vpp.git
9 months agosflow: initial checkin 80/41680/18
Pim van Pelt [Sun, 6 Oct 2024 15:49:00 +0000 (17:49 +0200)]
sflow: initial checkin

This is an sFlow dataplane plugin that can sample
1-in-N packets from device-input, copying them to
a FIFO queue and servicing that queue from a main
process which formats them as Netlink PSAMPLEs,
to be picked up by a popular sidecar agent called
host-sflow.

Type: feature
Change-Id: Ic03456472e53309678f182dc8f74d3c81fb619e6
Signed-off-by: [email protected]
Signed-off-by: [email protected]
9 months agovlib: fail in runtime if workers > nelts 89/42089/7
Vladimir Smirnov [Fri, 3 Jan 2025 20:47:56 +0000 (21:47 +0100)]
vlib: fail in runtime if workers > nelts

Type: fix

With a release build, if you configure more than 55 workers, vpp
will start, but will corrupt memory as a lot of internal datastrctures
are allocated with assumption that there will be not more than
FRAME_QUEUE_MAX_NELTS threads.

Add a warning if amount of configured workers more than MAX_NELTS.

Anticipate that next commit would add a compile-time configurable
variable and name it VPP_MAX_THREADS.

Change-Id: I015f4f9aa5e8b828c7d90c90142d7a7c1ce68f97
Signed-off-by: Vladimir Smirnov <[email protected]>
9 months agoaf_packet: worker thread call vlib_log coredump 83/42083/2
fenglei [Tue, 31 Dec 2024 07:20:16 +0000 (15:20 +0800)]
af_packet: worker thread call vlib_log coredump

Type: fix

-When deleting a veth pair interface in linux, vpp's call to af_packet_fd_error will cause it to hang because it's a worker thread.

Change-Id: I3dc9018e7e492ccbdf0f59381f9bbbfd5c1c88a5
Signed-off-by: fenglei <[email protected]>
9 months agoaf_xdp: revert "af_xdp: fix af_xdp compile waring for clang compiler" 97/42197/3
Benoît Ganne [Fri, 17 Jan 2025 17:30:01 +0000 (18:30 +0100)]
af_xdp: revert "af_xdp: fix af_xdp compile waring for clang compiler"

This reverts commit 38097970c038de6c3c67cb8e1c7209f1df1f24d0.

Type: fix

Change-Id: I2401eff6d1558f0f95b8b0c88b6b5d174acbb0ef
Signed-off-by: Benoît Ganne <[email protected]>
9 months agosnort: support multiple instances per interface 70/41970/2
Agathiyan Bragadeesh [Wed, 6 Nov 2024 14:33:12 +0000 (14:33 +0000)]
snort: support multiple instances per interface

Implements load balancing between snort instances via flow hash.
New CLI commands have been made to support these changes:

snort attach instance <name1>
    [instance <name2> ... ] interface <ifname> [input|output|inout]
snort attach all-instances interface <ifname> [input|output|inout]
snort detach instance <name1> interface <ifname>
snort detach all-instances interface <ifname>

The output of "show snort interfaces" has an extra column to show the
direction of each attachment:

interface   instances   direction
Ethernet0:  snort1      inout
            snort2      inout
            snort3      inout
Ethernet1:  snort1      input
            snort3      output

To maintain backwards compatibility for the snort api, the
snort_interface_get api endpoint only returns one of the attached
instances and the snort_interface_detach endpoint detaches all
attached instances.

Type: improvement
Signed-off-by: Agathiyan Bragadeesh <[email protected]>
Change-Id: I6b7c26c203496d6a1dba244620907f28c04bb478

9 months agocrypto-ipsecmb: fixed tag and aad lengths for chacha-poly 66/42166/2
Damjan Marion [Fri, 17 Jan 2025 11:41:47 +0000 (11:41 +0000)]
crypto-ipsecmb: fixed tag and aad lengths for chacha-poly

Type: improvement
Change-Id: I8c7e6c2734258bb6b4e8e404e2c9b119ee141dd1
Signed-off-by: Damjan Marion <[email protected]>
9 months agohs-test: temporarily skip VppEchoQuicTest 77/42177/2
Adrian Villin [Fri, 17 Jan 2025 15:28:58 +0000 (16:28 +0100)]
hs-test: temporarily skip VppEchoQuicTest

Type: test

Change-Id: I06937c491303dfe2f0b2e847d05a4220c14e83e0
Signed-off-by: Adrian Villin <[email protected]>
9 months agolinux-cp: add the drain back 70/42170/2
Artem Glazychev [Fri, 17 Jan 2025 13:16:31 +0000 (20:16 +0700)]
linux-cp: add the drain back

Type: fix

Change-Id: I60338a8c901cf5baf4974ce572f17e70116877df
Signed-off-by: Artem Glazychev <[email protected]>
9 months agoaf_xdp: fix af_xdp compile waring for clang compiler 41/42141/6
fenglei [Tue, 14 Jan 2025 08:50:10 +0000 (16:50 +0800)]
af_xdp: fix af_xdp compile waring for clang compiler

Type: fix

- add check variable undefine init flags for gcc and clang compiler
- disable compile xdp-dump

Change-Id: Icd2b81ec5cd5dc66db395a69f8af889635f664e0
Signed-off-by: fenglei <[email protected]>
9 months agodpdk: update rdma-core to 55.0 26/42126/6
Vladimir Smirnov [Thu, 9 Jan 2025 19:32:27 +0000 (20:32 +0100)]
dpdk: update rdma-core to 55.0

Newer version of RDMA contains some bugfixes.

Type: feature

Change-Id: I4cd6bc7608bbadd99cdddc7b97646df1583b6ce6
Signed-off-by: Vladimir Smirnov <[email protected]>
9 months agocrypto-openssl: add fixed tag and aad size ops 62/42162/2
Damjan Marion [Thu, 16 Jan 2025 16:45:07 +0000 (16:45 +0000)]
crypto-openssl: add fixed tag and aad size ops

Type: improvement
Change-Id: Iea7202cd0a79d3bed85313b2b4a6e6469a701568
Signed-off-by: Damjan Marion <[email protected]>
9 months agocrypto-ipsecmb: add fixed tag and aad size ops 61/42161/4
Damjan Marion [Thu, 16 Jan 2025 18:19:02 +0000 (18:19 +0000)]
crypto-ipsecmb: add fixed tag and aad size ops

Type: improvement
Change-Id: Id62308775eeeada0277c2303cf8c728db4dbfcdc
Signed-off-by: Damjan Marion <[email protected]>
9 months agohttp: fix sending error responses to rejected requests by server apps 59/42159/3
Semir Sionek [Thu, 16 Jan 2025 14:03:41 +0000 (09:03 -0500)]
http: fix sending error responses to rejected requests by server apps

Plugins such as http_static sometimes reject requests without reading
all of the body. http_static in that case sends an error response and
closes the connection. But the error response cannot go out due to the
connection state being HTTP_REQ_STATE_TRANSPORT_IO_MORE_DATA.
With this change, we make http_app_tx_callback give a response like
that special treatment, allowing it to go out.

Type: fix
Change-Id: I72ae74b869183f5d5921837f6ac9c52f0efc7598
Signed-off-by: Semir Sionek <[email protected]>
9 months agolinux-cp: fix segfault while receiving nl messages 65/42065/2
Artem Glazychev [Wed, 18 Dec 2024 08:50:13 +0000 (15:50 +0700)]
linux-cp: fix segfault while receiving nl messages

- check nl socket before receiving messages
- we don't need extra callback after adding an lcp pair because we start draining messages (due to epoll) right after opening socket

Type: fix

Change-Id: I0ecb03b758f066662015fd6c6b9d3c48cb520c0d
Signed-off-by: Artem Glazychev <[email protected]>
9 months agocrypto: combine sync and async algos and ops 51/42151/9
Damjan Marion [Thu, 16 Jan 2025 12:47:01 +0000 (12:47 +0000)]
crypto: combine sync and async algos and ops

Type: improvement
Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1
Signed-off-by: Damjan Marion <[email protected]>
9 months agoipsec: make algo data constant 56/42156/3
Damjan Marion [Thu, 16 Jan 2025 11:53:55 +0000 (11:53 +0000)]
ipsec: make algo data constant

Type: improvement
Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a
Signed-off-by: Damjan Marion <[email protected]>
9 months agoarp: fix command resolve and config filed exist differ 82/42082/2
fenglei [Tue, 31 Dec 2024 04:43:37 +0000 (12:43 +0800)]
arp: fix command resolve and config filed exist differ

Type: fix

Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462
Signed-off-by: fenglei <[email protected]>
9 months agoipsec: don't add crypto key if cipher is NONE 55/42155/1
Damjan Marion [Thu, 16 Jan 2025 11:20:12 +0000 (11:20 +0000)]
ipsec: don't add crypto key if cipher is NONE

Type: fix
Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d
Signed-off-by: Damjan Marion <[email protected]>
9 months agotcp: export sdl header file for out-of-tree plugins 47/42147/3
Florin Coras [Tue, 14 Jan 2025 22:22:43 +0000 (17:22 -0500)]
tcp: export sdl header file for out-of-tree plugins

Type: fix

Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6
Signed-off-by: Florin Coras <[email protected]>
9 months agotests: remove decorator tag_fixme_ubuntu2404 46/42146/2
Ivan Ivanets [Tue, 14 Jan 2025 16:34:22 +0000 (16:34 +0000)]
tests: remove decorator tag_fixme_ubuntu2404

Type: test

There is no need to use the tag_fixme_ubuntu2404 decorator.
All tests that previously used it are now stable.

Change-Id: I2f00bcdacf9690c4d3896eace5d817f7bd19058b
Signed-off-by: Ivan Ivanets <[email protected]>
9 months agopg: fix tr to trace 04/42104/2
fenglei [Tue, 7 Jan 2025 13:43:40 +0000 (21:43 +0800)]
pg: fix tr to trace

Type: fix

Change-Id: Icd1ea24ba104123673f864d9bfd0f4da83982b7d
Signed-off-by: fenglei <[email protected]>
9 months agoocteon: add compatibility check 43/42143/3
Monendra Singh Kushwaha [Tue, 14 Jan 2025 01:49:38 +0000 (07:19 +0530)]
octeon: add compatibility check

This patch adds compatibility check for OCTEON model in plugin.

Type: refactor

Change-Id: Id583a2f42b8f66f7e045f6cf9176125680e9a16f
Signed-off-by: Monendra Singh Kushwaha <[email protected]>
9 months agoocteon: update octeon roc version 42/42142/2
Monendra Singh Kushwaha [Tue, 14 Jan 2025 01:48:32 +0000 (07:18 +0530)]
octeon: update octeon roc version

Type: feature

Change-Id: I9f3044aec29a611d4735001ff1943772b7035711
Signed-off-by: Monendra Singh Kushwaha <[email protected]>
9 months agohttp_static: read body only for POST requests 45/42145/1
Semir Sionek [Tue, 14 Jan 2025 11:39:15 +0000 (06:39 -0500)]
http_static: read body only for POST requests

Type: improvement
Change-Id: Id863f59d04d8e6f22c886e079367d06908b8b24b
Signed-off-by: Semir Sionek <[email protected]>
9 months agoipsec: add test for tun sa ip6 fast-path spd policy matching 94/42094/5
Piotr Bronowski [Fri, 3 Jan 2025 18:25:41 +0000 (18:25 +0000)]
ipsec: add test for tun sa ip6 fast-path spd policy matching

In case SA defines a tunnel, policy matching should be performed based
on the tunnel header defined by the SA. This change tests
the  matching for ip6 fast path SPD implementation.

Type: test

Signed-off-by: Piotr Bronowski <[email protected]>
Change-Id: I311b221bce565de0e8235fd162305eb10550edd9

9 months agoip: fix local csum check 08/42108/2
Florin Coras [Wed, 8 Jan 2025 12:27:52 +0000 (07:27 -0500)]
ip: fix local csum check

For packets with invalid checksums, in src local check, do not override
errors on fast path and do not cache result.

Type: fix

Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b
Signed-off-by: Florin Coras <[email protected]>
9 months agocrypto: remove AEAD opt types 34/42134/2
Damjan Marion [Fri, 10 Jan 2025 18:53:23 +0000 (18:53 +0000)]
crypto: remove AEAD opt types

Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <[email protected]>
9 months agoocteon: fix octeon build issue 36/42136/1
Monendra Singh Kushwaha [Sun, 12 Jan 2025 01:17:04 +0000 (06:47 +0530)]
octeon: fix octeon build issue

This patch adapts new changes introduced in crypto framework
as part of 6676d951.

Type: fix
fixes: 6676d951

Change-Id: I7bbe8d87250e072b2891c0eedee1e14642fab4bc
Signed-off-by: Monendra Singh Kushwaha <[email protected]>
9 months agocrypto: key storage improvements 32/42132/1
Damjan Marion [Fri, 10 Jan 2025 12:43:19 +0000 (12:43 +0000)]
crypto: key storage improvements

Type: improvement
Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a
Signed-off-by: Damjan Marion <[email protected]>
9 months agodev: assign tx queue to all threads 46/41946/3
Monendra Singh Kushwaha [Wed, 20 Nov 2024 06:36:52 +0000 (12:06 +0530)]
dev: assign tx queue to all threads

This patch assigns tx queue to all thread and enables tx queue
sharing if needed.

Type: fix

Signed-off-by: Monendra Singh Kushwaha <[email protected]>
Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520

9 months agohs-test: http tps test with tls 25/42125/2
Matus Fabian [Thu, 9 Jan 2025 19:00:28 +0000 (20:00 +0100)]
hs-test: http tps test with tls

Type: test

Change-Id: I0b4044c2924855f4be03c301f75e6a3e31aa29a9
Signed-off-by: Matus Fabian <[email protected]>
9 months agobuild: expose VPP_PLATFORM to out-of-tree plugins 17/42117/7
Guillaume Solignac [Thu, 9 Jan 2025 11:19:31 +0000 (03:19 -0800)]
build: expose VPP_PLATFORM to out-of-tree plugins

We move the VPP_PLATFORM logic from src/CMakeLists.txt to
cmake/cpu.cmake so that out-of-tree plugins can leverage it as well.

Type: improvement
Signed-off-by: Guillaume Solignac <[email protected]>
Change-Id: I767a75f45c07aed7db4034b18ab4b5c67fda06ee

9 months agosr: fix aarch64 build issue 20/42120/3
Guillaume Solignac [Thu, 9 Jan 2025 14:50:15 +0000 (15:50 +0100)]
sr: fix aarch64 build issue

GCC complains about a maybe-unitialized variable

Type: fix
Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5
Signed-off-by: Guillaume Solignac <[email protected]>
9 months agohs-test: fix skipping docker image building 12/41912/4
Adrian Villin [Wed, 8 Jan 2025 11:20:31 +0000 (12:20 +0100)]
hs-test: fix skipping docker image building

- building docker images will now be properly skipped

Type: test

Change-Id: I57ae71814bdf5eefaac16472dfb56e86564219e6
Signed-off-by: Adrian Villin <[email protected]>
9 months agohs-test: copy vpp-data to docker images last 13/41913/2
Adrian Villin [Wed, 8 Jan 2025 15:33:45 +0000 (16:33 +0100)]
hs-test: copy vpp-data to docker images last

Type: test

Change-Id: I773321d21c75e081fa54fae1d9862b4bc75e3794
Signed-off-by: Adrian Villin <[email protected]>
9 months agohsa: proxying UDP in HTTP/1.1 89/41989/14
Matus Fabian [Tue, 10 Dec 2024 15:15:06 +0000 (16:15 +0100)]
hsa: proxying UDP in HTTP/1.1

Type: feature

Change-Id: Ic0ff9b9bfbad9fbc602fbcec0d8906cd21d63a2c
Signed-off-by: Matus Fabian <[email protected]>
9 months agovlib: update input node counts based on state 53/42053/2
Monendra Singh Kushwaha [Fri, 20 Dec 2024 10:53:56 +0000 (16:23 +0530)]
vlib: update input node counts based on state

Type: fix

Change-Id: I09497ae8d6a685324f8c7d9e0b3208a3ec465f0e
Signed-off-by: Monendra Singh Kushwaha <[email protected]>
9 months agoocteon: fix compilation for octeon 54/42054/2
Monendra Singh Kushwaha [Fri, 20 Dec 2024 17:56:43 +0000 (23:26 +0530)]
octeon: fix compilation for octeon

This patch adapts new changes introduced in crypto framework
as part of 0cf4eef7.

Type: fix
fixes: 0cf4eef7

Change-Id: I41a17c9b340f54014c9d2ae21546ec39ccef3f43
Signed-off-by: Monendra Singh Kushwaha <[email protected]>
9 months agobuild: add vpp-crypto-engines to debian/control.in 00/42100/6
Vratko Polak [Wed, 8 Jan 2025 13:07:42 +0000 (14:07 +0100)]
build: add vpp-crypto-engines to debian/control.in

Crypto engines have been moved into a new component,
but the component needs Debian packaging information.

Type: fix
Fixes: 0cf4eef73a4c1bd2831a4618af50939a2aab01c6

Change-Id: I041284f91be4cdb16d5a4771b518dd99571efa99
Signed-off-by: Vratko Polak <[email protected]>
9 months agoipsec: fix spd fast path single match compare for ipv6 21/41721/5
Piotr Bronowski [Thu, 17 Oct 2024 15:16:06 +0000 (17:16 +0200)]
ipsec: fix spd fast path single match compare for ipv6

Fast path match single compare (the last step of policy matching in spd fast path)
is only implemented for IPv4 addresses.
This change adds support to also do a single match on IPv6 addresses.

Type: fix
Change-Id: I5aeb6e1e9afccfd2b2082e26502c5b7e9a8b2d4c
Signed-off-by: Piotr Bronowski <[email protected]>
Signed-off-by: Vinayak Udandkar <[email protected]>
9 months agovcl: fix vls wrk index on fork 93/42093/2
Florin Coras [Mon, 6 Jan 2025 21:22:20 +0000 (16:22 -0500)]
vcl: fix vls wrk index on fork

Type: fix

Change-Id: If634dac31fd54466428db0726ac441a1247985b8
Signed-off-by: Florin Coras <[email protected]>
9 months agobuild: allow to redefine max_lcores for DPDK 88/42088/2
Vladimir Smirnov [Fri, 3 Jan 2025 20:47:26 +0000 (21:47 +0100)]
build: allow to redefine max_lcores for DPDK

In current versions of DPDK (at least as of 24.11), max
amount of cores available determined at compile_time.

Unless machine type 'native' is used, it is statically set
per platform and for most of them equals to 128.

Add a new option to allow user to redefine max amount of
lcores available to DPDK.

Type: make

Change-Id: Ic4356e12ca75a5c84aeb3bee72de432a23aa6f8a
Signed-off-by: Vladimir Smirnov <[email protected]>
9 months agotests: reduce sleep interval in ikev2 sa rekey test 54/41954/8
Ivan Ivanets [Mon, 2 Dec 2024 21:10:10 +0000 (21:10 +0000)]
tests: reduce sleep interval in ikev2 sa rekey test

Type: test

The sleep interval for this test is set to 0.1 seconds instead of
the default 2 seconds. This change is necessary because the test
verifies the expiration of old IPsec SAs
(self.fail("old IPsec SA not expired")) within a strict timeframe.
A longer sleep interval, such as 2 seconds, would significantly
delay the loop iterations, reducing the granularity of checks for
SA expiration and increasing the risk of false failures.

By setting the sleep interval to 0.1 seconds:
- The test can perform frequent checks for the status of IPsec SAs
- It reduces the likelihood of the test prematurely failing

Change-Id: I92ac3de0f33838620b51083d240043e62f37c490
Signed-off-by: Ivan Ivanets <[email protected]>
9 months agovcl: support pre/post cb before mq wait 01/41801/31
Florin Coras [Sat, 2 Nov 2024 20:27:53 +0000 (16:27 -0400)]
vcl: support pre/post cb before mq wait

Allow vls to register cb functions with vcl pre/post mq sleep. These can
be used to drop/reacquire locks prior/after waiting on vcl mq events.

This then allows multi-thread, as opposed to multi-worker, applications
to share sessions between threads without deadlocking, e.g., multiple
threads trying to read/write/close non-blocking sessions. Caveat:
connects still need to be improved.

Type: improvement

Change-Id: I589aa9dfd0553b0fad54f02ed16c3cda9761a83d
Signed-off-by: Florin Coras <[email protected]>
Signed-off-by: Dave Wallace <[email protected]>
9 months agohs-test: cleanup nsim test 97/42097/2
Florin Coras [Tue, 7 Jan 2025 09:45:05 +0000 (04:45 -0500)]
hs-test: cleanup nsim test

After nsim fixes in gerrit 42052 echo tests with nsim should be stable
with multiple workers and should no longer require a ping to work.

Type: improvement

Change-Id: Ice4b353153c57b547df60d21723fa8cf953ca5d0
Signed-off-by: Florin Coras <[email protected]>
9 months agovppinfra: fix float rounding in format function 95/42095/1
Pierre Pfister [Thu, 19 Dec 2024 15:49:21 +0000 (16:49 +0100)]
vppinfra: fix float rounding in format function

The current VPP formating for floats tries to round number to the
closest value (depending on the number of requested digits), but fails
to do so when the last printed digit is 9 (because carries are hard...).

This commits fixes this by adding 0.5 * 10^n_fraction_digits
to the value and then ignoring digits past the printed ones.

Note that when the number is exactly midway, like 9.5, the value is
rounded up, as this seems to be the clib behavior as well.

Type: fix
Change-Id: I03ce04ea6a24b84eeffd548d3f7bd306c58ce36d
Signed-off-by: Pierre Pfister <[email protected]>
9 months agobuild: Fix PATH shell export 85/42085/2
Renato Botelho do Couto [Thu, 2 Jan 2025 17:54:15 +0000 (17:54 +0000)]
build: Fix PATH shell export

When $(wildcard /usr/lib*/ccache) returns more than one directory, they
are separated by space and it ends up setting only first one to PATH
variable while the rest of the string is just throwed to bash and it
ends up breaking the build.  This change replaces space by colon to keep
desired PATH string syntax.

Type: fix
Change-Id: I94ba3465a46fa3c4fbb50c9668f0afd97e8c4f91
Signed-off-by: Renato Botelho do Couto <[email protected]>
9 months agovppinfra: export full symbol set from serialize.c 91/42091/1
Dave Barach [Sun, 5 Jan 2025 14:06:55 +0000 (09:06 -0500)]
vppinfra: export full symbol set from serialize.c

Needed for an out-of-tree plugin under development

Type: improvement

Change-Id: Ie37f847607616d7f3f5de67550bef17f2afee17f
Signed-off-by: Dave Barach <[email protected]>
9 months agosession: proxy session migration fix 81/42081/1
Matus Fabian [Mon, 30 Dec 2024 19:40:51 +0000 (20:40 +0100)]
session: proxy session migration fix

Type: fix

Change-Id: I487ee4e69d8885f46d7a4af2c66a710da66108c5
Signed-off-by: Matus Fabian <[email protected]>
9 months agovppinfra: fix time range conversion off-by-1s 78/42078/3
Dave Barach [Fri, 27 Dec 2024 17:33:21 +0000 (12:33 -0500)]
vppinfra: fix time range conversion off-by-1s

Type: fix

Change-Id: I869e657744e9bba81994ad426731a08e5f1bcad7
Signed-off-by: Dave Barach <[email protected]>
10 months agosession: add auto sdl 46/41846/19
Steven Luong [Mon, 18 Nov 2024 20:08:57 +0000 (12:08 -0800)]
session: add auto sdl

New CLI to enable/disable auto-sdl (requires session enable rt-backend sdl)
auto-sdl <enable|disable> [threshold <n>] [remove-timeout <t>]

threshold is defined as the number of packets before the SDL entry is created to deny the source.

remove-timeout is defined as the duration to remove the SDL entry which was created earlier.

Type: feature

Change-Id: I513094a59663970beae33257006c652674643764
Signed-off-by: Steven Luong <[email protected]>
10 months agohsa: http connect proxy fix 67/42067/1
Matus Fabian [Mon, 23 Dec 2024 19:01:28 +0000 (20:01 +0100)]
hsa: http connect proxy fix

Send rpc evt from ao thread to po thread so http response is generated
on correct thread.

Type: fix
Change-Id: I3b9a651a1935e5b623033902f9cf9ec1daf05617
Signed-off-by: Matus Fabian <[email protected]>
10 months agohs-test: vpp connect proxy stress tests 60/42060/2
Matus Fabian [Sat, 21 Dec 2024 11:04:30 +0000 (12:04 +0100)]
hs-test: vpp connect proxy stress tests

Type: test

Change-Id: Ie0b4e2d5f6d8ac19e86599f5f9ecbb642c3027ea
Signed-off-by: Matus Fabian <[email protected]>
10 months agonsim: fix output feature node 52/42052/6
Florin Coras [Fri, 20 Dec 2024 10:32:35 +0000 (02:32 -0800)]
nsim: fix output feature node

Interface tx nodes want frames with scalar data populated by output
nodes. This is not supported by nsim output feature. To avoid
reimplementing output node logic and/or future incompatibilities,
recirculate buffers through interface output after tagging.

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ib8865798d8e7dc0d2f34b3e13ce29b683e490ceb

10 months agohs-test: rebuild images when switching build type 61/42061/2
Matus Fabian [Sat, 21 Dec 2024 16:04:16 +0000 (17:04 +0100)]
hs-test: rebuild images when switching build type

Rebuild hst docker images when the previous test run had different vpp
build type, e.g.
1) make test
2) make tes-debug

Type: test

Change-Id: If3a6f11f4f50bbfa88ef3808f98dcba3ab61d348
Signed-off-by: Matus Fabian <[email protected]>
10 months agohs-test: display vpp version in the summary 62/42062/1
Matus Fabian [Sat, 21 Dec 2024 19:54:01 +0000 (20:54 +0100)]
hs-test: display vpp version in the summary

Display output of 'show version verbose' from vpp in the summary report
at the end of a test run.

Type: test

Change-Id: Iae3d886dd4106678b60389ec42ba42a159940403
Signed-off-by: Matus Fabian <[email protected]>
10 months agohsa: http client honor configured timeout 46/42046/3
Florin Coras [Wed, 18 Dec 2024 21:50:19 +0000 (13:50 -0800)]
hsa: http client honor configured timeout

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I87cc6d2ba1a07751359c7276fe096eeae4e30a2e

10 months agohsa: fix http client connect failures 37/42037/2
Florin Coras [Wed, 18 Dec 2024 03:44:26 +0000 (19:44 -0800)]
hsa: fix http client connect failures

Type: fix

Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ie8b4ba2cfd2c7fc1e27d2a2eb763b31417bc0743

10 months agohs-test: fix readCpus 43/42043/3
Matus Fabian [Wed, 18 Dec 2024 13:20:31 +0000 (14:20 +0100)]
hs-test: fix readCpus

return error otherwise hst might panic

Type: test

Change-Id: Ib3ec8a2113af4594f2c2fc54ae72e358bfadaef2
Signed-off-by: Matus Fabian <[email protected]>
10 months agocrypto: move crypto engines outside of plugins 36/42036/7
Damjan Marion [Mon, 16 Dec 2024 09:06:42 +0000 (09:06 +0000)]
crypto: move crypto engines outside of plugins

This is first step in process of making crypto engine binaries
less dependant on specific VPP version.

Type: improvement

Change-Id: Ib08135688be409049b660e2b2ac435578b63be65
Signed-off-by: Damjan Marion <[email protected]>
10 months agobuild: archive install-*-deps logs when run in ci 93/41993/2
Dave Wallace [Wed, 11 Dec 2024 19:42:47 +0000 (14:42 -0500)]
build: archive install-*-deps logs when run in ci

Type: make

Change-Id: Id779d7c90a920926d40d241afb89bcb9312bcfc1
Signed-off-by: Dave Wallace <[email protected]>
10 months agodns: cli support enable dns and config server addr 64/41864/2
fenglei [Thu, 21 Nov 2024 12:32:25 +0000 (20:32 +0800)]
dns: cli support enable dns and config server addr

Type: improvement

cli support enable dns node and config name server addr

Change-Id: I4fcef28876b916bd5eac026f20afb0b0dda38fa2
Signed-off-by: fenglei <[email protected]>
10 months agodocs: add examples for BPF trace filtering 92/41992/5
Hadi Rayan Al-Sandid [Wed, 11 Dec 2024 15:22:59 +0000 (16:22 +0100)]
docs: add examples for BPF trace filtering

Type: docs

Change-Id: Ia2f9f94ebdf55d435559f6615da61efb1d2f9616
Signed-off-by: Hadi Rayan Al-Sandid <[email protected]>
10 months agopolicer: Add return_dsc for policer_add_command_fn 24/42024/2
fenglei [Sat, 14 Dec 2024 03:56:01 +0000 (11:56 +0800)]
policer: Add return_dsc for policer_add_command_fn

Type: improvement

add return_desc for except failure

Change-Id: Idcec0f8833fc264f66d2e0a784ece2a62c425263
Signed-off-by: fenglei <[email protected]>
10 months agopolicer: fix policer_input coredump 23/42023/2
fenglei [Sat, 14 Dec 2024 03:12:27 +0000 (11:12 +0800)]
policer: fix policer_input coredump

Type: fix

policer_input didn't check policer_index will lead to coredump
when refer to cm->counters[thread_index] variable, cm->counters[thread_index] is null.

Change-Id: I8c6ef6c4c2bc96f23ab806327cb6f179c958cee2
Signed-off-by: fenglei <[email protected]>
10 months agopapi: vpp_papi asyncio support 72/41972/3
Ole Troan [Fri, 6 Dec 2024 15:49:25 +0000 (16:49 +0100)]
papi: vpp_papi asyncio support

An asyncio version of the VPP Python API.
A API call returns a awaitable future.
In comparision to the legacy API, the extra message receive thread
is no needed.

from vpp_papi.vpp_papi_async import VPPApiClient

async def process_events(event_queue):
    while True:
        event = await event_queue.get()
        print(f"*** Processing event: {event}")
        if event is None:
            return

async def test():
    vpp = VPPApiClient()
    event_queue = asyncio.Queue()
    event_processor_task = asyncio.create_task(process_events(event_queue))

    rv = await vpp.connect("foobar", event_queue)
    assert rv == 0
    rv = await vpp.api.show_version()
    rv = await vpp.api.sw_interface_dump()

    await event_queue.put(None)    # Send sentinel to stop the event processor
    await asyncio.gather(event_processor_task)  # Wait for them to finish

    await vpp.disconnect()

Example of sending multiple requests and gather replies asynchronously
async def test_bulk():
    futures = []
    for i in range(n):
        futures.append(vpp.api.show_version())
    rv = await asyncio.gather(*futures)

def main():
    asyncio.run(test())

Type: feature
Change-Id: Ie6bcb483930216c21a45658b72e87ba4c46f43ad
Signed-off-by: Ole Troan <[email protected]>
10 months agonat: add clear session for nat44-ed 17/41717/3
Ole Troan [Thu, 17 Oct 2024 08:43:34 +0000 (10:43 +0200)]
nat: add clear session for nat44-ed

Type: improvement
Change-Id: Ie8568999821f6dd5025fd5343670a8969a3e634e
Signed-off-by: Ole Troan <[email protected]>
10 months agomap: map_domain_dump fails for empty tag 71/41971/3
Ole Troan [Fri, 6 Dec 2024 15:42:16 +0000 (16:42 +0100)]
map: map_domain_dump fails for empty tag

Fix API to handle map_domain_dump for domains with an empty tag.

Type: fix
Change-Id: Ie065c5863538d5851cd8f8907400255f51a2e90f
Signed-off-by: Ole Troan <[email protected]>
10 months agohs-test: always build when running 'make build' 11/41911/3
Adrian Villin [Fri, 13 Dec 2024 08:12:07 +0000 (09:12 +0100)]
hs-test: always build when running 'make build'

- running 'make build' will now always build docker images,
  'make test' will try to skip building them unless FORCE_BUILD=true
- now also checking ubuntu version

Type: make

Change-Id: Ie16e8dc4712963de19e2450e058b867c1cede7ee
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: skip building images if no new changes 10/41910/2
Adrian Villin [Thu, 12 Dec 2024 14:30:15 +0000 (15:30 +0100)]
hs-test: skip building images if no new changes

- skip building if new changes are .go, .sum, .mod, .txt, .test,
  IP address files or dotfiles

Type: test

Change-Id: Ib041a077fa34120e86ebb43cd19e50142ef01f16
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: update docs, makefile, maintainers 09/41909/4
Adrian Villin [Thu, 12 Dec 2024 12:18:28 +0000 (13:18 +0100)]
hs-test: update docs, makefile, maintainers

- don't run 'make list-tests' after 'make help'

Type: docs

Change-Id: I1b2ae02faf53b072b96c91f2e1fead52128f4710
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: added a test counter and time elapsed 06/41906/2
Adrian Villin [Wed, 11 Dec 2024 08:56:29 +0000 (09:56 +0100)]
hs-test: added a test counter and time elapsed

- only works when not running in parallel

Type: test

Change-Id: Iab9881f8a2a93c6ef5129742e3c0ad950f9e5328
Signed-off-by: Adrian Villin <[email protected]>
10 months agovapi: remove directory name from include guards 99/41499/3
Oleksandr Hnatiuk [Thu, 29 Aug 2024 04:20:04 +0000 (21:20 -0700)]
vapi: remove directory name from include guards

Script vapi_c_gen.py uses full paths to source files to generate include
guards in files with `.vapi.h` extension. This makes the content of
header files depend on build directory which causes reproducibility
issues (cannot get identical build output when building in a different
directory).

Commit 4c64b6edc86f7 fixes this for .hpp files, but seems to forget
about .h files. Use its fix for these as well.

Type: fix
Change-Id: Ida638c7b4630fac1f6d968a9203a409648bef55c
Signed-off-by: Oleksandr Hnatiuk <[email protected]>
10 months agohs-test: fix a runtime error 08/41908/2
Adrian Villin [Thu, 12 Dec 2024 08:16:22 +0000 (09:16 +0100)]
hs-test: fix a runtime error

- framework panicked if core_pattern was set to "core"

Type: test

Change-Id: I14211cc59779090a61e6e08a18d16fd7399b2bed
Signed-off-by: Adrian Villin <[email protected]>
10 months agobuild: use VPP_BUILD_TOPDIR from environment if set 01/41501/2
Oleksandr Hnatiuk [Thu, 29 Aug 2024 04:20:04 +0000 (21:20 -0700)]
build: use VPP_BUILD_TOPDIR from environment if set

Commit 3d14f036199d added the possibility to use `VPP_BUILD_USER` and
`VPP_BUILD_HOST` from environment (if they are set) to avoid
reproducibility issues by hard-coding such data in the build system.
However, there's no way to provide VPP_BUILD_TOPDIR externally. Add this
feature to improve binary reproducibility.

Type: improvement
Change-Id: I3a7ee47d75af9635b636fa3750a3688314eaa60d
Signed-off-by: Oleksandr Hnatiuk <[email protected]>
10 months agoarmada: fix feature arc for secondary interfaces 39/41839/2
Guillaume Solignac [Fri, 15 Nov 2024 10:37:40 +0000 (11:37 +0100)]
armada: fix feature arc for secondary interfaces

Fixes an issue preventing a feature to be configured on a secondary interface.

Type: fix
Signed-off-by: Guillaume Solignac <[email protected]>
Change-Id: I8ecd80988d22291013cd0addae6dc25043aaea98

10 months agopg: misc improvements and fixes 46/41246/5
Benoît Ganne [Fri, 5 Jul 2024 12:09:35 +0000 (14:09 +0200)]
pg: misc improvements and fixes

1) pg can typically injects packets in ethernet-input, ip4-input or
ip6-input. Make sure offload offsets are correctly set for ip4-input and
ip6-input.
2) add hw-addr support for ethernet mode (only available through cli)
3) refactor pg creation code to improve the readability by using
data structure pg_interface_args_t
4) fix the pg input and output traces to use headers according to
pg interface mode
5) introduce pg interface flags i.e. checksum, gso, gro

Type: improvement

Change-Id: Iffed502e9c6357d7ef8e8a72217867e8297236aa
Signed-off-by: Benoît Ganne <[email protected]>
Signed-off-by: Mohsin Kazmi <[email protected]>
10 months agosession: disable fifo tuning on app close 82/41982/4
Florin Coras [Tue, 10 Dec 2024 00:45:54 +0000 (19:45 -0500)]
session: disable fifo tuning on app close

Type: fix

Change-Id: Id6aa410a75356ece1d114a2970f70cf32203997f
Signed-off-by: Florin Coras <[email protected]>
10 months agohs-test: fix nginx http3 dockerfile 07/41907/2
Adrian Villin [Wed, 11 Dec 2024 09:39:05 +0000 (10:39 +0100)]
hs-test: fix nginx http3 dockerfile

- now working with UBUNTU_VERSION=24.04

Type: test

Change-Id: I60aa62b8dcf3e96392af7179925e0f0fa3e15f11
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: replaced container/interface getter func 04/41904/4
Adrian Villin [Mon, 9 Dec 2024 13:18:31 +0000 (14:18 +0100)]
hs-test: replaced container/interface getter func

- replaced s.GetContainerByName("xyz") with s.Containers.Xyz in tests
  and suites
- same thing for interfaces
- each suite has its own structs with containers/interfaces
- structs are initialized in SetupSuite

Type: test

Change-Id: I5bd99605b40921b7b8c844e8650f6fb0915e9e99
Signed-off-by: Adrian Villin <[email protected]>
10 months agobpf_trace_filter: allow pcap filtering without classifier 33/41933/5
Hadi Rayan Al-Sandid [Tue, 26 Nov 2024 14:58:40 +0000 (15:58 +0100)]
bpf_trace_filter: allow pcap filtering without classifier

Type: improvement

Change-Id: I7ca860dbee0d0a24b7f00943142d8c878ed90e80
Signed-off-by: Hadi Rayan Al-Sandid <[email protected]>
10 months agohs-test: added multi-threaded proxy tests 99/41899/14
Adrian Villin [Fri, 29 Nov 2024 15:33:14 +0000 (16:33 +0100)]
hs-test: added multi-threaded proxy tests

- TCP and UDP iperf proxy tests added

Type: test

Change-Id: Ic6f429cc6d48388ce9a17f8b9cd7c4b54b9a7e4d
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: skip vppctl assert on teardown 05/41905/2
Adrian Villin [Tue, 10 Dec 2024 12:36:33 +0000 (13:36 +0100)]
hs-test: skip vppctl assert on teardown

- core dump check would get skipped if vpp crashed and vppctl
  was called on teardown

Type: test

Change-Id: I9dda7036042158332c8ec815f6eb4bb3c2f7000f
Signed-off-by: Adrian Villin <[email protected]>
10 months agohttp: fix http_free_header_table 84/41984/2
Matus Fabian [Tue, 10 Dec 2024 09:07:11 +0000 (10:07 +0100)]
http: fix http_free_header_table

Type: fix

Change-Id: I014aebc84d0c219cc0c99120e9cd51fcc520a41c
Signed-off-by: Matus Fabian <[email protected]>
10 months agoip: add enable ip4 api 69/41869/6
Ole Troan [Fri, 22 Nov 2024 08:22:20 +0000 (09:22 +0100)]
ip: add enable ip4 api

A philosophical question. Do an interface have to have an IPv4 address
to process IPv4 packets? For ICMP error generation it's sufficient that
it has an address available on the node.

More concretely this patch is to allow an extern DHCP client to process
IP packets before it configures an address on the interface, without
having to have an node early in the ip4-unicast feature-arc like
ip4-dhcp-client-detect to intercept the packets.

Type: improvement
Change-Id: I780c579eec28ba564cf8417fbcc87e7a7876fdd2
Signed-off-by: Ole Troan <[email protected]>
10 months agohttp: connection upgrade mechanism 18/41918/8
Matus Fabian [Thu, 21 Nov 2024 16:01:45 +0000 (17:01 +0100)]
http: connection upgrade mechanism

Handle "Connection" and "Upgrade" headers in http transport layer which
are used to create a tunnel for some other protocol on the same
connection.

Type: improvement

Change-Id: Icf5479f36fbcc7259b157eaad957211be5ea2aae
Signed-off-by: Matus Fabian <[email protected]>
10 months agohs-test: arm support 77/41977/2
Matus Fabian [Sun, 8 Dec 2024 14:13:44 +0000 (15:13 +0100)]
hs-test: arm support

CPU arch dependencies cleanup. Everything works fine apart from
redis-benchmark test.

Type: test

Change-Id: I4a1e7d3bce994f6ea0681e06955ef9c621468642
Signed-off-by: Matus Fabian <[email protected]>
10 months agohs-test: improved iperf testing 03/41903/5
Adrian Villin [Fri, 6 Dec 2024 15:00:25 +0000 (16:00 +0100)]
hs-test: improved iperf testing

- set iperf to json output
- added iperf json parsing function
- we can now check if iperf transferred more than X megabytes
  (other asserts can be added)

Type: test

Change-Id: I560104a153456b46f22a1affee4301018063b99d
Signed-off-by: Adrian Villin <[email protected]>
10 months agohs-test: remove client app retries 02/41902/4
Adrian Villin [Fri, 6 Dec 2024 09:26:48 +0000 (10:26 +0100)]
hs-test: remove client app retries

- simple fix to avoid apps trying to start after a test
  timeout/interrupt

Type: test

Change-Id: I4e6fcbb2bb00c07e35cda1ebf6fcb76a913f7a32
Signed-off-by: Adrian Villin <[email protected]>
10 months agocnat: add support for icmp traceroute 54/41654/5
Mohsin Kazmi [Thu, 5 Dec 2024 20:38:56 +0000 (20:38 +0000)]
cnat: add support for icmp traceroute

Type: improvement

Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: Ief1e97d03b7a934547add35ac3ed1f93f2499a20

10 months agosession: add ip4-fib-id and ip6-fib-id to app ns CLI 15/41815/4
Steven Luong [Fri, 8 Nov 2024 16:35:14 +0000 (08:35 -0800)]
session: add ip4-fib-id and ip6-fib-id to app ns CLI

Problem
The API app_namespace_add_del allows specifying ip4_fib_id and
ip6_fib_id. But the CLI does not. It only allows interface.
Interface binding may change after the application namespace
is created and there is no registration for the callback
when the interface binding changes.

Fix
Add ip4-fib-id and ip6-fib-id to app ns CLI. When both
interface and fib-id's are specified, interface takes
precedence. When interface is not specified, either ip4-fib-id
or ip6-fib-id or both ip4 and ip6 fib-id's may be specified.
If only ip4-fib-id is specified, ip6 is disable for this
particular app namespace. If only ip6-fib-id is specified,
ip4 is disable for this namespace.

When the interface binding changes to different vrf and the
application namespace was created via interface option, we
delete the application namespace and recreate the application
namespace with the new interface binding. Notice when the
application namespace is removed, all session rules and
sdl rules previously created for the deleted application
namespace will be deleted. However, if the fib table/session
table  was shared by another namespace, the other namespace
will still contain the session rules and sdl rules.

Type: improvement

Change-Id: I76eb30da1ed8a39d06694c1e66d0675bf03516bf
Signed-off-by: Steven Luong <[email protected]>
10 months agosession: enhance display for show app 67/41967/4
Steven Luong [Thu, 5 Dec 2024 21:16:04 +0000 (13:16 -0800)]
session: enhance display for show app

Display segment manager information for show app <index> verbose
Mark segment manager as listener if it is a listener segment.

Type: improvement

Change-Id: I8d91f4c2ed5b8f39620f2c8b06950c0e7ee2225e
Signed-off-by: Steven Luong <[email protected]>
10 months agohttp: http_decap_udp_payload_datagram fix 73/41973/2
Matus Fabian [Fri, 6 Dec 2024 16:45:53 +0000 (17:45 +0100)]
http: http_decap_udp_payload_datagram fix

Properly handle incomplete capsule.

Type: fix

Change-Id: Ied7fca861f02e401451beaff09e612bcf471d8e0
Signed-off-by: Matus Fabian <[email protected]>
10 months agovcl: fix ldp getsockopt tcp_info length check 76/41976/3
Florin Coras [Sat, 7 Dec 2024 22:28:46 +0000 (17:28 -0500)]
vcl: fix ldp getsockopt tcp_info length check

netinet/tcp.h and linux/tcp.h have different lenghts but overlap. LDP
uses the former while iperf the latter. Accept both lengths for now as
we do not support exposing tcp metrics via ldp.

Type: improvement

Change-Id: I13a149d68715ed9451773630a3595c09c421aa29
Signed-off-by: Florin Coras <[email protected]>
10 months agovcl: improve handling of thread cancelation in vls 75/41975/3
Florin Coras [Sat, 7 Dec 2024 21:20:46 +0000 (16:20 -0500)]
vcl: improve handling of thread cancelation in vls

Meant for multi-threaded applications that share a vls and vcl worker.
Disable thread cancelation on thread new thread detection and add a new
pthread cancelation point in vls_mt_mq_lock

Type: improvement

Change-Id: I21b16ee7c6a5ec31b8f6363325cc7ffa463c7b5c
Signed-off-by: Florin Coras <[email protected]>
10 months agotls: add async processing support 91/41591/11
Varun Rapelly [Sat, 17 Aug 2024 16:19:29 +0000 (16:19 +0000)]
tls: add async processing support

Adds support for tls async processing using OpenSSL.
Adds new CLI command to configure OpenSSL TLS configurations used by
OpenSSL context and session. New CLI format is:
tls openssl set-tls [record-size <size>]
                    [record-split-size <size>]
                    [max-pipelines <size>]
Sets default values to below TLS configuration parameters:
 - first_seg_size: 32MB
 - add_seg_size:   256MB

Type: feature

Signed-off-by: Varun Rapelly <[email protected]>
Change-Id: I990be31fced9e258fdb036f5751cd67594b0bce7

10 months agovcl: fix epoll wait assert 74/41974/2
Florin Coras [Sat, 7 Dec 2024 00:50:43 +0000 (16:50 -0800)]
vcl: fix epoll wait assert

Type: fix

Found by Lucas.

Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3e10d3a9f40ef28cb9bda58f199a04dfc3e41d27

10 months agomisc: move ppp to a plugin 56/41956/7
Joel Ahn [Thu, 28 Nov 2024 21:54:10 +0000 (13:54 -0800)]
misc: move ppp to a plugin

Type: refactor

Move PPP folder under vnet to the plugin folder, and modify some of path
of the #inlude<header> to the new path.

Add a plugin.c file to register a plugin.

Resolve ip4_input and ip6_input's dependency on PPP functions by moving
those calls to PPP's initialization.

Resolve osi's inter-plugin dependency on PPP by having it retrieve the
function pointer

Add ppp to the list of valid spelling words

JIRA: VPP-2052

Change-Id: I1a26ef0663a91857d13f7d87a3bb14bc38893194
Signed-off-by: Joel Ahn <[email protected]>
10 months agosession: clean up session table when re-adding an existing application namespace 37/41837/2
Steven Luong [Thu, 14 Nov 2024 22:28:34 +0000 (14:28 -0800)]
session: clean up session table when re-adding an existing application namespace

The app ns semantics allows the same app ns to be re-added with different
interface. For example,

app ns add id blue secret 1 if tap0
app ns add id blue secret 1 if tap1

If tap0 is bound to table 0 and tap1 is bound to tap1, we need to clean
up the existing session table and possibly allocate a new session table
for the app ns.

Type: fix

Change-Id: I566d621081b7cdbd7d0c481fda53953b39c26001
Signed-off-by: Steven Luong <[email protected]>
10 months agomemif: add num pkts received/sent per queue 47/41947/8
Dau Do [Sun, 1 Dec 2024 01:47:50 +0000 (01:47 +0000)]
memif: add num pkts received/sent per queue

Add memif stats per queue for performance tuning.

Type: improvement
Change-Id: Ifacc80c0adfe92075d91179857c8956d1cbf3a70
Signed-off-by: Dau Do <[email protected]>