Vladimir Isaev [Tue, 4 Feb 2020 08:54:27 +0000 (11:54 +0300)]
stats: fix state counter removal
Avoid using vec_del1() for directory vector to keep indexes valid all
the time.
There are state counters for each slave in LACP bond mode which can be
dynamically created and removed. Vector index is used to access these
counters. But also vec_del1() is used to remove counter from vector.
This function changes the index of the last element, so after this we
are unable to access ex-last element using old index.
As a result it is not possible to add-del-add two interfaces to the LACP
bond:
DBGvpp# create bond mode lacp
BondEthernet0
DBGvpp# create packet-generator interface pg1
DBGvpp# create packet-generator interface pg2
DBGvpp# bond add BondEthernet0 pg1
DBGvpp# bond add BondEthernet0 pg2
DBGvpp# bond del pg1
DBGvpp# bond del pg2
DBGvpp# bond add BondEthernet0 pg1
DBGvpp# bond add BondEthernet0 pg2
bond add: /if/lacp/1/3/partner-state is already register
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I2c86e13905eefdef6233369cd4ab5c1b53d123bd
Chenmin Sun [Tue, 14 Jan 2020 00:47:22 +0000 (08:47 +0800)]
api: fix vl_api_clnt_node process stack overflow
Type: fix
Some simple settings(e.g. bringing up an i40e/ice interface) through
vnat consume more than the currently available stack space.
This root cause of this issue is same with commit
b2dbb36fc265b8996fc7fa310dda447d5b0479cb "vlib: fix startup-config \
-process stack overflow" and commit
2fd44a00aa26188ca75f0accd734f2 \
1758c199bf "vlib: fix cli process stack overflow"
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I312e4fed96a679aa68b859e28a90a2a4b6eb0c6e
John Lo [Sat, 1 Feb 2020 04:48:30 +0000 (23:48 -0500)]
ipsec: set l2_len for GRE-TEB tunnel decap
Type: fix
Ticket: VPP-1831
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I655964b22021ac38cbced577091a1156286d4fd6
Dave Barach [Tue, 4 Feb 2020 21:10:17 +0000 (16:10 -0500)]
vppinfra: deal with 0 return from os_cpu_clock_frequency()
Sporadic reports of os_cpu_clock_frequency() returning 0.0 in highly
parallel container environments.
To avoid immediate division by zero:
Step 1: try estimate_clock_frequency(1e-3).
Step 2: give up. Pretend we have a 2gHz clock.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I19d0fe5259b757ab778599c7026ce485153b43fa
Haggai Eran [Tue, 4 Feb 2020 12:32:19 +0000 (14:32 +0200)]
dpdk: use port_id as interface name suffix for representors
Type: feature
Representor devices include a port ID as part of their switch_info struct, and
it is helpful to use that in the interface name.
Signed-off-by: Haggai Eran <haggai.eran@gmail.com>
Change-Id: Id24627e7daf857f8b0e8ace2f592c098678081c7
Haggai Eran [Tue, 4 Feb 2020 12:09:04 +0000 (14:09 +0200)]
dpdk: output switch information
Type: feature
Output DPDK switch information to allow finding out which DPDK ports are
associated with which DPDK representor ports.
Signed-off-by: Haggai Eran <haggai.eran@gmail.com>
Change-Id: I612cbd5a97e04787eca13423f53c7283d5945e37
Mohsin Kazmi [Tue, 4 Feb 2020 10:36:17 +0000 (11:36 +0100)]
misc: add new type for commit message
Type: style
Change-Id: Ibfa8bd1c0987fd2a5050be6c454f665666eb0210
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Florin Coras [Tue, 4 Feb 2020 19:04:34 +0000 (19:04 +0000)]
vcl: switch to closed state after app close
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I851db474538de76d5f70dd6d6f83a6487a5a02bd
Filip Varga [Mon, 3 Feb 2020 11:14:29 +0000 (12:14 +0100)]
nat: pool allocation function fix
Type: fix
Change-Id: I75b20db66fb58e1724a212253c51315836079f4b
Signed-off-by: Filip Varga <fivarga@cisco.com>
Ole Troan [Tue, 4 Feb 2020 08:12:00 +0000 (09:12 +0100)]
vppapigen: fix options representation
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ief77110160120ea0e1291cc79949a73404cdbfda
Steven Luong [Wed, 8 Jan 2020 18:25:52 +0000 (10:25 -0800)]
virtio: update FEATURE.yaml to include description for vhost-user
Add features supported by vhost-user
Type: docs
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Iba4c5244c40324b603e2803ade8ecc0816326de8
Neale Ranns [Mon, 3 Feb 2020 10:55:09 +0000 (10:55 +0000)]
teib: Rename NHRP to TEIB
Type: refactor
The Tunnel Endpoint Informatiob Base (TEIB) is a better
description of what it is (a mapping between tunnel endpoint
address, in the overlay, and next-hop address, in the underlay)
whereas NHRP is one instanc eof a control protocol that might add
such endpoints.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Idcb2ad0b6543d3e5d9f6e96f9d14dafb5ce2aa85
Matthew Smith [Fri, 31 Jan 2020 21:39:21 +0000 (15:39 -0600)]
dpdk: patch ixgbe driver to solve race condition
Type: fix
Some fiber ports that are managed by the ixgbe PMD have the
possibility to get into a state where link can never be brought up.
This patch should fix it and will be submitted to upstream DPDK.
Change-Id: Ia4d0df2e70d098b2151e513b96e8bd742151e8ce
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Alexander Chernavin [Fri, 31 Jan 2020 14:19:49 +0000 (09:19 -0500)]
ip: translate fragmented icmp to fragmented icmp6
The first translated ICMPv6 packet of a fragmented ICMP message does
not have a IPv6 fragment header. All subsequent have.
With this commit, add a IPv6 fragment header to the first translated
ICMPv6 packet.
Type: fix
Change-Id: Id89409ce7273cbeed801e2e18a09d3e7c3c4e4bc
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Dave Barach [Mon, 3 Feb 2020 16:57:41 +0000 (11:57 -0500)]
vppinfra: fix typo in tw_timer_template.c
Fix minor memory leak
Type: fix
Ticket: VPP-1833
Fixes:
4af9ba1dab
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Id10fba70471ca78f73f14146054f6b12c5d4431f
Yu Ping [Mon, 20 Jan 2020 21:07:30 +0000 (05:07 +0800)]
tls: refactor for tls async event handling
Type: refactor
Make sure one tls ctx has one event availble
Thus ctx has the same life time with event, which can simplify the
management.
Change-Id: I1f4240e7316025d81bb97644946ffa399c00cd76
Signed-off-by: Yu Ping <ping.yu@intel.com>
Steven Luong [Thu, 30 Jan 2020 23:18:45 +0000 (15:18 -0800)]
virtio: vhost gso is broken in some topology
Recent modification added a call to vnet_gso_header_offset_parser in the
beginning of vhost_user_handle_tx_offload. The former routine may set tcp or
udp->checksum to 0. While it is appropriate to set it to 0 for the GSO packet,
it is broken and causes checksum error if the aformentiooned routine is called
by a non-GSO packet. The fix is to not call vhost_user_handle_tx_offload
if the buffer does not indicate checksum offload is needed.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I6e699d7a40b7887ff149cd8f77e8f0fa9374ef19
Neale Ranns [Mon, 3 Feb 2020 10:33:51 +0000 (10:33 +0000)]
fib: invalid check for adj types.
Type: fix
coverity found invalid logic.
Change-Id: Ic9144ac805a4e5a18aa299794fedda044dcb65fe
Signed-off-by: Neale Ranns <nranns@cisco.com>
Steven Luong [Thu, 30 Jan 2020 17:11:18 +0000 (09:11 -0800)]
fib: refresh adj pointer after fib_walk_sync due to possible realloc
fib_walk_sync may call adj_alloc which may cause adj_pool to expand. When
that happens, any previous frame which still use the old adj pointer needs to
refresh. Failure to do so may access or update to the old adj memory
unintentionally and crash mysteriously.
Type: fix
Ticket: VPPSUPP-54
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I173dec4c5ce81c6e26c4fe011b894a7345901b24
Vratko Polak [Fri, 31 Jan 2020 19:43:33 +0000 (20:43 +0100)]
gre: improve .api descriptions
+ Remove fields not present in the typedef.
+ Sort field descriptions by the order in the typedef.
+ Add descriptions to other messages.
+ Add comment lines with de-abbreviated enum values.
Type: style
Change-Id: I2c41e0204ba5c59a53f1cf7b5837118484a16ad0
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Vratko Polak [Fri, 31 Jan 2020 18:21:25 +0000 (19:21 +0100)]
gre: add missing .api edits
The previous edit has added a new field to a typedef.
That change is backward-compatible for PAPI users,
but not backward compatible for direct binary API users.
This change adds two edits that should have been there already:
+ Copyright year bump.
+ API version bump.
- PAPI users point of view, so bumping minor version only.
Type: fix
Fixes:
e5b94dded0dfd7258d5fd0f4ef897d9ccb48715b
Change-Id: Ib85f457254e38a8e5999a078855848e6a5cfda13
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Dave Barach [Fri, 31 Jan 2020 20:38:28 +0000 (15:38 -0500)]
vppinfra: write up clib_time_t
Describe the clock rate adjustment algorithm in detail
Type: docs
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5bcab18efafe05cd1db9a4b01ce6a6ba66e383fa
Florin Coras [Fri, 31 Jan 2020 16:28:02 +0000 (08:28 -0800)]
session: fix chunk batch alloc for large fifos
Type: fix
Change-Id: Ibfac65b516f20d25d91f6d0cf86491353811b8be
Signed-off-by: Florin Coras <fcoras@cisco.com>
MathiasRaoul [Thu, 9 Jan 2020 14:50:53 +0000 (14:50 +0000)]
quic: quicly crypto offloading
- Implement our own quic packet allocator to allocate more memory at the end of the
packet to store crypto offloading related data
- 1RTT packets offloading encryption/decryption using vnet crypto
- Add cli to change max packet per key
Type: feature
Change-Id: I7557fd457d7ba492329d5d8ed192509cbd727f9c
Signed-off-by: MathiasRaoul <mathias.raoul@gmail.com>
Damjan Marion [Fri, 31 Jan 2020 09:24:07 +0000 (10:24 +0100)]
crypto-native: add ARMv8 AES-CBC implementation
Type: feature
Change-Id: I32256061b9509880eec843db2f918879cdafbe47
Signed-off-by: Damjan Marion <dmarion@me.com>
MathiasRaoul [Fri, 31 Jan 2020 10:48:40 +0000 (10:48 +0000)]
quic: update quicly to v0.0.10-vpp
Type: feature
Signed-off-by: MathiasRaoul <mathias.raoul@gmail.com>
Change-Id: I5452f8bbd0ff9e2a57f7bd7d134a8824efa5f30a
Damjan Marion [Thu, 30 Jan 2020 14:46:23 +0000 (15:46 +0100)]
crypto-native: refactor AES code
- use neutral types in preparation for ARMv8 support
- simplify x86 key extraction support
Type: refactor
Change-Id: I947eb37b8c9d9ee6909bb32ef14c4de192d40a46
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 30 Jan 2020 19:47:37 +0000 (20:47 +0100)]
misc: deprecate dpdk hqos
Not in functional state for a long time ...
Type: refactor
Change-Id: I2cc1525a6d49518cbc94faf6afbf0d2d0d515f56
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Thu, 30 Jan 2020 19:39:58 +0000 (20:39 +0100)]
misc: deprecate netmap and ixge drivers
Both are out of sync for long time...
Type: refactor
Change-Id: I7de3170d35330fc172501d87655dfef91998b8fe
Signed-off-by: Damjan Marion <damarion@cisco.com>
Jon Loeliger [Thu, 30 Jan 2020 16:54:58 +0000 (10:54 -0600)]
map: Add several more MAP-T BR tests
Add several more MAP-T BR tests for normal packet flow.
Type: test
Change-Id: Ica880dd23c923795279e9d08dca2796f2925069a
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Dave Barach [Wed, 29 Jan 2020 23:05:24 +0000 (18:05 -0500)]
vppinfra: improve clocks_per_second convergence
Apply exponential smoothing to the clock rate update calculation in
clib_time_verify_frequency(), with a half-life of 1 minute and a
sampling frequency of 16 seconds. Within 5 minutes or so, the
calculation converges
With each rate recalculation: reset total_cpu_time based on the kernel
timebase delta since vpp started, and the new clock rate
Improve the "show clock [verbose]" debug CLI command.
BFD echo + echo fail tests marked off until the BFD code can be
reworked a bit.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I24e88a78819b12867736c875067b386ef6115c5c
Mohsin Kazmi [Thu, 30 Jan 2020 15:08:08 +0000 (16:08 +0100)]
tap: fix host mtu configuration setting
host mtu can't be set if tap interface is in namespace.
This patch fixes this issue.
Type: fix
Change-Id: I63811c4b56c708fe708061a8afbaec41994f08ca
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Mohsin Kazmi [Thu, 30 Jan 2020 12:36:02 +0000 (13:36 +0100)]
tap: fix the host mac address
Tap configuration code sets the host mac address
two time. This patch fixes it.
Type: fix
Change-Id: I7bebb9b7f25352a8a9a98bae6a0636757c0cea9c
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Damjan Marion [Thu, 30 Jan 2020 20:18:39 +0000 (21:18 +0100)]
misc: move configs to extras/configs
Type: refactor
Change-Id: I64665b290e2c42bbd9b0e877e9e4b028090b0ede
Signed-off-by: Damjan Marion <damarion@cisco.com>
Paul Vinciguerra [Thu, 30 Jan 2020 17:49:20 +0000 (12:49 -0500)]
fib: fix typos in doxygen
cleaned up some trivial typo's while reading through adj.h
Type: docs
Change-Id: I1b6cd815dc10ed3da8db2024b3e015e076235d50
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Neale Ranns [Tue, 31 Dec 2019 05:13:14 +0000 (05:13 +0000)]
gre: Tunnel encap/decap flags
Type: feature
common funcitons across IP-in-IP and GRE tunnels for encap/decap
functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
Florin Coras [Mon, 28 Oct 2019 20:14:17 +0000 (13:14 -0700)]
vcl session: propagate cleanup notifications to apps
Type: feature
Change-Id: I7f8e3763d7f8364563a25d0fcc782976b906b325
Signed-off-by: Florin Coras <fcoras@cisco.com>
Paul Vinciguerra [Tue, 28 Jan 2020 18:00:05 +0000 (13:00 -0500)]
vppapigen: update markdown documentation
- Add newly added typedefs.
- Update string examples.
Change-Id: I1e7ee7cbf5901ba97302472521bf1f42a14765ea
Type: docs
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Jon Loeliger [Tue, 28 Jan 2020 13:30:28 +0000 (07:30 -0600)]
map: Prevent IPv4 prefix spoofing during IPv6 -> IPv4
Prevent malicious packets with spoofed embedded IPv4 addresses
by limiting the IPv6 ingress packets to known MAP-T domains.
Drop spoofed packets.
Add several tests that ensure spoofing isn't allowed.
Type: fix
Fixes:
fc7344f9be
Change-Id: I80a5dd10d5fe7492e3a1b04de389d649a78065e2
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Alexander Chernavin [Thu, 23 Jan 2020 13:09:40 +0000 (08:09 -0500)]
map: handle ip4 ttl=1 packets in map-t
With this commit, ICMP Time Exceeded is sent to sender when TTL
expires at MAP BR.
Type: fix
Change-Id: I8effe163beab32596883127b819308cc355512c3
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Damjan Marion [Wed, 29 Jan 2020 09:31:26 +0000 (10:31 +0100)]
crypto-native: don't expand aes-cbc keys twice
Type: refactor
Change-Id: If0d9ec70f9e8c228c39505864a4a73bf94b67479
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Wed, 29 Jan 2020 22:59:48 +0000 (22:59 +0000)]
bfd: add missing cast
Add missing cast to time conversion function to to deal with arbitrary
clocks-per-second values.
Type: fix
Change-Id: I5075a823e7a95c972c513ac765252337d5f59fbf
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Alexander Chernavin [Fri, 17 Jan 2020 13:31:04 +0000 (08:31 -0500)]
tests: add map-t fragmentation verifications
Type: test
Change-Id: I5522e88ee178d0563c246895393e835d125f1b81
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Dave Barach [Tue, 28 Jan 2020 22:03:05 +0000 (17:03 -0500)]
dhcp: disable extraneous vlib_log spew
When there are no dhcp client interfaces configured, it's not
useful to make periodic / timeout log entries.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I16b68fe15ad9de789e49ad1b782b3b0e536bad60
Florin Coras [Tue, 28 Jan 2020 03:21:28 +0000 (19:21 -0800)]
session tcp: fix packet tracing
Type: fix
Change-Id: Ib823d016c64998779fb1d00b8aad3acb5e8340be
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Mon, 27 Jan 2020 18:34:13 +0000 (18:34 +0000)]
hsa: proxy rcv wnd update acks after full fifos
Avoid rcv wnd probing after zero window advertisments by registering for
tx dequeue notifications and forcing acks that open the rcv wnd.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8f33e3cf917f8c83d412f370ca66013aa4cd6e67
Damjan Marion [Tue, 28 Jan 2020 08:55:25 +0000 (09:55 +0100)]
crypto-native: rename crypto_ia32 to crypto_native
Type: refactor
Change-Id: I9f21b3bf669ff913ff50afe5459cf52ff987e701
Signed-off-by: Damjan Marion <damarion@cisco.com>
Vladimir Ratnikov [Tue, 14 Jan 2020 14:48:31 +0000 (09:48 -0500)]
map: ip4-map-t more RFC compliant
When MTU is not set, ignore_df and mtu check
always returns true and packets are dropped.
This patch puts MTU checks after it was
compared with 0 and set to maximum if not set.
Added trace node.
If MTU is less than the total length value of
the IPv4 packet plus 20, the translator MUST
send an ICMPv4 "Fragmentation Needed" error message
to the IPv4 source address
Type: fix
Fixes:
87663cdf644fb7c94c0fec9460829b7e4e7c35ca
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I35b99bc2648984cdbf5b6a57ddec91c586b15bef
Damjan Marion [Thu, 19 Dec 2019 12:27:28 +0000 (13:27 +0100)]
crypto-ia32: add VAES support for AES-CBC
Type: feature
Change-Id: Ic8aa6c48913677537301971469f9627b70c1cec8
Signed-off-by: Damjan Marion <damarion@cisco.com>
Ignas Bacius [Fri, 3 Jan 2020 13:05:46 +0000 (15:05 +0200)]
sr: fix possible null-pointer dereference
Steps to reproduce VPP crash:
1. configure localsid End behavior
2. ping the localsid address
Type: fix
Signed-off-by: Ignas Bacius <ignas@noia.network>
Change-Id: Id780e0875ec9cdb25252217990919fb3dddbf06a
Damjan Marion [Wed, 18 Dec 2019 17:45:19 +0000 (18:45 +0100)]
vppinfra: use CPUID provided base frequency if available
Type: fix
Change-Id: Ifb007207be97119e07c3a0eba4714eb519de043c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 18 Dec 2019 15:09:48 +0000 (16:09 +0100)]
vppinfra: add x86 CPU definitions
Type: feature
Change-Id: I9d1f9f00ac011a93709850186dcf4cf5ea3bf88a
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Mon, 27 Jan 2020 14:56:58 +0000 (09:56 -0500)]
classify: pcap / packet trace debug CLI bugs
"classify filter trace ... " and "classify filter pcap ..." are
mutually exclusive.
vnet_pcap_dispatch_trace_configure needs to check for
set->table_indices == NULL.
Type: fix
Ticket: VPP-1827
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I43733364087ffb0a43de92e450955033431d559d
Steven Luong [Mon, 27 Jan 2020 18:37:56 +0000 (10:37 -0800)]
interface: Add missing ip4 udp->checksum = 0 prior to computing checksum
For ip4 tcp, ip6 tcp, and ip6 udp packet, we set checksum = 0 prior to
computing the checksum. We missed ip4 udp case. This oversight requires all
clients to set udp->checksum = 0 if ip4 udp checksum offload is needed.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic608811e82099f3bec469e123671e9b281f38d76
Neale Ranns [Sun, 29 Dec 2019 23:55:18 +0000 (23:55 +0000)]
ipip: Multi-point interface
Type: feature
plus fixes for gre
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
Neale Ranns [Sun, 29 Dec 2019 23:55:18 +0000 (23:55 +0000)]
tunnel: Common types for IP tunnels
Type: refactor
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
Benoît Ganne [Tue, 21 Jan 2020 17:24:44 +0000 (18:24 +0100)]
map: api: fix tag overflow and leak
The 'tag' parameter is expected to be a NULL-terminated C-string in
callees:
- make sure it is null-terminated in both API and CLI cases
- do not allocate & copy the string into a non-NULL-terminated vector
in API case
- fix leak in CLI case
Type: fix
Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Klement Sekera [Fri, 17 Jan 2020 10:01:52 +0000 (10:01 +0000)]
bfd: reset peer discriminator on timeout
More RFC compliance.
Ticket: VPP-1816 BFD: peer discriminator not reset on timeout
Type: fix
Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Jakub Grajciar [Thu, 14 Nov 2019 09:47:25 +0000 (10:47 +0100)]
libmemif: memif_control_fd_update always pass context from libmemif_main
Event polling instance is always identified by libmemif main private context.
Fixes event polling handled by libmemif.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I51dcdb279b18f8ce97bad3b2695848e0b25a232d
Neale Ranns [Thu, 23 Jan 2020 22:46:06 +0000 (22:46 +0000)]
fib: Reload the adj after possible realloc (VPP-1822)
Type: fix
Fixes:
418b225931634f6d113d2971cb9550837d69929d
Change-Id: Ia5f4ea24188c4f3de87e06a7fd07b40bcb47cfc1
Signed-off-by: Neale Ranns <nranns@cisco.com>
Benoît Ganne [Fri, 24 Jan 2020 17:06:01 +0000 (18:06 +0100)]
devices: vhost: fix data offset on input
Regardless of whether the virtio_net_hdr is sent as a separate
descriptors or in the same descriptor as the data, we always want to
skip the header length - maybe moving to the next descriptor along the
way.
Type: fix
Change-Id: Iaa70aeb310e589639b20f8c7029aaa8d3ce5d307
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Paul Vinciguerra [Thu, 19 Dec 2019 16:51:22 +0000 (11:51 -0500)]
docs nat: fix nat-ha ascii art
See: https://docs.fd.io/vpp/19.08/nat_ha_doc.html
Type: docs
Change-Id: I43ecf1dfb6976ebafee04d820f0e1b07393a0b93
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Wed, 18 Dec 2019 17:38:40 +0000 (09:38 -0800)]
session: fix node runtime in pre-input queue handler
Call session queue node with the right node runtime instead of the
pre-input node runtime.
Type: fix
Change-Id: I43d20bed4930fc877b187ce7ecdce62034b393c5
Signed-off-by: Florin Coras <fcoras@cisco.com>
John DeNisco [Fri, 24 Jan 2020 19:04:41 +0000 (14:04 -0500)]
docs: Update the requirements and fix the build
Signed-off-by: John DeNisco <jdenisco@cisco.com>
Change-Id: I30e37f7e549083337b11ace95b4ff4f427d9fc8c
Matthew Smith [Thu, 16 Jan 2020 19:48:52 +0000 (13:48 -0600)]
nat: in2out-output nodes work with acl reflect
Type: feature
The current feature ordering of NAT44 nodes with respect to the
ACL plugin's IPv4 input/output features is:
ip4-output: acl-plugin-out-ip4-fa runs before any NAT44 nodes
ip4-unicast: acl-plugin-in-ip4-fa runs before any NAT44 nodes
ACL rules with action permit+reflect can keep track of outbound
flows and allow the replies inbound without an explicit inbound rule.
If ACL permit+reflect rules are configured on an interface that also
has NAT44 configured with output-feature/postrouting translation of
outbound packets, the ACL rules cannot allow inbound packets. The
ACL state that was stored on the outbound flow contains the IP
addresses of the original packet, prior to translation. The inbound
packets are being evaluated by the ACL node using the translated
addresses.
The order of processing inbound needs to be the opposite of what it
was outbound for this to work. Change the NAT44 features on
ip4-output so that they run before outbound ACL nodes. This matches
the existing behavior of the NAT44 nodes which rewrite
source addresses as an input feature instead of an output feature.
This was only done for endpoint dependent mode because the regular
endpoint independent in2out-output node currently selects an
explicit next node rather than using the next node on the feature
arc.
Unit test added to configure both NAT and an ACL and ensure that
out2in packets matching an in2out flow are permitted by the ACL
and translated by NAT.
Change-Id: Ibd679c28b64c3fc3cc8c0606ea93123e384e839f
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Florin Coras [Wed, 22 Jan 2020 15:32:12 +0000 (07:32 -0800)]
vcl: always report EPOLLHUP/EPOLLRDHUP on close
Type: fix
Change-Id: I3d24a7973c7113ffeb9109e89cda7fa960e73a5b
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 22 Jan 2020 02:33:23 +0000 (18:33 -0800)]
vcl session: udp session migration notifications
Type: feature
Change-Id: I402549818ba6e078802e914293304174dc6625c2
Signed-off-by: Florin Coras <fcoras@cisco.com>
Benoît Ganne [Fri, 29 Nov 2019 16:28:30 +0000 (17:28 +0100)]
docs: add AddressSanitizer mini-howto
Type: docs
Change-Id: I3bb589d04f15a03166a6d457552ffc316fb02f94
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Tetsuya Murakami [Thu, 16 Jan 2020 13:46:29 +0000 (05:46 -0800)]
srv6-mobile: fix the converity issue
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I358a290f4ac121f075f7ee52941beabe478bfba0
Dave Barach [Thu, 23 Jan 2020 13:44:40 +0000 (08:44 -0500)]
api: mark api_trace_command_fn thread-safe
Binary API trace replay with multiple worker threads depends in many
cases on worker thread graph replica maintenance. If we (implicitly)
assert a worker thread barrier at the debug CLI level, all graph
replica changes are deferred until the replay operation completes. If
an interface is deleted, the wheels may fall off.
Type: fix
Ticket: VPP-1824
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I9b07d43f8501caa5519e5ff9ae4c19dc2661cc84
Neale Ranns [Tue, 21 Jan 2020 04:58:02 +0000 (04:58 +0000)]
ipsec: re-enable DPDK IPSec for tunnel decap/encap (VPP-1823)
Type: fix
Change-Id: Iff9b1960b122f7d326efc37770b4ae3e81eb3122
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Sun, 12 Jan 2020 21:16:55 +0000 (21:16 +0000)]
fib: Adjacency realloc during rewrite update walk (VPP-1822)
Type: fix
Change-Id: I0e826284c50713d322ee7943d87fd3363cfbdfbc
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Wed, 22 Jan 2020 00:17:53 +0000 (16:17 -0800)]
hsa: proxy app fixes
Type: fix
Change-Id: Icb4b331c9346d3781f4ddd6f62891c78d4059c1f
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Mon, 20 Jan 2020 02:28:00 +0000 (02:28 +0000)]
fib: FIB crash removing labelled route (VPP-1818)
Type: fix
The crash occured trying to retreive a NULL path list to walk the path
extensions. A walk shoul not be required, because there should be no
extensins, since all paths are removed. The problem is that when the
paths were added, they were not sorted, hence neither were the
extensions and when they were updated, duplicate extensions were added,
and hence a path removal did not remove them all.
Fix is to make sure paths are sorted.
Change-Id: I069d937de8e7bc8aae3d92f588db4daff727d863
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit
257749c40946a9269140d322e374d74c3b6eefb8)
Dave Wallace [Tue, 21 Jan 2020 16:56:19 +0000 (16:56 +0000)]
nsim: enable output scheduling on main thread
Type: fix
Change-Id: I5d47cb9bc7eb7f3c8485e3b42f0701e81d87ba2a
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Alexander Chernavin [Tue, 14 Jan 2020 11:11:42 +0000 (06:11 -0500)]
nat: fix dhcp client on outside interface with output feature
There was an attempt to fix this problem in the commit:
d3b8c861a44e70c197ab721fa3ce7f38bbeab7fd
But checking the LOCALLY_ORIGINATED flag didn't work because this flag
gets reset before it can reach the NAT nodes.
With this commit, replace the check for the LOCALLY_ORIGINATED flag
with a check to see if the packet is a DHCP broadcast.
Type: fix
Change-Id: I069c08a785b5988b10192f528e4f9c4c7cc2f8a3
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Filip Varga [Fri, 17 Jan 2020 18:24:13 +0000 (19:24 +0100)]
nat: removed obsolete fragmentation code
Type: fix
Ticket: VPP-1817
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Id4d694ce636b0a213e65ce27c32a8150df9af0f8
Florin Coras [Thu, 16 Jan 2020 19:15:54 +0000 (11:15 -0800)]
classify: fix pcap filter set init
Type: fix
Change-Id: I6a48a6c14bfb84b3460e8211021bc9df6e915dba
Signed-off-by: Florin Coras <fcoras@cisco.com>
Yulong Pei [Wed, 8 Jan 2020 17:12:43 +0000 (01:12 +0800)]
lb: fix that lb_add_del_vip and lb_add_del_as api doesn't work correctly
Currently if user want to set ip4 address to the api, it must convert to ip6
format, e.g. user want to ip4 "90.1.2.1" but must convert to "::5A01:0201",
it is not acceptable, this fix solved the issue.
Ticket: FDIO-753
Type: fix
Change-Id: I2ffa5a3d38400ee176cf601421074f71fc395f03
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
Filip Varga [Thu, 16 Jan 2020 13:58:47 +0000 (14:58 +0100)]
nat: refactor of port/address allocation functions
Change-Id: Ie2a3c0f44322dd8415603b7ce51bb72d72769c95
Ticket: VPP-1815
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Ahmed Abdelsalam [Sun, 8 Dec 2019 11:58:27 +0000 (12:58 +0100)]
sr: some fixes for SRv6 CLI/API
Return FIB table_id instead of vrf_index to clients
Type: fix
Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com>
Change-Id: I76a97bad3ecd3ac8eb045efb1657eaa90c2a57b6
Steven Luong [Thu, 16 Jan 2020 16:45:53 +0000 (08:45 -0800)]
misc: binary-api sw_interface_vhost_user_dump is broken
Recent modificaton to vhost_user APIs for typing which added a sw_if_index
filter to the API sw_interface_vhost_user_dump with the default value -1 to
mean all interfaces. But the default is not set from api_format.c, causing the
binary-api command for sw_interface_vhost_user_dump to display nothing.
Also missing is the proper display on custom dump for the aformentioned API.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I05546e2318165af7531977fbed66ea7224c4a7ce
Steven Luong [Thu, 16 Jan 2020 17:57:22 +0000 (09:57 -0800)]
gso: fix typo in the quad-loop
Fix minor typo in the quad-loop for swif which may actually causes problem
if swif0 != swif1 or swif2 or swif3.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ib81f323479c7ecbd28d84956cffbc20b1072d2c2
Paul Vinciguerra [Fri, 27 Dec 2019 05:19:23 +0000 (00:19 -0500)]
tests: fix typo in test doc string
Type: test
Change-Id: I97e02ebc5989eee794511c1ed6049e300be7d64e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Wed, 11 Dec 2019 04:36:05 +0000 (23:36 -0500)]
tests: fix TypeError in run_tests.py
Traceback (most recent call last):
File "run_tests.py", line 886, in <module>
exit_code, suites = parse_results(results)
File "run_tests.py", line 732, in parse_results
results_per_suite.print_results()
File "run_tests.py", line 683, in print_results
result.get_testcase_names(failed_test_id)
TypeError: 'NoneType' object is not iterable
Type: test
Change-Id: I2c5ae0b9e11be6bfb4490d9ce057db0b0a84c9bf
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Wed, 15 Jan 2020 20:18:35 +0000 (20:18 +0000)]
tcp: fix rxt delivered without sacks
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I69c245cb0e3f6d599a3270a485fa0a5845cde8eb
Florin Coras [Wed, 15 Jan 2020 01:30:46 +0000 (01:30 +0000)]
vcl: add rx event on epoll ctl if needed
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib6d0387076a4bb0b52e4cdfdcd62b6060b704fe6
Florin Coras [Wed, 15 Jan 2020 02:32:07 +0000 (02:32 +0000)]
udp: fix ipv6 listen port registration
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7f2233eb9bf3d81a697f76ba985083cf1040e2e9
Florin Coras [Thu, 16 Jan 2020 04:04:54 +0000 (04:04 +0000)]
tcp: fix listen node coverity warning
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If5ec3ec4f46d3840c2b3c3005f093b5dddefc289
Vijayabhaskar Katamreddy [Wed, 15 Jan 2020 21:45:19 +0000 (13:45 -0800)]
vppinfra: fixing compilation issues in 32-bit
Fixing compilation issuues for 32-bit also setting init flag for shm based bihash
Type: fix
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
Change-Id: Ic2072c5ba7fc77d061ca9f1b844a71f6e22e58b2
Chris Luke [Thu, 16 Jan 2020 01:30:04 +0000 (20:30 -0500)]
build: Add missing version.h dependency in vnet
Two modules in vnet include vpp/app/version.h but there is
no explicit build dependency for this generated file. This
leaves a race condition in the build system that the Coverity
build has recently started triggering.
Change-Id: I8e2bb32feeb16e1bdd8efb0d2633cfdba60f51aa
Type: fix
Signed-off-by: Chris Luke <chrisy@flirble.org>
Andrew Yourtchenko [Wed, 15 Jan 2020 20:54:40 +0000 (20:54 +0000)]
misc: Initial 20.05-rc0 commit
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I935a28d96078629607b23ce9c2aecec47e88b0b1
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Klement Sekera [Wed, 15 Jan 2020 10:30:48 +0000 (10:30 +0000)]
ip: align reass.save_rewrite_length
By aligning vnet_buffer_opaque.ip.save_rewrite_length and
vnet_buffer_opaque.ip.reass.save_rewrite_length we prevent shallow
virtual reassembly code from overwrite save_rewrite_length, allowing
other features down the pipe to rely on this value.
A static assert is added to guard this alignment.
Type: fix
Fixes:
f126e746fc01c75bc99329d10ce9127b26b23814
Change-Id: Ie7c7f3abc2a221bbcf2830c0f006a4368088b342
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Dave Wallace [Wed, 15 Jan 2020 18:16:31 +0000 (18:16 +0000)]
build: install vpp_echo for CSIT QUIC perf tests
Type: make
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: Iddfcce1f662efe63c5a6788a0a604917b1c9d81e
Simon Zhang [Tue, 24 Dec 2019 12:02:20 +0000 (20:02 +0800)]
tcp: fix tcp check tx offload issue
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I3b8755831d762abf51e1cbe1b57024f9297de9a4
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Yu Ping [Tue, 14 Jan 2020 22:24:44 +0000 (06:24 +0800)]
tls: enable async node on demand
Type: fix
Change-Id: Iab7c65614c94497e8ec5a96624be72c1a139e486
Signed-off-by: Yu Ping <ping.yu@intel.com>
Alexander Chernavin [Wed, 15 Jan 2020 11:45:47 +0000 (06:45 -0500)]
ip6: during icmp to icmp6 translation truncate error messages
All translated ICMPv6 packets that exceed the minimal IPv6 MTU get
truncated but according to RFC 4443 2.4 only ICMPv6 error messages
(type < 128) need to be truncated.
With this commit, truncate only ICMPv6 error messages.
Type: fix
Change-Id: Ic455352de2ff4ff6aa3421b46a2a54923f2d3f80
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Aloys Augustin [Tue, 14 Jan 2020 13:23:37 +0000 (14:23 +0100)]
quic: add FEATURE.yaml
Type: docs
Change-Id: Ica60b42e64703879c5c229209e4a4fac278bda31
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Andrew Yourtchenko [Tue, 14 Jan 2020 19:26:27 +0000 (19:26 +0000)]
srv6-mobile: Revert "srv6-mobile:"
This reverts commit
57584d99dd8a8524db90c67c88525d58879d9b8e.
The reasons for reverting:
- the documentation seems "work in progress". Also, 500K of pngs
should probably go on wiki, rather than in the repo. Please
make sure that newly added documentation renders correctly
and sensibly as part of the review/commit process.
- runner.py seems to contain unit tests, so it should
be rewritten in a manner that allows the testing from within
CI (including an unprivileged docker container)
- the above items, especially the testing one, warrant more
work, and at a RC1 milestone time it is probably not
a good idea to include a significant patch without
proper care. I suggest to prepare it so it is ready
for the next release, or cherrypick it for a
20.01.1 release, if having it in stable/2001 is absolute necessity.
- when submitting it, ensure that the commit message
makes sense, especially having "srv6-mobile:" with no further
text should be absolutely avoided.
Change-Id: If81441f7ebf11a6ad5638b1327faf18e8ebe6a35
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Simon Zhang [Tue, 14 Jan 2020 10:11:18 +0000 (18:11 +0800)]
tls: add picotls session close process
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: If0a1691c1435f2826c8c83f8bc52e4cd3ecc6256