Andrew Yourtchenko [Wed, 25 Oct 2017 12:50:37 +0000 (05:50 -0700)]
 
L3 proxy FIB source for container networking
Change-Id: I4164c4c19c8dbfd73e6ddf94a12056325cc093b9
Signed-off-by: Neale Ranns <[email protected]>
Signed-off-by: Andrew Yourtchenko <[email protected]>
Matus Fabian [Tue, 24 Oct 2017 11:13:49 +0000 (04:13 -0700)]
 
One armed NAT (VPP-1035)
Use a single physical interface in order to accomplish NAT44/NAT64.
Change-Id: I0c8138953a7a4075df306172e125abad771315e4
Signed-off-by: Matus Fabian <[email protected]>
Steven [Tue, 24 Oct 2017 23:03:58 +0000 (16:03 -0700)]
 
VCL/LDPRELOAD: Add support for getsockopt, sendto, and recvfrom
Add support for getsockopt, sendto, and recvfrom. Not all options
for the system calls are supported yet. Only the options used by
curl and wget are supported for now.
Change-Id: I2e0ed7349a0273616b3831c201e7c117725ca287
Signed-off-by: Steven <[email protected]>
Dave Wallace [Wed, 25 Oct 2017 00:47:45 +0000 (20:47 -0400)]
 
VCL-LDPRELOAD: Fix coverity warnings.
- CID 178225: Constant expression result
- CID 178220: Logically dead code
- CID 178222: Logically dead code
- CID 178227: Logically dead code
- CID 178223: Same on both sides
- CID 178226: Same on both sides
Change-Id: Ie0c80edb41390cf2308e54938be85d865e292138
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Tue, 24 Oct 2017 08:12:18 +0000 (04:12 -0400)]
 
VCL-LDPRELOAD: statically link vppcom into libvcl-ldpreload.so
- Move VCL & VCL-LDPRELOAD source into src/vcl
- Statically link vppcom into libvcl-ldpreload.so
Change-Id: I778300b37e8b06640d9dbc01caf297edf7a6edb7
Signed-off-by: Dave Wallace <[email protected]>
Neale Ranns [Tue, 24 Oct 2017 14:55:53 +0000 (07:55 -0700)]
 
Update L2 header offset after VLAN tag rewrite
Change-Id: I5c1df59bce7c9654101672a12981e5bd62e9adc4
Signed-off-by: Neale Ranns <[email protected]>
Gabriel Ganne [Tue, 24 Oct 2017 13:18:57 +0000 (15:18 +0200)]
 
fix test_lb_ip4_gre6() cleanup
missing "del" keyword, and as a result, we were trying to add the as
twice.
Change-Id: If78ce03f0c71591c05ff6f4748fd9c929d0f861f
Signed-off-by: Gabriel Ganne <[email protected]>
Dave Wallace [Tue, 24 Oct 2017 05:32:41 +0000 (01:32 -0400)]
 
Add extern to *_main global variable declarations in header files.
- Global variables declared in header files without
  the use of the 'extern' keword will result in multiple
  instances of the variable to be created by the compiler
  -- one for each different source file in which the
  the header file is included.  This results in wasted
  memory allocated in the BSS segments as well as
  potentially introducing bugs in the application.
Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc
Signed-off-by: Dave Wallace <[email protected]>
Jakub Grajciar [Fri, 20 Oct 2017 11:37:28 +0000 (13:37 +0200)]
 
af_packet: invalid TCP/UDP offload checksum on RX node recalculation
Change-Id: I1075e5d2a1b6dfe3a443b40b41b8458a30505680
Signed-off-by: Jakub Grajciar <[email protected]>
Signed-off-by: [email protected] <[email protected]>
Eyal Bari [Thu, 19 Oct 2017 12:27:51 +0000 (15:27 +0300)]
 
VXLAN:small refactor to vxlan input
Change-Id: I2e7e08e1de20ab57e3f899b080b90a3082219ae5
Signed-off-by: Eyal Bari <[email protected]>
Gabriel Ganne [Thu, 19 Oct 2017 07:54:46 +0000 (09:54 +0200)]
 
test bfd - DPO_PROTO_IP6 is part of DpoProto
Change-Id: I63d336a1ba366a60a2a8f1124e3f37f742cccb65
Signed-off-by: Gabriel Ganne <[email protected]>
Keith Burns (alagalah) [Fri, 20 Oct 2017 20:55:18 +0000 (13:55 -0700)]
 
Thread_index for thread0 in vlib_global_main not initialised
Change-Id: Ie49ee865b197e8fe7bba170c115a4ccbf1013e5f
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Dave Wallace [Fri, 20 Oct 2017 17:23:40 +0000 (13:23 -0400)]
 
VCL: Fix converity warning CID 177864
Change-Id: Id8578321381d14f9de827767ef0acf627f1535e4
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Fri, 20 Oct 2017 16:30:38 +0000 (12:30 -0400)]
 
VCL-LDPRELOAD: Refactor vcom_socket* and fix crash in vppcom_select
- filter verbose debug output with VCOM_DEBUG > 2
- clean up nomenclature, renaming vppcom_*() functions to
  vcom_session_*()
- fix vppcom_select crash with NULL maps.
Change-Id: I6e416a096d6fd800aa26991c2439e24e8fc38cc5
Signed-off-by: Dave Wallace <[email protected]>
Dave Barach [Fri, 20 Oct 2017 13:21:35 +0000 (09:21 -0400)]
 
Add reverse DNS (ip to name) resolution
Change-Id: Ic531d820b1846ff7363e5c396ac0b1176e87b401
Signed-off-by: Dave Barach <[email protected]>
Gabriel Ganne [Thu, 19 Oct 2017 13:10:46 +0000 (15:10 +0200)]
 
null-terminate some formatted string
Any u8* variable created by format() is NOT null-terminated.
Add the null terminating byte with vec_terminate_c_string().
If that variable is used by (at least) hash_get_mem(), then it needs to
be null-terminated, as it will go through string_key_sum() which makes a
call to strlen.
Change-Id: I4e51e1b6668f557e53af3bb897cd281598eedbc0
Signed-off-by: Gabriel Ganne <[email protected]>
Klement Sekera [Wed, 8 Mar 2017 04:21:24 +0000 (05:21 +0100)]
 
add cuckoo hash
Change-Id: I78215041588014e9e5c3599c60471ced610735bb
Signed-off-by: Klement Sekera <[email protected]>
shrinivasan ganapathy [Sun, 15 Oct 2017 22:46:09 +0000 (15:46 -0700)]
 
LD_PRELOAD poll implementation
- add poll implementation
- implementation based on vppcom_poll
- implementation based on vppcom_select
- currently vppcom_select implementation is picked
Change-Id: If6c2862ae72e9969335aca5b8085957c98287dc0
Signed-off-by: shrinivasan ganapathy <[email protected]>
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Thu, 19 Oct 2017 07:53:57 +0000 (03:53 -0400)]
 
VCL: cleanup misc. issues in vppcom
- Fix vppcom_select crash when n_bits == 0
- Enhance debug output
- Remove port byte-swapping during accept
Change-Id: I6ccd1040ceb82908d924220f558df803ab5eea30
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Thu, 19 Oct 2017 07:47:42 +0000 (03:47 -0400)]
 
vcl-ldpreload: test script enhancements
Change-Id: Iff302a35cd5d35bf0671a63e8ba81a0c60a231eb
Signed-off-by: Dave Wallace <[email protected]>
Klement Sekera [Tue, 17 Oct 2017 05:59:31 +0000 (07:59 +0200)]
 
make test: control sanity via SANITY=yes|no option
Allow skipping sanity when using DEBUG=gdb/gdbserver options to speed
up development process by supplying SANITY=no option to make test.
Change-Id: I6e619229f6866b22bdeb75654b4e750232ae22bd
Signed-off-by: Klement Sekera <[email protected]>
Marco Varlese [Thu, 19 Oct 2017 06:42:02 +0000 (08:42 +0200)]
 
Add GENEVE tunnel maintainer.
Change-Id: I30bbba4119accee2c157fb5b8202da3c87c59805
Signed-off-by: Marco Varlese <[email protected]>
Marek Gradzki [Fri, 13 Oct 2017 08:22:59 +0000 (10:22 +0200)]
 
Remove unused 'not_last' parameter from ip_add_del_route
Vat supports setting value for the parameter, but
'not_last' is ignored by ip_add_del_route handler,
so can be removed.
This patch
- updates ip.api,
- removes vat handlers
- updates vpp_papi_provider.py
  (also mpls_route_add_del with unused not_last)
Change-Id: Ife15de123db4bc8247103a29b90bce1988e46534
Signed-off-by: Marek Gradzki <[email protected]>
Dave Barach [Wed, 18 Oct 2017 22:48:11 +0000 (18:48 -0400)]
 
VPP-1024: rewrite buffer trajectory tracer
Use a proper u16 * vector to capture node indices, since vpp w/
plugins now exceeds 255 graph nodes
Change-Id: Ic48cad676fa3a6116413ddf08c083dd9660783f1
Signed-off-by: Dave Barach <[email protected]>
Dave Wallace [Thu, 19 Oct 2017 01:15:48 +0000 (21:15 -0400)]
 
VCL-LDPRELOAD: fix iperf3 socket_test.sh
Change-Id: Ib6b52917af717d3341429163fb9ecc903cf717fb
Signed-off-by: Dave Wallace <[email protected]>
Eyal Bari [Mon, 16 Oct 2017 10:38:21 +0000 (13:38 +0300)]
 
TEST,SPAN:add broadcast+QiniQ tests
Change-Id: I89c6923370af97bbd09db81a33b6d17f9424a049
Signed-off-by: Eyal Bari <[email protected]>
Filip Tehlar [Wed, 18 Oct 2017 14:10:25 +0000 (07:10 -0700)]
 
LISP: fix crash when sending NSH map-request message, ONE-32
Change-Id: Ief8c3d3bec116e9f884981fb52af528f98b5f6ff
Signed-off-by: Filip Tehlar <[email protected]>
Pierre Pfister [Wed, 27 Sep 2017 14:17:31 +0000 (16:17 +0200)]
 
Plugin for IP-Address to Interface Punting
This plugin provides per-ip address to interface punting.
When at least one rule is defined, the plugin receives all packets
which destination is one of VPP's address but which was not processed
by VPP (e.g., a TCP packet on a port that is not open, or a packet
for a protocol which is not attached).
Based on the set of configured rules, the destination address of each
packet is used to send the packet on the associated interface.
This plugin allows multiple containers to use
VPP's TCP stack (or other features provided by VPP) while still
being able to receive additional packets.
Change-Id: I3e69bb7d98183bf5163cb9ecb564cb482de252ce
Signed-off-by: Pierre Pfister <[email protected]>
Dave Barach [Wed, 18 Oct 2017 14:54:12 +0000 (10:54 -0400)]
 
VPP-930: add missing ntohl to send_ip6_fib_details(...)
Change-Id: I0c1671f3eaf2dad084e3ac9fb124c9ed78273f50
Signed-off-by: Dave Barach <[email protected]>
Andrew Yourtchenko [Wed, 18 Oct 2017 10:21:34 +0000 (12:21 +0200)]
 
ipsec: use boolean or vs. bitwise or to avoid compiler error
Ubuntu 17.04, gcc version 6.3.0 
20170406 (Ubuntu 6.3.0-12ubuntu2),
"make build" fails with the few of the errors below:
error: suggest parentheses around comparison in operand of ‘|’
[-Werror=parentheses]
        is_aead = (sa0->crypto_alg == IPSEC_CRYPTO_ALG_AES_GCM_128 |
Solution: use the logical rather than the bitwise or.
Change-Id: Iffcc1ed2e68b14b248159cb117593d32c623c553
Signed-off-by: Andrew Yourtchenko <[email protected]>
Dave Barach [Tue, 17 Oct 2017 15:48:29 +0000 (11:48 -0400)]
 
CSIT-844: fix binary api rx pthread heap push/pop
We need to push/pop the rx pthread's heap without affecting other
thread(s).
Search clib_per_cpu_mheaps, locate an unused slot. Duplicate the main
thread heap pointer in that slot, and set __os_thread_index
appropriately.
Miscellaneous cleanups. Print exec_inband results as a vector, instead
of as a format string. Don't bail out of vpp_api_test with results
pending, e.g. at the end of a vpp_api_test script. Even though vpp
will eventuallly garbage-collect them, We don't want to leave
allocated reply messages lurking in the api message allocation
rings...
Change-Id: I0e8a25d1ff0d3700249dc330d079db16c2fcbc55
Signed-off-by: Dave Barach <[email protected]>
Dave Wallace [Tue, 17 Oct 2017 20:19:41 +0000 (16:19 -0400)]
 
session: fix connect corner case crash.
Change-Id: I54ced42749432335183ee3085a9ccc5f95a87ae9
Signed-off-by: Dave Wallace <[email protected]>
Dave Barach [Tue, 17 Oct 2017 17:13:42 +0000 (13:13 -0400)]
 
VPP-1032: fix coverity warnings
Change-Id: Ic3a0c51e5408921051deaf2e50372d9654574b27
Signed-off-by: Dave Barach <[email protected]>
John DeNisco [Tue, 17 Oct 2017 15:07:22 +0000 (11:07 -0400)]
 
Initial commit for phase 2, Add some simple validation.
Change-Id: I5b1d5600cdef4b05cc7c2f1cddb60aed2cc49ac2
Signed-off-by: John DeNisco <[email protected]>
Eyal Bari [Sun, 15 Oct 2017 13:55:11 +0000 (16:55 +0300)]
 
TEST,SPAN: add rx+tx span test
also refactored verify function
Change-Id: Ib93c99c833dd7c75e416374530c631f954957d98
Signed-off-by: Eyal Bari <[email protected]>
Dave Wallace [Tue, 17 Oct 2017 08:00:50 +0000 (04:00 -0400)]
 
VCL_LDPRELOAD: Add unit test scripts.
Change-Id: I5fbb3339a6dbd7b40fecf66bfda3fd3249b4a90c
Signed-off-by: Dave Wallace <[email protected]>
Dave Wallace [Mon, 16 Oct 2017 20:44:37 +0000 (16:44 -0400)]
 
VCL: refactor VCL_LDPRELOAD env vars.
- Update vcl-ldpreload references to use $WS_ROOT.
Change-Id: I8e79f7c5e330eda6548a2baf84613b0a4d360811
Signed-off-by: Dave Wallace <[email protected]>
Marco Varlese [Tue, 17 Oct 2017 08:33:07 +0000 (10:33 +0200)]
 
Add API versioning to GENEVE tunnel implementation.
Change-Id: I5974e5545d74af53c27938c8cdbae12745c38a54
Signed-off-by: Marco Varlese <[email protected]>
Florin Coras [Sun, 15 Oct 2017 01:56:41 +0000 (18:56 -0700)]
 
session: return local transport endpoint in connect reply
Change-Id: I7794d5a0774017da4c1c15f45783a18754994ac8
Signed-off-by: Florin Coras <[email protected]>
Jan Gelety [Tue, 17 Oct 2017 07:22:54 +0000 (09:22 +0200)]
 
Update CSIT tests 171002 -> 171017
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: Ib098170bbcdbbb01c25ef197d9181cfd826d2854
Signed-off-by: Jan Gelety <[email protected]>
Florin Coras [Tue, 17 Oct 2017 03:47:56 +0000 (20:47 -0700)]
 
session: fix build when debugging is on
Change-Id: I193832a0cd0557fffc034a1223f67fa64a4d45ae
Signed-off-by: Florin Coras <[email protected]>
Florin Coras [Mon, 2 Oct 2017 07:18:51 +0000 (00:18 -0700)]
 
udp: refactor udp code
Change-Id: I44d5c9df7c49b8d4d5677c6d319033b2da3e6b80
Signed-off-by: Florin Coras <[email protected]>
Dave Barach [Mon, 16 Oct 2017 18:39:52 +0000 (14:39 -0400)]
 
DNS name resolver improvements
- Cache intermediate CNAME records
- Bug fixes
Change-Id: I06dcb558212fc5e9434281493c872577cf9b83e1
Signed-off-by: Dave Barach <[email protected]>
Steven [Mon, 16 Oct 2017 18:03:51 +0000 (11:03 -0700)]
 
LDPRELOAD: Remove hack code in getpeername
Now the real implementation of getpeername is there, we
remove the hack version of getpeername in LDPRELOAD.
Change-Id: I8fa2ba93d346f78d04129a87ee17a834cba537da
Signed-off-by: Steven <[email protected]>
Filip Tehlar [Mon, 16 Oct 2017 13:51:11 +0000 (06:51 -0700)]
 
LISP: fix map-request counters, ONE-25
Change-Id: I198f58a84c4692408f9205052af24ee22df7aeaa
Signed-off-by: Filip Tehlar <[email protected]>
Marek Gradzki [Mon, 16 Oct 2017 10:33:12 +0000 (12:33 +0200)]
 
jvpp: stop plugin intialization on first mismatch
Java bindings use get_message_id from jvpp-common
to detect if messages known at compile time
are avaliable at runtime.
In case of missing entry, Java exception is propagated
via JNI using (*env)->ThrowNew.
But this function does not end code execution so,
in order to prevent unexpected behaviour
(e.g. calling vl_msg_api_set_handlers with id == 0),
get_message_id caller should do it manually.
Change-Id: I2edb5013fd3658dcdd77a867b5cdf62e559ee071
Signed-off-by: Marek Gradzki <[email protected]>
Gabriel Ganne [Wed, 11 Oct 2017 12:35:55 +0000 (14:35 +0200)]
 
lb plugin - fix format() type mismatches
* (vip - lbm->vips) is u64; change format from [%u] to [%lu]
* vip->plen is u8, but format looks for u32; add exlicit cast
  (this cast was done implicitely)
On ARM platforms, these prevent a loop in the second call to
format_white_space() which would get an invalid (huge) indent value;
the result *looked like* an infinite loop.
Change-Id: I675ef2f98e4ba3d9e8aef12022d38b1d22981da8
Signed-off-by: Gabriel Ganne <[email protected]>
Steven [Mon, 16 Oct 2017 03:18:47 +0000 (20:18 -0700)]
 
VCL/LDPRELOAD: getpeername and getsockname
Add support for getpeername and getsockname system calls
Change-Id: Ie22787b967bb2a5fead0f5fcffd779e4f39b3302
Signed-off-by: Steven <[email protected]>
Dave Barach [Sun, 15 Oct 2017 21:20:40 +0000 (17:20 -0400)]
 
Fix minor issues in clib_spinlock_unlock()
Change-Id: I20ce799c9dd57332c06003b466ee7c36169bce98
Signed-off-by: Dave Barach <[email protected]>
Florin Coras [Sat, 14 Oct 2017 18:02:37 +0000 (11:02 -0700)]
 
ip: avoid arp assert if out of buffers (VPP-1030)
Change-Id: Ia31b978c6c1619c3e0075a84fcbbb6ccbf1c0076
Signed-off-by: Florin Coras <[email protected]>
Florin Coras [Sun, 15 Oct 2017 17:41:21 +0000 (17:41 +0000)]
 
Revert "Enforce FIB table creation before use"
This reverts commit 
f9342023c19887da656133e2688a90d70383b0c5.
Reverting to unblock master. No idea why jjb +1ed this patch! On closer inspection it looks like it -1ed it and subsequently changed opinion. CSIT tests should be fixed before re-merging.
Change-Id: I26608912a962c52083073e16c7c9d2cc44a3cc8d
Signed-off-by: Florin Coras <[email protected]>
Matus Fabian [Thu, 12 Oct 2017 11:17:45 +0000 (04:17 -0700)]
 
NAT: fix delete of sessions for 1:1 NAT if 1 worker (VPP-1023)
Change-Id: I2446c646de7f227f9438dd7ef93a455ba5af0102
Signed-off-by: Matus Fabian <[email protected]>
Gabriel Ganne [Thu, 12 Oct 2017 08:53:31 +0000 (10:53 +0200)]
 
change format_get_indent() to use u32 instead of uword
This follows commit 
d3c008d108aa2187d1a2afe2833b4de25ca2c2ab by
Christophe Fontaine.
Change-Id: I0c4df40df44be2ac0ab25817fa050a1f619eca4d
Signed-off-by: Gabriel Ganne <[email protected]>
Thomas F Herbert [Mon, 9 Oct 2017 18:50:08 +0000 (14:50 -0400)]
 
Fix bug with temporary directory when building rpms.
Fixes bug introduced in commit 
5349f94d.
JIRA: VPP-1014
Change-Id: Ia18f4c6f5f1124306cce790a36f6de970d186687
Signed-off-by: Thomas F Herbert <[email protected]>
(cherry picked from commit 
8c5bfbcc09f44f3ed2b87b0b5c257fbb7b735f97)
Thomas F Herbert [Mon, 9 Oct 2017 19:03:55 +0000 (15:03 -0400)]
 
Deps added to Makefile must also be in spec file.
Deps are required for Fedora too.
This patch is merged in version stable/17.10.
It should also be merged in master because it
fixes breaking rpm builds in some circumstances.
JIRA: VPP-1015
Cherry-picked from stable/1710
Change-Id: I10807069742cdd6b09a0f34d9d05e9cae4146ec3
Signed-off-by: Thomas F Herbert <[email protected]>
Matthew Smith [Fri, 6 Oct 2017 00:03:05 +0000 (19:03 -0500)]
 
Add API call to set keys on IPsec tunnel intf
There was already a CLI command and a libvnet function
to set the keys on an existing IPsec tunnel interface.
Expose this via the API.
Change-Id: I226a9616f680fc022f04447177a2e8232690657f
Signed-off-by: Matthew Smith <[email protected]>
Neale Ranns [Fri, 13 Oct 2017 12:15:07 +0000 (05:15 -0700)]
 
Source Lookup progammable via API
Change-Id: I5d5d4f22b6369d504455a644f73076d772fbcfb4
Signed-off-by: Neale Ranns <[email protected]>
Steven [Sat, 10 Jun 2017 01:49:17 +0000 (18:49 -0700)]
 
vhost: crash under heavy traffic condition due to memory corruption (VPP-1016)
With heavy traffic, tx code path may crash due to memory corruption
Thread 5 "vpp_wk_2" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fff3995c700 (LWP 2505)]
0x00007ffff73675e8 in vhost_user_if_input (vm=0x7fffb5f5bf9c,
    vum=0x7ffff7882a40 <vhost_user_main>, vui=0x7fffb65570c4, qid=0,
    node=0x7fffb6577dac, mode=VNET_HW_INTERFACE_RX_MODE_POLLING)
    at /home/sluong/vpp-master/vpp/build-data/../src/vnet/devices/virtio/vhost-user.c:1610
1610		  bi_current = (vum->cpus[thread_index].rx_buffers)
	                       [vum->cpus[thread_index].rx_buffers_len];
(gdb) p vum->cpus[thread_index].rx_buffers_len
$2 = 
793212607
(gdb)
Apparently, some code accidentally wrote the bad value in rx_buffers_len.
rx_buffers_len should never be greater than 1024 since that is how many buffers
we request each time.
After debugging many hours, I discovered that the memory corruption happens
in the tx code path right here on line 2176.
	  {
	    vhost_copy_t *cpy = &vum->cpus[thread_index].copy[copy_len];
	    copy_len++;
	    cpy->len = bytes_left;
	    cpy->len = (cpy->len > buffer_len) ? buffer_len : cpy->len;
	    cpy->dst = buffer_map_addr;
	    cpy->src = (uword) vlib_buffer_get_current (current_b0) +
	      current_b0->current_length - bytes_left;
(gdb) p cpy
$3 = (vhost_copy_t *) 0x7fffb554077c
(gdb) p copy_len
$4 = 1025
(gdb) p &vum->cpus[3].rx_buffers_len
$8 = (u32 *) 0x7fffb5540784
copy_len is picking up the index entry 1024 before it was incremented. copy array has only
1024 members (0 - 1023 are valid).
The assignment here in cpy surely causes memory corruption. It is only discovered later
when the memory location that it corrupted is used.
The condition for the crash is to transmit jumbo frames under heavy volume. Since ring
size is 1024, with one packet taking up one index for frame size (less 2048), it does
not cause overflow. With jumbo frames, it requires multiple indices for one packet,
it can cause the overflow under heavy traffic.
The fix is to do copy out when we have 1000 entries in the array to avoid
overflow.
Change-Id: Iefbc739b8e80470f1cf13123113f8331ffcd0eb2
Signed-off-by: Steven <[email protected]>
Georgina Sheehan [Thu, 12 Oct 2017 11:13:59 +0000 (12:13 +0100)]
 
plugins/dpdk: align memory to avoid potential segfault and false sharing
Made Update to src/plugins/dpdk/buffer.c
Change-Id: I87bb8f38974a7be274c1b1d205f5513e7d068e48
Signed-off-by: Georgina <[email protected]>
Brian Brooks [Fri, 22 Sep 2017 17:26:34 +0000 (12:26 -0500)]
 
Use AESNI=y only on x86_64 machines
This fixes the native build on arm64 machines.
Change-Id: I89bff01beedb4c8e26ac55fab2dd1ed39754bf26
Signed-off-by: Brian Brooks <[email protected]>
Reviewed-by: Ola Liljedahl <[email protected]>
Dave Barach [Fri, 13 Oct 2017 23:16:56 +0000 (19:16 -0400)]
 
VPP-1029: Don't call clib_longjmp(...) directly from the SIGTERM handler
It's way too easy to imagine leaving a mutex or a spin-lock held in
the /vpe-api shared-memory segment, or elsewhere. Set a volatile
variable and check it in a safe place...
Change-Id: I9d91c38cffeb921143c272162d055c9c24a6c312
Signed-off-by: Dave Barach <[email protected]>
Neale Ranns [Fri, 13 Oct 2017 09:43:33 +0000 (02:43 -0700)]
 
Enforce FIB table creation before use
last i the serise of the use of the FIB table create/delete API. VPP now forces the tables to have been explicitly creted before they are used.
Change-Id: Ifde3b1bbb76697a01ab71bce4f5264e6d1725467
Signed-off-by: Neale Ranns <[email protected]>
Steve Shin [Fri, 13 Oct 2017 20:13:02 +0000 (13:13 -0700)]
 
acl-plugin: display "::" for INADDR6_ANY on ACL output
INADDR6_ANY should be displayed as "::" instead of "0.0.0.0"(ipv4 format).
Change-Id: I24ec7b6febbfeca5db7ff894f455ecb73d954334
Signed-off-by: Steve Shin <[email protected]>
Steven [Fri, 13 Oct 2017 19:52:28 +0000 (12:52 -0700)]
 
LDPRELOAD: Add TCP_KEEPIDLE, TCP_KEEPINTVL, and SO_KEEPALIVE
Implement the subject setsockopt by passing them to VCL
Change-Id: Ida5136cb3a51d2bf30080e8c4af4239681ed2184
Signed-off-by: Steven <[email protected]>
Dave Barach [Tue, 10 Oct 2017 21:53:14 +0000 (17:53 -0400)]
 
VPP-1027: DNS name resolver
This patch is a plausible first-cut, suitable for initial testing by
vcl (host stack client library).
Main features;
- recursive name resolution
- multiple ip4/ip6 name servers
- cache size limit enforcement
  - currently limited to 65K
- ttl / aging
- static mapping support
- show / clear / debug CLI commands
Binary APIs provided for the following:
- add/delete name servers
- enable/disable the name cache
- resolve a name
To Do list:
- Respond to ip4/ip6 client DNS requests (vs. binary API requests)
- Perf / scale tuning
  - map pending transaction ids to pool indices, so the cache
    can (greatly) exceed 65K entries
- Security improvements
  - Use unpredictable dns transaction IDs, related to previous item
  - Make sure that response-packet src ip addresses match the server
- Add binary APIs
  - deliver raw response data to clients
  - control recursive name resolution
- Documentation
Change-Id: I48c373d5c05d7108ccd814d4055caf8c75ca10b7
Signed-off-by: Dave Barach <[email protected]>
Andrew Yourtchenko [Fri, 13 Oct 2017 10:15:34 +0000 (12:15 +0200)]
 
acl-plugin: split the "show" commands and add an option to show ACLs by interface
From the troubleshooting perspective, it is nice to immediately know
the ACEs for the ACLs applied to an interface, so implement that.
To make the CLI more friendly, split each of the "show" variants
into an independent _cmd function with the distinct CLI path.
Change-Id: I519e4799083c04e8f0fcdf3e262a73493be4b690
Signed-off-by: Andrew Yourtchenko <[email protected]>
Steven [Fri, 13 Oct 2017 00:10:33 +0000 (17:10 -0700)]
 
LDPRELOAD: Add ioctl, fcntl, and setsockopt support
Add support for the following system calls:
ioctl (FIONREAD)
fcntl (F_GETFL)
fcntl (F_SETFL)
setsockopt (SOL_IPV6, IPV6_V6ONLY)
setsockopt (SOL_TCP, TCP_NODELAY)
setsockopt (SOL_SOCKET, SO_REUSEADDR)
setsockopt (SOL_SOCKET, SO_BROADCAST)
This patch supersedes https://gerrit.fd.io/r/#/c/8765/
Change-Id: I5d5309d9f43d93a990b389d8cb667631de1903fe
Signed-off-by: Steven <[email protected]>
Steven [Fri, 13 Oct 2017 03:42:21 +0000 (20:42 -0700)]
 
VCL: Add SET_KEEPALIVE, SET_TCP_KEEPIDLE, and SET_TCP_KEEPINTVL
Add the subject enums to unblock LDPRELOAD. Just the enums,
no real implementation yet.
Change-Id: Ia3ec576c2779ee20956a37f0adebc06f16d1fe7f
Signed-off-by: Steven <[email protected]>
Sergio Gonzalez Monroy [Thu, 12 Oct 2017 10:43:41 +0000 (11:43 +0100)]
 
dpdk/ipsec: coverity fixes
Change-Id: Ica3bc74ffbb1c0df4e198b0abff8df10cdeb2182
Signed-off-by: Sergio Gonzalez Monroy <[email protected]>
Milan Lenco [Thu, 12 Oct 2017 12:19:31 +0000 (14:19 +0200)]
 
libmemif: Add memif_cancel_poll_event() + bug fixing.
Change-Id: I27d6bf93216f1f639f01fad730506afdc7115e46
Signed-off-by: Milan Lenco <[email protected]>
Marco Varlese [Tue, 10 Oct 2017 14:43:14 +0000 (16:43 +0200)]
 
Remove libsubunit 'dependency' for openSUSE and fix NASM
This patch addresses the unrequired dependency on libsubunit for
opensuse; it also adds the required new dependency on check (add
check-devel to the top-level Makefile).
It adds some extra logic to install the correct NASM version to support
AESNI.
Change-Id: Ie368dd8f8485a67ab125e735fd12cbe25b9b588f
Signed-off-by: Marco Varlese <[email protected]>
Steve Shin [Wed, 11 Oct 2017 20:55:16 +0000 (13:55 -0700)]
 
LLDP: Add Management Address TLV
- Management Address TLV is added as per IEEE Std 802.1AB-2009.
- Support of management ipv4/ipv6 addresses and OID.
Change-Id: I57c14741774390809ce5a829cc087947424432c7
Signed-off-by: Steve Shin <[email protected]>
Marco Varlese [Tue, 10 Oct 2017 10:23:03 +0000 (12:23 +0200)]
 
Add support for packaging SUSE RPMs.
This patch adds a new spec file for SUSE distribution and modifies the
Makefile to learn which platform is building the RPMs for.
Change-Id: Ic8ee0ddf978042cc1785ebc28bd1a6c9faf9bb74
Signed-off-by: Marco Varlese <[email protected]>
Florin Coras [Wed, 11 Oct 2017 08:43:15 +0000 (01:43 -0700)]
 
tcp: do not format sb if not established (VPP-1018)
Change-Id: I011dda118f37cb31a37dda270027612d0af57ca0
Signed-off-by: Florin Coras <[email protected]>
(cherry picked from commit 
87f141172212b7568f519653ab32ebd1b5d34344)
Steven [Wed, 11 Oct 2017 16:59:30 +0000 (09:59 -0700)]
 
VCL: Add REUSEADDR, BROADCAST, and V6ONLY to vppcom_session_attr API
1. Add the subject enum type
2. Fix a typo for the clib_warning
Change-Id: I59f6d15d51c66b96022d51592d65c41755c1582a
Signed-off-by: Steven <[email protected]>
Keith Burns (alagalah) [Mon, 9 Oct 2017 15:52:59 +0000 (08:52 -0700)]
 
Initial push of vcl-ldpreload to extras
- fix checkstyle
Change-Id: I4317757258ed6a65b8fae1377f17db39375282ac
Signed-off-by: Keith Burns (alagalah) <[email protected]>
Signed-off-by: shrinivasan ganapathy <[email protected]>
Damjan Marion [Wed, 11 Oct 2017 12:15:47 +0000 (14:15 +0200)]
 
Revert "VPP-1001 - update AF Packet Driver to for modern kernels"
Issues observed with specific kernel versions, e.g. stock Ubuntu 16.04
kernel.
This reverts commit 
3eab064e3fadaf2a6a128f167ad04ca0319b4e17.
Change-Id: I24241f3b580df749fc686af3a319011ca035fb5e
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Tue, 10 Oct 2017 17:01:06 +0000 (19:01 +0200)]
 
test: retry 3 times if test fails during verify
Change-Id: Ib1cb7f09c444f3667904eade935eb220f327b6fe
Signed-off-by: Damjan Marion <[email protected]>
John DeNisco [Wed, 27 Sep 2017 20:35:23 +0000 (16:35 -0400)]
 
Redhat and small system support
Initial 17.10 commit
Final 17.07 cleanup, 17.10 next
Added CentOS grub support, this should complete the CentOS support
Added Centos install/unistall
Added TCP parameters.
Change-Id: I064e3a4118969ac36e62924a6a3f8a98f132ba60
Signed-off-by: John DeNisco <[email protected]>
Signed-off-by: Dave Barach <[email protected]>
Dave Wallace [Mon, 9 Oct 2017 05:43:42 +0000 (01:43 -0400)]
 
Add VCL session get/set attributes api function.
Change-Id: I72b0c063e89bf8299699dafec2a7e0395b86c8b9
Signed-off-by: Dave Wallace <[email protected]>
Florin Coras [Mon, 2 Oct 2017 07:18:51 +0000 (00:18 -0700)]
 
session: add support for application namespacing
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <[email protected]>
Damjan Marion [Tue, 10 Oct 2017 16:18:07 +0000 (18:18 +0200)]
 
dpdk: fix mempool size calculation
Change-Id: I5b48310c46ca8a2143b2132110240d7e9a52c25d
Signed-off-by: Damjan Marion <[email protected]>
Klement Sekera [Thu, 5 Oct 2017 08:26:03 +0000 (10:26 +0200)]
 
make test: add RETRIES option
Change-Id: Ibe31e932bc997f0101a8947e01df90a90d1f100f
Signed-off-by: Klement Sekera <[email protected]>
Matej Perina [Mon, 11 Sep 2017 08:11:51 +0000 (10:11 +0200)]
 
jvpp: adding callbacks for all messages (VPP-914)
1) In the previous version callbacks were generated based on
request-replay naming conventions. It turned out they were too
strict in case of events (e.g. BFD sends Details messages as
notifications). So now we generate callback for all messages,
allowing to receive any message as notification.(callback_gen.py)
2) "notification" suffix is no longer added because all messages
are treated same (dto_gen.py, jvpp_c_gen_.py)
3) name of property that holds notification/events changed in callback
facade and future apis
4) JVppNotification.java is no longer used since all events are treated
equally
Change-Id: I13f6438affc3473040d63cd4acb3984d03e97482
Signed-off-by: Matej <[email protected]>
Neale Ranns [Mon, 31 Jul 2017 09:30:50 +0000 (02:30 -0700)]
 
punt and drop features:
 - new IPv4 and IPv6 feature arcs on the punt and drop nodes
 - new features:
   - redirect punted traffic to an interface and nexthop
   - police punted traffic.
Change-Id: I53be8bf4e06545add8a3619e462de5ffedd0a95c
Signed-off-by: Neale Ranns <[email protected]>
Steve Shin [Mon, 9 Oct 2017 22:04:56 +0000 (15:04 -0700)]
 
dpdk: patch to support bonded interface for MLX NIC
At present, creating bonding devices using --vdev is broken for PMD like
mlx5 as it is neither UIO nor VFIO based and hence PMD driver is unknown
to find_port_id_by_pci_addr().
This DPDK patch fixes parsing PCI ID from bonding device params by verifying
it in RTE PCI bus, rather than checking dev->kdrv.
Change-Id: If575f63ef31733102566610d769ddd212d74736a
Signed-off-by: Steve Shin <[email protected]>
Marco Varlese [Tue, 10 Oct 2017 07:30:33 +0000 (09:30 +0200)]
 
openSUSE packages fix.
Adding the capability for CLANG for various opensuse distros.
Added rpm-build package to build RPMs.
Tiny edit for correct error message.
Change-Id: I96a1e009d1daa44cbf8d0df60fc24091a50688d7
Signed-off-by: Marco Varlese <[email protected]>
Ole Troan [Tue, 10 Oct 2017 06:43:35 +0000 (08:43 +0200)]
 
API versioning: Fix coverity errors from strncpy()
Change-Id: Ife87f9b00f918ff1bb8c91c6f13ebe53a3555a12
Signed-off-by: Ole Troan <[email protected]>
Eyal Bari [Sun, 8 Oct 2017 12:53:34 +0000 (15:53 +0300)]
 
TEST,L2-FIB:refactor test-removing shared state
and remove dependencies between tests
Change-Id: I6ceacfdeb65b2d3c64811309358c3bfd47b213ef
Signed-off-by: Eyal Bari <[email protected]>
Neale Ranns [Mon, 9 Oct 2017 12:26:13 +0000 (05:26 -0700)]
 
IP neighbour move incorrectly placed jump label
Change-Id: I19fdf13a4848306ee3841d822b832cba96c5bce5
Signed-off-by: Neale Ranns <[email protected]>
Dave Barach [Thu, 28 Sep 2017 19:11:16 +0000 (15:11 -0400)]
 
vppapigen: support per-file (major,minor,patch) version stamps
Add one of these statements to foo.api:
  vl_api_version 1.2.3
to generate a version tuple stanza in foo.api.h:
/****** Version tuple *****/
vl_api_version_tuple(foo, 1, 2, 3)
Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15
Signed-off-by: Dave Barach <[email protected]>
Signed-off-by: Ole Troan <[email protected]>
Matus Fabian [Wed, 4 Oct 2017 15:03:56 +0000 (08:03 -0700)]
 
NAT: hairpinning rework (VPP-1003)
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db
Signed-off-by: Matus Fabian <[email protected]>
Matus Fabian [Thu, 5 Oct 2017 06:57:58 +0000 (23:57 -0700)]
 
NAT: fixed ICMP broken translation for GRE tunnel interface (VPP-1008)
Change-Id: Ie3245b96c511cc30915e70e8c881f445291a38c2
Signed-off-by: Matus Fabian <[email protected]>
Pierre Pfister [Thu, 5 Oct 2017 12:24:05 +0000 (14:24 +0200)]
 
fix buffer allocation for sparse jumbo frames in vhost
A bug was reported where a jumbo packet would stay in vhost
queue forever or until a large enough number of other packets
arrived in the queue too.
This is due to a bug in vhost input node buffer allocation.
The fix is to make sure that vhost always allocates at least
enough buffers for one single big packet. '40' is used to
account for 65kB frames.
Change-Id: I1d293028854165083e30cd798fab9d4140230b78
Signed-off-by: Pierre Pfister <[email protected]>
(cherry picked from commit 
67700d41169ac37d21c400949a316750eabad969)
Marco Varlese [Fri, 6 Oct 2017 13:07:08 +0000 (15:07 +0200)]
 
Allow use of /etc/os-release file
The top-level Makefile in VPP already uses the file /etc/os-release to
recognize which OS the build is being performed on.
The scripts for vagrant images instead were still using different files
for different distros and adding a new distro to be supported causes
issues with the extra-logic to deal with it.
This patch aligns the vagrant scripts to use the same approach followed
by the top-level Makefile and simplifies the steps to identify / update
the OS and build / run VPP.
Change-Id: I539f4a7c27b3fef70ed1c12b0276049bc47dc289
Signed-off-by: Marco Varlese <[email protected]>
Chris Luke [Wed, 4 Oct 2017 17:59:14 +0000 (13:59 -0400)]
 
Coverity fixes for API socket
- Coverity whines about a zero-length field not being initialized.
  Change the struct setup to an initializer which will implicitly zero
  all unused fields, and add the coverity notation that should stop
  it whining. One or both of these should shut it up!
- Fix some incorrect use of ntohl that was tainting values; in these
  cases htonl should have been used, and avoid a double-swap.
Change-Id: I00493a77eb23a0b8feb647165ee349e1e9d5cfdb
Signed-off-by: Chris Luke <[email protected]>
Dave Wallace [Tue, 3 Oct 2017 05:48:42 +0000 (01:48 -0400)]
 
VCL: add epoll_* functions.
Change-Id: Ife27795ea96919c116fb6ff33d106663b54df72d
Signed-off-by: Dave Wallace <[email protected]>
Steven [Thu, 5 Oct 2017 07:12:33 +0000 (00:12 -0700)]
 
tuntap: Introduce per thread structure to suport multi-threads
https://gerrit.fd.io/r/#/c/8551/ decoupled the global variable,
namely tm->iovecs from TX and RX. However, to support multi-threads,
we have to eliminate the use of this global variable with per thread
variable. I notice that rx_buffers must also be per thread variable.
So, we introduce per thread struct to contain rx_buffers and iovecs.
Each thread will find the per thread struct with thread_index.
Change-Id: I61abf2fdace8d722525a382ac72f0d04a173b9ce
Signed-off-by: Steven <[email protected]>
Marco Varlese [Tue, 19 Sep 2017 12:25:28 +0000 (14:25 +0200)]
 
Initial GENEVE TUNNEL implementation and tests.
Notes on this first implementation:
* First version of the implementation does NOT support GENEVE OPTIONS
HEADER: it isn't well understood what the purpose of the OPTIONS will be and/or
what content would be placed in the variable option data;
Once the IETF work will evolve and further information will be available
it could be possible to modify the frame rewrite to contemplate the
actual GENEVE OPTIONS.
Change-Id: Iddfe6f408cc45bb0800f00ce6a3e302e48a4ed52
Signed-off-by: Marco Varlese <[email protected]>
Hongjun Ni [Fri, 29 Sep 2017 21:04:33 +0000 (05:04 +0800)]
 
Separate CP and DP fib table for PPPoE
CP table: link_table
DP table: session_table
Change-Id: I2adbfd8f6a63d51d00d6dd291f32aebf20d13e4d
Signed-off-by: Hongjun Ni <[email protected]>