vpp.git
22 months agomisc: fix tracedump `show graph` out-of-buffer 63/40063/4
Dmitry Valter [Tue, 5 Dec 2023 17:16:57 +0000 (17:16 +0000)]
misc: fix tracedump `show graph` out-of-buffer

Use the correct string type for vlib_get_node_by_name. Found by ASAN.

Type: fix
Signed-off-by: Dmitry Valter <[email protected]>
Change-Id: I679d27050487e013e3320a4c558d78fa60c5e98a

22 months agocrypto-ipsecmb: bump intel-ipsec-mb version to 1.5 77/39977/2
Ranjan Raj [Wed, 29 Nov 2023 05:47:44 +0000 (05:47 +0000)]
crypto-ipsecmb: bump intel-ipsec-mb version to 1.5

This patch update the Intel IPsec-MB lib to v1.5

Type: feature

Change-Id: Ib2b5d28866f52d428d9400318cffcae11f935c3f
Signed-off-by: Ranjan Raj <[email protected]>
22 months agovnet: allow format deleted swifidx 78/40078/3
Nathan Skrzypczak [Wed, 6 Dec 2023 16:34:57 +0000 (17:34 +0100)]
vnet: allow format deleted swifidx

This patch prevents the sw interfaces format
function to fail when the interface was deleted.
It also prints the swifindex alongside the 'DELETED'
keyword.

Printing deleted swifindex should not happen, but it is still
helpful to have these safeguards for troubleshooting in the case
invariants get corrupted (e.g. fib entry refcounts, ...)

Type: improvement

Change-Id: I66711049db2eebe0ad17e37c3a260ac81d1e5134
Signed-off-by: Nathan Skrzypczak <[email protected]>
22 months agodpdk: bump to DPDK 23.11 67/40067/2
Kai Ji [Tue, 5 Dec 2023 23:38:39 +0000 (23:38 +0000)]
dpdk: bump to DPDK 23.11

This patch bumps DPDK version to 23.11

Type: feature

Change-Id: Id19fa6e2789ffa3264614a011656dfe2303173ab
Signed-off-by: Kai Ji <[email protected]>
22 months agotests: tracedump test replace hardcoded value 69/40069/9
hsandid [Wed, 6 Dec 2023 10:14:19 +0000 (11:14 +0100)]
tests: tracedump test replace hardcoded value

Type: fix

Fetch 'pg-input' node index instead
of using a hardcoded value

Change-Id: I1ca27ddb54806530b546085d83e83b880acc4573
Signed-off-by: hsandid <[email protected]>
22 months agoiavf: set max_pkt_size even for disabled queues to make i40e PF driver happy 59/40059/1
Damjan Marion [Tue, 5 Dec 2023 12:23:31 +0000 (13:23 +0100)]
iavf: set max_pkt_size even for disabled queues to make i40e PF driver happy

Type: improvement
Change-Id: I3daf6c32888a15c7ef1f32e729c1e23765d14dc6
Signed-off-by: Damjan Marion <[email protected]>
22 months agol2: resolve l2 rewrite entry 'hit_count' always being 0 bug 43/39943/8
yanlong [Sun, 19 Nov 2023 14:19:42 +0000 (06:19 -0800)]
l2: resolve l2 rewrite entry 'hit_count' always being 0 bug

The hit_count does not implement the corresponding processing logic, and here the missing is fixed

Type: fix
Fixes: missing

Change-Id: I04a8e11d6b48c2a15c371cbeb2467fa89a9d82bb
Signed-off-by: yanlong <[email protected]>
22 months agohttp: fix coverity warning 48/40048/2
Filip Tehlar [Mon, 4 Dec 2023 08:57:00 +0000 (09:57 +0100)]
http: fix coverity warning

Type: fix

Change-Id: I659a67293763a6035cfa64a4057ebf716fe93ab4
Signed-off-by: Filip Tehlar <[email protected]>
22 months agoiavf: add missing cfg_change_validate callback 50/40050/2
Damjan Marion [Mon, 4 Dec 2023 14:25:12 +0000 (15:25 +0100)]
iavf: add missing cfg_change_validate callback

Type: fix
Fixes: 47447f1f
Change-Id: I438f5535bc48ca5397b8f5d3fbbd893ca6a511b4
Signed-off-by: Damjan Marion <[email protected]>
22 months agoiavf: workaround for case when PF driver sends zero for max_mtu 49/40049/2
Damjan Marion [Mon, 4 Dec 2023 12:15:23 +0000 (12:15 +0000)]
iavf: workaround for case when PF driver sends zero for max_mtu

Type: improvement
Change-Id: Ie4b2b958a24cdde8c183b700d864fc6f5b0df08f
Signed-off-by: Damjan Marion <[email protected]>
22 months agodev: mark API handlers as thread safe 24/40024/2
Damjan Marion [Wed, 29 Nov 2023 13:54:15 +0000 (13:54 +0000)]
dev: mark API handlers as thread safe

Type: improvement
Change-Id: I2acab04ddb6a46a637ed17c683fb37ed7bce3df6
Signed-off-by: Damjan Marion <[email protected]>
22 months agosession: no segment handle on worker del 45/40045/2
Florin Coras [Sat, 2 Dec 2023 02:47:45 +0000 (18:47 -0800)]
session: no segment handle on worker del

Coverity report.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3ce06634b30688d2a9581b50d462092daa8b4cac

22 months agovcl: remove perror ldp call 44/40044/2
Florin Coras [Fri, 1 Dec 2023 21:23:35 +0000 (13:23 -0800)]
vcl: remove perror ldp call

Reported by coverity

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Idae1bceb1eeb6dfe0394eed39ced9d09342d201f

22 months agoipsec: should use praddr_ instead of pladdr_ 28/39228/2
Dengfeng Liu [Thu, 13 Jul 2023 12:57:59 +0000 (20:57 +0800)]
ipsec: should use praddr_ instead of pladdr_

Type: fix

Change-Id: I982ef624226807d7c263e3ff83c108f7d31f61f1
Signed-off-by: Dengfeng Liu <[email protected]>
22 months agotests: Added tracedump plugin tests 61/39861/12
adrianvillin [Fri, 10 Nov 2023 11:48:16 +0000 (12:48 +0100)]
tests: Added tracedump plugin tests

Type: test

Change-Id: Ie054924eb5e5b2b146db8d2b63511c8b0400f045
Signed-off-by: adrianvillin <[email protected]>
22 months agoiavf: limit maximum number of queues to 32 30/40030/2
Damjan Marion [Thu, 30 Nov 2023 17:16:20 +0000 (17:16 +0000)]
iavf: limit maximum number of queues to 32

First genaration of AVF APIs we currently use doesn't support more...

Type: improvement
Change-Id: I1ae27f322403a2b455fcad8b028fa2004b449789
Signed-off-by: Damjan Marion <[email protected]>
22 months agodev: use the endian reply macro 28/40028/2
Vratko Polak [Thu, 30 Nov 2023 16:42:25 +0000 (17:42 +0100)]
dev: use the endian reply macro

Checkstyle also forces the new indentation.

Type: fix
Fixes: ddf6cec37027547ff7cc61e15bb8080664d41514

Change-Id: Ife96928d6ca30ba94e1c423d557d6ed9d68eca2b
Signed-off-by: Vratko Polak <[email protected]>
22 months agohs-test: add http prom test 21/40021/2
Filip Tehlar [Wed, 29 Nov 2023 11:59:05 +0000 (12:59 +0100)]
hs-test: add http prom test

Type: test

Change-Id: Ia15ecc3cf2c087a6959601ff02e187c32570ff60
Signed-off-by: Filip Tehlar <[email protected]>
22 months agosession: no reply on app del worker with sapi 17/40017/2
Florin Coras [Tue, 28 Nov 2023 23:28:16 +0000 (15:28 -0800)]
session: no reply on app del worker with sapi

With socket api, applications should not expect reply after worker del
msg. VCL in particular closes the socket after it enqueues the message.

Found by ASAN.

Type: fix

Signed-off-by: Dmitry Valter <[email protected]>
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I1be02a0cde6b96a96edb709f3fe30bbc01ff2d24

22 months agovcl: fix init of ldp workers 18/40018/4
Florin Coras [Wed, 29 Nov 2023 00:05:29 +0000 (16:05 -0800)]
vcl: fix init of ldp workers

LDP workers is used as vector but was initialized as a pool. There was
no side effect but ASAN does not properly unpoison memory and this
triggers false used-after-poison crashes.

Type: fix

Signed-off-by: Dmitry Valter <[email protected]>
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ie769dad0e86ab970de9929800d0a4131f846e70e

22 months agotcp: fix rxt send of new data assert 19/40019/2
Florin Coras [Wed, 29 Nov 2023 07:21:18 +0000 (23:21 -0800)]
tcp: fix rxt send of new data assert

We might have less than 1 mss when attempting write but more after
write, as application could be actively enqueuing more data. Relax
assert.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I54a83c4460f8e022a88758f0ebd7828df711dbb9

22 months agopci: fix MSI-X vector length check 22/40022/1
Damjan Marion [Wed, 29 Nov 2023 12:32:54 +0000 (12:32 +0000)]
pci: fix MSI-X vector length check

Type: fix
Fixes: 38c6191
Change-Id: I7760947986dc56236f2494fb1c8c238321489ef6
Signed-off-by: Damjan Marion <[email protected]>
22 months agotcp: allow unsent segments less than mss in recovery 11/40011/2
Florin Coras [Tue, 28 Nov 2023 00:03:26 +0000 (16:03 -0800)]
tcp: allow unsent segments less than mss in recovery

During recovery, send unsent data even if less than mss available as
application is not guaranteed to provide more.

This should speed up recovery when all data in flight was lost.

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I7a3c73a0d04d93d51a5910d85450c173c3ad8e93

22 months agotcp: add counter for accepted connections 16/40016/3
Florin Coras [Tue, 28 Nov 2023 19:30:42 +0000 (11:30 -0800)]
tcp: add counter for accepted connections

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I2925134cfcfa36c14b3b69efa892b9b96fce2e6f

22 months agosession: fix asan failure 15/40015/4
Georgy Borodin [Tue, 28 Nov 2023 15:04:27 +0000 (16:04 +0100)]
session: fix asan failure

fix asan failure when params number is less then 3:
functions that are set as format_half_open pointer values have
different number of arguments

Type: fix
Fixes: de9a849a18514f0b09bb5f57a73f6a57ee425c76
Change-Id: I6b6e1adf4ffc0c1ec847613f00fe269af640d42b
Signed-off-by: Georgy Borodin <[email protected]>
22 months agotests: fix default node variant in tests 58/33758/3
Dmitry Valter [Sun, 19 Sep 2021 20:50:57 +0000 (23:50 +0300)]
tests: fix default node variant in tests

Pass a correct form of node variant config in tests

Type: fix
Signed-off-by: [email protected]
Change-Id: I8cdc240b18a1664e57a5814d6cd644891c99f515
Fixes: 8800f732f868bf54da8adba05e38bd2477895ca5

22 months agotests: Added NSIM plugin tests 00/39900/15
adrianvillin [Thu, 16 Nov 2023 09:03:00 +0000 (10:03 +0100)]
tests: Added NSIM plugin tests

Type: test

Change-Id: Id621a806b853688ced7c6a38e1a9e5f298d2b97e
Signed-off-by: adrianvillin <[email protected]>
22 months agotests: refactor pcap file deletion to improve robustness 12/40012/2
Dave Wallace [Tue, 28 Nov 2023 01:23:03 +0000 (20:23 -0500)]
tests: refactor pcap file deletion to improve robustness

Type: test

Change-Id: I504c079126bd8b33c5e217a1b9086788a8c778e5
Signed-off-by: Dave Wallace <[email protected]>
22 months agofib: fix fib_path_create() with drop targets 01/40001/2
Alexander Skorichenko [Fri, 24 Nov 2023 08:59:42 +0000 (09:59 +0100)]
fib: fix fib_path_create() with drop targets

Properly set type
path->fp_type = FIB_PATH_TYPE_SPECIAL
for paths with (path->fp_cfg_flags & FIB_PATH_CFG_FLAG_DROP)

Type: fix

Change-Id: Id61dbcda781d872b878e6a6410c05b840795ed46
Signed-off-by: Alexander Skorichenko <[email protected]>
22 months agotests: Excluded some components from LCOV 10/40010/2
adrianvillin [Mon, 27 Nov 2023 17:44:07 +0000 (18:44 +0100)]
tests: Excluded some components from LCOV

Type: test

Change-Id: I387611cfc361e664eb1e78ae669ba4e3901c4fe6
Signed-off-by: adrianvillin <[email protected]>
22 months agobfd: fix buffer leak when cannot send periodic packets 97/39997/2
Alexander Chernavin [Thu, 23 Nov 2023 11:36:09 +0000 (11:36 +0000)]
bfd: fix buffer leak when cannot send periodic packets

When a periodic BFD packet cannot be sent because the interface is
disabled, the allocated buffer needs to be freed. This currently will
occur for IPv4 sessions. However, buffers will leak for IPv6 sessions as
in this case, bfd_transport_control_frame() and bfd_transport_udp6()
will not indicate failure.

With this fix, stop always returning success in bfd_transport_udp6() and
start returning the actual return value.

Type: fix
Change-Id: I5fa4d9206e32cccae3053ef24966d80e2022fc81
Signed-off-by: Alexander Chernavin <[email protected]>
22 months agotcp: allow multiple rxt rescues during recovery 07/40007/2
Florin Coras [Sat, 25 Nov 2023 17:00:44 +0000 (09:00 -0800)]
tcp: allow multiple rxt rescues during recovery

Type: improvement

Change-Id: Ia8d7cd6ff9b1449d986d514d9556cbf803deb670
Signed-off-by: Florin Coras <[email protected]>
23 months agodev: initial set of APIs 99/39999/3
Damjan Marion [Wed, 22 Nov 2023 16:25:55 +0000 (16:25 +0000)]
dev: initial set of APIs

Type: improvement
Change-Id: I9ecbf705d460a1744f36c7005b08097dc58d9522
Signed-off-by: Damjan Marion <[email protected]>
23 months agodev: fix null dereference of arg list 38/39938/2
Damjan Marion [Thu, 16 Nov 2023 19:14:12 +0000 (19:14 +0000)]
dev: fix null dereference of arg list

Type: fix
Fixes: 69768d9
Change-Id: Iafd3a55634583f2799a81c477ccbf5e53b6f29d0
Signed-off-by: Damjan Marion <[email protected]>
23 months agoavf: put sentinel at correct place 48/39948/4
Vratko Polak [Wed, 22 Nov 2023 12:39:47 +0000 (13:39 +0100)]
avf: put sentinel at correct place

The previous fix was adding the sentinel before refilling rx,
which gave the NIC time to overwrite it with a new descriptor.

Ticket: VPP-2087
Type: fix
Fixes: 8b4d474abd62c623502ad9a4a279a9b4535ca0c1

Change-Id: I32bde4a763a62fb66c5c3871d9f10af6066e2d47
Signed-off-by: Vratko Polak <[email protected]>
23 months agosession: per app wrk client ct segment handle 46/39946/5
Florin Coras [Mon, 20 Nov 2023 22:46:10 +0000 (14:46 -0800)]
session: per app wrk client ct segment handle

Make sure ct client segment handles do not collide if multi worker
application establishes cut-through sessions to only one server segment
manager.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I905379f9ed73c64d57a826a3e97d53dab3a87517

23 months agovirtio: fix cli parsing for tx-queue-size 72/39872/4
Vratko Polak [Tue, 14 Nov 2023 18:41:11 +0000 (19:41 +0100)]
virtio: fix cli parsing for tx-queue-size

The previous change made CSIT virtio tests fail,
but those tests are not part of trending.

Ticket: VPP-2088
Type: fix
Fixes: a181eaa59bb2ff2784376918e95bbf92e5340db1

Change-Id: If0439a030c051894e07007da9cf0a2e4dc1434c3
Signed-off-by: Vratko Polak <[email protected]>
23 months agosession: add session lookup cli for stats 41/39941/8
Florin Coras [Sat, 18 Nov 2023 00:35:04 +0000 (16:35 -0800)]
session: add session lookup cli for stats

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I96bff47206ef64ea7369ae92e1b9ff1f74dfd71b

23 months agodpdk: fix description for mlx5_pci driver 86/39586/4
Nobuhiro MIKI [Tue, 26 Sep 2023 06:39:28 +0000 (15:39 +0900)]
dpdk: fix description for mlx5_pci driver

This is because mlx5_pci is also compatible with another
series of NICs such as ConnectX-5 and ConnectX-6.

Type: fix
Change-Id: I10f0468bbe36ab61c72fb3dc0aa898f8e2f9e88c
Signed-off-by: Nobuhiro MIKI <[email protected]>
23 months agosession: always clear rx evt flag on ntf 40/39940/3
Florin Coras [Fri, 17 Nov 2023 05:16:13 +0000 (21:16 -0800)]
session: always clear rx evt flag on ntf

Apps may drain fifos prior to handling of accept notification, e.g.,
vcl session relying on epoll lt mode.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I7d105d35a6bf33c419f4f137a5132e6a5d294fe7

23 months agoipsec: keep esp encrypt pointer and index synced 36/39936/2
Matthew Smith [Thu, 16 Nov 2023 02:27:29 +0000 (02:27 +0000)]
ipsec: keep esp encrypt pointer and index synced

Type: fix

In esp_encrypt_inline(), an index and pointer to the last processed SA
are stored. If the next packet uses the same SA, we defer on updating
counters until a different SA is encountered.

The pointer was being retrieved, then the SA was checked to see if the
packet should be dropped due to no crypto/integ algs, then the index was
updated. If the check failed, we would skip further processing and now
the pointer refers to a different SA than the index. When you have a
batch of packets that are encrypted using an SA followed by a packet
which is dropped for no algs and then more packets to be encrypted using
the original SA, the packets that arrive after the one that was dropped
end up being processed using a pointer that refers to the wrong SA data.
This can result in a segv.

Update the current_sa_index at the same time that the sa0 pointer is
updated.

Signed-off-by: Matthew Smith <[email protected]>
Change-Id: I65f1511a37475b4f737f5e1b51749c0a30e88806

23 months agodev: startup.conf handling improvements 96/39896/4
Damjan Marion [Wed, 15 Nov 2023 21:47:37 +0000 (22:47 +0100)]
dev: startup.conf handling improvements

Type: improvement
Change-Id: I74fb01061b4949d68ec39d0b7d08e6df8dc44b98
Signed-off-by: Damjan Marion <[email protected]>
23 months agodev: device and port specific args 81/39881/2
Damjan Marion [Mon, 13 Nov 2023 17:33:32 +0000 (17:33 +0000)]
dev: device and port specific args

Type: improvement
Change-Id: I26124a50d8e05d6f01a2e6dbc4bc8183fb5a09c4
Signed-off-by: Damjan Marion <[email protected]>
23 months agodhcp: api to enable client detect on interface 18/39718/3
Ole Troan [Thu, 19 Oct 2023 07:05:38 +0000 (09:05 +0200)]
dhcp: api to enable client detect on interface

DHCPv4 aka BOOTP is somewhat awkward. A DHCP client
on an interface must receive DHCP packets to
the broadcast address or to a unicast address.
Apparently before it's been assigned to itself.

Add this new API to allow external DHCP clients
enable the DHCP client detect feature per interface.

Type: improvement
Change-Id: If55aac03f25a045496be483940e4f5e7e18885b9
Signed-off-by: Ole Troan <[email protected]>
23 months agomisc: VPP 23.10 Release Notes 51/39751/1
Andrew Yourtchenko [Fri, 20 Oct 2023 09:24:01 +0000 (11:24 +0200)]
misc: VPP 23.10 Release Notes

Type: docs
Signed-off-by: Andrew Yourtchenko <[email protected]>
Change-Id: Icd40064c06ccc53efba1cd9564613108b999b656
(cherry picked from commit 7c4027fa5e42a8cc7176cd62ab7a0043fb1933ff)

23 months agodocs: Remove references to vlan-strip-offload as it is deprecated 44/39844/3
Steven Luong [Tue, 7 Nov 2023 21:41:16 +0000 (13:41 -0800)]
docs: Remove references to vlan-strip-offload as it is deprecated

Type: fix

Change-Id: I3a258433cf507f48cd67332387eb7fef103a88f8
Signed-off-by: Steven Luong <[email protected]>
23 months agoflowprobe: fix L3 header offset calculation for tx flows 70/39870/2
Alexander Chernavin [Tue, 14 Nov 2023 11:33:46 +0000 (11:33 +0000)]
flowprobe: fix L3 header offset calculation for tx flows

The recent TX flows generation fix introduced "l3_hdr_offset" which
represents the offset of the IP header in the buffer's data. The problem
is that it is erroneously defined as a 16-bit unsigned integer. If the
calculated offset is negative, "l3_hdr_offset" will get a value close to
UINT16_MAX. And the code will search the IP header somewhere beyond the
buffer's data. For example, this will occur in the case when an ICMP
error is being sent in response to a received packet.

With this fix, make "l3_hdr_offset" a signed integer.

Type: fix
Change-Id: I6f1283c7ba02656d0f592519b5863e68348c5583
Signed-off-by: Alexander Chernavin <[email protected]>
23 months agovppinfra: respect indent in format_table 68/39868/2
Damjan Marion [Mon, 13 Nov 2023 21:46:48 +0000 (21:46 +0000)]
vppinfra: respect indent in format_table

Change-Id: Ib7e5cb5adfe81e5cc6243125d91f5179608a7733
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
23 months agovppinfra: add unformat_{single,double}_quoted_string function 67/39867/2
Damjan Marion [Mon, 13 Nov 2023 21:43:17 +0000 (21:43 +0000)]
vppinfra: add unformat_{single,double}_quoted_string function

Change-Id: I8ee90be1b772074c1130b98c71b3be48c973b2e2
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
23 months agotests: retry unlinking pcap files on os error 51/39851/2
Dave Wallace [Wed, 8 Nov 2023 20:55:56 +0000 (15:55 -0500)]
tests: retry unlinking pcap files on os error

Type: test

Change-Id: I270798ed68f04bd3974dd39c44e85dad5fa02de0
Signed-off-by: Dave Wallace <[email protected]>
23 months agoena: Amazon Elastic Network Adapter (ENA) native driver 19/38819/42
Damjan Marion [Mon, 13 Nov 2023 12:18:24 +0000 (12:18 +0000)]
ena: Amazon Elastic Network Adapter (ENA) native driver

Type: feature
Change-Id: Icd9de05f2cbac0e5a6dfb1f1414f21dc4b893104
Signed-off-by: Damjan Marion <[email protected]>
23 months agodev: add change_max_rx_frame_size capability 54/39854/2
Damjan Marion [Wed, 8 Nov 2023 19:12:27 +0000 (19:12 +0000)]
dev: add change_max_rx_frame_size capability

Type: improvement
Change-Id: I922e216818b78f2fe7689c21a1d27d74a0ae28b8
Signed-off-by: Damjan Marion <[email protected]>
23 months agoflowprobe: fix tx flows generated for rewritten traffic 48/39848/3
Alexander Chernavin [Tue, 7 Nov 2023 11:25:21 +0000 (11:25 +0000)]
flowprobe: fix tx flows generated for rewritten traffic

Currently, when IPFIX records generation is enabled for an interface in
the TX direction, some rewritten traffic is being sent from that
interface, and the Ethernet header's location has changed due to
rewriting, generated TX flows will contain fields with wrong and zero
values. For example, that can be observed when traffic is rewritten from
a subinterface to a hardware interface (i.e. when tags are removed). A
TX flow generated in this case will have wrong L2 fields because of an
incorrectly located Ethernet header. And zero L3/L4 fields because the
Ethernet type will match neither IP4 nor IP6.

The same code is executed to generate flows for both input and output
features. And the same mechanism is applied to identify the Ethernet
header in the buffer's data. However, such general code usually works
with the buffer's data conditionally based on the direction. For most
input features, the buffer's current_data will likely point to the IP
header. For most output features, the buffer's current_data will likely
point to the Ethernet header.

With this fix:
 - Keep relying on ethernet_buffer_get_header() to locate the Ethernet
   header for input features. And start using vlib_buffer_get_current()
   to locate the Ethernet header for output features. The function will
   account for the Ethernet header's position change in the buffer's
   data if there is rewriting.

 - After fixing Ethernet header determination in the buffer's data,
   L3/L4 fields will contain non-zero but still incorrect data. That is
   because IP header determination needs to be fixed too. It currently
   relies on the fact that the Ethernet header is always located at the
   beginning of the buffer's data and that l2_hdr_sz can be used as an
   IP header offset. However, this may not be the case after rewriting.
   So start calculating the actual offset of the IP header in the
   buffer's data.

 - Add a unit test to cover the case.

Type: fix
Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7
Signed-off-by: Alexander Chernavin <[email protected]>
23 months agotls: fix forced ho cleanup 63/39863/2
Florin Coras [Fri, 10 Nov 2023 17:48:39 +0000 (09:48 -0800)]
tls: fix forced ho cleanup

Do not force cleanup of tcp half-open connection if tcp's cleanup
notification to tls is pending.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I7bccbe8429a4aab10df1c89b66138b967e04ac19

23 months agogtpu: support non-G-PDU packets and PDU Session 73/38573/12
Rune E. Jensen [Tue, 22 Nov 2022 09:35:03 +0000 (10:35 +0100)]
gtpu: support non-G-PDU packets and PDU Session

Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as
specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with
the gtpu plugin.

New features:
- Basic support for the GTP-U Extension Header Flag.
Packets with one extension can now be decapsulated.
This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0).
New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI).
With this, encapsulated packets will have the PDU Session extension header, and the QFI set.

- Ability to forward GTP-U packets that are not handled by the plugin directly.
Only GTP-U packets with a message type of 255 (G-PDU) are handled directly.
However, 3GPP TS 29.281 defines several other message types like echo and error indication.
A new feature is added to optionally forward unknown or unsupported packets to a new IP address.
This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown
GTP-U header.
This allows both echo and error indications from a 5G gNodeB to be handled by a different system
outside VPP.

- Simple way to get metrics for active tunnels and on tunnel close.
In 5G session/tunnel lifetime is often short and created frequently.
The normal API becomes too slow and inaccurate when too many tunnels are created and deleted
every second.

Improvements:
- A clean ground structure to handle multiple message type in the future.
The code path for G-PDU packets is optimized for performance, representing the typical case.
Unsupported GTP-U packets enter a slow path that decodes the nature of the error.
This presents a easy hook to handle other message types in the future.

- Improved error reporting
When using traces there is more details in the tunnel descriptions.

- Updated the API with several enums.

Fixes:
- gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code.
- vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels.

Issues:
- This PR does not enable full support of the 3GPP specification.
In particular it only supports a single QoS/QFI flow for each tunnel.
It ignores all incoming extension header flags.

- API functions might change again when/if more support of the 3GPP TS 38.415 spec is added.

Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on
my API changes.

Type: feature

Signed-off-by: Rune E. Jensen <[email protected]>
Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625

23 months agotests: perfmon - Added a check if test is running with root privileges 59/39859/2
adrianvillin [Fri, 10 Nov 2023 08:59:59 +0000 (09:59 +0100)]
tests: perfmon - Added a check if test is running with root privileges

Type: test

Change-Id: I1910f3ef79e9018aee032daca0f1932eccb7b9f9
Signed-off-by: adrianvillin <[email protected]>
23 months agoiavf: interrupt mode support 41/39841/5
Damjan Marion [Mon, 6 Nov 2023 00:05:57 +0000 (00:05 +0000)]
iavf: interrupt mode support

Type: improvement
Change-Id: Ie5fcaa706ab0995e0021cf1ee74b95c5a3b30283
Signed-off-by: Damjan Marion <[email protected]>
23 months agotls: fix handling of client and server init errors 55/39855/4
Florin Coras [Thu, 9 Nov 2023 03:57:38 +0000 (19:57 -0800)]
tls: fix handling of client and server init errors

- notify app on failed connect
- avoid cleanup of ctx before transport cleanup to be able to handle
pending rx notifications.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637

23 months agoipsec: IPsec fix constant propagation 13/39813/7
Maxime Peim [Tue, 31 Oct 2023 15:29:59 +0000 (16:29 +0100)]
ipsec: IPsec fix constant propagation

In some anti-replay, some functions weren't using the boolean
telling if the window was huge or not. Hence, limiting the constant
propagation at compilation.

Type: fix
Change-Id: Ie5f2dda38339bb32113c6f7b2b82c82135fc92a8
Signed-off-by: Maxime Peim <[email protected]>
23 months agotls: propagate transport closed notifications 52/39852/2
Florin Coras [Wed, 8 Nov 2023 21:11:06 +0000 (13:11 -0800)]
tls: propagate transport closed notifications

Notify app that transport is closed when tcp moves to closed state.

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I18cbe1ac16b1a48ecd06af4c1b5535e12e4b0e75

23 months agotls: avoid reads after tcp transport removed 53/39853/1
Florin Coras [Wed, 8 Nov 2023 22:14:17 +0000 (14:14 -0800)]
tls: avoid reads after tcp transport removed

Make sure underlying transport connection is not removed on rescheduled
read event.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f

23 months agotests: Fix http static test failing on retry 50/39850/2
adrianvillin [Wed, 8 Nov 2023 14:17:14 +0000 (15:17 +0100)]
tests: Fix http static test failing on retry

- test_http_static.py: If namespace creation fails, try to delete the namespace and create it again
- vpp_qemu_utils.py: Added "isinstance()" to "delete_namespace()" to match "create_namespace()"

Type: test

Change-Id: I88ff7a36f5d52816fee16283efba6af025496491
Signed-off-by: adrianvillin <[email protected]>
23 months agotests: added a simple perfmon plugin test 36/39836/3
adrianvillin [Tue, 7 Nov 2023 09:18:24 +0000 (10:18 +0100)]
tests: added a simple perfmon plugin test

Type: test

Change-Id: Ief0c0e13a2c19a03b48219d9a0d85256fb0c9dbe
Signed-off-by: adrianvillin <[email protected]>
23 months agotests: added simple CT6 plugin tests 11/39811/5
adrianvillin [Tue, 31 Oct 2023 13:15:44 +0000 (14:15 +0100)]
tests: added simple CT6 plugin tests

Type: test

Change-Id: I77f119ac982170627484d792dc456753c9847af8
Signed-off-by: adrianvillin <[email protected]>
23 months agodev: remove unused code 49/39849/1
Damjan Marion [Fri, 3 Nov 2023 13:47:05 +0000 (13:47 +0000)]
dev: remove unused code

Change-Id: If380e4ab6ca30243137fd31fbe51845c0414721a
Type: improvement
Signed-off-by: Damjan Marion <[email protected]>
23 months agodev: interrupt mode support 40/39840/2
Damjan Marion [Fri, 3 Nov 2023 13:47:05 +0000 (13:47 +0000)]
dev: interrupt mode support

Type: improvement
Change-Id: I4a0578598182339bcf76e6b01da76b590a06f773
Signed-off-by: Damjan Marion <[email protected]>
23 months agoaf_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flag 24/39824/2
Artem Glazychev [Thu, 2 Nov 2023 12:47:23 +0000 (19:47 +0700)]
af_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flag

af_packet does not process data until the interface is UP. If after interface creation, but before it is UP, the host interfaces are flooded, then blocking case may occur - VPP interface will never be able to process the data.
If the EDGE_TRIGGERED flag is set, the event will not arrive, because nothing new is happening anymore (probably because the queue is already full).
Therefore, we need to use LEVEL_TRIGGERED (default value), which indicates that there is still unprocessed data (accumulated after interface creation, but before it was UP).

Type: fix

Signed-off-by: Artem Glazychev <[email protected]>
Change-Id: Ied459fd194149d09f226bcb0a5907b3e327b148a

23 months agoflowprobe: fix clearing interface state on feature disabling 72/39772/3
Alexander Chernavin [Thu, 26 Oct 2023 11:48:06 +0000 (11:48 +0000)]
flowprobe: fix clearing interface state on feature disabling

As a result of recent fixes, all currently stored flows of an interface
are deleted when the feature is being disabled for the interface. This
includes stopping the timer and freeing the flow entries for further
reuse. The problem is that meta information is not cleared in the flow
entries being deleted. For example, packet delta count will keep its
value. The next flow that gets one of these pool entries will already
have a non-zero packet count. So the counting of packets will start from
a non-zero value. And incorrect packet delta count will be exported for
that flow.

With this fix, clear meta information too when clearing interface state.
Also, update the corresponding test to cover this case.

Type: fix
Change-Id: I9a73b3958adfd1676e66b0ed50f1478920671cca
Signed-off-by: Alexander Chernavin <[email protected]>
23 months agobuild: disable bogus warnings for GCC 12 08/39808/2
Jieqiang Wang [Mon, 24 Jul 2023 07:42:22 +0000 (15:42 +0800)]
build: disable bogus warnings for GCC 12

The array bounds and string overread check on GCC 12 report a dozen of
false positives that result in VPP build failures on ubuntu 22.04.
Work around this build issue by unconditionally disabling these two
warnings if C compiler is GCC 12 or newer version.

Type: fix
Signed-off-by: Jieqiang Wang <[email protected]>
Change-Id: I999e847bb625ebdf3ef5f11b11598c553f306670

23 months agomisc: silence -Wmaybe-uninitialized warnings 07/39807/2
Jieqiang Wang [Mon, 24 Jul 2023 08:52:06 +0000 (16:52 +0800)]
misc: silence -Wmaybe-uninitialized warnings

GCC 12 complains about such errors while the code itself looks good.

Type: fix
Signed-off-by: Jieqiang Wang <[email protected]>
Change-Id: I021719fdbf7d9bd93a12eac76aeac8cbca13a810

23 months agovppinfra: fix ASAN issue in vec_foreach_pointer and pool_foreach_pointer 33/39833/1
Damjan Marion [Mon, 6 Nov 2023 17:37:04 +0000 (17:37 +0000)]
vppinfra: fix ASAN issue in vec_foreach_pointer and pool_foreach_pointer

Change-Id: If9381ae7283488b352a3c22f85732cd56ac6bfd9
Type: fix
Fixes: 993735991ff0e9
Signed-off-by: Damjan Marion <[email protected]>
23 months agoipsec: delete redundant code 29/39229/3
Dengfeng Liu [Thu, 13 Jul 2023 13:25:52 +0000 (21:25 +0800)]
ipsec: delete redundant code

Type: fix

Change-Id: I0de1c51455b0d3958c75ab5626a318ac656adbe7
Signed-off-by: Dengfeng Liu <[email protected]>
23 months agodpdk: correct the printing of Rx offloading flags 81/39581/3
Jieqiang Wang [Mon, 21 Aug 2023 07:58:10 +0000 (15:58 +0800)]
dpdk: correct the printing of Rx offloading flags

DPDK added new Rx checksum flags[1] to handle cases like the virtual
drivers. Current check of flags is not strict enough for flags like
RTE_MBUF_F_RX_IP_CKSUM_NONE and will always be true no matter the
checksum in packet is good or bad.
Fix this issue by comparing the result of AND operation with the
correspinding Rx checksum flags.

Before this patch, packet trace prints the offload flags as below:

    Packet Offload Flags
      PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
      PKT_RX_IP_CKSUM_NONE (0x0090) no IP cksum of RX pkt.
      PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid
      PKT_RX_L4_CKSUM_NONE (0x0108) no L4 cksum of RX pkt.

After this patch, packet offload flags would be like:

    Packet Offload Flags
      PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
      PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid

Type: fix

[1] https://github.com/DPDK/dpdk/commit/5842289a546ceb0072bd7faccb93821e21848e07

Signed-off-by: Jieqiang Wang <[email protected]>
Change-Id: I3182022d9ccd46b2fc55bb3edfbfac9062ed7c89

23 months agopci: remove unnecessary ioctl() call and improve logging in vfio_set_irqs 29/39829/2
Damjan Marion [Mon, 6 Nov 2023 00:07:15 +0000 (00:07 +0000)]
pci: remove unnecessary ioctl() call and improve logging in vfio_set_irqs

Type: improvement
Change-Id: Ic8e2785bf375882defe5a1d299948d522cdd4895
Signed-off-by: Damjan Marion <[email protected]>
23 months agopci: fix VFIO set IRQ code 28/39828/1
Damjan Marion [Mon, 6 Nov 2023 00:06:26 +0000 (00:06 +0000)]
pci: fix VFIO set IRQ code

Type: fix
Fixes: 599a16b
Change-Id: I954e037ab944028798f9aa2a93f45322c8c7b4bb
Signed-off-by: Damjan Marion <[email protected]>
23 months agobonding: add checks for sw_if_index in api 86/39686/2
Stanislav Zaikin [Fri, 13 Oct 2023 15:48:53 +0000 (17:48 +0200)]
bonding: add checks for sw_if_index in api

Type: fix

Signed-off-by: Stanislav Zaikin <[email protected]>
Change-Id: I16b48460b3fcd82bbb89c375402cb2455414d8bb

23 months agovppinfra: refactor interrupt code 26/39826/1
Damjan Marion [Fri, 3 Nov 2023 21:57:42 +0000 (21:57 +0000)]
vppinfra: refactor interrupt code

Type: improvement
Change-Id: Ie6987736faf7d8a641762e276775da8ee0c03ea4
Signed-off-by: Damjan Marion <[email protected]>
23 months agotests: allow explicit defaults for arg types 62/39662/3
Dmitry Valter [Wed, 11 Oct 2023 20:37:04 +0000 (20:37 +0000)]
tests: allow explicit defaults for arg types

Allow settings default values explicitly in positive_int_or_default and
positive_float_or_default.

It allows setting setting default 0 test retries explicitly despite it
being not positive.

Type: improvement
Signed-off-by: Dmitry Valter <[email protected]>
Change-Id: Id23a9fdae0ef174eea8992c1f9fc2530aade6194

23 months agodev: strip debig log function name prefix during compilation 23/39823/2
Damjan Marion [Thu, 2 Nov 2023 18:40:32 +0000 (18:40 +0000)]
dev: strip debig log function name prefix during compilation

Type: improvement
Change-Id: I9b9bb37a0895366b412f042b0e2da5bbdd477325
Signed-off-by: Damjan Marion <[email protected]>
23 months agotests: refactor asf framework code 57/39457/45
Dave Wallace [Thu, 31 Aug 2023 04:47:44 +0000 (00:47 -0400)]
tests: refactor asf framework code

- Make framework.py classes a subset of asfframework.py classes
- Remove all packet related code from asfframework.py
- Add test class and test case set up debug output to log
- Repatriate packet tests from asf to test directory
- Remove non-packet related code from framework.py and
  inherit them from asfframework.py classes
- Clean up unused import variables
- Re-enable BFD tests on Ubuntu 22.04 and fix
  intermittent test failures in echo_looped_back
  testcases (where # control packets verified but
  not guaranteed to be received during test)
- Re-enable Wireguard tests on Ubuntu 22.04 and fix
  intermittent test failures in handshake ratelimiting
  testcases and event testcase
- Run Wiregard testcase suites solo
- Improve debug output in log.txt
- Increase VCL/LDP post sleep timeout to allow iperf server
  to finish cleanly.
- Fix pcap history files to be sorted by suite and testcase
  and ensure order/timestamp is correct based on creation
  in the testcase.
- Decode pcap files for each suite and testcase for all
  errors or if configured via comandline option / env var
- Improve vpp corefile detection to allow complete corefile
  generation
- Disable vm vpp interfaces testcases on debian11
- Clean up failed unittest dir when retrying failed testcases
  and unify testname directory and failed linknames into
  framwork functions

Type: test

Change-Id: I0764f79ea5bb639d278bf635ed2408d4d5220e1e
Signed-off-by: Dave Wallace <[email protected]>
23 months agotcp: fix reset w pkt 15/39815/4
Florin Coras [Wed, 1 Nov 2023 19:51:58 +0000 (12:51 -0700)]
tcp: fix reset w pkt

Do not add ip header as that's added by tcp output and fix checksum.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I9439acf5c66184af0350b1d4d7406b3feb2e79a1

23 months agotests: remove packet debug output from npt66 testcases 06/39806/4
Dave Wallace [Mon, 30 Oct 2023 21:05:23 +0000 (17:05 -0400)]
tests: remove packet debug output from npt66 testcases

Type: test

Change-Id: I1883b50f67890aefb28ca0ca7447f4e73c574d26
Signed-off-by: Dave Wallace <[email protected]>
23 months agoiavf: new driver using new dev infra 89/39689/22
Damjan Marion [Tue, 17 Oct 2023 16:08:18 +0000 (16:08 +0000)]
iavf: new driver using new dev infra

Type: feature
Change-Id: I9ae0dbf28b4571a37c568b587b771f90c06f200d
Signed-off-by: Damjan Marion <[email protected]>
23 months agodev: new device driver infra 88/39688/20
Damjan Marion [Tue, 17 Oct 2023 16:06:26 +0000 (16:06 +0000)]
dev: new device driver infra

Type: feature
Change-Id: I20c56e0d3103624407f18365c2bc1273dea5c199
Signed-off-by: Damjan Marion <[email protected]>
23 months agotcp: remove redundant ack checks 17/39817/4
Florin Coras [Wed, 1 Nov 2023 20:44:28 +0000 (13:44 -0700)]
tcp: remove redundant ack checks

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I4001f39afde8c33b60c15f74034bcce013fbbf70

23 months agotcp: allow ooo data in syn-rcvd 16/39816/4
Florin Coras [Wed, 1 Nov 2023 20:01:48 +0000 (13:01 -0700)]
tcp: allow ooo data in syn-rcvd

As long as ack and segment are legitimate accept ooo data as we
transition to established.

Type: improvement

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I85cdc65d70cb8ae689a9ce9bbe4f86228b1ac533

23 months agotcp: postpone cleanup on connect failures 97/39797/3
Florin Coras [Thu, 26 Oct 2023 15:46:46 +0000 (08:46 -0700)]
tcp: postpone cleanup on connect failures

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I231b319d4d7aa3e17cc8cfe8aaa4762995a5b2c4

23 months agotests: fix UDP port range for mdata and bufmon 14/39814/1
Dave Wallace [Wed, 1 Nov 2023 03:20:47 +0000 (23:20 -0400)]
tests: fix UDP port range for mdata and bufmon

- Use of well known UDP port numbers causes random
  failure of mdata and bufmon tests

Type: test

Change-Id: I21a01c54e5f166aea101d3caace85b53f3f7285d
Signed-off-by: Dave Wallace <[email protected]>
23 months agodocs: Updated "VPP with Containers" use-case section 09/39809/5
hsandid [Mon, 30 Oct 2023 17:47:36 +0000 (18:47 +0100)]
docs: Updated "VPP with Containers" use-case section

Type: improvement

Modified "VPP with Containers" doc section to run on Ubuntu 22.04 LTS.

Change-Id: Ic09b88cf0e3b492711222a1bb24552de964a7d03
Signed-off-by: hsandid <[email protected]>
23 months agotests: http static - skip if cannot create namespaces 10/39810/2
adrianvillin [Tue, 31 Oct 2023 12:15:53 +0000 (13:15 +0100)]
tests: http static - skip if cannot create namespaces

Type: test

Change-Id: I5fddb293f1b56853613ca2823dbb6d3d887d9929
Signed-off-by: adrianvillin <[email protected]>
23 months agohsa: use common app session interface in echo tests 96/39796/5
Filip Tehlar [Thu, 26 Oct 2023 10:51:09 +0000 (12:51 +0200)]
hsa: use common app session interface in echo tests

Type: test

Change-Id: Ib320cfb5e20f12614c013a92ac15490f8ca3a7ce
Signed-off-by: Filip Tehlar <[email protected]>
23 months agoipsec: separate UDP and UDP-encapsulated ESP packet processing 93/38793/2
vinay tripathi [Tue, 6 Jun 2023 07:27:55 +0000 (12:57 +0530)]
ipsec: separate UDP and UDP-encapsulated ESP packet processing

This fix differentiates UDP and UDP-encapsulated ESP packets processing.
While UDP-encapsulated ESP traffic is processed as IPsec traffic, UDP as
other plain-text protocols is NOT dispatched against SPD policies.
Key logic is taken from RFC 3948, and is based on the fact
that the checksum of UDP packet encapsulating ESP packet must be zero.

Type:  fix

Signed-off-by: vinay tripathi <[email protected]>
Change-Id: Ib1b4d240eea8e89f2daf17ec833905f26cdb31bd

23 months agoipsec: modify IPsec related tests to send and verify UDP-encapsulated ESP traffics 92/38792/9
vinay Tripathi [Fri, 20 Oct 2023 05:20:47 +0000 (05:20 +0000)]
ipsec: modify IPsec related tests to send and verify UDP-encapsulated ESP traffics

In this patch, IPsec related test files have been modified to send UDP-encapsulated
ESP packets,and validate against Inbound and Outbound policies that are configured
with Bypass, Discard and Protect action.

Type: test

Change-Id: I4b8da18270fd177868223bfe1389dc9c50e86cc5
Signed-off-by: vinay Tripathi <[email protected]>
23 months agoipsec: move udp/esp packet processing in the inline function ipsec_esp_packet_process 91/38791/10
vinay tripathi [Wed, 31 May 2023 09:11:45 +0000 (14:41 +0530)]
ipsec: move udp/esp packet processing in the inline function ipsec_esp_packet_process

This inline function is introduced to simplify code readability and allows to splitting of
UDP and ESP processing in the next step.

Type: improvement

Change-Id: Ida4d6abbed141ac74d4d285900777778eb8a5a1d
Signed-off-by: Vinay Tripathi <[email protected]>
23 months agotests: Added LLDP plugin tests 75/39775/2
adrianvillin [Thu, 26 Oct 2023 12:26:18 +0000 (14:26 +0200)]
tests: Added LLDP plugin tests

Type: test

Change-Id: I5a2d1b2c92f2bb7c45a7b5e025584d9417487840
Signed-off-by: adrianvillin <[email protected]>
23 months agotests: Added http static server tests. 60/39760/6
adrianvillin [Tue, 24 Oct 2023 10:53:10 +0000 (12:53 +0200)]
tests: Added http static server tests.

Coverage increased from 21% to 80%

Type: test

Change-Id: Ic8ecc620cef738d7dbe4c259f58a373ac155a588
Signed-off-by: adrianvillin <[email protected]>
23 months agohsa: preallocate sessions on server side 67/39767/5
Filip Tehlar [Wed, 25 Oct 2023 12:59:09 +0000 (14:59 +0200)]
hsa: preallocate sessions on server side

Type: test

Change-Id: Ib809f5a6c9e2f08d87f0070231df04d5f0040ca0
Signed-off-by: Filip Tehlar <[email protected]>
23 months agovcl: propagate correctly EADDRINUSE for UDP bind 05/39805/2
Mohammed Hawari [Mon, 30 Oct 2023 09:52:19 +0000 (10:52 +0100)]
vcl: propagate correctly EADDRINUSE for UDP bind

Change-Id: Ia8b5421cbaaf861ddb3ad7aeca53a077ff18864e
Signed-off-by: Mohammed Hawari <[email protected]>
Type: fix

23 months agoipsec: huge anti-replay window support 65/37865/23
Maxime Peim [Thu, 22 Dec 2022 11:26:57 +0000 (11:26 +0000)]
ipsec: huge anti-replay window support

Type: improvement

Since RFC4303 does not specify the anti-replay window size, VPP should
support multiple window size. It is done through a clib_bitmap.

Signed-off-by: Maxime Peim <[email protected]>
Change-Id: I3dfe30efd20018e345418bef298ec7cec19b1cfc

23 months agoflowprobe: fix accumulation of tcp flags in flow entries 70/39770/2
Alexander Chernavin [Thu, 26 Oct 2023 11:18:19 +0000 (11:18 +0000)]
flowprobe: fix accumulation of tcp flags in flow entries

Currently, TCP flags of a flow entry don't get reset once the flow is
exported (unlike other meta information about a flow - packet delta
count and octet delta count). So TCP flags are accumulated as long as
the flow is active. When the flow expires, it is exported the last time,
and its pool entry is freed for further reuse. The next flow that gets
this pool entry will already have non-zero TCP flags. If it's a TCP
flow, the flags will keep being accumulated. This might look fine when
exported. If it's a non-TCP flow, that will definitely look erroneous.

With this fix, reset TCP flags once the flow is exported. Also, cover
the reuse case with tests.

Type: fix
Change-Id: I5f8560afffcfe107909117d3d063e8a69793437e
Signed-off-by: Alexander Chernavin <[email protected]>