Vladislav Grishenko [Sun, 20 Mar 2022 21:21:42 +0000 (02:21 +0500)]
vlib: leave SIGCONT signal with its default handler
Systemd always sends SIGCONT after KillSignal, to ensure that even suspended
tasks can be terminated cleanly. However, the default action of SIGCONT
handler in VPP such as unix_signal_handler() is process termination with
coredump, what is not really desired. So, leave it alike SIGSTOP with its
default handler.
Type: feature
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: I54c06d21669ec3c709322d746db9e28448c31bb8
Benoît Ganne [Fri, 4 Mar 2022 16:17:04 +0000 (17:17 +0100)]
api: better segregate client and server code
- move memory and server specific vl_msg_api_handler_with_vm_node()
to memory server code only
- keep api_global_main static
Apart from being cleaner, this also helps avoiding symbols conflict
when both client and server libs are loaded in the same process, as is
done by the prom plugin.
Those symbols conflict confuse ASan and can be nasty to debug.
Type: improvement
Change-Id: Iaf58596cc753ad8d3fedd8d65c4bf480ac129c2c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Damjan Marion [Wed, 23 Mar 2022 12:13:41 +0000 (13:13 +0100)]
perfmon: null-terminate string
Type: fix
Change-Id: I43ebb2c2922f3b8b8eddf26ccdf044f31d7b7a10
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 23 Mar 2022 15:35:18 +0000 (16:35 +0100)]
stats: fix crash due to pointer taken before validate
Type: fix
Change-Id: Iee9eab18da142bfe0645761deea13b0fe911a43b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 23 Mar 2022 13:53:51 +0000 (14:53 +0100)]
vppinfra: deprecate vppinfra/graph.[ch]
Type: refactor
Change-Id: Iba0466b60354955ba73f851435a7127435b7066d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Benoît Ganne [Wed, 23 Mar 2022 13:17:26 +0000 (14:17 +0100)]
crypto-native: fix dst index typo in VAES
Type: fix
Change-Id: Ib025d8c1bc9bd651b6448d6a41fd1efa6f0b7362
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Tue, 15 Mar 2022 04:17:25 +0000 (21:17 -0700)]
session: use safe realloc for pools
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I313c916d268c4b2b448b93e90bc67da341b803e3
Filip Tehlar [Tue, 22 Feb 2022 15:19:20 +0000 (15:19 +0000)]
tests: add http tps test
Type: test
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I56a585a8a1f588e682552913cfbdd4551e057ead
Dave Wallace [Thu, 17 Mar 2022 21:44:35 +0000 (17:44 -0400)]
build: remove clang-format-10
- No longer used now that ubuntu-18.04 is deprecated.
- Change default to clang-format-11 in checkstyle.sh
Type: make
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I202244563738417bf4ae5b22fc8e2804bff2d25f
Mohsin Kazmi [Thu, 17 Mar 2022 12:59:44 +0000 (12:59 +0000)]
memif: fix the maxmimum number of txqs
Type: fix
With multi-txq in VPP, user should be able to create
more txqs than vpp threads. MEMIF_MAX_M2S_RING should
be defined to 256 instead of number of vpp threads.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I337c3a5ea691470815653ff2dbfa862bb324b240
Vladislav Grishenko [Tue, 26 Oct 2021 19:07:01 +0000 (00:07 +0500)]
fib: refetech the adj after the walk in case the pool realloc'd
Follow
e3aeb38fa82b77ae84643f5140d9674056b6b5ca
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: I743911cacc026af5da392d26eaf47ab83ea1de99
Klement Sekera [Fri, 18 Feb 2022 16:23:33 +0000 (16:23 +0000)]
build: fix clang-format-diff[.py] detection
Fix clang-format-diff autodetection error in case of non-standard
clang-format-diff path. Also allow finding clang-format-diff.py in
non-standard location.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I3cb76aa152a8245e62db62f5fe2ba96b1ff86428
Klement Sekera [Thu, 10 Mar 2022 10:47:45 +0000 (11:47 +0100)]
tests: fix DEBUG=attach functionality
Make make test-start-vpp-in-gdb work again.
Fix incorrect temp directory when using DEBUG=attach.
Type: fix
Fixes:
b23ffd7ef216463c35b75c831e6a27e58971f4ec
Change-Id: Ie98b637acbbe0221606ccdc7b54f63885e5951a4
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Damjan Marion [Mon, 21 Mar 2022 20:08:00 +0000 (21:08 +0100)]
stats: fix vlib_stats_validate_will_expand_internal
Type: fix
Change-Id: If4c0b23aaa4fc57c0783efcbe349aba5e5885b30
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Mon, 21 Mar 2022 17:38:01 +0000 (10:38 -0700)]
session: linked list of events to be handled by main
Minimize amount of rpcs from first worker to main
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3794ff028a17d18b7bff69ede2b62e1e2d45ae77
Francesco Lombardo [Fri, 30 Jul 2021 13:54:01 +0000 (15:54 +0200)]
sr: fix srv6 definition of behavior associated to a LocalSID
The behavior associateted to a LocalSID accordig to the definition should be u8 instead of u16;
Type: fix
Signed-off-by: Francesco Lombardo <franclombardo@gmail.com>
Change-Id: I6dd60d5facc1c3f20900cb393619349e82eef38c
Signed-off-by: Francesco Lombardo <franclombardo@gmail.com>
Damjan Marion [Mon, 21 Mar 2022 14:06:57 +0000 (15:06 +0100)]
vppinfra: use clib_mem_alloc
Type: refactor
Change-Id: I26a2a410f8f4070d10696f796d5887842cad3916
Signed-off-by: Damjan Marion <damarion@cisco.com>
Jon Loeliger [Thu, 10 Mar 2022 17:23:27 +0000 (11:23 -0600)]
wireguard: dont stacksmash bad peer base64 keys
Just like commit
252647482b24bb3474e8f13bc86100718176832f
did for Wireguard interface keys, prevent stack smashing
the peer keys.
Integer math on 32 bytes of base64 data might yield 33 bytes
of data in some poorly formed user input of private key values.
Rather than smashing the stack (detected) and aborting, simply
allow for the possible yet irrelevant 33-rd byte of data.
Type: fix
Fixes:
edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: I9f77b3faaaa01d3123b356c958db60c87238db9c
Jon Loeliger [Wed, 2 Mar 2022 20:26:56 +0000 (14:26 -0600)]
wireguard: improve peer dump details
- Add peer_index, table_id, and keep-alive.
- Fix some lingering cut-n-paste issues in the API file.
Type: improvement
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: I6fc0729ba0268bbcda0248f680979c44e68b6b0c
Nathan Skrzypczak [Thu, 2 Dec 2021 13:40:06 +0000 (14:40 +0100)]
vppinfra: add new bihash exports
This adds two new exported functions
for the clib_bihash
* clib_bihash_add_with_overwrite_cb allowing
to pass a callback to be called on overwriting
a key with bucket lock held.
* clib_bihash_add_del_with_hash doing an add_del
with a precomputed hash.
Type: feature
Change-Id: I1590c933fa7cf21e6a8ada89b3456a60c4988244
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Filip Tehlar [Fri, 18 Mar 2022 11:44:25 +0000 (11:44 +0000)]
hsa: add support for SAPI in vpp_echo
Type: feature
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: If24a43b7f79e05092306562c192de03994dec550
Damjan Marion [Fri, 18 Mar 2022 14:48:12 +0000 (15:48 +0100)]
vppinfra: deprecate vec numa macros
More generic vector heap code coming in another patch...
Type: refactor
Change-Id: I2327128fb3aba9d5d330f46a35afec32e1e3942e
Signed-off-by: Damjan Marion <damarion@cisco.com>
Andrew Yourtchenko [Fri, 18 Mar 2022 17:05:53 +0000 (17:05 +0000)]
tests: fix the RND_SEED parsing
The random seed is not an integer, so the current code does not allow reproducing a test run by running e.g.
RND_SEED=
1647595144.
0940742 make test
Solution: make the random seed a positive float.
Also, add the missing positiveness check to the positive_integer function.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I858bab0a9b828b99c20a2252aeecb9e2dda4ee21
Florin Coras [Wed, 9 Mar 2022 21:55:38 +0000 (13:55 -0800)]
session: add infra for safe pool reallocs
This is not to be used lightly.
The idea is to forces pool reallocs to be done only on main thread with
a barrier to make sure pools are always reallocated without
peekers/readers. If rpcs are delayed and the pool runs out of elements,
workers will block waiting for barrier and force the realloc.
Consumers of this api should be session layer and transports.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I533272a29534338935a3fcf7027c0e7af2ca948c
Florin Coras [Fri, 18 Mar 2022 17:27:29 +0000 (10:27 -0700)]
udp: avoid grabbing vlib main if not needed
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I88a747cac70cb88755f50c7b337207f4ba256530
Ed Warnicke [Fri, 18 Mar 2022 17:26:04 +0000 (12:26 -0500)]
misc: Auto close PRs to GitHub mirror
Introduce a GitHub Action to auto close PRs submitted via GitHub
Will add a helpful comment to point folks towards gerrit.
Type: feature
Signed-off-by: Ed Warnicke <hagbard@gmail.com>
Change-Id: I3c4a2590d4e38edd1061e65e800cfdb124c43866
Damjan Marion [Thu, 17 Mar 2022 17:59:46 +0000 (18:59 +0100)]
vppinfra: refactor *_will_expand() functions
Type: refactor
Change-Id: I3625eacf9e04542ca8778df5d46075a8654642c7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 17 Mar 2022 17:29:32 +0000 (18:29 +0100)]
vppinfra: deprecate vec_free_h()
vec_free() does the work
Type: refactor
Change-Id: I8a97607c3b2f58d116863642b32b55525dc15d88
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 17 Mar 2022 14:46:25 +0000 (15:46 +0100)]
vppinfra: use stored vec header size to find header
Type: refactor
Change-Id: Iaa1e43c87c5725ab33ea8489bff2a7bda18b9c79
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 18 Mar 2022 11:28:35 +0000 (12:28 +0100)]
vppinfra: fixed pool from heap
Immediate benefit is ability to use hugepage backed memory.
Type: improvement
Change-Id: Ibcae961aa09ea92d3e931a40bedbc6346a4b2039
Signed-off-by: Damjan Marion <damarion@cisco.com>
Nathan Skrzypczak [Wed, 2 Feb 2022 18:31:43 +0000 (19:31 +0100)]
cnat: Fix conflicting rsession
When dNAT-ing to a VIP, it can happen
that the return session conflicts with
another forward session than the one
we own.
This patchs adds a rsession_flags
CNAT_SESSION_RETRY_SNAT that makes cnat_session_create
search for a free src port to use for the
resulting return session.
It also makes forward & return session
share their fate in the session scanner.
Type: fix
Change-Id: Id0edf59abf8e5bc0c0d8941ba289c4563c77dee0
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Fri, 7 Jan 2022 15:02:02 +0000 (16:02 +0100)]
memif: fix rx/txqueue RC on connected
Type: fix
Calling vnet_hw_if_register_tx_queue should
be done with the worker barrier held, as
virtio-pre-input might be grabbing a queue
while a memif connect event is triggered.
Change-Id: Ie1272cdfd2477faf7a4e10f30778279872f04916
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Aloys Augustin [Thu, 24 Feb 2022 15:44:23 +0000 (15:44 +0000)]
ip: fix assert in ip4_ttl_inc
There is no need to verify the checksum for packets that have the IP
checksum offload flag set. This uses the same logic as
ip4_ttl_and_checksum_check.
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: I177b07212a992362a4c965c074dcecf1e504c593
Klement Sekera [Wed, 9 Mar 2022 15:11:27 +0000 (16:11 +0100)]
bfd: remove source IP check from session add
Checking for existence of source address on interface prevents creating
session before assigning address to said interface. Removing this check
allows more flexibility when configuring BFD feature.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: Ia57960e29b5dbdb758a7a64193c28f21482f229e
Florin Coras [Thu, 17 Mar 2022 23:31:50 +0000 (16:31 -0700)]
vlib: fix vlib_mains vector alignment
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib3d1ac6c82bc0c00e445b15d4102e4fd755f8e2d
Filip Tehlar [Thu, 17 Mar 2022 17:25:47 +0000 (17:25 +0000)]
vcl: fix invalid socket read
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Ic8cc12788d9062f30faa992afaecc0c64078c4d7
Damjan Marion [Thu, 17 Mar 2022 14:32:56 +0000 (15:32 +0100)]
vppinfra: vec_max_len, vec_mem_size use stored header size
Type: improvement
Change-Id: I17778e89674da0e8204713302e2293377bdabcbc
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 16 Mar 2022 16:57:29 +0000 (17:57 +0100)]
vppinfra: store vector header size and alignment into header
On the forst vector alloc values are stored into header.
Later, when vector grows values from header are used istead of provided
ones.
In the debug image code will assert if same values are not provided.
Type: improvement
Change-Id: I8fdcfa495e9c1df0f6392c90f634e8c74b73b328
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 17 Mar 2022 16:54:48 +0000 (17:54 +0100)]
vppinfra: move hash bitmap out of vec header
Type: refactor
Change-Id: Ibd29a717eaf12d795b3bceb31835d6fc655268b1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Nathan Skrzypczak [Thu, 10 Mar 2022 11:38:31 +0000 (12:38 +0100)]
misc: Improve go bindings gen
Type: improvement
Change-Id: Id705dab895602a60b053296b560ca3db5b0cd344
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Klement Sekera [Tue, 8 Mar 2022 19:13:57 +0000 (20:13 +0100)]
nat: fix ICMP error translation
Add missing translation of ICMP inner IP layer.
Change responsible test so that it actually tests something.
Type: fix
Fixes:
4881cb4c6f
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: Id3a6f12a7308d81b1cdf9815f857221fab2f24d9
Damjan Marion [Tue, 15 Mar 2022 11:15:45 +0000 (12:15 +0100)]
vpp: binary-api CLI weak linking workaround
For some unknown reason sometimes calling exec() ends up on weak
exec() defined in src/vat/api_format.c which return -1 instead of using
one few lines above.
Another proof that use of weak symbols is bad idea.
Luckily this can be easily workarounded.
Type: fix
Change-Id: Ic84e8525bff75c1b8186c233cd524aac4d95c8b5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Wed, 16 Mar 2022 04:46:34 +0000 (21:46 -0700)]
tcp: update error counters in listen node
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib2e1d847607c9c7d928b174b87e5c21d53153ebe
Florin Coras [Mon, 14 Mar 2022 21:23:39 +0000 (14:23 -0700)]
tcp: update persist timer if data acked
Update persist timer if data sent during snd_wnd < snd_mss was acked.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5c75ff8ddc0e49750b2088237d32afa4eda99e7f
Ting Xu [Thu, 16 Sep 2021 08:37:25 +0000 (08:37 +0000)]
flow: add generic flow pattern for 5G flow enhancement
In order to support the requirement of RSS and packet steering of new
protocols, such as GTPU PDU-type and QFI, for 5G UPF, a generic pattern
is introduced in vnet flow. The generic flow pattern is based on DDP
(Dynamic Device Personalization) function and Parser Library module in
DPDK. Using generic flow pattern, we do not need to create new packet
and field type and offset in API parser for every new protocols. We can
create flows for any protocol immediately as long as supported by DDP.
The generic flow can be used to support 5G related protocols in
different scenarios.
The input of this generic pattern are two binary strings for spec and
mask. Spec is the binary presentation of the target packet type, and
mask is used to mark the target fields.
In this patch DPDK plugins is enabled for POC. Next step we will enable
generic flow in native IAVF, which is the main target.
Here is an example. If we want to create a flow for GTPU QFI,
spec is:
00000000000100000000000208004500003C00000000001100000101010102020202000
008680028000034FF001C00000000000000850100010045000014000000000000000001
01010102020202
mask is:
00000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000007F0000000000000000000000000000
00000000000000
A naming API POC is created via VAPI to help create the rule with
the target packet format similar to Scapy. It is based on a function
module called PacketForge. In this way, the user no need to create
binary string spec and mask by themselves.
Type: feature
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: Id3444f95c158bdcdfeeee19d795cd9ecbeeec07c
Damjan Marion [Tue, 15 Mar 2022 15:16:55 +0000 (16:16 +0100)]
vlib: add vlib_frame_bitmap_and
Type: improvement
Change-Id: I531115f32c484e4c4794173d24e15f3b5b8f547b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mauro Sardara [Mon, 14 Mar 2022 20:08:22 +0000 (20:08 +0000)]
memif: fix memif_process_desc indexing
The index i was incremented in the wrong place, and the check on the
presence of a next buffer in the chain was actually done for the
next desc_status rather than the current one.
Type: fix
Signed-off-by: Mauro Sardara <msardara@cisco.com>
Change-Id: I74a64a34fea497900b7969cd96e1aeeb570a1bba
Florin Coras [Fri, 11 Mar 2022 18:58:55 +0000 (10:58 -0800)]
vppinfra: fix vec capacity
Rename vec_capacity to vec_mem_size as it returned the size of the
underlying memory allocation not the number of bytes that can be used
for vector elements.
Add new vec_max_elts macro that returns number of elements that can fit
into generic vector.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2e53a2bfa6e56a89af62d6ddc073ead58b8c49bb
Damjan Marion [Mon, 14 Mar 2022 12:04:38 +0000 (13:04 +0100)]
stats: refactor vlib counters
Change-Id: I09d2da73eff42c52ba1373acc99ff28f283a6725
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matthew Smith [Wed, 9 Mar 2022 23:30:16 +0000 (23:30 +0000)]
dpdk: add patch to support i226v
Type: improvement
Add a patch to the DPDK 21.11 build to enable the PCI device ID for the
I226-V.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I82ff4b70e6b6e0ba0803519943190a564e85d2ac
Govindarajan [Fri, 11 Mar 2022 18:43:59 +0000 (18:43 +0000)]
crypto: Enabling IOMMU DMA translation table update for QAT card
With DPDK plugin, VPP does the DMA page map in IOMMU, only when
DPDK supported ethernet devices are present. As a result, Mellanox NIC
and QAT combo doesn't work. As part of this fix, DPDK supported
crypto device check is added to do the DMA page map.
Type: fix
Signed-off-by: mgovind <govindarajan.mohandoss@arm.com>
Change-Id: I02de4588c5b021e0c9c62612137f28ed8784bea6
Damjan Marion [Mon, 14 Mar 2022 12:04:38 +0000 (13:04 +0100)]
stats: support recursive locking
Type: improvement
Change-Id: I85dd3d34bcb175dd68dda34a58cd454848a0fc2b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Mon, 14 Mar 2022 13:42:36 +0000 (13:42 +0000)]
hsa: fix error message
Fixes a minor issue that causes printing an error message when there is no error.
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I59f5c6af7c5aeae3e812b4cf0c75a47894bb8bbd
Damjan Marion [Thu, 24 Feb 2022 23:19:26 +0000 (00:19 +0100)]
vppinfra: don't account vec_header_t size twice in the pool header
Type: fix
Change-Id: I298d2a5067f7949002e6c010f892553f1eb9f477
Signed-off-by: Damjan Marion <damarion@cisco.com>
Fan Zhang [Thu, 10 Mar 2022 14:49:19 +0000 (14:49 +0000)]
dpdk: improve rx burst count per loop
Type: improvement
This patch improves the per dpdk-input loop number of packets
received from the port. The change mimics how packets rx happened
before VPP 22.02/DPDK 21.11: instead of trying to rx huge number
of packets (256) in one go, rx more times with up to 32 packets
max each time.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I804dce6d9121ab21b02e53dd0328dc52ac49d80f
Benoît Ganne [Wed, 17 Nov 2021 08:16:09 +0000 (09:16 +0100)]
map: fix memory leak
Thanks to Ben McKeegan <ben@netservers.co.uk> for the report.
Type: fix
Change-Id: I8170dda572c326b6b1823fd330dbd5e961fdad74
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Renato Botelho do Couto [Tue, 8 Mar 2022 18:40:49 +0000 (15:40 -0300)]
build: Restrict tag names when discovering version
Type: improvement
When `make install-ext-deps` is called, it creates a debian changelog
file and use `git describe` to fill project version. On downstream
consumers it's possible to have different tags that makes it to end up
using an invalid version on changelog and breaking the installation
process.
Restrict tags to be considered by git-describe to match 'v[0-9]*'
pattern to get it fixed.
Signed-off-by: Renato Botelho do Couto <renato@netgate.com>
Change-Id: Ieabd7b42ac33735ec4d484bed9039ff20c9872f2
Florin Coras [Wed, 9 Mar 2022 00:36:13 +0000 (16:36 -0800)]
tls: remove pkg dependencies on mbedtls
The tlsmbedtls plugin should only be built if mbedtls libraries are
present.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I24364177d24ea744f24f808f492be08adff3690b
Filip Tehlar [Fri, 11 Mar 2022 11:12:56 +0000 (11:12 +0000)]
session: fix crash during client detach
This fixes a crash caused by client closing socket before adding worker.
During detach vpp tries to delete worker based on invalid worker index.
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I3242bcbb116ef5fd1d4c449f5bcf907e4e2f8f30
Damjan Marion [Fri, 11 Mar 2022 13:57:42 +0000 (14:57 +0100)]
vlib: remoove unused field
Type: refactor
Change-Id: Ieb7a595e40d801af5349c83b128fa92c7698a346
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 9 Mar 2022 15:10:54 +0000 (16:10 +0100)]
vlib: init logging eearlier
Type: improvement
Change-Id: I2eb5543aa470094d4c5ad420a2fcc9873b7808e1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dzmitry Sautsa [Thu, 10 Mar 2022 13:17:07 +0000 (14:17 +0100)]
dpdk: fix program vlans on ixgbevf
Recent "dpdk: refactor device setup" have broken vlans programming for IXGBE_VF.
Type: fix
Signed-off-by: Dzmitry Sautsa <dzmitry.sautsa@nokia.com>
Change-Id: Idacda33a473f6b10dbe002d9926661a19d0f3f97
Mohsin Kazmi [Thu, 10 Mar 2022 16:44:06 +0000 (17:44 +0100)]
devices: remove the unused code from af_packet
Type: refactor
Change-Id: If180816303909b92c9aa4ff9fd70dc7938a6cfbe
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Tianyu Li [Thu, 3 Mar 2022 02:49:39 +0000 (10:49 +0800)]
build: fix centos 8 steam build install-dep
make install-dep sometimes failed at
downloading metadata for repository 'powertools-source':
disable unnecessary powertools-source repo.
Type: fix
Fixes:
1affb31ef528 ("build: fix centos-8 'make install-deps'")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I481d6106eea38190b3ddd79e8614b2ead7130807
Mohsin Kazmi [Thu, 10 Mar 2022 16:47:51 +0000 (17:47 +0100)]
ipsec: remove the redundant code
Type: refactor
Change-Id: I0a40e22e1439e13ffdbcbd6fd7cad40c8178418c
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Tianyu Li [Fri, 25 Feb 2022 05:51:10 +0000 (05:51 +0000)]
tests: fix test failure with parrallel test
Several test cases re-use the same test class name,
which leads to test error when do parrallel test with TEST_JOBS=16,
change the test class names to unique values.
Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: Iefc01d40a25ebd60533baf3a2dc98a537437e8e9
Florin Coras [Wed, 9 Mar 2022 21:34:12 +0000 (13:34 -0800)]
vppinfra: fix pool_free_elts
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3425350f5e874df79716bd726900540629793beb
Neale Ranns [Tue, 8 Mar 2022 13:24:28 +0000 (13:24 +0000)]
ip: IPv4 Fragmentation fix for l2fragmetable size
Type: fix
The l2unfragmentable size is not included in the calculation of 'max', the maximum amount of data that can be added to a fragment, therefore the fragments created are too big.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Id1e949ad98203b6f8ea2f55322ef6fa3d507e2a6
Artem Glazychev [Mon, 21 Feb 2022 10:51:29 +0000 (17:51 +0700)]
vxlan: add l2 mode test
The same test for v22.02 was already merged: https://gerrit.fd.io/r/c/vpp/+/35390
Type: improvement
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I214f6fb5b63d97ca4afe3b10fd2d3e3410b5a6e4
Damjan Marion [Tue, 1 Mar 2022 14:51:18 +0000 (15:51 +0100)]
stats: refactor
Type: refactor
Change-Id: Ifd533a095d979dc55bfbe5fac7e0b7510a4d900c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 9 Mar 2022 13:47:05 +0000 (14:47 +0100)]
vat: fix vat_suspend crash
Deadly combination is clib_{set,long}jmp + lazy linking + tail call compiler
optimization. On the first call to clib_setjmp, dynamic linker executes loader
code which then calls clib_setjmp, so stored stack position contains dynamic
loader data. Tail call optimization simply jumps back to the calling
code when clib_longjump is called and that results in wrong return
address used from the stack.
Change-Id: Ia7d8dbd5b2c425cdd0449374aa07ab6b684a330e
Type: fix
Signed-off-by: Damjan Marion <damarion@cisco.com>
Benoît Ganne [Wed, 13 Oct 2021 17:16:07 +0000 (19:16 +0200)]
classify: add API to retrieve punt ACL tables
Type: feature
Change-Id: Ica3e60836c0f26518ba2c238a8c03ce3648ea69b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Zachary Leaf [Tue, 26 Oct 2021 15:05:58 +0000 (10:05 -0500)]
ipsec: input: drop by default for non-matching pkts
As per IPSec RFC4301 [1], any non-matching packets should be dropped by
default. This is handled correctly in ipsec_output.c, however in
ipsec_input.c non-matching packets are allowed to pass as per a matched
BYPASS rule.
For full details, see:
https://lists.fd.io/g/vpp-dev/topic/ipsec_input_output_default/
84943480
It appears the ipsec6_input_node only matches PROTECT policies. Until
this is extended to handle BYPASS + DISCARD, we may wish to not drop
by default here, since all IPv6 traffic not matching a PROTECT policy
will be dropped.
[1]: https://datatracker.ietf.org/doc/html/rfc4301
Type: fix
Signed-off-by: Zachary Leaf <zachary.leaf@arm.com>
Change-Id: Iddbfd008dbe082486d1928f6a10ffbd83d859a20
Arthur de Kerhor [Wed, 22 Dec 2021 09:58:30 +0000 (10:58 +0100)]
ip: set fib_index before exiting input ACL node
While setting an ACL, a user can specify the adjacency to follow after
the input ACL node. Thus, we may skip a lookup and enter directly a
local node (ex: ip4_local). To prevent the local source check from
failing, we need to specify the fib index. And, we have to do it just
before exiting the input ACL node because the l2_classify object
is overlapping with the fib_index in the vnet_buffer_opaque_t struct.
We could have added a padding to avoid this overlap but there is no
place for that in the structure.
Type: fix
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I383c36e4aec08d181f966f28565aefed950d2a74
Marcel Cornu [Fri, 4 Mar 2022 17:33:12 +0000 (17:33 +0000)]
crypto-ipsecmb: bump to ipsecmb v1.2
Type: feature
This patch bumps ipsecmb library version from 1.1 to 1.2
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
Change-Id: I181e43c711fe530296c037d59b53fe3c5f2719ea
Alexander Chernavin [Mon, 13 Dec 2021 13:03:56 +0000 (13:03 +0000)]
linux-cp: handle ipv4 routes when interface is disabled
Type: improvement
Currently, when an interface is brought down administratively, IPv4
routes that resolve through that interface remain in the FIB. However,
the kernel removes those routes but doesn't send any notifications about
that. Desynchronization between the kernel and VPP happens.
With this change, when a notification received from the kernel
indicating that an interface was brought down, in addition to bringing
the VPP interface down, walk the IPv4 FIB bound to that interface and
remove any entries that resolve through that interface and were added
with one of the linux-cp FIB sources.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I0cd14bb63c9e6616ae1c5739b17c3bf33b186bc2
Neale Ranns [Fri, 4 Mar 2022 11:45:41 +0000 (11:45 +0000)]
ip: Fixes for IPv6 and MPLS fragmentation
Type: fix
- IPv6 fragmentation did not work if the packet spaneed multiple buffers, because the 'len' calculation to did max out at the size of a buffer
- IPv6 fragmentation did not work when the l2unfragmentable size was non-zero, it was not used in the correct places
- IPv6oMPLS fragmentation would fragment all IPv6, it should do so only for link local
- IPv6oMPLS should send back TooBig ICMP6 for non locally generated
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie8f02cdfdd7b7e8474e62b6d0acda8f20c371184
Alexander Chernavin [Fri, 4 Mar 2022 13:18:15 +0000 (13:18 +0000)]
linux-cp: fix issue of possibly closing negative fd
Type: fix
Primarily fix an issue reported by Coverity in
lcp_nl_open_sync_socket() that close() could possibly be run with
negative fd. Also, add more checks and error logging there.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I9a88520d068392977a6eba0766451e5652fe512c
Alexander Chernavin [Fri, 22 Oct 2021 10:46:39 +0000 (10:46 +0000)]
linux-cp: stop signaling read event on every notif
Type: improvement
Currently, read event signal is sent on every notification message
received and added in the queue.
With this change, signal read event only when all currently available
notification messages are received.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ib86d189311ce01f50167e4e97feb99df0292ad96
Alexander Chernavin [Fri, 22 Oct 2021 08:33:00 +0000 (08:33 +0000)]
linux-cp: stop ignoring ENOBUFS while reading notif
Type: improvement
Currently, while reading notifications, ENOBUFS error is ignored and
reading continues. This was done to minimize the number of notifications
that are lost due to reopening the socket.
Now that synchronization is implemented to recover from socket errors,
ignoring ENOBUFS and reading as much notifications as possible is not
actual. Before synchronization, all currently enqueued notification are
discarded in any case.
With this change, stop reading notifications if any error occurs.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I1184d9a3aa99df63ef59bc2a67be2b1e5e0e9329
Benoît Ganne [Thu, 20 Jan 2022 12:44:12 +0000 (13:44 +0100)]
api: harden api trace parsing
- make sure we do not overflow
- skip unknown messages if we can
Type: fix
Change-Id: I0efbe7376d9d78f6b0ec8018c0813400e6653698
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Thu, 17 Feb 2022 15:41:32 +0000 (15:41 +0000)]
ping: correct the fib-index used for the reply
Type: fix
if original packet was to the link local, then the
fib index in the buffer is that of the LL table, we can't use that
to foward the response if the new destination
is global, so reset to the fib index of the link.
In other case, the fib index we need has been written
to the buffer already.
Add a test for IPv6 ping in an MPLS-VPN where int inout interface is
not the the same VRF as the response should be sent.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I18a232d90ddd3ef051a52476c5d861c87060e76f
Neale Ranns [Thu, 17 Feb 2022 09:08:47 +0000 (09:08 +0000)]
ip: rate-limit the sending of ICMP error messages
Type: improvement
For error conditions, such as TTL expired, dest unreach, etc, Rate limit the sending of ICMP error messages.
The rate limiting is done based on src,dst IP address of the received packet.
the rate limit has been chosen, somewhat arbitrarily, to be 1e-3. This is the same limit as the ARP throttling.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I4a0b791cde8c941a9bf37de6aa5da56779d3cef4
Alexander Chernavin [Thu, 21 Oct 2021 08:29:11 +0000 (08:29 +0000)]
linux-cp: ignore neighbors if ip addr is multicast
Type: improvement
When dump of neighbors is requested, the replies will also include
neighbor entries for IPv6 multicast addresses:
GigabitEthernet0/8/0 S ff02::16 33:33:00:00:00:16
GigabitEthernet0/8/0 S ff02::1:ff76:7135 33:33:ff:76:71:35
GigabitEthernet0/8/0 S ff02::2 33:33:00:00:00:02
Such entries are not reported in netlink notification messages and
VPP is unlikely to use these.
With this change, ignore neighbor entries when the IP address is a
multicast address.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ic712aa4904f1d559f31fd89ff4541268e2340f84
Benoît Ganne [Thu, 24 Feb 2022 15:17:52 +0000 (16:17 +0100)]
ip: fix overflow in ip6_ext_header_walk
ip6_ext_hdr_chain_t->eh is IP6_EXT_HDR_MAX elements.
Type: fix
Change-Id: I28b8d610d8f5c0c520c8391c37b86e837655ab12
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Mohsin Kazmi [Fri, 4 Mar 2022 15:08:24 +0000 (16:08 +0100)]
pg: fixing the cli
Type: fix
This patch removes the assert and it is unnecessary.
Because given variable is used for branch testing.
Change-Id: I64f57f909fcba205216296e86c1cde2a5dadbb45
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Mohsin Kazmi [Fri, 4 Mar 2022 15:05:01 +0000 (16:05 +0100)]
pg: add support for ip mode through cli
Type: improvement
Change-Id: I5dda196ab8f1b634fcac46acd5c57a6dd726759c
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Mohsin Kazmi [Tue, 22 Feb 2022 11:42:35 +0000 (11:42 +0000)]
ipfix-export: fix the warning message for uninitialized variable
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I2b8b6a3b5a6df71e84ce2f15ef7117f390121c2f
Arthur de Kerhor [Thu, 3 Mar 2022 09:33:23 +0000 (10:33 +0100)]
classify: skip l2 header in CLI
Add the possibility to create masks and matches without l2 header in the
CLI when creating tables and entries. This is useful for tables working
on l3 and l4 only.
Type: improvement
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I7da9e47d810c0b4a0938e2cb3bc31aa69ace3649
Neale Ranns [Thu, 24 Feb 2022 10:30:12 +0000 (10:30 +0000)]
mpls: Fix the fragmentation in mpls-output.
Type: fix
the MTU needs to be adjusted to account for the label stack, since the size of fragments produced is stack+mtu.
these changes are to the use of the stack variable 'mtu'
most of the patch results from appeasing checkstyle.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8d0e10cf52ca4dd8ecdc224ed6c54a13e4768fdd
Neale Ranns [Fri, 4 Mar 2022 13:44:47 +0000 (13:44 +0000)]
tunnel: Fix the format of tunnel flags
Type: fix
it only display the first flag set
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I45cddbac0d4eed8bda10bf5e0f7c9db0faf183c5
Benoît Ganne [Wed, 23 Feb 2022 14:35:35 +0000 (15:35 +0100)]
vnet: use system time for pcap trace
Use system wall-clock time for packets timestamps instead of the time
since VPP started for pcap traces.
Type: improvement
Change-Id: I716165912efe8db3a8861d5c10597dc7629d2293
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Thu, 3 Mar 2022 05:06:30 +0000 (21:06 -0800)]
vcl: validate vls_epoll_ctl inputs
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I315ef0122ccb21ccfef117a58b1dc998127618ce
Florin Coras [Wed, 2 Mar 2022 22:04:25 +0000 (14:04 -0800)]
session: improve tx tracing
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4fd7ae435514eb986543302c7e3e69e04acba8cf
Alexander Chernavin [Wed, 20 Oct 2021 13:22:14 +0000 (13:22 +0000)]
linux-cp: detect and delete stale entries after sync
Type: improvement
During synchronization, only the current actual set of entries is
loaded. If some entries are no longer present in the set being loaded
but present in VPP, they should be removed to fully syncronize.
With this change, add handlers for sync begin and end events. Begin
handlers will mark the entries as stale. End handlers will remove the
entries that are still marked as stale.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I4f7e872af3e1c9ffa6c63bcc3984ec76def1bb43
Ray Kinsella [Tue, 1 Mar 2022 09:00:17 +0000 (09:00 +0000)]
ipsec: remove ipsec vnet script
An updated ipsec script was identical to the existing ipsec_tun_protect script.
Remove the ipsec vnet script, and rename the ipsec_tun_protect to become the
default ipsec vnet script.
Type: fix
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Ie05ca3e089b67a5b9499d83d4cb2adf1b6c6ffba
Alexander Chernavin [Wed, 20 Oct 2021 12:15:43 +0000 (12:15 +0000)]
linux-cp: resync with kernel after nl socket error
Type: improvement
Currently, if an error happens on the netlink notification socket, the
socket gets reopened. A portion of notification messages have been lost
because of this and will never arrive on the socket. VPP will be out of
sync with the kernel networking state.
With this change, synchronize VPP state and the kernel networking state
if there was an error polling or reading the notification socket.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I8cdff89b505cd227535a0acaadb6ee757204c45e
Neale Ranns [Thu, 24 Feb 2022 10:35:02 +0000 (10:35 +0000)]
ip: Path MTU DPO allocation function is public
Type: refactor
check for pool expansion in the DPO allocation, just in case.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6ba7dd66313630d3f24a51700ab4486ba43d856b
Alexander Chernavin [Wed, 20 Oct 2021 11:52:46 +0000 (11:52 +0000)]
linux-cp: make check of message ts null-tolerant
Type: improvement
For some message types, timestamps are checked on netlink message to
decide whether the message should be applied. For notification messages
timestamps are expected to be always available.
With this change, before accessing the timestamp, make sure the message
info object that carries it is not null. If it is null, pass the check.
This is to be ready to process dump replies that will not need the
timestamp check and will have the message info object set to null.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ic7211c0d451d72f6a5248898b3a8f8e0bca8f7aa
Alexander Chernavin [Fri, 4 Feb 2022 10:15:31 +0000 (10:15 +0000)]
linux-cp: reflect hw link state on tap on pair creation
Type: fix
Currently, a tap interface created to be a member of a linux-cp pair has
default link state (down) and default link speed (10Mb/s). Then the
plugin monitors the link state of the paired hardware interface and if
it changes, the new link state is reflected on the tap interface. And
when the new link state is "up", the link speed is also reflected on the
tap interface.
The problem is that this scheme implies that the hardware interface's
link state is "down" at the moment of the linux-cp pair creation and
then changes. But there are cases when the link state is already "up" at
that moment. If that is the case, the link speed on the tap interface
will remain the default one until the link comes down and then comes up.
With this fix, when a linux-cp pair is created, reflect current link
state of the hardware interface being paired on the created tap
interface.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I73664d753f4daaa6d439c9ca898fb7363d21c06d