Jakub Grajciar [Fri, 31 Jan 2020 08:51:41 +0000 (09:51 +0100)]
span: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ifddac07b15b116574de3a97f7c80d7bf6a3171f7
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Fri, 7 Feb 2020 10:30:26 +0000 (11:30 +0100)]
api: improve api string safety
- Remove vl_api_from_api_string
to prevent use of not nul-terminated strings.
- Rename vl_api_from_api_to_vec -> vl_api_from_api_to_new_vec
to imply a new vector is created. NOT nul terminated.
- Add vl_api_from_api_to_new_c_string. Returns
nul terminated string in a new vector.
- Add vl_api_c_string_to_api_string. Convert nul terminated
string to vl_api_string_t
- Add vl_api_vec_to_api_string. Convert NON nul terminated
vector to vl_api_string_t
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Iadd59b612c0d960a34ad0dd07a9d17f56435c6ea
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Florin Coras [Thu, 6 Feb 2020 16:59:31 +0000 (16:59 +0000)]
svm: support multi-chunk fifo chunk alloc
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id601cd241a2d124d3189057edab4299ffde7ee32
Florin Coras [Wed, 5 Feb 2020 21:13:18 +0000 (21:13 +0000)]
svm: remove chunk add function
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I606eabbe0f3f387529e77d2483f5d63db7bde88a
Steven Luong [Thu, 13 Feb 2020 17:27:38 +0000 (09:27 -0800)]
avf: Handle chain buffer in TX properly
For chain buffer, need to traverse b->next_buffer to transmit all buffers
in the chain. Only set EOP at the last descriptor in the chain to signal
this is a chain descriptor.
Introduce slow path to handle ring wrap. This is needed because chain
buffer may consist of multiple pieces and it may span from near the end of
the ring to the beginning of the ring.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Id7c872f3e39e09f3566aa63f3cdba8f40736d508
Steven Luong [Tue, 25 Feb 2020 19:06:17 +0000 (11:06 -0800)]
unittest: Skip string test case for sizeof (src) > sizeof (dst)
coverity complains that the subject test may cause dst buffer overrun
problem and it is right. The problem is when __builtin_constant_p (n)
returns true, memcpy_s_inline skips all the errors checking and does the
copy blindly. Please see the code in memcpy_s_inline.
The fix is to skip the subject test when the aformentioned builtin function
returns true.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I50de91cc0c853a134b3bcf3b0cd8d45d7668b092
Florin Coras [Sun, 2 Feb 2020 19:30:39 +0000 (19:30 +0000)]
svm: minimal initial fifo
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ee46a6c3c53c58199c275e20702f7fd11b60d9a
Ryujiro Shibuya [Wed, 22 Jan 2020 12:11:42 +0000 (12:11 +0000)]
session: basic fifo-tuning-logic
- Allowing application to register custom fifo-tuning-logic.
- Adding an example custom fifo-tuning-logic in hs_app/proxy.
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2aca14d1f23d5c3c9debb7f4c46aca3a15a8d1b9
Ryujiro Shibuya [Wed, 25 Dec 2019 07:40:54 +0000 (07:40 +0000)]
session svm: tracking segment memory usage
1. segment manager would attempt to balance the usages across
the segments, when it allocate fifos
2. the memory presure level is determined per fifo-segment
3. updated unit test
4. updated cli output for segments
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: I2923f3e0a43dd919196a0cb2cd55e098fde6cf66
Florin Coras [Fri, 20 Dec 2019 00:10:58 +0000 (16:10 -0800)]
svm: refactor fifo
Type: refactor
Switch from a wrapped byte space to a "continuous" one wherein fifo
chunks are appended to the fifo as more data is enqueued and chunks are
removed as data is dequeued.
The fifo is still subject to a maximum size, i.e., maximum number of
bytes that can be enqueued, so the max number of chunks associated to
the fifo is also constrained.
When enqueueing data, which must fit within the available free space, if
not enough "supporting" chunk memory is available, the fifo asks the
fifo segment for enough chunk memory to ensure that the write can
succeed. To avoid allocating large amounts of small chunks due to small
writes, if possible, the size of the chunks requested is lower capped by
min_alloc.
When dequeuing data, all the chunks that have been completely drained,
i.e., head moved beyond the chunks’ end bytes, are unlinked from the
fifo and returned to the fifo segment. The one exception to this is the
last chunk which is never unlinked.
Change-Id: I98c1dbd9135fb79650365c7e40c29238b96cd4ee
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Thu, 12 Dec 2019 20:09:29 +0000 (12:09 -0800)]
svm: refactor fifo chunk tracking
Avoid tracking with rbtrees all of the chunks associated to a fifo.
Instead, only track chunks when doing out-of-order operations (peek or
ooo enqueue).
Type: refactor
Change-Id: I9f8bd266211746637d98e6a12ffc4b2d6346950a
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Mon, 24 Feb 2020 12:54:31 +0000 (12:54 +0000)]
feature: provide a u16 version of vnet_feature_next
Type: improvement
when using vlib_buffer_enqueue_to_next the 'nexts' parameter is an array
of u16, but vnet_feautre_next takes a u32. this is a simple wrapper to
address the impedence mismatch.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0fa86629e979e313344eb68442dc35a7b9537a8f
Florin Coras [Sat, 22 Feb 2020 02:27:21 +0000 (02:27 +0000)]
tcp: handle cleanups without timers
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ida896e9fbe83b4c76578b089bb3fd2bef5e07fd2
Damjan Marion [Tue, 25 Feb 2020 10:51:48 +0000 (11:51 +0100)]
crypto-native: GCM implementation with vector AESNI instructions
Introduced on intel IceLake uarch.
Type: feature
Change-Id: I1514c76c34e53ce0577666caf32a50f95eb6548f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 09:45:16 +0000 (09:45 +0000)]
vlib: Punt reason allocation listener enable/disable callback
Type: improvement
allow clients that allocate punt reasons to pass a callback function
that is invoked when the first/last client registers to use/listen on
that punt reason. This allows the client to perform some necessary
configs that might not otherwise be enabled.
IPSec uses this callback to register the ESP proto and UDP handling
nodes, that would not otherwise be enabled unless a tunnel was present.
Change-Id: I9759349903f21ffeeb253d4271e619e6bf46054b
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Tehlar [Mon, 24 Feb 2020 20:56:49 +0000 (20:56 +0000)]
crypto: fix coverity warnings
Type: fix
Change-Id: I89c0923ad6ac1daf65b2d24ad4b6f00b7703e58e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Mon, 24 Feb 2020 21:06:38 +0000 (21:06 +0000)]
crypto-openssl: fix coverity warnings
Type: fix
Change-Id: Ia42ff39a0a33f89901b8333a9e6ca82ca9805cc6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 19 Feb 2020 07:02:49 +0000 (07:02 +0000)]
ikev2: add retry logic for session initiation
Type: improvement
Change-Id: Ib474dabb745bc2034d8d60261c095e35a8fff277
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Thu, 20 Feb 2020 05:45:31 +0000 (05:45 +0000)]
tcp: dynamic max timers per loop
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If0a634c277d4f8e4d32321f52253721a990bdb1d
Damjan Marion [Mon, 24 Feb 2020 18:13:05 +0000 (19:13 +0100)]
crypto-native: introduce aes_gcm_flags_t
Type: refactor
Change-Id: I53b4a9c0b63e6e6c6a13c33c5baa4c3de562584b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 14:03:21 +0000 (15:03 +0100)]
crypto-native: introduce counter struct
Type: refactor
Change-Id: I9ecc18ba3ec5f11622ea225690fb1dc262ea6fc1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Mon, 24 Feb 2020 12:58:20 +0000 (12:58 +0000)]
vlib: Alias RX or TX to direction
Type: improvement
for those that find that name usefull.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I6c99bcdbb10ca1615aeea6924c2d93a68b5b7684
Dave Barach [Mon, 24 Feb 2020 14:19:12 +0000 (09:19 -0500)]
vppinfra: correct fixed pool header size calculation
Remove duplicate space allocation for the pool header. Not significant
w/ CLIB_CACHE_LINE_BYTES >= 64 since the code rounds the size of the
pool header to an even multiple of the cache line size.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I923f2a60e7565cf2dfbc18d78264bf82ff30c926
Neale Ranns [Mon, 24 Feb 2020 12:45:53 +0000 (12:45 +0000)]
ethernet: trivial additions
Type: improvement
- macros to identify SENDER and TARGET in ARP header
- count the number of bits set in a mac_address
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Id31e27a4f5f01a8cfb70d3798416bb2519981654
Neale Ranns [Mon, 24 Feb 2020 13:00:17 +0000 (13:00 +0000)]
l2: remove unused types and includes form feature arc code
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ia441c069afe79ccd6428159df944d4c1d10a992d
Filip Tehlar [Tue, 18 Feb 2020 18:41:10 +0000 (18:41 +0000)]
ikev2: proper cleanup of SAs during rekey
Type: fix
Change-Id: Ifb675c7783f03de4db8147858dd93d9687176f40
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:26:08 +0000 (14:26 +0100)]
crypto-native: inverse Hi so it naturally fits into 512-bit register
Type: refactor
Change-Id: I0c6ca9356af179abd0a414b356dea7e3a3eb0dd6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:16:15 +0000 (14:16 +0100)]
crypto-native: replace aesni with aes
This code also works on ARM so let's not use intel term....
Type: refactor
Change-Id: Ie51d4359a83f2bf7a61c4861d486b7d009fc8057
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:13:18 +0000 (14:13 +0100)]
crypto-native: do not overwrite data after partial tag
Type: fix
Change-Id: I01de5f8813faff5406ccf67c21c42393c8648af6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Sun, 23 Feb 2020 19:00:18 +0000 (19:00 +0000)]
session: include timer generated packets in max burst
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic9174c92ab05b58e62b00999fe9cbf4e9292d43e
Florin Coras [Sun, 23 Feb 2020 01:37:34 +0000 (01:37 +0000)]
session: minimize number of tx events
Type: improvement
Unset fifo tx event only if all data has been dequeued. Avoids frequent
re-scheduling of sessions as new sessions.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I36a4c90b97e0255b88782032fb029640e6a73e90
Dave Barach [Fri, 21 Feb 2020 22:31:17 +0000 (17:31 -0500)]
vppinfra: deprecate CLIB_VEC64
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Id1e7c0926036db4601c91438397ceed22381fc07
Simon Zhang [Sat, 22 Feb 2020 19:51:42 +0000 (03:51 +0800)]
tcp: remove useless prediction
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ie2dc2653baec92347eb2cbcd197a2e5ec6a80c79
Filip Tehlar [Wed, 19 Feb 2020 01:03:02 +0000 (01:03 +0000)]
ikev2: cleanup tunnels after subsequent sa-init
Type: fix
Change-Id: I44e51bc37ff43999290d97fceb5f94b7c64041ec
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 12:56:22 +0000 (12:56 +0000)]
gbp: Coverity warnings for unitialized variables
Type: fix
Change-Id: If74ad528e68f45b00719295388e0e1399452ef93
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 13:10:47 +0000 (13:10 +0000)]
fib: Uninitialised pad in the prefix (coverity warning)
Type: fix
Change-Id: Ia61d6fbf6e80977f83f1f6672e5e83b52ddeb0e5
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Mon, 16 Dec 2019 00:53:11 +0000 (00:53 +0000)]
ipsec: IPSec protection for multi-point tunnel interfaces
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iaba2ab11bfaa1c8db4023434e3043ac39500f938
Neale Ranns [Thu, 20 Feb 2020 13:16:49 +0000 (13:16 +0000)]
ipip: Unintialized return variable (coverity warning)
Type: fix
Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 13:13:45 +0000 (13:13 +0000)]
ip: Unintialized variables in prefx setup (coverity warning)
Type: fix
Change-Id: I048c9ed423ca2993d2179cdce364ac98980311bb
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Thu, 20 Feb 2020 21:17:58 +0000 (16:17 -0500)]
dhcp: update secondary radv_info structures
For details, see the Jira ticket below. Fix gerrit 23350.
Type: fix
Fixes:
28a6eb7
Ticket: VPP-1840
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ic9248734bb330eadb302f8410e8db9c64723f075
Matthew Smith [Thu, 20 Feb 2020 14:58:15 +0000 (08:58 -0600)]
vrrp: fix coverity errors
Type: fix
Fixes:
39e9428b90
Fix warnings about potential problems with an implicit type cast
and a null pointer dereference.
Change-Id: I8c8d220e79ba45b62ba783cfe53cb49eef175fc8
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Florin Coras [Thu, 20 Feb 2020 16:04:03 +0000 (16:04 +0000)]
tcp: fix coverity warning in bt
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4153a9a377b8b1da1366a94ff791ad99617b7a6d
Florin Coras [Thu, 20 Feb 2020 16:11:23 +0000 (16:11 +0000)]
lisp: fix coverity warnings
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie060b25b5e8c85d9b2037e300723a2b6023c65d1
Dave Wallace [Tue, 18 Feb 2020 21:09:12 +0000 (21:09 +0000)]
hsa: cleanup vpp_echo JSON output
- Fix invalid json syntax
- Add bits_per_second rx/tx fields
Type: fix
Change-Id: I4100245b01093e99a6c7def16cd83572ab033e24
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Wed, 19 Feb 2020 21:38:15 +0000 (21:38 +0000)]
dpdk: rx checksum offload
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5a3e3a41dcc60c0d9b291e51bb112e7701f73050
Neale Ranns [Tue, 18 Feb 2020 13:56:24 +0000 (13:56 +0000)]
fib: adjacency midchain teardown (VPP-1841)
Type: fix
Change-Id: I57f8bfbce4feed9d2775875cb8b1b729a47900a4
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit
24064d02aa9810ebc64c16dc778a179bb0ef5483)
Filip Varga [Thu, 13 Feb 2020 13:52:18 +0000 (14:52 +0100)]
nat: user deletion function & extra metrics
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ia5dbfe864c18e953ff49147a9a4684d2ca14b96e
Vladimir Isaev [Tue, 18 Feb 2020 12:26:12 +0000 (15:26 +0300)]
ip-neighbor: Fix aging timeout
Before this patch VPP checked age for ARP/NDP records every 1e5 seconds
for any configured aging time. This is 27 hours and it looks like
misprint because 1e5 is the number of 10us ticks in a second.
Also time to wait is now difference between aging time and time alive
for nodes in alive state.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Ib5baa85032a44402d5f48c1145245260a42c7bae
Alexander Chernavin [Tue, 11 Feb 2020 14:57:09 +0000 (09:57 -0500)]
map: honor pre-resolve param in map-t
With this commit, forward the translated packet directly to the
specified next-hop if pre-resolve param is enabled in MAP-T.
Type: fix
Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Alexander Chernavin [Wed, 5 Feb 2020 14:05:06 +0000 (09:05 -0500)]
map: honor icmp6-unreachables param in map-t
With this commit, send ICMPv6 unreachable messages back if security
check fails and icmp6-unreachables param enabled in MAP-T.
Type: fix
Change-Id: I9a8869df7763c764a1672e3faa1fde8dc13ec85a
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Klement Sekera [Mon, 17 Feb 2020 13:37:20 +0000 (13:37 +0000)]
nat: avoid running pointless session cleanups
Save the next session timeout when sweeping sessions for cleanup so that
we can avoid unnecessary runs of the sweeping algorithm.
Type: fix
Change-Id: I736d00f2dfe242af10f963fbe34b11128f8b0613
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Filip Varga [Mon, 17 Feb 2020 16:49:53 +0000 (17:49 +0100)]
nat: nat44 split slow and fast path
Type: improvement
Change-Id: I07c7e1c154583906ac9af958f22ed9a1be382f4a
Signed-off-by: Filip Varga <fivarga@cisco.com>
Filip Tehlar [Tue, 18 Feb 2020 23:34:23 +0000 (23:34 +0000)]
ikev2: fix logging init
Type: fix
Change-Id: I76bed5ce2df897d0e8e822ee1244018b0e39494d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Tue, 18 Feb 2020 15:23:29 +0000 (15:23 +0000)]
fib: fib path realloc during midchain stack
Type: fix
Change-Id: I0677f46dfa22c8abab7f311230a09ef1cd8ac335
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit
02d5a67d39cbb8f1865227afdc79533578067b8d)
Yu Ping [Wed, 19 Feb 2020 17:40:53 +0000 (01:40 +0800)]
tls: need to use thread id to fetch the event
Type: fix
Change-Id: I429351f04a2865be4a289a3021277f9b2ced902b
Signed-off-by: Yu Ping <ping.yu@intel.com>
Florin Coras [Tue, 18 Feb 2020 22:51:26 +0000 (22:51 +0000)]
tcp: fix syn-sent reset
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2799ac9723ec3e7effe910bba401fc486c552cac
Yu Ping [Tue, 18 Feb 2020 18:31:22 +0000 (02:31 +0800)]
tls: handle disconect and reset in async mode
Type: fix
When async is enabled and request is inflight, delay close oepration
Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943
Signed-off-by: Yu Ping <ping.yu@intel.com>
Mohsin Kazmi [Fri, 31 Jan 2020 11:37:44 +0000 (12:37 +0100)]
devices: netlink: add more error logging
Type: improvement
Change-Id: I4d8ca04840845e1ba631e4260e155df2486155e6
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Florin Coras [Tue, 18 Feb 2020 21:05:28 +0000 (21:05 +0000)]
misc: deprecating the plugin
Type: refactor
Not maintained
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5568ecf1161b63cd0f314e2b1503e350e214e51b
Filip Tehlar [Thu, 13 Feb 2020 20:50:12 +0000 (20:50 +0000)]
crypto: show crypto handlers re-design
Type: improvement
Show simple and chained handler details on a single line.
Change-Id: I5ad807a4d3608fc38c1134f564755d5751c30070
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 3 Jul 2019 09:04:54 +0000 (09:04 +0000)]
crypto: add support for testing quad loops in crypto algos
This patch adds support for test cases with arbitrary long plaintext.
Type: feature
Change-Id: I48cd3642e30cc49eabc196c45d7f73c484e93057
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Tue, 18 Feb 2020 20:17:30 +0000 (20:17 +0000)]
tcp: add fib to connection cli output
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3de653fd90b8030125b627f751c7fb665ade5aee
Filip Tehlar [Thu, 13 Feb 2020 22:34:05 +0000 (22:34 +0000)]
crypto: add chained buffer support in ipsecmb (AES-GCM)
Type: feature
Change-Id: Ia65caf38988c7e860e6d028f93659916825ef16b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Vratko Polak [Tue, 18 Feb 2020 18:12:47 +0000 (19:12 +0100)]
vrrp: do not define _details as autoreply
Without this, _details_reply messages also end up defined;
which is not intended, as there are no _details_t_handler functions.
Type: fix
Fixes:
39e9428b90bc74d1bb15fc17759c8ef6ad712418
Change-Id: Id052b00b00623ca92e5ddce4cc5e1bdfbb1031db
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Dave Barach [Tue, 18 Feb 2020 15:12:23 +0000 (10:12 -0500)]
misc: fix coverity warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I402b1b06db736b2a7a242ce70ffd409c7c0a4fc2
Dave Barach [Mon, 17 Feb 2020 22:07:12 +0000 (17:07 -0500)]
vlib: calculate per-worker loops/second metric
Use exponential smoothing. Each sample has a half-life of 1
second. reported_rate(t) = reported_rate(t-1) * K + rate(t)*(1-K)
Sample every 20ms, i.e. 50 samples per second
K = exp (-1.0/20.0);
K = 0.95;
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I9aea5dd5fecfaefffb78245316adb4bf62eb2bd4
Florin Coras [Mon, 10 Feb 2020 17:44:13 +0000 (17:44 +0000)]
tcp: allow custom mss on connects
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie4bd68a387f706b3e6868bece2ec4c8c1d92a9c3
Florin Coras [Fri, 14 Feb 2020 23:41:25 +0000 (23:41 +0000)]
tcp: pace timer handling
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I93067054631d6ae2411a7b08d7b681aed7a121b2
Damjan Marion [Tue, 18 Feb 2020 14:12:07 +0000 (15:12 +0100)]
vppinfra: fix debug image builds on arm
vextq_u8(...) reuqires constant value so instead of
inline function we need to use macro.
Type: fix
Signed-off-by: Damjan Marion <dmarion@me.com>
Change-Id: I9c1d878c9ec750f0ed5b5eac4dffde50e97e7357
Yu Ping [Tue, 18 Feb 2020 19:16:50 +0000 (03:16 +0800)]
tls: Add Feature yaml
Type: docs
Change-Id: Id1972fd1d0769f26ee73db326c22c6a57eb6ceab
Signed-off-by: Yu Ping <ping.yu@intel.com>
Elias Rudberg [Tue, 18 Feb 2020 11:12:25 +0000 (12:12 +0100)]
rdma: fix bug related to ring buffer
Fix a bug that caused some input packets to be dropped due to errors of
the type 'ip4 length > l2 length'. The change is related to the second
call to the rdma_device_input_bufs() function that happens when the end
of the ring buffer is reached.
Type: fix
Change-Id: I332d69ab22242b3443a0baca6e5dd86349a54765
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Simon Zhang [Mon, 9 Dec 2019 11:58:39 +0000 (19:58 +0800)]
tls: Picotls engine symmetric crypto enhancement by vpp crypto framework
Type: feature
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I1d4fe75e5faf3fa2086d11020828345b173ebd03
Dave Barach [Mon, 17 Feb 2020 14:13:26 +0000 (09:13 -0500)]
misc: fix coverity warnings
Add an ALWAYS_ASSERT (...) macro, to (a) shut up coverity, and (b)
check the indicated condition in production images.
As in:
p = hash_get(...);
ALWAYS_ASSERT(p) /* was ASSERT(p) */
elt = pool_elt_at_index(pool, p[0]);
This may not be the best way to handle a specific case, but failure to
check return values at all followed by e.g. a pointer dereference
isn't ok.
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia97c641cefcfb7ea7d77ea5a55ed4afea0345acb
Klement Sekera [Mon, 10 Feb 2020 11:49:52 +0000 (11:49 +0000)]
bfd: use tw_timer_template instead of legacy wheel
Type: refactor
Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Chenmin Sun [Sun, 16 Feb 2020 18:19:15 +0000 (02:19 +0800)]
gtpu: offload RX flow
ip4 gtpu cli/api (using flow infra) to create flows and enable them on
different hardware (currently tested with ice)
to offload a gtpu tunnel onto hw:
set flow-offload gtpu hw TwentyFiveGigabitEthernet3/0/0 rx gtpu_tunnel0
to remove offload:
set flow-offload gtpu hw TwentyFiveGigabitEthernet3/0/0 rx gtpu_tunnel0 del
TODO:ipv6 handling
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I8e356feeb0b16cfeadc1bbbe92f773aa2916e715
Neale Ranns [Mon, 17 Feb 2020 10:39:09 +0000 (10:39 +0000)]
ikev2: IKE plugin manages the state of the protected tunnel interface
Type: improvement
IKE will bring the tunnel up ince the negociation is complete and bring
it down when the session ends. It is the clinets responsibility to
manage the state of the tunnel before and after these events. So to
prevent any unencrpyted traffic egressing the tunnel before the session
is negpciated, the tunnel should be in the down state when it a
associated with the IKE session.
Change-Id: I8aee593c79ca006d6ab08f9fa560fbbf6f8dcc16
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Sun, 16 Feb 2020 12:07:13 +0000 (13:07 +0100)]
crypto-native: calculate ghash using vpclmulqdq instructions
vpclmulqdq is introduced on intel icelake architecture and
allows computing 4 carry-less multiplications in paralled by using
512-bit SIMD registers
Type: feature
Change-Id: Idb09d6f51ba6f116bba11649b2d99f649356d449
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
Lijian.Zhang [Fri, 14 Feb 2020 07:16:49 +0000 (15:16 +0800)]
vlib: fix code of getting numa node with specific cpu_id
Use below sysfs files to check which numa node a specific cpu_id belongs to.
/sys/devices/system/node/online
/sys/devices/system/node/node0/cpulist
/sys/devices/system/node/node1/cpulist
Type: fix
Change-Id: I124b80b1fd4a20dd7bd76f0ae27d5ab23a3a8ff1
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
Simon Zhang [Sat, 15 Feb 2020 13:50:16 +0000 (21:50 +0800)]
tls: Fix Picotls ctx_read rx_content issue
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I19cdd2055ea494fc36628b4a94fc56742c1d1a8a
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Mohsin Kazmi [Fri, 14 Feb 2020 12:09:04 +0000 (12:09 +0000)]
tap: fix the default parameter for num_rx_queues
Type: fix
Change-Id: I1a20fea56f1ba1fada7c7ce96ea333bf097b1273
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Yu Ping [Fri, 14 Feb 2020 11:14:36 +0000 (19:14 +0800)]
tls: remove session lookup operation in TLS
Type: fix
Change-Id: I50329bda365d98f9f9d56a58187fb4fb2a4eb461
Signed-off-by: Yu Ping <ping.yu@intel.com>
Florin Coras [Thu, 13 Feb 2020 19:24:58 +0000 (19:24 +0000)]
tcp: reset fin-wait-2 timeout connections
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id931f3f308a01788d222d0d62f26f5c579321c6a
Neale Ranns [Fri, 7 Feb 2020 10:47:18 +0000 (10:47 +0000)]
tunnel: add FEATURE.yaml
Type: docs
Change-Id: I171903bd3fd3219ad0e1ebd79a6dbf6f094d9cb8
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Fri, 14 Feb 2020 05:33:46 +0000 (05:33 +0000)]
vcl: fix ldp read on closing session
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I60be191866d20721951ad22f571a2a3275511e12
Dave Barach [Fri, 14 Feb 2020 12:32:54 +0000 (07:32 -0500)]
vrrp dns: fix coverity warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0d164147173b452fee7e720e01e6a9991f43b64a
Steven Luong [Thu, 13 Feb 2020 02:45:09 +0000 (18:45 -0800)]
dpdk: TSO does not work for Cisco VIC
While TSO is supported for Intel NIC, Cisco VIC does not work.
The problem is due to txmode offloads is not properly set for
the Cisco VIC when enable-tcp-udp-checksum is configured.
Type: fix
Ticket: VPP-1838
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I72c41db9b327ed8d08ef70d74e8cc6206d4a102f
Chenmin Sun [Mon, 20 Jan 2020 12:17:09 +0000 (20:17 +0800)]
dpdk: fix flow(with mark action) deletion crash issue
Type: fix
this patch fixes mark flow deletion crash issue, see below
test flow add src-ip any proto udp src-port 111 dst-port 222 mark 100
test flow enable index 0 1/1
test flow disable index 0 1/1
test flow enable index 0 1/1
test flow disable index 0 1/1 -> [crash]
This is because the code resets a wrong vector in flow lookup entry
recycle logic. See function dpdk_flow_ops_fn().
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I2b0a1e531931ab25541d672d88da18dc2289f1ce
Florin Coras [Thu, 13 Feb 2020 18:46:18 +0000 (18:46 +0000)]
tcp: improve reset generation in reset node
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7a4a4a52c3e4ad47aabb2ef5f53a0e0bb7e71690
Florin Coras [Wed, 12 Feb 2020 07:42:01 +0000 (07:42 +0000)]
tcp: minimal set of worker stats
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9dafe564229095d50285276a654f4983f93faff2
Damjan Marion [Thu, 13 Feb 2020 12:11:02 +0000 (13:11 +0100)]
crypto-native: refactor CBC code
Type: refactor
Change-Id: I61e25942de318d03fb3d75689259709d687479bc
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Thu, 13 Feb 2020 15:08:01 +0000 (10:08 -0500)]
nsim: fix quad-loop packet trace
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I756170bd799d1f482186cbb4b5dff9373ae6e08f
Florin Coras [Thu, 13 Feb 2020 20:04:28 +0000 (20:04 +0000)]
vcl: clear accept msg flags
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idb513232e7b091c8f767726bfa1deb10a7e3b751
Matthew Smith [Tue, 11 Feb 2020 17:25:32 +0000 (11:25 -0600)]
vrrp: add plugin providing vrrp support
Type: feature
Add a new plugin to support HA using VRRPv3 (RFC 5798).
Change-Id: Iaa2c37e6172f8f41e9165f178f44d481f6e247b9
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Damjan Marion [Thu, 13 Feb 2020 17:14:06 +0000 (18:14 +0100)]
vppinfra: add 128-bit and 512-bit a ^ b ^ c shortcut
This allows us to combine 2 XOR operations into signle instruction
which makes difference in crypto op:
- in x86, by using ternary logic instruction
- on ARM, by using EOR3 instruction (available with sha3 feature)
Type: refactor
Change-Id: Ibdf9001840399d2f838d491ca81b57cbd8430433
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
Florin Coras [Wed, 12 Feb 2020 08:50:29 +0000 (08:50 +0000)]
vcl: handle close after reset
Can happen if a connection is reset before fully accepted.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0ae68d71b66722dd19ca6f1cee44a080e5ff4447
Damjan Marion [Wed, 12 Feb 2020 09:59:14 +0000 (10:59 +0100)]
crypto-native: add AArch64 AES-GCM native implementation
Type: feature
Change-Id: I4f96b0af13b875d491704b010328a1814e1dbda1
Signed-off-by: Damjan Marion <dmarion@me.com>
Vladimir Ratnikov [Thu, 13 Feb 2020 08:36:21 +0000 (03:36 -0500)]
dpdk: Add iova-mode to startup
In some cases of using vfio-pci driver, it should be required
to enable pa or va mode. Without it, rtl_eal_init unable to
allocate memory required. Debugging told that iova-mode pa/va
could help. And it helps.
This patch allows to pass iova-mode to vpp startup.conf
Type: feature
Change-Id: I36b87f5d3d141891b37cda2c306d50433954a34a
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Neale Ranns [Thu, 13 Feb 2020 09:12:36 +0000 (09:12 +0000)]
fib: Fix some more realloc errors
Type: fix
Change-Id: I6011f5d6eae79019d3c16a260a9bedf0a76d2151
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 13 Feb 2020 10:10:30 +0000 (10:10 +0000)]
ikev2: Responder honours the protected tunnel config
Type: feature
Change-Id: Iee84f94c617c53658f13c5430b945568c5e06ce9
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Wed, 12 Feb 2020 19:12:55 +0000 (20:12 +0100)]
crypto-native: add AArch64 ghash support
Type: improvement
Change-Id: I1f204685ea9374389fc24fc53184ce06806beed3
Signed-off-by: Damjan Marion <dmarion@me.com>