vpp.git
7 months agourpf: fix multicast traffic 37/42337/2
Alexander Skorichenko [Wed, 5 Feb 2025 13:29:29 +0000 (14:29 +0100)]
urpf: fix multicast traffic

Type: fix
Change-Id: I937d5d8c89bd1e0cc6ff396df6e81ff96755702c
Signed-off-by: Maxim Babichev <[email protected]>
Signed-off-by: Alexander Skorichenko <[email protected]>
7 months agohs-test: ignore some never used code paths for coverage generation 79/42479/1
Semir Sionek [Thu, 13 Mar 2025 14:35:09 +0000 (10:35 -0400)]
hs-test: ignore some never used code paths for coverage generation

Type: fix

Change-Id: I4318efee62d7fdeb936b00aafd431a4927899f9b
Signed-off-by: Semir Sionek <[email protected]>
7 months agohs-test: shutdown VPP cleanly when finishing a testcase 69/42469/2
Semir Sionek [Tue, 11 Mar 2025 12:05:31 +0000 (08:05 -0400)]
hs-test: shutdown VPP cleanly when finishing a testcase

Good practice in general, but especially helpful when SIGKILL'd VPP
can't write out coverage data.

Type: fix

Change-Id: I7e7261b6f2e63fd4a6b24a3832c32800c71493c2
Signed-off-by: Semir Sionek <[email protected]>
7 months agodpdk: format UDP hw offload info consistently 93/42393/2
Nicolas PLANEL [Thu, 27 Feb 2025 08:51:33 +0000 (09:51 +0100)]
dpdk: format UDP hw offload info consistently

Format the hardware offload info the same way than other protocol
to avoid confusion when reading logs, like this :
  PKT_TX_SCTP_CKSUM (0x0000) SCTP cksum of TX pkt. computed by NIC
  PKT_TX_TCP_CKSUM (0x0000) TCP cksum of TX pkt. computed by NIC
  PKT_TX_UDP_CKSUM (0x0000) TX UDP cksum

Type: improvement
Change-Id: Icd16a484eabe36af4488352312245d638d7dff4b
Signed-off-by: Nicolas PLANEL <[email protected]>
Signed-off-by: Nicolas PLANEL <[email protected]>
7 months agohttp: http_transport_connect TLS support 61/42461/2
Matus Fabian [Fri, 7 Mar 2025 09:34:59 +0000 (04:34 -0500)]
http: http_transport_connect TLS support

enable HTTPS for client apps

Type: improvement

Change-Id: I2ca8b926771a350863cca81729102faf6ee9c874
Signed-off-by: Matus Fabian <[email protected]>
7 months agohttp_static: resize header response buffer if needed 92/42392/8
Semir Sionek [Wed, 26 Feb 2025 16:50:23 +0000 (11:50 -0500)]
http_static: resize header response buffer if needed

Type: fix

Change-Id: If77469fbdf2b95b0c546a2d1de1cc8663464e1fc
Signed-off-by: Semir Sionek <[email protected]>
7 months agovcl: improve vpp detatch handling 58/42458/9
Florin Coras [Fri, 7 Mar 2025 02:58:14 +0000 (21:58 -0500)]
vcl: improve vpp detatch handling

Better handling of multi-threaded applications that share sessions.

Type: improvement

Change-Id: Id69bcb1a4b1d67aab020beefdb2fa196ec2ee108
Signed-off-by: Florin Coras <[email protected]>
7 months agovcl: remove listen_no_mq from state to flag 59/42459/4
Florin Coras [Fri, 7 Mar 2025 03:15:23 +0000 (22:15 -0500)]
vcl: remove listen_no_mq from state to flag

One less state in state machine

Type: improvement

Change-Id: Ib6445a425b1e2d5a957318a94c3f132cddd8370b
Signed-off-by: Florin Coras <[email protected]>
7 months agosession: improve endpoint cfg unit test 65/42465/6
Florin Coras [Sat, 8 Mar 2025 07:08:31 +0000 (02:08 -0500)]
session: improve endpoint cfg unit test

We are currently testing only active open from default to non-default
appns. Add connect test from non-default to default appns and make sure
transport cleans up ports.

Type: improvement

Change-Id: Id0f05aa295ac175b549d8035eb530dbb9a15d85d
Signed-off-by: Florin Coras <[email protected]>
7 months agosession: fix lcl port allocation with fib 57/42457/1
Florin Coras [Thu, 6 Mar 2025 19:20:14 +0000 (14:20 -0500)]
session: fix lcl port allocation with fib

Type: fix

Change-Id: I0b0cc664cec2643a543a39cc7482292604381bf7
Signed-off-by: Florin Coras <[email protected]>
7 months agohttp_static: hss_ts_rx_callback fix 54/42454/1
Matus Fabian [Wed, 5 Mar 2025 14:06:59 +0000 (09:06 -0500)]
http_static: hss_ts_rx_callback fix

reset hs->data_len before handling new request

Type: fix

Change-Id: I5b02f8ec418c56e8ec607c5bc5c8716d53e5376f
Signed-off-by: Matus Fabian <[email protected]>
7 months agomisc: add and consolidate host stack scripts 49/42449/7
Florin Coras [Mon, 3 Mar 2025 21:19:01 +0000 (16:19 -0500)]
misc: add and consolidate host stack scripts

Move all existing host stack scripts under extras/scripts/host-stack

Also add scripts for iperf/vcl performance testing

Type: improvement

Change-Id: Ia79b6bd061db49f61a0e4c6577cf45afe0323eb1
Signed-off-by: Florin Coras <[email protected]>
7 months agopapi: fix socket api max message id calculation 26/35726/5
Vladislav Grishenko [Fri, 29 Oct 2021 15:40:52 +0000 (20:40 +0500)]
papi: fix socket api max message id calculation

In case of sparse message ids due fixed offsets, length of
the message table is less than max message id, causing
"IndexError: list assignment index out of range" exception
in _register_function() due "self.id_msgdef[i] = msg".

Unlike shmem api, socket api needs to use max id.

Type: fix
Signed-off-by: Vladislav Grishenko <[email protected]>
Change-Id: Ib777db9dabc3a5a3ff83f07ec211cf2fb3c15cf0
Signed-off-by: Ole Troan <[email protected]>
7 months agohttp: http2 frames 43/42443/5
Matus Fabian [Fri, 28 Feb 2025 15:15:15 +0000 (10:15 -0500)]
http: http2 frames

Type: feature

Change-Id: Id2c6f6b5747c1f676048642e277eb66850f728b7
Signed-off-by: Matus Fabian <[email protected]>
7 months agovppinfra: make verbose format time more verbose 46/42446/3
Florin Coras [Sun, 2 Mar 2025 23:40:11 +0000 (18:40 -0500)]
vppinfra: make verbose format time more verbose

Dump more cpu and reftime fields in clib time struct. Example:

DBGvpp# sh clock verbose
Time now 6.890267
cpu time 6.890267 now 22333609568369233 last 22333609568350337 since start 19981775480
reftime 6.890268 now 1740958292.416887 last 1740958285.526620 init 1740958285.526620
error 0.000000, clocks/sec 2900000000.000000, Sun, 02 Mar 2025 23:31:32 GMT
Time last barrier release 3.291883104
0: Time now 6.890387
   cpu time 6.890387 now 22333609568706225 last 22333609568696497 since start 19982121640
   reftime 6.890387 now 1740958292.417007 last 1740958285.526620 init 1740958285.526620
   error -.000001, clocks/sec 2900000000.000000
Thread 0 offset 0.000000000 error 0.000000000
1: Time now 5.695180
   cpu time 5.695180 now 22333609568926421 last 22333609568920073 since start 16516023212
   reftime 5.695181 now 1740958292.417084 last 1740958286.721903 init 1740958286.721903
   error -.000001, clocks/sec 2900000000.000000
Thread 1 offset 1.195283275 error -.000000114

Type: improvement

Change-Id: I383b9b1a2ef64a731bbc335cd512d565d47f0cd9
Signed-off-by: Florin Coras <[email protected]>
7 months agosession: uri parsing improvements 17/42417/5
Adrian Villin [Thu, 27 Feb 2025 14:04:56 +0000 (15:04 +0100)]
session: uri parsing improvements

- It is now possible to use "proto://ip4:port/target" or
 "proto://[ip6]:port/target" format.
- Updated http_client and related tests to use the new format

Type: improvement

Change-Id: Ic6afd8c66eddca2ab1d7afc034e193441c34f8ee
Signed-off-by: Adrian Villin <[email protected]>
7 months agosession: ignore tx evts for cl sessions with no fifo 42/42442/3
Florin Coras [Fri, 28 Feb 2025 03:13:19 +0000 (22:13 -0500)]
session: ignore tx evts for cl sessions with no fifo

Type: fix

Change-Id: I3e484ed3447dde3540c39b2c5c5ce26329c83340
Signed-off-by: Florin Coras <[email protected]>
7 months agomisc: VPP 25.02 Release Notes 99/42399/2
Andrew Yourtchenko [Thu, 23 Jan 2025 11:43:20 +0000 (12:43 +0100)]
misc: VPP 25.02 Release Notes

Type: docs
Change-Id: Iff452c28396159f7818e0a294daa0277870077f4
Signed-off-by: Andrew Yourtchenko <[email protected]>
(cherry picked from commit af12ed005d50809e130b93a4d9c934a961081dcf)

7 months agodocs: Restore and update nat section of progressive tutorial 02/40402/6
Bence Romsics [Tue, 27 Feb 2024 12:18:16 +0000 (13:18 +0100)]
docs: Restore and update nat section of progressive tutorial

The NAT section of the Progressive Tutorial was likely accidentally lost
in If5b0d07ea90d978c6b1f11210a661876b7929653. This patch restores it. It
is also updated to reflect current package and plugin names and cli
reference links.

Type: docs
Change-Id: Ifb6117cd00768fd05dccfa506b4e97c81f9bcf21
Signed-off-by: Bence Romsics <[email protected]>
7 months agohttp: hpack headers encoding 88/42388/3
Matus Fabian [Tue, 25 Feb 2025 11:52:25 +0000 (06:52 -0500)]
http: hpack headers encoding

1) header encoding without dynamic table
2) serialization of response header block

Type: feature

Change-Id: I7ec470310e5aec0f8055492e92682261b4af5e81
Signed-off-by: Matus Fabian <[email protected]>
7 months agohs-test: make docker cache dir multi-user friendly 37/42437/2
Matus Fabian [Thu, 27 Feb 2025 11:00:28 +0000 (06:00 -0500)]
hs-test: make docker cache dir multi-user friendly

Type: test

Change-Id: Ib569a48b61e337e3a1bef5ba5b37d10e3322c44a
Signed-off-by: Matus Fabian <[email protected]>
7 months agohs-test: create docker buildx with proxy 95/42395/2
Matus Fabian [Thu, 27 Feb 2025 10:33:57 +0000 (05:33 -0500)]
hs-test: create docker buildx with proxy

Type: test

Change-Id: If887916bc540a51747e342a76edc2f37d54e6b0f
Signed-off-by: Matus Fabian <[email protected]>
7 months agohs-test: fix make install-deps 94/42394/2
Matus Fabian [Thu, 27 Feb 2025 09:45:41 +0000 (04:45 -0500)]
hs-test: fix make install-deps

run apt-get commands with sudo

Type: test

Change-Id: I1044be65a21bd8a830c11f53239accf2cf86c33d
Signed-off-by: Matus Fabian <[email protected]>
7 months agoabf: run abf after reassembly 91/42391/2
Benoît Ganne [Wed, 26 Feb 2025 15:06:23 +0000 (16:06 +0100)]
abf: run abf after reassembly

If reassembly is enabled, make sure to apply ABF after reassembly.

Type: fix

Change-Id: Ic12ccba34a9e4d13caba1821e8175ee5adc7f8c3
Signed-off-by: Benoît Ganne <[email protected]>
7 months agolinux-cp: Add support for LACP packets 24/42124/6
Akeel Ali [Thu, 9 Jan 2025 17:01:13 +0000 (12:01 -0500)]
linux-cp: Add support for LACP packets

This patch adds support to mirror LACP packets between host and phy.
It is needed for the Sonic-VPP project to support LAG and allow Sonic
to run LACP in the control plane.

The change has 3 parts:

(1) Converted lip_punt_node to lip_punt_xc_inline, which now supports
the creation of two distinct nodes: lip_punt_node and lip_punt_xc_node.
lip_punt_node retains its original punt functionality.
lip_punt_xc_node supports both punt and x-connect between host & phy.

(2) Add 2 new API (and corresponding CLI) to the linux-cp plugin:
(A) lcp_ethertype_enable ("lcp ethertype enable <ethertype>")
(B) lcp_ethertype_get ("show lcp ethertype")

(3) Add UT to test the new functionality and API/CLI for LACP and LLDP.

Type: improvement

Change-Id: Iab66e3b29351dcf2c471babd4f1ef4bdd19da46e
Signed-off-by: Akeel Ali <[email protected]>
7 months agohttp_static: squash subsequent forward slashes in request target path 82/42382/6
Semir Sionek [Fri, 21 Feb 2025 14:09:29 +0000 (09:09 -0500)]
http_static: squash subsequent forward slashes in request target path

In the file handler, squash groups of forward slashes during path
sanitation to minify the risk of running out of memory.

Type: fix

Change-Id: Ic29d691f876b891ff588157851334162b4e3c5e3
Signed-off-by: Semir Sionek <[email protected]>
7 months agohttp: hpack headers decoding 74/42374/8
Matus Fabian [Tue, 18 Feb 2025 09:29:10 +0000 (04:29 -0500)]
http: hpack headers decoding

1) parsing of binary format (RFC7541 section 6)
2) simple dynamic table implementation
3) parsing of request header block

Type: feature

Change-Id: If43e175a0643f9731c15efc412a82345d9e33cee
Signed-off-by: Matus Fabian <[email protected]>
7 months agoping: Check only PING_RESPONSE_IP4 and PING_RESPONSE_IP6 events 46/40246/10
Nikita Skrynnik [Wed, 24 Jan 2024 01:09:47 +0000 (12:09 +1100)]
ping: Check only PING_RESPONSE_IP4 and PING_RESPONSE_IP6 events

Check only PING_RESPONSE_IP4 and PING_RESPONSE_IP6
in ping binary API so it doesn't block other binary API
requests while working. (current version of ping binary API
can read other events like SOCKET_READ_EVENT, for example).

Type: fix
Change-Id: Ie7c5c92322af28633680c9c0d60fed739d4e65a0
Signed-off-by: Nikita Skrynnik <[email protected]>
7 months agobuild: generate TAGS file for emacs 85/42385/2
Nicolas PLANEL [Mon, 24 Feb 2025 10:33:43 +0000 (11:33 +0100)]
build: generate TAGS file for emacs

Type: improvement

Change-Id: I7915b674f22184deed6a63a6ed66193d216c65e4
Signed-off-by: Nicolas PLANEL <[email protected]>
Signed-off-by: Nicolas PLANEL <[email protected]>
8 months agoipsec: coverity warning, issue CID 509068 79/42379/3
Piotr Bronowski [Thu, 20 Feb 2025 11:18:57 +0000 (11:18 +0000)]
ipsec: coverity warning, issue CID 509068

UNUSED_VALUE warning fixed.

Type: fix
Change-Id: Idd1f0fab96f252f2081d5c268ecc722223289477
Signed-off-by: Piotr Bronowski <[email protected]>
8 months agovxlan: move vxlan-gpe to a plugin 98/40898/19
lajoskatona [Wed, 8 May 2024 15:02:54 +0000 (17:02 +0200)]
vxlan: move vxlan-gpe to a plugin

Move vxlan-gpe folder under vnet to the plugin folder,
update cmake configuration and header paths,
and add plugin.c to register plugin.

JIRA: VPP-2059

Type: improvement
Change-Id: I31b6d326276c4aa684fcdcf8443ef349f7816a6d
Signed-off-by: lajoskatona <[email protected]>
Signed-off-by: Nicolas PLANEL <[email protected]>
8 months agoudp: fix cli for next node and opaque 84/42384/2
Florin Coras [Mon, 24 Feb 2025 05:20:32 +0000 (00:20 -0500)]
udp: fix cli for next node and opaque

Type: fix

Change-Id: I77c2d8e64ed463b1c8e84e0fca8d79684a88714c
Signed-off-by: Florin Coras <[email protected]>
8 months agosession: trace all packets sourced by session layer 78/42378/2
Florin Coras [Thu, 20 Feb 2025 05:55:07 +0000 (00:55 -0500)]
session: trace all packets sourced by session layer

Trace both packets generated by dispatching sessions and those that have
been enqueued by other nodes, e.g., syns, fins, acks enqueued by tcp
input and output.

Because not all buffer sources know the session, remove for now the
session index from the trace. Nonetheless, next node on path will print
it, so no information is lost.

Type: improvement

Change-Id: Id69094fbf00e6bc8f98095e90cdf20e2b7f0aeda
Signed-off-by: Florin Coras <[email protected]>
8 months agolibmemif: Fixed strlcpy symbol detection. 22/41722/3
Alexander Slesarev [Thu, 17 Oct 2024 19:52:06 +0000 (15:52 -0400)]
libmemif: Fixed strlcpy symbol detection.

Type: fix

libmemif can't be compiled with the modern glibc (since 2.38)
and musl as they include strlcpy for _GNU_SOURCE by default now.

The change introduced:

- proper symbol detection for both strlcpy and memfd_create;
- bumped CMake version requirements due to soon-to-be failed
compilation for very old version;
- fixed Unity compilation on the modern compilers (it has warnings,
but compiled with `-Werror`).

Change-Id: I48f9c410aa5405174dc6b65e9c9001e8b11ba276
Signed-off-by: Alexander Slesarev <[email protected]>
8 months agovppinfra: bihash_vec8_8 set key in mark_free 77/42377/1
Matus Fabian [Wed, 19 Feb 2025 20:44:36 +0000 (15:44 -0500)]
vppinfra: bihash_vec8_8 set key in mark_free

When key not set to ~0 clib_bihash_key_compare_vec8_8 do not skip empty
slot during search and we crash.

Type: fix

Change-Id: I48f510bceffcfb5e4851dd757cad055a6f7f12d0
Signed-off-by: Matus Fabian <[email protected]>
8 months agohttp: hpack primitive types 44/42344/9
Matus Fabian [Fri, 7 Feb 2025 19:34:42 +0000 (14:34 -0500)]
http: hpack primitive types

RFC7541 section 5, Huffman encoding included

Type: feature

Change-Id: I5a024f654610729b8f3f53734aa242bb4b5a25fe
Signed-off-by: Matus Fabian <[email protected]>
8 months agobuild: make clang the default compiler for build targets 73/42373/8
Dave Wallace [Sat, 15 Feb 2025 01:53:47 +0000 (20:53 -0500)]
build: make clang the default compiler for build targets

- fixes compiler version for hs-test and other CI jobs which
  default to CC=cc in make
- not all build targets compile successfully with clang (e.g.
  libmemif, xdp-tools) which are hard-coded to use gcc for now

Type: fix

Change-Id: I505e67a08687f17fd4e26e1a3c236fb7c54ff49d
Signed-off-by: Dave Wallace <[email protected]>
8 months agoipsec: add tests for bypass/discard ipv6 policies and upd encapsulation 40/42340/8
Piotr Bronowski [Thu, 6 Feb 2025 09:01:44 +0000 (09:01 +0000)]
ipsec: add tests for bypass/discard ipv6 policies and upd encapsulation

Support for ipv6 policy mode bypass and discard policies has been introduced.
Also ipsec traffic may be sent encapsulated in udp packages.
With this change both types of policies are testeg together with udp encapsulation.

Type: test

Change-Id: I9ec0c5154af6f654143f9e5104f10311cda1a514
Signed-off-by: Piotr Bronowski <[email protected]>
8 months agoipsec: enable support for ipv6 udp ipsec encapsulation in policy mode 39/42339/9
Piotr Bronowski [Thu, 6 Feb 2025 09:00:47 +0000 (09:00 +0000)]
ipsec: enable support for ipv6 udp ipsec encapsulation in policy mode

IPSec traffic may be sent encapsulated inside UDP packagaes.
In case of esp packgaes decryption is required (according to defined policies),
whereas IKE traffic should be bypassed (relevant policy needs to be defined).
With this patch required behaviour is provided.

Type: feature

Change-Id: If99c7bf121db881c0bdf2b45e6fdca87c0d872a5
Signed-off-by: Piotr Bronowski <[email protected]>
8 months agoipsec: add support for bypass and discard policies for ipv6 38/42338/8
Piotr Bronowski [Thu, 6 Feb 2025 08:38:29 +0000 (08:38 +0000)]
ipsec: add support for bypass and discard policies for ipv6

In case of ipv6 addresses spd did not support bypass and discard policies.
This change introduces missing implementation
in the same way as it was implemented for ipv4.

Type: feature

Change-Id: Idad974655b209d946414d7d85037d0783cde7db3
Signed-off-by: Piotr Bronowski <[email protected]>
8 months agosr: fix sr_policy fib table 33/41533/3
Artem Glazychev [Wed, 14 Aug 2024 04:16:23 +0000 (11:16 +0700)]
sr: fix sr_policy fib table

fib_table_get_flow_hash_config accepts fib_index, not fib_table.

Type: fix

Change-Id: I0372ca1b6caab4a34bc0590f9856d89deff6ee90
Signed-off-by: Artem Glazychev <[email protected]>
8 months agoip: add support to preallocate pools 91/42191/4
Mohsin Kazmi [Mon, 10 Feb 2025 11:19:47 +0000 (11:19 +0000)]
ip: add support to preallocate pools

Type: improvement

In certain use cases, the underlying pools expand by allocating a new,
larger pool and copying the existing elements into it. This process
can be time-consuming, leading to slower control plane configurations,
especially when a large number of elements are already present.
This patch allows users to pre-configure some of these pools through
startup.conf.
It also fixes alignment for ip4 mtrie.

Signed-off-by: Mohsin Kazmi <[email protected]>
Signed-off-by: Benoît Ganne <[email protected]>
Change-Id: Ib0f1d40e3efb8b4fce989219196c718d6834498a

8 months agobuild: use clang by default when using Makefile 72/42372/2
Benoît Ganne [Fri, 14 Feb 2025 18:27:51 +0000 (19:27 +0100)]
build: use clang by default when using Makefile

Change https://gerrit.fd.io/r/c/vpp/+/42189 changed default compiler
from clang to GCC as a side effect when using Makefile.
Restore default behavior.

Type: fix
Fixes: b7a00271990b67458afd2e660f92ebf3ebb6f887

Change-Id: I3478fa7c5e2132486a4c3b9d8363c60ed81b0d43
Signed-off-by: Benoît Ganne <[email protected]>
8 months agosession: improve chained buffer enqueue 46/42346/5
Florin Coras [Sat, 8 Feb 2025 06:49:53 +0000 (01:49 -0500)]
session: improve chained buffer enqueue

Type: improvement

Change-Id: I86497255cd2a73e37ae9be61dcce3a27199c552f
Signed-off-by: Florin Coras <[email protected]>
8 months agotcp: improve exception checks for established connections 68/42368/3
Florin Coras [Fri, 14 Feb 2025 06:24:21 +0000 (01:24 -0500)]
tcp: improve exception checks for established connections

Separate exception state checks, e.g., no connection or closed, from
segment validation. Segments with no ack, rst, syn flag should not be
received in established node. Still, leave the check in for now.

Type: improvement

Change-Id: I7ceb01d7133f3a571e18721b6e51ff79f533f8cb
Signed-off-by: Florin Coras <[email protected]>
8 months agoipsec: better pack outbound SA runtime data 67/42367/2
Damjan Marion [Thu, 13 Feb 2025 22:52:27 +0000 (23:52 +0100)]
ipsec: better pack outbound SA runtime data

Type: improvement
Change-Id: I9a0437dcfaf5e6930bb7fa057866ea36e7ca328f
Signed-off-by: Damjan Marion <[email protected]>
8 months agoipsec: keep inbound seq as u64 02/42302/6
Damjan Marion [Thu, 13 Feb 2025 20:21:15 +0000 (21:21 +0100)]
ipsec: keep inbound seq as u64

Type: improvement
Change-Id: I03f0b6137db6780f2c2935df90e98acf4bd471f9
Signed-off-by: Damjan Marion <[email protected]>
8 months agoipsec: combine huge and normal anti-replay-window handling 66/42366/2
Damjan Marion [Thu, 13 Feb 2025 17:56:16 +0000 (18:56 +0100)]
ipsec: combine huge and normal anti-replay-window handling

Type: improvement
Change-Id: Idfbaf56e3b56e77c8deaca9d3e41f7a78d8c4e0b
Signed-off-by: Damjan Marion <[email protected]>
8 months agoipsec: embed anti-replay bitmap in the runtime data 65/42365/2
Damjan Marion [Thu, 13 Feb 2025 16:09:52 +0000 (17:09 +0100)]
ipsec: embed anti-replay bitmap in the runtime data

Type: improvement
Change-Id: I753917c6d7e30b8d5e3291b85a7532a455ebc2bb
Signed-off-by: Damjan Marion <[email protected]>
8 months agoipsec: store anti_replay_window_size in runtime data 64/42364/2
Damjan Marion [Thu, 13 Feb 2025 15:39:35 +0000 (16:39 +0100)]
ipsec: store anti_replay_window_size in runtime data

Type: improvement
Change-Id: I0626af365855ad5301419e72e9430a47a5d0e5d7
Signed-off-by: Damjan Marion <[email protected]>
8 months agovppinfra: add few uword_bitmap_* functions 62/42362/2
Damjan Marion [Thu, 13 Feb 2025 14:37:13 +0000 (14:37 +0000)]
vppinfra: add few uword_bitmap_* functions

Change-Id: I592668a385489d0eaccd9e7693121ff25090e353
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
8 months agosession: make sure we cannot pass wrong IO event type 63/42363/3
Benoît Ganne [Thu, 13 Feb 2025 15:19:59 +0000 (16:19 +0100)]
session: make sure we cannot pass wrong IO event type

GCC 11 complains about potential cast from u32 to session_t.

Type: fix

Change-Id: Id777e339c40e0ea3c3c8b2b0800acf7cd7a4ced3
Signed-off-by: Benoît Ganne <[email protected]>
8 months agobuild: fix broken HST gcov build 89/42189/7
Adrian Villin [Thu, 6 Feb 2025 13:22:17 +0000 (14:22 +0100)]
build: fix broken HST gcov build

- also added a "NO_COLOR" option for HS tests
- http coverage is not generated for now

Type: make

Change-Id: Ib58672ae6035fda01efee933ebf35a1dd48e8afa
Signed-off-by: Adrian Villin <[email protected]>
8 months agotcp: rename worker ctx to just wrk 57/42357/4
Florin Coras [Wed, 12 Feb 2025 06:43:45 +0000 (01:43 -0500)]
tcp: rename worker ctx to just wrk

Align with session layer (also less typing in gdb ..)

Type: refactor

Change-Id: I1455a1aa3e3bad7b53fe638a678774b88b9969b9
Signed-off-by: Florin Coras <[email protected]>
8 months agosession: move io inlines to header file 45/42345/4
Florin Coras [Sat, 8 Feb 2025 05:19:06 +0000 (00:19 -0500)]
session: move io inlines to header file

Make sure compiler can optimize out constants.

Type: improvement

Change-Id: I3982d4b2cf1e0e08e31a0836fd64fab82564a7d6
Signed-off-by: Florin Coras <[email protected]>
8 months agovrrp: force sleeps between timer events 13/42313/3
Matthew Smith [Mon, 27 Jan 2025 19:49:07 +0000 (19:49 +0000)]
vrrp: force sleeps between timer events

Adding a virtual MAC to some NICs can take a significant amount of time.
If a lot of VRs enter the master state around the same time, the process
node can stay active for a very long time processing all of the transitions.

Try to force a 10 us sleep between processing events to ensure that the
process node does not prevent API messages and RPCs from being handled for
an extended period.

Type: improvement

Signed-off-by: Matthew Smith <[email protected]>
Change-Id: I400a7d395b4c0fec371f70d359e9d184ae79645e

8 months agohttp: modularization in preparation for h2 and h3 54/42254/11
Matus Fabian [Mon, 27 Jan 2025 13:12:22 +0000 (08:12 -0500)]
http: modularization in preparation for h2 and h3

Prepare code to handle multiple http versions and move http/1
specific code into http1.c

Type: improvement

Change-Id: I1f2c958dadb7721b305c65b2da7c2943695ad740
Signed-off-by: Matus Fabian <[email protected]>
8 months agohsa: http client parallel sessions 83/42183/14
Adrian Villin [Fri, 24 Jan 2025 12:56:22 +0000 (13:56 +0100)]
hsa: http client parallel sessions

- client is now able to use multiple workers to send requests
  (sometimes it uses multiple sessions on a single worker)

Type: feature

Change-Id: I2d83d47a9768011b3d8d05ed320852606841e4b8
Signed-off-by: Adrian Villin <[email protected]>
8 months agobuild: add socat deb package 48/42348/2
Ivan Ivanets [Mon, 10 Feb 2025 13:10:55 +0000 (13:10 +0000)]
build: add socat deb package

Type: improvement

Integrated the installation of the socat deb package into the make
install-dep target.
Socat is essential for enabling communication with
the VPP CLI over UNIX domain socket.

Signed-off-by: Ivan Ivanets <[email protected]>
Change-Id: I14f270eea23db7f7e0b20b7b67f75dd72ad734da

8 months agobuild: replace __FUNCTION__ with C11 __func__ 49/42349/1
Damjan Marion [Mon, 10 Feb 2025 19:34:47 +0000 (20:34 +0100)]
build: replace __FUNCTION__ with C11 __func__

Type: improvement

Change-Id: I6cf7aaf42e8c0738d5b677fa66c99f071c1526bb
Signed-off-by: Damjan Marion <[email protected]>
8 months agohs-test: option to skip tests using cli args 90/42190/1
Adrian Villin [Mon, 10 Feb 2025 09:13:38 +0000 (10:13 +0100)]
hs-test: option to skip tests using cli args

Type: test

Change-Id: Ic0fd117c53a3547cebfca38d089b5ba3f79cca28
Signed-off-by: Adrian Villin <[email protected]>
8 months agosession: do not match listeners when looking for lcl port 14/42314/2
Florin Coras [Wed, 5 Feb 2025 20:45:50 +0000 (15:45 -0500)]
session: do not match listeners when looking for lcl port

Also optimize lookup to avoid session rules table matching.

Type: fix

Change-Id: I5b62c870edd9f7486e7de1417816fffa30d03a3e
Signed-off-by: Florin Coras <[email protected]>
8 months agodpdk: patch add to ice driver for flow action handles 74/42274/2
Kai Ji [Fri, 31 Jan 2025 12:04:49 +0000 (12:04 +0000)]
dpdk: patch add to ice driver for flow action handles

This patch updates the DPDK ICE driver to ensure the correct hardware
engine is selected for flow offload, addressing issues with
improper engine assignment.

Type: fix

Change-Id: Ief7bfbe978d8a684b992ca85b07097112e497b80
Signed-off-by: Kai Ji <[email protected]>
8 months agohs-test: fix numa node core retrieval 15/42315/4
Semir Sionek [Thu, 6 Feb 2025 12:44:05 +0000 (07:44 -0500)]
hs-test: fix numa node core retrieval

In CpuAllocator, the default assumption of two node core ranges
seems to not be fully correct. Added handling of multiple ranges
and singular cores.

Type: fix

Change-Id: Id50147c5360baa4035fcd87e3717b0d6c9ea7e5f
Signed-off-by: Semir Sionek <[email protected]>
8 months agoqos: fix qos record cli 67/41467/3
Filip Tehlar [Thu, 22 Aug 2024 11:11:50 +0000 (13:11 +0200)]
qos: fix qos record cli

Type: fix

Change-Id: Ic3d4bbb4df8be6ef109f0af17744b35abc240ba2
Signed-off-by: Filip Tehlar <[email protected]>
8 months agohttp: confirm postponed connection close 08/42308/2
Matus Fabian [Tue, 4 Feb 2025 13:41:55 +0000 (08:41 -0500)]
http: confirm postponed connection close

Type: fix

Change-Id: I43a221ac2be9bbea885116c12d1991cf4477fae8
Signed-off-by: Matus Fabian <[email protected]>
8 months agohs-test: fix vppConnectUdpStressLoad panic 11/42311/2
Matus Fabian [Wed, 5 Feb 2025 09:04:56 +0000 (04:04 -0500)]
hs-test: fix vppConnectUdpStressLoad panic

Type: test

Change-Id: Id5573d4e1a9216297046db33be887ebfa343fa28
Signed-off-by: Matus Fabian <[email protected]>
8 months agol2: fix segment fault 12/42112/5
fenglei [Thu, 9 Jan 2025 09:32:35 +0000 (17:32 +0800)]
l2: fix segment fault

if feature_bitmap is zero, it will make feat_bitmap_get_next_node_index function generate segment fault

Type: fix

Change-Id: I6a9c0b29d927e600537e9e43ad696d09c091f9b1
Signed-off-by: fenglei <[email protected]>
8 months agocnat: fix interface map type unformat 43/41143/5
Benoît Ganne [Wed, 12 Jun 2024 12:04:45 +0000 (14:04 +0200)]
cnat: fix interface map type unformat

C enum is not guaranteed to be 8-bit (and in general it is not, it's
32-bits by default in GCC for example).

Type: fix

Change-Id: I6a10f85991ae1903fb9f4aeebfcfdf5315200903
Signed-off-by: Benoît Ganne <[email protected]>
8 months agobuild: check cmake3 command silently 05/42305/3
Nicolas PLANEL [Tue, 4 Feb 2025 12:05:11 +0000 (13:05 +0100)]
build: check cmake3 command silently

Avoid which shell command to output verbose errors like
"""
which: no cmake3 in (/usr/sbin:/sbin:/bin: ...
"""

Type: make

Change-Id: Ib9a5fee72055b80b5e4e4c73280b19fea736c352
Signed-off-by: Nicolas PLANEL <[email protected]>
8 months agohttp: buf_fifo_get_segs minor fix 99/42299/2
Matus Fabian [Sat, 1 Feb 2025 16:46:14 +0000 (17:46 +0100)]
http: buf_fifo_get_segs minor fix

validate segs vector to (_n_segs - 1)

Type: fix

Change-Id: I721cc438e4c9610760a1f40b6355834bbd389b20
Signed-off-by: Matus Fabian <[email protected]>
8 months agocrypto: remove barrier on key add 72/42272/4
Semir Sionek [Fri, 17 Jan 2025 15:06:23 +0000 (10:06 -0500)]
crypto: remove barrier on key add

Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
Change-Id: I9eab8a3c2580711c8635f7ba8bca3b27316aa665

8 months agoipsec: fix ipsec_sa_v5_details 98/42298/3
Maxime Peim [Fri, 31 Jan 2025 17:52:20 +0000 (18:52 +0100)]
ipsec: fix ipsec_sa_v5_details

Re-add the anti-replay window size in the SA dump API and add tests.

Type: fix

Change-Id: Iacecdf5df796a0a6353491f8160c878751c6039b
Signed-off-by: Maxime Peim <[email protected]>
Signed-off-by: Benoît Ganne <[email protected]>
8 months agoipsec: export ipsec_funcs header 96/42296/2
Maxime Peim [Fri, 31 Jan 2025 13:01:43 +0000 (14:01 +0100)]
ipsec: export ipsec_funcs header

Type: fix
Change-Id: I78904edd5f38e22821af779e15ab1c0da2294ce8
Signed-off-by: Maxime Peim <[email protected]>
8 months agohttp: http_app_tx_callback check if conn closed 97/42297/2
Matus Fabian [Fri, 31 Jan 2025 14:55:33 +0000 (09:55 -0500)]
http: http_app_tx_callback check if conn closed

Type: fix

Change-Id: Ic7b9819226742b0f1153ec2794ae80556c49dad2
Signed-off-by: Matus Fabian <[email protected]>
8 months agoipsec: store outbound seq as u64 70/42270/4
Damjan Marion [Thu, 30 Jan 2025 18:39:25 +0000 (18:39 +0000)]
ipsec: store outbound seq as u64

Type: improvement
Change-Id: Id7717de00558ab90dbd312a58becd58d008397ea
Signed-off-by: Damjan Marion <[email protected]>
8 months agohs-test: fixed incorrect exit status 88/42188/4
Adrian Villin [Thu, 30 Jan 2025 18:14:24 +0000 (19:14 +0100)]
hs-test: fixed incorrect exit status

Type: fix

Change-Id: Icabe556448ad7109f4802ad48a701667911652de
Signed-off-by: Adrian Villin <[email protected]>
8 months agovpp_config: leave kernel.shmmax alone by default 61/42261/3
Benoît Ganne [Tue, 28 Jan 2025 14:46:32 +0000 (15:46 +0100)]
vpp_config: leave kernel.shmmax alone by default

Linux default settings are enough, and modifying them can break other
applications.

Type: improvement

Change-Id: I773b730802bae78b0f33ca3ff31d9ee2ffa82f89
Signed-off-by: Benoît Ganne <[email protected]>
8 months agohsa: http connect proxy fix 69/42269/2
Matus Fabian [Thu, 30 Jan 2025 14:33:06 +0000 (09:33 -0500)]
hsa: http connect proxy fix

Type: fix

Change-Id: I4fb493c98ed6d59d10fad0e5ef73b6f80f6b232e
Signed-off-by: Matus Fabian <[email protected]>
8 months agohs-test: fix broken test 68/42268/4
Matus Fabian [Thu, 30 Jan 2025 09:36:14 +0000 (04:36 -0500)]
hs-test: fix broken test

AssertContains and AssertNotContains are now case insensitive to
prevent issues like in HttpPersistentConnectionTest.

Type: test

Change-Id: Ic52e3fa5a7d1d5cb8486e86aa39a845cbd911d94
Signed-off-by: Matus Fabian <[email protected]>
8 months agoipsec: add SA inbound and outbound runtime data 51/42251/16
Damjan Marion [Tue, 28 Jan 2025 14:59:18 +0000 (14:59 +0000)]
ipsec: add SA inbound and outbound runtime data

Type: improvement
Change-Id: I0f949b67fb5b65fa1a79ffb7777d654693f0de6a
Signed-off-by: Damjan Marion <[email protected]>
8 months agohttp: conn state consistency with other transports 65/42265/2
Florin Coras [Wed, 29 Jan 2025 07:31:23 +0000 (23:31 -0800)]
http: conn state consistency with other transports

Maintain transport state formatting consistency, i.e., upper case
states.

If we revisit, we should revisit all transports.

Type: refactor

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I143e13aa5e8525bb276db9b4ec0e0baa153d1b44

8 months agosflow: replace VAPI with DLAPI 52/42252/8
Pim van Pelt [Sat, 25 Jan 2025 11:49:20 +0000 (12:49 +0100)]
sflow: replace VAPI with DLAPI

Remove the requirement to coordinate between linux-cp and sflow at
build time via cmake. Also, remove 350 lines of awkward thread-forking
VAPI code. Replace it with a dynamically retrieved function from the
linux-cp plugin, called lcp_itf_pair_get_vif_index_by_phy().

Remove build inhibit based on Netlink headers, and only inhibit the
build for FreeBSD. This plugin can now run regardless of Linux CP
being built or loaded, and then return VPP ifIndex numbers instead.

Also, fix a flaky test where non-ephemeral source ports throw off
packet captures.

Type: improvement
Change-Id: I5486742fa0e343e382630a22672a05fe3dcf7836
Signed-off-by: [email protected]
Signed-off-by: [email protected]
8 months agovpp_config: leave vm.max_map_count alone by default 62/42262/1
Dave Barach [Tue, 28 Jan 2025 16:49:57 +0000 (11:49 -0500)]
vpp_config: leave vm.max_map_count alone by default

Do not set vm.max_map_count to 3096 by default. That value is an order
of magnitude smaller than current distro defaults, and causes
seemingly "random" severe application failures; known to occur when
running Brave, Firefox, and VirtualBox to name but a few.

Type: fix

Change-Id: Ibe7518d92c3be9a4704972c9d504777776f924dc
Signed-off-by: Dave Barach <[email protected]>
8 months agoarmada: fix DSA packet grouping issue on rx 50/42250/2
Damjan Marion [Fri, 24 Jan 2025 11:24:51 +0000 (12:24 +0100)]
armada: fix DSA packet grouping issue on rx

Type: fix
Change-Id: I9a56267f6e016827971744c932aa5da36c92c8f0
Signed-off-by: Damjan Marion <[email protected]>
9 months agosession: make local port allocator fib aware 87/40287/9
Florin Coras [Sat, 3 Feb 2024 02:25:04 +0000 (18:25 -0800)]
session: make local port allocator fib aware

Allocate ports per fib.

Type: improvement

Change-Id: I9e1f113602485bfb09f71092eee58b9a433daa6a
Signed-off-by: Florin Coras <[email protected]>
9 months agovcl: fix sigchld handler recursion 47/42247/1
Florin Coras [Fri, 24 Jan 2025 02:31:33 +0000 (21:31 -0500)]
vcl: fix sigchld handler recursion

Observed with hst redis test and ubuntu 24.04

Type: fix

Change-Id: I22b28af5ca26498250c31edeb3db224a2e12e19d
Signed-off-by: Florin Coras <[email protected]>
9 months agosession: validate new app worker on update reqest 46/42246/1
Florin Coras [Fri, 24 Jan 2025 00:20:05 +0000 (19:20 -0500)]
session: validate new app worker on update reqest

Type: fix

Change-Id: Id9cec0c802024c1df0ac06a0f8833379a782e9de
Signed-off-by: Florin Coras <[email protected]>
9 months agohttp_static: introduce max-body-size parameter 75/42175/15
Semir Sionek [Fri, 17 Jan 2025 15:06:23 +0000 (10:06 -0500)]
http_static: introduce max-body-size parameter

Introduce the max-body-size parameter to put a limit on how big of a
POST request can the static server take (and how big of a memory
allocation that causes).

Type: improvement
Change-Id: I93cdeaf38dabe2850665e92bedbaa0545c375214
Signed-off-by: Semir Sionek <[email protected]>
9 months agohttp: move header serialization to http transport 36/42236/5
Matus Fabian [Wed, 22 Jan 2025 15:31:22 +0000 (10:31 -0500)]
http: move header serialization to http transport

Apps called http_serialize_headers, which creates plain text buffer,
this is now hidden in http transport layer and apps pass headers in
generic form, so they can be encoded based on http version.

Type: improvement

Change-Id: Ie4fa0516cd3406d60f956751c8ee7ab40e633fa4
Signed-off-by: Matus Fabian <[email protected]>
9 months agobuild: add golang checkstyle for hs-test to ci checkstyle-test target 37/42237/7
Dave Wallace [Thu, 23 Jan 2025 03:43:33 +0000 (22:43 -0500)]
build: add golang checkstyle for hs-test to ci checkstyle-test target

- Ensure extras/hs-test code is verified for style compliance in
  the vpp-checkstyle-verify-*-*-* ci jobs

Type: make

Change-Id: If3900cbc028f0bd38b14fb9dd08841e21fec15da
Signed-off-by: Dave Wallace <[email protected]>
9 months agosflow: Update build rules 42/42242/4
Pim van Pelt [Thu, 23 Jan 2025 10:04:19 +0000 (11:04 +0100)]
sflow: Update build rules

1) we rely on Netlink PSAMPLE and USERSOCK make sure we have headers
2) sflow plugin is not available on FreeBSD, due to Netlink features
3) preprocessor flag SFLOW_USE_VAPI controls whether the sflow plugin
will attempt to contact the linux-cp plugin using the binary VAPI. It
has to be a preprocessor flag so it can suppress the "#include"
statements that define that linux-cp api, because those include files
will be missing if linux-cp is excluded from the build.

The "excluded_plugins" list can be used with:
make VPP_EXCLUDED_PLUGINS=linux-cp build build-release

Type: fix
Fixes: e40f8a90bb0c39986c198fca8ad9b0b3c1658401
Change-Id: If44929d285d27db7862910ecb4ec11ddd4591fd2
Signed-off-by: [email protected]
9 months agotests: fix docs compile syntax warning 59/42059/2
fenglei [Sat, 21 Dec 2024 10:15:12 +0000 (18:15 +0800)]
tests: fix docs compile syntax warning

- make docs will generate syntax warning
/opt/vpp/docs/_scripts/siphon/generate.py:31: SyntaxWarning: invalid escape sequence '\s'
  siphon_block_start = re.compile("^\s*/\*\?\s*(.*)$")
/opt/vpp/docs/_scripts/siphon/generate.py:34: SyntaxWarning: invalid escape sequence '\s'
  siphon_block_stop = re.compile("^(.*)\s*\?\*/\s*$")
/opt/vpp/docs/_scripts/siphon/generate.py:42: SyntaxWarning: invalid escape sequence '\s'
  "(%s)\s*([a-zA-Z0-9_:]+)\s+(.*)\s*(%s)"
/opt/vpp/docs/_scripts/siphon/generate.py:47: SyntaxWarning: invalid escape sequence '\s'
  siphon_initializer = re.compile("\s*=")
/opt/vpp/docs/_scripts/siphon/generate_clicmd.py:23: SyntaxWarning: invalid escape sequence '\s'
  "(?P<m>VLIB_CLI_COMMAND)\s*" "[(](?P<name>[a-zA-Z0-9_]+)(,[^)]*)?[)]"
/opt/vpp/docs/_scripts/siphon/generate_syscfg.py:23: SyntaxWarning: invalid escape sequence '\s'
  "(?P<m>VLIB_CONFIG_FUNCTION)\s*"
/opt/vpp/docs/_scripts/siphon/generate_syscfg.py:24: SyntaxWarning: invalid escape sequence '\s'
  '[(](?P<fn>[a-zA-Z0-9_]+)\s*,\s*"(?P<name>[^"]*)"[)]'

Type: improvement

Change-Id: I6f7555cb0368a671a8bb164d51466d526895e925
Signed-off-by: fenglei <[email protected]>
9 months agobuild: support anolis8 operation for vpp 13/42113/2
fenglei [Thu, 9 Jan 2025 10:01:53 +0000 (18:01 +0800)]
build: support anolis8 operation for vpp

Type: improvement

support anolis8 operation for vpp executing make install-deps command

Change-Id: I854d0d1b4768c0df5898ab61a4f22d9d02ed2397
Signed-off-by: fenglei <[email protected]>
9 months agobuild: add support for debian trixie 86/42086/4
Vladimir Smirnov [Fri, 3 Jan 2025 11:46:53 +0000 (12:46 +0100)]
build: add support for debian trixie

Debian testing is currently codenamed trixie and planned
to be released in 2025. As it is still 'testing', it doesn't
define VERSION_ID in /etc/os-release file, therefore it
should be matched by VERSION_CODENAME instead

That patch adds support for forcing VERSION_ID based on
codename in case VERSION_ID is absent and defines correct
dependencies for debian/trixie.

Type: make

Change-Id: Idb68630a7ec53d99223e4f6496db4b3a5b61363e
Signed-off-by: Vladimir Smirnov <[email protected]>
9 months agosvm: improve ooo try collect 50/42050/9
Florin Coras [Thu, 19 Dec 2024 07:20:14 +0000 (23:20 -0800)]
svm: improve ooo try collect

Use modular arithmetic just like the other ooo functions.

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ie39bb928634fe0956339feafb41667ec9cafeee2

9 months agosession: cleanup io event functions 12/42212/3
Florin Coras [Tue, 21 Jan 2025 21:07:28 +0000 (16:07 -0500)]
session: cleanup io event functions

Program session events using session handles instead of fifos.

Type: improvement

Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a
Signed-off-by: Florin Coras <[email protected]>
9 months agosession svm: track session indices in private struct 57/41157/13
Florin Coras [Wed, 19 Jun 2024 05:00:41 +0000 (22:00 -0700)]
session svm: track session indices in private struct

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f

9 months agohttp: case-insensitive header table search 99/42199/4
Matus Fabian [Fri, 17 Jan 2025 19:46:30 +0000 (14:46 -0500)]
http: case-insensitive header table search

header names are case-insensitive, see RFC9110 section 5.1

Type: improvement

Change-Id: Ic5ef5615397537ba48fc56b18c882fa838c54751
Signed-off-by: Matus Fabian <[email protected]>
9 months agocrypto-native: add fixed tag and aad size ops 63/42163/8
Damjan Marion [Thu, 16 Jan 2025 16:03:29 +0000 (16:03 +0000)]
crypto-native: add fixed tag and aad size ops

Type: improvement
Change-Id: I6bbb48c999859899e2f82c65cbfd015dc1ad584c
Signed-off-by: Damjan Marion <[email protected]>