vpp.git
2 months agoaf_xdp: processing free buffer 25/43425/3
Steven Luong [Wed, 9 Jul 2025 22:59:59 +0000 (15:59 -0700)]
af_xdp: processing free buffer

af_xdp does not support big packets and they got dropped.
When that happens, we need to bump up the buffer pointer
and decrement packet count prior to going back to the
while loop.

Type: fix

Change-Id: I4722b15eb7ba5467f37e52ab532998c35caa3e2e
Signed-off-by: Steven Luong <[email protected]>
2 months agoaf_xdp: bump xdp-tools to 1.5.5 75/43475/4
Steven Luong [Wed, 23 Jul 2025 16:18:23 +0000 (09:18 -0700)]
af_xdp: bump xdp-tools to 1.5.5

Type: feature

Change-Id: Ia6d32305045f51b859c4b888f5912f8d4cbbd766
Signed-off-by: Steven Luong <[email protected]>
2 months agohttp: http2_transport_rx_callback hardening 04/43504/3
Matus Fabian [Fri, 1 Aug 2025 09:51:44 +0000 (05:51 -0400)]
http: http2_transport_rx_callback hardening

When we receive extra data bytes handle it as connection error to
prevent data leakage.

Type: improvement

Change-Id: I1316d019b252faa29a818b4aeff5d1d5752719e2
Signed-off-by: Matus Fabian <[email protected]>
2 months agobuild: updated to build on RHEL-8 49/43449/2
Joel Godfrey-Smith [Thu, 17 Jul 2025 14:49:08 +0000 (10:49 -0400)]
build: updated to build on RHEL-8

Type: improvement

extras/rpm/vpp.spec: updated to ensure crypto libraries are copied into lib RPM but other, conflicting system libraries are not

Change-Id: I786b61d17141e7ed2f8c88f9646e2bdad09c93fb
Signed-off-by: Joel Godfrey-Smith <[email protected]>
2 months agotests: af_xdp interface tests 65/43465/3
Naveen Joy [Mon, 21 Jul 2025 21:59:34 +0000 (14:59 -0700)]
tests: af_xdp interface tests

Type: test

Change-Id: I81019d2ac8b793c11b22deab8a103b37b88eb75e
Signed-off-by: Naveen Joy <[email protected]>
2 months agosession: session debug crashes with elog track 18/43518/3
Steven Luong [Mon, 4 Aug 2025 20:41:00 +0000 (13:41 -0700)]
session: session debug crashes with elog track

session debug uses elog track in the the transport.
However, not all transports initialize elog track.
If they don't, session debug crashes.

The fix is to use non elog track if elog track
is not initialized in the transport.

Type: fix

Change-Id: I123f71b39a4262cd68e35634dd5c7ec0e7b88cb0
Signed-off-by: Steven Luong <[email protected]>
2 months agohs-test: add hsi and transparent proxy test 11/43511/3
Matus Fabian [Fri, 1 Aug 2025 16:08:59 +0000 (12:08 -0400)]
hs-test: add hsi and transparent proxy test

Type: test

Change-Id: Ie7fdc987ee300cf0d3dc5aed31dd28a972f0c394
Signed-off-by: Matus Fabian <[email protected]>
2 months agoquic: reregister transport proto when no quic engine registered 82/43482/2
Dave Wallace [Fri, 25 Jul 2025 23:06:41 +0000 (19:06 -0400)]
quic: reregister transport proto when no quic engine registered

- fixes incomplete implementation from original patch to fix
  crash on startup when no quic engine is enabled

Type: fix
Fixes: 19e0d0ef8

Change-Id: I8508c28dc2e3d6201fd5de296386d0309fc0edd1
Signed-off-by: Dave Wallace <[email protected]>
2 months agopg: add support for checksum offload 98/42598/14
Mohsin Kazmi [Wed, 2 Jul 2025 10:48:11 +0000 (10:48 +0000)]
pg: add support for checksum offload

Type: improvement

This patch adds support for checksum offload.
There has been also added show packet-generator interface
cli.

Change-Id: I55462df45ea54b577c110e1cc4e3512d70bcfa90
Signed-off-by: Mohsin Kazmi <[email protected]>
2 months agotcp: fix persist handler in closed state 14/43514/4
Florin Coras [Fri, 1 Aug 2025 23:32:40 +0000 (19:32 -0400)]
tcp: fix persist handler in closed state

Do not rechedule connection if persist handler is called after
connection is closed.

Type: fix

Change-Id: Ibe7c3924c6fb107a36e4d459f32a39e49a0b7ae1
Signed-off-by: Florin Coras <[email protected]>
2 months agohs-test: glean proxy environment variables is present 13/43513/2
Florin Coras [Fri, 1 Aug 2025 23:06:04 +0000 (19:06 -0400)]
hs-test: glean proxy environment variables is present

Type: test

Change-Id: I2dc9136b12444f0fd2ef725b2d778a54538e5b17
Signed-off-by: Florin Coras <[email protected]>
2 months agotcp: conditionally initializing log track for unbind 12/43512/2
Steven Luong [Fri, 1 Aug 2025 22:26:49 +0000 (15:26 -0700)]
tcp: conditionally initializing log track for unbind

elog track is initialized when tcp open, bind, or syn rcvd
message is received. Logging tcp unbind event requires and
expects elog track is already initialized. If tcp debug
is enabled after the aforementioned 3 messages and the
first event that tcp logs is unbind, we crash because elog
track is not initialized.

Let's check the elog track is initialized yet or not
prior to logging an unbind event. If not, we initialize
it.

Type: fix

Change-Id: Ib8fde694dc48f30a87aa3ecd378c1960857e8c38
Signed-off-by: Steven Luong <[email protected]>
2 months agosession tls: scaffolding for async cert retrieval 60/43460/8
Florin Coras [Mon, 21 Jul 2025 00:57:29 +0000 (20:57 -0400)]
session tls: scaffolding for async cert retrieval

Basic experimental infrastructure for server async retrieval.

Type: improvement

Change-Id: Iec48a0a30e5968a42237b810ec5e6c4e9d633728
Signed-off-by: Florin Coras <[email protected]>
2 months agohs-test: PromMemLeakTest improvement 05/43505/1
Matus Fabian [Fri, 1 Aug 2025 10:13:44 +0000 (06:13 -0400)]
hs-test: PromMemLeakTest improvement

do warmup with same nuber of requests and sleep before main test
section to prevent false positives

Type: test

Change-Id: Ie0ffbb27be58693f0c35c9a7ffed216ec4be1cb4
Signed-off-by: Matus Fabian <[email protected]>
2 months agohttp: h2 connect-udp for client apps 01/43501/2
Matus Fabian [Wed, 30 Jul 2025 15:00:27 +0000 (11:00 -0400)]
http: h2 connect-udp for client apps

Type: improvement

Change-Id: Ib02f8494fe26be0abae8ceb4eba50866a2b08de1
Signed-off-by: Matus Fabian <[email protected]>
2 months agohttp: h2 connect for client apps 89/43489/6
Matus Fabian [Mon, 28 Jul 2025 15:27:04 +0000 (11:27 -0400)]
http: h2 connect for client apps

Type: improvement

Change-Id: If851b7802809f747b7613ba00c2ae31d944fb0d2
Signed-off-by: Matus Fabian <[email protected]>
2 months agohs-test: run containers wit --cap-add=SYS_PTRACE 02/43502/2
Matus Fabian [Wed, 30 Jul 2025 16:22:41 +0000 (12:22 -0400)]
hs-test: run containers wit --cap-add=SYS_PTRACE

otherwise you might not be able attach gdb to vpp running in container

Type: test

Change-Id: I4507971123ee67939b3a843916a6d523a2a09801
Signed-off-by: Matus Fabian <[email protected]>
2 months agohttp: format_http_transport_half_open fix 99/43499/1
Matus Fabian [Wed, 30 Jul 2025 13:23:40 +0000 (09:23 -0400)]
http: format_http_transport_half_open fix

with postponed ho clenup underlying transport ho session might not
exist anymore

Type: fix

Change-Id: Iadb7f2b901d13e26f0d39bffcd11cdebc2f9357f
Signed-off-by: Matus Fabian <[email protected]>
2 months agohs-test: nsim loss rate test 97/43497/3
Matus Fabian [Tue, 29 Jul 2025 15:26:24 +0000 (11:26 -0400)]
hs-test: nsim loss rate test

Type: test

Change-Id: I592c755c7bdc5daf422655892b171c42f19e9a7c
Signed-off-by: Matus Fabian <[email protected]>
2 months agohttp: h2 free stream scheduler heads with conn 93/43493/3
Matus Fabian [Tue, 29 Jul 2025 09:55:37 +0000 (05:55 -0400)]
http: h2 free stream scheduler heads with conn

Type: fix

Change-Id: I1cddb7547d08a0668f6e536d77094911d9b26a6e
Signed-off-by: Matus Fabian <[email protected]>
2 months agolinux-cp: fix multicast route updates on address add/del 95/43495/4
Denys Haryachyy [Tue, 29 Jul 2025 14:39:29 +0000 (17:39 +0300)]
linux-cp: fix multicast route updates on address add/del

Ensure multicast routes are only added when the first IPv4 address is configured on an interface,
and only removed when the last address is deleted.

This prevents premature removal or redundant addition of multicast routes during address changes.

Type: fix

Change-Id: Id191cd88abfc2c4c354fceec4aaabc030ed938cc
Signed-off-by: Denys Haryachyy <[email protected]>
2 months agovcl: atomics for tracking num workers in vls 84/43484/4
Florin Coras [Sun, 27 Jul 2025 22:10:50 +0000 (18:10 -0400)]
vcl: atomics for tracking num workers in vls

Type: improvement

Change-Id: I272be20ae56e4bb8a25d754926d14e45460bd920
Signed-off-by: Florin Coras <[email protected]>
2 months agovcl: favor wr to vls_mt_spool_rwlock 83/43483/3
Florin Coras [Sat, 26 Jul 2025 22:35:11 +0000 (18:35 -0400)]
vcl: favor wr to vls_mt_spool_rwlock

Type: improvement

In a multi-thread single worker app, there can be contention between
many readers and the writers. The writers, which can be close operations
that potentially influence the app logic, could be starved if the
numbers of readers is significant.

To avoid this, always favor writers. Might require fine tuning in the
future.

Change-Id: I5ef529195a31114bb95e19e5880247f58d454370
Signed-off-by: Florin Coras <[email protected]>
2 months agohs-test: add nginx mirroring KinD test, cleanup 87/43387/4
Adrian Villin [Fri, 25 Jul 2025 14:11:20 +0000 (16:11 +0200)]
hs-test: add nginx mirroring KinD test, cleanup

Type: test

Change-Id: I15e145023226ea0d442f69e42da4cdc586366873
Signed-off-by: Adrian Villin <[email protected]>
2 months agohs-test: containerize ginkgo 85/43385/7
Adrian Villin [Mon, 21 Jul 2025 12:08:14 +0000 (14:08 +0200)]
hs-test: containerize ginkgo

- ginkgo will run in a container
- replaced '--network=host' with '--network=container:ginkgo'
- removed --privileged flags
- removed network namespaces from HST
- updated goimports
- fixed state hashes

Type: improvement

Change-Id: I5f4c5aa93437f40b36a8eb2ba3d6486cdfe23e09
Signed-off-by: Adrian Villin <[email protected]>
2 months agohs-test: fix nsim interface in TcpWithLoss tests 94/43494/1
Matus Fabian [Tue, 29 Jul 2025 13:18:30 +0000 (09:18 -0400)]
hs-test: fix nsim interface in TcpWithLoss tests

Type: test

Change-Id: I94b3f052fa7a482083ae7459f1cfea067453c9b5
Signed-off-by: Matus Fabian <[email protected]>
2 months agohsa: cl udp app wait for pthreads to exit 92/43492/3
Florin Coras [Tue, 29 Jul 2025 04:56:49 +0000 (00:56 -0400)]
hsa: cl udp app wait for pthreads to exit

Type: improvement

Change-Id: I31367de6fe3dde38d4379069b5c6fe589bd12e76
Signed-off-by: Florin Coras <[email protected]>
2 months agonsim: fix uninitialized variables 91/43491/2
Matus Fabian [Mon, 28 Jul 2025 16:49:35 +0000 (12:49 -0400)]
nsim: fix uninitialized variables

othervise user is not informed of missing parameter and demons fly out
of your nose

Type: fix

Change-Id: I54db587c99f193de1884fd7a0e292ae7128da5d7
Signed-off-by: Matus Fabian <[email protected]>
2 months agohttp: huffman decoder invalid EOS handling fix 85/43485/2
Matus Fabian [Mon, 28 Jul 2025 08:42:35 +0000 (04:42 -0400)]
http: huffman decoder invalid EOS handling fix

Handle EOS longer than 7 bits

Type: fix

Change-Id: I4cb3ba37efe17dad9245c4d433eac987354d225c
Signed-off-by: Matus Fabian <[email protected]>
2 months agovlib: fix typo in ASAN stack size calculation 73/43373/2
Vladimir Zhigulin [Fri, 4 Jul 2025 09:10:44 +0000 (11:10 +0200)]
vlib: fix typo in ASAN stack size calculation

Type: fix

Change-Id: I771ca783854f704fc333a6dd857831ffe5d70bd3
Signed-off-by: Vladimir Zhigulin <[email protected]>
2 months agovlib: remove timer when sched node is dispatched by interrupt 74/43474/4
Damjan Marion [Wed, 23 Jul 2025 12:41:16 +0000 (12:41 +0000)]
vlib: remove timer when sched node is dispatched by interrupt

Type: fix
Change-Id: I48a0da4a3af50101e2d2c1ed3cd8734b7e907f77
Signed-off-by: Damjan Marion <[email protected]>
3 months agohttp: validate h2 frame lengeth in handlers 80/43480/3
Matus Fabian [Fri, 25 Jul 2025 15:50:00 +0000 (11:50 -0400)]
http: validate h2 frame lengeth in handlers

Type: fix

Change-Id: I741a80a44c4355849e354c9b17d9213ac90a381d
Signed-off-by: Matus Fabian <[email protected]>
3 months agohs-test: h2 client memory leak test 79/43479/2
Matus Fabian [Fri, 25 Jul 2025 13:09:27 +0000 (09:09 -0400)]
hs-test: h2 client memory leak test

Type: test

Change-Id: Ie8c49e84031d0da06c9770de25e94ff8166457f9
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: starting http/2 with prior knowledge 78/43478/2
Matus Fabian [Fri, 25 Jul 2025 09:39:44 +0000 (05:39 -0400)]
http: starting http/2 with prior knowledge

Added flags member to transport_endpt_cfg_http_t where client app can
set HTTP_ENDPT_CFG_F_HTTP2_PRIOR_KNOWLEDGE when it want to use
HTTP/2 connection over cleartext TCP.

Type: improvement

Change-Id: Ib904a5cbdd34c6838d029a46c388e31a3329d399
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: h2 client multiplexing 58/43458/15
Matus Fabian [Fri, 18 Jul 2025 17:04:07 +0000 (13:04 -0400)]
http: h2 client multiplexing

Type: improvement

Change-Id: I768df864cbda26b0901528789b52a33e788c2258
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: h2 flow control improvement 64/43464/3
Matus Fabian [Mon, 21 Jul 2025 12:10:36 +0000 (08:10 -0400)]
http: h2 flow control improvement

resereve half of the app fifo size for headers to avoid full fifo when
first data frame is received

Type: improvement

Change-Id: I366b9a5495b3b6303125260b340b600fd212be58
Signed-off-by: Matus Fabian <[email protected]>
3 months agodocs: correct deleting an interface ip address 56/43456/2
Steven Luong [Fri, 18 Jul 2025 00:11:03 +0000 (17:11 -0700)]
docs: correct deleting an interface ip address

The del keyword must be specified after ip address, not at the end
as the example shows.

DBGvpp# sh int addr
sh int addr
enp134s0f0np0/0 (up):
  L3 10.10.10.32/24
local0 (dn):
DBGvpp#  set interface ip address enp134s0f0np0/0 10.10.10.32/24 del
 set interface ip address enp134s0f0np0/0 10.10.10.32/24 del
set interface ip address: failed to add 10.10.10.32/24 on enp134s0f0np0/0 which conflicts with 10.10.10.32/24 for interface enp134s0f0np0/0
DBGvpp# sh int addr
sh int addr
enp134s0f0np0/0 (up):
  L3 10.10.10.32/24
local0 (dn):
DBGvpp#  set interface ip address del enp134s0f0np0/0 10.10.10.32/24
 set interface ip address del enp134s0f0np0/0 10.10.10.32/24
DBGvpp# sh int addr
sh int addr
enp134s0f0np0/0 (up):
local0 (dn):
DBGvpp#

Type: fix

Change-Id: Icd85cbbc5b149c67d411f837f0cd9b76beddc5b6
Signed-off-by: Steven Luong <[email protected]>
3 months agol2: stale cached value input->bd_seq_num 18/42518/3
Steven Luong [Wed, 19 Mar 2025 18:46:26 +0000 (11:46 -0700)]
l2: stale cached value input->bd_seq_num

bd_seq_num is cached to l2_input_config to save a few cycles for lookup.
However, when the value is changed, we forgot to update the cache.

Type: fix
Fixes: 47a3d9975fa3af7a7537b565d6511dadc0df61fb

Change-Id: I553c61f4b072c74a6bc7fe1bf56d98ec881c833f
Signed-off-by: Steven Luong <[email protected]>
3 months agovcl: revert allow reads after transport cleanup 77/43477/1
Florin Coras [Thu, 24 Jul 2025 18:27:16 +0000 (11:27 -0700)]
vcl: revert allow reads after transport cleanup

Type: fix
Fixes: 784410190eb96fa8dea9fa67a086aa0044fe9025

Change-Id: Iad0f083c4eceb9778f5dc8099c4a0da3fa230623
Signed-off-by: Florin Coras <[email protected]>
3 months agodpdk: bump to DPDK 25.07 and rdma-core 58.0 76/43476/2
Jeff Shaw [Wed, 23 Jul 2025 18:13:54 +0000 (11:13 -0700)]
dpdk: bump to DPDK 25.07 and rdma-core 58.0

Type: feature
Change-Id: Ia9c378e144057128f123b2dc08c6f631c39f8e97
Signed-off-by: Jeff Shaw <[email protected]>
3 months agopapi: fix deprecated call to setup.py 55/43455/2
Damjan Marion [Thu, 17 Jul 2025 22:33:55 +0000 (22:33 +0000)]
papi: fix deprecated call to setup.py

Type: fix
Change-Id: I0e5e61395b619e28cf75cde1770d631b47e8c0b7
Signed-off-by: Damjan Marion <[email protected]>
3 months agoip: common icmp echo structure 99/43099/5
Ole Troan [Thu, 5 Jun 2025 10:39:58 +0000 (12:39 +0200)]
ip: common icmp echo structure

Move the replicated ICMP echo structure from the NAT implementations
to the common IP ICMP header.

Type: improvement
Change-Id: I3770d2609c2366859b014ae66096cd545f4b1262
Signed-off-by: Ole Troan <[email protected]>
3 months agosession: set maximum memory for fifos 82/43382/5
Alexander Maltsev [Sat, 19 Jul 2025 16:50:45 +0000 (21:50 +0500)]
session: set maximum memory for fifos

Add APP_OPTIONS_MAX_FIFO_MEMORY to set upper limit on how much memory
could be used by fifos. It is rounded upwards to nearest segment size.
If not specified, no limit is set.

Type: feature
Change-Id: I7fb87808973e761b7c40b734b18d55b8a8d8296e
Signed-off-by: Alexander Maltsev <[email protected]>
3 months agosession: add new error MAX_STREAMS_HIT 59/43459/2
Matus Fabian [Fri, 18 Jul 2025 18:40:01 +0000 (14:40 -0400)]
session: add new error MAX_STREAMS_HIT

Type: improvement

Change-Id: I2e5a153a30b566d7d20d8ceeec26b80075dfec80
Signed-off-by: Matus Fabian <[email protected]>
3 months agohsa: http client set connect_sep to null on init 57/43457/2
Matus Fabian [Fri, 18 Jul 2025 09:43:10 +0000 (05:43 -0400)]
hsa: http client set connect_sep to null on init

Set connect_sep in http (cli) client to SESSION_ENDPOINT_CFG_NULL on
init to be sure that parrent_handle is invalid if not used.

Type: improvement

Change-Id: Ia42cbe8ea90402d20b07f933b5308642a098235f
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: h2 coverity fix 46/43446/4
Matus Fabian [Thu, 17 Jul 2025 13:42:54 +0000 (09:42 -0400)]
http: h2 coverity fix

Type: fix

Change-Id: Ib5ac44ae95a7e0c62830b8a93803312cbc875f88
Signed-off-by: Matus Fabian <[email protected]>
3 months agohs-test: h2 client testing with h2spec 45/43445/4
Matus Fabian [Thu, 17 Jul 2025 12:58:08 +0000 (08:58 -0400)]
hs-test: h2 client testing with h2spec

Type: test

Change-Id: If588fa070adebb631bf71fc8c3e82a00ba628a69
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: h2 client error handling improvement 44/43444/2
Matus Fabian [Thu, 17 Jul 2025 12:57:09 +0000 (08:57 -0400)]
http: h2 client error handling improvement

Type: improvement

Change-Id: If989e6f1f2e23abae0214f467e8a285256ab1d17
Signed-off-by: Matus Fabian <[email protected]>
3 months agobuild: update openssl to 3.5.1 in vpp-opt-deps 51/43451/2
Dave Wallace [Thu, 17 Jul 2025 20:00:49 +0000 (16:00 -0400)]
build: update openssl to 3.5.1 in vpp-opt-deps

Type: improvement

Change-Id: Ibe396e088c6d9620bbd2fdf85629de8c139ef650
Signed-off-by: Dave Wallace <[email protected]>
3 months agotls session: track internal tls objects in ckpair 37/43437/5
Florin Coras [Fri, 11 Jul 2025 21:53:35 +0000 (17:53 -0400)]
tls session: track internal tls objects in ckpair

Type: improvement

Change-Id: Ia38d355facd7af407a26c386327e8ea1a9aec116
Signed-off-by: Florin Coras <[email protected]>
3 months agosession: remove unused attach options 43/43443/3
Florin Coras [Thu, 17 Jul 2025 06:22:14 +0000 (02:22 -0400)]
session: remove unused attach options

- ACCEPT_COOKIE
- PRIVATE_SEGMENT_COUNT

They are not handled by session layer even if configured by
applications.

Type: improvement

Change-Id: I673f8da6e83181be018489b85082dfd1b1dab87b
Signed-off-by: Florin Coras <[email protected]>
3 months agohsa: http client send signal on transport reset 41/43441/2
Matus Fabian [Wed, 16 Jul 2025 16:09:51 +0000 (12:09 -0400)]
hsa: http client send signal on transport reset

we don't need to wait for timeout

Type: improvement

Change-Id: I7aef2581c1ac48d4b147914ccae8aa5bedb363ca
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: h2 client handle GOAWAY NO_ERROR 40/43440/4
Matus Fabian [Wed, 16 Jul 2025 15:01:31 +0000 (11:01 -0400)]
http: h2 client handle GOAWAY NO_ERROR

Type: improvement

Change-Id: I244528cdab03c3f17d17f98fd9182399b2ac6a17
Signed-off-by: Matus Fabian <[email protected]>
3 months agohsa: do not configure cert for tls ao 42/43442/1
Florin Coras [Wed, 16 Jul 2025 21:48:25 +0000 (14:48 -0700)]
hsa: do not configure cert for tls ao

No need to configure cert for tls active opens as we don't support mtls
for now.

Type: improvement

Change-Id: Ied0a0152ec965e10f1a743a15188a4679ebb0b11
Signed-off-by: Florin Coras <[email protected]>
3 months agohsa: measure rtt in echo client 89/43289/7
Semir Sionek [Wed, 25 Jun 2025 12:16:41 +0000 (12:16 +0000)]
hsa: measure rtt in echo client

For TCP, rtt is extracted from transport info. For UDP & echo-bytes
option, we're measuring the time between sending & receiving the first
packet.
When using multiple clients, min/avg/max rtt values are displayed.

Type: improvement
Change-Id: I617527ca55726571638996dbcff05c2292f0ad18
Signed-off-by: Semir Sionek <[email protected]>
3 months agohttp: http2 client side 32/43432/10
Matus Fabian [Thu, 10 Jul 2025 16:39:37 +0000 (12:39 -0400)]
http: http2 client side

- only with TLS
- request are serialized within one app session (no multiplexing)
- http version can be specified in http client

Type: feature

Change-Id: I2fe11bd3252985d1bd1732616837f7a91f37f6a3
Signed-off-by: Matus Fabian <[email protected]>
3 months agovirtio: add option to set interface name 29/43429/2
Damjan Marion [Thu, 10 Jul 2025 11:39:27 +0000 (13:39 +0200)]
virtio: add option to set interface name

Type: feature
Change-Id: I99421fc1f946e65a8e23a74c04593fe1ca4f4857
Signed-off-by: Damjan Marion <[email protected]>
3 months agotap: add option to specify interface name 28/43428/2
Damjan Marion [Thu, 10 Jul 2025 09:47:05 +0000 (11:47 +0200)]
tap: add option to specify interface name

Type: feature
Change-Id: If3f8b082a2750f2786724f0e55f501df3c7d4991
Signed-off-by: Damjan Marion <[email protected]>
3 months agohs-test: KinD cluster build script improvements 83/43383/2
Adrian Villin [Mon, 14 Jul 2025 10:49:59 +0000 (12:49 +0200)]
hs-test: KinD cluster build script improvements

- new makefile targets, cleanup
- cluster can be rebuilt without shutting down

Type: improvement

Change-Id: I020e396a6410786ae29b9146a358d60503ac5662
Signed-off-by: Adrian Villin <[email protected]>
3 months agotls: fix cert and pkey leak 34/43434/4
Florin Coras [Fri, 11 Jul 2025 03:27:08 +0000 (20:27 -0700)]
tls: fix cert and pkey leak

Free cert and pkey once assigned to make sure they're freed one the
ssl structs are freed.

Type: fix

Change-Id: I41546c8ae7bad169a1462b3b9a3807e4644a1c2c
Signed-off-by: Florin Coras <[email protected]>
3 months agohsa: http cli client improvement 36/43436/3
Matus Fabian [Fri, 11 Jul 2025 13:13:34 +0000 (09:13 -0400)]
hsa: http cli client improvement

notify http transport when body data is read and transport requested
notification (e.g. used by h2 flow control)

switch to new format of host and target path parsing

Type: improvement

Change-Id: Ie209f1e6fa244f44baa51b4e9a7c66b51b7e5a50
Signed-off-by: Matus Fabian <[email protected]>
3 months agoquic: don't crash when no quic engine is available 27/43227/18
Dave Wallace [Wed, 18 Jun 2025 20:20:51 +0000 (16:20 -0400)]
quic: don't crash when no quic engine is available

- When there is no quic engine available, vpp crashes with an
  assert on startup which is not production friendly.
  Instead, emit warning message to stderr.
- Fix crash in session_transport_closing_notify if
  a remote closed notification happens on an invalid
  session in the quicly engine.
- Fix compilation errors when QUIC_DEBUG is set to 2
- Fix crash in 'show quic crypto context' command when
  quic engine is not present.
- Add quic engine type to 'show quic' output.

Type: fix

Change-Id: I83b9e69873fa3cd61d1d852b78ed1ccd2112825c
Signed-off-by: Dave Wallace <[email protected]>
3 months agohs-test: memleak tests fixes & json raport generation 31/43431/5
Semir Sionek [Thu, 10 Jul 2025 13:28:04 +0000 (09:28 -0400)]
hs-test: memleak tests fixes & json raport generation

Type: improvement
Change-Id: Ie2c18224d7073dd4821cb7716eb124f26dbe44ec
Signed-off-by: Semir Sionek <[email protected]>
3 months agohsa: http cli server add http1-only option 30/43430/1
Matus Fabian [Thu, 10 Jul 2025 11:44:07 +0000 (07:44 -0400)]
hsa: http cli server add http1-only option

Type: improvement

Change-Id: I2d3656ee7e154a44efab7501399de4b1fc696dc7
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: Tunneling UDP over HTTP/2 76/43176/8
Matus Fabian [Fri, 13 Jun 2025 15:39:23 +0000 (11:39 -0400)]
http: Tunneling UDP over HTTP/2

Type: feature

Change-Id: I94f6af893872ae28669b7b9c30d61e58c0b65422
Signed-off-by: Matus Fabian <[email protected]>
3 months agomemif: avoid double-close of the socket on client abort with un-read data 80/43380/4
Andrew Yourtchenko [Fri, 4 Jul 2025 16:07:27 +0000 (18:07 +0200)]
memif: avoid double-close of the socket on client abort with un-read data

In some cases, there are two times the clib_file_del is called:

1) from memif_disconnect -> memif_socket_close call site in memif_master_conn_fd_error
2) the supposedly defensive code at the end of memif_master_conn_fd_error.

This was observed upon using of an artisanal memif client, which did not correctly drain the data written by VPP to the notification socket - a simple Ctrl-C in the client was enough to trivially reproduce the issue.
In real world scenario using the stock client this is expected to be a fairly narrow race condition.

The issue can be demonstrated as follows:

diff --git a/src/vlib/file.c b/src/vlib/file.c
index 286b0d1f2..29138f485 100644
--- a/src/vlib/file.c
+++ b/src/vlib/file.c
@@ -200,6 +200,8 @@ epoll:
     {
       clib_file_t *f = e->data.ptr;
       clib_error_t *err;
+      clib_warning("EPOLL: count %d, fd index: %d, events: %x", n_fds_ready, f->index, e->events);
+

       if (PREDICT_FALSE (!f->active))
        {

vlib_file_poll:203: EPOLL: count 1, fd index: 6, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 11
memif_plugin       [error ]: memif0/0: default_socket_recvmsg: disconnected

Failing case, where the client did not drain the data sent to it:

DBGvpp# create interface memif master
DBGvpp# set int ip address memif0/0 192.0.2.1/24
DBGvpp# set interface state memif0/0 up
DBGvpp# vlib_file_poll:203: EPOLL: count 1, fd index: 6, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 1
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 4
vlib_file_poll:203: EPOLL: count 1, fd index: 7, events: 19
memif_plugin       [warn  ]: Error on unknown file descriptor 21
vlib/file          [error ]: vlib_file_update: epoll_ctl() failed, errno 9
/home/ayourtch/vpp/src/vppinfra/pool.h:291 (_pool_put_index) assertion `!pool_is_free_index (p, index)' fails
received signal SIGABRT, PC 0xffffa7f10a50

Type: fix
Change-Id: I13247c431605470c6a59d7d4630cefa999733107
Signed-off-by: Andrew Yourtchenko <[email protected]>
3 months agohs-test: fix go version mismatch 22/43422/3
Matus Fabian [Wed, 9 Jul 2025 09:46:09 +0000 (05:46 -0400)]
hs-test: fix go version mismatch

Type: test

Change-Id: Idce98c261c50ef0da2a4b7c4ee9146faa2194c4b
Signed-off-by: Matus Fabian <[email protected]>
3 months agoarp: fix dump API 24/43424/1
Klement Sekera [Wed, 9 Jul 2025 12:34:11 +0000 (14:34 +0200)]
arp: fix dump API

Add missing fib index to table id conversion in dump API.

Type: fix
Change-Id: Id5f7325ca31875abb39b33156f3938a051888ad3
Signed-off-by: Klement Sekera <[email protected]>
3 months agohs-test: fix install-kind-deps and kubeconfig path 81/43381/3
Adrian Villin [Tue, 8 Jul 2025 08:45:55 +0000 (10:45 +0200)]
hs-test: fix install-kind-deps and kubeconfig path

Type: test

Change-Id: Ic9f883e510e275e862c700e4aae4630ad3dcfee8
Signed-off-by: Adrian Villin <[email protected]>
3 months agolinux-cp: do not lock table when it's not needed 36/43036/7
Stanislav Zaikin [Mon, 26 May 2025 07:52:57 +0000 (09:52 +0200)]
linux-cp: do not lock table when it's not needed

Do not lock table when lcp is not installing routes (e.g. zero nexthops
or ipv6 multicast routes), otherwise it will stay locked forever.

Type: fix

Signed-off-by: Stanislav Zaikin <[email protected]>
Change-Id: I4070ce0e0823b5afbd56c5cd79ae39a02c7d4300

3 months agofib: take barrier on LB pool put 72/43372/2
Vladimir Zhigulin [Fri, 4 Jul 2025 08:47:14 +0000 (10:47 +0200)]
fib: take barrier on LB pool put

Fixes ASAN crash after fib update with multiple
workers

Type: fix

Change-Id: I3d0112b608ffa5b5559311c6d494d27d6c1db511
Signed-off-by: Vladimir Zhigulin <[email protected]>
3 months agohs-test: use current VPP dir for CalicoVPP build 78/43378/6
Adrian Villin [Tue, 1 Jul 2025 10:42:07 +0000 (12:42 +0200)]
hs-test: use current VPP dir for CalicoVPP build

- make setup-cluster will use current VPP dir instead of CalicoVPP's dir
- VPP will be built only once
- changed build targets to build VPP as a non-root user (to avoid
  permission issues when building CalicoVPP)

Type: improvement

Change-Id: Iba90219660c1259da6ad81fe002f99b6d43ea248
Signed-off-by: Adrian Villin <[email protected]>
3 months agovlib: handle worker sync in wait one loop 70/43370/2
Florin Coras [Thu, 3 Jul 2025 22:00:39 +0000 (18:00 -0400)]
vlib: handle worker sync in wait one loop

Type: improvement

Change-Id: I8dcd9b7d305878eb385eb27481be6a241b4a024c
Signed-off-by: Florin Coras <[email protected]>
3 months agosession: move app crypto to separate files 42/43042/5
Florin Coras [Tue, 27 May 2025 19:30:33 +0000 (15:30 -0400)]
session: move app crypto to separate files

Type: refactor

Change-Id: Iac10665d3060e4c585e3ee1f94743809ab09d9db
Signed-off-by: Florin Coras <[email protected]>
3 months agosession: cli to add/del collector to app 35/43235/2
Florin Coras [Sat, 21 Jun 2025 05:12:48 +0000 (22:12 -0700)]
session: cli to add/del collector to app

Type: improvement

Change-Id: Ie1ec27eab7d297f20ec7cad46d2e90b9965f896a
Signed-off-by: Florin Coras <[email protected]>
3 months agohs-test: fix Http2ServerMemLeakTest 79/43379/1
Adrian Villin [Wed, 2 Jul 2025 14:42:10 +0000 (16:42 +0200)]
hs-test: fix Http2ServerMemLeakTest

Type: test

Change-Id: Id8745fd8c67924cb5067c54695d3594220c590ed
Signed-off-by: Adrian Villin <[email protected]>
3 months agohs-test: h2 memory leak test 38/43338/2
Matus Fabian [Fri, 27 Jun 2025 11:43:09 +0000 (13:43 +0200)]
hs-test: h2 memory leak test

Type: test

Change-Id: Ib68aabecafc4e17acae9942b6791d4aeb4833f96
Signed-off-by: Matus Fabian <[email protected]>
3 months agohttp: fix http header table hash keys leak 37/43337/2
Matus Fabian [Fri, 27 Jun 2025 11:40:51 +0000 (13:40 +0200)]
http: fix http header table hash keys leak

Type: fix

Change-Id: I60ebf767a1f96a1290b7738d6859241739ce452c
Signed-off-by: Matus Fabian <[email protected]>
3 months agoocteon: use plain strcmp 68/43368/2
Damjan Marion [Tue, 1 Jul 2025 15:28:31 +0000 (17:28 +0200)]
octeon: use plain strcmp

Some gcc versions have issues with clib_strcmp...

Type: fix
Change-Id: Idfdcb7d13f14eadb7a7f210743a783172e2d5774
Signed-off-by: Damjan Marion <[email protected]>
3 months agovppinfra: avoid string truncation errors by some gcc versions 61/43361/2
Damjan Marion [Mon, 30 Jun 2025 13:53:21 +0000 (15:53 +0200)]
vppinfra: avoid string truncation errors by some gcc versions

Type: fix
Change-Id: If33251e1eac7e437ae803363d960896da02ae567
Signed-off-by: Damjan Marion <[email protected]>
3 months agotls: fix coverity warning 96/43296/5
Florin Coras [Thu, 26 Jun 2025 03:16:36 +0000 (20:16 -0700)]
tls: fix coverity warning

Type: fix

Change-Id: I2505613734667ae59fc51bd42f8dcd15206cded1
Signed-off-by: Florin Coras <[email protected]>
3 months agohs-test: individual http1 suite 76/43376/2
Adrian Villin [Fri, 27 Jun 2025 12:18:43 +0000 (14:18 +0200)]
hs-test: individual http1 suite

- Http1Suite is the same as NoTopoSuite with some things removed
- renamed http related files

Type: test

Change-Id: Ifb0ff0ba9a1151ff025faa6edd208f183830d2f5
Signed-off-by: Adrian Villin <[email protected]>
3 months agogso: fix ip fragment support for gso packet 36/43336/3
Mohsin Kazmi [Thu, 26 Jun 2025 10:14:18 +0000 (10:14 +0000)]
gso: fix ip fragment support for gso packet

Type: fix

GSO packets must be fragmented if the egress interface does not
support GSO offload and its MTU is smaller than the combined
size of the GSO chunk and protocol headers.

Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: I94dff39c475a6ba31b1d8f4517e84be3ab506607

3 months agoioam: remove use of local_next_by_ip_protocol struct 57/43257/2
Mohsin Kazmi [Fri, 20 Jun 2025 17:06:22 +0000 (17:06 +0000)]
ioam: remove use of local_next_by_ip_protocol struct

Type: fix

ioam plugin is using data structure which is specific
to ip4 and ip6 lookup nodes.
This patch also use the IP_PROTOCOL defines instead of
custom define in srv6 code.

Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: Iafd2a8416dd1f44ef7afd07c92915cd7dd6400a6

3 months agotls: fix compilation issue with openssl-1.1 62/43362/2
Varun Rapelly [Mon, 30 Jun 2025 15:35:59 +0000 (15:35 +0000)]
tls: fix compilation issue with openssl-1.1

This patch fixes compilation issue observed with openssl-1.1
with 'SSL_CTX_set_async_callback'.

Type: fix

Change-Id: I3d65f69056034b4afcebd7813c34f9ecebd299e0
Signed-off-by: Varun Rapelly <[email protected]>
3 months agoena: use snprintf instead of strncpy 91/43291/4
Damjan Marion [Wed, 25 Jun 2025 13:09:31 +0000 (15:09 +0200)]
ena: use snprintf instead of strncpy

.. and silence gcc-11

Type: fix
Change-Id: Iad2671baf7d29aa861e74aafe952591e7205732d
Signed-off-by: Damjan Marion <[email protected]>
3 months agosvm: don't use __WORDSIZE 90/43290/2
Damjan Marion [Wed, 25 Jun 2025 12:20:57 +0000 (14:20 +0200)]
svm: don't use __WORDSIZE

It is glibc specific, breaks MUSL

Type: fix
Change-Id: I4f898ec14a9776e298bdf529545adef70f15ddf5
Signed-off-by: Damjan Marion <[email protected]>
3 months agopolicer: don't compute CPU clock frequency for each API call 17/43217/10
Arthur de Kerhor [Tue, 17 Jun 2025 14:30:51 +0000 (16:30 +0200)]
policer: don't compute CPU clock frequency for each API call

In some virtualized environments, where we can't get TSC from
clib_get_cpuid, os_cpu_clock_frequency can take more than 1ms
to return. As the TSC value is invariant over time, it can be
cached in policer_init instead of being recalculated everytime
a policer is created/updated.

Type: improvement
Change-Id: Icfd00feac76f35d562546a17e4830efb91dba219
Signed-off-by: Arthur de Kerhor <[email protected]>
3 months agohsa: introduce max-tx-chunk parameter to built-in echo client 24/43224/5
Semir Sionek [Wed, 18 Jun 2025 12:25:02 +0000 (12:25 +0000)]
hsa: introduce max-tx-chunk parameter to built-in echo client

...which enables the user to control the size of the data chunk being
written, unless the size needs to be reduced due to other reasons.

Type: improvement
Change-Id: I660e3482047ae2a13b337df1abb405ecef3cf0d0
Signed-off-by: Semir Sionek <[email protected]>
3 months agomisc: VPP 25.06 Release Notes 43/43243/2
Andrew Yourtchenko [Wed, 11 Jun 2025 16:07:51 +0000 (18:07 +0200)]
misc: VPP 25.06 Release Notes

Type: docs
Change-Id: Id32389963ab02af9ee70dcc040505b12bbc0e9db
Signed-off-by: Andrew Yourtchenko <[email protected]>
(cherry picked from commit 1573e751c5478d3914d26cdde153390967932d6b)

3 months agodns: fix recursive locking 92/43292/2
Benoît Ganne [Wed, 25 Jun 2025 14:39:54 +0000 (16:39 +0200)]
dns: fix recursive locking

All callers to delete_random_entry() are already holding the lock to
the DNS cache. Thanks to Rain for the report.

Type: fix

Change-Id: Id051427016f9b7444b812019ccc0f5085fd3e469
Signed-off-by: Benoît Ganne <[email protected]>
4 months agohsa: fix echo client vm use for time 93/43293/2
Florin Coras [Wed, 25 Jun 2025 16:23:13 +0000 (09:23 -0700)]
hsa: fix echo client vm use for time

Type: fix

Change-Id: Iecabf8a8c6b0bd262be32ef144281a5f0c052381
Signed-off-by: Florin Coras <[email protected]>
4 months agohttp: fix h2 settings leak 94/43294/3
Florin Coras [Wed, 25 Jun 2025 18:03:43 +0000 (11:03 -0700)]
http: fix h2 settings leak

Type: fix

Change-Id: I680eb6bafb4b6218e60523e2abc2962f2f5cbefc
Signed-off-by: Florin Coras <[email protected]>
4 months agohsa: fix echo-bytes echo client runs over UDP 85/43285/3
Semir Sionek [Tue, 24 Jun 2025 12:19:04 +0000 (12:19 +0000)]
hsa: fix echo-bytes echo client runs over UDP

Previously counting received bytes didn't take into account the
datagram header size, leading to a bigger than expected size and an
overflow of es->bytes_to_receive.

Type: fix
Change-Id: If31d4ed5f989645388dbf9c1b9829c6f2e4e8c62
Signed-off-by: Semir Sionek <[email protected]>
4 months agohsa: http client formatting of headers improvement 88/43288/2
Matus Fabian [Wed, 25 Jun 2025 09:53:23 +0000 (09:53 +0000)]
hsa: http client formatting of headers improvement

Do not print response headers as raw bytes recieved from http transport
but use format_http_header_table which will work nice with http/2 too.

Type: improvement

Change-Id: I48b75c024e361879b611588fc3345ef343cb4a1b
Signed-off-by: Matus Fabian <[email protected]>
4 months agohttp: test code coverage improvement 95/43295/2
Matus Fabian [Wed, 25 Jun 2025 17:38:45 +0000 (17:38 +0000)]
http: test code coverage improvement

Type: test

Change-Id: Iae1487d74db77c438b2fd531f4a675a5994f91af
Signed-off-by: Matus Fabian <[email protected]>
4 months agovppinfra: introduce bihash_56_8 86/43286/4
Mohammed Hawari [Tue, 24 Jun 2025 16:20:25 +0000 (18:20 +0200)]
vppinfra: introduce bihash_56_8

Change-Id: I4d3cb6194c02ae53ead8f5ede35c3204d336a25f
Type: improvement
Signed-off-by: Mohammed Hawari <[email protected]>
4 months agotls: check error when SSL_shutdown fails 87/43287/3
Brian Morris [Tue, 24 Jun 2025 20:55:29 +0000 (20:55 +0000)]
tls: check error when SSL_shutdown fails

this pulls the error from the per-thread error queue, which if not empty could cause the wrong error to be returned elsewhere

Type: fix

Change-Id: Ie8741f32de61ef1f469e694ac27ee937a45f5b01
Signed-off-by: Brian Morris <[email protected]>
4 months agogre: Add support for GRE keys in the GRE plugin 40/42440/25
Masih Nilforoush [Thu, 27 Feb 2025 13:44:44 +0000 (14:44 +0100)]
gre: Add support for GRE keys in the GRE plugin

The added feature enables the GRE plugin to create tunnels between the same endpoints,
distinguishing them by the "key" value. It uses the standard 'key'
parameter in the GRE header.
Changes have been made to add support for CLI and API to create tunnels with a "key" value.

The CLI syntax is as follows:
   create gre tunnel src src_IP_Address dst dst_IP_Address key key_value

All existing GRE functionalities, such as tunnel type and mode, remain unchanged.
GRE key support has been implemented for all non-ERSPAN tunnel types, including both IPv4 and IPv6.
Additionally, modifications were made to the GRE packet header, data structure, and inbound/outbound
packet processing to accommodate key configuration through CLI and API.

Type: feature
Change-Id: I222d585007fa264e7cc12c79d6ba9c63c044f133
Signed-off-by: Masih Nilforoush <[email protected]>
4 months agohttp: h2 decoding response 78/43278/3
Matus Fabian [Mon, 23 Jun 2025 17:15:04 +0000 (17:15 +0000)]
http: h2 decoding response

Type: improvement

Change-Id: I5e582e6fec972d6d61683a7a76c2a3f222a9030b
Signed-off-by: Matus Fabian <[email protected]>