troan <ot@cisco.com>
Ole Troan [Mon, 15 Feb 2021 23:42:21 +0000 (00:42 +0100)]
vppapigen: coveriy missing check of return values
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I424c2f283dab99c1856eb8d9a1444486d09e8e29
Ole Troan [Mon, 15 Feb 2021 23:31:52 +0000 (00:31 +0100)]
vppapigen: fix coverity issues in jsonconvert
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I92e03a5a3fcbdab6ce4d178193dceb4450ac0f62
Ole Troan [Tue, 16 Feb 2021 00:01:30 +0000 (01:01 +0100)]
cjson: upgrade to new version
See if this fixes the coverity issues.
Now at
324a6ac9a9b285ff7a5a3e5b2071e3624b94f2db
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I2cd281ebaeda69e214e6dc93a84888298741d0ee
Signed-off-by: Ole Troan <ot@cisco.com>
Paul Vinciguerra [Thu, 19 Dec 2019 23:26:29 +0000 (18:26 -0500)]
vapi: add dedicated return code for client timeout
Type: refactor
Change-Id: I1fbabb743f20e21557c69bdaf97eda6f63584903
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Mon, 15 Feb 2021 19:56:46 +0000 (11:56 -0800)]
svm: fix mq coverity warning
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1914366c17fa05305d57d842793fad372319256a
Florin Coras [Mon, 15 Feb 2021 20:11:39 +0000 (12:11 -0800)]
session: coverity fix
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic28ee0e7cd313686b820e7003a47d17b844b8a89
Florin Coras [Mon, 15 Feb 2021 20:51:06 +0000 (12:51 -0800)]
lisp: coverity fixes
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2a55a2fe0c483359c3b42ebe93cd0e8e279131d1
Mohsin Kazmi [Wed, 10 Feb 2021 10:26:24 +0000 (11:26 +0100)]
vlib: refactor checksum offload support
Type: refactor
This patch refactors the offload flags in vlib_buffer_t.
There are two main reasons behind this refactoring.
First, offload flags are insufficient to represent outer
and inner headers offloads. Second, room for these flags
in first cacheline of vlib_buffer_t is also limited.
This patch introduces a generic offload flag in first
cacheline. And detailed offload flags in 2nd cacheline
of the structure for performance optimization.
Change-Id: Icc363a142fb9208ec7113ab5bbfc8230181f6004
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Dave Barach [Mon, 15 Feb 2021 17:46:47 +0000 (12:46 -0500)]
misc: coverity fixes
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I6a3348c7edd1cce6b407d336443103f77392bc5d
Paul Vinciguerra [Mon, 27 Apr 2020 02:04:32 +0000 (22:04 -0400)]
papi: add method to retrieve field options
Sample usage:
cls.MEMIF_DEFAULT_BUFFER_SIZE = cls.vapi.vpp.get_field_options(
'memif_create', 'buffer_size')['default']
Type: improvement
Change-Id: I298f4687623003a78c93a703d32f59a937e37bc2
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Wed, 6 May 2020 20:38:40 +0000 (16:38 -0400)]
tests: fix import in test/test_pcap.py
Type: test
Change-Id: Ib9192a12812b40090a0859cb73288aea27a3ca01
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Neale Ranns [Mon, 21 Dec 2020 08:29:34 +0000 (08:29 +0000)]
ip: Path MTU
Type: feature
Support setting the MTU for a peer on an interface. The minimum value of
the path and interface MTU is used at forwarding time.
the path MTU is specified for a given peer, by address and table-ID.
In the forwarding plane the MTU is enfored either:
1 - if the peer is attached, then the MTU is set on the peer's
adjacency
2 - if the peer is not attached, it is remote, then a DPO is added to
the peer's FIB entry to perform the necessary fragmentation.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8b9ea6a07868b50e97e2561f18d9335407dea7ae
Brian Russell [Mon, 15 Feb 2021 11:49:42 +0000 (11:49 +0000)]
policer: improve policer struct
Ensure policer struct is cache aligned and fits in one cache line.
Give it a simpler name to reflect its job as the representation of
a policer.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: If1ae4931c818b86eee20306e503f4e5d6b84bd0d
Benoît Ganne [Thu, 11 Feb 2021 18:46:43 +0000 (19:46 +0100)]
vppinfra: fix memcpy undefined behaviour
Calling mem{cpy,move} with NULL pointers results in undefined behaviour.
This in turns is exploited by GCC. For example, the sequence:
memcpy (dst, src, n);
if (!src)
return;
src[0] = 0xcafe;
will be optimized as
memcpy (dst, src, n);
src[0] = 0xcafe;
IOW the test for NULL is gone.
vec_*() functions sometime call memcpy with NULL pointers and 0 length,
triggering this optimization. For example, the sequence:
vec_append(v1, v2);
len = vec_len(v2);
will crash if v2 is NULL, because the test for NULL pointer in vec_len()
has been optimized out.
This commit fixes occurrences of such undefined behaviour, and also
introduces a memcpy wrapper to catch those in debug mode.
Type: fix
Change-Id: I175e2dd726a883f97cf7de3b15f66d4b237ddefd
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Nathan Skrzypczak [Mon, 15 Feb 2021 08:35:59 +0000 (09:35 +0100)]
quic: Coverity fix
Type: fix
Change-Id: I744cedb9c1b57945af5e83057e4759964fd2e104
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Filip Tehlar [Mon, 8 Feb 2021 07:06:34 +0000 (07:06 +0000)]
ikev2: fix rekey against strongSwan
When strongSwan rekeys it sends create child sa request first and then
delete request for the old child sa (or vice versa depending on
configuration) as opposed to sending just a single create child sa with
rekey notify message.
Type: fix
Change-Id: I1fa55a607ca623cd3a6d887436207153c6f6bbf6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Brian Russell [Wed, 10 Feb 2021 13:56:06 +0000 (13:56 +0000)]
tests: test punt policer bound to worker thread
Add to the IP[46] punt policer handoff tests by binding the policer to
a particular worker and checking all packets are policed on that thread.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I7fab28659ccb65f13f841cec65a3f808281b3f90
Brian Russell [Wed, 10 Feb 2021 13:53:42 +0000 (13:53 +0000)]
policer: add api to bind policer to worker
Add a new api to allow a policer to be bound to
a specific worker thread for thread handoff.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I2623a6827843c3d93c0d7b4ad7c2e13611ec1696
Nathan Skrzypczak [Thu, 4 Feb 2021 15:11:18 +0000 (16:11 +0100)]
interface: Add promisc on/off in api
Type: feature
Change-Id: Ib777a5201f1c728438c7a5f2b1aa2246f1344b9b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Neale Ranns [Mon, 8 Feb 2021 15:24:56 +0000 (15:24 +0000)]
fib: Always honour flow hash flag
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Id7b27edf3712aaa3c277e752b9ca78bb91d184a1
Paul Vinciguerra [Fri, 4 Dec 2020 20:01:53 +0000 (15:01 -0500)]
vppapigen: py2 cleanup - remove subclassing of object
Type: refactor
Change-Id: I7136cb8ba101ea3917dacc31ceb3a76a31328301
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Thu, 17 Dec 2020 02:03:16 +0000 (21:03 -0500)]
tests: explicitly close subprocess files
Resolve the following error:
/vpp/test/framework.py:657: ResourceWarning: unclosed file <_io.BufferedReader name=6>
del cls.vpp
Object allocated at (most recent call last):
File "/usr/lib/python3.8/subprocess.py", lineno 844
self.stdout = io.open(c2pread, 'rb', bufsize)
Type: test
Change-Id: Ia2974da594f0582dcff1f4bdf40d25475769c46c
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Vratko Polak [Fri, 12 Feb 2021 16:55:38 +0000 (17:55 +0100)]
rdma: rdma_log__ argument dev is a pointer
Also apply style edits as proprosed by checkstyle.
Ticket: VPP-1971
Type: fix
Change-Id: I4332a4e32220f3076b4a373da01cc0022cde32f5
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Ole Troan [Wed, 10 Feb 2021 15:20:26 +0000 (16:20 +0100)]
nat: pnat only use save_rewrite_length on output path
Don't expect save_rewrite_length to be set correctly on RX path.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ieee40d119213f617c3d836181e5879f084b74548
Signed-off-by: Ole Troan <ot@cisco.com>
Neale Ranns [Wed, 10 Feb 2021 08:42:49 +0000 (08:42 +0000)]
ipsec: Store thread-index in buffer meta-data during SA handoff
Type: improvement
negates the need to load the SA in the handoff node.
don't prefetch the packet data, it's not needed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I340472dc437f050cc1c3c11dfeb47ab09c609624
Vladimir Ratnikov [Thu, 28 Jan 2021 16:08:35 +0000 (11:08 -0500)]
dpdk: use whole vmbus address as hash key for devconf
u32[0] is not enough unique for some platforms like azure
where several devices(not only network) can have almost
the same addresses and this can cause collisions.
Change hash to mhash type for vmbus devices with key
of whole 16 bytes of vmbus address.
Type: improvement
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Ic6c6a657ae29f45beddd0c69d8e785e702349460
Brian Russell [Wed, 10 Feb 2021 18:34:48 +0000 (18:34 +0000)]
policer: tidy up
Convert old logging style to new and remove unused tracepoints.
Remove code always conditionally not compiled.
Make comment style consistent.
Type: improvement
Change-Id: I13339f28539cf190fb92be2d5c8020b6249319c8
Signed-off-by: Brian Russell <brian@graphiant.com>
Brian Russell [Tue, 9 Feb 2021 11:36:31 +0000 (11:36 +0000)]
policer: use enum types
Make the policer action enum packed and use it in the policer code.
Use other policer enums where applicable.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I32f9735942af8bca3160b9ef8a75f605d9aba5fa
Arthur de Kerhor [Thu, 11 Feb 2021 11:02:44 +0000 (03:02 -0800)]
docs: fixing VPP tutorial
Updating ARP table command.
Type: fix
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I02d6ac86aed4c83430f9d07bdeaa3e0f5c3ae73f
Brian Russell [Tue, 9 Feb 2021 10:16:58 +0000 (10:16 +0000)]
policer: remove SSE2 prefix
The policer code uses a naming convention of prefixing a lot of
its definitions with "SSE2" when in fact there is nothing SSE2
specific about them. This is confusing so remove the prefix.
Unfortunately it has to stay in the API definitions for backward
compatibility.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I59a7df9fd5ded2575f2e587b2768a025a213b07c
Ole Troan [Fri, 12 Feb 2021 10:48:12 +0000 (11:48 +0100)]
vppapigen: coverity issues in autogenerated code pass 3.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I5ee2e8aba3ee7281bbca11825dece79983e52f06
Andrew Yourtchenko [Fri, 12 Feb 2021 11:06:30 +0000 (11:06 +0000)]
build: add missing virtualenv dependencies for debian-10
Type: make
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I57a1f90d7fe9e1262f210d0c091bafda5d496c69
Ole Troan [Thu, 11 Feb 2021 10:13:46 +0000 (11:13 +0100)]
vppapigen: fix fromjson coverity errors in generation
Fix memory leak coverity errors where free was not called
on error conditions. Or called twice.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I21cffa8b01e4f72f10501f202f6a762ae300a941
Signed-off-by: Ole Troan <ot@cisco.com>
Florin Coras [Tue, 9 Feb 2021 18:03:50 +0000 (10:03 -0800)]
vppinfra: fix membulk coverity warnings
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4830656ad852de62211e31574a0e0afb62d00f37
Andrew Yourtchenko [Fri, 29 Jan 2021 13:17:19 +0000 (13:17 +0000)]
tests: tag the tests that do not work with multi-worker configuration
If the multi-worker default VPP configuration is triggered by
setting VPP_WORKER_CONFIG="workers 2", some of the tests fail
for various reasons.
It's a substantial number, so this change marks all of the
testsets that have this issue, such that they can be addressed
later independently.
Type: test
Change-Id: I4f77196499edef3300afe7eabef9cbff91f794d3
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Mohammed Hawari [Tue, 12 Jan 2021 16:00:21 +0000 (17:00 +0100)]
wireguard: testing alternative timer dispatch
Change-Id: I645bb0a31b333a6160c74987dddb3fb50ff154d8
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Brian Russell [Mon, 8 Feb 2021 15:33:18 +0000 (15:33 +0000)]
policer: use ip dscp
Use the common IP definitions of DSCP rather than duplicating in the
policer code.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Iff4bc789356edc290b9c31eca33e93cf5b6211bf
Florin Coras [Wed, 10 Feb 2021 23:26:37 +0000 (15:26 -0800)]
vcl: validate seg handle on migrate only if needed
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3c15a465f84f2ceb6bd5f1c459899824d4bc1c90
Brian Russell [Thu, 4 Feb 2021 17:53:23 +0000 (17:53 +0000)]
tests: add policer tests
Add some tests which configure policer params, use the policer
test helper CLI to police pretend packets and then check the
policer stats.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ib2688b6f77d84a4bfd3c8185e44c59fa2300716a
Brian Russell [Thu, 4 Feb 2021 17:23:44 +0000 (17:23 +0000)]
tests: add policer test helper
Add a helper CLI to exercise a policer pre-configured by the test
harness. The test harness will check the stats afterwards.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I913dda4a9f8179c1c6b3061a68164bf1e698a392
Dave Barach [Wed, 10 Feb 2021 12:40:05 +0000 (07:40 -0500)]
vppinfra: fix bihash test-debug aarch64 sporadic failure
Turns out that both the multi-core and single-core add / del tests run
for just under 5 seconds (aarch64, debug image). Increase the vapi =>
debug CLI timeout to avoid spurious failures.
Type: test
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia64bffa82a908172a21c34f3ae4402ad774af28a
Neale Ranns [Tue, 9 Feb 2021 14:04:02 +0000 (14:04 +0000)]
ipsec: Use the new tunnel API types to add flow label and TTL copy
support
Type: feature
attmpet 2. this includes changes in ah_encrypt that don't use
uninitialised memory when doing tunnel mode fixups.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3cb776f5c415c93b8a5ee22f22586fd0181110d
Klement Sekera [Tue, 2 Feb 2021 12:25:40 +0000 (13:25 +0100)]
nat: fix EI hairpinning thread safety
Avoid doing inter-thread reads without locks by doing a handoff before
destination address rewrite. Destination address is read from a session
which is possibly owned by a different thread. By splitting the work in
two parts with a handoff in the middle, we can do both in a thread safe
way.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1c50d188393a610f5564fa230c75771a8065f273
Ole Troan [Wed, 10 Feb 2021 11:03:25 +0000 (12:03 +0100)]
misc: updating maintainers file
Adding maintainers for stn, ioam, cdp.
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I0f75bb0044b340ee17a1720a7eea1c840625276b
Steven Luong [Tue, 9 Feb 2021 07:48:30 +0000 (23:48 -0800)]
l2: crash on l2_input_is_xconnect
Running vpp without any interface configured and then invoking the
binary-api l2_xconnect_dump causes vpp to crash in l2_input_is_xconnect due
to l2input_main.configs has no memory allocated to it, not even for the local
interface which exists all the times.
The reason that l2input_main.configs has no memory allocated to it was due to
gerrit patch 29232 which took out a line in l2input_init
/* Create the config vector */
vec_validate (mp->configs, 100);
The fix is to iterate through l2input_main.configs for each interface in
l2 to call l2_input_is_xconnect when dumping l2_xconnect interfaces.
Type: fix
Fixes: gerrit 29232
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I8d9cba4b7eba4c2e0c60887c4fd57d5ec3b06d3b
Florin Coras [Thu, 19 Nov 2020 21:38:26 +0000 (13:38 -0800)]
tls: dtls initial implementation
Type: feature
Basic dtls transport protocol implementation that relies on openssl
wire protocol implementation. Retries/timeouts not yet supported.
To test using vcl test apps, first ensure all arp entries are properly
resolved and subsequently:
server: vcl_server -p dtls 1234
client: vcl_client -p dtls <server-ip> 1234 -U -N
2000000 -T 1460 -X
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I04b4516a8fe9ce85ba230bcdd891f33a900046ed
Florin Coras [Tue, 9 Feb 2021 17:46:22 +0000 (09:46 -0800)]
session: coverity fixes
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2828287c58115aa08c0a4297c01cea60f41f4749
Alexander Chernavin [Mon, 28 Dec 2020 09:29:13 +0000 (04:29 -0500)]
crypto: fix bad-hmac in sw scheduler if async mode
When IPsec async mode is enabled, packets don't pass through the tunnel
if ciphers other than AES GCM are used for child SAs. An error that
arises is "bad-hmac" in the "crypto-dispatch" node.
On the encryption stage, the VNET_CRYPTO_OP_FLAG_HMAC_CHECK flag is set
for the integrity crypto operation when it's not supposed to. It seems
that the flag remains from the previous operation.
With this change, zero flags of crypto operations in the SW scheduler
during operation filling.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iabac253474e95cb01f9ec0933f3c4860f8a5289c
Paul Vinciguerra [Mon, 28 Dec 2020 02:34:30 +0000 (02:34 +0000)]
gbp: fix typo in macro
Type: fix
Change-Id: I1f8245e8cccacb5bbb511aef39e31d0a76bba95f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Fri, 18 Dec 2020 23:47:27 +0000 (18:47 -0500)]
papi: expose vpp_papi version to client
root@
ae2a2e85c5d4:/vpp/src/vpp-api/python# python3
Python 3.6.9 (default, Oct 8 2020, 12:12:24)
[GCC 8.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import vpp_papi
>>> vpp_papi.__version__
'1.6.2'
Type: feature
Change-Id: I73025427a58214a842245fceaa77daa7acd3e6f8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Wed, 30 Dec 2020 00:41:15 +0000 (00:41 +0000)]
papi: remove python2 vpp-api-python.deb
Type: fix
Change-Id: I4901f7eb9d739afd4d45a25306434e9d122a4068
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Neale Ranns [Tue, 9 Feb 2021 16:53:37 +0000 (16:53 +0000)]
misc: Now that VOM is deprecated remove the build dependency on boost
Type: make
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Icbbae3ab222e7d97e6c496c13ec9229e94cf5ede
Klement Sekera [Tue, 19 Jan 2021 16:55:46 +0000 (17:55 +0100)]
nat: bump default max translations to 63K
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibea7ec844d1d910e8a3235e11154b1ecea8302ac
Alexander Chernavin [Fri, 11 Dec 2020 08:36:45 +0000 (03:36 -0500)]
nat: deny adding intf addr if static-mapping-only
If static-mapping-only is enabled, NAT pool cannot be configured, only
static mappings. There're two ways to add addresses to the NAT pool:
by address range, or by first found address from an interface.
NAT44_ADD_DEL_ADDRESS_RANGE already tests if dynamic mappings are
available but NAT44_ADD_DEL_INTERFACE_ADDR doesn't. If
static-mapping-only is enabled, adding addresses by range is rejected
but by interface not.
With this change, if static-mapping-only is enabled, do not allow to
add addresses to the NAT pool both ways.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ifc055ea9a71a5e579388833a2990aef21bf7ed29
Ole Troan [Sat, 6 Feb 2021 12:02:41 +0000 (13:02 +0100)]
nat: fix coverity errors
Including a general missing free in fromjson autogenerated code.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9ab2b0193135e2fb3d62d51b3c114df56969e341
Signed-off-by: Ole Troan <ot@cisco.com>
Klement Sekera [Tue, 2 Feb 2021 19:15:59 +0000 (20:15 +0100)]
nat: improve type safety and remove unused param
Type: improvement
Change-Id: I456f9b14e6a4eb46c9c49f6e09acccae530e4ebc
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Matthew Smith [Mon, 8 Feb 2021 22:13:59 +0000 (22:13 +0000)]
Revert "ipsec: Use the new tunnel API types to add flow label and TTL copy"
This reverts commit
c7eaa711f3e25580687df0618e9ca80d3dc85e5f.
Reason for revert: The jenkins job named 'vpp-merge-master-ubuntu1804-x86_64' had 2 IPv6 AH tests fail after the change was merged. Those 2 tests also failed the next time that job ran after an unrelated change was merged.
Change-Id: I0e2c3ee895114029066c82624e79807af575b6c0
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Dave Barach [Mon, 8 Feb 2021 12:56:22 +0000 (07:56 -0500)]
vlib: ASSERT vm == vlib_get_main()
To catch coding mistakes: calling vlib_get_frame_to_node() from a
worker thread with vm = &vlib_global_main instead of
vm = vlib_mains[worker_thread_index]
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5a8f01fdf9f35daeeada2d6eaa7180a60c4ca529
Neale Ranns [Thu, 4 Feb 2021 11:09:33 +0000 (11:09 +0000)]
ipsec: Use the new tunnel API types to add flow label and TTL copy
support
Type: feature
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6d4a9b187daa725d4b2cbb66e11616802d44d2d3
Mohammed Hawari [Fri, 29 Jan 2021 09:12:53 +0000 (10:12 +0100)]
interface: automask interrupts to polling rxqs
Sometimes, vnet_hw_if_rx_queue_set_int_pending is called on rxqs which
are not in interrupt mode. Currently, it segfaults due to a too small
clib_interrupt_t structure. This change prevents that and makes the
framework slightly more robust to driver bugs (that might be subtle
to track in some cases involving concurrency...)
Change-Id: I9643b9b1aa37e6852754b93f10cd2f96ed9e6118
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
Mohsin Kazmi [Thu, 10 Dec 2020 10:22:34 +0000 (10:22 +0000)]
virtio: use vpp clib_memset instead glibc memset
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ib3cefe5d27286c4853eb0c0e1803a94787a62c97
Mohsin Kazmi [Thu, 10 Dec 2020 09:49:21 +0000 (09:49 +0000)]
virtio: add atomic call for kicking
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I41faa2ca249ff75e564a732af896e6b5d76bf665
Neale Ranns [Mon, 8 Feb 2021 09:53:10 +0000 (09:53 +0000)]
ipsec: Checking wrong DB for initialistation
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I2325d311a6fd7343c7041dc516777f4db0029823
Andrew Yourtchenko [Wed, 20 Jan 2021 20:30:36 +0000 (20:30 +0000)]
tests: allow for externally supplied VPP workers config for tests
Allow to supply the external VPP worker config for tests which
do not specify the workers config explicitly, and use
the tags infra to flag those that need attention in this configuration.
This commit shows one example use of such a tag, there will be
a separate commit with the rest of the places needing it,
since that change is rather mechanical.
Thus, the assumption is that the test should by default be agnostic
of the VPP configuration, unless it explicitly specifies so.
Type: test
Change-Id: I3c0077e4e22a75cb9561fb98d3b783b93486b2be
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Ivan Shvedunov [Mon, 1 Feb 2021 11:11:10 +0000 (14:11 +0300)]
ping: fix aborting on keypress
Type: fix
Currently ping stops on events like SOCKET_READ_EVENT,
which makes it hard to use over e.g. govpp as it aborts
immediately most of the time. With this patch, ping only
stops upon real CLI read / quit events.
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Change-Id: Id7a8d0b0fdeb7bbc7b85240e398d27bd5199345b
Neale Ranns [Thu, 4 Feb 2021 11:02:52 +0000 (11:02 +0000)]
tunnel: support copying TTL and flow label from inner to outer
Type: feature
The added functionality is to support copying TTL and flow label from
inner to outer. The .api was extened to support expressing this and also
adding a common tunnel endpoint type. i find it best to make API changes
in one patch so there are less versions of the API.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
Ole Troan [Wed, 2 Dec 2020 13:19:49 +0000 (14:19 +0100)]
misc: support api generated dependency for multiarch source
Fix dependency issues where multi-arch file is using API generated file.
Type: improvement
Change-Id: I5d4af7a630529bc138c35841723e38938f36d963
Signed-off-by: Ole Troan <ot@cisco.com>
Andrew Yourtchenko [Fri, 29 Jan 2021 14:18:12 +0000 (14:18 +0000)]
libmemif: fix insecure uses of strncpy
A calling patterm of "strncpy(dst, src, strlen(src))" invites a lot of troubles.
However, even using the target size may result in a problem if the string is
longer, since then the termination is not done.
Use strlcpy(dst, src, sizeof(dst)), which will always null-terminate
the string.
Change-Id: I8ddaf3dc8380a78af08914e81849279dae7ab24a
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Thu, 14 Jan 2021 12:23:48 +0000 (13:23 +0100)]
libmemif: set data offset for memif buffer
Update descriptor offset based on data pointer
in memif_buffer_t.
Slave only, master will not modify the descriptor.
Type: feature
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ice1e94cec366face650c58df81795f4dea727010
Andrew Yourtchenko [Sat, 6 Feb 2021 12:28:52 +0000 (12:28 +0000)]
vppinfra: do not crash if format string is null
Sending 128 bytes of zeroes via API shared memory interface (or putting any other message ID that results in
null message name - e.g. 2,4,5) results in this crash:
Program received signal SIGSEGV, Segmentation fault.
va_format (s=0x7fffb5643a60 "memclnt_create", fmt=0x0, va=0x7fffa739ccf0) at /home/ubuntu/vpp/src/vppinfra/format.c:395
395 c = *f;
(gdb) bt
0 va_format (s=0x7fffb5643a60 "memclnt_create", fmt=0x0, va=0x7fffa739ccf0) at /home/ubuntu/vpp/src/vppinfra/format.c:395
1 0x00007ffff50e7259 in elog_string (em=0x7ffff5f2fbc8 <vlib_global_main+968>, fmt=0x0) at /home/ubuntu/vpp/src/vppinfra/elog.c:592
2 0x00007ffff7bc4cec in vl_msg_api_handler_with_vm_node (am=0x7ffff7dd1c90 <api_global_main>, vlib_rp=0x130023000, the_msg=0x130086d50, vm=0x7ffff5f2f800 <vlib_global_main>,
node=0x7fffb5edd4c0, is_private=0 '\000') at /home/ubuntu/vpp/src/vlibapi/api_shared.c:585
3 0x00007ffff7ba6c86 in void_mem_api_handle_msg_i (am=0x7ffff7dd1c90 <api_global_main>, vlib_rp=0x130023000, vm=<optimized out>, node=<optimized out>, is_private=0 '\000')
at /home/ubuntu/vpp/src/vlibmemory/memory_api.c:696
4 vl_mem_api_handle_msg_main (vm=0x7ffff5f2f800 <vlib_global_main>, node=0x7fffb5edd4c0) at /home/ubuntu/vpp/src/vlibmemory/memory_api.c:707
5 0x00007ffff7bb573e in vl_api_clnt_process (vm=0x7ffff5f2f800 <vlib_global_main>, node=0x7fffb5edd4c0, f=<optimized out>) at /home/ubuntu/vpp/src/vlibmemory/vlib_api.c:338
6 0x00007ffff5cb3bb7 in vlib_process_bootstrap (_a=<optimized out>) at /home/ubuntu/vpp/src/vlib/main.c:1477
7 0x00007ffff514088c in clib_calljmp () from /home/ubuntu/vpp/build-root/install-vpp-native/vpp/lib/libvppinfra.so.21.01
8 0x00007fffa95b0550 in ?? ()
9 0x00007ffff5ca93e2 in vlib_process_startup (vm=0x7ffff5f2f800 <vlib_global_main>, p=0x7fffb5edd4c0, f=0x0) at /home/ubuntu/vpp/src/vlib/main.c:1502
10 dispatch_process (vm=0x7ffff5f2f800 <vlib_global_main>, p=0x7fffb5edd4c0, f=0x0, last_time_stamp=<optimized out>) at /home/ubuntu/vpp/src/vlib/main.c:1558
11 0x0000000000000000 in ?? ()
(gdb)
I am not sure if this place is better to fix it or the 4-5 places in vl_msg_api_handler_with_vm_node that it gets called from,
but submitting this one since it is the shortest
Type: fix
Change-Id: I659d2bea7405d8763181336f35ef468682f64cf2
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
jan_cavojsky [Fri, 18 Sep 2020 10:17:42 +0000 (12:17 +0200)]
flowprobe: set collector port for data from setting
Type: fix
Ticket: VPP-1859
Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech>
Change-Id: Iaa5045001621ec99dc8579e8e989adf81dc60525
Mohammed Hawari [Fri, 5 Feb 2021 18:04:42 +0000 (19:04 +0100)]
ipsec: CLI improvement for udp port encap
Change-Id: I59f55db7209549ad43a1205470a2f5ea9ea8a1c7
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: feature
Code Review / vpp.git / log