Neale Ranns [Wed, 4 Dec 2019 06:11:00 +0000 (06:11 +0000)]
fib: Allow the creation of new source on the API
Type: feature
an client can dump the existing sources, examine their
priorities, then define thier own source.
Usefull if a client wants to distingusih between say, static,
ospf, bgp, etc routes it has added over the API.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I5158b4fa1ebe87381ff8707bb173217f56ea274a
Klement Sekera [Mon, 15 Mar 2021 20:30:15 +0000 (21:30 +0100)]
api: allow specifying no timeout
This functionality is used in make test when DEBUG=gdb is used.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1339e6460aa624a3bcb4b03db46991590e126f92
Klement Sekera [Mon, 15 Mar 2021 18:52:57 +0000 (19:52 +0100)]
nat: get rid of worker selection callbacks
Make code easier to read and debug.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ib52a4cdd3bcdcc475053aa32af3964c00859e1cd
Mohammed Hawari [Wed, 10 Feb 2021 08:38:05 +0000 (09:38 +0100)]
ipsec: allow inbound non-tunnel SA through CLI
Change-Id: Ia304488900bd9236ab4e7cc6f17ae029ee6f2c00
Type: fix
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Andrew Yourtchenko [Tue, 23 Feb 2021 08:56:27 +0000 (08:56 +0000)]
nat: pnat copy and clear byte instructions
Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I8e48bdcc4c311717e067bb0a4e0b409a2eb8e83d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Ole Troan <ot@cisco.com>
Brian Russell [Thu, 4 Mar 2021 17:13:11 +0000 (17:13 +0000)]
tests: fix syntax warning in ipsec tun test
Testing for equality should be done via '==' rather
than 'is' which tests identity.
Type: fix
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Iade53aea61d8aadcf6bffbfbef7fdac9a1004873
Dave Barach [Mon, 15 Mar 2021 15:10:27 +0000 (11:10 -0400)]
dns: fix crash when printing unlikely msg
%U format, arguments out of order, etc.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I829a3e5808923f096369ccf6af6386060ee8b62f
Filip Tehlar [Mon, 22 Feb 2021 16:15:51 +0000 (16:15 +0000)]
ikev2: support responder hostname
Type: feature
Ticket: VPP-1901
Change-Id: I1ad222b54363fd35679d0132d458345a9a18362c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Nathan Skrzypczak [Fri, 5 Mar 2021 16:16:40 +0000 (17:16 +0100)]
cnat: maglev fixes
This fixes cnat_feature node LB
- use siblings instead of direct next_nodes
- only do the lookup if we have NO_NAT
- fix behavior in v6
Type: fix
Change-Id: Ie80c9912946bf55c30eadeb51340f4aec9bb297e
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Dave Barach [Thu, 11 Mar 2021 20:12:29 +0000 (15:12 -0500)]
misc: finish removing deprecated cop API
Fix bug in crcchecker. It must be possible to remove a non-production
.api file
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I00b953e58017cc53051e6f4d8a70403dce8219a0
Mohammed Hawari [Wed, 10 Feb 2021 08:20:51 +0000 (09:20 +0100)]
dpdk: implement interrupt mode
Change-Id: I6ababc99ecf559327a4370914580c98d32680175
Type: feature
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Ole Troan [Wed, 3 Mar 2021 09:40:05 +0000 (10:40 +0100)]
tests: use socket transport instead of shared memory
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9e65c94a5a05047a5104e9361ea36eac77b40442
Signed-off-by: Ole Troan <ot@cisco.com>
Andrew Yourtchenko [Thu, 11 Mar 2021 12:33:59 +0000 (12:33 +0000)]
libmemif: fix the include for ssize_t
Change-Id: I83830e64fb0fc302474837ebfa4f8cb133b1dccf
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Klement Sekera [Mon, 15 Mar 2021 14:46:09 +0000 (15:46 +0100)]
nat: remove unused parameter
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ifb4a9c52fd2c5dd9f3f5cf41214aa1851f6d7acd
Klement Sekera [Fri, 12 Mar 2021 17:16:10 +0000 (18:16 +0100)]
tests: fix NoneType printing if VPP died early
Make error message more meaningful.
Type: fix
Change-Id: I3c49cb179c3ee7a59657b3ae9a06311f57dc52ac
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Mohammed Hawari [Fri, 5 Feb 2021 14:40:00 +0000 (15:40 +0100)]
ip: extend punt CLI for exception packets
Change-Id: I20e48a5ac8068eccb8d998346d35227c4802bb68
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: feature
Dmitry Vakrhushev [Thu, 11 Feb 2021 21:42:40 +0000 (00:42 +0300)]
interface: fix extra locking on fib/mfib table
Unlocking previeous fib/mfib table before bind it to a new.
Currently if rebind interface table from one to another,
previous table's lock wouldn't decrease the locks count.
Type: fix
Change-Id: I09340baf1c7039aed3be15ee231eded7364b213e
Signed-off-by: Dmitry Vakrhushev <dmitry@netgate.com>
Klement Sekera [Wed, 10 Mar 2021 09:45:44 +0000 (10:45 +0100)]
nat: remove unused import
Type: style
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I66b7ed03f784f3992a910ad6a52ed89116a39297
Andrew Yourtchenko [Tue, 9 Mar 2021 19:02:06 +0000 (19:02 +0000)]
libmemif: add an include of sys/types.h header file
the ssize_t is defined there.
Change-Id: Ie46d196347ab91d0a92c15f331db14fe3b57061c
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Florin Coras [Thu, 11 Mar 2021 00:15:11 +0000 (16:15 -0800)]
hsa: add support for tls to proxy
Type: improvement
Change-Id: I934e1e981bfa3e5ef81a61b2180604f9b9fc991b
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Tue, 9 Mar 2021 16:36:25 +0000 (08:36 -0800)]
session tls: deq notifications for custom tx
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6ed2104e9d79c367ca36460047586f9b632c3315
Damjan Marion [Thu, 11 Mar 2021 11:17:33 +0000 (12:17 +0100)]
misc: fix gcc-11 build
Type: fix
Change-Id: Ia17c8255806a2575bb75ed37050b47ddb347050c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 10 Mar 2021 13:35:28 +0000 (14:35 +0100)]
vlib: refactor node function variants
It allows default variant selection from startup.conf
Type: improvement
Change-Id: Idff95e12dd0c105dab7c905089548b05a6e974e0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Tue, 9 Mar 2021 21:34:57 +0000 (16:34 -0500)]
misc: remove cop API support (part 1)
API marked for deprecation last year due to non-inclusive language.
Last supported release: 21.01. See the "adl" plugin.
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I931e58ced9cc8403ca5b23fd6b07e50d0ff7306b
Florin Coras [Wed, 10 Mar 2021 08:21:02 +0000 (00:21 -0800)]
session: check if fifo exists in cl bound notification
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I316575a4b199916920cad6be8f9b49025d6ccc2d
Damjan Marion [Tue, 9 Mar 2021 15:28:15 +0000 (16:28 +0100)]
interface: fix interface-output and interface-tx multiarch selection
Type: fix
Change-Id: I77723dcbf753c2a7f1ec00f034d8ab604f12214b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Andrew Yourtchenko [Thu, 18 Feb 2021 11:36:22 +0000 (11:36 +0000)]
tests: re-enable the rest of NAT44ED tests for multiworker
Type: test
Change-Id: I37a12e3580c3631582f366944fe30f325b46f366
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Klement Sekera [Tue, 9 Mar 2021 16:53:47 +0000 (17:53 +0100)]
nat: fix dst nat thread issues
Make sure packet lands on the right thread for dst nat case.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I0ec4e4c2bb3fa80ff73fac588c36d36420ba68fa
Damjan Marion [Tue, 9 Mar 2021 14:21:28 +0000 (15:21 +0100)]
vlib: remove unused function
Not used for a looong time....
Type: refactor
Change-Id: I4b1d6216dbd349dd02c1d7c884f89ece66cd6045
Signed-off-by: Damjan Marion <damarion@cisco.com>
Ole Troan [Tue, 9 Mar 2021 08:25:33 +0000 (09:25 +0100)]
pnat: coverity fixes
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ia1cfdbd39ed458cb3fffd29a8b6d6eff64644de8
Nathan Skrzypczak [Mon, 8 Mar 2021 08:37:43 +0000 (09:37 +0100)]
cnat: Coverity fix
Type: fix
Change-Id: I004a49e59d8643599fc99ad6fa5848d3cf289b7a
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Florin Coras [Fri, 5 Mar 2021 21:30:18 +0000 (13:30 -0800)]
tcp: account for option alignment in initial snd_mss
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I24225ada6623c5b5543341ecac0d6c1db43cc8a9
Klement Sekera [Fri, 5 Mar 2021 19:34:05 +0000 (20:34 +0100)]
nat: replace main vlib with per-thread vlib
Fix incorrect vlib main usage.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ic5304ca844f1b27756818eb6995b1d9c08412674
Klement Sekera [Wed, 3 Mar 2021 21:14:55 +0000 (22:14 +0100)]
nat: fix worker selection
Use correct ports from SVR. Perform lookup of existing session for all
cases to pick any created bypasses and derive correct thread indexes.
Type: fix
Change-Id: I1e3814c9e13cd4d9b8d65f514f7e9ab42df3c22e
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Klement Sekera [Thu, 4 Mar 2021 17:41:02 +0000 (18:41 +0100)]
nat: test - add show trace
Add missing show trace.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2f216bfc1bc70ebcbf5593214d46601f44f0b6e2
Damjan Marion [Fri, 5 Mar 2021 13:41:25 +0000 (14:41 +0100)]
dispatch-trace: move dispatch trace pcap code to plugin
Type: refactor
Change-Id: I02a527f57853ebff797f0d85761b71127916d6ce
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Thu, 4 Mar 2021 18:53:55 +0000 (19:53 +0100)]
nat: use correct node indexes for queues
Type: fix
Change-Id: I30b847acc4653fea9d609fc0d5875c3fda0824ef
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Andrew Yourtchenko [Thu, 4 Mar 2021 10:04:41 +0000 (10:04 +0000)]
vppapigen: expose the values of per-message "options" in the api.json files
Also fix the vapi parser's assumption about what
the container with CRC is supposed to look like..
Change-Id: I3a23ef6c1502232742c03d227eb3654fb757709c
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Damjan Marion [Fri, 5 Mar 2021 10:39:02 +0000 (11:39 +0100)]
avf: don't memcpy if adminq output buffer size is 0
Type: fix
Change-Id: I0df14ff87d0bf51eeb392f72434febf6c4a2957a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Thu, 4 Mar 2021 16:23:26 +0000 (16:23 +0000)]
fib: format function for adjacency flags
Type: improvement
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ib01ed3231321f0f38c4b1deb885c4cf718cc0147
Damjan Marion [Thu, 4 Mar 2021 17:41:59 +0000 (18:41 +0100)]
interface: move vnet_pcap_t to vnet
It naturally belogns there...
Type: refactor
Change-Id: I05f7ba01103a5e9b3756f1ea69c8cc5d8f26f0a0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Andrew Yourtchenko [Thu, 4 Mar 2021 16:56:38 +0000 (16:56 +0000)]
tests: improve the robustness of process cleanup on INT/TERM signals
Change-Id: I3049d3d7d1212236dcc63ebf5560f87561928520
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Neale Ranns [Thu, 4 Oct 2018 13:40:30 +0000 (06:40 -0700)]
mss_clamp: TCP MSS clamping plugin
Type: feature
Configure TCP MSS clamping on an interface as follows:
set interface tcp-mss-clamp [rx|tx] <interface-name>
ip4 [enable|disable|rx|tx] ip4-mss <size>
ip6 [enable|disable|rx|tx] ip6-mss <size>
Change-Id: I45b04e50a0b70a33e14a9066f981c651292ebffb
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com>
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Ole Troan [Tue, 15 Dec 2020 09:19:25 +0000 (10:19 +0100)]
api: crchcecker ignore version < 1.0.0 and outside of src directory
- For check patchset ignore files outside of src directory
- For check patchset ignore files that have version < 1.0.0
- fix Pylint warnings
- Modify vppapigen_crc to include version in JSON output
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I171cf6397e129e2438b2a494c5656236a7810f7b
Steven Luong [Thu, 4 Mar 2021 00:56:19 +0000 (16:56 -0800)]
l2: coverity woe in l2_rw_mod_entry
Coverity complains that the statement
if (!e)
return -1;
is never true and is logically dead code in the subject function. It is
right. e is assigned in both the if and else statementes immediately above
and can never be null.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic2d0e76eff696ee689a68a07913876dcecf5c647
Vladimir Ratnikov [Fri, 5 Mar 2021 09:22:59 +0000 (04:22 -0500)]
dpdk: fix rte mempool for rx_queues
Change dpdk_ops_vpp_get_count() return value from 0
to actual available pool size;
For some drivers/envs(azure,vmbus) rx_queue size
will be zero and the only 1 element will be created
(0 + 1)
When more than one packet will arrive, it will cause
SEGFAULT
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Ibe7da6acc91200bec33d99f580044456d8984110
Neale Ranns [Thu, 25 Feb 2021 19:09:24 +0000 (19:09 +0000)]
ipsec: Support async mode per-SA
Type: feature
This feautre only applies to ESP not AH SAs.
As well as the gobal switch for ayncs mode, allow individual SAs to be
async.
If global async is on, all SAs are async. If global async mode is off,
then if then an SA can be individually set to async. This preserves the
global switch behaviour.
the stratergy in the esp encrypt.decrypt nodes is to separate the frame
into, 1) sync buffers, 2) async buffers and 3) no-op buffers.
Sync buffer will undergo a cyrpto/ath operation, no-op will not, they
are dropped or handed-off.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ifc15b10b870b19413ad030ce7f92ed56275d6791
Neale Ranns [Fri, 26 Feb 2021 10:35:33 +0000 (10:35 +0000)]
ipsec: Submit fuller async frames
Type: improvement
In the current scheme an async frame is submitted each time the crypto
op changes. thus happens each time a different SA is used and thus
potentially many times per-node. thi can lead to the submision of many
partially filled frames.
change the scheme to construct as many full frames as possible in the
node and submit them all at the end. the frame owner ship is passed to
the user so that there can be more than one open frame per-op at any
given time.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ic2305581d7b5aa26133f52115e0cd28ba956ed55
Robert Shearman [Fri, 26 Feb 2021 11:25:04 +0000 (11:25 +0000)]
marvell: check return value of vlib_trace_buffer
Check the value of vlib_trace_buffer in mrvl_pp2_input_trace to fix a
compiler error for an unused result of the function.
Type: fix
Fixes:
9a3973e3a36bfd4dd8dbffe130a92649fc1b73d3
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Change-Id: Ib005ae662885ed8ef902607037b843a524789a19
Robert Shearman [Fri, 26 Feb 2021 11:26:38 +0000 (11:26 +0000)]
marvell: spelling fixes
Fix places where "Marvel" is used incorrectly instead of "Marvell".
Type: style
Change-Id: I9247676ab08faed31e7b813f6f496ba008210c00
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Robert Shearman [Fri, 26 Feb 2021 11:24:59 +0000 (11:24 +0000)]
marvell: fix implicit declaration of function
Fix compile error due to implicit declaration of
vnet_hw_if_get_rxq_poll_vector by including the header file that
declares this.
Type: fix
Fixes:
b85b0df2a039b694fb2f3c09a01decfb89d7bce2
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Change-Id: I4a21743df93ffaa637641838d30b3b5c70dd79ef
Damjan Marion [Thu, 4 Mar 2021 23:14:15 +0000 (00:14 +0100)]
crypto: revert "fix ops flags in crypto sw scheduler"
This reverts commit
30ad571cc35e4dc6d4d7e50b81b97f83f8770eea.
Type: fix
Change-Id: If8c6e388e732d2a1b5efd0677d9528a646365f94
Signed-off-by: Damjan Marion <damarion@cisco.com>
Nathan Skrzypczak [Tue, 26 Jan 2021 10:49:03 +0000 (11:49 +0100)]
docs: Update macos doc to clang-format
Type: docs
Change-Id: Ibf825ac8b1591e8109be0b3b8d56ee85ae5145a4
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Filip Tehlar [Sat, 20 Feb 2021 02:26:17 +0000 (02:26 +0000)]
misc: add ikev2 tests usecases
Type: test
Ticket: VPP-1893
Change-Id: Ib6ffd00e73f7110bf9e702f4a0fd5c68395d6786
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Mon, 22 Feb 2021 20:46:49 +0000 (20:46 +0000)]
ikev2: fix incorrect api message
Type: fix
Change-Id: I9b3f4531070786f583e18609dfae1d95487ce93c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Nathan Skrzypczak [Thu, 25 Feb 2021 16:42:50 +0000 (17:42 +0100)]
cnat: Add calico/k8s src policy
This patch implements k8s-specific extensions
to the cnat plugin.
This could be done by exposing a richer semantic
on srcNAT policies, but this might be too complex
work at this point. Also k8s fits quite well as a
'cloud NAT' usecase.
Type: feature
Change-Id: I2266daf7b10a92e65f5ed430838a12ae826bd333
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Thu, 25 Feb 2021 16:39:03 +0000 (17:39 +0100)]
cnat: Prepare extended snat policies
Type: refactor
Change-Id: I9ca3333274d6f32b6aff57f0fb3d2049c066337a
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Fri, 26 Feb 2021 17:12:20 +0000 (18:12 +0100)]
cnat: Fix snat with dhcp
Type: fix
We didn't check that the srcEndpoint was resolved
when creating the session, we could end up sNATing
with 0.0.0.0 as src_addr
Change-Id: If8dfa577e659cfe90b148657a44c0390a7d383e9
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Benoît Ganne [Fri, 22 Jan 2021 17:11:37 +0000 (18:11 +0100)]
crypto: fix ops flags in crypto sw scheduler
The sw crypto scheduler converts crypto frames to individual crypto
operations. This is done by reusing per-thread vectors for crypto,
integrity and chained operations.
The crypto op flags must be reset to frame flags minus invalid values
depending of the operation.
The previous tentative also cleared the chained buffer flag, breaking
jumbo support.
Type: fix
Change-Id: Icce6887a9e0dae8c300c56e97b977e203e784713
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Fri, 22 Jan 2021 17:09:40 +0000 (18:09 +0100)]
crypto: add support for aes-ctr+sha-1 chains
Type: feature
Change-Id: I9d4f90bc701d2b9b903a018f8d27cec5e129d7be
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Wed, 3 Mar 2021 20:58:57 +0000 (12:58 -0800)]
hsa: fix builtin echo apps with multiple workers
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9507b5a9755e938b4d1da657bed3a8681a056427
Steven Luong [Thu, 4 Mar 2021 03:03:38 +0000 (19:03 -0800)]
bonding: coverity woe in bond_dev_class fuction
Coverity complans the line
h = hashes;
uses uninitialized variable if the prior ASSERT statement is hit.
ASSERT is compiled out coverity as well as in release image. So the
complain is legitimate. Change the ASSERT to drop the frame and log
an error instead.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ibf0c204fe3626afca69ea84484e606566cf3244c
Robert Shearman [Fri, 26 Feb 2021 11:16:33 +0000 (11:16 +0000)]
dpdk: fix include directories with system dpdk
Add the DPDK_INCLUDE_DIRS variable which is set by pkg_check_modules
to the include directories to allow use of system DPDK where the
headers aren't under standard include directories.
Type: fix
Fixes:
f15a5791ba870a98a2ab7dec101bbbb9b6e266c1
Change-Id: Ifd4b4170572911b6e0580cdf114ad87cfa771931
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Robert Shearman [Fri, 26 Feb 2021 11:24:48 +0000 (11:24 +0000)]
marvell: remove unused variable
Fix compile error in mrvl_pp2_delete_if caused by unused variable by
removing that variable.
Type: fix
Fixes:
b85b0df2a039b694fb2f3c09a01decfb89d7bce2
Change-Id: I819bcfbfdbd0f85cc42be953be63ef124520852c
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Jakub Grajciar [Mon, 1 Mar 2021 07:54:35 +0000 (08:54 +0100)]
libmemif: verify length of transmitted buffers
In memif_tx_burst verify that total buffer size
(data_offset + data_len) does not exceed buffer
size. If not valid returns MEMIF_ERR_INVAL_ARG.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ifae8f92344a401febbc1efd22c301356ccf83d44
Steven Luong [Sun, 28 Feb 2021 17:45:16 +0000 (09:45 -0800)]
memif: Validate descriptors within process boudary
We hit a crash when the client sends us a bogus deescriptor which causes us
to access memory beyong the mapping. While the client clearly should not do
that, it is rather cheap for VPP to validate the descriptor instead of crash
and burn.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Id09035810939f5f98530f212f0b23e606132251d
Ray Kinsella [Thu, 14 Jan 2021 16:37:37 +0000 (16:37 +0000)]
dpdk: enable AVX-512 on ICL
Enable DPDK AVX-512 Vector PMDs on Intel Icelake
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
Change-Id: Ie5d5bf54ccaa65c1d053d56a2f2973fe8625193b
Andrew Yourtchenko [Wed, 3 Mar 2021 13:52:55 +0000 (13:52 +0000)]
build: add libmemif as part of build-coverity target
Change-Id: I81a3b5d0845724da40b483832a8eaed081e6e4ed
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Fan Zhang [Thu, 25 Feb 2021 12:53:36 +0000 (12:53 +0000)]
dpdk: deprecate ipsec backend
Type: refactor
DPDK crypto devices are now accessible via the async infra, so
there is no need for the DPDK ipsec plugin.
In addition this patch fixes the problem that cryptodev backend
not working when master core and worker cores lies in different
numa nodes.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie8516bea706248c7bc25abac53a9c656bb8247d9
Jieqiang Wang [Wed, 10 Feb 2021 15:16:51 +0000 (15:16 +0000)]
vppinfra: fix compiling error due to incompatible udphdr field names
Compiling VPP on CentOS 7 will fail shown as below. The root cause is
that uh_sport/uh_dport field names for struct udphdr are chosen only if
macro __FAVOR_BSD in /usr/include/netinet/udp.h is defined for glibc
version less than 2.19. Fix this issue by using source and dest field
names in struct udphdr for compatibility reasons.
FAILED: vppinfra/CMakeFiles/vppinfra.dir/unix-formats.c.o
ccache /opt/rh/devtoolset-9/root/bin/cc -Dvppinfra_EXPORTS -I/vpp/src -I. -Iinclude -Wno-address-of-packed-member -g -fPIC -Werror -Wall -march=corei7 -mtune=corei7-avx -O2 -fstack-protector -D_FORTIFY_SOURCE=2 -fno-common -flto -fno-fat-lto-objects -fPIC -fvisibility=hidden -ffunction-sections -fdata-sections -MD -MT vppinfra/CMakeFiles/vppinfra.dir/unix-formats.c.o -MF vppinfra/CMakeFiles/vppinfra.dir/unix-formats.c.o.d -o vppinfra/CMakeFiles/vppinfra.dir/unix-formats.c.o -c /vpp/src/vppinfra/unix-formats.c
/vpp/src/vppinfra/unix-formats.c: In function 'format_udp4_packet':
/vpp/src/vppinfra/unix-formats.c:319:19: error: 'struct udphdr' has no member named 'uh_sport'
319 | u16 source = udp->uh_sport;
| ^~
/vpp/src/vppinfra/unix-formats.c:320:17: error: 'struct udphdr' has no member named 'uh_dport'
320 | u16 dest = udp->uh_dport;
Type: fix
Change-Id: Ifc99c7286ea3fac463096152267033ac0518c230
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Reviewed-by: Tianyu Li <tianyu.li@arm.com>
Jakub Grajciar [Mon, 1 Mar 2021 07:45:17 +0000 (08:45 +0100)]
libmemif: socket filename length 108
Dynamic size array was causing trouble in
strlcpy. LINUX allows for max 108 filename length,
so we can use that to make the array constant size.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I76b1fc41f9d93cfbc9ad11bdca0c96a1fc261e84
Florin Coras [Wed, 3 Mar 2021 16:06:12 +0000 (08:06 -0800)]
udp: allocate rx lock only for non-connected
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib5395a51fbfb2123549f7c96534fa763b4669243
Neale Ranns [Wed, 3 Mar 2021 12:16:09 +0000 (12:16 +0000)]
misc: include debian/quilt packaging directory in .gitignore
Type: style
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I04e859bbba913acf32e14c4460bba45f5cb45ff6
wanghanlin [Tue, 2 Mar 2021 09:18:06 +0000 (17:18 +0800)]
api: fix crash when cf removed
cf may be removed when:
1. linux_epoll_input_inline process two EPOLLIN events, firstly a normal
message, secondly reading 0 bytes because of socket client crash, then
cf removed without clear message added to pending event data vectors
before
2. clib_file_write called
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: I4523e9bb322e98357575925f3113f710d70dd679
Vengada Prasad Govindan [Sun, 28 Feb 2021 14:23:39 +0000 (06:23 -0800)]
nsh: Resolve SA errors in NSH plugin.
Type: fix
Change-Id: Ia923cd9302688496d28d2fd5658718b40b17cc1a
Signed-off-by: Vengada Govindan <venggovi@cisco.com>
Steven Luong [Mon, 1 Mar 2021 23:42:00 +0000 (15:42 -0800)]
dhcp: calls to vnet_feature_enable_disable needs to be protected
dhcp is makeing calls to vnet_feature_enable_disable without barrier sync
protection. This can cause data contention with the worker threads. Wrap
all calls to vnet_feature_enable_disable with barrier sync and barrier
release.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I74545b074599273429f47e3e726551156bc11bbc
Ole Troan [Tue, 2 Mar 2021 13:52:22 +0000 (14:52 +0100)]
misc: update john lo email address in maintainers
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ic880de0f895feb6eabaa2b4f9f19ccefc048d444
Filip Tehlar [Fri, 19 Feb 2021 05:09:31 +0000 (05:09 +0000)]
ikev2: fix auth
Old auth data is needed when generating new one.
Type: fix
Change-Id: I15c62346dbb7ece8facdc7a05f30afd1a15a5648
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Benoît Ganne [Fri, 26 Feb 2021 13:46:58 +0000 (14:46 +0100)]
classify: fix crash if no pcap filter has been configured
If no pcap filters have ever been configured and we try to enable pcap
capture with a filter, cm->classify_table_index_by_sw_if_index is not
initialized yet.
Type: fix
Change-Id: I2f509c58f9984951b1ad81c1c8ed912cb594fce1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Fri, 19 Feb 2021 15:39:13 +0000 (16:39 +0100)]
classify: fix multiple filters support
This fix the classify filter if we attach several different filters.
This also fix some issues with l3 and l4 parsing.
Type: fix
Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Klement Sekera [Mon, 1 Mar 2021 19:26:00 +0000 (20:26 +0100)]
nat: avoid crash if plugin not enabled
Avoid crash if nat pool not allocated when issuing "show nat44 summary".
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I55661cf699bab04f4673e9d471fe12486e972067
Klement Sekera [Thu, 25 Feb 2021 15:47:23 +0000 (16:47 +0100)]
nat: pick outside addr based on local addr
Use outside addresses more evenly by using local address to pick from
pool of addresses. This ensures stability from POV of remote host -
an internal host always gets translated using the same outside address,
so it doesn't appear to be "hopping". Also, this avoids all hosts
being translated using the first address, which helps avoid needless
recaptchas and the like.
Exact assignment depends on internal ordering of addresses - local address
is used to pick an offset into internal vector. If that address cannot be
used, a linear search is performed as a fallback mechanism to find a possible
translation.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I7ccb1da1dda5537f5d30d2f4cb48024f4b51c1a4
Florin Coras [Sat, 27 Feb 2021 03:19:11 +0000 (19:19 -0800)]
session svm: segment manager and fifo segment leaks
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4e00dd7f8ce1e56092dde9a073decae62d5475de
Benoît Ganne [Fri, 26 Feb 2021 12:30:32 +0000 (13:30 +0100)]
vlib: fix clear trace buffer race condition
Type: fix
Change-Id: I2384e052bee91a275c3b97a00542819b1d646c88
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Fri, 26 Feb 2021 21:24:47 +0000 (13:24 -0800)]
vppinfra: mem leak in show memory main-heap
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I23d1dda86c781ac077dbee7cb0e1ddeaa328c660
Florin Coras [Thu, 3 Dec 2020 05:14:56 +0000 (21:14 -0800)]
udp: avoid locking connected udp sessions on rx
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I52aa2322980b51cfc0b282fb37d7f63d30777dee
Nathan Skrzypczak [Fri, 26 Feb 2021 13:32:55 +0000 (14:32 +0100)]
cnat: coverity fix
Type: fix
Change-Id: I9d562abc8d8f59cfe73ddd4c03a25085f6ad1f84
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Mohsin Kazmi [Tue, 23 Feb 2021 11:46:14 +0000 (12:46 +0100)]
virtio: place the event fds on worker threads for pci device
Type: improvement
Change-Id: I8322bca1a9aa75c97c0fe2ff24b2f65fc43242ce
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Florin Coras [Thu, 25 Feb 2021 17:57:04 +0000 (09:57 -0800)]
svm: fix shared hdr migration
Avoid changing the header on attach as it may be in use. Instead, as for
chunks, allocate header to be collected on detach.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib316ecb5d61ae161032869b6f6a1863f1105a1d9
Klement Sekera [Wed, 17 Feb 2021 17:48:35 +0000 (18:48 +0100)]
nat: optimize flow matching in ED NAT
This saves 6 clocks in nat44-ed-in2out node. (112->106 per packet)
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I48e757e7f4b6b0d250a432a4659fe6955fc52a07
Filip Varga [Fri, 26 Feb 2021 08:31:21 +0000 (09:31 +0100)]
nat: NAT44ED fail if using old plugin option
Fail if obsolete flag is used.
Type: fix
Change-Id: Id7000de9c82fa2c22692104b2fc1d463e5961f39
Signed-off-by: Filip Varga <fivarga@cisco.com>
Nathan Skrzypczak [Mon, 15 Feb 2021 13:57:45 +0000 (14:57 +0100)]
interface: Fix rxq deletion
Type: fix
Change-Id: Ie89663de42ec94823b32aa1edf94f2c03df06627
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Mon, 15 Feb 2021 13:48:33 +0000 (14:48 +0100)]
interface: fix sh int rx
Type: fix
Change-Id: Iebe2db66af1e769486a117d6284375ce5ffff0b4
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Neale Ranns [Thu, 25 Feb 2021 16:01:28 +0000 (16:01 +0000)]
ipsec: move the IPSec SA pool out of ipsec_main
Type: refactor
this allows the ipsec_sa_get funtion to be moved from ipsec.h to
ipsec_sa.h where it belongs.
Also use ipsec_sa_get throughout the code base.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I2dce726c4f7052b5507dd8dcfead0ed5604357df
Nathan Skrzypczak [Thu, 25 Feb 2021 11:06:11 +0000 (12:06 +0100)]
cnat: add input feature node
This allows to configure nat on a per-interface basis. Special care must
be taken to ensure the configuration remains consistent.
Type: feature
Change-Id: I352b2dce182e09d30813ce958333bb1ff37d9b4e
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Thu, 25 Feb 2021 10:14:53 +0000 (11:14 +0100)]
cnat: Add maglev support
* Backend choice in translations is controlled
by lb_type switch allowing to enable Maglev.
* Size of pool is set with cnat { maglev-len 1009 }
Type: feature
Change-Id: I956e19d70bc9f3b997b4f8042831164e4b559d17
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Thu, 25 Feb 2021 10:01:41 +0000 (11:01 +0100)]
cnat: fixes & prepare maglev
Notable changes:
- ip[46]-cnat-snat is renamed to cnat-snat-ip[46]
- indent fixes
- common trace primitives
- bihash is now 40_56 with alias
Type: refactor
Change-Id: I0a82cfe3b40efd96473e51061d7135ffe412ddfc
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Piotr Bronowski [Fri, 26 Feb 2021 00:26:42 +0000 (01:26 +0100)]
crypto: fix coverity issue 218445
Fixes coverity issue CID 218445 (#1 of 1): Logically dead code
(DEADCODE) dead_error_line: Execution cannot reach this statement:
return 4294967295U;.
Type: fix
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: Ibf8ee0458320d20c3adca2efa2a4bfad7c190dbe
Tetsuya Murakami [Thu, 25 Feb 2021 18:47:58 +0000 (10:47 -0800)]
sr: Fix the coverity issue on srv6-mobile plugin
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I55e6d7dd193f83f70d27e27fe2e383939d677ef1
Neale Ranns [Thu, 25 Feb 2021 10:05:32 +0000 (10:05 +0000)]
tests: Add tests for IPSec async mode using the crypto SW scheduler
Type: test
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Iabc8f2b09ee10a82aacebd36acfe8648cf69b7d7