Ole Troan [Fri, 6 Aug 2021 07:58:09 +0000 (09:58 +0200)]
ip6-nd: only respond to RS if sending RA is enabled
Even when periodic RAs are disabled VPP would respond to
router solicitations. Making it impossible to have an IPv6
enabled interface with hosts connected to it without VPP
acting as a default router.
This change drops RS messages if the radv_info->send_radv is
off.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9a68f8e12c93c1c00125b54f8fd454f48fa22caa
Signed-off-by: Ole Troan <ot@cisco.com>
Florin Coras [Fri, 6 Aug 2021 19:54:20 +0000 (12:54 -0700)]
tls: avoid picotls buffer allocs on rx
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6cf0c141ab4a4f5a46feb6119fa142148366f0a6
Florin Coras [Fri, 6 Aug 2021 20:07:34 +0000 (13:07 -0700)]
tls: avoid ptls ctx free on transport close
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0537fa590b11abddf05550e42c7258549729f8a7
Benoît Ganne [Wed, 4 Aug 2021 16:48:41 +0000 (18:48 +0200)]
classify: fix parsing for l4 match
l4 match parsing should not try to consume the whole input, otherwise
it breaks cli such as:
'classify session ... match l4 dst_port 22 action set-ip4-fib-id 2'
Type: fix
Change-Id: I81a1b5779811f7df8286a371f85fafe09c947b87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Thu, 5 Aug 2021 13:06:36 +0000 (15:06 +0200)]
ip: fix ip punt redirect cli
- restore fib paths support for ip4
- initialize payload_proto to the relevant default protocol so that
'via <dev>' paths are supported
- fix 'rx all'
- fix temp path vector mem leak
Type: fix
Change-Id: I564d88dc4dce86884ff6791af69974e6d70ff7ca
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Filip Varga [Mon, 26 Jul 2021 10:48:26 +0000 (12:48 +0200)]
nat: nat44-ed disable protection for api/cli
Return unsupported error if user calls one
of the configuration functions that can
run only after nat44-ed plugin is
enabled via appropriate api/cli
call.
Type: fix
Change-Id: I0d4ab0684ba5ae23fc2ecc668554a34537c2904a
Signed-off-by: Filip Varga <fivarga@cisco.com>
Mohsin Kazmi [Tue, 3 Aug 2021 17:56:05 +0000 (17:56 +0000)]
vppinfra: fix the array mask function
Type: fix
Fixes:
0ec7dad7a00852663eb88554561347987f87bb53
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I7fab80b3c7e86ac712a34c24ea3e526b0b5bb7ad
Artem Glazychev [Thu, 29 Jul 2021 07:54:59 +0000 (14:54 +0700)]
memif: fix offset
signs were changed here when calculating the offset:
d78ba5aa01ff1415bff0b06069ce21e0a78df89c
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I62b7a409caaf478e40efbdd6000922dcc7e92860
Aloys Augustin [Mon, 2 Aug 2021 15:42:23 +0000 (17:42 +0200)]
quic: do not update crypto keys from workers
The vnet_crypto_key_add should only be called from the main thread.
This patch works around this limitation by allocating one key per worker
and updating it on the fly everytime we need to do a crypto operation.
This solution is far from ideal, but quicly has a strong assumption that
it can use a key immediately after determining it, so making the key
creation asynchronous is not a possibility.
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: I19fc5814195156003c36a73bb616738ba9d828f7
Type: fix
Florin Coras [Sat, 31 Jul 2021 22:56:45 +0000 (15:56 -0700)]
tls: picotls handle accept failures
Should also fix coverity warning.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I068b837377b329a22ace5b2235c6dd9f067ead77
liuyacan [Mon, 2 Aug 2021 12:15:05 +0000 (20:15 +0800)]
vcl: fix sendto for dgrams
We need to set rmt address before sending connect, otherwise VPP
would connect to 0.0.0.0:0 and return invalid remote ip.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I85ae6931c2ba9f2f77c9ab19a2f801f50745449c
liuyacan [Mon, 2 Aug 2021 02:01:39 +0000 (10:01 +0800)]
vcl: fix sleep time in ldp_pselect()
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: Ic9c5b23be4bde88880972be35525f12fa2c6dc10
Sivaprasad Tummala [Sat, 31 Jul 2021 16:08:19 +0000 (21:38 +0530)]
vcl: fix ldp for __recv_chk socket calls
add ldp support for handling __recv_chk socket calls.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: I33221c465ac607bc665fcba500dd399a56b32df6
Florin Coras [Thu, 29 Jul 2021 16:06:00 +0000 (09:06 -0700)]
tls: picotls rx fixes and improvements
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9ea41b8b271e9123e676acdc581ef429072fe843
Florin Coras [Wed, 28 Jul 2021 05:48:05 +0000 (22:48 -0700)]
vcl: move vls pool lock to process local state
We only support one vls worker per process and therefore should not
share lock between processes.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I57bb536cf3bf04e8de031b07cb885f80b4fa03c9
Florin Coras [Tue, 27 Jul 2021 01:19:25 +0000 (18:19 -0700)]
vcl: vls cleanup and more docs
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If32dd21842b99e176db1d4eb9f6c6a51fbff1bfe
Filip Tehlar [Fri, 23 Jul 2021 18:24:19 +0000 (18:24 +0000)]
ip: add api test file
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I49c4183a443b7b39924328900e6a6ac2e09be426
Klement Sekera [Tue, 27 Jul 2021 11:33:51 +0000 (13:33 +0200)]
nat: fix ICMP checksum validation
Handle case where extra data is present in buffer which is not part of
IP/ICMP headers.
Type: fix
Fixes:
05b5a5b3b4b04823776feed6403b5a99b2e06d76
Change-Id: Icfef811470056d38c60fc45cc302139ed7594385
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Zachary Leaf [Tue, 27 Jul 2021 10:18:47 +0000 (05:18 -0500)]
ipsec: move startup config to common file
The ipsec startup.conf config currently exists in ipsec_tun.c. This is
because currently the only ipsec{...} options are tunnel related.
This patch moves the ipsec config to a common file (ipsec.c) for future
extensibility/addition of non-tunnel related config options.
Type: refactor
Signed-off-by: Zachary Leaf <zachary.leaf@arm.com>
Change-Id: I1569dd7948334fd2cc28523ccc6791a22dea8d32
Stanislav Zaikin [Thu, 15 Jul 2021 14:27:29 +0000 (16:27 +0200)]
gre: set proper fib index for unnumbered interfaces, unset fib index before forwarding gre payload
This commit introduces 2 fixes:
1) After GRE decapsulation sw_if_index[VLIB_TX] is set as fib index of GRE tunnel.
But since GRE tunnel can work on v4 endpoints and have v6 payload, we need to reset it.
In case we get IPv6 packet inside IPv4 GRE tunnel (or vice-versa) fib index can be (and usually is) invalid.
2) Check that ip-table and ip6-table are the same when setting interface as an unnumbered one.
Also, fix for the pipe test include setting the right unnumbered interface for the pipes
Type: fix
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Change-Id: Id13d239cfdd21e0db6b1c9725f01c40d4af4d800
Fan Zhang [Tue, 27 Jul 2021 15:49:55 +0000 (16:49 +0100)]
dpdk: fix cryptodev raw data path dequeue
This patch fixes the dpdk cryptodev raw data path dequeue problem.
The fix involves DPDK QAT PMD changes and is to be upstreamed
as a patch. The patch is also sent to DPDK mailing list.
Type: fix
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I1a9253c8a7fbc2aa43f19f90da45e64e2840356a
Damjan Marion [Wed, 14 Jul 2021 16:18:08 +0000 (18:18 +0200)]
vppinfra: introduce CLIB_CACHE_PREFETCH_BYTES
Type: improvement
Change-Id: Ic07010f11ef303f5213a33b0faf24aaedb62f110
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Tue, 27 Jul 2021 13:27:07 +0000 (09:27 -0400)]
vlib: don't ASSERT(vm) in worker thread bootstrap
Otherwise, threads declared with .no_data_structure_clone=1 crash on
startup.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5dcb25d1b61330fc9eee5427b815fcfcb9bf2153
Sivaprasad Tummala [Tue, 27 Jul 2021 12:08:00 +0000 (17:38 +0530)]
vcl: configure the cert-key pair from app
add the cert/key pair as selected by app.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: I3cef5bebadd8b192a65857d5f4aa6883c2a8d372
Nathan Skrzypczak [Tue, 27 Jul 2021 17:51:27 +0000 (19:51 +0200)]
vppinfra: fix sock init netns
Type: fix
Change-Id: I0ce8183ded601bdab031c9689ca361414fed165f
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Florin Coras [Thu, 22 Jul 2021 21:03:11 +0000 (14:03 -0700)]
udp: add option to disable icmp unreachables
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I90c2a191ab34a2a7df3fb0a951e5fc78f40ccfe2
liuyacan [Thu, 22 Jul 2021 07:52:01 +0000 (15:52 +0800)]
vcl: fix some risk after fork()
1.Not only the session in state VCL_STATE_LISTEN_NO_MQ
has no queue. Session in CLOSED also didn't.
2.Refresh vls->wrk_index in child process, or this value will
become invalid if parent exit.
3.Set vlsh->vls_wrk_index once vls_worker_alloc() is called, then
vls_get_worker_index() can be simplified.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: If4f5e134915eafd74ce38f585d65ce8836b2e553
liuyacan [Sat, 24 Jul 2021 14:48:36 +0000 (22:48 +0800)]
vcl: fix shutdown deadlock issue
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I4974815ecb0e3bff01af983f086ca15d77fd6fb4
liuyacan [Sat, 24 Jul 2021 06:30:51 +0000 (14:30 +0800)]
session: avoid vpp deadlock due to app crash
In high traffic scenarios, if app crashed or hang on somewhere, app_mq
will quickly accumulate to full, after which vpp worker will try 100
times before giving up allocating slot for every msg. This will cause
vpp main thread barrier sync to fail.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I2b2bf2b272c5b3ca7e4a56af179af12bbcde149d
Florin Coras [Fri, 23 Jul 2021 15:39:26 +0000 (08:39 -0700)]
session vcl: support abstract sockets for app ns
App namespaces can now be associated to a linux ip netns, e.g.:
app ns add id <ns_id> secret <n> sw_if_index <n> netns <netns>
If session layer's app sock api is enabled, this triggers the creation
of an abstract listening socket in the netns that has been configured.
For the example above that would be @vpp/session/<ns_id>.
Consequently, vcl, or other apps attaching to vpp, can connect to said
abstract socket from an ip netns without the need to share unix domain
socket files. In particular, for vcl it's enough to set app-socket-api
to @vpp/session/<ns_id> in the conf file.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I26fdc626a760a3f423c5b8be4251623f6e9cd73a
Florin Coras [Thu, 22 Jul 2021 01:17:20 +0000 (18:17 -0700)]
session vcl: explit mq indices in ctrl messages
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8e80252b85dda9a8f5699109264dc1b913581442
Nathan Skrzypczak [Mon, 19 Jul 2021 16:21:43 +0000 (18:21 +0200)]
vppinfra: add abstract socket & netns fns
* Add clib_socket_init support for abstract sockets
if name starts with an '@'
* Add clib_socket_init_netns to open socket in netns
* Add clib_netns_open
Type: feature
Change-Id: I89637ad657c702ec38ddecb5c03a1673d0dfb104
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Filip Varga [Wed, 26 May 2021 16:45:59 +0000 (18:45 +0200)]
nat: nat44-ed configuration refactor & cleanup
Refactoring static mapping configuration
functions based on feature type.
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I007d9b0e9717ced613fbcef2b11b6853f479be1e
Ole Troan [Tue, 18 May 2021 09:52:47 +0000 (11:52 +0200)]
api: enable trace / replay flag on messages
For an unknown reason the trace/replay flags where missed
when moving API message registration code from manually
cut and pasted to aut-generated.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ib7625a57d3a263aac154682007459648953b1803
Neale Ranns [Wed, 21 Jul 2021 13:29:58 +0000 (13:29 +0000)]
interface: Byte swap the duplex value in interface details
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6d9473a7b5ab0fbd460e80df36368dd43c5e4fee
Florin Coras [Wed, 21 Jul 2021 02:08:12 +0000 (19:08 -0700)]
session: fix unlisten rpc barrier release
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9301fbbcd611033b4b6ad5313edbc66840f5bb3a
Florin Coras [Wed, 21 Jul 2021 04:12:23 +0000 (21:12 -0700)]
hsa: separate ctrl and test session accept vcl server
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id6bcf6511c904c8625c0845cd9758539f35e6b50
Florin Coras [Mon, 19 Jul 2021 22:23:51 +0000 (15:23 -0700)]
session: option to use memfd segs for builtin apps
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iecb171c9451c0fa9a7c6ae4b3e9ab7774a4fe585
Klement Sekera [Mon, 28 Jun 2021 11:40:40 +0000 (13:40 +0200)]
nat: harden ICMP handling
Verify that headers are not truncated and that checksums are valid.
Correct checksum computation in translation code.
Type: fix
Change-Id: I6acfcec4661411f83c86b15aafac90cd4538c0b5
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Damjan Marion [Fri, 16 Jul 2021 11:44:33 +0000 (13:44 +0200)]
vppinfra: remove pool_foreach_old, pool_foreach_index_old, clib_bitmap_foreach_old
Type: refactor
Change-Id: Ifacdd001bdeb5d609d495406f53546090b86476d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Fri, 16 Jul 2021 10:44:22 +0000 (12:44 +0200)]
build: fix formatting of CMake config output
Type: make
Change-Id: I6e40817609d022cb70887f70aa3608dc759fcd76
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mohsin Kazmi [Thu, 17 Jun 2021 12:33:03 +0000 (14:33 +0200)]
vlib: add tunnel offload flags for vlib_buffer_t
Type: improvement
Change-Id: Iaad50b2044702c46eff287708dfcb24e61022104
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Mohsin Kazmi [Thu, 17 Jun 2021 15:48:22 +0000 (17:48 +0200)]
dpdk: improve tx offload formatting
Type: improvement
Change-Id: I06eaf39b1e441045c3402cbf40339054ad26ade9
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Damjan Marion [Wed, 27 Jan 2021 20:17:48 +0000 (21:17 +0100)]
snort: snort3 plugin and DAQ
Zero copy interface which exposes VPP buffers to snort instance(s).
Includes VPP DAQ which is compiled only if libdaq 3 API headers are
available.
Type: feature
Change-Id: I96611b43f94fbae091e7391589e0454ae66de88b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Mohsin Kazmi [Thu, 15 Jul 2021 10:34:36 +0000 (10:34 +0000)]
vppinfra: add array mask func
Type: feature
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I6869221917f30f7e59709e20571b4615bc68dc8c
Mohsin Kazmi [Tue, 6 Apr 2021 17:24:00 +0000 (19:24 +0200)]
ip6-nd: refactor neighbour advertisement code
Type: refactor
Refactor neighbour advertisement code into inline function
to be used solely in feature nodes.
Change-Id: I1e84c54f9807b4e3d90c37526c78a7afcb0ba087
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Robert Shearman [Tue, 6 Jul 2021 09:34:52 +0000 (10:34 +0100)]
dpdk: enable RX interrupts for the virtio driver
Type: improvement
Request use of RX interrupts for virtio if the system will support it,
which is done by applying the same check as in the virtio driver,
namely whether multiple interrupts are supported. This allows the use
of RX adaptive/interrupt mode instead of just polling, which is useful
in virtualised environments where functionality may be more important
than performance and so using polling mode is wasteful.
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Change-Id: I29527b6f04b0b1d0c9f9424751b2bd252ed10505
Steven Luong [Thu, 15 Jul 2021 15:57:02 +0000 (08:57 -0700)]
ip-neighbor: GARP sent to bogus ip address
The function ip4_neighbor_advertise may be called with NULL addr. In
that case, it looks up addr from fib by calling fib_sas4_get which
returns true or false to indicate whether there is an ip address
associated with the interface or not. But the caller to fib_sas4_get
does not check the return code and blindly assumes there is always an
ip address associated with the interface. As a result, it ends up
sending GARP to the bogus ip address if there is no ip address
associated with the interface.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I7aa0270766c3943ed8ca8f8a092cae34567fd30e
Mohsin Kazmi [Thu, 15 Jul 2021 14:20:57 +0000 (14:20 +0000)]
vppinfra: fix the vector funcs test for march variants
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I4208c2622817eb51a4b192cf420f9f1b5f193eef
Neale Ranns [Thu, 15 Jul 2021 08:11:38 +0000 (08:11 +0000)]
acl: Fix the CLI to accept IPv6 prefixes
Type: fix
DBGvpp# set acl-plugin acl src 1::1/128 dst 2::/64
DBGvpp# sh acl-plugin acl
acl-index 0 count 1 tag {cli}
0: ipv4 permit src 1.1.1.1/32 dst 1.1.1.2/32 proto 0 sport 0-65535 dport 0-65535
acl-index 1 count 1 tag {cli}
0: ipv6 permit src 1::1/128 dst 2::/64 proto 0 sport 0-65535 dport 0-65535
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ibb8e20dd4ec2792f423a61eefe7398175e45a577
Sergio Gonzalez Monroy [Wed, 14 Jul 2021 13:01:47 +0000 (15:01 +0200)]
linux-cp: clear all db entries when deleting a pair
Type: fix
Change-Id: I5677cbb183b10c974a3a2e569d1a7a525a7eb45d
Signed-off-by: Sergio Gonzalez Monroy <sgmonroy@gmail.com>
Damjan Marion [Thu, 15 Jul 2021 09:54:41 +0000 (11:54 +0200)]
misc: replace CLIB_PREFETCH with clib_prefetch_{load,store}
Type: refactor
Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Varga [Tue, 29 Jun 2021 10:10:01 +0000 (12:10 +0200)]
nat: nat44-ed sm fix
Fixing nat44-ed identity map in2out communication.
TCP packets would get dropped because of the order
of testing TCP state.
Type: fix
Change-Id: Ib11e7e75c66945224fecc0bb311733672e315c7d
Signed-off-by: Filip Varga <fivarga@cisco.com>
Filip Varga [Mon, 21 Jun 2021 10:59:41 +0000 (12:59 +0200)]
nat: adding support for icmp-error msg
Extending tests.
Type: test
Change-Id: I98cc1d214ead10ac53fed34a1492d9b5f37975a2
Signed-off-by: Filip Varga <fivarga@cisco.com>
Damjan Marion [Wed, 14 Jul 2021 10:25:34 +0000 (12:25 +0200)]
vppinfra: remove old and unused vector macros and inlines
Type: refactor
Change-Id: Ic504bcfca6e7fbd85e858c3bc7a4f5e72d931789
Signed-off-by: Damjan Marion <damarion@cisco.com>
Xiaoming Jiang [Tue, 13 Jul 2021 03:55:59 +0000 (03:55 +0000)]
api: fix memory error in multi-thread environment
When reading vm->pending_rpc_requests in main thread,
the content may be changed by other workers.
Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: I27e9d357b5ecec0f97cd8b950019b35f72fc5f76
liuyacan [Wed, 14 Jul 2021 07:53:01 +0000 (15:53 +0800)]
vcl:fix segfault when unshare NO_MQ session
Session in LISTEN_NO_MQ state has no vpp_evt_q.This
would cause a segfault when vcl try to send msg to
vpp.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: I0d21831dbed148cd1b0ca7c083aeeef9e813ef2f
Filip Varga [Tue, 29 Jun 2021 12:28:21 +0000 (14:28 +0200)]
nat: refactoring NAT44ED cfg functions
Refactored & fixed NAT44ED configuration
functions used for handling interfaces and
nodes.
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I6fbbb7f0fe35d572675997745d53290152987424
Damjan Marion [Wed, 14 Jul 2021 10:57:53 +0000 (12:57 +0200)]
ip: fix check_adj_port_range_x1
Type: fix
Change-Id: I776bf797e07bb3cfd0510a4c09d8182edfa193bd
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 14 Jul 2021 10:01:17 +0000 (12:01 +0200)]
classify: cheaper way to check if all elements are zero
Type: improvement
Change-Id: I5f4517c65c37c5d73fcd608dc29dfb1d25d4cd8d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 14 Jul 2021 09:30:00 +0000 (11:30 +0200)]
ip: improve check_adj_port_range_x1
Type: improvement
Change-Id: I8337f81fdcd196fcb0e61f8129fec322e9a1e8f1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Lijian.Zhang [Fri, 25 Jun 2021 15:42:21 +0000 (23:42 +0800)]
vppinfra: fix saturate add/sub NEON wrappers
Fix the saturate add/sub wrappers in vector_neon.h by using the correct
intrinsics.
Type: fix
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Tianyu Li <Tianyu.Li@arm.com>
Change-Id: I38a85633948472d4bdb1c199a806633d3070013f
Damjan Marion [Tue, 13 Jul 2021 19:12:41 +0000 (21:12 +0200)]
vppinfra: put each vector function into own file
Type: refactor
Change-Id: I2dd9a18497992ac7e2686c14f5d17eccccda0cda
Signed-off-by: Damjan Marion <damarion@cisco.com>
Filip Tehlar [Thu, 8 Jul 2021 18:44:19 +0000 (18:44 +0000)]
misc: remove vnet_all_api_h and vnet_msg_enum
These file are no longer needed
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I34f8e0b7e17d9e8c06dcd6c5ffe51aa273cdec07
Neale Ranns [Fri, 9 Jul 2021 13:03:52 +0000 (13:03 +0000)]
fib: Set the GLEAN flag on attached export routes so that the SAS works
correctly.
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I4bc2eb394a8f9d01c5a12de2ce963c22209d5439
Florin Coras [Wed, 7 Jul 2021 04:07:50 +0000 (21:07 -0700)]
tcp session: next node config on connects
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ief06b1509d31b55efc8d1436b6ff9e01c6037a32
Miklos Tirpak [Thu, 1 Jul 2021 15:26:34 +0000 (17:26 +0200)]
mss_clamp: coverity test fix
Silence the coverity test with setting the interface index
in a variable before the boundary check.
Type: fix
Change-Id: I9bd6db08bfef93142581dada0b6a7d78b7de91e7
Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com>
Bin Zhou (bzhou2) [Mon, 21 Jun 2021 15:09:30 +0000 (11:09 -0400)]
misc: fix init order to avoid startup warnings
Put plugin init order inside plugin instead of in vnet
Type: improvement
Signed-off-by: Bin Zhou (bzhou2) <bzhou2@cisco.com>
Change-Id: Icbacdb3f1cb4ac9d74e3f78458e8bc333793b4d6
Robert Shearman [Tue, 6 Jul 2021 08:59:06 +0000 (09:59 +0100)]
dpdk: add base-virtaddr config option
Type: improvement
Allow the use of the base-virtaddr config option to be passed through
to DPDK. This is useful to allow use of devices with an IOMMU in
nested VMs without resorting to PA IOVA mode.
Signed-off-by: Robert Shearman <robertshearman@gmail.com>
Change-Id: I32b6513377e6d20bf155e12c45f902d51ea982c4
chenqijun [Mon, 12 Jul 2021 02:51:05 +0000 (10:51 +0800)]
vppinfra: fix SIGSEGV in clib_mem_vm_unmap
while one mprotect PROT_NONE on hdr->next or hdr->prev,
the other one with the PROT_NONE is unmap at the same time,
cause SIGSEGV.
Type: fix
Signed-off-by: arikachen <eaglesora@gmail.com>
Change-Id: I21c0497da140c9654b566e47f767a90346715ed8
Ole Troan [Tue, 4 May 2021 10:45:57 +0000 (12:45 +0200)]
papi: remove shared memory transport
This patch removes the papi transport shared memory plugin.
It also removes any dependency on CFFI.
Type: feature
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ia81701c0dc506871e511495d837e41420e1fdf72
Signed-off-by: Ole Troan <ot@cisco.com>
Filip Tehlar [Sat, 26 Jun 2021 22:12:08 +0000 (22:12 +0000)]
session: api cleanup
Use autogenerated code.
Does not change API definitions.
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Iacc58d27ac51c8a1c571087f98297e046b3477c2
Mohsin Kazmi [Fri, 9 Jul 2021 12:19:37 +0000 (14:19 +0200)]
gso: add ipsec tunnel tests
Type: test
Change-Id: I831bc8c21f8ce869054eafcb14542508039c1b82
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Florin Coras [Thu, 8 Jul 2021 15:25:09 +0000 (08:25 -0700)]
session: allow listen in any fib if default namespace
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If0712f01bdd6f2fc892bcbe4e2cee28affd02520
Steven Luong [Thu, 17 Jun 2021 15:22:50 +0000 (08:22 -0700)]
interface: unable to to assign tx queue to last worker thread
Using the cli "set interface tx-queue", it is not possible to assign
tx queue to the last worker thread.
The reason is that vdm->first_worker_thread_index is 1. Adding that
to clib_bitmap_last_set (bitmap) exceeds vdm->last_worker_thread_index
when the CLI specifies the last worker thread.
Also make the threads argument optional to enable user to unbind a queue
from any thread.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I796259c20f571289c8f5a97b9418caf452d0ab3d
Neale Ranns [Thu, 20 May 2021 16:09:40 +0000 (16:09 +0000)]
tap: Set the MTU on the TUN deivce
Type: fix
For a TAP device the MTU is set via the ethernet_register for TUN we
need to do it explicitly (like we do for other tunnel types).
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie6a13c795acb35b53f8d99b05c70c3e73a7b428e
Florin Coras [Sat, 3 Jul 2021 01:10:20 +0000 (18:10 -0700)]
tcp: use tcp output for half open connections
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I05be39671a9ed0688d4e006f0f9354aa6560a41b
Florin Coras [Tue, 6 Jul 2021 15:25:36 +0000 (08:25 -0700)]
tcp: use main thread pool for half-opens
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4b3427b966f9ff1ba8895fed7db662d56650f3f5
Benoît Ganne [Tue, 6 Jul 2021 14:12:06 +0000 (16:12 +0200)]
l3xc: reset dpo on delete
When removing a l3xc path we must release the corresponding dpo.
Type: fix
Change-Id: Ib6309797cb11374264c786e064f262ad13c6f0a1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
wanghanlin [Tue, 6 Jul 2021 09:18:29 +0000 (17:18 +0800)]
vcl: fix packetdrill test error
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: I36d9affa5ee7160e95ee0ed463595bef752bbe9a
wanghanlin [Tue, 6 Jul 2021 07:57:55 +0000 (15:57 +0800)]
vcl: print current app state for timeout
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: Id701b1a1bee4e41b76d324ea05beb07ca57f825c
wanghanlin [Tue, 6 Jul 2021 07:01:48 +0000 (15:01 +0800)]
vcl: fix return value check for ldp_fd_to_vlsh
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: Iaad4022e84f4979016bb46c2ff5cfc5d43d6ff50
Rajaselvam [Wed, 30 Jun 2021 05:50:20 +0000 (11:20 +0530)]
vrrp: Fix for test-all testcases failure.
Failure due to the method vrrp_adv_packet scope and self reference.
Type: fix
Signed-off-by: rajaselvam <rajaselvam@gmail.com>
Change-Id: I4ec14ea37928142651eb08fcc5736bc9c24ab062
Damjan Marion [Fri, 2 Jul 2021 14:04:26 +0000 (16:04 +0200)]
build: remove unused files and sections
Type: make
Change-Id: Ia1d8c53c5fb02f7e5c86efab6e6ccd0fdb16bc96
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Wed, 18 Nov 2020 11:13:27 +0000 (11:13 +0000)]
ipsec: ADD/update IPSec documentation
Type: docs
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ica576e13953a3c720a7c093af649d1dd380cc2c0
Filip Tehlar [Sun, 27 Jun 2021 00:18:57 +0000 (00:18 +0000)]
interface: api cleanup
Use autogenerated code.
Does not change API definitions.
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I189bfcca2d5fa1f37d05a72c92d04bf260343043
Filip Tehlar [Mon, 28 Jun 2021 00:52:00 +0000 (00:52 +0000)]
sr: do not use vnet_all_api.h
.. as it is going to be removed.
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Id3a4a4ea1e1b7361d43735bfa5470c28fc65209f
Tianyu Li [Wed, 23 Jun 2021 07:35:03 +0000 (07:35 +0000)]
vlib: fix buffer pool alignment size
Alignment size should be CLIB_CACHE_LINE_BYTES(64)
instead of CLIB_LOG2_CACHE_LINE_BYTES(6)
Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: If2d5ae324093be64454377866297f5e76ccddc93
Benoît Ganne [Mon, 14 Jun 2021 15:19:46 +0000 (17:19 +0200)]
crypto: fix sw async crypto with chained buffers
When a buffer in the chain comes with a negative current_data offset,
the conversion to sgl will skip it because of resetting offset to 0.
Moreover, crypto_start_offset is relative to the 1st buffer data pointer
so we should not check it against subsequent buffers anyway.
Type: fix
Change-Id: Id177a90bfda242a5372c7e8836cf6668e98c780e
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Wed, 23 Jun 2021 11:58:48 +0000 (11:58 +0000)]
misc: Don't IPv[46] enable local0, it doesn't receive packets.
Type: improvement
local0 exists just to burn sw_if_index=0 so we catch common API errors.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I2901bb7d36d4c512e6698134a807bf9516ee05db
Steven Luong [Thu, 17 Jun 2021 15:50:32 +0000 (08:50 -0700)]
vmxnet3: support manual thread assignment to tx queue
Thread assignment to tx queue has always been automatic and there
was no way to modify it. With this patch, it is now possible to use
the cli "set interface tx-queue" to change the thread assignment to
tx queue for vmxnet3 interface, thanks to the new tx infra.
Type: feature
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I1544e3557f70251d4bd423cc3d9f28ee1d44db4a
Filip Tehlar [Wed, 23 Jun 2021 14:38:38 +0000 (14:38 +0000)]
ip: api cleanup
Use autogenerated code.
Does not change API definitions.
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I4b6d881571c158b7a69a78b9680732d090c4f8b5
Benoît Ganne [Tue, 22 Jun 2021 13:46:33 +0000 (15:46 +0200)]
memif: fix tx desc length for chained buffers in copy mode
When enqueuing chained buffer, we must update the descriptor length for
each fragment descriptor in addition to the last.
Type: fix
Change-Id: I9bc95fe557a049eeea4abd41c695153632d52a52
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Fri, 25 Jun 2021 15:49:01 +0000 (17:49 +0200)]
rdma: fix chained buffer tx path in dv mode
When switching to the direct verb chain buffer tx path, we must account
for all remaining packets, including the packets that would wrapped
around.
Previously we were using the 'n' counter but ignoring the 'n_wrap'
counter: if some packets would have wrapped around in the default path,
it would be ignored by the chained buffer tx path.
Compute the correct number of remaining packets based on the old and
current txq tail instead.
Also simplify the chained tx function parameters.
Type: fix
Change-Id: If12b41a8f143fda80290342e2904792f7501c559
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Benoît Ganne [Wed, 23 Jun 2021 11:45:25 +0000 (13:45 +0200)]
memif: fix chain buffer length in zero-copy mode
The total_length_not_including_first_buffer field must be reset before
being updated otherwise it will quicly grows as stale values are reused.
Type: fix
Change-Id: Ic48c0822660998b0dfc0b5fdeadae6071b2d03f7
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Wed, 30 Jun 2021 14:54:29 +0000 (07:54 -0700)]
vcl: coverity fixes
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I290e4b0dff6afe7ce755074f3aaaf945dbbf3e09
Neale Ranns [Thu, 24 Jun 2021 15:41:03 +0000 (15:41 +0000)]
ipsec: Derive the TUNNEL_V6 flag from the configured address types
Type: improvement
There's no need for the user to set the TUNNEL_V6 flag, it can be
derived from the tunnel's address type.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I073073dc970b8a3f2b2645bc697fc00db1adbb47
Florin Coras [Tue, 29 Jun 2021 20:27:45 +0000 (13:27 -0700)]
session: free ctrl event data on connect rpc
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I56c4682aef59ed0e69073f9001341c425e65bd48
Neale Ranns [Mon, 28 Jun 2021 13:31:28 +0000 (13:31 +0000)]
ipsec: Fix setting the hi-sequence number for decrypt
Type: fix
two problems;
1 - just because anti-reply is not enabled doesn't mean the high sequence
number should not be used.
- fix, there needs to be some means to detect a wrapped packet, so we
use a window size of 2^30.
2 - The SA object was used as a scratch pad for the high-sequence
number used during decryption. That means that once the batch has been
processed the high-sequence number used is lost. This means it is not
possible to distinguish this case:
if (seq < IPSEC_SA_ANTI_REPLAY_WINDOW_LOWER_BOUND (tl))
{
...
if (post_decrypt)
{
if (hi_seq_used == sa->seq_hi)
/* the high sequence number used to succesfully decrypt this
* packet is the same as the last-sequnence number of the SA.
* that means this packet did not cause a wrap.
* this packet is thus out of window and should be dropped */
return 1;
else
/* The packet decrypted with a different high sequence number
* to the SA, that means it is the wrap packet and should be
* accepted */
return 0;
}
- fix: don't use the SA as a scratch pad, use the 'packet_data' - the
same place that is used as the scratch pad for the low sequence number.
other consequences:
- An SA doesn't have seq and last_seq, it has only seq; the sequence
numnber of the last packet tx'd or rx'd.
- there's 64bits of space available on the SA's first cache line. move
the AES CTR mode IV there.
- test the ESN/AR combinations to catch the bugs this fixes. This
doubles the amount of tests, but without AR on they only run for 2
seconds. In the AR tests, the time taken to wait for packets that won't
arrive is dropped from 1 to 0.2 seconds thus reducing the runtime of
these tests from 10-15 to about 5 sceonds.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Iaac78905289a272dc01930d70decd8109cf5e7a5
liuyacan [Tue, 29 Jun 2021 08:45:11 +0000 (16:45 +0800)]
tcp: add ACK flag to RST packet
According to RFC 793, the ACK control bit is always sent once
the connection is established.
Type: fix
Signed-off-by: liuyacan <liuyacan@corp.netease.com>
Change-Id: Id0fe19114a0cc468dbce4c0938b345c2ac339e73