Rune E. Jensen [Tue, 22 Nov 2022 09:35:03 +0000 (10:35 +0100)]
gtpu: support non-G-PDU packets and PDU Session
Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as
specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with
the gtpu plugin.
New features:
- Basic support for the GTP-U Extension Header Flag.
Packets with one extension can now be decapsulated.
This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0).
New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI).
With this, encapsulated packets will have the PDU Session extension header, and the QFI set.
- Ability to forward GTP-U packets that are not handled by the plugin directly.
Only GTP-U packets with a message type of 255 (G-PDU) are handled directly.
However, 3GPP TS 29.281 defines several other message types like echo and error indication.
A new feature is added to optionally forward unknown or unsupported packets to a new IP address.
This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown
GTP-U header.
This allows both echo and error indications from a 5G gNodeB to be handled by a different system
outside VPP.
- Simple way to get metrics for active tunnels and on tunnel close.
In 5G session/tunnel lifetime is often short and created frequently.
The normal API becomes too slow and inaccurate when too many tunnels are created and deleted
every second.
Improvements:
- A clean ground structure to handle multiple message type in the future.
The code path for G-PDU packets is optimized for performance, representing the typical case.
Unsupported GTP-U packets enter a slow path that decodes the nature of the error.
This presents a easy hook to handle other message types in the future.
- Improved error reporting
When using traces there is more details in the tunnel descriptions.
- Updated the API with several enums.
Fixes:
- gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code.
- vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels.
Issues:
- This PR does not enable full support of the 3GPP specification.
In particular it only supports a single QoS/QFI flow for each tunnel.
It ignores all incoming extension header flags.
- API functions might change again when/if more support of the 3GPP TS 38.415 spec is added.
Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on
my API changes.
Type: feature
Signed-off-by: Rune E. Jensen <runeerle@wgtwo.com>
Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625
adrianvillin [Fri, 10 Nov 2023 08:59:59 +0000 (09:59 +0100)]
tests: perfmon - Added a check if test is running with root privileges
Type: test
Change-Id: I1910f3ef79e9018aee032daca0f1932eccb7b9f9
Signed-off-by: adrianvillin <avillin@cisco.com>
Damjan Marion [Mon, 6 Nov 2023 00:05:57 +0000 (00:05 +0000)]
iavf: interrupt mode support
Type: improvement
Change-Id: Ie5fcaa706ab0995e0021cf1ee74b95c5a3b30283
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Thu, 9 Nov 2023 03:57:38 +0000 (19:57 -0800)]
tls: fix handling of client and server init errors
- notify app on failed connect
- avoid cleanup of ctx before transport cleanup to be able to handle
pending rx notifications.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
Maxime Peim [Tue, 31 Oct 2023 15:29:59 +0000 (16:29 +0100)]
ipsec: IPsec fix constant propagation
In some anti-replay, some functions weren't using the boolean
telling if the window was huge or not. Hence, limiting the constant
propagation at compilation.
Type: fix
Change-Id: Ie5f2dda38339bb32113c6f7b2b82c82135fc92a8
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Florin Coras [Wed, 8 Nov 2023 21:11:06 +0000 (13:11 -0800)]
tls: propagate transport closed notifications
Notify app that transport is closed when tcp moves to closed state.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I18cbe1ac16b1a48ecd06af4c1b5535e12e4b0e75
Florin Coras [Wed, 8 Nov 2023 22:14:17 +0000 (14:14 -0800)]
tls: avoid reads after tcp transport removed
Make sure underlying transport connection is not removed on rescheduled
read event.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f
adrianvillin [Wed, 8 Nov 2023 14:17:14 +0000 (15:17 +0100)]
tests: Fix http static test failing on retry
- test_http_static.py: If namespace creation fails, try to delete the namespace and create it again
- vpp_qemu_utils.py: Added "isinstance()" to "delete_namespace()" to match "create_namespace()"
Type: test
Change-Id: I88ff7a36f5d52816fee16283efba6af025496491
Signed-off-by: adrianvillin <avillin@cisco.com>
adrianvillin [Tue, 7 Nov 2023 09:18:24 +0000 (10:18 +0100)]
tests: added a simple perfmon plugin test
Type: test
Change-Id: Ief0c0e13a2c19a03b48219d9a0d85256fb0c9dbe
Signed-off-by: adrianvillin <avillin@cisco.com>
adrianvillin [Tue, 31 Oct 2023 13:15:44 +0000 (14:15 +0100)]
tests: added simple CT6 plugin tests
Type: test
Change-Id: I77f119ac982170627484d792dc456753c9847af8
Signed-off-by: adrianvillin <avillin@cisco.com>
Damjan Marion [Fri, 3 Nov 2023 13:47:05 +0000 (13:47 +0000)]
dev: remove unused code
Change-Id: If380e4ab6ca30243137fd31fbe51845c0414721a
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 3 Nov 2023 13:47:05 +0000 (13:47 +0000)]
dev: interrupt mode support
Type: improvement
Change-Id: I4a0578598182339bcf76e6b01da76b590a06f773
Signed-off-by: Damjan Marion <damarion@cisco.com>
Artem Glazychev [Thu, 2 Nov 2023 12:47:23 +0000 (19:47 +0700)]
af_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flag
af_packet does not process data until the interface is UP. If after interface creation, but before it is UP, the host interfaces are flooded, then blocking case may occur - VPP interface will never be able to process the data.
If the EDGE_TRIGGERED flag is set, the event will not arrive, because nothing new is happening anymore (probably because the queue is already full).
Therefore, we need to use LEVEL_TRIGGERED (default value), which indicates that there is still unprocessed data (accumulated after interface creation, but before it was UP).
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ied459fd194149d09f226bcb0a5907b3e327b148a
Alexander Chernavin [Thu, 26 Oct 2023 11:48:06 +0000 (11:48 +0000)]
flowprobe: fix clearing interface state on feature disabling
As a result of recent fixes, all currently stored flows of an interface
are deleted when the feature is being disabled for the interface. This
includes stopping the timer and freeing the flow entries for further
reuse. The problem is that meta information is not cleared in the flow
entries being deleted. For example, packet delta count will keep its
value. The next flow that gets one of these pool entries will already
have a non-zero packet count. So the counting of packets will start from
a non-zero value. And incorrect packet delta count will be exported for
that flow.
With this fix, clear meta information too when clearing interface state.
Also, update the corresponding test to cover this case.
Type: fix
Change-Id: I9a73b3958adfd1676e66b0ed50f1478920671cca
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Jieqiang Wang [Mon, 24 Jul 2023 07:42:22 +0000 (15:42 +0800)]
build: disable bogus warnings for GCC 12
The array bounds and string overread check on GCC 12 report a dozen of
false positives that result in VPP build failures on ubuntu 22.04.
Work around this build issue by unconditionally disabling these two
warnings if C compiler is GCC 12 or newer version.
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I999e847bb625ebdf3ef5f11b11598c553f306670
Jieqiang Wang [Mon, 24 Jul 2023 08:52:06 +0000 (16:52 +0800)]
misc: silence -Wmaybe-uninitialized warnings
GCC 12 complains about such errors while the code itself looks good.
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I021719fdbf7d9bd93a12eac76aeac8cbca13a810
Damjan Marion [Mon, 6 Nov 2023 17:37:04 +0000 (17:37 +0000)]
vppinfra: fix ASAN issue in vec_foreach_pointer and pool_foreach_pointer
Change-Id: If9381ae7283488b352a3c22f85732cd56ac6bfd9
Type: fix
Fixes:
9937359,
91ff0e9
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dengfeng Liu [Thu, 13 Jul 2023 13:25:52 +0000 (21:25 +0800)]
ipsec: delete redundant code
Type: fix
Change-Id: I0de1c51455b0d3958c75ab5626a318ac656adbe7
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
Jieqiang Wang [Mon, 21 Aug 2023 07:58:10 +0000 (15:58 +0800)]
dpdk: correct the printing of Rx offloading flags
DPDK added new Rx checksum flags[1] to handle cases like the virtual
drivers. Current check of flags is not strict enough for flags like
RTE_MBUF_F_RX_IP_CKSUM_NONE and will always be true no matter the
checksum in packet is good or bad.
Fix this issue by comparing the result of AND operation with the
correspinding Rx checksum flags.
Before this patch, packet trace prints the offload flags as below:
Packet Offload Flags
PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
PKT_RX_IP_CKSUM_NONE (0x0090) no IP cksum of RX pkt.
PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid
PKT_RX_L4_CKSUM_NONE (0x0108) no L4 cksum of RX pkt.
After this patch, packet offload flags would be like:
Packet Offload Flags
PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid
PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid
Type: fix
[1] https://github.com/DPDK/dpdk/commit/
5842289a546ceb0072bd7faccb93821e21848e07
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I3182022d9ccd46b2fc55bb3edfbfac9062ed7c89
Damjan Marion [Mon, 6 Nov 2023 00:07:15 +0000 (00:07 +0000)]
pci: remove unnecessary ioctl() call and improve logging in vfio_set_irqs
Type: improvement
Change-Id: Ic8e2785bf375882defe5a1d299948d522cdd4895
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 6 Nov 2023 00:06:26 +0000 (00:06 +0000)]
pci: fix VFIO set IRQ code
Type: fix
Fixes:
599a16b
Change-Id: I954e037ab944028798f9aa2a93f45322c8c7b4bb
Signed-off-by: Damjan Marion <damarion@cisco.com>
Stanislav Zaikin [Fri, 13 Oct 2023 15:48:53 +0000 (17:48 +0200)]
bonding: add checks for sw_if_index in api
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I16b48460b3fcd82bbb89c375402cb2455414d8bb
Damjan Marion [Fri, 3 Nov 2023 21:57:42 +0000 (21:57 +0000)]
vppinfra: refactor interrupt code
Type: improvement
Change-Id: Ie6987736faf7d8a641762e276775da8ee0c03ea4
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dmitry Valter [Wed, 11 Oct 2023 20:37:04 +0000 (20:37 +0000)]
tests: allow explicit defaults for arg types
Allow settings default values explicitly in positive_int_or_default and
positive_float_or_default.
It allows setting setting default 0 test retries explicitly despite it
being not positive.
Type: improvement
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: Id23a9fdae0ef174eea8992c1f9fc2530aade6194
Damjan Marion [Thu, 2 Nov 2023 18:40:32 +0000 (18:40 +0000)]
dev: strip debig log function name prefix during compilation
Type: improvement
Change-Id: I9b9bb37a0895366b412f042b0e2da5bbdd477325
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Wallace [Thu, 31 Aug 2023 04:47:44 +0000 (00:47 -0400)]
tests: refactor asf framework code
- Make framework.py classes a subset of asfframework.py classes
- Remove all packet related code from asfframework.py
- Add test class and test case set up debug output to log
- Repatriate packet tests from asf to test directory
- Remove non-packet related code from framework.py and
inherit them from asfframework.py classes
- Clean up unused import variables
- Re-enable BFD tests on Ubuntu 22.04 and fix
intermittent test failures in echo_looped_back
testcases (where # control packets verified but
not guaranteed to be received during test)
- Re-enable Wireguard tests on Ubuntu 22.04 and fix
intermittent test failures in handshake ratelimiting
testcases and event testcase
- Run Wiregard testcase suites solo
- Improve debug output in log.txt
- Increase VCL/LDP post sleep timeout to allow iperf server
to finish cleanly.
- Fix pcap history files to be sorted by suite and testcase
and ensure order/timestamp is correct based on creation
in the testcase.
- Decode pcap files for each suite and testcase for all
errors or if configured via comandline option / env var
- Improve vpp corefile detection to allow complete corefile
generation
- Disable vm vpp interfaces testcases on debian11
- Clean up failed unittest dir when retrying failed testcases
and unify testname directory and failed linknames into
framwork functions
Type: test
Change-Id: I0764f79ea5bb639d278bf635ed2408d4d5220e1e
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Wed, 1 Nov 2023 19:51:58 +0000 (12:51 -0700)]
tcp: fix reset w pkt
Do not add ip header as that's added by tcp output and fix checksum.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9439acf5c66184af0350b1d4d7406b3feb2e79a1
Dave Wallace [Mon, 30 Oct 2023 21:05:23 +0000 (17:05 -0400)]
tests: remove packet debug output from npt66 testcases
Type: test
Change-Id: I1883b50f67890aefb28ca0ca7447f4e73c574d26
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Damjan Marion [Tue, 17 Oct 2023 16:08:18 +0000 (16:08 +0000)]
iavf: new driver using new dev infra
Type: feature
Change-Id: I9ae0dbf28b4571a37c568b587b771f90c06f200d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Tue, 17 Oct 2023 16:06:26 +0000 (16:06 +0000)]
dev: new device driver infra
Type: feature
Change-Id: I20c56e0d3103624407f18365c2bc1273dea5c199
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Wed, 1 Nov 2023 20:44:28 +0000 (13:44 -0700)]
tcp: remove redundant ack checks
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4001f39afde8c33b60c15f74034bcce013fbbf70
Florin Coras [Wed, 1 Nov 2023 20:01:48 +0000 (13:01 -0700)]
tcp: allow ooo data in syn-rcvd
As long as ack and segment are legitimate accept ooo data as we
transition to established.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I85cdc65d70cb8ae689a9ce9bbe4f86228b1ac533
Florin Coras [Thu, 26 Oct 2023 15:46:46 +0000 (08:46 -0700)]
tcp: postpone cleanup on connect failures
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I231b319d4d7aa3e17cc8cfe8aaa4762995a5b2c4
Dave Wallace [Wed, 1 Nov 2023 03:20:47 +0000 (23:20 -0400)]
tests: fix UDP port range for mdata and bufmon
- Use of well known UDP port numbers causes random
failure of mdata and bufmon tests
Type: test
Change-Id: I21a01c54e5f166aea101d3caace85b53f3f7285d
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
hsandid [Mon, 30 Oct 2023 17:47:36 +0000 (18:47 +0100)]
docs: Updated "VPP with Containers" use-case section
Type: improvement
Modified "VPP with Containers" doc section to run on Ubuntu 22.04 LTS.
Change-Id: Ic09b88cf0e3b492711222a1bb24552de964a7d03
Signed-off-by: hsandid <halsandi@cisco.com>
adrianvillin [Tue, 31 Oct 2023 12:15:53 +0000 (13:15 +0100)]
tests: http static - skip if cannot create namespaces
Type: test
Change-Id: I5fddb293f1b56853613ca2823dbb6d3d887d9929
Signed-off-by: adrianvillin <avillin@cisco.com>
Filip Tehlar [Thu, 26 Oct 2023 10:51:09 +0000 (12:51 +0200)]
hsa: use common app session interface in echo tests
Type: test
Change-Id: Ib320cfb5e20f12614c013a92ac15490f8ca3a7ce
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
vinay tripathi [Tue, 6 Jun 2023 07:27:55 +0000 (12:57 +0530)]
ipsec: separate UDP and UDP-encapsulated ESP packet processing
This fix differentiates UDP and UDP-encapsulated ESP packets processing.
While UDP-encapsulated ESP traffic is processed as IPsec traffic, UDP as
other plain-text protocols is NOT dispatched against SPD policies.
Key logic is taken from RFC 3948, and is based on the fact
that the checksum of UDP packet encapsulating ESP packet must be zero.
Type: fix
Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com>
Change-Id: Ib1b4d240eea8e89f2daf17ec833905f26cdb31bd
vinay Tripathi [Fri, 20 Oct 2023 05:20:47 +0000 (05:20 +0000)]
ipsec: modify IPsec related tests to send and verify UDP-encapsulated ESP traffics
In this patch, IPsec related test files have been modified to send UDP-encapsulated
ESP packets,and validate against Inbound and Outbound policies that are configured
with Bypass, Discard and Protect action.
Type: test
Change-Id: I4b8da18270fd177868223bfe1389dc9c50e86cc5
Signed-off-by: vinay Tripathi <vinayx.tripathi@intel.com>
vinay tripathi [Wed, 31 May 2023 09:11:45 +0000 (14:41 +0530)]
ipsec: move udp/esp packet processing in the inline function ipsec_esp_packet_process
This inline function is introduced to simplify code readability and allows to splitting of
UDP and ESP processing in the next step.
Type: improvement
Change-Id: Ida4d6abbed141ac74d4d285900777778eb8a5a1d
Signed-off-by: Vinay Tripathi <vinayx.tripathi@intel.com>
adrianvillin [Thu, 26 Oct 2023 12:26:18 +0000 (14:26 +0200)]
tests: Added LLDP plugin tests
Type: test
Change-Id: I5a2d1b2c92f2bb7c45a7b5e025584d9417487840
Signed-off-by: adrianvillin <avillin@cisco.com>
adrianvillin [Tue, 24 Oct 2023 10:53:10 +0000 (12:53 +0200)]
tests: Added http static server tests.
Coverage increased from 21% to 80%
Type: test
Change-Id: Ic8ecc620cef738d7dbe4c259f58a373ac155a588
Signed-off-by: adrianvillin <avillin@cisco.com>
Filip Tehlar [Wed, 25 Oct 2023 12:59:09 +0000 (14:59 +0200)]
hsa: preallocate sessions on server side
Type: test
Change-Id: Ib809f5a6c9e2f08d87f0070231df04d5f0040ca0
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Mohammed Hawari [Mon, 30 Oct 2023 09:52:19 +0000 (10:52 +0100)]
vcl: propagate correctly EADDRINUSE for UDP bind
Change-Id: Ia8b5421cbaaf861ddb3ad7aeca53a077ff18864e
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
Maxime Peim [Thu, 22 Dec 2022 11:26:57 +0000 (11:26 +0000)]
ipsec: huge anti-replay window support
Type: improvement
Since RFC4303 does not specify the anti-replay window size, VPP should
support multiple window size. It is done through a clib_bitmap.
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: I3dfe30efd20018e345418bef298ec7cec19b1cfc
Alexander Chernavin [Thu, 26 Oct 2023 11:18:19 +0000 (11:18 +0000)]
flowprobe: fix accumulation of tcp flags in flow entries
Currently, TCP flags of a flow entry don't get reset once the flow is
exported (unlike other meta information about a flow - packet delta
count and octet delta count). So TCP flags are accumulated as long as
the flow is active. When the flow expires, it is exported the last time,
and its pool entry is freed for further reuse. The next flow that gets
this pool entry will already have non-zero TCP flags. If it's a TCP
flow, the flags will keep being accumulated. This might look fine when
exported. If it's a non-TCP flow, that will definitely look erroneous.
With this fix, reset TCP flags once the flow is exported. Also, cover
the reuse case with tests.
Type: fix
Change-Id: I5f8560afffcfe107909117d3d063e8a69793437e
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Florin Coras [Fri, 27 Oct 2023 16:21:50 +0000 (09:21 -0700)]
session: fix bind replies with errors
Type: fix
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Icdff3528fcaf863b400b9aca6c30d284bc17d5f0
Filip Tehlar [Fri, 27 Oct 2023 07:56:41 +0000 (09:56 +0200)]
hsa: fix coverity warning
Type: test
Change-Id: Iba94edb7eb439ddc994d9a16cb52108373d052ce
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Thu, 26 Oct 2023 19:44:18 +0000 (19:44 +0000)]
devices: remove unused code
Type: improvement
Change-Id: I2427e1a93e89e9a7ac884b84352b96cf523ae11e
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Mon, 4 Sep 2023 12:17:52 +0000 (14:17 +0200)]
hsa: unify echo test setup
Type: test
Change-Id: I8665492c2f7755901a428aacdb27e98329ff557a
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
adrianvillin [Wed, 25 Oct 2023 08:36:05 +0000 (10:36 +0200)]
tests: Added bufmon plugin test
Coverage increased from 35% to 94%
Type: test
Change-Id: I9a54a58bf53b29a771a93ce03998e95fbcd518eb
Signed-off-by: adrianvillin <avillin@cisco.com>
Andrew Yourtchenko [Wed, 18 Oct 2023 21:18:32 +0000 (21:18 +0000)]
build: allow for reproducible builds
Setting and using the SOURCE_DATE_EPOCH variable takes
care of most of the magic necessary.
https://reproducible-builds.org/docs/source-date-epoch/
vpp-ext-deps packages after this change is being built with that
date set to date of the last modification of the
subtree (similar logic to deriving the "number" for
the package version)
For the rest of the packages, pinning the following
three variables should result in bit-identical
artifacts across multiple runs:
export SOURCE_DATE_EPOCH=$(date +%s)
export VPP_BUILD_HOST="buildhost"
export VPP_BUILD_USER="builduser"
Add a blurb in the docs describing this new functionality.
Type: improvement
Change-Id: I71b085f0577b2358aa98f01dafd8e392239420a6
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Damjan Marion [Wed, 25 Oct 2023 11:48:03 +0000 (13:48 +0200)]
lisp: fix missing symbol issue
Type: fix
Change-Id: I9373dabcdb2c4ba987e732b59e63b52603010873
Signed-off-by: Damjan Marion <damarion@cisco.com>
adrianvillin [Tue, 24 Oct 2023 10:28:31 +0000 (12:28 +0200)]
tests: Added mdata plugin test
Coverage increased from 54% to 92%
Type: test
Change-Id: Ibb26f2b8989c5bb2826190c961bffe2c21c3f9a2
Signed-off-by: adrianvillin <avillin@cisco.com>
Damjan Marion [Tue, 24 Oct 2023 21:59:48 +0000 (23:59 +0200)]
buffers: buffer name is vector, not c string
Type: fix
Fixes:
8973b07
Change-Id: Iba6e29bab35be0148b469965c3af8391b5ab9140
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Tue, 24 Oct 2023 16:04:51 +0000 (18:04 +0200)]
marvell: fix compilation issues
Type: fix
Fixes: unknown
Change-Id: I81ee03aaea2e1e6ffb9d6ee91db7fb9acd6debb7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Matthew Smith [Tue, 26 Sep 2023 13:08:26 +0000 (13:08 +0000)]
fib: only update glean for interface if necessary
Type: improvement
If an interface address is added, the glean adjacency for it's covering
prefix is updated with that address. In the case of multiple addresses
within the same prefix being added, the most recently added one will end
up being used as the sender protocol address for ARP requests.
Similar behavior occurs when an interface address is deleted. The glean
adjacency is updated to some appropriate entry under it's covering
prefix. If there were multiple interface addresses configured, we may
update the address on the adjacency even though the address currently in
use is not the one being deleted.
Add a new value PROVIDES_GLEAN to fib_entry_src_flag_t. The flag
identifies whether a source interface entry is being used as the address
for the glean adjacency for the covering prefix.
Update logic so that the glean is only updated on adding an interface
address if there is not already a sibling entry in use which has the
flag set. Also, only update the glean on deleting an interface address
if the address being deleted has the flag set.
Also update unit test which validates expected behavior in the case
where multiple addresses within a prefix are configured on an interface.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I7d918b8dd703735b20ec76e0a60af6d7e571b766
adrianvillin [Mon, 23 Oct 2023 16:54:29 +0000 (18:54 +0200)]
tests: Added STN plugin test to improve coverage.
Type: test
Change-Id: I30dfaed684e1f808089bb8eb301486434425ccd7
Signed-off-by: adrianvillin <avillin@cisco.com>
adrianvillin [Thu, 19 Oct 2023 10:15:52 +0000 (12:15 +0200)]
tests: Added a simple Snort plugin test to increase coverage.
Type: test
Change-Id: I96ec8b4347210672bc587407ab2fd0f0305ea486
Signed-off-by: adrianvillin <avillin@cisco.com>
Ting Xu [Tue, 4 Jul 2023 07:36:33 +0000 (07:36 +0000)]
dpdk: fix variable type in pattern parsing
In current pattern parsing function in DPDK, some of the variables of
packet length are defined as uint8_t, which are too small for some
large-size packets, such as srv6. Change the type to uint16_t.
Type: fix
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I06819e9716da098ca456c0405f0e6fd9a8eb0bc9
Dmitry Valter [Thu, 5 Oct 2023 08:31:23 +0000 (08:31 +0000)]
crypto: fix algo selection
Check if crypto ops vector is matching actual ops instead if blindly
dereferencing it.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: Ib88ab44137d9360ee96228e72349a62b2fa7a7e0
Alexander Chernavin [Tue, 17 Oct 2023 08:54:33 +0000 (08:54 +0000)]
flowprobe: fix sending L4 fields in L2 template and flows
Currently, when L2 and L4 recording is enabled on the L2 datapath, the
L2 template will contain L4 fields and L2 flows will be exported with
those fields always set to zero.
With this fix, when L4 recording is enabled, add L4 fields to templates
other than the L2 template (i.e. to the IP4, IP6, L2_IP4, and L2_IP6
templates). And export L2 flows without L4 fields. Also, cover that case
in the tests.
Type: fix
Change-Id: Id5ed8b99af5634fb9d5c6e695203344782fdac01
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Steven Luong [Thu, 5 Oct 2023 22:33:40 +0000 (15:33 -0700)]
memif: contention between memif_disconnect and memif RX/TX threads
memif_disconect may be called without barrier sync. It removes stuff in mq
without protection which may cause troubles for memif RX/TX worker threads.
The fix is to protect mq removal in memif_disconnect.
Type: fix
Change-Id: I368c466d1f13df98980dfa87e8442fbcd822a428
Signed-off-by: Steven Luong <sluong@cisco.com>
Damjan Marion [Fri, 13 Oct 2023 09:59:00 +0000 (09:59 +0000)]
buffers: introduce vlib_buffer_template_t
Type: improvement
Change-Id: Ie86a5edf2ada21355543e9a0382052b16ff86927
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Sat, 14 Oct 2023 22:01:48 +0000 (15:01 -0700)]
tcp: initialize connection index on rst w packet
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie01d7e8d6eddf3ba88f2cd6eb8369c8ec8179cb4
Florin Coras [Sat, 14 Oct 2023 22:16:18 +0000 (15:16 -0700)]
tcp: allow fins in syns in syn-rcvd
Also make sure connection is properly cleaned up.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I02f83e9a1e17cbbbd2ee74044d02049b2fd2f21c
Florin Coras [Sat, 14 Oct 2023 22:22:04 +0000 (15:22 -0700)]
tcp: handle syn-ack in fin-wait-2 in rcv process
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If74e04498423bed42593e79ec92482421cfda8d2
Ole Troan [Fri, 13 Oct 2023 07:19:45 +0000 (09:19 +0200)]
ip-neighbor: do not use sas to determine NS source address
Using the source address selection algorithm to determine the best source
of an NS for address resolution risks incompatible behavior.
It may choose a source address that is off-link to the other host.
Which may drop it.
A safer approach is to always use the link-local address as the SA.
It's recommended to pick a source that an application will later use,
as VPP is mostly a router, that rarely applies. And regardlessly we have
no mechanism to signal from an application that triggered address resolutiuon
what source address it intends to use.
Type: fix
Change-Id: I3c5de66e41505f3682767706ef1195a20e4f0e54
Signed-off-by: Ole Troan <otroan@employees.org>
Alexander Chernavin [Tue, 3 Oct 2023 12:45:51 +0000 (12:45 +0000)]
flowprobe: fix corrupted packets sent after feature disabling
When IPFIX flow record generation is enabled on an interface and the
active timer is set, flows will be saved and then exported according to
the active and passive timers. If then disable the feature on the
interface, the flow entries currently saved will remain in the state
tables. They will gradually expire and be exported. The problem is that
the template for them has already been removed. And they will be sent
with zero template ID which will make them unreadable.
A similar problem will occur if feature settings are "changed" on the
interface - i.e. disable the feature and re-enable it with different
settings (e.g. set a different datapath). The remaining flows that
correspond to the previous feature settings will be eventually sent
either with zero template ID or with template ID that corresponds to the
current feature settings on the interface (and look like garbage data).
With this fix, flush the current buffers before template removal and
clear the remaining flows of the interface during feature disabling.
Type: fix
Change-Id: I1e57db06adfdd3a02fed1a6a89b5418f85a35e16
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Vladislav Grishenko [Thu, 14 Sep 2023 17:14:38 +0000 (22:14 +0500)]
nat: add ipfix rate-limiter for nat44-ed, nat44-ei and nat64
This prevents ipfix flood with the repeating events and allows
to enable nat64 max_session and max_bibs events. Also fix wrong
endian for det44 and nat64 ipfix tests, now should be fine with
extended tests enabled.
Max session per user event @ nat44-ei requires more precise rate
limiter per user address, probably with sparse vec, not handled.
Type: improvement
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Ib20cc1ee3f81e7acc88a415fe83b4e2deae2a836
Ole Troan [Thu, 12 Oct 2023 16:54:55 +0000 (18:54 +0200)]
npt66: icmp6 alg to handle icmp6 error messages
Support rewriting the inner packet for ICMP6 error messages.
Type: feature
Change-Id: I7e11f53626037075a23310f1cb7e673b0cb52843
Signed-off-by: Ole Troan <otroan@employees.org>
Ole Troan [Fri, 13 Oct 2023 06:52:47 +0000 (08:52 +0200)]
ip-neighbor: add ip neighbor flush
Flushing the neighbor cache was only available through API.
Add CLI command. Either flushes whole table (IP4,IP6)
or all neighbors on specified interface.
Type: improvement
Change-Id: Ia8c68fb032a2dfd940a136edc2aee80db5c37685
Signed-off-by: Ole Troan <otroan@employees.org>
Damjan Marion [Sat, 14 Oct 2023 08:41:54 +0000 (08:41 +0000)]
feature: remove unused code
Type: improvement
Change-Id: If775b1d145e462346de562a3c893f302e8c7b814
Signed-off-by: Damjan Marion <damarion@cisco.com>
Stanislav Zaikin [Tue, 5 Sep 2023 08:40:07 +0000 (10:40 +0200)]
linux-cp: check if lcp_itf_pair exists before creating tap
Now we create tun/tap and then check whether lcp_itf_pair was already
created. Move the check in the beginning.
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I848685a9cfdbe92a5e38ecb8e5d5322262b4e384
Alexander Chernavin [Mon, 22 May 2023 14:27:24 +0000 (14:27 +0000)]
ethernet: run callbacks for subifs too when mac changes
When MAC address changes for an interface, address change callbacks are
executed for it. In turn adjacencies register a callback for MAC address
changes to be able to update their rewrite strings accordingly.
Subinterfaces inherit MAC address from the parent interface. When MAC
address of the parent interface changes, it also implies MAC address
change for its subinterfaces. The problem is that this is currently not
considered when address change callbacks are executed. After MAC address
change on the parent interface, packets sent from subinterfaces might
have wrong source MAC address as the result of stale adjacencies. For
example, ARP messages might be sent with the wrong (previous) MAC
address and address resolution will fail.
With this fix, when address change callbacks are executed for an
interface, they will be also executed for its subinterfaces. And
adjacencies will be able to update accordingly.
Type: fix
Change-Id: I87349698c10b9c3a31a28c0287e6dc711d9413a2
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Damjan Marion [Thu, 12 Oct 2023 17:38:52 +0000 (17:38 +0000)]
vlib: properly replicate nexts when sibling node is created on runtime
Change-Id: I5aff21b5ca32e7eb84b11cca8387e7ac42fbbe23
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 12 Oct 2023 17:41:14 +0000 (17:41 +0000)]
vlib: allow unpriviledged vlib_pci_get_device_info()
When running unpriviledged sysfs allows reading only first
64 bytes of PCI config space.
Change-Id: I62d18328925a2e4936406c2842154b20182cacb9
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Ole Troan [Thu, 12 Oct 2023 11:38:38 +0000 (13:38 +0200)]
npt66: add show command and rx/tx counters
Add show npt66 bindings.
Add RX/TX and translation error counters.
Type: improvement
Change-Id: I4513b111f815a15d5a7537ce503f0c084b523aa1
Signed-off-by: Ole Troan <otroan@employees.org>
Florin Coras [Thu, 12 Oct 2023 19:39:15 +0000 (12:39 -0700)]
session: fix duplicate rx events
Be less aggressive with rx events on connect/accept notification.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie93a08c7eef69383bf0301a163fd2131dd51372a
Alexander Chernavin [Wed, 11 Oct 2023 12:15:55 +0000 (12:15 +0000)]
flowprobe: fix sending L2 flows using L2_IP6 template
Currently, L2 flows are exported using L2_IP6 template if L3 or L4
recording is enabled on L2 datapath. That occurs because during feature
enable, L2 template is added and its ID is not saved immediately. Then
L2_IP4 and L2_IP6 templates are added overwriting "template_id" each
time. And in the end, the current value of "template_id" is saved for L2
template. The problem is that "template_id" at that point contains the
ID of L2_IP6 template.
With this fix, save the template ID immediately after adding a template
for all variants (datapaths). Also, cover the case with a test.
Type: fix
Change-Id: Id27288043b3b8f0e89e77f45ae9a01fa7439e20e
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Alexander Kozyrev [Mon, 25 Sep 2023 15:11:55 +0000 (15:11 +0000)]
dpdk: add Mellanox BlueField NICs
List BlueField NICs as a supported PCI devices.
Type: feature
Change-Id: Ida2300df516ab9cd2fcde1f816bbdc081016039a
Signed-off-by: Alexander Kozyrev <akozyrev@nvidia.com>
Steven Luong [Wed, 11 Oct 2023 21:09:21 +0000 (14:09 -0700)]
session: ignore connecting half_open session in session_tx_fifo_dequeue_internal
s->tx_fifo is 0 for the connecting half open session.
Type: fix
Change-Id: I2ba1ae99a2fa4fae1896587f40e0e4fb73c1edcb
Signed-off-by: Steven Luong <sluong@cisco.com>
Brian Morris [Wed, 11 Oct 2023 17:36:59 +0000 (17:36 +0000)]
tls: Fix SSL_CTX leak on every client session
Type: fix
Change-Id: I35b3920288269073cdd35f79c938396128d169c9
Signed-off-by: Brian Morris <bmorris2@cisco.com>
Florin Coras [Tue, 10 Oct 2023 19:39:55 +0000 (12:39 -0700)]
session: ignore app rx ntf if transport closed
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id56a101a6350903b00f7c96705fb86039e70e12c
Florin Coras [Tue, 10 Oct 2023 17:21:01 +0000 (10:21 -0700)]
session: fix tx deq ntf assert for cl
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I97a04ed0417f1a3433665f6aa1a9424138fd54cb
Dave Wallace [Wed, 11 Oct 2023 03:19:18 +0000 (23:19 -0400)]
lb: fix intermittent per-port-vip idx lookup failure
- Causes per-port-vip testcases to fail when the
uninitialized reserved field in the stack variable
key for the hash lookup was a non-zero stack memory
location.
Type: fix
Change-Id: I56afa15e7df60bc2340514f2c7ce5e71a9cb47a9
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Tue, 10 Oct 2023 01:25:39 +0000 (18:25 -0700)]
session: maintain old state on premature close
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2ea821e0499a3874c4579f5480ea86f30ebe615f
Dave Wallace [Mon, 9 Oct 2023 22:05:47 +0000 (18:05 -0400)]
vppinfra: fix coverity issue CID 323952
Type: fix
Fixes:
08600ccfa
Change-Id: I53ba0d96507b55ab7cd735073d6c4cf20a3cc948
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Damjan Marion [Fri, 6 Oct 2023 08:59:32 +0000 (10:59 +0200)]
buffers: buffer allocation improvements
- pass buffer pool name trough va
- make buffers naturaly aligned
- fix calculation of total number of buffers
Type: improvement
Change-Id: I6aebf249ebd67823b4632ac08905bfa3aa7d1ee5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Sat, 7 Oct 2023 21:27:52 +0000 (14:27 -0700)]
tls: propagate reads to app irrespective of state
Session input node handles rx notifications even if session not fully
accepted/connected
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6560c45db8f8e0b7f0dc3bdd0939f13ca2f43f15
Florin Coras [Sat, 7 Oct 2023 02:06:35 +0000 (19:06 -0700)]
tls: report error if connected cannot be initialized
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I987ac6b461b473836917bce6ce0d4ac109cc8ddb
Florin Coras [Sat, 7 Oct 2023 00:31:32 +0000 (17:31 -0700)]
tls: no read after app close
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I34f8ee2e36d07e8e55e21561528fc6b73feb852f
Florin Coras [Sat, 7 Oct 2023 21:22:52 +0000 (14:22 -0700)]
session: propagate delayed rx evts after connect/accept
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4a2e8f864df7269ec5a3c4fd4d8785a67b687d58
Florin Coras [Fri, 6 Oct 2023 23:45:04 +0000 (16:45 -0700)]
session: handle accept and connect errors
If builtin apps refuse connections, they should be cleaned up.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I95ef22902ac3fe873e15e250aa5f03031c2dc0c4
hedi bouattour [Mon, 11 Sep 2023 14:48:12 +0000 (14:48 +0000)]
cnat: add flow hash config to cnat translation
Type: feature
this patch adds a hash config field to cnat translation
to use it in load balancing instead of always using default one
Change-Id: I5b79642ca8b365b5dcc06664f6c100a9d3830a29
Signed-off-by: hedi bouattour <hedibouattour2010@gmail.com>
Gabriel Oginski [Mon, 25 Sep 2023 10:41:06 +0000 (10:41 +0000)]
vpp-swan: fix config to run containers
This patch changes config to run containers on Ubuntu 22.04.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I3be48099cb48d2c4a04526c15780244614bef3d4
Damjan Marion [Wed, 4 Oct 2023 16:03:18 +0000 (18:03 +0200)]
vppinfra: fix string termination in clib_file_get_resolved_basename
Type: fix
Fixes:
40f4810
Change-Id: Idf51462c8154663de23154f17a894b7245c9fbf0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Nathan Skrzypczak [Tue, 3 Oct 2023 11:54:15 +0000 (13:54 +0200)]
session: make port range configurable
Type: feature
This patch makes the port range used by the transport layer
configurable in the manner of sysctl's ip_local_port_range.
Change-Id: Ie17f776538311b29d1dca64643a3a0bd74cb90a6
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Andrew Yourtchenko [Tue, 26 Sep 2023 14:01:21 +0000 (16:01 +0200)]
build: add ability to disable some plugins from packaging and tests
When custom-packaging the VPP artifacts, it can be useful to exclude
some of the core plugins from packaging/testing, for some reasons.
A removal of a plugin(s) from the worktree needs to be tracked as
a separate change, and thus is tricky from the maintenance
point of view.
This change adds the ability to "pretend they do not exist" -
plugins which are added to the comma-separated environment
variable "VPP_EXCLUDED_PLUGINS" will not be added to the build
process and not packaged.
The tests do not have the 1:1 relationship as plugins,
so they might need to be modified separately. This change
includes some of these modifications as an example.
Type: feature
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Id31562d00a01ced1acbb4996a633517cbd6f09d8
Damjan Marion [Fri, 29 Sep 2023 12:31:08 +0000 (14:31 +0200)]
vppinfra: add foreach_int macro
foreach_int(x, 1, 3, 5, 7)
{
fformat(stdout, "x is %u\n", x);
}
Type: improvement
Change-Id: Idc355f4a284f421b150e3acb7a3a57bcede408c7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Code Review / vpp.git / log