Florin Coras [Sat, 8 Feb 2025 05:19:06 +0000 (00:19 -0500)]
session: move io inlines to header file
Make sure compiler can optimize out constants.
Type: improvement
Change-Id: I3982d4b2cf1e0e08e31a0836fd64fab82564a7d6
Signed-off-by: Florin Coras <fcoras@cisco.com>
Matthew Smith [Mon, 27 Jan 2025 19:49:07 +0000 (19:49 +0000)]
vrrp: force sleeps between timer events
Adding a virtual MAC to some NICs can take a significant amount of time.
If a lot of VRs enter the master state around the same time, the process
node can stay active for a very long time processing all of the transitions.
Try to force a 10 us sleep between processing events to ensure that the
process node does not prevent API messages and RPCs from being handled for
an extended period.
Type: improvement
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I400a7d395b4c0fec371f70d359e9d184ae79645e
Matus Fabian [Mon, 27 Jan 2025 13:12:22 +0000 (08:12 -0500)]
http: modularization in preparation for h2 and h3
Prepare code to handle multiple http versions and move http/1
specific code into http1.c
Type: improvement
Change-Id: I1f2c958dadb7721b305c65b2da7c2943695ad740
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Adrian Villin [Fri, 24 Jan 2025 12:56:22 +0000 (13:56 +0100)]
hsa: http client parallel sessions
- client is now able to use multiple workers to send requests
(sometimes it uses multiple sessions on a single worker)
Type: feature
Change-Id: I2d83d47a9768011b3d8d05ed320852606841e4b8
Signed-off-by: Adrian Villin <avillin@cisco.com>
Ivan Ivanets [Mon, 10 Feb 2025 13:10:55 +0000 (13:10 +0000)]
build: add socat deb package
Type: improvement
Integrated the installation of the socat deb package into the make
install-dep target.
Socat is essential for enabling communication with
the VPP CLI over UNIX domain socket.
Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
Change-Id: I14f270eea23db7f7e0b20b7b67f75dd72ad734da
Damjan Marion [Mon, 10 Feb 2025 19:34:47 +0000 (20:34 +0100)]
build: replace __FUNCTION__ with C11 __func__
Type: improvement
Change-Id: I6cf7aaf42e8c0738d5b677fa66c99f071c1526bb
Signed-off-by: Damjan Marion <damarion@cisco.com>
Adrian Villin [Mon, 10 Feb 2025 09:13:38 +0000 (10:13 +0100)]
hs-test: option to skip tests using cli args
Type: test
Change-Id: Ic0fd117c53a3547cebfca38d089b5ba3f79cca28
Signed-off-by: Adrian Villin <avillin@cisco.com>
Florin Coras [Wed, 5 Feb 2025 20:45:50 +0000 (15:45 -0500)]
session: do not match listeners when looking for lcl port
Also optimize lookup to avoid session rules table matching.
Type: fix
Change-Id: I5b62c870edd9f7486e7de1417816fffa30d03a3e
Signed-off-by: Florin Coras <fcoras@cisco.com>
Kai Ji [Fri, 31 Jan 2025 12:04:49 +0000 (12:04 +0000)]
dpdk: patch add to ice driver for flow action handles
This patch updates the DPDK ICE driver to ensure the correct hardware
engine is selected for flow offload, addressing issues with
improper engine assignment.
Type: fix
Change-Id: Ief7bfbe978d8a684b992ca85b07097112e497b80
Signed-off-by: Kai Ji <kai.ji@intel.com>
Semir Sionek [Thu, 6 Feb 2025 12:44:05 +0000 (07:44 -0500)]
hs-test: fix numa node core retrieval
In CpuAllocator, the default assumption of two node core ranges
seems to not be fully correct. Added handling of multiple ranges
and singular cores.
Type: fix
Change-Id: Id50147c5360baa4035fcd87e3717b0d6c9ea7e5f
Signed-off-by: Semir Sionek <ssionek@cisco.com>
Filip Tehlar [Thu, 22 Aug 2024 11:11:50 +0000 (13:11 +0200)]
qos: fix qos record cli
Type: fix
Change-Id: Ic3d4bbb4df8be6ef109f0af17744b35abc240ba2
Signed-off-by: Filip Tehlar <filip.tehlar@gmail.com>
Matus Fabian [Tue, 4 Feb 2025 13:41:55 +0000 (08:41 -0500)]
http: confirm postponed connection close
Type: fix
Change-Id: I43a221ac2be9bbea885116c12d1991cf4477fae8
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Matus Fabian [Wed, 5 Feb 2025 09:04:56 +0000 (04:04 -0500)]
hs-test: fix vppConnectUdpStressLoad panic
Type: test
Change-Id: Id5573d4e1a9216297046db33be887ebfa343fa28
Signed-off-by: Matus Fabian <matfabia@cisco.com>
fenglei [Thu, 9 Jan 2025 09:32:35 +0000 (17:32 +0800)]
l2: fix segment fault
if feature_bitmap is zero, it will make feat_bitmap_get_next_node_index function generate segment fault
Type: fix
Change-Id: I6a9c0b29d927e600537e9e43ad696d09c091f9b1
Signed-off-by: fenglei <1579628578@qq.com>
Benoît Ganne [Wed, 12 Jun 2024 12:04:45 +0000 (14:04 +0200)]
cnat: fix interface map type unformat
C enum is not guaranteed to be 8-bit (and in general it is not, it's
32-bits by default in GCC for example).
Type: fix
Change-Id: I6a10f85991ae1903fb9f4aeebfcfdf5315200903
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Nicolas PLANEL [Tue, 4 Feb 2025 12:05:11 +0000 (13:05 +0100)]
build: check cmake3 command silently
Avoid which shell command to output verbose errors like
"""
which: no cmake3 in (/usr/sbin:/sbin:/bin: ...
"""
Type: make
Change-Id: Ib9a5fee72055b80b5e4e4c73280b19fea736c352
Signed-off-by: Nicolas PLANEL <nplanel@gmail.com>
Matus Fabian [Sat, 1 Feb 2025 16:46:14 +0000 (17:46 +0100)]
http: buf_fifo_get_segs minor fix
validate segs vector to (_n_segs - 1)
Type: fix
Change-Id: I721cc438e4c9610760a1f40b6355834bbd389b20
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Semir Sionek [Fri, 17 Jan 2025 15:06:23 +0000 (10:06 -0500)]
crypto: remove barrier on key add
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I9eab8a3c2580711c8635f7ba8bca3b27316aa665
Maxime Peim [Fri, 31 Jan 2025 17:52:20 +0000 (18:52 +0100)]
ipsec: fix ipsec_sa_v5_details
Re-add the anti-replay window size in the SA dump API and add tests.
Type: fix
Change-Id: Iacecdf5df796a0a6353491f8160c878751c6039b
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Maxime Peim [Fri, 31 Jan 2025 13:01:43 +0000 (14:01 +0100)]
ipsec: export ipsec_funcs header
Type: fix
Change-Id: I78904edd5f38e22821af779e15ab1c0da2294ce8
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Matus Fabian [Fri, 31 Jan 2025 14:55:33 +0000 (09:55 -0500)]
http: http_app_tx_callback check if conn closed
Type: fix
Change-Id: Ic7b9819226742b0f1153ec2794ae80556c49dad2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Damjan Marion [Thu, 30 Jan 2025 18:39:25 +0000 (18:39 +0000)]
ipsec: store outbound seq as u64
Type: improvement
Change-Id: Id7717de00558ab90dbd312a58becd58d008397ea
Signed-off-by: Damjan Marion <damarion@cisco.com>
Adrian Villin [Thu, 30 Jan 2025 18:14:24 +0000 (19:14 +0100)]
hs-test: fixed incorrect exit status
Type: fix
Change-Id: Icabe556448ad7109f4802ad48a701667911652de
Signed-off-by: Adrian Villin <avillin@cisco.com>
Benoît Ganne [Tue, 28 Jan 2025 14:46:32 +0000 (15:46 +0100)]
vpp_config: leave kernel.shmmax alone by default
Linux default settings are enough, and modifying them can break other
applications.
Type: improvement
Change-Id: I773b730802bae78b0f33ca3ff31d9ee2ffa82f89
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Matus Fabian [Thu, 30 Jan 2025 14:33:06 +0000 (09:33 -0500)]
hsa: http connect proxy fix
Type: fix
Change-Id: I4fb493c98ed6d59d10fad0e5ef73b6f80f6b232e
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Matus Fabian [Thu, 30 Jan 2025 09:36:14 +0000 (04:36 -0500)]
hs-test: fix broken test
AssertContains and AssertNotContains are now case insensitive to
prevent issues like in HttpPersistentConnectionTest.
Type: test
Change-Id: Ic52e3fa5a7d1d5cb8486e86aa39a845cbd911d94
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Damjan Marion [Tue, 28 Jan 2025 14:59:18 +0000 (14:59 +0000)]
ipsec: add SA inbound and outbound runtime data
Type: improvement
Change-Id: I0f949b67fb5b65fa1a79ffb7777d654693f0de6a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Wed, 29 Jan 2025 07:31:23 +0000 (23:31 -0800)]
http: conn state consistency with other transports
Maintain transport state formatting consistency, i.e., upper case
states.
If we revisit, we should revisit all transports.
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I143e13aa5e8525bb276db9b4ec0e0baa153d1b44
Pim van Pelt [Sat, 25 Jan 2025 11:49:20 +0000 (12:49 +0100)]
sflow: replace VAPI with DLAPI
Remove the requirement to coordinate between linux-cp and sflow at
build time via cmake. Also, remove 350 lines of awkward thread-forking
VAPI code. Replace it with a dynamically retrieved function from the
linux-cp plugin, called lcp_itf_pair_get_vif_index_by_phy().
Remove build inhibit based on Netlink headers, and only inhibit the
build for FreeBSD. This plugin can now run regardless of Linux CP
being built or loaded, and then return VPP ifIndex numbers instead.
Also, fix a flaky test where non-ephemeral source ports throw off
packet captures.
Type: improvement
Change-Id: I5486742fa0e343e382630a22672a05fe3dcf7836
Signed-off-by: neil.mckee@inmon.com
Signed-off-by: pim@ipng.nl
Dave Barach [Tue, 28 Jan 2025 16:49:57 +0000 (11:49 -0500)]
vpp_config: leave vm.max_map_count alone by default
Do not set vm.max_map_count to 3096 by default. That value is an order
of magnitude smaller than current distro defaults, and causes
seemingly "random" severe application failures; known to occur when
running Brave, Firefox, and VirtualBox to name but a few.
Type: fix
Change-Id: Ibe7518d92c3be9a4704972c9d504777776f924dc
Signed-off-by: Dave Barach <dave@barachs.net>
Damjan Marion [Fri, 24 Jan 2025 11:24:51 +0000 (12:24 +0100)]
armada: fix DSA packet grouping issue on rx
Type: fix
Change-Id: I9a56267f6e016827971744c932aa5da36c92c8f0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Sat, 3 Feb 2024 02:25:04 +0000 (18:25 -0800)]
session: make local port allocator fib aware
Allocate ports per fib.
Type: improvement
Change-Id: I9e1f113602485bfb09f71092eee58b9a433daa6a
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 24 Jan 2025 02:31:33 +0000 (21:31 -0500)]
vcl: fix sigchld handler recursion
Observed with hst redis test and ubuntu 24.04
Type: fix
Change-Id: I22b28af5ca26498250c31edeb3db224a2e12e19d
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 24 Jan 2025 00:20:05 +0000 (19:20 -0500)]
session: validate new app worker on update reqest
Type: fix
Change-Id: Id9cec0c802024c1df0ac06a0f8833379a782e9de
Signed-off-by: Florin Coras <fcoras@cisco.com>
Semir Sionek [Fri, 17 Jan 2025 15:06:23 +0000 (10:06 -0500)]
http_static: introduce max-body-size parameter
Introduce the max-body-size parameter to put a limit on how big of a
POST request can the static server take (and how big of a memory
allocation that causes).
Type: improvement
Change-Id: I93cdeaf38dabe2850665e92bedbaa0545c375214
Signed-off-by: Semir Sionek <ssionek@cisco.com>
Matus Fabian [Wed, 22 Jan 2025 15:31:22 +0000 (10:31 -0500)]
http: move header serialization to http transport
Apps called http_serialize_headers, which creates plain text buffer,
this is now hidden in http transport layer and apps pass headers in
generic form, so they can be encoded based on http version.
Type: improvement
Change-Id: Ie4fa0516cd3406d60f956751c8ee7ab40e633fa4
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Dave Wallace [Thu, 23 Jan 2025 03:43:33 +0000 (22:43 -0500)]
build: add golang checkstyle for hs-test to ci checkstyle-test target
- Ensure extras/hs-test code is verified for style compliance in
the vpp-checkstyle-verify-*-*-* ci jobs
Type: make
Change-Id: If3900cbc028f0bd38b14fb9dd08841e21fec15da
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Pim van Pelt [Thu, 23 Jan 2025 10:04:19 +0000 (11:04 +0100)]
sflow: Update build rules
1) we rely on Netlink PSAMPLE and USERSOCK make sure we have headers
2) sflow plugin is not available on FreeBSD, due to Netlink features
3) preprocessor flag SFLOW_USE_VAPI controls whether the sflow plugin
will attempt to contact the linux-cp plugin using the binary VAPI. It
has to be a preprocessor flag so it can suppress the "#include"
statements that define that linux-cp api, because those include files
will be missing if linux-cp is excluded from the build.
The "excluded_plugins" list can be used with:
make VPP_EXCLUDED_PLUGINS=linux-cp build build-release
Type: fix
Fixes:
e40f8a90bb0c39986c198fca8ad9b0b3c1658401
Change-Id: If44929d285d27db7862910ecb4ec11ddd4591fd2
Signed-off-by: pim@ipng.nl
fenglei [Sat, 21 Dec 2024 10:15:12 +0000 (18:15 +0800)]
tests: fix docs compile syntax warning
- make docs will generate syntax warning
/opt/vpp/docs/_scripts/siphon/generate.py:31: SyntaxWarning: invalid escape sequence '\s'
siphon_block_start = re.compile("^\s*/\*\?\s*(.*)$")
/opt/vpp/docs/_scripts/siphon/generate.py:34: SyntaxWarning: invalid escape sequence '\s'
siphon_block_stop = re.compile("^(.*)\s*\?\*/\s*$")
/opt/vpp/docs/_scripts/siphon/generate.py:42: SyntaxWarning: invalid escape sequence '\s'
"(%s)\s*([a-zA-Z0-9_:]+)\s+(.*)\s*(%s)"
/opt/vpp/docs/_scripts/siphon/generate.py:47: SyntaxWarning: invalid escape sequence '\s'
siphon_initializer = re.compile("\s*=")
/opt/vpp/docs/_scripts/siphon/generate_clicmd.py:23: SyntaxWarning: invalid escape sequence '\s'
"(?P<m>VLIB_CLI_COMMAND)\s*" "[(](?P<name>[a-zA-Z0-9_]+)(,[^)]*)?[)]"
/opt/vpp/docs/_scripts/siphon/generate_syscfg.py:23: SyntaxWarning: invalid escape sequence '\s'
"(?P<m>VLIB_CONFIG_FUNCTION)\s*"
/opt/vpp/docs/_scripts/siphon/generate_syscfg.py:24: SyntaxWarning: invalid escape sequence '\s'
'[(](?P<fn>[a-zA-Z0-9_]+)\s*,\s*"(?P<name>[^"]*)"[)]'
Type: improvement
Change-Id: I6f7555cb0368a671a8bb164d51466d526895e925
Signed-off-by: fenglei <1579628578@qq.com>
fenglei [Thu, 9 Jan 2025 10:01:53 +0000 (18:01 +0800)]
build: support anolis8 operation for vpp
Type: improvement
support anolis8 operation for vpp executing make install-deps command
Change-Id: I854d0d1b4768c0df5898ab61a4f22d9d02ed2397
Signed-off-by: fenglei <1579628578@qq.com>
Vladimir Smirnov [Fri, 3 Jan 2025 11:46:53 +0000 (12:46 +0100)]
build: add support for debian trixie
Debian testing is currently codenamed trixie and planned
to be released in 2025. As it is still 'testing', it doesn't
define VERSION_ID in /etc/os-release file, therefore it
should be matched by VERSION_CODENAME instead
That patch adds support for forcing VERSION_ID based on
codename in case VERSION_ID is absent and defines correct
dependencies for debian/trixie.
Type: make
Change-Id: Idb68630a7ec53d99223e4f6496db4b3a5b61363e
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
Florin Coras [Thu, 19 Dec 2024 07:20:14 +0000 (23:20 -0800)]
svm: improve ooo try collect
Use modular arithmetic just like the other ooo functions.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie39bb928634fe0956339feafb41667ec9cafeee2
Florin Coras [Tue, 21 Jan 2025 21:07:28 +0000 (16:07 -0500)]
session: cleanup io event functions
Program session events using session handles instead of fifos.
Type: improvement
Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 19 Jun 2024 05:00:41 +0000 (22:00 -0700)]
session svm: track session indices in private struct
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f
Matus Fabian [Fri, 17 Jan 2025 19:46:30 +0000 (14:46 -0500)]
http: case-insensitive header table search
header names are case-insensitive, see RFC9110 section 5.1
Type: improvement
Change-Id: Ic5ef5615397537ba48fc56b18c882fa838c54751
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Damjan Marion [Thu, 16 Jan 2025 16:03:29 +0000 (16:03 +0000)]
crypto-native: add fixed tag and aad size ops
Type: improvement
Change-Id: I6bbb48c999859899e2f82c65cbfd015dc1ad584c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Wallace [Wed, 22 Jan 2025 05:58:36 +0000 (00:58 -0500)]
snort: validate sw_if_index in attach/detach api handlers
- fixes crash in vpp-debug-verify-master-ubuntu2204-x86_64 CI job
in test_snort_06_detach_if testcase
- fix similar logic in attach handler
- verify snort direction in attach api message
- add tests verifying attribute validation in attach testcase
Type: fix
Fixes:
102575492c9199259aa5e468f21b46936d7a1ac4
Change-Id: I96fbeb0a7b84f2f238df15b20476ed4086251471
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Andrew Yourtchenko [Wed, 22 Jan 2025 11:36:41 +0000 (12:36 +0100)]
misc: Initial 25.06-rc0 commit
Type: docs
Change-Id: I1a9ff6191b4142547b98383459bbedb824db6e55
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Matus Fabian [Sun, 12 Jan 2025 21:18:56 +0000 (22:18 +0100)]
http: target parsing improvement
Make it http version neutral, since h2 and h3 use 3 pseudo-headers.
Added scheme, target_authority_offset and target_authority_len
to http_msg_data_t, target_form removed.
Http transport now validate if correct form of request target
is received, so now we are also able to receive requests with
absolute-form target in server apps like http_static.
As bonus, unformat is not longer used to parse IP addresses.
Type: improvement
Change-Id: I369f77e2639c43cc1244d91f883c526eb88af63e
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Kai Ji [Wed, 18 Dec 2024 11:46:02 +0000 (11:46 +0000)]
dpdk: enable VLAN offload configuration for the iavf PMD driver
Sets the program_vlans = 1 flag, enabling the DPDK sub-interface
function to configure VLAN offload settings on Intel iavf/i40e Ethernet
devices from VPP.
Type: improvement
Change-Id: I030af0c93b13cf80772982b243861f9c303f7e09
Signed-off-by: Kai Ji <kai.ji@intel.com>
Nithinsen Kaithakadan [Mon, 6 Jan 2025 12:41:22 +0000 (18:11 +0530)]
crypto: add async algo macros for ctr sha2
Add async crypto algo macros for AES_CTR SHA256/384/512.
Add support for these in dev octeon plugin.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
Nithinsen Kaithakadan [Wed, 4 Dec 2024 08:58:41 +0000 (14:28 +0530)]
octeon: add direct mode changes in crypto datapath
This patch introduces support for direct mode crypto
submission on CPT. For multi-segmented buffers,
scatter-gather submission mode will be utilized.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: Idb99e6c9ea49028e11d3bf530c9559719c988252
Nithinsen Kaithakadan [Tue, 7 Jan 2025 11:02:13 +0000 (16:32 +0530)]
octeon: rework octeon crypto framework
Added changes in the pending queue structure to
incorporate each packet into a single inflight
request entry.
Type: improvement
Change-Id: I18729e01b5f73b128ae245a1a8f77a4f97065026
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Nithinsen Kaithakadan [Thu, 16 Jan 2025 07:26:09 +0000 (12:56 +0530)]
octeon: fix for async crypto session init
This patch resolves segmentation fault that occurs
during the initialization of an asynchronous crypto
session when processing the first packet in the
data path.
And resolves compilation failures.
Type: fix
Change-Id: I60e4060c65741a445fe02f01b3c94f627534ecef
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Vladimir Smirnov [Thu, 9 Jan 2025 15:39:22 +0000 (16:39 +0100)]
dpdk: bump to DPDK 24.11.1
Bump DPDK version to 24.11.1.
Reason behind going for 24.11.1 is that 24.11 was affected by
CVE-2024-11614 which was fixed in the point release.
Type: feature
Change-Id: Ic49a35fe7ac782679df39145e3adfd06f047b031
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
Damjan Marion [Fri, 17 Jan 2025 11:45:41 +0000 (11:45 +0000)]
crypto-openssl: fixed tag and aad lengths for chacha-poly
Type: improvement
Change-Id: I6162b45875566cc705917a51b3f06e1490607c8b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Varun Rapelly [Wed, 25 Dec 2024 05:49:46 +0000 (06:49 +0100)]
tls: async event handling enhancement
This patch updates async processing logic by adding async event
handlers separately for handshake, read and write events.
Type: improvement
Change-Id: I6366689fec7e29fa9850cb22e20ab3659bf5245a
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
Florin Coras [Fri, 17 Jan 2025 23:10:27 +0000 (18:10 -0500)]
build: fix compiler ordering
All CI builds default to GCC instead of Clang
Type: fix
Fixes:
ec68cec6c84e5dc9acaf7828c0118bb71fffc561
Change-Id: I63fce7feda743d05f17d0710fcf25b09674fdbfb
Signed-off-by: Florin Coras <fcoras@cisco.com>
Alexey Stratulat [Mon, 20 Jan 2025 11:34:25 +0000 (18:34 +0700)]
vcl: segfault correction in vcl_session_connected_handler
Svace found a bug related to the fact that the
vcl_segment_attach_session function is passed
a pointer to a session, which is null, because of this,
when using it, a segmentation error will occur inside the function.
This issue was fixed.
Type: fix
Change-Id: Icc68ced80611bb709c9fa7868816f003373077d4
Signed-off-by: Alexey Stratulat <a.stratulat@ideco.ru>
Pim van Pelt [Sun, 6 Oct 2024 15:49:00 +0000 (17:49 +0200)]
sflow: initial checkin
This is an sFlow dataplane plugin that can sample
1-in-N packets from device-input, copying them to
a FIFO queue and servicing that queue from a main
process which formats them as Netlink PSAMPLEs,
to be picked up by a popular sidecar agent called
host-sflow.
Type: feature
Change-Id: Ic03456472e53309678f182dc8f74d3c81fb619e6
Signed-off-by: neil.mckee@inmon.com
Signed-off-by: pim@ipng.nl
Vladimir Smirnov [Fri, 3 Jan 2025 20:47:56 +0000 (21:47 +0100)]
vlib: fail in runtime if workers > nelts
Type: fix
With a release build, if you configure more than 55 workers, vpp
will start, but will corrupt memory as a lot of internal datastrctures
are allocated with assumption that there will be not more than
FRAME_QUEUE_MAX_NELTS threads.
Add a warning if amount of configured workers more than MAX_NELTS.
Anticipate that next commit would add a compile-time configurable
variable and name it VPP_MAX_THREADS.
Change-Id: I015f4f9aa5e8b828c7d90c90142d7a7c1ce68f97
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
fenglei [Tue, 31 Dec 2024 07:20:16 +0000 (15:20 +0800)]
af_packet: worker thread call vlib_log coredump
Type: fix
-When deleting a veth pair interface in linux, vpp's call to af_packet_fd_error will cause it to hang because it's a worker thread.
Change-Id: I3dc9018e7e492ccbdf0f59381f9bbbfd5c1c88a5
Signed-off-by: fenglei <1579628578@qq.com>
Benoît Ganne [Fri, 17 Jan 2025 17:30:01 +0000 (18:30 +0100)]
af_xdp: revert "af_xdp: fix af_xdp compile waring for clang compiler"
This reverts commit
38097970c038de6c3c67cb8e1c7209f1df1f24d0.
Type: fix
Change-Id: I2401eff6d1558f0f95b8b0c88b6b5d174acbb0ef
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Agathiyan Bragadeesh [Wed, 6 Nov 2024 14:33:12 +0000 (14:33 +0000)]
snort: support multiple instances per interface
Implements load balancing between snort instances via flow hash.
New CLI commands have been made to support these changes:
snort attach instance <name1>
[instance <name2> ... ] interface <ifname> [input|output|inout]
snort attach all-instances interface <ifname> [input|output|inout]
snort detach instance <name1> interface <ifname>
snort detach all-instances interface <ifname>
The output of "show snort interfaces" has an extra column to show the
direction of each attachment:
interface instances direction
Ethernet0: snort1 inout
snort2 inout
snort3 inout
Ethernet1: snort1 input
snort3 output
To maintain backwards compatibility for the snort api, the
snort_interface_get api endpoint only returns one of the attached
instances and the snort_interface_detach endpoint detaches all
attached instances.
Type: improvement
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Change-Id: I6b7c26c203496d6a1dba244620907f28c04bb478
Damjan Marion [Fri, 17 Jan 2025 11:41:47 +0000 (11:41 +0000)]
crypto-ipsecmb: fixed tag and aad lengths for chacha-poly
Type: improvement
Change-Id: I8c7e6c2734258bb6b4e8e404e2c9b119ee141dd1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Adrian Villin [Fri, 17 Jan 2025 15:28:58 +0000 (16:28 +0100)]
hs-test: temporarily skip VppEchoQuicTest
Type: test
Change-Id: I06937c491303dfe2f0b2e847d05a4220c14e83e0
Signed-off-by: Adrian Villin <avillin@cisco.com>
Artem Glazychev [Fri, 17 Jan 2025 13:16:31 +0000 (20:16 +0700)]
linux-cp: add the drain back
Type: fix
Change-Id: I60338a8c901cf5baf4974ce572f17e70116877df
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
fenglei [Tue, 14 Jan 2025 08:50:10 +0000 (16:50 +0800)]
af_xdp: fix af_xdp compile waring for clang compiler
Type: fix
- add check variable undefine init flags for gcc and clang compiler
- disable compile xdp-dump
Change-Id: Icd2b81ec5cd5dc66db395a69f8af889635f664e0
Signed-off-by: fenglei <1579628578@qq.com>
Vladimir Smirnov [Thu, 9 Jan 2025 19:32:27 +0000 (20:32 +0100)]
dpdk: update rdma-core to 55.0
Newer version of RDMA contains some bugfixes.
Type: feature
Change-Id: I4cd6bc7608bbadd99cdddc7b97646df1583b6ce6
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
Damjan Marion [Thu, 16 Jan 2025 16:45:07 +0000 (16:45 +0000)]
crypto-openssl: add fixed tag and aad size ops
Type: improvement
Change-Id: Iea7202cd0a79d3bed85313b2b4a6e6469a701568
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 16 Jan 2025 18:19:02 +0000 (18:19 +0000)]
crypto-ipsecmb: add fixed tag and aad size ops
Type: improvement
Change-Id: Id62308775eeeada0277c2303cf8c728db4dbfcdc
Signed-off-by: Damjan Marion <damarion@cisco.com>
Semir Sionek [Thu, 16 Jan 2025 14:03:41 +0000 (09:03 -0500)]
http: fix sending error responses to rejected requests by server apps
Plugins such as http_static sometimes reject requests without reading
all of the body. http_static in that case sends an error response and
closes the connection. But the error response cannot go out due to the
connection state being HTTP_REQ_STATE_TRANSPORT_IO_MORE_DATA.
With this change, we make http_app_tx_callback give a response like
that special treatment, allowing it to go out.
Type: fix
Change-Id: I72ae74b869183f5d5921837f6ac9c52f0efc7598
Signed-off-by: Semir Sionek <ssionek@cisco.com>
Artem Glazychev [Wed, 18 Dec 2024 08:50:13 +0000 (15:50 +0700)]
linux-cp: fix segfault while receiving nl messages
- check nl socket before receiving messages
- we don't need extra callback after adding an lcp pair because we start draining messages (due to epoll) right after opening socket
Type: fix
Change-Id: I0ecb03b758f066662015fd6c6b9d3c48cb520c0d
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
Damjan Marion [Thu, 16 Jan 2025 12:47:01 +0000 (12:47 +0000)]
crypto: combine sync and async algos and ops
Type: improvement
Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 16 Jan 2025 11:53:55 +0000 (11:53 +0000)]
ipsec: make algo data constant
Type: improvement
Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a
Signed-off-by: Damjan Marion <damarion@cisco.com>
fenglei [Tue, 31 Dec 2024 04:43:37 +0000 (12:43 +0800)]
arp: fix command resolve and config filed exist differ
Type: fix
Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462
Signed-off-by: fenglei <1579628578@qq.com>
Damjan Marion [Thu, 16 Jan 2025 11:20:12 +0000 (11:20 +0000)]
ipsec: don't add crypto key if cipher is NONE
Type: fix
Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Tue, 14 Jan 2025 22:22:43 +0000 (17:22 -0500)]
tcp: export sdl header file for out-of-tree plugins
Type: fix
Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6
Signed-off-by: Florin Coras <fcoras@cisco.com>
Ivan Ivanets [Tue, 14 Jan 2025 16:34:22 +0000 (16:34 +0000)]
tests: remove decorator tag_fixme_ubuntu2404
Type: test
There is no need to use the tag_fixme_ubuntu2404 decorator.
All tests that previously used it are now stable.
Change-Id: I2f00bcdacf9690c4d3896eace5d817f7bd19058b
Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
fenglei [Tue, 7 Jan 2025 13:43:40 +0000 (21:43 +0800)]
pg: fix tr to trace
Type: fix
Change-Id: Icd1ea24ba104123673f864d9bfd0f4da83982b7d
Signed-off-by: fenglei <1579628578@qq.com>
Monendra Singh Kushwaha [Tue, 14 Jan 2025 01:49:38 +0000 (07:19 +0530)]
octeon: add compatibility check
This patch adds compatibility check for OCTEON model in plugin.
Type: refactor
Change-Id: Id583a2f42b8f66f7e045f6cf9176125680e9a16f
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Monendra Singh Kushwaha [Tue, 14 Jan 2025 01:48:32 +0000 (07:18 +0530)]
octeon: update octeon roc version
Type: feature
Change-Id: I9f3044aec29a611d4735001ff1943772b7035711
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Semir Sionek [Tue, 14 Jan 2025 11:39:15 +0000 (06:39 -0500)]
http_static: read body only for POST requests
Type: improvement
Change-Id: Id863f59d04d8e6f22c886e079367d06908b8b24b
Signed-off-by: Semir Sionek <ssionek@cisco.com>
Piotr Bronowski [Fri, 3 Jan 2025 18:25:41 +0000 (18:25 +0000)]
ipsec: add test for tun sa ip6 fast-path spd policy matching
In case SA defines a tunnel, policy matching should be performed based
on the tunnel header defined by the SA. This change tests
the matching for ip6 fast path SPD implementation.
Type: test
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: I311b221bce565de0e8235fd162305eb10550edd9
Florin Coras [Wed, 8 Jan 2025 12:27:52 +0000 (07:27 -0500)]
ip: fix local csum check
For packets with invalid checksums, in src local check, do not override
errors on fast path and do not cache result.
Type: fix
Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b
Signed-off-by: Florin Coras <fcoras@cisco.com>
Damjan Marion [Fri, 10 Jan 2025 18:53:23 +0000 (18:53 +0000)]
crypto: remove AEAD opt types
Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Monendra Singh Kushwaha [Sun, 12 Jan 2025 01:17:04 +0000 (06:47 +0530)]
octeon: fix octeon build issue
This patch adapts new changes introduced in crypto framework
as part of
6676d951.
Type: fix
fixes:
6676d951
Change-Id: I7bbe8d87250e072b2891c0eedee1e14642fab4bc
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Damjan Marion [Fri, 10 Jan 2025 12:43:19 +0000 (12:43 +0000)]
crypto: key storage improvements
Type: improvement
Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Monendra Singh Kushwaha [Wed, 20 Nov 2024 06:36:52 +0000 (12:06 +0530)]
dev: assign tx queue to all threads
This patch assigns tx queue to all thread and enables tx queue
sharing if needed.
Type: fix
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520
Matus Fabian [Thu, 9 Jan 2025 19:00:28 +0000 (20:00 +0100)]
hs-test: http tps test with tls
Type: test
Change-Id: I0b4044c2924855f4be03c301f75e6a3e31aa29a9
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Guillaume Solignac [Thu, 9 Jan 2025 11:19:31 +0000 (03:19 -0800)]
build: expose VPP_PLATFORM to out-of-tree plugins
We move the VPP_PLATFORM logic from src/CMakeLists.txt to
cmake/cpu.cmake so that out-of-tree plugins can leverage it as well.
Type: improvement
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Change-Id: I767a75f45c07aed7db4034b18ab4b5c67fda06ee
Guillaume Solignac [Thu, 9 Jan 2025 14:50:15 +0000 (15:50 +0100)]
sr: fix aarch64 build issue
GCC complains about a maybe-unitialized variable
Type: fix
Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Adrian Villin [Wed, 8 Jan 2025 11:20:31 +0000 (12:20 +0100)]
hs-test: fix skipping docker image building
- building docker images will now be properly skipped
Type: test
Change-Id: I57ae71814bdf5eefaac16472dfb56e86564219e6
Signed-off-by: Adrian Villin <avillin@cisco.com>
Adrian Villin [Wed, 8 Jan 2025 15:33:45 +0000 (16:33 +0100)]
hs-test: copy vpp-data to docker images last
Type: test
Change-Id: I773321d21c75e081fa54fae1d9862b4bc75e3794
Signed-off-by: Adrian Villin <avillin@cisco.com>
Matus Fabian [Tue, 10 Dec 2024 15:15:06 +0000 (16:15 +0100)]
hsa: proxying UDP in HTTP/1.1
Type: feature
Change-Id: Ic0ff9b9bfbad9fbc602fbcec0d8906cd21d63a2c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Monendra Singh Kushwaha [Fri, 20 Dec 2024 10:53:56 +0000 (16:23 +0530)]
vlib: update input node counts based on state
Type: fix
Change-Id: I09497ae8d6a685324f8c7d9e0b3208a3ec465f0e
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Monendra Singh Kushwaha [Fri, 20 Dec 2024 17:56:43 +0000 (23:26 +0530)]
octeon: fix compilation for octeon
This patch adapts new changes introduced in crypto framework
as part of
0cf4eef7.
Type: fix
fixes:
0cf4eef7
Change-Id: I41a17c9b340f54014c9d2ae21546ec39ccef3f43
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Vratko Polak [Wed, 8 Jan 2025 13:07:42 +0000 (14:07 +0100)]
build: add vpp-crypto-engines to debian/control.in
Crypto engines have been moved into a new component,
but the component needs Debian packaging information.
Type: fix
Fixes:
0cf4eef73a4c1bd2831a4618af50939a2aab01c6
Change-Id: I041284f91be4cdb16d5a4771b518dd99571efa99
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Piotr Bronowski [Thu, 17 Oct 2024 15:16:06 +0000 (17:16 +0200)]
ipsec: fix spd fast path single match compare for ipv6
Fast path match single compare (the last step of policy matching in spd fast path)
is only implemented for IPv4 addresses.
This change adds support to also do a single match on IPv6 addresses.
Type: fix
Change-Id: I5aeb6e1e9afccfd2b2082e26502c5b7e9a8b2d4c
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Vinayak Udandkar <vinayakx.udandkar@intel.com>
Florin Coras [Mon, 6 Jan 2025 21:22:20 +0000 (16:22 -0500)]
vcl: fix vls wrk index on fork
Type: fix
Change-Id: If634dac31fd54466428db0726ac441a1247985b8
Signed-off-by: Florin Coras <fcoras@cisco.com>
Code Review / vpp.git / log