Florin Coras [Sat, 4 Dec 2021 01:24:13 +0000 (17:24 -0800)]
 
vcl: debug code improvements
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I18cd4131c692e776c98eba36161813035e9dec53
Florin Coras [Sat, 4 Dec 2021 01:03:37 +0000 (17:03 -0800)]
 
vcl: handle reordering of disconnect and reset msgs
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I817e8510029a060876697701b81a952286597db1
Jakub Grajciar [Wed, 1 Dec 2021 08:07:09 +0000 (09:07 +0100)]
 
libmemif: reset memif buffer flags
Reset memif_buffer_t flags in memif_buffer_alloc and
memif_rx_burst
Type: fix
Signed-off-by: Jakub Grajciar <[email protected]>
Change-Id: If62ba510fad783afb9f7f58411562b6989fa1573
Klement Sekera [Tue, 26 Oct 2021 14:23:11 +0000 (16:23 +0200)]
 
fib: fix coverity warning/don't dereference NULL
fib_sas6_get is called with NULL dst explicitly so add a NULL check to
avoid a NULL dereference.
Type: fix
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
Florin Coras [Sat, 4 Dec 2021 07:02:13 +0000 (23:02 -0800)]
 
vcl: fix ldp shared listener bitmap leak
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Id1e273bf80c1cc687ce7e5ea3b8cc6a3ec3862f9
Damjan Marion [Mon, 6 Dec 2021 12:21:33 +0000 (13:21 +0100)]
 
vppinfra: add 'filter' option to test_vector_funcs
Type: improvement
Change-Id: I5ed9029e5dc1368b7debbef04a3ac439a61af9ea
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Mon, 6 Dec 2021 11:48:46 +0000 (12:48 +0100)]
 
vppinfra: sha2 tests
Type: improvement
Change-Id: I8a5d8d5db4e4a8ee3a1164bfbe91badff181d06a
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Fri, 3 Dec 2021 13:07:41 +0000 (14:07 +0100)]
 
build: leave to CMake to deal with -fPIE
Type: make
Change-Id: Icced0e09b75b3114b1652d552e288091968ee7cc
Signed-off-by: Damjan Marion <[email protected]>
Matthew Smith [Wed, 1 Dec 2021 20:02:35 +0000 (20:02 +0000)]
 
ipsec: fix async buffer leak
Type: fix
Fixes: 
f16e9a5507
If an attempt to submit an async crypto frame fails, the buffers that
were added to the frame are supposed to be dropped. This was not
happening and they are leaking, resulting in buffer exhaustion.
There are two issues:
1. The return value of esp_async_recycle_failed_submit() is used to
figure out how many buffers should be dropped. That function calls
vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting
the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always
returns 0. It is safe to remove the call to reset the frame because
esp_async_recycle_failed_submit() is called in 2 places and a call to
reset the frame is made immediately afterwards in both cases - so it
is currently unnecessary anyway.
2. An array and an index are passed to esp_async_recycle_failed_submit().
The index should indicate the position in the array where indices of the
buffers contained in the frame should be written. Across multiple calls,
the same index value (n_sync) is passed. This means each call may overwrite
the same entries in the array with the buffer indices in the frame rather
than appending them to the entries which were written earlier. Pass n_noop
as the index instead of n_sync.
Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84
Signed-off-by: Matthew Smith <[email protected]>
Mohsin Kazmi [Tue, 9 Nov 2021 17:44:10 +0000 (17:44 +0000)]
 
interface: add multi tx-queues support for new tx infra
Type: feature
Change-Id: I231f782b3c56dc2b10321e4569ac7acdad1c11da
Signed-off-by: Mohsin Kazmi <[email protected]>
Klement Sekera [Fri, 3 Dec 2021 10:48:13 +0000 (10:48 +0000)]
 
api: refactor to use REPLY_MSG_ID_BASE #define
REPLY_MSG_ID_BASE is the standard way to define reply message id base,
so this refactor makes all the files use that. This is a preparation
patch for future safety add-ons which rely on REPLY_MACRO* parameters to
be preprocessor tokens identifying the message instead,
Type: refactor
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Ibe3e056a3d9326d08af45bbcb25588b11e870141
Ole Troan [Tue, 23 Nov 2021 14:55:39 +0000 (15:55 +0100)]
 
ip: extension header parsing fails for fragment header
Refactor and improve boundary checking on IPv6 extension header handling.
Limit parsing of IPv6 extension headers to a maximum of 4 headers and a
depth of 256 bytes.
Type: fix
Signed-off-by: Ole Troan <[email protected]>
Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556
Signed-off-by: Ole Troan <[email protected]>
Neale Ranns [Thu, 2 Dec 2021 17:07:14 +0000 (17:07 +0000)]
 
fib: Fix the display (or lack of) for fib node types in dependent children lists
Type: fix
When registering a new FIB node type, no name was required on the API, and so no name was printed.
Signed-off-by: Neale Ranns <[email protected]>
Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
Filip Tehlar [Tue, 30 Nov 2021 13:55:58 +0000 (13:55 +0000)]
 
tests: add segment manager tests
Type: test
Change-Id: Ic9fddc9fedd5140984c5901c4cac53dec022dcec
Signed-off-by: Filip Tehlar <[email protected]>
Damjan Marion [Thu, 2 Dec 2021 16:08:02 +0000 (17:08 +0100)]
 
perfmon: compile dispatch wrapper once for each number of counters
A bit ugly, but generates faster and less noisy code which
should be important for this particular use case.
Type: improvement
Change-Id: If2bba947dac33ffedb4236a5b3fb50fc783668e1
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Thu, 2 Dec 2021 10:28:57 +0000 (11:28 +0100)]
 
vppinfra: add perf testing to test_vector_func
Type: improvement
Change-Id: I7aacd58d113c13036c15655817400032dd8d1932
Signed-off-by: Damjan Marion <[email protected]>
Ray Kinsella [Thu, 2 Dec 2021 08:06:01 +0000 (08:06 +0000)]
 
perfmon: refactor perf metric support
Refactoring perf metric support to remove branching on bundle type in
the dispatch wrapper. This change includes caching the rdpmc index at
perfmon_start(), so that the mmap_page.index doesn't need to be looked
up each time. It also exclude the effects of mmap_page.index.
This patch prepares the path for bundles that support general, fixed and
metrics counters simulataneously.
Type: refactor
Signed-off-by: Ray Kinsella <[email protected]>
Change-Id: I9c5b4917bd02fea960e546e8558452c4362eabc4
Damjan Marion [Thu, 2 Dec 2021 13:03:02 +0000 (14:03 +0100)]
 
build: bump min cmake version to 3.13 and remove workarounds
Type: make
Change-Id: I1cd00257e132e671cbdd7b4710862afb07aa19e6
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Thu, 2 Dec 2021 12:02:38 +0000 (13:02 +0100)]
 
vppinfra: vector shuffle cleanup
Type: refactor
Change-Id: I8b3fc2ce30df313467274a174c5ac6adbf296153
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Thu, 2 Dec 2021 10:39:07 +0000 (11:39 +0100)]
 
vppinfra: add SIMD masked bitwise ops
Type: improvement
Change-Id: Id73b00a8cb3af799f9f97949bc1302f162a91a57
Signed-off-by: Damjan Marion <[email protected]>
Matthew Giassa [Fri, 19 Nov 2021 17:06:11 +0000 (17:06 +0000)]
 
docs: add VPP Container Testbench example and lab
Adding a "VPP container testbench" (pair of Docker containers plus
helper scripts to test Linux and VPP interfaces). Will be part of a
larger set of labs/exercises/tutorials. Putting this baseline setup up
for review first to see if the community sees use/value in it. If so,
additional exercises using the testbench will be added gradually.
Type: improvement
Signed-off-by: Matthew Giassa <[email protected]>
Change-Id: I582310f7355419e907d575f640482ca49cbb282f
Mohsin Kazmi [Mon, 29 Nov 2021 12:00:04 +0000 (13:00 +0100)]
 
api: add api macros for native endian
Type: improvement
Change-Id: I22fec740b30b89e7a571f8ba2bd55adb2ef305d4
Signed-off-by: Mohsin Kazmi <[email protected]>
Mohsin Kazmi [Fri, 26 Nov 2021 16:04:07 +0000 (17:04 +0100)]
 
interface: add support for outer header checksums
Type: improvement
Change-Id: I7c341dc4a99898dd1f865ac2ebd99de9898bb0bd
Signed-off-by: Mohsin Kazmi <[email protected]>
Dave Wallace [Tue, 30 Nov 2021 16:00:23 +0000 (11:00 -0500)]
 
build rpm-packaging: Remove boost dependencies from VOM
- VOM was deprecated in VPP 21.06, but the boost library
  dependencies did not get cleaned up.
Type: make
Signed-off-by: Dave Wallace <[email protected]>
Change-Id: I0fb860a7a37676c1a1a0981c91f383882d9a820a
Florin Coras [Tue, 30 Nov 2021 07:26:19 +0000 (23:26 -0800)]
 
vcl: improve handling of failed connects
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: If6235888cb0870ec3e1279ab1856a00715bd6c68
Florin Coras [Tue, 30 Nov 2021 05:00:47 +0000 (21:00 -0800)]
 
vcl: avoid ip format function vnet dependency
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I89103d4c99b21c5a466dbe511f0151bd754559a0
Benoît Ganne [Mon, 29 Nov 2021 19:44:36 +0000 (20:44 +0100)]
 
rdma: bump to rdma-core 38.0
Type: improvement
Change-Id: Ibe3e6f342f3713fa814b684e04a066a3248669d8
Signed-off-by: Benoît Ganne <[email protected]>
Benoît Ganne [Tue, 30 Nov 2021 08:15:38 +0000 (09:15 +0100)]
 
rdma: fix rdma-core install
We should not install symlinks to local build directory.
Type: fix
Change-Id: I81e624dd5775ec9c5dd8c58f578ee51c5acfef73
Signed-off-by: Benoît Ganne <[email protected]>
PiotrX Kleski [Fri, 26 Nov 2021 08:57:22 +0000 (08:57 +0000)]
 
dpdk: cryptodev AES-CTR+SHA1 support added
Type: improvement
This patch adds AES-CTR-128/192/256 + SHA1 linked algo support to dpdk
cryptodev.
Signed-off-by: PiotrX Kleski <[email protected]>
Change-Id: Idc162b29f4075ef8be9577abd3daf6de05f84faa
Dastin Wilski [Fri, 26 Nov 2021 14:57:51 +0000 (14:57 +0000)]
 
dpdk-cryptodev: scalable session count
Originally cryptodev allocates mempools for seesion and session private
data during its initialization. Moreover the size of these mempools are
fixed resulting in limited session count (up to value specified in
CRYPTODEV_NB_SESSION macro).
This patch allows for session count to scale up by allocating new
mempools as they are needed during session creation.
Type: improvement
Signed-off-by: Dastin Wilski <[email protected]>
Change-Id: I6ae240b474d3089d3ff50ca5bc7ff48f149983db
Florin Coras [Tue, 30 Nov 2021 05:48:04 +0000 (21:48 -0800)]
 
vppinfra: remove duplicate api function definition
vl_api_c_string_to_api_string declared in api_types.h
and defined in api_shared.c. Remove from jsonformat
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I994c8c13b7246a857464c1f879432f73692c6d1f
Florin Coras [Mon, 29 Nov 2021 16:12:27 +0000 (08:12 -0800)]
 
vcl: fix build with older gcc
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ic941065aa7d7c0002863a6391c8914089c438445
Florin Coras [Sat, 27 Nov 2021 22:44:59 +0000 (14:44 -0800)]
 
session: remove segment if empty after writer lock
Make sure segment is empty after writer lock acquired. Other workers
might add fifos in between empty test and writer lock acquire.
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3400fdd14be98d9d8fb4e415d3a849be1d255241
Florin Coras [Sat, 27 Nov 2021 18:30:03 +0000 (10:30 -0800)]
 
session: mark first listener segment as protected
Avoid constantly re-mapping a listener's first segment when all its
sessions are closed.
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Iea7033fb70f4cf9e4408d542b7c0ff2b0c5c2f92
Florin Coras [Sat, 27 Nov 2021 18:54:29 +0000 (10:54 -0800)]
 
session: no deq notifications after close
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3e633f017c68e8c5446e45b577048138a387daf6
Florin Coras [Sat, 27 Nov 2021 18:45:55 +0000 (10:45 -0800)]
 
session: postpone close notification if still accepting
Acceping sessions might be rejected so the notification might not make
sense.
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I3ababdce7c2cec62941d9722a9c06fa48ec547db
Paul Atkins [Tue, 23 Nov 2021 10:51:07 +0000 (10:51 +0000)]
 
ipfix-export: don't check the result of pool_get
The code to check the exp is set after the call to pool_get()
is marked as unreachable in coverity. This is becasue if it
fails in pool_get then the it panics. Remove the unreachable code.
Type: fix
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: Iabb51b6b6788b6c12ef37c28dde2118c798de831
wanghanlin [Mon, 29 Nov 2021 07:05:23 +0000 (15:05 +0800)]
 
session: fix clib_rwlock_writer_unlock lost
Type: fix
Signed-off-by: wanghanlin <[email protected]>
Change-Id: Iab857b056639f7e513f87a6095bea081b7d8349c
Nathan Skrzypczak [Thu, 25 Nov 2021 17:44:01 +0000 (18:44 +0100)]
 
devices: fix af_packet GSO check
Type: fix
This fixes the GSO size calculation in af_packet
which didn't include the ethernet size.
This is not ideal, as we default to the host
side mtu to check whether a packet is GSO or not
and to set the GSO size. But there doesn't seem
to be more info passed with the packets.
Change-Id: I9769e1dd21d5989b4cf67295352b5535454f88d1
Signed-off-by: Nathan Skrzypczak <[email protected]>
Florin Coras [Thu, 25 Nov 2021 19:37:33 +0000 (11:37 -0800)]
 
session: accept reply improvements
- Always check session ownership
- Improve test for main thread rpc
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I5fa60f7f5de199af0966987f9ce9a4cc8180cf98
Florin Coras [Fri, 26 Nov 2021 00:18:39 +0000 (16:18 -0800)]
 
session: postpone ct peer disconnect and more checks
- Disconnect ct peer only after tx events have been drained
- Make sure session/connection is in healty state before rx/tx
notifications
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ic6e684410a98530cc95a9c6c54c05a19c17c11d9
Florin Coras [Thu, 25 Nov 2021 20:14:25 +0000 (12:14 -0800)]
 
session: only notify server on ct connect failure
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ifcb631ed2913e5f4fc318238de9100286a7990d2
Mohsin Kazmi [Thu, 25 Nov 2021 15:02:24 +0000 (16:02 +0100)]
 
api: add helper macros for native endian
Type: improvement
Change-Id: Ifa074dfd337f9cd68858468d34abf641fe7f247f
Signed-off-by: Mohsin Kazmi <[email protected]>
Stanislav Zaikin [Thu, 4 Nov 2021 08:32:32 +0000 (09:32 +0100)]
 
vppinfra: will_expand for pool_put and bitmap
Macro for pool_put and put a barrier inside load_balance_destroy when bitmap is actually growing.
Type: improvement
Signed-off-by: Stanislav Zaikin <[email protected]>
Change-Id: Ief2912e8efd744289ebed68373fa6fd0ee83118e
Ole Troan [Tue, 23 Nov 2021 09:49:36 +0000 (10:49 +0100)]
 
vppapigen: coverity 219549, dead code in generated file
Type: fix
Signed-off-by: Ole Troan <[email protected]>
Change-Id: I64804092917f1d8dc520549bacae81672a95cd1e
Ray Kinsella [Mon, 22 Nov 2021 12:50:34 +0000 (12:50 +0000)]
 
l2: change prefetch to prefetchw
L2 prefetches the vlib_buffer_t and then immediately writes to l2 split
horizon group. Changing to the prefetch to a prefetchw.
Type: improvement
Signed-off-by: Ray Kinsella <[email protected]>
Change-Id: If3b7996978ee80f99c55904692c7b3c905f537ce
Ray Kinsella [Mon, 22 Nov 2021 12:08:04 +0000 (12:08 +0000)]
 
dpdk: prefetch becomes prefetchw
Changed dpdk-input prefetch of vlib_buffer_t to prefetchw.
vlib_buffer_t was being prefetched without 'ownership', which may
cause a stall when the buffer is subsequently written to. This saves
4 clocks a packet when the buffer is shared a cross cores, and has no
impact when not sharing.
Type: improvement
Signed-off-by: Ray Kinsella <[email protected]>
Change-Id: I317af2a38ef536022e68552351a8507861f62dad
Filip Tehlar [Wed, 24 Nov 2021 10:30:59 +0000 (10:30 +0000)]
 
session: improve fifo segment allocation
This patch ensures that fifo segment has at least the size that was
requested during allocation.
Type: improvement
Signed-off-by: Filip Tehlar <[email protected]>
Change-Id: Iea8a885ac290183e25e5c8f9163bba226c5efa15
Florin Coras [Wed, 24 Nov 2021 00:20:15 +0000 (16:20 -0800)]
 
session: detach server from client on connect failure
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ie2ed2554578d6a2c671c552dc2bdc081f9754eed
Klement Sekera [Tue, 16 Nov 2021 11:22:25 +0000 (12:22 +0100)]
 
misc: vppctl - fix coverity warning
Check the return value and log failure in case send() fails.
Type: fix
Fixes: 
31f192434660
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I1809598ff4816f67c28a88264b6524b10d7ff6ce
Nathan Skrzypczak [Mon, 22 Nov 2021 16:44:30 +0000 (17:44 +0100)]
 
docs: add missing 21.10 rlsnotes
This patch extract the release notes that
went into v21.10 & v21.10.1 but that are
missing in master, due to the documentation
refactoring
Type: docs
Change-Id: Icb3c95c71e8cdc255f735990d19ee835e3ce6c6c
Signed-off-by: Nathan Skrzypczak <[email protected]>
Damjan Marion [Mon, 15 Nov 2021 14:33:11 +0000 (15:33 +0100)]
 
vppinfra: fallback to builtin memcpy if vector code is not enabled
Type: fix
Fixes: 
56f54af
Change-Id: I678ff3622640c911eefb57a9288ef95ed859eeb9
Signed-off-by: Damjan Marion <[email protected]>
Damjan Marion [Thu, 11 Nov 2021 17:34:01 +0000 (17:34 +0000)]
 
vppinfra: update CPU list
Type: improvement
Change-Id: Ibe1f23801d5eac6d1dae61c6df1a47d59455d42e
Signed-off-by: Damjan Marion <[email protected]>
Neale Ranns [Mon, 14 Sep 2020 07:41:48 +0000 (07:41 +0000)]
 
misc: deprecate gbp and its dependents
Type: improvement
Signed-off-by: Neale Ranns <[email protected]>
Signed-off-by: Benoît Ganne <[email protected]>
Change-Id: I2f30a4f04fd9a8635ce2d259b5fd5b0c85cee8c3
Ray Kinsella [Wed, 17 Nov 2021 10:03:04 +0000 (10:03 +0000)]
 
vxlan: multiarch optimization of vxlan
Fixing the mutliarch versions of vxlan, geneve and friends. Ensures that
main struct is correctly sized for all multiarch permutations.
Type: fix
Fixes: 
290526e3c
Signed-off-by: Ray Kinsella <[email protected]>
Change-Id: I7c4c435763a5dcb0c3b429cd4f361d373d480c03
Florin Coras [Tue, 23 Nov 2021 05:34:56 +0000 (21:34 -0800)]
 
devices: support build on older kernels
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I10af028b5e57b36b8015b02240f1e4e9a42d0898
Florin Coras [Tue, 23 Nov 2021 05:25:39 +0000 (21:25 -0800)]
 
dpdk: enable vmxnet3 l4 checksum offload
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ia25e671084dd2c0010c0577649bf51ba6495b6ac
Nathan Skrzypczak [Fri, 20 Aug 2021 13:53:43 +0000 (15:53 +0200)]
 
ip: unlock_fib on if delete
On interface delete we were not removing
the lock taken by a previous ip_table_bind()
call thus preventing the VRFs to be removed.
Type: fix
Change-Id: I11abbb51a09b45cd3390b23d5d601d029c5ea485
Signed-off-by: Nathan Skrzypczak <[email protected]>
Filip Varga [Mon, 22 Nov 2021 09:57:32 +0000 (10:57 +0100)]
 
nat: change nat44-ed test pool address
NAT pool address overlaps with pg4 network 10.0.0.1/24
this is not desirable because of upcoming change [1]. This
change uncovered configuration issue with hairpinning test
that would fail because of already configured pg4 interface
that  shares subnet with nat pool address. Packets would
incorectly end up in bad pg interface causing the test to fail.
This patch changes nat pool address to 10.0.10.3 that doesn't
belong to any of the subnets configured on pg interfaces in nat
tests.
[1] https://gerrit.fd.io/r/c/vpp/+/34441
Type: test
Change-Id: I49e63dacbf0847116adbcf1954ff5defd833a657
Signed-off-by: Filip Varga <[email protected]>
Benoît Ganne [Fri, 20 Aug 2021 07:18:31 +0000 (09:18 +0200)]
 
vlib: add virtual time support
Type: feature
Change-Id: Iabd76558e9c72ed8286cfeeb1fbaa4fde4832a90
Signed-off-by: Benoît Ganne <[email protected]>
Gabriel Oginski [Tue, 2 Nov 2021 11:19:01 +0000 (12:19 +0100)]
 
wireguard: add local variable in handshake process
Originally handshake process gets pointer to value of index peer.
In the meantime this pointer can be invalid due to resize hash table
for wireguard and passed poison value to another function.
The fixes add local variable to keep index of peer instead of value
from pointer.
Type: fix
Signed-off-by: Gabriel Oginski <[email protected]>
Change-Id: I1b2535c44b4f987d19077c75c778aaa5ed71a457
Mohsin Kazmi [Thu, 21 Oct 2021 20:20:24 +0000 (20:20 +0000)]
 
gso: implement gso segementation copy with checksum
Type: improvement
Signed-off-by: Mohsin Kazmi <[email protected]>
Change-Id: Iec9dacde170533ca16e8117787e62da8af69ae96
Klement Sekera [Thu, 18 Nov 2021 11:32:05 +0000 (12:32 +0100)]
 
vlib: fix coverity warning
Use correct signed type to allow testing for a failure (-1) from
readlinkat().
Type: fix
Fixes: 
5714a49f14
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I06f1c8d91e907c151012ff9758c6b52caca4d625
Klement Sekera [Fri, 19 Nov 2021 10:27:41 +0000 (11:27 +0100)]
 
dpdk: fix coverity warning
Add a hint so that it's obvious that fall through in switch statement is
intentional.
Type: fix
Fixes: 
34c54dff5c
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: I12271227424761fb89b03a390f626c2ab466472c
Klement Sekera [Fri, 19 Nov 2021 10:49:48 +0000 (11:49 +0100)]
 
snort: fix coverity warning
Add error handling for incomplete read.
Type: fix
Fixes: 
839b1473e9
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Ibf1b2f633793510244ea1aa6af0902021aeb67ad
Klement Sekera [Fri, 19 Nov 2021 10:40:08 +0000 (11:40 +0100)]
 
snort: fix coverity warning
Add a cast to avoid coverity warning about potential integer underflow.
Type: fix
Fixes: 
839b1473e9
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Iae913e51c1e25aaeca6ce70438451c640d347383
Benoît Ganne [Fri, 19 Nov 2021 12:39:10 +0000 (13:39 +0100)]
 
vppinfra: annotate pool_dup() for asan
When using AddressSanitizer, pool objects are poisoned, but pool_dup()
deep copy is ok.
Type: fix
Change-Id: Id801c4ab35666474a297d885c4b92878e44feab6
Signed-off-by: Benoît Ganne <[email protected]>
Han Wu [Fri, 19 Nov 2021 09:45:40 +0000 (17:45 +0800)]
 
vppinfra: fix the memory leak while doing clib_bihash_free
Type: fix
Signed-off-by: Han Wu <[email protected]>
Change-Id: I6ad3c313dcab5ed193c135676c1cebd0a141fea1
Paul Atkins [Tue, 5 Oct 2021 07:51:48 +0000 (08:51 +0100)]
 
ipfix-export: support sending of ipv6 pkts
The current code that sends ipfix packets assumes IPv4. Modify this
so that it generates and sends packets based on whether the destination
address is IPv4 or IPv6. Where code is common across multiple places
pull it out into helper functions.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I216c6c4c1b58cacedca22019f74a38c64a368b7e
Paul Atkins [Mon, 4 Oct 2021 14:43:56 +0000 (15:43 +0100)]
 
ipfix-export: Change exp to use ip_address
Modify the ipfix_exporter to use ip_address instead of the ipv4 specific
version. Modify the current code so that it writes into the v4 specific
part of the address, i.e. we are not yet fully supporting IPv6.  For the
exporter configured via the original API (the one that is always in slot0)
we will not support IPv6 addresses.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: Ic9854ac62aaee76a7a55a958234c456fd9828c4c
Paul Atkins [Mon, 4 Oct 2021 16:29:54 +0000 (17:29 +0100)]
 
ipfix-export: rename variables when building bufs
Rename the local variables used when building ipfix export packets to make
it clear that they are v4 specific variables.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I3a5a623aeb0b6f2b7fcdafb3fc19c500934c529b
Paul Atkins [Mon, 4 Oct 2021 15:29:52 +0000 (16:29 +0100)]
 
ipfix-export: refactor params to the callback fns
When a new flow-report is created the caller provides 2 callback functions.
These functions both take a pointer to the exporter, plus a pointer to the
source and dest address.  However the pointers to the address are not adding
any value as these are always set to the src/dest addresses of the exporter
(which is already being passed). Remove these parameters and leave the
callback functions to get the addresses out of the exporter.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I36dec394f30e85cdca120dd8706b5d90f5e07c48
Paul Atkins [Mon, 27 Sep 2021 20:30:13 +0000 (21:30 +0100)]
 
ipfix-export: Add APIs to get/send buffers
The ipfix exporter should be doing most of the work of building packets
and sending them rather than leaving every client of the exporter to do
all the work themselves. Start to move towards that by adding APIs to
get and send buffers. Store the state of this in new per thread data on
the report so that we can send with minimal use of atomics.  We do need
an atomic for the sequence number in the packet though as that contains
the number of data_records sent for the 'stream', not just for a single
core. As the state is stored on the flow_report_t the caller needs to
know which report they are using, so add a field to the args struct used
to create the report that is used to pass back the report index on success.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I222b98a3f0326b3b71b11e0866a8c9736bed6dc1
Paul Atkins [Thu, 23 Sep 2021 09:43:44 +0000 (10:43 +0100)]
 
ipfix-export: add mutliple ipfix_exporters tests
Now that we support multiple exporters add some basic tests to verify
that we can create/delete multiple exporters and that the streaming
commands work.
Type: test
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I577f38440790080bfdcf87a8a6828da6cb6f1707
Paul Atkins [Thu, 23 Sep 2021 08:28:50 +0000 (09:28 +0100)]
 
ipfix-export: add a new API to dump all exporters
Add a new API to dump all the exporters. As the destination struct
type is not the same as for the existing dump/details API no
attempt is made to use the existing code to populate the structure.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I409f80285b107a530e0e4f3c6a047a803815a0ec
Paul Atkins [Wed, 22 Sep 2021 13:56:17 +0000 (14:56 +0100)]
 
ipfix-export: support creating multiple exporters
The existing api set_ipfix_exporter only allows for the creation of
a single exporter. In some cases it is desirable to export data to
multiple different destinations.  Allow users to create multiple
ipfix exporters to support this.
Add a new api that allows for the creation of multiple exporters, and
store them in a pool of exporters. The exporter created by the old API
will always be in index 0 of the pool. Exporters created by the new API
will be given the next available index in the pool, and will return this
index to the API caller so that they can track the exporter they created.
The collector_address is the key for the exporter, so changes can be made
by doing a further call to the API with the same collector_address.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: Id71c98cffcf8d141d890b40fb90a40b90a91d1d6
Paul Atkins [Wed, 22 Sep 2021 13:18:45 +0000 (14:18 +0100)]
 
ipfix-export: refactor ipfix_exporter_t_handler fn
Split this api handler into 2 parts. The first is the top level handler
and the second is the internal helper function that does all the work.
This is in preparation for having a similar API that allows multiple
exporters to exist at the same time.
Type: refactor
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: Ibd4037682742f4c2f52b4cd1346d35fb2029461d
Paul Atkins [Wed, 22 Sep 2021 09:06:23 +0000 (10:06 +0100)]
 
ipfix-export: pass an exp to flow_report_add_del
Pass an ipfix_exporter to this function so that callers can choose which
exporter they are modifying.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: Ice0ed19a57baf15b1dc85cd27fe01913e36d7f4f
Paul Atkins [Wed, 22 Sep 2021 07:15:03 +0000 (08:15 +0100)]
 
ipfix-export: make stream fns exporter aware
The functions that work on streams were getting the set of streams
directly from flow_report_main. Modify them to take an ipfix_exporter
as an argument, and then any processing they do is only for this
exporter.
Type: refactor
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I32bd9a6ba32a15ec4d4ec9556a9b75f3d83fcd6e
Paul Atkins [Tue, 21 Sep 2021 19:49:12 +0000 (20:49 +0100)]
 
ipfix-export: refactor fields in flow_report_main
Pull out the fields in flow_report_main_t that are specific to a single
exporter and move them into a new structure that represents an exporter.
Add a pool of exporters to flow_report_main_t and do a pool_get() to get
the entry at index 0, so that the existing users of the code need only
change the path at which they access the old fields and have no need to
make further code changes.  In functions that were accessing the fields
that now make up the ipfix_exporter create a local var that points to the
first (always valid) exporter and use this as the base for the fields
rather than finding them from flow_report_main.
This is in preparation for supporting multiple flow_exporters.
Note that at the moment the code supports multiple 'streams' for a given
exporter, where each stream has its own source port, domain id and template
space. But all streams within an exporter have the same destination address,
so this is not the same as multiple exporters.
Type: refactor
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I49f5c7fb9e901773351d31dc8a59178c37e99301
Florin Coras [Thu, 18 Nov 2021 23:25:31 +0000 (15:25 -0800)]
 
tls: add option to config additional segment size
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Idf3b49ec61bf5da498ffdd8cebab7148fce73f5f
Laszlo Kiraly [Tue, 2 Nov 2021 10:07:19 +0000 (11:07 +0100)]
 
build: (opensuse) Revert build remove opensuse build infra
Added missing deps
Removed Thumbleweed support
Changed python2 to python3
Added Dockerfile for suse-leap build
Type: make
Change-Id: Ie73d2382a73ebc9d4475ace1a8f818fe38cf40c0
Signed-off-by: Laszlo Kiraly <[email protected]>
Neale Ranns [Fri, 8 Oct 2021 07:30:47 +0000 (07:30 +0000)]
 
fib: Don't use [midchain] adjacencies to change an interface's feature arc
Type: fix
Using the adjacency to modify the interface's feature arc doesn't work, since there are potentially more than one adj per-interface.
Instead have the interface, when it is created, register what the end node of the feature arc is. This end node is then also used as the interface's tx node (i.e. it is used as the adjacency's next-node).
rename adj-midhcain-tx as 'tunnel-output', that's a bit more intuitive.
There's also a fix in config string handling to:
 1- prevent false sharing of strings when the end node of the arc is different.
 2- call registered listeners when the end node is changed
For IPSec the consequences are that one cannot provide per-adjacency behaviour using different end-nodes - this was previously done for the no-SA and an SA with no protection. These cases are no handled in the esp-encrypt node.
Signed-off-by: Neale Ranns <[email protected]>
Change-Id: If3a83d03a3000f28820d9a9cb4101d244803d084
arikachen [Wed, 10 Nov 2021 08:51:51 +0000 (08:51 +0000)]
 
af_xdp: integrate with new tx infra
Type: improvement
Signed-off-by: arikachen <[email protected]>
Signed-off-by: Benoît Ganne <[email protected]>
Change-Id: If8d57bcf033864935bd5e3a9912b2c1a7c712f44
arikachen [Fri, 12 Nov 2021 06:40:55 +0000 (06:40 +0000)]
 
af_xdp: introduce to netns api
In some situation, we support to deploy vpp as per host
and handler packet in container, so we use xdp to redirect
the flow.
Type: improvement
Signed-off-by: arikachen <[email protected]>
Change-Id: Iab42d6a0abb2b330a284d519018a90aff2fa4371
Florin Coras [Thu, 18 Nov 2021 07:57:30 +0000 (23:57 -0800)]
 
session: deprecate mq segments baseva
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I5b6cb8dd9db7e003a470ca4aeb8472fa7cb9a128
Florin Coras [Thu, 18 Nov 2021 07:38:54 +0000 (23:38 -0800)]
 
session: improve wrk mq segment allocation
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I9e5438a2f82762aa8a88bbacf4290151ef30969e
Neale Ranns [Mon, 25 Oct 2021 09:47:09 +0000 (09:47 +0000)]
 
ip: comparing IP prefixes should not modify them
Type: improvement
make the ip_prefix_cmp take const paramenters.
plus some other miscellaneous functions.
Signed-off-by: Neale Ranns <[email protected]>
Change-Id: Ib69bacfb09483a8a8f8b89900c92d3d55c354ac6
Florin Coras [Wed, 17 Nov 2021 19:41:10 +0000 (11:41 -0800)]
 
session: fix state check in switch pool
This affect udp only
Type: fix
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I5e05e9c77b733b9e10c14cc9ef610c9bff216fa0
Florin Coras [Tue, 16 Nov 2021 20:45:43 +0000 (12:45 -0800)]
 
session: support close during migration
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: Ife1e046b62bb0679419fd1346e973d0e3ea55489
Florin Coras [Tue, 16 Nov 2021 03:01:52 +0000 (19:01 -0800)]
 
session: try to coalesce ct accept rpcs
Type: improvement
Signed-off-by: Florin Coras <[email protected]>
Change-Id: I11de851949afd90a37c102ed0c00969a4cc73df4
Paul Atkins [Fri, 12 Nov 2021 13:09:46 +0000 (13:09 +0000)]
 
ip6: ip6_not_enabled_node is a sibling of ip6-drop
The node ip6_not_enabled should be marked as sibling of
ip6-drop as both are start nodes of the ip6-drop arc.
Type: fix
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I212c25444a81b11d8085ba7930ddb67b47502d5c
Paul Atkins [Wed, 22 Sep 2021 10:44:40 +0000 (11:44 +0100)]
 
ipfix-export: remove unused code in flow_report.h
There are no implementations for this function so remove it.
Type: improvement
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I793b015ea1657edd1de719c2a574799aeb8b74d5
Paul Atkins [Tue, 21 Sep 2021 20:08:14 +0000 (21:08 +0100)]
 
ipfix-export: tidy code style in flow_report.c
Indent sections of code properly in vec_foreach loops.
Type: style
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I90183ace164df753f3f47b6c4a6305ded21d744d
Paul Atkins [Thu, 23 Sep 2021 09:55:25 +0000 (10:55 +0100)]
 
ipfix-export: set msg id correctly for dump msg
When sending the reply to the VL_API_IPFIX_EXPORTER_DUMP message the
message id has to be added to the message base.
Type: fix
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I9565be7887046739b5f309e021f34ed75c9e370e
Paul Atkins [Wed, 29 Sep 2021 12:33:30 +0000 (13:33 +0100)]
 
misc: Volunteer as maintainer for ipfix-export
Type: improvement
I volunteer myself as another maintainer of the ipfix-export code.
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I1d0b7f1d426447cb6b52a7b4c4fdcd8b73bc122e
Daniel Béreš [Mon, 4 Oct 2021 07:51:59 +0000 (07:51 +0000)]
 
nat: VPP crashes when route is not reachable
The problem was reproducible only with icmp packet type
when det44 in, out interfaces were swapped.
Dst addr was unknown but packet has been forwarded.
Type: fix
Ticket: VPP-1958
Signed-off-by: Daniel Béreš <[email protected]>
Change-Id: Ie446cf2ac866955cc668fe2848f954a2ef92e3fa
Filip Varga [Mon, 8 Nov 2021 19:29:36 +0000 (20:29 +0100)]
 
nat: det44 plugin session scavenging fix
det44 plugin process node would only run once on
the first plugin enable call. this patch ads
the required calls into while loop in the
process node funciton.
Type: fix
Change-Id: I38c94b29fd1e2c842a1330e8628e3019f23f2b69
Signed-off-by: Filip Varga <[email protected]>
Paul Atkins [Wed, 29 Sep 2021 12:30:53 +0000 (13:30 +0100)]
 
misc: Add maintainer entry for ipfix-export
Type: improvement
Add Ole as a maintainer for the ipfix-export code
Signed-off-by: Paul Atkins <[email protected]>
Change-Id: I659292666d32cd223dfa31e00c7b5d005d1fbad5
Klement Sekera [Tue, 16 Nov 2021 11:39:12 +0000 (12:39 +0100)]
 
vlib: fix coverity warning
Remove now unused computation result.
Type: fix
Fixes: 
3f8b8d30cade20afa8975a5e7a6d79346cec8f3e
Signed-off-by: Klement Sekera <[email protected]>
Change-Id: Iea142cb044d31e364fdc5b8b6dd69681e77d745f