Yulong Pei [Mon, 21 Sep 2020 20:41:56 +0000 (13:41 -0700)]
crypto: revert crypto set handler all API
This reverts commit
8c91b2ae2b32d428ef35605707788fe064621cb3,
but keep a comment fix.
Type: fix
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
Change-Id: Ia66941bf18d3efac96f41bdf905d877cfb3ab211
Florin Coras [Mon, 21 Sep 2020 17:45:56 +0000 (10:45 -0700)]
session: use wrk instead of thread index in node
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia36d86eb108f0651fc3af8b4dbdc2d0b49e283da
Neale Ranns [Fri, 18 Sep 2020 07:35:06 +0000 (07:35 +0000)]
geneve: Move to plugin
Type: refactor
Change-Id: I613bf4d6517591351b212bfe6c8d93abf235f5dc
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 18 Sep 2020 14:05:45 +0000 (14:05 +0000)]
misc: Move l2tp to plugin
Type: refactor
Change-Id: Ifb36eeb146b87e9e305881429d32d6879e955e1e
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 18 Sep 2020 12:58:40 +0000 (12:58 +0000)]
lldp: Move to plugin
Type: refactor
Change-Id: Ifd770ff4850e63474bf4682ad463021b03786b4b
Signed-off-by: Neale Ranns <nranns@cisco.com>
Matthew Smith [Wed, 16 Sep 2020 21:41:26 +0000 (16:41 -0500)]
vrrp: set up multicast for both address families
Type: fix
When a VR is added, multicast accept routes are added which allow
inbound packets sent to the VRRP group address on the interface of the
VR so advertisements from peers can be received. If this is the first
VR added, also add a local forward route for the VRRP group address so
the packets will be processed by the VRRP input nodes.
When deciding whether to add/delete the local forward route, the total
number of VRs configured was being checked. If there are no VRs
configured initially and a VR is added for IPv4, this check would
correctly see that this was the first VR and add an IPv4 route. If an
IPv6 VR was configured subsequently, this check would find that a VR
was already configured and incorrectly decide that no route needed to
be added and IPv6 VRRP advertisements from peers would be dropped
as a result. The opposite would occur if you first added an IPv6 VR
followed by adding an IPv4 VR - whichever address family was added
first would work correctly and the other one would not work.
Since a route is needed for each address family, check on the per
address family count of VRs when deciding whether to add/delete the
local forward route instead of checking on the global count of VRs.
Change-Id: I851a7ef8a4f9e4e370d08b0832284a13387eb083
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Damjan Marion [Wed, 16 Sep 2020 15:06:45 +0000 (17:06 +0200)]
ip: use main heap for mtrie
Main heap can be hugepage backed so it is more efficient to use
main heap instead of allocating special heap just for mtrie....
Type: improvement
Change-Id: I210912ab8567c043205ddfc10fdcfde9a0fa7757
Signed-off-by: Damjan Marion <damarion@cisco.com>
Andrew Yourtchenko [Wed, 16 Sep 2020 12:10:27 +0000 (12:10 +0000)]
acl: remove custom ACL-plugin heap
Custom ACL-plugin heap was useful in early stages,
but it interferes with other infra optimizations.
Remove it and use global heap.
Change-Id: I2300548f1d1798dec27bc5a2a41cf37f9fcda95d
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Damjan Marion [Thu, 17 Sep 2020 11:56:47 +0000 (13:56 +0200)]
dpdk: hugepage availibility check using new api
Type: improvement
Change-Id: Iab623a2e11bd5787f4cae549143f49888e0dd9c4
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Wallace [Wed, 16 Sep 2020 21:04:24 +0000 (21:04 +0000)]
build: touch files when extracting rpm tarballs
Type: fix
- Long story short, intermittently centos jobs have been
failing with clock skew issues. When someone commits a
patch on a machine with the date ahead of UTC, then clock
skew will be encountered when extracting the RPM source
tarball. See [0] and [1] for details.
- Replace 'make bootstrap' with 'make install-dep' in
RPM package build specfile.
[0] https://unix.stackexchange.com/questions/164807/does-git-archive-use-the-wrong-file-timestamp
[1] https://git.fd.io/vpp/tree/Makefile#n380
Change-Id: Iebfb9eb2e26c1f2e4488e871da86d0c60b9f4048
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Dave Wallace [Fri, 18 Sep 2020 15:35:01 +0000 (15:35 +0000)]
build: remove opensuse build infra
- VPP on opensuse has not been supported
for several releases.
Type: fix
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I2b5316ad5c20a843b8936f4ceb473f932a5338d9
Florin Coras [Fri, 18 Sep 2020 23:15:47 +0000 (16:15 -0700)]
session: grab worker barrier for sapi msgs
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7cdbcfeb6f77a720e190daf9fe555320e586bba8
Mohammed Hawari [Fri, 18 Sep 2020 19:47:04 +0000 (21:47 +0200)]
dpdk: prevent linking dpdk against libbsd
If libbsd is detected by the DPDK build system, DPDK does not provide
implementations for strlcpy and dynamically link against the one
provided by libbsd. When the DPDK plugin is loaded by VPP, a crash
occurs because libbsd is not loaded by VPP.
Type: fix
Change-Id: Ib691bbe27edcf0f6f0a3d39952e439027cef72cb
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Dave Wallace [Fri, 18 Sep 2020 20:23:55 +0000 (20:23 +0000)]
build: missing deb pkg on ubuntu-20.04
- The vpp build on the ubuntu-20.04 executor failed
due to the package 'dh-python' not getting
installed by 'make install-dep'
Type: fix
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: Id9307ad1b4e34c413d90258c6bde2aa5afafec63
Matthew Smith [Thu, 17 Sep 2020 21:33:10 +0000 (16:33 -0500)]
fib: skip byte swap on n_paths in mroute details
Type: fix
While preparing to send a ip_mroute_details API message, the number
of paths for a multicast route is stored in an int in
send_ip_mroute_details(). Before the value in the int is copied into
the field n_paths in the API message, the byte order is swapped.
This results in n_paths getting set to 0.
Change the int to a u8 and omit the byte swap so API clients can
receive data on multicast route paths.
Change-Id: Ie6dcb0f7b135c5b5deeeb2e44147560dbbb12507
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Ole Troan [Tue, 15 Sep 2020 08:53:34 +0000 (10:53 +0200)]
vat: add infrastructure to align vnet test code and plugin test code
Split vat/api_format.c also for VNET features.
Use auto-generated VAT test code and support dynamic message ID allocation as for plugins.
The arp and geneve features as Guinea pigs.
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I461591496766bdf10c5f950fd30f1a0ae05909da
Signed-off-by: Ole Troan <ot@cisco.com>
Sergey Matov [Tue, 15 Sep 2020 09:40:55 +0000 (13:40 +0400)]
vlib: add decrement counter method
Currently there is no way to decrease simple counter. To extend
counters API new method allows to decrement counter by given value.
This might be useful in implementation of statistics stored in stats
segment.
Type: improvement
Change-Id: I7c08c62bffa6a2d50e9e2cf884f7b2d48538f34b
Signed-off-by: Sergey Matov <sergey.matov@travelping.com>
Signed-off-by: Dave Barach <dave@barachs.net>
Vladimir Isaev [Fri, 18 Sep 2020 11:43:29 +0000 (14:43 +0300)]
tap: do not use strlen on vector
sanitizer complains about strlen on hi->name in tap_dump_ifs.
hi->name is a vector which is not null-terminated, so use vec_len.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Icdd5f65369bb51b0c4a9cd86c24899e6febd837c
fanyf [Thu, 17 Sep 2020 14:10:41 +0000 (22:10 +0800)]
session: fix vpp exit abnormal due to application as a proxy server with ldp
Type: fix
The function of application_setup_proxy() be called when application run as a
proxy server, "app_wrk->first_segment_manager" be realloced in this function,
but variable of "sm" point original memory location.
Signed-off-by: fanyf <fanyufei521@outlook.com>
Change-Id: I753c9fb60d1c0794d5eede9f3fab48381a802e3c
Mohammed Hawari [Tue, 15 Sep 2020 12:05:11 +0000 (14:05 +0200)]
dpdk: call the meson-based build instead of Makefiles
Type: feature
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Change-Id: I576d92605da6d43e9b9f12238b18a518a0d69385
Benoît Ganne [Tue, 15 Sep 2020 08:58:07 +0000 (10:58 +0200)]
virtio: fix txq locking
Initialize txq lock only if some txq are shared and check if another
worker is already operating on the txq before processing gro timeouts
in input node.
Type: fix
Change-Id: I89dab6c0e6eb6a7aa621fa1548b0a2c76e6c7581
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Damjan Marion [Fri, 11 Sep 2020 20:18:35 +0000 (22:18 +0200)]
vpp: make main heap page size configurable from startup.conf
Type: improvement
Change-Id: I190c6896152c626aa7cb1055cfce5d9cfcd5b68b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 17 Sep 2020 08:40:44 +0000 (10:40 +0200)]
stats: configurable page size
Type: improvement
Change-Id: I9973bce20a0a2a8a7e227cf96518de5b79374425
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Thu, 17 Sep 2020 12:56:47 +0000 (12:56 +0000)]
teib: Use ip_address_t not ip46_address_t
Type: improvement
Change-Id: Ica75c4e43d6198658a1954640c7ac56ea68bb39a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Thu, 17 Sep 2020 11:29:33 +0000 (13:29 +0200)]
vlib: show FD in 'show memory map'
Type: improvement
Change-Id: I04752c011e4ca58f56aa53f6ae27bae93a5c4590
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Wed, 2 Sep 2020 14:46:53 +0000 (14:46 +0000)]
teib: Add adj-fibs for peers/adjacencies on p2mp interface
Type: fix
Change-Id: I6fdc4e952097e92ac3aa53e0be3ef99e0d801b28
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Fri, 11 Sep 2020 20:25:34 +0000 (22:25 +0200)]
vlib: map thread stack instead of allocating them from heap
Heap may use different page sizes so we will not be able to create
stack protection page.
Type: improvement
Change-Id: Ibb35c9f0a151c464ee0167d17f2bd773ef6f530b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 11 Sep 2020 20:16:53 +0000 (22:16 +0200)]
vppinfra: support main heap with different page sizes
Type: improvement
Change-Id: I381fc3dec8580208d0e24637d791af69011aa83b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 16 Sep 2020 19:36:00 +0000 (21:36 +0200)]
vppinfra: detect memory attributes on clib_mem_init
Type: improvement
Change-Id: I298aadfdf17d98dfb1ada1ec4f87e0821e6aeb7f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 17 Sep 2020 07:54:07 +0000 (09:54 +0200)]
vppinfra: allow handoff to main thread
Type: improvement
Change-Id: If2e907967c9b75997b581ff0c058bd5c15e823f5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Thu, 17 Sep 2020 00:44:58 +0000 (17:44 -0700)]
vcl: avoid heap use for ldp debug
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I798db694bdc63ae3a6e28d1908245b5ea0bfa84f
Steven Luong [Wed, 16 Sep 2020 20:10:53 +0000 (13:10 -0700)]
avf: wrong argument passed to avf_log_err
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ica4601c9d17e182cbc348989a9f75ab1cb18b78a
Damjan Marion [Wed, 16 Sep 2020 19:15:44 +0000 (21:15 +0200)]
vppinfra: introduce clib_mem_main
To hold more data later...
Type: improvement
Change-Id: I4006d22dcacd788988c4907f2c263fd4e4a9d398
Signed-off-by: Damjan Marion <damarion@cisco.com>
Benoît Ganne [Tue, 15 Sep 2020 08:45:55 +0000 (10:45 +0200)]
vpp: fix main heap init
NUMA node parsing with vlib_get_thread_core_numa() can failed on single
socket systems. Use clib_get_current_numa_node() instead as we already
pinned the main thread to the requested core.
Type: fix
Change-Id: I22339516d0305689a58584c92ded7c96eb53be39
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Steven Luong [Tue, 15 Sep 2020 16:48:38 +0000 (09:48 -0700)]
vmxnet3: gso fixes
outbound:
wrong header len computation
gso size and header length need to be set in the first segment of the
chain
inbound:
EOP may have zero length descriptor to terminate the chain
missing endian conversion for ethertype
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Iaa003c0e9af3ead4df6c6c0d5772a179d2ff15c4
Florin Coras [Tue, 15 Sep 2020 22:56:51 +0000 (15:56 -0700)]
vcl: refactor bapi client index for sapi reuse
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibebb6f7d4e610570693e213acd2f6d9332c563c6
Andrew Yourtchenko [Wed, 16 Sep 2020 09:48:59 +0000 (09:48 +0000)]
vppapigen: crcchecker: report in-progress messages
in-progress messages do not give any API stability guarantees,
by design, to allow easy iteration. Provide an easy way
to know which messages are in-progress.
If as a user you see "in-progress" message that you want
to use in production, please contact the feature owner
and discuss the path to removing the "in-progress" status
before that.
Change-Id: I27729995e26a70af373e642b871dbb5cc5526959
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Yulong Pei [Tue, 15 Sep 2020 02:45:03 +0000 (19:45 -0700)]
crypto: Crypto set handler API to support set all as CLI
Type: improvement
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
Change-Id: I43556f8c76c7aae64d9c927e1fda3c1774d7e49d
Mohsin Kazmi [Tue, 15 Sep 2020 16:41:44 +0000 (16:41 +0000)]
misc: fix the formatting style
Type: style
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Id86e16677564669b0295bbb9fc1303fe39a21b6f
Ole Troan [Tue, 15 Sep 2020 09:37:16 +0000 (11:37 +0200)]
api: clean up use of deprecated flag
The syntax of the deprecated flag has evolved.
Clean up usage to be "option deprecated;".
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: If2b639f275eb8db58b36c457f9245fe35a4d8cb1
Andrew Yourtchenko [Fri, 11 Sep 2020 17:40:52 +0000 (17:40 +0000)]
vppapigen: crcchecker: report deprecated messages
Report if the messages were marked as deprecated,
but not yet deleted.
Useful for building the release notes and comparing
between the releases.
Also, put the dict_compare() call into the report(),
since latter always consumes the output of the former.
Change-Id: Iceab3e94ff66da931a4669b612026bd162dd5d1a
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
jan_cavojsky [Fri, 11 Sep 2020 08:45:17 +0000 (10:45 +0200)]
flowprobe: add show commands for params and list of interfaces for recording
Type: feature
Ticket: VPP-1861
Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech>
Change-Id: Iaeff13b19a712257223a4e77893cfd9398c18327
Dave Barach [Mon, 14 Sep 2020 14:21:11 +0000 (10:21 -0400)]
docs: improve plugin developer's guide
Topics added: disabling lightly-used, experimental, or test plugins
by default. Discourage folks from creating bihash tables, processes
etc. from VLIB_INIT_FUNCTIONs.
Type: docs
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I1235d64971e9ed50f992b75f96b77c934168276a
Simon Zhang [Tue, 15 Sep 2020 15:40:28 +0000 (23:40 +0800)]
tcp: make max gso packet size configurable
Type: improvement
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I14de90f07d825c5c99023996a88173ee855e9a6f
Onong Tayeng [Tue, 15 Sep 2020 08:25:29 +0000 (13:55 +0530)]
lisp: fix lisp|one_eid_table_dump's local|remote options in vat
The local|remote options to vat's lisp|one_eid_table_dump api command
does not print the eid details instead it produces the following error
messages:
Filter error, unknown filter: 1
Filter error, unknown filter: 2
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I000c290b400dbf39bd883d57115923167092c9bd
Neale Ranns [Tue, 15 Sep 2020 07:13:46 +0000 (07:13 +0000)]
crypto: Crypto SW Scheduler Coverity Warnings
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I7f98d0c7847ecc40b90b78e5ae83f320575be310
Damjan Marion [Tue, 15 Sep 2020 09:05:23 +0000 (11:05 +0200)]
crypto-native: fix issues detected by coiverity
Type: fix
Change-Id: Id61aa407eeeb4d44cf47ed39283a0c79ed3abbee
Signed-off-by: Damjan Marion <damarion@cisco.com>
Yichen Wang [Wed, 1 Jul 2020 06:14:23 +0000 (23:14 -0700)]
build: fix the the build on centos/rhel 8
1. Remove uncessary runtime dependency;
2. Add missing build dependency;
3. Fix runtime dependency for api-python3 RPM;
Type: make
Change-Id: I2700f1a15112effba8d1527aca6467158f81f486
Signed-off-by: Yichen Wang <yicwang@cisco.com>
Damjan Marion [Mon, 14 Sep 2020 10:18:44 +0000 (12:18 +0200)]
l2: allocate l2fib only when needed
Currently l2 fib allocates 512MB hash table unconditionally on startup.
This patch postpones table creation up to the point where first
interface is put into l2 mode or mac entry is added.
In addition it reduces default table size to 128MB and increases number
of buckets 4 times. This default setting should be enough to keep 1M mac
entries.
Also, new startup.conf section is added which allows user to change memory
and bucket size. .i.e:
l2fib {
table-size 512M
num-buckets 524288
}
Type: improvement
Change-Id: I2a29209aa3545181f0087544c97a54d8157b6ec5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Mon, 14 Sep 2020 17:29:29 +0000 (10:29 -0700)]
session: del app worker on socket detach
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic904abedcd270c95e782159170d457bc396424a0
Neale Ranns [Mon, 14 Sep 2020 13:28:42 +0000 (13:28 +0000)]
wireguard: coverity fixes
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ib1eabbc87a573c660ac251602d631f167928259b
Florin Coras [Wed, 9 Sep 2020 05:43:47 +0000 (22:43 -0700)]
vcl: add support for app socket api
To enable add "app-socket-api /path/to/socket" to vcl.conf. On vpp side, add
use-app-socket-api to session stanza in startup.conf
VPP allocates a socket per application namespace which it places in the
app_ns_sockets subfolder of the run folder (default /var/run/vpp). The
socket used implicitly selects the app namespace for the vcl app.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifc14b93dcbf6ef9bed1852d46cd069f4855b92ef
Florin Coras [Tue, 8 Sep 2020 23:47:57 +0000 (16:47 -0700)]
vcl: cleanup bapi and wrk registration
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0391db5c3ad038265cb8ebf9de02925653e35959
Florin Coras [Thu, 3 Sep 2020 02:10:28 +0000 (19:10 -0700)]
session: add unix socket api for app attachment
This is an af_unix socket alternative to the binary api. To enable it,
add use-app-socket-api under session stanza in startup.conf. When the
socket api is enabled, attachments through the binary api are disabled.
The socket api only works with memfd fifo segments, i.e., shm segments
are not supported.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I55ffcee201d004846daeeec85c700c7e7a578d43
Florin Coras [Thu, 10 Sep 2020 19:27:14 +0000 (12:27 -0700)]
vcl: always fill buffer or drain rx fifo
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibbe438aa6f2fe6d9f55c56ca6d3aec1a29b32cad
Neale Ranns [Mon, 14 Sep 2020 08:29:05 +0000 (08:29 +0000)]
wireguard: increase FIB source priority
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Icc1c458474d357c7d9b3b4df1897500de0c314a1
Ole Troan [Mon, 14 Sep 2020 10:21:13 +0000 (12:21 +0200)]
nat: delay datastructure allocation until configured
The dslite plugin would on plugin load initialize large bihash datastructures.
Postpone until configured.
Type: improvement
Change-Id: Ie790ab8c5fc39fac18153acd54dcd051805e763a
Signed-off-by: Ole Troan <ot@cisco.com>
Damjan Marion [Fri, 11 Sep 2020 20:13:46 +0000 (22:13 +0200)]
vppinfra: add clib_log2_page_sz and format/unformat functions
Type: improvement
Change-Id: Ie44dbf9396cfed19dba153810b7bd76ce5377cd4
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Thu, 10 Sep 2020 03:37:37 +0000 (03:37 +0000)]
ikev2: fix copy-paste error when freeing memory
Type: fix
Change-Id: If44c807d188b3e88d819f4132d73e6a34402a525
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Thu, 10 Sep 2020 08:49:10 +0000 (08:49 +0000)]
wireguard: Fix for tunnel encap
Type: fix
add UT for sneding handshale init and transport packets
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc
Onong Tayeng [Fri, 11 Sep 2020 11:52:07 +0000 (17:22 +0530)]
lisp: fix spelling mistake in option name
In the vat help msg for one_add_del_l2_arp_entry the IP address option
is misspelled as "ip4 <ip4>" when it should have been "ip <ip4>".
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id4058a3ddfdb78b840d7e5a3c330e67b393f5d3b
Andrew Yourtchenko [Fri, 11 Sep 2020 15:54:43 +0000 (15:54 +0000)]
misc: edit the MAINTAINERS entries for crypto plugins for common style
Change-Id: Ic40bf11210cf1c36420578281f5a42668bad9801
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Nathan Skrzypczak [Fri, 11 Sep 2020 07:47:41 +0000 (09:47 +0200)]
quic: Clean quic_crypto_setup_cipher
Type: fix
Change-Id: I4c19636c2be8a577c6cba272708cb04bcc24785b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Onong Tayeng [Fri, 11 Sep 2020 10:08:20 +0000 (15:38 +0530)]
lisp: fix help msg of show eid-table command
The lisp|one show eid-table command's help msg does not display the
available options. This patch fixes that.
show lisp eid-table [local|remote|eid <eid>]
show one eid-table [local|remote|eid <eid>]
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id39148db2ff291a7fe859830c1488b69ccd15c05
Chenmin Sun [Fri, 11 Sep 2020 14:32:51 +0000 (22:32 +0800)]
dpdk: fix coverity defect #214232, #182930
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ie328834159687cdb4314c37d36697f2fb9081fbd
Damjan Marion [Fri, 11 Sep 2020 12:11:11 +0000 (14:11 +0200)]
avf: add assert to ensure that adminq is used only from avf process
Type: improvement
Change-Id: Ib64c9b8207776986656e5a26c13a221edc6cc950
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 11 Sep 2020 12:10:35 +0000 (14:10 +0200)]
avf: change promisc mode from the avf process node
Avoid situations where promisc mode is chaged while avf process
is suspended in the middle of adminq operation.
Type: fix
Change-Id: Ia1fc6551e83218b5938630ad3a15d4f3f0ceceff
Signed-off-by: Damjan Marion <damarion@cisco.com>
Vladimir Isaev [Thu, 27 Aug 2020 10:34:50 +0000 (13:34 +0300)]
nat: Fix next feature for ED with multiple workers
Multiple (> 1) workers leads to handoff node being enabled.
This node pops next feature index to nat.arc_next to make sure
that packet will be pushed to the next feature in the arc.
But node nat44-ed-in2out-output also pops next feature and changes
arc_next. So actual next feature will be skipped in that case.
It leads to all nat44-ed-in2out packets being dropped if we have
multiple workers (handoff node enabled).
To resolve this a new node was added (nat-pre-in2out-output) to fill
arc_next in single worker case and multiple worker case is already
handled by handoff node.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I9dfba68f00164d2d5ab867224871811bef4411ed
Damjan Marion [Wed, 9 Sep 2020 15:40:02 +0000 (17:40 +0200)]
avf: fix race between avf and cli/api process
device pool my grow during suspemd which will cause crash in avf process
after it exits from suspend.
Type: fix
Change-Id: I51fec90088c909cfbaaca6c245272a28c0827ca0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Benoît Ganne [Thu, 10 Sep 2020 12:12:06 +0000 (14:12 +0200)]
vlib: fix call to vlib_get_node_by_name
Type: fix
Change-Id: I1b4f52e186165b04db5bd5f11058dc77b647bc94
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Filip Varga [Tue, 8 Sep 2020 14:22:44 +0000 (16:22 +0200)]
nat: endian mismatch
Type: fix
Change-Id: Icf6ce0ddb5fe9d078503e9d9ff7e7b26423f53f8
Signed-off-by: Filip Varga <fivarga@cisco.com>
Benoît Ganne [Wed, 9 Sep 2020 10:50:07 +0000 (12:50 +0200)]
build: fix build for Debian 9 and Debian 10
Type: fix
Change-Id: Ic07d0ae313b32e420ba93693cb75960a86f752a9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Damjan Marion [Thu, 20 Aug 2020 15:28:20 +0000 (17:28 +0200)]
avf: fix race between avf process node and avf_delete_if(...)
It may happen that process node is suspended while it waits for response
from adminq and during that time CLI or API process can call
avf_delete_if. When avf process node resumes, it may happen that device
is not there anymeore.
This patch delegates interface deletion to process node, so CLI/API
process just sends signal instead of deleting device instance itself.
Type: fix
Change-Id: I7f12e12df3071650f6e60ad7eb5af23b7acfe335
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matthew Smith [Thu, 10 Sep 2020 15:09:01 +0000 (10:09 -0500)]
l2: fix null deref in l2_to_bvi()
Type: fix
Static analysis identified a possible null pointer dereference. It
was introduced by a recent patch which expanded the DMAC comparison
on inbound packets on a BVI interface to include any secondary MAC
addresses which were added to an interface.
Check if the pointer is null before dereferencing.
Change-Id: Ic2afe2b062eda32977e05bf3f98d82c1fe64620c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Benoît Ganne [Thu, 10 Sep 2020 11:54:49 +0000 (13:54 +0200)]
ikev2: fix memory leaks
- make sure everything is freed on cleanup
- reuse already allocated vectors where possible
Type: fix
Change-Id: Ibd8da1edb37126522dc2d525596521d32dceb73a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Aloys Augustin [Thu, 10 Sep 2020 15:28:18 +0000 (15:28 +0000)]
quic: fix coverity warning
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: Ic51ba3450b3d0722ebff4280127f526b5a9934b1
Martin Millnert [Thu, 10 Sep 2020 23:02:26 +0000 (01:02 +0200)]
misc: selinux fixes (packet_socket r/w)
vpp-20.05 on up-to-date Centos 7.8 host with enforcing SELinux fails to
create a host-interface due to two missing SELinux-permissions:
vpp_t self:packet_socket { read write }
This simple patch adds these two permissions. Tested successfully on
local installation.
The steps to reproduce:
$ ip link add vpeer-host type veth peer name vpeer-vpp
vpp# create host-interface name vpeer-vpp
create host-interface: Permission denied (errno 13)
[...]
$ semodule -i vpp-packet-socket.pp
vpp# create host-interface name vpeer-vpp
host-vpeer-vpp
Type: fix
Ticket: VPP-1931
Change-Id: I2b3d92b27b9a9f26aa1c85af2946b15e83e27944
Signed-off-by: Martin Millnert <martin@millnert.se>
Onong Tayeng [Thu, 10 Sep 2020 15:46:55 +0000 (21:16 +0530)]
lisp: fix vat crash with one_add_del_local_eid api
VAT crashes when the one_add_del_local_eid api is invoked with mac
address as eid.
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I29e246f6cad4b350fec52d54e94dbed586d488c4
Artem Glazychev [Thu, 10 Sep 2020 06:13:29 +0000 (13:13 +0700)]
wireguard: fix handshake procedure
Type: fix
Change-Id: I96e8c5c9c792b1d9aefd39ce3e240d220827b7d1
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Onong Tayeng [Fri, 4 Sep 2020 11:46:23 +0000 (17:16 +0530)]
lisp: fix crash with arp and packet trace on
With packet trace on, VPP crashes when an arp packet arrives. This patch
fixes the crash and also ensures that the packet trace displays the eid
info.
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Iaad09a5e2b33e931ab9bd7bc3d4573b5ed5e4bfd
Mohammed Hawari [Thu, 10 Sep 2020 13:10:45 +0000 (15:10 +0200)]
af_xdp: documents incompatibility with 1GB hugepages and high buffers-per-numa.
Type: docs
Change-Id: If8602d4b73cc1f04e42d19b8df60a05f67aa90c9
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Damjan Marion [Wed, 9 Sep 2020 16:55:16 +0000 (18:55 +0200)]
vlib: support interrupt re-arm from node
Type: improvement
Change-Id: I13517bff4129497644e0efc3495d0ee7897fe5a7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Nathan Skrzypczak [Fri, 4 Sep 2020 16:31:23 +0000 (18:31 +0200)]
docs: Improve new plugin doc & add govpp API doc
Type: docs
Change-Id: I5f20ac0232c5cdc3cf64015185b0d0fc5c4a3100
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Nathan Skrzypczak [Tue, 8 Sep 2020 16:09:59 +0000 (18:09 +0200)]
docs: Update and improve indent install
Type: docs
Change-Id: I1a37450261e0bcedf90685243b14027f3cf23704
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Matthew Smith [Mon, 31 Aug 2020 19:55:17 +0000 (14:55 -0500)]
l2: check secondary macs on BVI interface
Type: fix
VRRP cannot be used on a BVI interface currently because packets sent
to the virtual mac address of the VR fail the destination mac check in
l2_to_bvi().
Apparently people want to use VRRP on BVI interfaces, so update the
check in l2_to_bvi() so that it will check any secondary mac addresses
which have been added to the ethernet interface if the destination mac
address does not match the primary mac address for the interface.
An equivalent check is already done in ethernet_input_inline() for L3
interfaces which are in promiscuous mode.
Change-Id: I7c5bf624dafda8744fea236c704e8e17e5f53b35
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Nathan Skrzypczak [Wed, 9 Sep 2020 15:57:12 +0000 (17:57 +0200)]
docs: Fix create memif cli
Type: docs
Change-Id: I91a954abf77335e1ddcbd1468633d9d7980bbac2
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Benoît Ganne [Wed, 9 Sep 2020 08:00:34 +0000 (10:00 +0200)]
svm: fix non-null-terminated string
Type: fix
Change-Id: Ia9cd71ce12584cd8ef90bfe357cf762dd7653f71
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Andrew Yourtchenko [Mon, 7 Sep 2020 18:04:16 +0000 (18:04 +0000)]
misc: Merge 20.05.1, 19.08.3 RELEASE.md sections
also, remove a duplicate 17.01.1 section and wrong page tag for 20.09
Change-Id: Ia2cc77faa75cccab38972ad46517762cb7456466
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Artem Glazychev [Mon, 31 Aug 2020 10:12:30 +0000 (17:12 +0700)]
wireguard: initial implementation of wireguard protocol
Type: feature
The main information about plugin you can see in README.md
vpp# wireguard ?
wireguard create wireguard create listen-port <port> private-key <key> src <IP> [generate-key]
wireguard delete wireguard delete <interface>
wireguard peer add wireguard peer add <wg_int> public-key <pub_key_other>endpoint <ip4_dst> allowed-ip <prefix>dst-port [port_dst] persistent-keepalive [keepalive_interval]
wireguard peer remove wireguard peer remove <index>
Change-Id: I85eb0bfc033ccfb2045696398d8a108b1c64b8d9
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Jim Thompson <jim@netgate.com>
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Fan Zhang [Thu, 3 Sep 2020 16:10:57 +0000 (17:10 +0100)]
crypto: change cryptodev with new cryptodev API
Type: feature
This patch updateds cryptodev engine uses new DPDK Cryptodev
API planned to be upstreamed in DPDK 20.11.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrX.bronowski@intel.com>
Change-Id: I8dd1a8ac643f1e952deb787e466b76ea7aa5f420
Chenmin Sun [Mon, 6 Jul 2020 00:20:39 +0000 (08:20 +0800)]
interface: support configuring RSS steering queues
This patch adds the RSS steering queues set interface, and it's
implementation in DPDK device:
/* Interface to set rss queues of the interface */
typedef clib_error_t *(vnet_interface_rss_queues_set_t)
(struct vnet_main_t * vnm, struct vnet_hw_interface_t * hi,
clib_bitmap_t *bitmap);
This patch also introduces a command line to set the RSS queues:
set interface rss queues <interface> <list <queue-list>>
To display the rss queues, use "show hardware-interfaces"
Below is the example to configure rss queues for interface Gig0:
vpp# set interface rss queues Gig0 list 0,2,4-7
vpp# show hardware-interfaces brief
Name Idx Link Hardware
VirtualFunctionEthernet18/1/0 1 down VirtualFunctionEthernet18/1/0
Link speed: unknown
RSS queues: 0 2 4 5 6 7
local0 0 down local0
Link speed: unknown
vpp#
Users can also configure the rss queues on a dpdk interface in
startup.conf:
dpdk {
dev 0000:18:01.0 {
rss-queues 0,2,5-7
}
}
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I1835595a1c54016a84eabee9fd62ce137935385d
Rajesh Goel [Thu, 3 Sep 2020 13:08:03 +0000 (18:38 +0530)]
stats: Fix stat_segment to set timeout directly
Type: fix
Signed-off-by: Rajesh Goel <rajegoel@cisco.com>
Change-Id: Ib37802f4270fe894a31e871c7fbb12b5a1cdf058
Ryujiro Shibuya [Wed, 9 Sep 2020 04:14:11 +0000 (04:14 +0000)]
tcp: fix the tcp unittest to work
Type: fix
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: If5a8313262da828616db8b1d9ef831d42b11d952
Christian Hopps [Tue, 14 Jul 2020 12:39:30 +0000 (08:39 -0400)]
dpdk-ipsec: don't leak buffers on crypto alloc failure
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: I4dee2ea723631e1bd95b33a74b9431d984565aef
Christian Hopps [Sat, 22 Aug 2020 14:44:33 +0000 (14:44 +0000)]
dpdk: fix extended stat strings
- These were displaying blank, apparently dpdk extended stat strings
must be within the heap so they are identified as vectors by
format_c_identifier even though they are not.
Type: fix
Change-Id: I2b153b100203b9856ce3af6d5ecb2daae410fb5b
Signed-off-by: Christian Hopps <chopps@labn.net>
Christian Hopps [Sun, 23 Aug 2020 13:37:34 +0000 (13:37 +0000)]
dpdk: fix interface counters to never go backward
Was seeing imissed counter become negative. Reuse the RX_ERROR code for all
three error counters to avoid the problem.
Type: fix
Change-Id: I99a69c8816326682745785ecd30e18a131ac2969
Signed-off-by: Christian Hopps <chopps@labn.net>
Florin Coras [Fri, 4 Sep 2020 15:57:27 +0000 (08:57 -0700)]
svm session: document unsupported fifo deq combinations
Type: fix
- Document that ooo dequeues with ooo lookups cannot be done in
combination with in order dequeues.
- Added assert to capture this scenario and de-initialized rbtrees for
cut-through tx fifo
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic40d020b3f0391fcf022ea3c906b86121744144f
Christian Hopps [Sun, 3 Nov 2019 12:02:15 +0000 (07:02 -0500)]
ipsec: fix padding/alignment for native IPsec encryption
Not all ESP crypto algorithms require padding/alignment to be the same
as AES block/IV size. CCM, CTR and GCM all have no padding/alignment
requirements, and the RFCs indicate that no padding (beyond ESPs 4 octet
alignment requirement) should be used unless TFC (traffic flow
confidentiality) has been requested.
CTR: https://tools.ietf.org/html/rfc3686#section-3.2
GCM: https://tools.ietf.org/html/rfc4106#section-3.2
CCM: https://tools.ietf.org/html/rfc4309#section-3.2
- VPP is incorrectly using the IV/AES block size to pad CTR and GCM.
These modes do not require padding (beyond ESPs 4 octet requirement), as
a result packets will have unnecessary padding, which will waste
bandwidth at least and possibly fail certain network configurations that
have finely tuned MTU configurations at worst.
Fix this as well as changing the field names from ".*block_size" to
".*block_align" to better represent their actual (and only) use. Rename
"block_sz" in esp_encrypt to "esp_align" and set it correctly as well.
test: ipsec: Add unit-test to test for RFC correct padding/alignment
test: patch scapy to not incorrectly pad ccm, ctr, gcm modes as well
- Scapy is also incorrectly using the AES block size of 16 to pad CCM,
CTR, and GCM cipher modes. A bug report has been opened with the
and acknowledged with the upstream scapy project as well:
https://github.com/secdev/scapy/issues/2322
Ticket: VPP-1928
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: Iaa4d6a325a2e99fdcb2c375a3395bcfe7947770e
Christian E. Hopps [Fri, 27 Sep 2019 18:05:09 +0000 (14:05 -0400)]
marvell: add cli options to configure rxq and txq sizes
Add the ability to configure the pp2 rx and tx queue sizes in the CLI.
Type: improvement
Signed-off-by: Christian E. Hopps <chopps@chopps.org>
Change-Id: I6a824f92e22fa47fec3d84525cc2d82524ddf639
Nathan Skrzypczak [Thu, 3 Sep 2020 09:37:56 +0000 (11:37 +0200)]
vlib: vlib_get_node_by_name fails via API
Type: fix
Calling vlib_get_node_by_name via the VPE api
doesn't work due to hash weirdness. Haven't
gotten around the real cause of this. But this
fixes it.
Change-Id: I89f95dba2bcd9573b8f1f435e063e9dd57f9ca93
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>