vpp.git
2 years agotcp: allow syns in closed state 92/38292/13
Florin Coras [Fri, 17 Feb 2023 02:59:38 +0000 (18:59 -0800)]
tcp: allow syns in closed state

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If223096cf912c1748ae417b40585a9bea5d9d9a9

2 years agovcl: do not stop listeners on vls epoll del 85/38385/3
Florin Coras [Thu, 2 Mar 2023 06:22:30 +0000 (22:22 -0800)]
vcl: do not stop listeners on vls epoll del

Although removal from epoll means listener no longer accepts new
sessions, the accept queue built by vpp cannot be drained by stopping
the listener. Morover, some applications, e.g., nginx, might constantly
remove and add listeners to their epfds. Removing listeners in such
situations causes a lot of churn in vpp as segments and segment managers
need to be recreated.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia412b3f8d50fbb4881a99ff024f798353b521af7

2 years agovcl: always drain libc epoll with eventfds in ldp 94/38394/7
Florin Coras [Sun, 5 Mar 2023 19:45:38 +0000 (11:45 -0800)]
vcl: always drain libc epoll with eventfds in ldp

Otherwise if vcl epoll lt events are ignored by the app, libc and vcl mq
events are never drained.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1e22f6da46d56236c52714181f6c20dcb80a33a5

2 years agohs-test: nginx mirroring test improvements 96/38396/2
Florin Coras [Mon, 6 Mar 2023 17:46:11 +0000 (09:46 -0800)]
hs-test: nginx mirroring test improvements

- avoid setting LD_PRELOAD for container
- save nginx error log to shared volume
- reduce test run time to 10s
- add vcl and ldp debug env variables to docker file. Default to
disabled.

Type: test

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I401ac74e7c0ebe87befedb44150b04f773f244ea

2 years agovlib: fix vlib_log for elog 91/37691/5
luoyaozu [Wed, 23 Nov 2022 07:59:17 +0000 (15:59 +0800)]
vlib: fix vlib_log for elog

test output before fix:
DBGvpp# event-logger clear
DBGvpp# test log warn cli log test-log for-elog
cli/log            [warn  ]: test-log for-elog
DBGvpp# test log info cli log test-log for-elog
cli/log            [info  ]: test-log for-elog
DBGvpp# show event-logger
2 of 131072 events in buffer, logger running
      53.022586433: log-notice: test-log for-elog
      60.318329361: log-debug: test-log for-elog
DBGvpp#

test output after fix:
DBGvpp# event-logger clear
DBGvpp# test log warn cli log test-log for-elog
cli/log            [warn  ]: test-log for-elog
DBGvpp# test log info cli log test-log for-elog
cli/log            [info  ]: test-log for-elog
DBGvpp# show event-logger
2 of 131072 events in buffer, logger running
      18.362721151: log-warn: test-log for-elog
      25.124570555: log-info: test-log for-elog
DBGvpp#

Type: fix

Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: Ie1122787f9efb611cdafc671b4ccf68b43984924

2 years agostats: fix tests with multiple workers 56/38356/2
Benoît Ganne [Fri, 24 Feb 2023 15:13:29 +0000 (16:13 +0100)]
stats: fix tests with multiple workers

Type: fix

Change-Id: Ic4b8478d390c7373bfb43a39ae6a70e978ae9321
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agolb: keep AddressSanitizer happy 48/38048/2
Benoît Ganne [Thu, 26 Jan 2023 15:04:43 +0000 (16:04 +0100)]
lb: keep AddressSanitizer happy

vec_alloc() does not mark vector as accessible contrary to
vec_validate().
Also removes redundant memset(0) as vector allocation always zeroed
new memory.

Type: fix

Change-Id: I8309831b964a618454ed0bebbcdec7ec21149414
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agovppinfra: fix memory traces 75/38175/2
Benoît Ganne [Wed, 16 Nov 2022 18:36:15 +0000 (19:36 +0100)]
vppinfra: fix memory traces

 - allocates the memory trace spinlock independently from the main heap
 - disable tracing on a per thread basis
 - make sure we hold the memory trace spinlock when changing tracing

Type: fix

Change-Id: I7d84f22132abdc895343d447cd3a2c574786f58d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agoaf_packet: fix the first packet offset 89/38389/3
Mohsin Kazmi [Fri, 3 Mar 2023 20:25:17 +0000 (20:25 +0000)]
af_packet: fix the first packet offset

Type: fix

Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I927ba4e6f10ae4527f339a890c3a0de33a84b7eb

2 years agoaf_xdp: fix netns configuration 59/38059/3
Benoît Ganne [Fri, 27 Jan 2023 10:37:59 +0000 (11:37 +0100)]
af_xdp: fix netns configuration

 - clib_open_netns() expects a NULL-terminated C-string
 - if no netns was given, we should not try to format it otherwise we'll
   get "(nil)" as netns name.

Type: fix

Change-Id: I7b6022f6e8999640d0d2a83b854455b15fa4c134
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agobuild: add sanitizer option to configure script 13/37313/3
Benoît Ganne [Tue, 11 Oct 2022 08:09:55 +0000 (10:09 +0200)]
build: add sanitizer option to configure script

Type: improvement

Change-Id: Ia679d6e5fb7eff6dbd7363465e5667119751e908
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agovlib: avoid non-mp-safe cli process node updates 96/35796/4
Vladislav Grishenko [Fri, 9 Jul 2021 23:02:46 +0000 (04:02 +0500)]
vlib: avoid non-mp-safe cli process node updates

Node renames, clone and node_by_name hash updates should be done
in vlib_node_register() / vlib_node_rename() under barrier, or
else runtime per-node stats can be either inaccurate or lead to UB.

Drop cli process nodes renaming rather than adding barrier
syncronization on reuse, nodes will get "unix-cli-process-ID"
stable names, description and terminal names are preserved and can
be obtained with "show cli-sessions" and "show terminal" commands.
Also fix insufficient name width for "show cli-sessions" with table
formatting, output sample:

    DBGvpp# sh cli-sessions
    PNI   FD    Name                     Flags
    708   14    unix-cli-local:10558     iSLpa
    710   15    unix-cli-127.0.0.1:33252 ISlpA

    DBGvpp# sh terminal
    Terminal name:   unix-cli-127.0.0.1:33252
    Terminal node:   unix-cli-process-1
    Terminal mode:   char-by-char
    Terminal width:  158
    Terminal height: 43
    ANSI capable:    yes
    Interactive:     yes
    History enabled: yes
    History limit:   50
    Pager enabled:   yes
    Pager limit:     100000
    CRLF mode:       CR+LF

Type: improvement
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: I40af4c0a5e5be92d5e3ebcd440fa55390aeb0e8b

2 years agointerface: more cleaning after set flags is failed in vnet_create_sw_interface 12/34812/6
varasteh [Sun, 2 Jan 2022 10:50:32 +0000 (14:20 +0330)]
interface: more cleaning after set flags is failed in vnet_create_sw_interface

There's a chance that vnet_sw_interface_set_flags_helper()
has successfully called some sw interface add callback functions
before returning the error. So the sw interface del callbacks
should also be called

Type: fix

Signed-off-by: varasteh <mahdy.varasteh@gmail.com>
Change-Id: I2cd7dc6d5b3a5ebfd2c4d1a6be5390083dee6401
Signed-off-by: varasteh <mahdy.varasteh@gmail.com>
2 years agointerface: add the missing tag keyword in the cli helper 45/38045/2
Mohsin Kazmi [Thu, 26 Jan 2023 15:14:17 +0000 (15:14 +0000)]
interface: add the missing tag keyword in the cli helper

Type: style

Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I6399ad2b0b30f94c6c51db1afc39f5e875dfaa67

2 years agocrypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flag 66/34966/9
Benoît Ganne [Wed, 19 Jan 2022 09:09:42 +0000 (10:09 +0100)]
crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flag

IV requirements vary wildly with the selected mode of operation. For
example, for AES-CBC the IV must be unpredictable whereas for AES
counter mode (CTR or GCM), it can be predictable but reusing an IV with
the same key material is catastrophic.
Because of that, it is hard to generate IV in a generic way, and it is
better left to the crypto user (eg. IPsec).

Type: improvement

Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agomemif: fix input vector rate of memif-input node 12/37912/3
Liangxing Wang [Fri, 13 Jan 2023 05:19:47 +0000 (05:19 +0000)]
memif: fix input vector rate of memif-input node

Explicitly set the ptd->n_packets to 0 if no packet is received in
memif_device_input_inline(). Otherwise ptd->n_packets just keeps
last time rx packets number, then this stale number is added to
memif_input_node->vectors_since_last_overflow in every dispatch_node()
call for memif_input_node.

Type: fix

Signed-off-by: Liangxing Wang <liangxing.wang@arm.com>
Change-Id: Ide98a481c925262f9a609535a314f784cab424d8

2 years agovlib: fix macro define command not work in startup config exec script 76/37776/2
Xiaoming Jiang [Thu, 8 Dec 2022 07:54:06 +0000 (07:54 +0000)]
vlib: fix macro define command not work in startup config exec script

Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Idb34490199a78d5b0c1fe2382b6483a6e3a6fd1f

2 years agovlib: fix ASAN fake stack size set error when switching to process 89/37789/2
Xiaoming Jiang [Sat, 10 Dec 2022 03:44:16 +0000 (03:44 +0000)]
vlib: fix ASAN fake stack size set error when switching to process

Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: I2add6cb8dba837e47596983ec8303883aba3a138

2 years agodpdk: plugin init should be protect by thread barrier 93/37793/2
Xiaoming Jiang [Mon, 12 Dec 2022 02:56:43 +0000 (02:56 +0000)]
dpdk: plugin init should be protect by thread barrier

Witout thread barrier, when dpdk_process_node initiating
dpdk lib, workers thread may also be initiating. Main
and workers threads may both setting error_main info,
that will cause memory ASAN issue.

Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: I87b73b310730719035d4985a2cff2e3308120ec2

2 years agovppinfra: adding support for socket mounting paths 82/38282/2
Mohsin Kazmi [Wed, 15 Feb 2023 13:31:27 +0000 (13:31 +0000)]
vppinfra: adding support for socket mounting paths

Type: improvement

Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d

2 years agoflow dpdk: introduce IP in IP support for flow 62/38362/5
Xinyao Cai [Tue, 28 Feb 2023 06:44:58 +0000 (14:44 +0800)]
flow dpdk: introduce IP in IP support for flow

This patch introduces IP in IP packet support for flow cli and dpdk plugin.
Specifically, the following IP in IP packet types are supported:
MAC-IPv4-IPv4-TCP/UDP/None,
MAC-IPv4-IPv6-TCP/UDP/None,
MAC-IPv6-IPv4-TCP/UDP/None,
MAC-IPv6-IPv6-TCP/UDP/None,

IP in IP flow rules can be created by using the following new keywords in vppctl:
in-src-ip, in-dst-ip        : to provide information for inner IPv4 header
in-ip6-src-ip, in-ip6-dst-ip: to provide information for inner IPv6 header
in-proto                    : to specify inner transport layer protocol type (TCP or UDP)
in-src-port, in-dst-port    : to provide information for inner TCP/UDP header

An example to create flow rule for MAC-IPv6-IPv6-TCP:
test flow add index 0 ip6-src-ip any ip6-dst-ip any in-ip6-src-ip any in-ip6-dst-ip any in-proto tcp in-src-port 1234 in-dst-port any rss function default

Another example to create flow rule for MAC-IPv6-IPv6:
test flow add index 0 ip6-src-ip any in-ip6-src-ip any rss function default

Type: feature

Signed-off-by: Xinyao Cai <xinyao.cai@intel.com>
Change-Id: I6a1ca36d47eb65b9cb5a4b8d874b2a7f017c35cd

2 years agovppinfra: fix clib_bitmap_will_expand() result inversion 50/38250/2
Vladislav Grishenko [Tue, 14 Feb 2023 07:34:29 +0000 (12:34 +0500)]
vppinfra: fix clib_bitmap_will_expand() result inversion

Pool's pool_put_will_expand() calls clib_bitmap_will_expand(),
so every put except ones that leads to free_bitmap reallocation
will get false positive results and vice versa.

Unfortunatelly there's no related test and existing bitmap
tests are failing silently with false positive result as well.

Fortunatelly neither clib_bitmap_will_expand() nor
pool_put_will_expand() are being used by current vpp codebase.

Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421

2 years agocrypto: make it easier to diagnose keys use-after-free 71/37871/3
Benoît Ganne [Thu, 5 Jan 2023 09:56:26 +0000 (10:56 +0100)]
crypto: make it easier to diagnose keys use-after-free

Type: improvement

Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agobuild: replace phony target with .ok file 49/38349/3
Jieqiang Wang [Fri, 24 Feb 2023 08:40:58 +0000 (16:40 +0800)]
build: replace phony target with .ok file

When VPP builds its external packages from source, it will download the
package, patch it, configure it, build and install it. For DPDK, it will
depend on rdma-core if mlx4/mlx5 PMD is enabled. So phony target
dpdk-config needs to have the prerequisites of rdma-core-install and
ipsec-mb-install(x86 only), which are both phony targets. This leads to
redundant behavior of recipes executing twice in dpdk-config.
Replace the phony target with hidden file *.install.ok to avoid that.

Type: improvement
Signed-off-by: Lijian Zhang <lijian.zhang@arm.com>
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Ibf3b766ab7a4ccfcbffe08f6cdb90da72ca1ce29

2 years agomisc: define SElinux mapped file permissions 48/38148/4
Christian Svensson [Mon, 6 Feb 2023 16:24:26 +0000 (17:24 +0100)]
misc: define SElinux mapped file permissions

SElinux added support for defining what files can be mmap()'d a while back.
This change defines those files that VPP maps.

This is needed for EL9 support

Type: fix

Signed-off-by: Christian Svensson <blue@cmd.nu>
Change-Id: Iedd26914e29347169c4cc138628df7823ddd5691

2 years agobuild: add Rocky Linux 9 support 47/38147/2
Christian Svensson [Mon, 6 Feb 2023 16:25:16 +0000 (17:25 +0100)]
build: add Rocky Linux 9 support

Currently only RHEL/CentOS 8 and Fedora are supported.
EL9 is a middle ground and thus require some different dependencies.

Type: feature

Signed-off-by: Christian Svensson <blue@cmd.nu>
Change-Id: I7be79e61994800bb796d4e9141f0ff6ad8bdead2

2 years agosnort: fix descriptor offset may be truncated if buffers num too large 19/35819/2
jiangxiaoming [Wed, 30 Mar 2022 06:12:26 +0000 (06:12 +0000)]
snort: fix descriptor offset may be truncated if buffers num too large

Type: fix
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I9694f7d8aad8868b11e08fabe179fd51c14dfcdb

2 years agointerface: fix 4 or more interfaces equality comparison bug with xor operation using... 01/36901/13
lijinhui [Mon, 15 Aug 2022 09:41:39 +0000 (17:41 +0800)]
interface: fix 4 or more interfaces equality comparison bug with xor operation using (a^a)^(b^b)

Type: fix
Signed-off-by: lijinhui <lijh_7@chinatelecom.cn>
Change-Id: I80783eed2b819a9e6fd4cee973821c9d97c285a6

2 years agovppinfra: display only the 1st 50 memory traces by default 96/38196/2
Benoît Ganne [Wed, 8 Feb 2023 17:54:30 +0000 (18:54 +0100)]
vppinfra: display only the 1st 50 memory traces by default

When using memory traces it can take a long time to display all traces
bigger than 1k if there are lots of them, especially as we need to
resolve symbols.
It is better to display only the 1st 50 by default, unless verbose is
used.
Also fix the help string.

Type: improvement

Change-Id: I1e5e30209f10d2b05c561dbf856cb126e0cf513d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agostats: fix node name compare error when updating stats segment 77/37777/2
Xiaoming Jiang [Thu, 8 Dec 2022 08:08:41 +0000 (08:08 +0000)]
stats: fix node name compare error when updating stats segment

Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Ib39aa345415720dd05a1b3e12e3e03eac43c5606

2 years agomemif: autogenerate socket_ids 34/34734/5
Nathan Skrzypczak [Wed, 15 Dec 2021 18:15:32 +0000 (19:15 +0100)]
memif: autogenerate socket_ids

This patch adds an API memif_socket_filename_add_del_v2
that allows autogenerating memif socket_id when passing
~0 in the socket_id field.

It opportunistically walks the hash to find a free ID
to use, and returns it in the reply.

socket_filename also becomes a variable length string,
to accomodate for longer names (in case a netns gets
passed)

Type: feature

Change-Id: I33fc3e1cf553af27579d6bad8691b22b530531cc
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2 years agohs-test: add support for running vpp in gdb 87/38387/2
Filip Tehlar [Tue, 28 Feb 2023 17:59:15 +0000 (18:59 +0100)]
hs-test: add support for running vpp in gdb

Type: test

Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I6e03b88ca013cafd73f424ea63f706f105bebe6b

2 years agovpp-swan: fix memory leaks 54/38254/8
Gabriel Oginski [Tue, 14 Feb 2023 08:46:36 +0000 (08:46 +0000)]
vpp-swan: fix memory leaks

This patch fix the memory leaks discovered in the current
implementation, inlcuding expired data, spd dump, and host names.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I3794f5db3c58d1e78df25f242c91e7a67363de53

2 years agowireguard: add barrier to sync data 52/38352/2
Gabriel Oginski [Tue, 21 Feb 2023 08:42:06 +0000 (08:42 +0000)]
wireguard: add barrier to sync data

The current implmentation of the hash table is not thread-safe.
This design leads to a segfault when VPP is handling a lot of tunnels
for Wireguard, where one thread modifies the hash table and other
threads start the lookup at the same time.

This fix adds a barrier sync to the hash table access when Wireguard
adds or deletes an element.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39

2 years agostats: expose symlink to stats client 98/38298/2
Ole Troan [Fri, 17 Feb 2023 13:23:48 +0000 (14:23 +0100)]
stats: expose symlink to stats client

For e.g. prometheus export it makes more sense to use the same metric name,
and expose the various symlinks as labels.

The VPP symlink metric:
/interfaces/local0/rx_unicast

that points to
/if/rx_unicast

Becomes in Prometheus:
interfaces_rx_unicast_bytes{index="0",label="local0"} 0

Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide0ab4fda4b3eb7ba7ddfc44680121c53f5267f6

2 years agodocs: fixed to use unified "pcap trace" command 64/38364/2
Nobuhiro MIKI [Tue, 28 Feb 2023 09:30:09 +0000 (18:30 +0900)]
docs: fixed to use unified "pcap trace" command

Type: docs
Fixes: 33909777c637 ("misc: unify pcap rx / tx / drop trace")
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
Change-Id: I049616cfad300658e62e5026c0655ee6f07a2421

2 years agovcl: accept bound notifications in epoll wait 77/38377/4
Florin Coras [Wed, 1 Mar 2023 08:49:25 +0000 (00:49 -0800)]
vcl: accept bound notifications in epoll wait

Async binds may be possible due to vls generated async binds as a result
of application adding or removing listeners from epoll.

App does not need to be notified of the event.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4d01be7ddb39ba894db85feef55e9935556c24f5

2 years agovcl: accept vcl spurious wakeup in epoll wait eventfd 76/38376/3
Florin Coras [Wed, 1 Mar 2023 08:45:31 +0000 (00:45 -0800)]
vcl: accept vcl spurious wakeup in epoll wait eventfd

Accept one spurious wakeup from vcl in epoll_pwait_eventfd to avoid
returning zero events to app without timeout.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I447c7f8176413c562be28605376a92d15e22a1f9

2 years agovcl: close libc epfd on vls epfd close 75/38375/4
Florin Coras [Wed, 1 Mar 2023 06:32:31 +0000 (22:32 -0800)]
vcl: close libc epfd on vls epfd close

Nginx recreates epfds. Make sure ldp tracks the event and recreates the
libc epfd or eventfd flavor of epoll pwait will not work.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2994bead9494f0fbb85dd32767cecc1cf69ff6eb

2 years agovcl: only add sessions to lt list if needed 74/38374/3
Florin Coras [Wed, 1 Mar 2023 05:13:50 +0000 (21:13 -0800)]
vcl: only add sessions to lt list if needed

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I777979dbb89f9af774533cb280e77af58b81fb29

2 years agohs-test: update hs-test documentation 09/38309/3
Maros Ondrejicka [Tue, 21 Feb 2023 12:42:35 +0000 (13:42 +0100)]
hs-test: update hs-test documentation

Type: docs
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I123898923afa382ff0d4410652f4a17a8740d711

2 years agohs-test: fix error check 78/38378/2
Maros Ondrejicka [Wed, 1 Mar 2023 08:43:24 +0000 (09:43 +0100)]
hs-test: fix error check

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I445f5357817fceeb9b5ead01c3530edaae45189a

2 years agoudp: fix optimistic assert for UDP RX 60/38360/3
Mohammed Hawari [Mon, 27 Feb 2023 14:33:30 +0000 (15:33 +0100)]
udp: fix optimistic assert for UDP RX

Change-Id: I431c4a6f409b129e4290dba2e1acadea460ac797
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: improvement

2 years agovpp-swan: improve Makefile 79/38379/4
Fan Zhang [Wed, 1 Mar 2023 14:45:46 +0000 (14:45 +0000)]
vpp-swan: improve Makefile

Type: improvement

Since VPP-SWAN does not really need StrongSwan to be compiled,
this patch refines the Makefile to reflect the change.

In addition README is updated.

Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
Change-Id: I185957167ac71a44f4d12e78e1dac31c194f80f4

2 years agovcl: fix undeclared UDP_SEGMENT for centos 8 73/38373/1
Tianyu Li [Mon, 27 Feb 2023 09:14:34 +0000 (09:14 +0000)]
vcl: fix undeclared UDP_SEGMENT for centos 8

Old distros Centos 8 / Ubuntu 18.04 header files doesn't have UDP_SEGMENT
declared, define UDP_SEGMENT to right value if not defined.

Type: fix
Fixes: eff5f7aea8c7 ("vcl: ldp support for ip_pktinfo")

Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I99314b895e7d09962a36e7f5582c09d0d77563dc

2 years agohs-test: fix wait for app after ldp change 72/38372/3
Florin Coras [Tue, 28 Feb 2023 22:51:03 +0000 (14:51 -0800)]
hs-test: fix wait for app after ldp change

After gerrit 38370 (729b9c94), apps are registered via ldp using program
name. Update tests to support that.

Also add make file help for UNCONFIGURE.

Type: test

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ad50abfd175664b47b358df1a72e0758f51190d

2 years agosession: consolidate port alloc logic 80/38080/6
Florin Coras [Mon, 30 Jan 2023 19:18:36 +0000 (11:18 -0800)]
session: consolidate port alloc logic

Move port allocation logic from transports into generic transport layer.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I55a21f185d00f5e118c36bcc4a6ffba2cbda885e

2 years agotcp: add dispatch errors to counters 71/38371/3
Florin Coras [Tue, 28 Feb 2023 20:43:39 +0000 (12:43 -0800)]
tcp: add dispatch errors to counters

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I27112947071a757065162f0e50f69983d258525d

2 years agohs-test: fill configuration files at runtime 67/38367/3
Maros Ondrejicka [Tue, 28 Feb 2023 11:49:43 +0000 (12:49 +0100)]
hs-test: fill configuration files at runtime

Treat certain configuration files, which contain runtime-dependent
information, as templates. The information is filled at runtime and the
files are copied into containers.
This allows to avoid hard-coding IP addresses into configuration files.

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I1dae8f15f4f76c0bf1779d7c68b7f3859bf5a861

2 years agovcl: use program invocation name in ldp app name 70/38370/2
Florin Coras [Tue, 28 Feb 2023 18:58:08 +0000 (10:58 -0800)]
vcl: use program invocation name in ldp app name

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2c97faa2cdca32d083aabc3344c8fe67c74ff2fd

2 years agohs-test: allow nginx suite to unconfigure topology 69/38369/2
Maros Ondrejicka [Tue, 28 Feb 2023 18:40:09 +0000 (19:40 +0100)]
hs-test: allow nginx suite to unconfigure topology

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I84209e6d2c914d1c7b9dec7efc3898b75552db1b

2 years agohs-test: test vpp+nginx mirroring with tap ifaces 58/38358/7
Maros Ondrejicka [Mon, 27 Feb 2023 12:22:45 +0000 (13:22 +0100)]
hs-test: test vpp+nginx mirroring with tap ifaces

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I05bbed8fd9d40929f040574044aed5292a475e91

2 years agovcl: handle lt events in epoll ctl 62/38162/6
Florin Coras [Tue, 7 Feb 2023 17:11:47 +0000 (09:11 -0800)]
vcl: handle lt events in epoll ctl

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4e176e9ada32d5f61d10aeca1c68f72114dec9b8

2 years agohs-test: add option to unconfigure topology 61/38361/2
Maros Ondrejicka [Mon, 27 Feb 2023 15:52:57 +0000 (16:52 +0100)]
hs-test: add option to unconfigure topology

Adding `UNCONFIGURE=true` argument when running `make test` will skip
test run and unconfigure existing topology for that test.

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I197747a56ca68807f0b2c3f25b6f61c3dcc41ace

2 years agovcl: improve vls handling of shared listeners 55/38155/11
Florin Coras [Mon, 6 Feb 2023 21:30:13 +0000 (13:30 -0800)]
vcl: improve vls handling of shared listeners

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1970408de52e53d24cea06b3ae0cc68a38cbc97a

2 years agohs-test: refactor netconfig 46/38346/4
Maros Ondrejicka [Thu, 23 Feb 2023 12:19:15 +0000 (13:19 +0100)]
hs-test: refactor netconfig

This joins separate representations of veth and tap interfaces
into a single struct. It removes the need for type interface
and embedding which simplifies the code.

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I1b2c368bfe90a5bdfaaa9a5129c27d7d96f8fe3b

2 years agovpp-swan: fix segmentation fault in arp function 53/38253/3
Gabriel Oginski [Tue, 14 Feb 2023 08:41:07 +0000 (08:41 +0000)]
vpp-swan: fix segmentation fault in arp function

This patch adds a missing file descriptor free handler to prevent
invalid dereferencing in the future

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Idc809a70b1fedec9a06446344d5481d467c78c19

2 years agowireguard: fix potential leaks of async frame 53/38353/2
Gabriel Oginski [Fri, 24 Feb 2023 10:22:32 +0000 (10:22 +0000)]
wireguard: fix potential leaks of async frame

The current implementation can cause memory leaks of async frames
and exhaust the async frames pool. Wireguard can early get async frame,
even when later it turns out it is not needed. Then such frame won't
be freed.

This fix changes the moment of acquiring async frame from the pool, so
it doesn't leak.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: If7696de6a6f5db84e0dffef60caa31d4a5e6280e

2 years agotcp: fix error counters 13/38313/3
Filip Tehlar [Mon, 20 Feb 2023 12:46:32 +0000 (13:46 +0100)]
tcp: fix error counters

Type: fix

Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I9f4944f77ecf94f16f809392f28466e33f7f779d

2 years agohs-test: store logs 51/38351/2
Maros Ondrejicka [Fri, 24 Feb 2023 10:26:39 +0000 (11:26 +0100)]
hs-test: store logs

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I50ad5d8c2e5066d8d24f7959aeb534a2f0a6fae0

2 years agohs-test: modify nginx tests 54/38354/3
Maros Ondrejicka [Fri, 24 Feb 2023 13:16:25 +0000 (14:16 +0100)]
hs-test: modify nginx tests

This will make name of the test unique so that executing specifically
this test won't execute also other tests starting with same name.

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I8013aa453c2a1c3c156e6476a93fd58bbb850b93

2 years agohs-test: improve test infra 50/38350/3
Filip Tehlar [Tue, 31 Jan 2023 09:34:18 +0000 (10:34 +0100)]
hs-test: improve test infra

- add support for building/running debug/release images
- have one point of control (Makefile)
- list all test cases

Type: test

Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I97949abc2fff85d7a2b3784122be159aeec72b52

2 years agosrtp: fix build on ubuntu-22.04 45/38345/2
Dave Wallace [Thu, 23 Feb 2023 19:26:46 +0000 (14:26 -0500)]
srtp: fix build on ubuntu-22.04

- The version of libsrtp2 (2.4.2) on ubuntu-22.04 changed
  the 'ekt' field in srtp_policy_t to 'deprecated_ekt'.

Type: fix

Change-Id: Icb9d8f3b56c8305bcdac5066a5f8e3e5d17d37cf
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2 years agohs-test: fix install/build on new ubuntu instance 38/38338/4
Dave Wallace [Wed, 22 Feb 2023 18:56:06 +0000 (13:56 -0500)]
hs-test: fix install/build on new ubuntu instance

Type: test

Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I9c59d98d16e387925057626ba9080210f4334c53

2 years agohs-test: clean-up ip address generation 07/38307/2
Maros Ondrejicka [Tue, 21 Feb 2023 09:53:20 +0000 (10:53 +0100)]
hs-test: clean-up ip address generation

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I74c505920d1363d0ff2b3213fd831c181b70a173

2 years agosession: track app session closes 03/38303/2
Florin Coras [Mon, 20 Feb 2023 23:14:04 +0000 (15:14 -0800)]
session: track app session closes

Make sure applications, especially builtin ones, cannot close a session
multiple times.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I960a1ae89a48eb359e7e1873a59d47c298c37ef1

2 years agovcl: ldp support for ip_pktinfo 67/38167/15
Florin Coras [Wed, 8 Feb 2023 01:36:17 +0000 (17:36 -0800)]
vcl: ldp support for ip_pktinfo

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3c15f38a4a3f5e92506059277948e7fca9cd8b55

2 years agovcl: fix incorrect ldp worker in ldp_epoll_pwait() 87/38287/2
Liangxing Wang [Thu, 16 Feb 2023 09:31:01 +0000 (09:31 +0000)]
vcl: fix incorrect ldp worker in ldp_epoll_pwait()

For some apps(e.g. wrk2) upon vpp hoststack, ldp_epoll_pwait()
is called. In this function, epoll fd was created on one thread,
but it is now used on another thread. The vcl worker index is still
invalid, so the fetched ldp worker is also invalid and can corrupt
some already allocated memory.

Just as the ldp_epoll_pwait_eventfd(), make sure the vcl worker is valid
before getting the ldp worker in ldp_epoll_pwait().

Type: fix

Signed-off-by: Liangxing Wang <liangxing.wang@arm.com>
Change-Id: I2ec23a4b5d5b0879a06642ffd80f95e948af4274

2 years agohs-test: check for missing output in nginx tests 83/38283/3
Maros Ondrejicka [Wed, 15 Feb 2023 16:44:46 +0000 (17:44 +0100)]
hs-test: check for missing output in nginx tests

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I08cd492fff4b9d50a1761a29c2b231cc8544313b

2 years agowireguard: move buffer when insufficient pre_data left 04/38004/3
Alexander Skorichenko [Thu, 19 Jan 2023 13:26:47 +0000 (14:26 +0100)]
wireguard: move buffer when insufficient pre_data left

Currently wg-output-tun() doesn't check if a buffer has enough space for
prepending an ethernet header (wg header over ipv6 vxlan header case
leaves only 8 bytes free).

In such a case move buffer's content.

Type: fix

Change-Id: Iad18860e6b86a3d81f3d96d782de7c59556152d0
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2 years agosession: ignore zero length dgrams 78/38278/3
Florin Coras [Wed, 15 Feb 2023 03:12:30 +0000 (19:12 -0800)]
session: ignore zero length dgrams

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I70596ffcf90fa4cd57092584cb7a454f44208943

2 years agohs-test: clean-up obsolete code 55/38255/1
Maros Ondrejicka [Tue, 14 Feb 2023 11:56:49 +0000 (12:56 +0100)]
hs-test: clean-up obsolete code

Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I52cd825f903e41c35f6c4a9db71f00dbedbb8680

2 years agobuild: add missing dependences for centos 8 99/38199/2
Tianyu Li [Sat, 28 Jan 2023 07:58:45 +0000 (07:58 +0000)]
build: add missing dependences for centos 8

VPP build failed on Centos stream 8 when build xdp-tool
and dpdk mlx driver, Add the missing tools, libraries and headers.

Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: Ie705dc8f558ceb872029f9ab4f1351b514c87405

2 years agotests: support tmp-dir on different filesystem 29/37829/6
Dmitry Valter [Fri, 27 Jan 2023 12:49:55 +0000 (12:49 +0000)]
tests: support tmp-dir on different filesystem

Support running tests with `--tmp-dir` on a filesystem different from /tmp.
os.rename withs only within a single FS whereas shutil.move works accross
different filesystems.

Type: improvement
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: I5371f5d75386bd2b82a75b3e6c1f2c850bc62356

2 years agovpp-swan: removed adding the same rule in SPD 30/38130/2
Gabriel Oginski [Fri, 3 Feb 2023 08:12:36 +0000 (08:12 +0000)]
vpp-swan: removed adding the same rule in SPD

The current implementation of vpp-swan plugin adds the same policy rule
in SPD twice, and it is not necessary to have two the same rules in
inbound-protect database.

This patch fixes an issue that prevents the addition of a second
identical policy rule in SPD.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Ieef74288e5301455658e4e101433147d6d2482e9

2 years agordma: always use 64 byte CQEs for MLX5 42/38242/2
Nathan Brown [Fri, 30 Dec 2022 20:04:39 +0000 (20:04 +0000)]
rdma: always use 64 byte CQEs for MLX5

When DPDK MLX PMDs are built, and the DPDK plugin is loaded, DPDK may
set the MLX5_CQE_SIZE environment variable to 128. This causes the RDMA
plugin to be unable to create completion queues. Since the RDMA plugin
expects the CQEs to be 64 bytes, set the cqe_size explicitly when
creating the CQ. This avoids any issues with different values for the
MLX5_CQE_SIZE environment variable.

Type: improvement
Signed-off-by: Nathan Brown <nathan.brown@arm.com>
Change-Id: Idfd078d3045a4dcb674325ef36f85a89df6fbebc

2 years agomisc: VPP 22.10.1 Release Notes 58/38258/1
Dave Wallace [Sat, 11 Feb 2023 00:20:28 +0000 (19:20 -0500)]
misc: VPP 22.10.1 Release Notes

Type: docs
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I70374ea376c895d92d5789debf4b437113e3d884
(cherry picked from commit 57302fe52f141c19b5448997774271d2eedf5cb1)

2 years agomisc: VPP 22.06.1 Release Notes 56/38256/2
Dave Wallace [Fri, 10 Feb 2023 18:28:46 +0000 (13:28 -0500)]
misc: VPP 22.06.1 Release Notes

Type: docs
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I8770a35c801126ffd2de8f58d79e6616642709a9
(cherry picked from commit 1513b381d8879d9d437bbbc9a270b4ff5f4b19ba)

2 years agosr: support define src ipv6 per encap policy 63/37863/6
Takeru Hayasaka [Fri, 30 Dec 2022 07:41:44 +0000 (16:41 +0900)]
sr: support define src ipv6 per encap policy

Can to define src ip of outer IPv6 Hdr for each encap policy.
Along with that, I decided to develop it as API version V2.
This is useful in the SRv6 MUP case.
For example, it will be possible to handle multiple UPF destinations.

Type: feature
Change-Id: I44ff7b54e8868619069621ab53e194e2c7a17435
Signed-off-by: Takeru Hayasaka <hayatake396@gmail.com>
2 years agohs-test: refactor test cases from no-topo suite 66/38166/4
Maros Ondrejicka [Tue, 7 Feb 2023 19:40:27 +0000 (20:40 +0100)]
hs-test: refactor test cases from no-topo suite

This converts remaining tests to configation of VPP from test context.

Type: test
Change-Id: I386714f6b290e03d1757c2a033a25fae0340f5d6
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
2 years agohs-test: refactor test cases from ns suite 38/38138/9
Maros Ondrejicka [Thu, 2 Feb 2023 07:58:04 +0000 (08:58 +0100)]
hs-test: refactor test cases from ns suite

This converts more tests to configure VPP from test context.

Type: test
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: Idf26b0c16f87e87c97b198412af39b99d947ced6

2 years agotests: use existing pip compiled req file for building the run.py venv 86/38086/2
Naveen Joy [Wed, 1 Feb 2023 00:51:58 +0000 (16:51 -0800)]
tests: use existing pip compiled req file for building the run.py venv

pip compiled requirements file named requirements-3.txt exists in the
test directory. No need to auto-generate it again

Type: improvement

Change-Id: Ib2b51c983af8d0e4b000e4544012b6cd94405519
Signed-off-by: Naveen Joy <najoy@cisco.com>
2 years agotests: use iperf3 for running interface tests on the host 33/38133/2
Naveen Joy [Thu, 2 Feb 2023 21:56:59 +0000 (13:56 -0800)]
tests: use iperf3 for running interface tests on the host

Type: improvement

Change-Id: I7123591932d51ce0c5b372893454945bbd3913b2
Signed-off-by: Naveen Joy <najoy@cisco.com>
2 years agohs-test: configure VPP from test context 40/38040/8
Maros Ondrejicka [Thu, 26 Jan 2023 09:07:29 +0000 (10:07 +0100)]
hs-test: configure VPP from test context

Instead of configuring VPP instances running inside of a container,
now the configuration is going to be done from within the test context
by using binary API and shared volume that exposes api socket.

This converts just some of the test cases, rest is to follow.

Type: test
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: I87e4ab15de488f0eebb01ff514596265fc2a787f

2 years agosession: accept lcl ip updates on cl sessions 74/38174/3
Florin Coras [Wed, 8 Feb 2023 17:47:54 +0000 (09:47 -0800)]
session: accept lcl ip updates on cl sessions

Allow apps/vcl to provide updated local ips for dgrams. In particular,
allow sessions bound to 0/0 to send data with valid local ips.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I50a086b1c252731a32a15b6a181ad3dba0c687e0

2 years agobuild: allow skipping external-deps 22/38122/5
Mohammed Hawari [Thu, 2 Feb 2023 12:29:28 +0000 (13:29 +0100)]
build: allow skipping external-deps

Change-Id: I0e5090ec6978af0dc4baecc7654918cf40663f42
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: feature

2 years agoavf dpdk: fix incorrect handling of IPv6 src address in flow 52/37852/6
Ting Xu [Tue, 13 Dec 2022 03:10:54 +0000 (03:10 +0000)]
avf dpdk: fix incorrect handling of IPv6 src address in flow

In current flow creating process in native avf and dpdk-plugins, when
parsing the input arguments, it does not copy IPv6 src address correctly,
so that IPv6 src address will not be configured in any flow rule, and
any packet with the same address will not be matched.

Type: fix

Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: Ic957c57e3e1488b74e6281f4ed1df7fd491af35c

2 years agoavf: fix incorrect flag for flow director 35/37935/3
Ting Xu [Tue, 17 Jan 2023 02:34:37 +0000 (02:34 +0000)]
avf: fix incorrect flag for flow director

When parsing flow action type in avf, there is an incorrect flag for
flow director, which makes flow director rule created unexpectedly.

Type: fix
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: Id9fed5db8ccacd5cc6c2f4833183364d763188c1

2 years agoavf: fix checksum offload configuration 17/38117/2
Ting Xu [Thu, 2 Feb 2023 02:06:12 +0000 (02:06 +0000)]
avf: fix checksum offload configuration

Fix some configurations of avf checksum offload to get the correct
udp and tcp checksum. Change Tx checksum offload capability since
avf supports ipv4, tcp and udp offload all. Remove the operation to
swap bit of checksum.

Type: fix

Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I55a916cc9ee6bef5b2074b5b6bb5f517fc2c178d

2 years agoavf: fix bit calculation function fls_u32 34/38134/2
Ting Xu [Mon, 6 Feb 2023 03:01:10 +0000 (03:01 +0000)]
avf: fix bit calculation function fls_u32

In avf the function fls_u32 is used to calculate the power of 2.
Fix the expression of this function.

Type: fix

Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I27160de8588a5efb3f24306597a5a240deb3ab74

2 years agoip6-nd: support dump/details for IPv6 RA 58/38158/2
Alexander Chernavin [Thu, 2 Feb 2023 14:22:56 +0000 (14:22 +0000)]
ip6-nd: support dump/details for IPv6 RA

Type: improvement

With this change, add support for dumping IPv6 Router Advertisements
details on a per-interface basis (or all). Also, cover that with a test.

Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I89fa93439d33cc36252377f27187b18b3d30a1d4

2 years agoipsec: fix AES CBC IV generation (CVE-2022-46397) 57/37557/6
Benoît Ganne [Tue, 18 Jan 2022 14:56:41 +0000 (15:56 +0100)]
ipsec: fix AES CBC IV generation (CVE-2022-46397)

For AES-CBC, the IV must be unpredictable (see NIST SP800-38a Appendix
C). Chaining IVs like is done by ipsecmb and native backends for the
VNET_CRYPTO_OP_FLAG_INIT_IV is fully predictable.
Encrypt a counter as part of the message, making the (predictable)
counter-generated IV unpredictable.

Fixes: VPP-2037
Type: fix

Change-Id: If4f192d62bf97dda553e7573331c75efa11822ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2 years agovcl: drop lock on segment attach failure 60/38160/3
Florin Coras [Tue, 7 Feb 2023 17:01:59 +0000 (09:01 -0800)]
vcl: drop lock on segment attach failure

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3bc2c7986f492b7b7dfbc84e4893202354223790

2 years agovcl: add ldp implementation for recvmmsg 27/38127/5
Florin Coras [Fri, 3 Feb 2023 06:56:03 +0000 (22:56 -0800)]
vcl: add ldp implementation for recvmmsg

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7322abc3d3b0aa81399667bf02b03786fc62c958

2 years agovcl: better handlig of ldp apis that rely on gnu source 25/38125/6
Florin Coras [Thu, 2 Feb 2023 20:56:16 +0000 (12:56 -0800)]
vcl: better handlig of ldp apis that rely on gnu source

Control use of apis that rely on _GNU_SOURCE being defined with compile
time macro.

Also fixes sendmmsg and recvmmsg which were not probably wrapped.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I207de23210d4b9dc960bb4289159502760c5614d

2 years agopacketforge: fix lack of edge for ipv6 after gtppsc 94/38094/4
Ting Xu [Mon, 30 Jan 2023 03:42:20 +0000 (03:42 +0000)]
packetforge: fix lack of edge for ipv6 after gtppsc

Add one new edge for ipv6 after gtppsc so that packetforge can parse
this protocol combination.

Type: fix
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I1bae1ec617c4867de2e0b3de27eda77b89e5580c

2 years agohs-test: add nginx perf tests 60/38060/4
Filip Tehlar [Fri, 27 Jan 2023 12:14:34 +0000 (13:14 +0100)]
hs-test: add nginx perf tests

Type: test

Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Ic609cf70c1d381afa78f393700359434c8bd0452

2 years agovppinfra: refactor clib_socket_init, add linux netns support 78/38078/4
Damjan Marion [Mon, 30 Jan 2023 10:48:38 +0000 (11:48 +0100)]
vppinfra: refactor clib_socket_init, add linux netns support

Type: improvement
Change-Id: Ida2d044bccf0bc8914b4fe7d383f827400fa6a52
Signed-off-by: Damjan Marion <dmarion@me.com>
2 years agoipsec: fix SA names consistency in tests 72/37672/6
Arthur de Kerhor [Wed, 16 Nov 2022 17:45:24 +0000 (18:45 +0100)]
ipsec: fix SA names consistency in tests

In some IPsec tests, the SA called scapy_sa designs the SA that
encrypts Scapy packets and decrypts them in VPP, and the one
called vpp_sa the SA that encrypts VPP packets and decrypts them
with Scapy. However, this pattern is not consistent across all
tests. Some tests use the opposite logic. Others even mix both
correlating scapy_tra_spi with vpp_tra_sa_id and vice-versa.

Because of that, sometimes, the SA called vpp_sa_in is used as an
outbound SA and vpp_sa_out as an inbound one.

This patch forces all the tests to follow the same following logic:
- scapy_sa is the SA used to encrypt Scapy packets and decrypt
them in VPP. It matches the VPP inbound SA.
- vpp_sa is the SA used to encrypt VPP packets and decrypt them in
Scapy. It matches the VPP outbound SA.

Type: fix
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: Iadccdccbf98e834add13b5f4ad87af57e2ea3c2a

2 years agoipsec: fix async crypto linked keys memory leak 70/37870/3
Benoît Ganne [Tue, 3 Jan 2023 17:35:04 +0000 (18:35 +0100)]
ipsec: fix async crypto linked keys memory leak

Type: fix

Change-Id: I7bd2696541c8b3824837e187de096fdde19b2c44
Signed-off-by: Benoît Ganne <bganne@cisco.com>