Mohammed Hawari [Tue, 20 Sep 2022 16:44:36 +0000 (18:44 +0200)]
rdma: unhackish build of rdma-core
Change-Id: I2040b560b2a00f8bd176ae6ad46035678a2b249e
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Mohammed Hawari [Mon, 19 Sep 2022 14:26:25 +0000 (16:26 +0200)]
build: mlx dpdk-rdma compatibility matrix
- Verify mlx_rdma_dpdk_matrix.txt versions,
build MLX drivers in dpdk if the versions match.
Also output version comparison results to a file
for CI job to send notification email when the
versions do not match.
Change-Id: Id1384ba4ea4b1f855f4d77d1d8e2c38683abfe1f
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Steven Luong [Thu, 29 Sep 2022 23:45:23 +0000 (16:45 -0700)]
tcp: replace tcp_time_now with tcp_time_now_us
It looks like tcp_time_now has been deprecated for a while and the
replacement is tcp_time_now_us
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ifaed2632baa49d489d4e03f2623d8cc9a6f36e64
ChinmayaAgarwal [Tue, 27 Sep 2022 06:55:22 +0000 (12:25 +0530)]
sr: new messages created to return packet statistics in sr localsid details
Type: improvement
Signed-off-by: ChinmayaAgarwal <chinmaya.agarwal@hsc.com>
Change-Id: I27d5981a77d4166a92db9ecf73d9b0eed962ec19
Vladislav Grishenko [Sun, 15 May 2022 20:44:43 +0000 (01:44 +0500)]
fib: fix dpo-receive address in ip6-ll fibs
Need to fill frp_addr for local path, it's used by dpo-receive.
If not, address output can be invalid:
$ sudo vppctl sh ip6-ll fe80::dcad:ff:fe00:3/128
IP6-link-local:loop3, fib_index:2, locks:[IPv6-nd:1, ]
fe80::dcad:ff:fe00:3/128 fib:2 index:55 locks:2
IPv6-nd refs:1 entry-flags:connected,import,local, src-flags:added,contributing,active,
path-list:[72] locks:2 flags:shared,local, uPRF-list:58 len:0 itfs:[]
path:[82] pl-index:72 ip6 weight=1 pref=0 receive: oper-flags:resolved, cfg-flags:local,glean,
[@0]: dpo-receive: 8000:100:fe80::dcad:ff on loop3
forwarding: unicast-ip6-chain
[@0]: dpo-load-balance: [proto:ip6 index:57 buckets:1 uRPF:58 to:[0:0]]
[0] [@2]: dpo-receive: 8000:100:fe80::dcad:ff on loop3
Type: fix
Change-Id: Ib9874c5eac74af789e721098d512a1058cb8e404
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Vladislav Grishenko [Wed, 22 Jun 2022 19:45:16 +0000 (00:45 +0500)]
udp: add udp encap source port entropy support
Encode entropy value in UDP source port when requested per RFC 7510.
CLI already has "src-port-is-entropy", use zero UDP source port in API
to avoid breaking changes, since zero port is not something to be used
in wild.
Also, mark UDP encapsualtion API as mp-safe as already done for CLI.
Type: feature
Change-Id: Ieb61ee11e058179ed566ff1f251a3391eb169d52
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Mohsin Kazmi [Thu, 29 Sep 2022 13:56:24 +0000 (13:56 +0000)]
gso: clear the offload flags from segmented buffers
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I2901628d23f9b81edb32d0ced3877e5799a6cec7
Damjan Marion [Fri, 20 May 2022 18:06:01 +0000 (20:06 +0200)]
api: deprecate vl_msg_api_set_handlers
Type: refactor
Change-Id: I7b7ca9ec62cb70243c5b7e87968eab1338d67ec8
Signed-off-by: Damjan Marion <damarion@cisco.com>
Gabriel Oginski [Fri, 8 Jul 2022 07:46:32 +0000 (07:46 +0000)]
vpp-swan: Add scripts for testing
Added scripts to reparing setups for testing
To prepare and run containers:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh prepare_containers
To prepare setups:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh config
To clean-up settups:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh clean
To deleted all containers and images in Docker:
sudo ./extras/strongswan/vpp_sswan/docker/run.sh deleted
Type: feature
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I77f01c0419dccc95f610046c8552ae825f2c7e12
Gabriel Oginski [Wed, 29 Jun 2022 12:54:30 +0000 (12:54 +0000)]
vpp-swan: Add plugin for vpp-swan
Added plugin vpp-swan is a plugin that helps offloading
Strongswan IPsec ESP process from Linux Kernel to VPP.
Type: feature
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Iec77945892453fac1890d3c49d7d86fc6b09c893
Alexander Chernavin [Fri, 23 Sep 2022 12:41:31 +0000 (12:41 +0000)]
tests: stabilize wireguard ratelimiting test
Type: test
"test_wg_handshake_ratelimiting_multi_peer" has been unstable recently
because the test strongly relies on execution speed. Currently, the test
triggers ratelimiting for peer 1 and sends handshake initiations from
peer 1 and 2 mixed up. After that, the test expects that all handshake
initiations for peer 1 are ratelimited and a handshake response for peer
2 is received.
Ratelimiting is based on the token bucket algorithm. The more time
passes between triggering ratelimiting for peer 1 and sending a mixture
of handshake initiations from peer 1 and 2, the more tokens will be
added into the bucket for peer 1. Depending on delays between these
steps, the number of tokens might be enough to process handshake
initiations from peer 1 while they are expected to be rejected due to
ratelimiting.
With this change, these two steps are combined into one and the logic
modified. The test triggers ratelimiting for both peer 1 and 2. Packets
that trigger ratelimiting and that are to be rejected are sent in one
batch that is going to reduce delays between packet processing. Also,
verify that number of rejected handshake messages is in expected range
instead of verifying the exact number as it still may slightly vary.
Also, this should finish making the wireguard tests stable on Ubuntu
22.04 and Debian 11.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I3407d15abe1356dde23a241ac3650e84401c9802
Chen Yahui [Fri, 16 Sep 2022 13:07:57 +0000 (21:07 +0800)]
af_xdp: change RLIMIT_MEMLOCK before load bpf program
default RLIMIT_MEMLOCK is 64. if we use multi af_xdp interfaces or
load complex bpf program, libbpf will return permission error.
root cause is default 64 is not large enough. So we change it before
load bpf program.
Type: fix
Change-Id: Ia6aed19c9256c498cf1155586a54a32b3f444105
Signed-off-by: Chen Yahui <goodluckwillcomesoon@gmail.com>
Dave Wallace [Tue, 27 Sep 2022 17:11:53 +0000 (13:11 -0400)]
tests: enable ipsec-esp 'make test' testcases on ubuntu-22.04
Type: test
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I016fd169813e369208089df122477152aaf9ffc2
Alexander Chernavin [Thu, 1 Sep 2022 13:42:56 +0000 (13:42 +0000)]
wireguard: stop sending handshakes when wg intf is down
Type: fix
Currently, when a wg interface is administratively disabled initially or
during operation, handshake packets continue to be sent. Data packets
stop being sent because routes pointing to the wg interface will not be
used. But data keys remain.
With this fix, when a wg interface is administratively disabled during
peer creation, avoid connection initialization to the peer. Data keys
and timers should be empty at this point. When a wg interface is
disabled during operation, disable all peers (i.e. stop all timers,
clear data keys, etc.). Thus, state should be identical in both cases.
When a wg interface is administratively enabled, enable all peers (i.e.
get ready to exchange data packets and initiate a connection). Also,
cover these scenarios with tests.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ie9a620077e55d519d21b0abc8c0d3c87b378bca3
Vladimir Ratnikov [Thu, 22 Sep 2022 08:19:18 +0000 (08:19 +0000)]
crypto-openssl: use no padding for encrypt/decrypt
Internaly, vpp uses it's own padding, so all the data
is padded using blocksize in /src/vnet/ipsec/ipsec.c
Openssl should add it's own padding, but the data
is already padded. So on decrypt stage when padding
should be removed, it can't be done. And it produces
error `bad decrypt`
Previous versions of openSSL decrypted data almost
at the beginning of EVP_DecryptUpdate/EVP_DecryptFinal_ex
and produced the same error, but data was already decrypted.
Now it's not, so some algorithms could have some problems
with it
PS. openSSL 3.x.x
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: If715a80228548b4e588cee222968d9da9024c438
Chen Yahui [Fri, 16 Sep 2022 10:31:43 +0000 (18:31 +0800)]
af_xdp: compile error undeclared identifier 'SOL_XDP'
Type: fix
Signed-off-by: Chen Yahui <goodluckwillcomesoon@gmail.com>
Change-Id: Ia447420f692f1487d343886845d648d766e43c27
Signed-off-by: Chen Yahui <goodluckwillcomesoon@gmail.com>
Dmitry Valter [Fri, 16 Sep 2022 12:33:25 +0000 (12:33 +0000)]
vnet: fix ip4 version and IHL check
Validate version and IHL regardless of present options.
Originally VPP would accept seriously damaged headers in case IHL != 5.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: Ifd59622efa63dfad7f6e4858dec40ccac3274574
Alexander Chernavin [Mon, 26 Sep 2022 15:11:27 +0000 (15:11 +0000)]
wireguard: fix re-handshake timer when response sent
Type: fix
As per the protocol:
A handshake initiation is retried after "REKEY_TIMEOUT + jitter" ms,
if a response has not been received...
Currently, if retransmit handshake timer is started, it will trigger
after "REKEY_TIMEOUT + jitter" ms and will try to send a handshake
initiation via wg_send_handshake() given that no responses have been
received. wg_send_handshake() will verify that time stored in
REKEY_TIMEOUT has passed since last handshake initiation sending and if
has, will send a handshake initiation. Time when a handshake initiation
was last sent is stored in last_sent_handshake.
The problem is that last_sent_handshake is not only updated in
wg_send_handshake() when sending handshake initiations but also in
wg_send_handshake_response() when sending handshake responses. When
retransmit handshake timer triggers and a handshake response has been
sent recently, a handshake initiation will not be sent because for
wg_send_handshake() it will look like that time stored in REKEY_TIMEOUT
has not passed yet. Also, the timer will not be restarted.
wg_send_handshake_response() must not update last_sent_handshake,
because this time is used only when sending handshake intitiations. And
the protocol does not say that handshake initiation retransmission and
handshake response sending (i.e. replying to authenticated handshake
initiations) must coordinate.
With this fix, stop updating last_sent_handshake in
wg_send_handshake_response().
Also, this fixes tests that used to wait for "REKEY_TIMEOUT + 1" seconds
and did not receive any handshake initiations. Then they fail.
Also, long-running tests that send wrong packets and do not expect
anything in reply may now receive handshake intiations, consider them as
replies to the wrond packets, and fail. Those are updated to filter out
handshake initiations in such verifications. Moreover, after sending
wrong packets, error counters are already inspected there to confirm
packet processing was unsuccessful.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I43c428c97ce06cb8a79d239453cb5f6d1ed609d6
Yacan Liu [Mon, 26 Sep 2022 08:41:32 +0000 (16:41 +0800)]
vcl: repatch "align the RST behaviour with kernel"
The previous patch[37164] was a bit flawed.
Type: fix
Signed-off-by: Yacan Liu <liuyacan@corp.netease.com>
Change-Id: Ia9d8b9c7853e8f4b960ce7de26d0384243deb667
Dave Wallace [Wed, 21 Sep 2022 01:52:18 +0000 (21:52 -0400)]
tests: disable failing tests on ubuntu-22.04 debian-11
Type: test
Change-Id: I7b2314a731c83b3dcd69c999edb8ebed53839724
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Damjan Marion [Fri, 20 May 2022 14:01:22 +0000 (16:01 +0200)]
api: replace print functions wth format
Type: improvement
Change-Id: I7f7050c19453a69a7fb6c5e62f8f57db847d9144
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 20 May 2022 11:05:38 +0000 (13:05 +0200)]
api: keep api common code in vlibapi
Type: refactor
Change-Id: I6edbff9a02fcb3c592ccfe8f47ddb3f848be1b6d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Tue, 20 Sep 2022 13:10:10 +0000 (15:10 +0200)]
bfd: add tracing support to bfd-process
Outgoing packets can be now traced via:
trace add bfd-process <count>
Type: improvement
Change-Id: Ia19af6054289b18f55e518dbea251a2bee9b9457
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Piotr Bronowski [Tue, 20 Sep 2022 14:44:36 +0000 (14:44 +0000)]
ipsec: introduce fast path ipv6 inbound matching
This patch introduces fast path matching for inbound traffic ipv6.
Fast path uses bihash tables in order to find matching policy.
Adding and removing policies in fast path is much faster than in current
implementation. It is still new feature and further work needs
and can be done in order to improve the perfromance.
Type: feature
Change-Id: Iaef6638033666ad6eb028ffe0c8a4f4374451753
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Andrew Yourtchenko [Wed, 21 Sep 2022 12:03:02 +0000 (12:03 +0000)]
misc: Initial 23.02-rc0 commit
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ie89d68ea4e462dfd7276a75f420268f15394258d
fatelei [Wed, 8 Jun 2022 04:28:23 +0000 (12:28 +0800)]
docs: enhance install vpp docs
Type: docs
Change-Id: Ic1439ce658d9d53208b29d85440a6cc225ed5b74
Signed-off-by: fatelei <fatelei@gmail.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Filip Varga [Thu, 26 May 2022 11:49:22 +0000 (13:49 +0200)]
nat: adding docs for nat44-ed sub plugin
Type: docs
Change-Id: Icfa2bdc9367f8438b53da7c89caec263ed6ab056
Signed-off-by: Filip Varga <fivarga@cisco.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Benoît Ganne [Fri, 9 Sep 2022 15:02:31 +0000 (17:02 +0200)]
fib: add cli support for explicit link type
This adds the ability to specify we want an IPv4 route via an IPv6 adj
and vice-versa.
Type: improvement
Change-Id: I5f7f1ab89fc60244d31c26155bbd9b0db690257c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Mon, 12 Sep 2022 13:06:22 +0000 (15:06 +0200)]
arp: check for manually added proxy-arp entries
When manually adding neighbor entries for proxy-arp, those will be
fib-adj entries. Check for proxy-arp instead of dropping immediately.
Type: improvement
Change-Id: Id311159f2966c99719dc2a67d4d2bc92bf366029
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Andrew Yourtchenko [Wed, 14 Jul 2021 20:44:05 +0000 (22:44 +0200)]
misc: experimental script to get the list of the reviewers for a commit
The script accepts zero or one argument (the commit hash), and outputs
the detected components, the component maintainers,
and the final suggested reviewer list. See the script
for the example output.
Change-Id: Ief671fe837c6201bb11fd05d02af881822b0bb33
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Ting Xu [Sun, 24 Apr 2022 06:14:25 +0000 (06:14 +0000)]
packetforge: add packetforge for generic flow to extras
Add a new tool packetforge to extras. This tool is to support generic flow.
Packetforge is a library to translate naming or json profile format flow
pattern to the required input of generic flow, i.e. spec and mask. Using
python script flow_create.py, it can add and enable a new flow rule for
an interface via flow VAPI, and can delete an existed flow rule as well.
Command examples are shown below. Json profile examples can be found in
./parsegraph/samples.
Naming format input:
python flow_create.py --add -p "mac()/ipv4(src=1.1.1.1,dst=2.2.2.2)/udp()"
-a "redirect-to-queue 3" -i 1
python flow_create.py --del -i 1 -I 0
Json profile format input:
python flow_create.py -f "./flow_rule_examples/mac_ipv4.json" -i 1
With this command, flow rule can be added or deleted, and the flow
entry can be listed with "show flow entry" command in VPP CLI.
Packetforge is based on a parsegraph. The parsegraph can be built by
users. A Spec can be found in ./parsegraph as guidance. More details
about packetforge are in README file.
Type: feature
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: Ia9f539741c5dca27ff236f2bcc493c5dd48c0df1
Yacan Liu [Tue, 20 Sep 2022 06:19:19 +0000 (14:19 +0800)]
vcl: align the RST behaviour with kernel
When ESTABLISHED TCP connection is terminated by an RST packet,
EPOLLHUP + EPOLLRDHUP would be updeliever by VCL. If not using
VPP, app would receive EPOLLHUP + EPOLLERR + EPOLLIN(if requested) +
EPOLLRDHUP(if requested).
libevent will interpret the two cases as different EV combinations.
Below is the code snippet for libevent v2.12:
if (what & EPOLLERR) {
ev = EV_READ | EV_WRITE;
} else if ((what & EPOLLHUP) && !(what & EPOLLRDHUP)) {
ev = EV_READ | EV_WRITE;
} else {
if (what & EPOLLIN)
ev |= EV_READ;
if (what & EPOLLOUT)
ev |= EV_WRITE;
if (what & EPOLLRDHUP)
ev |= EV_CLOSED;
}
Type: fix
Signed-off-by: Yacan Liu <liuyacan@corp.netease.com>
Change-Id: Ice3d2861183b6ea499f66b727bbe175eeae5cb05
Naveen Joy [Tue, 30 Aug 2022 20:59:03 +0000 (13:59 -0700)]
tests: run tests against a running VPP
Usage:
test/run.py -r -t {test_filter}
Instead of starting a new instance of VPP, when the -r argument
is provided, test is run against a running VPP instance. Optionally,
one can also set the VPP socket directory using the -d
argument. The default location for socket files is
/var/run/user/${uid}/vpp and /var/run/vpp if VPP is started
as root.
Type: improvement
Change-Id: I05e57a067fcb90fb49973f8159fc17925b741f1a
Signed-off-by: Naveen Joy <najoy@cisco.com>
Filip Tehlar [Tue, 9 Aug 2022 14:44:47 +0000 (14:44 +0000)]
misc: add test framework for host stack
Type: feature
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I5a64a2c095cae3a4d5f8fdc73e624b010339ec8e
Nathan Skrzypczak [Fri, 16 Sep 2022 12:12:08 +0000 (14:12 +0200)]
cnat: coverity fix
Type: fix
Change-Id: Ib127331507724f853071e66ca1ddfc773a8ed200
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Dave Wallace [Mon, 19 Sep 2022 02:28:44 +0000 (22:28 -0400)]
tests: skip tests failing on ubuntu 22.04
Type: test
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I218059de5d05680d661f302293475b6c2a7bf81d
Vladislav Grishenko [Fri, 16 Sep 2022 17:01:00 +0000 (17:01 +0000)]
igmp: validate ip router alert option length
It's known there're one or more 32-bit increments in the ip
header. So just check ip router alert option length with minimal
performance impact, and don't care of the total options length.
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: I46dd06516f793846b931a1dc8612f2735f8d24d3
Jon Loeliger [Mon, 12 Sep 2022 17:41:06 +0000 (12:41 -0500)]
abf: add API parameter n_paths range checks
Also check for non-zero rpath length in CLI cmd.
While there, no need to use "else" after a return.
Also while there, notice and fix numerous input_line
buffer leaks and fix them.
Type: fix
Fixes:
669d07dc016757b856e1014a415996cf9f0ebc58
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: I18ea44b7b82e8938c3e793e7c2a04dfe157076d8
Benoît Ganne [Wed, 31 Aug 2022 10:05:43 +0000 (12:05 +0200)]
build: install missing headers
Type: fix
Change-Id: I4eb2a7190de90553c91133f940e068ed649120cb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Matthew Smith [Thu, 8 Sep 2022 21:03:10 +0000 (21:03 +0000)]
teib: fix segv during failed deletion of entry
Type: fix
If an attempt is made to delete a teib entry and the entry does not
exist, a message is logged. The format string contained an extra "%U",
which results in a segv.
Change-Id: I9b1d6ba63601982ba6ac8607cf710e34c311702a
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Benoît Ganne [Mon, 12 Sep 2022 15:56:16 +0000 (17:56 +0200)]
arp: update error reason when checking for proxy-arp
When we follow arp feature arc for proxy-arp, we should still update
the error reason in case proxy-arp cannot handle the arp request and
drops it.
Type: improvement
Change-Id: I046df017ca2056cfc12af0f0a968b401058bcd6d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Matthew Smith [Mon, 12 Sep 2022 19:54:43 +0000 (19:54 +0000)]
linux-cp: fix some CLI error messages
Type: fix
If unrecognized input was provided to the commands which add or delete a
pair, the error message was being created incorrectly and only displayed
something like "unknown input `'". Provide the correct argument to
format_unformat_error so that the actual unrecognized input is printed.
There also was no error or useful information printed if only the base
command were provided without any additional arguments. This should
print a warning about what required data was missing. Reorganize code to
handle this and to make sure that memory gets freed appropriately.
Change-Id: If454714f50cf41b3b56cfadfbf017f1d160e13a4
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Andrew Yourtchenko [Thu, 15 Sep 2022 12:11:06 +0000 (12:11 +0000)]
lisp: fix coverity 277315
Handle the case of the mapping not being found by GID.
Type: fix
Change-Id: Ibce3b9e8419c0dddca97b4d0d5a71f25dfd529d8
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Mohsin Kazmi [Wed, 14 Sep 2022 11:25:54 +0000 (11:25 +0000)]
virtio: add support for per queue packet counter
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I21a701a556b88a9d81f0e074a59fa34b3746b1d9
Junfeng Wang [Fri, 12 Aug 2022 08:24:46 +0000 (16:24 +0800)]
vcl: add hugepage for vcl configure and svm
add hugepage for vcl configure and svm
Type: feature
Signed-off-by: Junfeng Wang <drenfong.wang@intel.com>
Change-Id: I6a8905e3fec23d840e629114b1e5a403d0a258ef
Marvin Liu [Tue, 16 Aug 2022 06:49:09 +0000 (06:49 +0000)]
session: support dma option
add dma support to session, acclerate host-stack with dma
Type: feature
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Signed-off-by: Junfeng Wang <drenfong.wang@intel.com>
Change-Id: I3d492921d69d9e3e0b34d33adc33fba3bde9e1cc
Andrew Yourtchenko [Thu, 15 Sep 2022 11:46:30 +0000 (11:46 +0000)]
prom: fix coverity 277312, 277317
If one attempts to add a pattern with zero length, first time
it will succeed, and the second time it will cause an invalid memcmp call.
Solution: do not allow to add zero-length patterns.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ic08e021486153be605a4b12a2fe4422307bf68d2
Vladislav Grishenko [Fri, 19 Aug 2022 15:42:22 +0000 (20:42 +0500)]
nat: fix nat44-ed port range with multiple workers
The number of available dynamic ports is set to (0xffff - 1024) =
64511, which is not divisable by the pow2 number of workers - the
only integer divisors are 31 and 2081.
So, total dynamic port range of all workers will be less than it:
1 wrk: n = (port_per_thread = 64511/1)*1 = 64511 + 1025 = 65536
2 wrk: n = (port_per_thread = 64511/2)*2 = 64510 + 1025 = 65535
4 wrk: n = (port_per_thread = 64511/4)*4 = 64508 + 1025 = 65533
8 wrk: n = (port_per_thread = 64511/8)*8 = 64504 + 1025 = 65529
...
As seen, with multiple workers there are unused trailing ports for every
nat pool address and that is the reason of out-of-bound index in the
worker array on out2in path due (port - 1024) / port_per_thread math.
This was fixed in
5c9f9968de63fa627b4a72b344df36cdc686d18a, so packets
to unused ports will go to existing worker and dropped there.
Per RFC 6335 https://www.rfc-editor.org/rfc/rfc6335#section-6:
6. Port Number Ranges
o the System Ports, also known as the Well Known Ports, from 0-1023
(assigned by IANA)
o the User Ports, also known as the Registered Ports, from 1024-
49151 (assigned by IANA)
o the Dynamic Ports, also known as the Private or Ephemeral Ports,
from 49152-65535 (never assigned)
According that let's allocate dynamic ports from 1024 and have full port
range with a wide range of the workers number - 64 integer divisors in
total, including pow2 ones:
1 wrk: n = (port_per_thread = 64512/1)*1 = 64512 + 1024 = 65536
2 wrk: n = (port_per_thread = 64512/2)*2 = 64512 + 1024 = 65536
3 wrk: n = (port_per_thread = 64512/3)*3 = 64512 + 1024 = 65536
4 wrk: n = (port_per_thread = 64512/4)*4 = 64512 + 1024 = 65536
5 wrk: n = (port_per_thread = 64512/5)*5 = 64510 + 1024 = 65534
6 wrk: n = (port_per_thread = 64512/6)*6 = 64512 + 1024 = 65536
7 wrk: n = (port_per_thread = 64512/7)*7 = 64512 + 1024 = 65536
8 wrk: n = (port_per_thread = 64512/8)*8 = 64512 + 1024 = 65536
...
Modulo from
5c9f9968de63fa627b4a72b344df36cdc686d18a is still required
when the numbers of workers is not the integer divisor of 64512.
Type: fix
Fixes:
5c9f9968de63fa627b4a72b344df36cdc686d18a
Change-Id: I9edaea07e58ff4888812b0d86cbf41a3784b189e
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
luoyaozu [Mon, 5 Sep 2022 14:16:01 +0000 (22:16 +0800)]
ip-neighbor: fix debug log format output
Type: fix
Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: Ibfebe4da0197d1f60bf9edd3873fe1f776b680a4
Damjan Marion [Wed, 14 Sep 2022 14:00:09 +0000 (16:00 +0200)]
ip: show fib index in ip4 reassembly trace
Type: improvement
Change-Id: I371237803e2c3cb0e1b42b94f422867465e2bff6
Signed-off-by: Damjan Marion <dmarion@me.com>
Vladimir Ratnikov [Tue, 13 Sep 2022 13:09:53 +0000 (13:09 +0000)]
ipsec: make chacha20-poly1305 available via API
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I4e03f60f34acd7809ddc5a743650bedbb95b2e98
Damjan Marion [Thu, 8 Sep 2022 16:59:03 +0000 (18:59 +0200)]
vlib: add vlib_frame_bitmap_is_bit_set
Type: improvement
Change-Id: I2f3fab893a10b060f91b07ee17b8727d241830ea
Signed-off-by: Damjan Marion <dmarion@me.com>
Piotr Bronowski [Wed, 31 Aug 2022 13:48:14 +0000 (13:48 +0000)]
ipsec: introduce fast path ipv4 inbound matching
This patch introduces fast path matching for inbound traffic ipv4.
Fast path uses bihash tables in order to find matching policy. Adding
and removing policies in fast path is much faster than in current
implementation. It is still new feature and further work needs
and can be done in order to improve perfromance.
Type: feature
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: Ifbd5bfecc21b76ddf8363f5dc089d77595196675
Damjan Marion [Wed, 7 Sep 2022 15:54:39 +0000 (17:54 +0200)]
fib: fix path copy function to deal with provided DPO in exclusive path
DPO in the new copy was not locked ...
Type: fix
Fixes:
0bfe5d8
Change-Id: I39f1368de459af91c4bb857d98a4b531bd5692a6
Signed-off-by: Damjan Marion <dmarion@me.com>
Dmitry Valter [Mon, 5 Sep 2022 15:30:18 +0000 (15:30 +0000)]
vlib: don't leak node frames on refork
Free node frames in worker mains on refork. Otherwise these frames are
never returned to free pool and it causes massive memory leaks if
performed under traffic load
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: I15cbf024a3f4b4082445fd5e5aaa10bfcf77f363
Damjan Marion [Thu, 8 Sep 2022 17:00:06 +0000 (19:00 +0200)]
vppinfra: add clib_array_mask_set_u32()
Type: improvement
Change-Id: Idf1fb054d5ff495d772d01a79cbc6cd1b409d377
Signed-off-by: Damjan Marion <damarion@cisco.com>
Jing Peng [Fri, 8 Jul 2022 16:52:01 +0000 (12:52 -0400)]
nat: fix nat44-ed-in2out fast path next node
When a session is found expired, the next node of in2out fast path
should be in2out slow path instead of out2in slow path.
Type: fix
Signed-off-by: Jing Peng <jing@meter.com>
Change-Id: If1dd920502089c25b33bea5434823b0496a44499
Damjan Marion [Wed, 7 Sep 2022 16:52:18 +0000 (18:52 +0200)]
fib: missing headers
Type: improvement
Change-Id: I7f52222706200c31a731fadfb84513549ccb532d
Signed-off-by: Damjan Marion <dmarion@me.com>
Matthew Smith [Fri, 2 Sep 2022 14:34:38 +0000 (14:34 +0000)]
wireguard: eliminate some calls to main thread
Type: improvement
Roaming functionality allows the peer address to change. The main thread
was being called to update a peer's address if necessary after
processing a received packet. Check in the worker whether this is
necessary before incurring the overhead of the RPC to the main thread.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I02184b92dc658e0f57dd39993a3b2f9944187b45
Mohammed Hawari [Tue, 6 Sep 2022 16:08:12 +0000 (18:08 +0200)]
avf: check for VLAN_TOGGLE capability
The ability to modify the vlan setting must be checked prior to using
VIRTCHNL_OP_DISABLE_VLAN_STRIPPING_V2 both for inner and outer vlan
stripping
Change-Id: Iffe306c34b81a6077ad6ba5deb3f5b61b5475897
Type: fix
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Gabriel Oginski [Tue, 6 Sep 2022 08:59:16 +0000 (08:59 +0000)]
dpdk-cryptodev: reduce request to enable async
Originally initialization cryptodev device(s) calls double request
to enabled async mode and increased ref count twice for async mode.
Due to this cannot be change any assigned async handlers to other
async crypto engine.
The fixes reduce double request to enable async mode in initialization
cryptodev device(s) and VPP can be change assigned async handlers
to other crypto engine after disabled all async feature, for example:
ipsec, wireguard.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: If22e682c3c10de781d05c2e09b5420f75be151c3
Laszlo Kiraly [Fri, 2 Sep 2022 12:08:36 +0000 (14:08 +0200)]
build: Cleanup python2 from suse build and uplift opensuse version
- default to opensuse-leap 15.4, no python2 support in this version
- deprecate version openSUSE 15.0, openSUSE 15.3 still supported
Type: make
Signed-off-by: Laszlo Kiraly <laszlo.kiraly@est.tech>
Change-Id: Ic7178ff5238e2669bc45166c1f13d3f077f6069b
Signed-off-by: Laszlo Kiraly <laszlo.kiraly@est.tech>
luoyaozu [Fri, 2 Sep 2022 12:32:13 +0000 (20:32 +0800)]
vrrp: fix cli functions according to short_help
test output before fix:
DBGvpp# vrrp proto start sw_if_index 1 vr_id 1
vrrp proto: unknown input `sw_if_index 1 vr_id 1'
DBGvpp# vrrp vr track-if add sw_if_index 1 vr_id 1 track-index 1
priority 30
vrrp vr track-if: Please specify an interface
Type: fix
Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: Ib8ba67e920b23008d9246318ec8f8f17bf0bea95
Benoît Ganne [Tue, 12 Oct 2021 08:14:30 +0000 (10:14 +0200)]
ip: fix punt socket overflow
client_pathname is usually smaller than pc->caddr.sun_path. snprint()
ensures we stop at the NULL character or sizeof(sun_path) whichever
comes 1st. It also guarantees NULL character termination.
Type: fix
Change-Id: I9fc2a706beab931d50d32d03f7fafca7c6c2fb0b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 31 Aug 2022 09:45:17 +0000 (11:45 +0200)]
build: set OS_ID_LIKE only if unset
cmake MATCHES directive with the empty regex "" always match, including
non-empty strings.
Type: fix
Fixes:
534dfc1f18db74f4a2c78d62fe6893daba56dc86
Change-Id: If085b29da15a6d7fc680cebb823183fd3c7eea68
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Andrew Yourtchenko [Wed, 31 Aug 2022 14:37:36 +0000 (14:37 +0000)]
ipsec: fix coverity 249212
zero-initialize the variables
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I51c3856865eab037f646a0d184e82ecb3b5b3216
Dave Wallace [Tue, 30 Aug 2022 02:45:03 +0000 (22:45 -0400)]
build: remove lto flags in dpdk build
- Ubuntu 22.04 enables LTO by default and dpdk
adds lto flags to CFLAGS. This CI jobs to fail
with OOM-Kill (especially on ARM64) due to lto
consuming large amounts of memory.
Type: make
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I5a3d3a08e2caddb4790b281b80b16081567aed5b
Steven Luong [Mon, 25 Jul 2022 16:29:23 +0000 (09:29 -0700)]
udp: store mss and sw_if_index to udp_connection_t
Store mss and sw_if_index to udp_connection_t and display them via
show sessipn verbose 2
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I32928f3f4195b178873dc1bada702e035d99c464
Andrew Yourtchenko [Wed, 31 Aug 2022 14:11:59 +0000 (14:11 +0000)]
nat: fix coverity 249194
Zero-initialize a variable.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Iccf2eb4bf26755d6cd93fc70df3c5481d69ce7eb
Andrew Yourtchenko [Wed, 31 Aug 2022 14:16:10 +0000 (14:16 +0000)]
nat: fix coverity 249178
Zero-initialize the variable
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I4ee127ac3e2a3beffa11bbc96db1f3254b3f7c5d
Andrew Yourtchenko [Wed, 31 Aug 2022 14:20:40 +0000 (14:20 +0000)]
pppoe: fix coverity 218437, 218401
Initialize the session index in case of error to ~0,
so is defined in case trace needs to copy it.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Iddf6df42c09d2abc11e5821944eb4f41692e6e3e
Vladislav Grishenko [Sat, 20 Nov 2021 09:52:53 +0000 (14:52 +0500)]
gso: zero-initialize gho struct
It may contain garbage in debug builds resulting in wrong
gho detected flags and offsets.
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Ia79633262185016f527e7dc6c67334cda6f055f2
Mohsin Kazmi [Wed, 31 Aug 2022 11:14:28 +0000 (11:14 +0000)]
devices: fix coverity warning
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I0a58c0f54d8be31a0a78bef00152fb2cc193840e
Mohsin Kazmi [Tue, 30 Aug 2022 13:29:06 +0000 (13:29 +0000)]
devices: add support for polling mode
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I8d84dc8b7f5c5e863c32838cfafc3d366e2a7e00
Tianyu Li [Fri, 19 Aug 2022 10:19:07 +0000 (10:19 +0000)]
dpdk: fix arm iavf rx vector path on 22.03
dpdk 22.03 introduces iavf driver but misses rx vector path on Arm.
This causes VF fail to receive packet when running VPP device test
with no-multi-seg configuration.
Add iavf basic Neon RX support to fix this.
Type: fix
Fixes:
2f132efc3caf ("dpdk: bump to DPDK v22.03")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I75ae74c8060428cee0e1c235feab1246c014801e
Stanislav Zaikin [Tue, 10 May 2022 18:50:36 +0000 (20:50 +0200)]
l2: skip arp term for locally originated packets
Mark arp packet as locally originated when probing/replying and don't apply any
arp-term logic against it.
Type: fix
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Change-Id: I305ff5cac8cac456decf92f21b961aa4ce286079
Florin Coras [Mon, 29 Aug 2022 18:35:53 +0000 (11:35 -0700)]
tcp: do not overcount ooo bytes
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic81702bffb5b3189db48efe1ab3b237fa2bf75f2
Haiyue Wang [Tue, 30 Aug 2022 06:33:02 +0000 (14:33 +0800)]
dma_intel: fix the wrong unformat type
The unformat type for "%d" should be u32 or int, otherwise the 'did' in
high stack address will be overflow to zero by the 'qid' which is in the
low stack address.
Like input "dev wq3.2" will return "did=0, qid=2".
Type: fix
Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
Change-Id: I0fe1d5b03e2c47e0a7925193e2c2f1ccc31d3e90
Steven Luong [Mon, 29 Aug 2022 17:00:31 +0000 (10:00 -0700)]
memif: Process bad descriptors correctly in memif_process_desc
When there is a bad descriptor, it may in the beginning, in the middle,
or at the end of the batch if the batch has more than 3 descriptors.
When processing a bad descriptor is encountered in the batch, we need to
rollback n_buffers in memif_process_desc(), or the statement in the same
function
memif_add_copy_op (ptd, mb0 + src_off, bytes_to_copy,
dst_off, n_buffers - 1);
is wrong because it picks up the wrong buffer_vec_index of the bad
descriptor while parsing a good descriptor immediately following the
bad descriptor. n_buffers was incremented in the beginning of
while (n_left) loop.
The other problem is we should count the number of bad packets and
reduce ptd->n_packets to get the correct number of packets for subsequent
processing in device_input.
The last fix is to check if n_buffers == 0 in device_input and skip
doing any descriptor copy. This case can happen when all the descriptors
are bad in the batch.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I28ed1d87236b045657006755747b5750a9a733be
Andrew Yourtchenko [Tue, 23 Aug 2022 15:48:59 +0000 (15:48 +0000)]
ethernet: fix coverity 214973
Ensure that the ethernet_input_inline_dmac_check which directly derefererences ei,
is called only if ei is set.
Type: fix
Change-Id: I2d3bce63ee457825a5d375a6102225f3abf67703
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Andrew Yourtchenko [Fri, 26 Aug 2022 13:46:44 +0000 (13:46 +0000)]
vlib: fix coverity 274750, part 2
Add another missing null check.
Type: fix
Change-Id: Iec4de548810efe369a6e61b8787131230506cff6
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Andrew Yourtchenko [Fri, 26 Aug 2022 13:13:20 +0000 (13:13 +0000)]
vlib: fix coverity 277203
Fix integer overflow.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I72de6f88be064f188204d0f6d3167a3a8d7de58d
Fan Zhang [Tue, 2 Aug 2022 10:17:08 +0000 (10:17 +0000)]
dpdk: bump to 22.07
Type: feature
This patch bumps DPDK version to 22.07.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I72ecb31ca15774aed4453778042120610020a0c1
Andrew Yourtchenko [Tue, 30 Aug 2022 11:22:09 +0000 (11:22 +0000)]
ethernet: refactor the redundant code
Following the discussion during the review
of
b46a4e69e5db18ef792415439d04a0ab22c59386,
remove the redundant ei0. This resulted in realization
that in order for this code to do anything useful,
the ei must be always non-zero, so rewrite the logical
condition for it. Also, make it a conjunction which seems simpler
to understand.
Type: improvement
Change-Id: Ibd7b2a63e4aeaf97eb1a98af8e69aed2ff7dd577
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Arthur de Kerhor [Fri, 26 Aug 2022 08:57:35 +0000 (10:57 +0200)]
vlib: use error description when dropping packets
Using the error name makes it less explicit in the packet trace than
the error description when a packet is dropped. Example of the trace
when the TTL is <=1:
01:03:17:015278: drop
ip4-input: time_expired
We should have "ip4 ttl <= 1" instead of "time_expired"
Type: fix
Change-Id: Ic9decf10d609cc938e39d0f449359e41c406267e
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Jieqiang Wang [Sun, 14 Aug 2022 09:49:44 +0000 (17:49 +0800)]
ethernet: fix mac address increment error
Using "ip neighbor <ip-addr> <mac-addr> static count <count>" to add
static ARP entries will output wrong mac addresses due to lack of
big/little endian conversion. Fix this error by converting mac address
from big endian to little endian before doing the self-increment.
Before patched:
vpp# ip neighbor rdma-0 198.18.1.1 01:aa:bb:cc:dd:e0 static count 5
vpp# show ip neighbor
Time IP Flags Ethernet Interface
4.4400 198.18.1.5 S 05:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.4 S 04:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.3 S 03:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.2 S 02:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.1 S 01:aa:bb:cc:dd:e0 rdma-0
After patched:
vpp# ip neighbor rdma-0 198.18.1.1 01:aa:bb:cc:dd:e0 static count 5
vpp# show ip neighbor
Time IP Flags Ethernet Interface
4.4528 198.18.1.5 S 01:aa:bb:cc:dd:e4 rdma-0
4.4528 198.18.1.4 S 01:aa:bb:cc:dd:e3 rdma-0
4.4528 198.18.1.3 S 01:aa:bb:cc:dd:e2 rdma-0
4.4527 198.18.1.2 S 01:aa:bb:cc:dd:e1 rdma-0
4.4527 198.18.1.1 S 01:aa:bb:cc:dd:e0 rdma-0
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Iec1e00e381e4aba96639f831e7e42e070be3f278
Andrew Yourtchenko [Tue, 23 Aug 2022 17:29:00 +0000 (17:29 +0000)]
fib: fix coverity 249175
Add an assert to express the constraint to coverity without
incurring the overhead in release builds.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I2c22f8b2565c645d95c9c0be37381060e151420f
Andrew Yourtchenko [Tue, 23 Aug 2022 17:23:47 +0000 (17:23 +0000)]
fib: fix coverity 253539
Add an ASSERT so coverity is aware of the assumption taken,
without incurring any penalty in release build.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I3e7e1e77059492315409efbed47657f9e56d167c
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Andrew Yourtchenko [Tue, 23 Aug 2022 15:38:05 +0000 (15:38 +0000)]
ethernet: fix coverity 218549
Check that the pointer is non-null before dereferencing it.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I611a1042d08bbe455dd09a4fa5711fe86c440240
Benoît Ganne [Mon, 29 Aug 2022 09:56:08 +0000 (11:56 +0200)]
nat: fix coverity 249202
In case of a bad packet, the bihash kv is not initialized before being
copied in the trace. Make sure it is initialized to 0.
Type: fix
Change-Id: I22fcfe99f3586d0fa128493059547a56557b8fb5
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Mohsin Kazmi [Wed, 27 Jul 2022 13:43:07 +0000 (13:43 +0000)]
libmemif: fix the buffer size
Type: fix
Previously, libmemif can only use buffer size which
have to be power of 2. memif protocol does not enforce
this. This patch fixes this issue.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ic71e6a51685e2c2228c744920797064d4c7c65c9
Mohsin Kazmi [Wed, 27 Jul 2022 15:04:01 +0000 (15:04 +0000)]
libmemif: add support for custom buffer-size and headroom in icmp example app
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I2bdaee7938a3747e3217d6901ec3c66f1ee3da61
Andrew Yourtchenko [Fri, 26 Aug 2022 13:59:35 +0000 (13:59 +0000)]
linux-cp: fix coverity 216937
Initialize the host_sw_if_index to ~0 so in the error cases
the variable is set to something predictable.
Type: fix
Change-Id: Ic55e4f0cbfa286e85dfb54b89b5321af18a439a1
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Andrew Yourtchenko [Tue, 23 Aug 2022 16:54:53 +0000 (16:54 +0000)]
nsh: fix coverity 249201
Zero-initialize the temporary struct, else a->map.adj_index is being used unset.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ia02636ea1e911250d6aa5e413de48e1e09863880
Dave Wallace [Thu, 25 Aug 2022 21:42:24 +0000 (17:42 -0400)]
build: disable gcc warning stringop-overflow for gcc-10 or greater
- this warning causes build errors with gcc on ubuntu 22.04
Type: make
Change-Id: Id8f6ab44b2315ce8a4564ea924d799ecb6f57fdf
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Marvin Liu [Wed, 17 Aug 2022 01:38:40 +0000 (09:38 +0800)]
vlib: introduce DMA infrastructure
This patch introduces DMA infrastructure into vlib. This is well known
that large amount of memory movements will drain core resource. Nowadays
more and more hardware accelerators were designed out for freeing core
from this burden. Meanwhile some restrictions still remained when
utilizing hardware accelerators, e.g. cross numa throughput will have a
significant drop compared to same node. Normally the number of hardware
accelerator instances will less than cores number, not to mention that
applications number will even beyond the number of cores. Some hardware
may support share virtual address with cores, while others are not.
Here we introduce new DMA infrastructure which can fulfill the
requirements of vpp applications like session and memif and in the
meantime dealing with hardware limitations.
Here is some design backgrounds:
Backend is the abstract of resource which allocated from DMA device
and can do some basic operations like configuration, DMA copy and
result query.
Config is the abstract of application DMA requirement. Application
need to request an unique config index from DMA infrastructure. This
unique config index is associated with backend resource. Two options
cpu fallback and barrier before last can be specified in config.
DMA transfer will be performed by CPU when backend is busy if cpu
fallback option is enabled. DMA transfer callback will be in order
if barrier before last option is enabled.
We constructs all the stuffs that DMA transfer request needed into
DMA batch. It contains the pattern of DMA descriptors and function
pointers for submission and callback. One DMA transfer request need
multiple times batch update and one time batch submission.
DMA backends will assigned to config's workers threads equally. Lock
will be used for thread-safety if same backends assigned to multiple
threads. Backend node will check all the pending requests in worker
thread and do callback with the pointer of DMA batch if transfer
completed. Application can utilize cookie in DMA batch for selves
usage.
DMA architecture:
+----------+ +----------+ +----------+ +----------+
| Config1 | | Config2 | | Config1 | | Config2 |
+----------+ +----------+ +----------+ +----------+
|| || || ||
+-------------------------+ +-------------------------+
| DMA polling thread A | | DMA polling thread B |
+-------------------------+ +-------------------------+
|| ||
+----------+ +----------+
| Backend1 | | Backend2 |
+----------+ +----------+
Type: feature
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Change-Id: I1725e0c26687985aac29618c9abe4f5e0de08ebf
Aloys Augustin [Thu, 25 Aug 2022 11:00:31 +0000 (13:00 +0200)]
wireguard: fix ipv6 payload_length computation
The ipv6 header length should not be counted in the ipv6 payload length.
This is similar to https://gerrit.fd.io/r/c/vpp/+/36945.
Type: fix
Change-Id: I22de0ff828175829102a85288513ee3f55709108
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Matthew Smith [Tue, 23 Aug 2022 15:46:25 +0000 (15:46 +0000)]
vlib: allow longer version string
Type: improvement
When trying to use a version string in a downstream build that appends a
timestamp to the standard version string, compiling fails because the
version string is too long for the version and version_required fields
in vlib_plugin_registration_t. Increase the size of those arrays from 32
to 64 chars.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I3632139e5ae7110aa4769359f380ad29522ad4ed
Andrew Yourtchenko [Tue, 23 Aug 2022 17:09:25 +0000 (17:09 +0000)]
ipsec: fix coverity 249204
Zero-initialize the temporary struct, else coverity complains about a bunch of uninitialized fields.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I45dc42134f06917a7459d615804f978a175bec0f
Matthew Smith [Fri, 19 Aug 2022 19:54:40 +0000 (19:54 +0000)]
linux-cp: handle AF_BRIDGE neighbors
Type: improvement
VPP crashes when a linux-cp tap is added to a bridge on the host system
because rtnl_neigh_get_dst() returns NULL for the neighbor message that
is sent by the kernel.
Check for NULL before trying to use the address from a neighbor in a
netlink message.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I8a683d815a09620df9c0cc76e18df39828428e2c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>