Ole Trøan [Wed, 26 Feb 2020 17:20:42 +0000 (17:20 +0000)]
ipsec: Revert API cleanup
This reverts commit
666ece35cd2625bbd8b6ddadb6e87444a617df4d.
Reason for revert: Awaiting CSIT CRC job to catch up
Type: fix
Change-Id: Ib38bbd5879ff761496a6819186f1af1dbee48590
Signed-off-by: Ole Troan <ot@cisco.com>
Florin Coras [Tue, 25 Feb 2020 22:28:27 +0000 (22:28 +0000)]
svm: fix coverity warnings
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2d5cb7cccb67a3193ce5a25323e70bc05737e023
Damjan Marion [Wed, 26 Feb 2020 12:01:03 +0000 (13:01 +0100)]
rdma: bunp rdma-core version to v28.0
Type: feature
Change-Id: I85deba9572585745a3f8f8d2f1fe9b62055727b8
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 26 Feb 2020 11:49:49 +0000 (12:49 +0100)]
dpdk: bump dpdk version to 20.02
Type: feature
Change-Id: I44c7a4e4dc91daa517296257bfc1f6a7f7cd360b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Ondrej Fabry [Mon, 3 Feb 2020 22:25:23 +0000 (23:25 +0100)]
vppapigen: list imports in JSON
Type: fix
Change-Id: If50477f2487d8c13f91c119a1492370e6e937904
Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
Yasuhiro Nakamura [Mon, 17 Feb 2020 04:03:38 +0000 (13:03 +0900)]
lb: Fix generating illegal key in per-port vip
VIP prefix index becomes always 0 when adding a VIP which is already registered different port, causing LB config crash.
This change assigns the same VIP prefix index to the same VIP.
Ticket: https://jira.fd.io/browse/VPP-1834
Type: fix
Signed-off-by: Yasuhiro Nakamura <yanakamu@yahoo-corp.jp>
Change-Id: Ib63b3e58db9bd85714d68cd1292aadd0c8580da8
Jakub Grajciar [Wed, 26 Feb 2020 10:01:43 +0000 (11:01 +0100)]
vat: add ip api types parser definitions
build vat with src/vnet/ip/ip_types_api.c
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Iab0f18bf7a89cf9512beab0629bc3a349edec383
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Filip Tehlar [Tue, 25 Feb 2020 09:53:26 +0000 (09:53 +0000)]
crypto: fix set crypto handlers
Type: fix
Change-Id: I9e168a87aff1882636840eb94e5509cd08885fb5
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Wed, 26 Feb 2020 05:18:47 +0000 (05:18 +0000)]
tls: fix bulk bio read/write
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1f981e909c45f1731ce4bdfa959b41d349e22ef1
Florin Coras [Wed, 26 Feb 2020 02:56:14 +0000 (02:56 +0000)]
tls session: fix unlisten
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie3bc31fc3df662e087f7931de6c274eb3608a2d8
Florin Coras [Wed, 26 Feb 2020 02:59:50 +0000 (02:59 +0000)]
tls: fix picotls dbg
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5ca8aee973776e73f1376b6be538785398ba9b3d
Paul Vinciguerra [Mon, 27 Jan 2020 23:42:25 +0000 (18:42 -0500)]
api: add macro that zeros out api reply buffer
Add macros REPLY_MACRO2_ZERO, REPLY_MACRO3_ZERO that zeros the buffer
before the values are set. This way if say, a u8[64] field is
only filled with 10 octets, the previous buffers trailing
contents are not sent.
Type: feature
Change-Id: Ia69cc9aa477f463336483f7556de32476a6f2d51
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Vladimir Isaev [Wed, 26 Feb 2020 10:21:35 +0000 (13:21 +0300)]
map: handle IPv6 extension headers for TCP/UDP
Without this patch offset for TCP/UDP headers was not calculated
correctly if there is one or more IPv6 extension headers.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I04d6f5e42f8f072987192d6236085afbd74a4420
Jakub Grajciar [Mon, 14 Oct 2019 09:33:36 +0000 (11:33 +0200)]
ipsec: API cleanup
Use consistent API types.
Change vl_api_ipsec_proto_t to iana values:
ESP 50,
AH 51,
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ic961130ffa519d1c904d872c34f9a7461b1be77e
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Satoru Matsushima [Thu, 16 Jan 2020 09:16:39 +0000 (09:16 +0000)]
srv6-mobile: Cherry-pick the update document from stable/2001
Updating the document of srv6-mobile plugin code.
This commit also fixes the following issues:
- Doxygen build structure
- No binary file included
Type: docs
Signed-off-by: Satoru Matsushima <satoru.matsushima@gmail.com>
Change-Id: I376386ef6fc9584ab945db7358e3c4a698471e9b
Signed-off-by: Satoru Matsushima <satoru.matsushima@gmail.com>
Jakub Grajciar [Thu, 30 Jan 2020 13:01:17 +0000 (14:01 +0100)]
lldp: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I2fe6b56dc0f224f438ed5f14c0f276d94afbaea8
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Thu, 30 Jan 2020 13:14:15 +0000 (14:14 +0100)]
pg: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ibf693e4b178d2579bc3afb9653bffc07fbb7dd0a
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Fri, 31 Jan 2020 09:17:29 +0000 (10:17 +0100)]
sr: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I6238ec79b916c23c07c3f7e2ac8e635f5a0d6112
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Fri, 31 Jan 2020 08:51:41 +0000 (09:51 +0100)]
span: API cleanup
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ifddac07b15b116574de3a97f7c80d7bf6a3171f7
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Jakub Grajciar [Fri, 7 Feb 2020 10:30:26 +0000 (11:30 +0100)]
api: improve api string safety
- Remove vl_api_from_api_string
to prevent use of not nul-terminated strings.
- Rename vl_api_from_api_to_vec -> vl_api_from_api_to_new_vec
to imply a new vector is created. NOT nul terminated.
- Add vl_api_from_api_to_new_c_string. Returns
nul terminated string in a new vector.
- Add vl_api_c_string_to_api_string. Convert nul terminated
string to vl_api_string_t
- Add vl_api_vec_to_api_string. Convert NON nul terminated
vector to vl_api_string_t
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Iadd59b612c0d960a34ad0dd07a9d17f56435c6ea
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Florin Coras [Thu, 6 Feb 2020 16:59:31 +0000 (16:59 +0000)]
svm: support multi-chunk fifo chunk alloc
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id601cd241a2d124d3189057edab4299ffde7ee32
Florin Coras [Wed, 5 Feb 2020 21:13:18 +0000 (21:13 +0000)]
svm: remove chunk add function
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I606eabbe0f3f387529e77d2483f5d63db7bde88a
Steven Luong [Thu, 13 Feb 2020 17:27:38 +0000 (09:27 -0800)]
avf: Handle chain buffer in TX properly
For chain buffer, need to traverse b->next_buffer to transmit all buffers
in the chain. Only set EOP at the last descriptor in the chain to signal
this is a chain descriptor.
Introduce slow path to handle ring wrap. This is needed because chain
buffer may consist of multiple pieces and it may span from near the end of
the ring to the beginning of the ring.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Id7c872f3e39e09f3566aa63f3cdba8f40736d508
Steven Luong [Tue, 25 Feb 2020 19:06:17 +0000 (11:06 -0800)]
unittest: Skip string test case for sizeof (src) > sizeof (dst)
coverity complains that the subject test may cause dst buffer overrun
problem and it is right. The problem is when __builtin_constant_p (n)
returns true, memcpy_s_inline skips all the errors checking and does the
copy blindly. Please see the code in memcpy_s_inline.
The fix is to skip the subject test when the aformentioned builtin function
returns true.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I50de91cc0c853a134b3bcf3b0cd8d45d7668b092
Florin Coras [Sun, 2 Feb 2020 19:30:39 +0000 (19:30 +0000)]
svm: minimal initial fifo
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ee46a6c3c53c58199c275e20702f7fd11b60d9a
Ryujiro Shibuya [Wed, 22 Jan 2020 12:11:42 +0000 (12:11 +0000)]
session: basic fifo-tuning-logic
- Allowing application to register custom fifo-tuning-logic.
- Adding an example custom fifo-tuning-logic in hs_app/proxy.
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2aca14d1f23d5c3c9debb7f4c46aca3a15a8d1b9
Ryujiro Shibuya [Wed, 25 Dec 2019 07:40:54 +0000 (07:40 +0000)]
session svm: tracking segment memory usage
1. segment manager would attempt to balance the usages across
the segments, when it allocate fifos
2. the memory presure level is determined per fifo-segment
3. updated unit test
4. updated cli output for segments
Type: feature
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: I2923f3e0a43dd919196a0cb2cd55e098fde6cf66
Florin Coras [Fri, 20 Dec 2019 00:10:58 +0000 (16:10 -0800)]
svm: refactor fifo
Type: refactor
Switch from a wrapped byte space to a "continuous" one wherein fifo
chunks are appended to the fifo as more data is enqueued and chunks are
removed as data is dequeued.
The fifo is still subject to a maximum size, i.e., maximum number of
bytes that can be enqueued, so the max number of chunks associated to
the fifo is also constrained.
When enqueueing data, which must fit within the available free space, if
not enough "supporting" chunk memory is available, the fifo asks the
fifo segment for enough chunk memory to ensure that the write can
succeed. To avoid allocating large amounts of small chunks due to small
writes, if possible, the size of the chunks requested is lower capped by
min_alloc.
When dequeuing data, all the chunks that have been completely drained,
i.e., head moved beyond the chunks’ end bytes, are unlinked from the
fifo and returned to the fifo segment. The one exception to this is the
last chunk which is never unlinked.
Change-Id: I98c1dbd9135fb79650365c7e40c29238b96cd4ee
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Thu, 12 Dec 2019 20:09:29 +0000 (12:09 -0800)]
svm: refactor fifo chunk tracking
Avoid tracking with rbtrees all of the chunks associated to a fifo.
Instead, only track chunks when doing out-of-order operations (peek or
ooo enqueue).
Type: refactor
Change-Id: I9f8bd266211746637d98e6a12ffc4b2d6346950a
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Mon, 24 Feb 2020 12:54:31 +0000 (12:54 +0000)]
feature: provide a u16 version of vnet_feature_next
Type: improvement
when using vlib_buffer_enqueue_to_next the 'nexts' parameter is an array
of u16, but vnet_feautre_next takes a u32. this is a simple wrapper to
address the impedence mismatch.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0fa86629e979e313344eb68442dc35a7b9537a8f
Florin Coras [Sat, 22 Feb 2020 02:27:21 +0000 (02:27 +0000)]
tcp: handle cleanups without timers
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ida896e9fbe83b4c76578b089bb3fd2bef5e07fd2
Damjan Marion [Tue, 25 Feb 2020 10:51:48 +0000 (11:51 +0100)]
crypto-native: GCM implementation with vector AESNI instructions
Introduced on intel IceLake uarch.
Type: feature
Change-Id: I1514c76c34e53ce0577666caf32a50f95eb6548f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 09:45:16 +0000 (09:45 +0000)]
vlib: Punt reason allocation listener enable/disable callback
Type: improvement
allow clients that allocate punt reasons to pass a callback function
that is invoked when the first/last client registers to use/listen on
that punt reason. This allows the client to perform some necessary
configs that might not otherwise be enabled.
IPSec uses this callback to register the ESP proto and UDP handling
nodes, that would not otherwise be enabled unless a tunnel was present.
Change-Id: I9759349903f21ffeeb253d4271e619e6bf46054b
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Tehlar [Mon, 24 Feb 2020 20:56:49 +0000 (20:56 +0000)]
crypto: fix coverity warnings
Type: fix
Change-Id: I89c0923ad6ac1daf65b2d24ad4b6f00b7703e58e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Mon, 24 Feb 2020 21:06:38 +0000 (21:06 +0000)]
crypto-openssl: fix coverity warnings
Type: fix
Change-Id: Ia42ff39a0a33f89901b8333a9e6ca82ca9805cc6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 19 Feb 2020 07:02:49 +0000 (07:02 +0000)]
ikev2: add retry logic for session initiation
Type: improvement
Change-Id: Ib474dabb745bc2034d8d60261c095e35a8fff277
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Thu, 20 Feb 2020 05:45:31 +0000 (05:45 +0000)]
tcp: dynamic max timers per loop
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If0a634c277d4f8e4d32321f52253721a990bdb1d
Damjan Marion [Mon, 24 Feb 2020 18:13:05 +0000 (19:13 +0100)]
crypto-native: introduce aes_gcm_flags_t
Type: refactor
Change-Id: I53b4a9c0b63e6e6c6a13c33c5baa4c3de562584b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 14:03:21 +0000 (15:03 +0100)]
crypto-native: introduce counter struct
Type: refactor
Change-Id: I9ecc18ba3ec5f11622ea225690fb1dc262ea6fc1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Mon, 24 Feb 2020 12:58:20 +0000 (12:58 +0000)]
vlib: Alias RX or TX to direction
Type: improvement
for those that find that name usefull.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I6c99bcdbb10ca1615aeea6924c2d93a68b5b7684
Dave Barach [Mon, 24 Feb 2020 14:19:12 +0000 (09:19 -0500)]
vppinfra: correct fixed pool header size calculation
Remove duplicate space allocation for the pool header. Not significant
w/ CLIB_CACHE_LINE_BYTES >= 64 since the code rounds the size of the
pool header to an even multiple of the cache line size.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I923f2a60e7565cf2dfbc18d78264bf82ff30c926
Neale Ranns [Mon, 24 Feb 2020 12:45:53 +0000 (12:45 +0000)]
ethernet: trivial additions
Type: improvement
- macros to identify SENDER and TARGET in ARP header
- count the number of bits set in a mac_address
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Id31e27a4f5f01a8cfb70d3798416bb2519981654
Neale Ranns [Mon, 24 Feb 2020 13:00:17 +0000 (13:00 +0000)]
l2: remove unused types and includes form feature arc code
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ia441c069afe79ccd6428159df944d4c1d10a992d
Filip Tehlar [Tue, 18 Feb 2020 18:41:10 +0000 (18:41 +0000)]
ikev2: proper cleanup of SAs during rekey
Type: fix
Change-Id: Ifb675c7783f03de4db8147858dd93d9687176f40
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:26:08 +0000 (14:26 +0100)]
crypto-native: inverse Hi so it naturally fits into 512-bit register
Type: refactor
Change-Id: I0c6ca9356af179abd0a414b356dea7e3a3eb0dd6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:16:15 +0000 (14:16 +0100)]
crypto-native: replace aesni with aes
This code also works on ARM so let's not use intel term....
Type: refactor
Change-Id: Ie51d4359a83f2bf7a61c4861d486b7d009fc8057
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Mon, 24 Feb 2020 13:13:18 +0000 (14:13 +0100)]
crypto-native: do not overwrite data after partial tag
Type: fix
Change-Id: I01de5f8813faff5406ccf67c21c42393c8648af6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Sun, 23 Feb 2020 19:00:18 +0000 (19:00 +0000)]
session: include timer generated packets in max burst
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic9174c92ab05b58e62b00999fe9cbf4e9292d43e
Florin Coras [Sun, 23 Feb 2020 01:37:34 +0000 (01:37 +0000)]
session: minimize number of tx events
Type: improvement
Unset fifo tx event only if all data has been dequeued. Avoids frequent
re-scheduling of sessions as new sessions.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I36a4c90b97e0255b88782032fb029640e6a73e90
Dave Barach [Fri, 21 Feb 2020 22:31:17 +0000 (17:31 -0500)]
vppinfra: deprecate CLIB_VEC64
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Id1e7c0926036db4601c91438397ceed22381fc07
Simon Zhang [Sat, 22 Feb 2020 19:51:42 +0000 (03:51 +0800)]
tcp: remove useless prediction
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ie2dc2653baec92347eb2cbcd197a2e5ec6a80c79
Filip Tehlar [Wed, 19 Feb 2020 01:03:02 +0000 (01:03 +0000)]
ikev2: cleanup tunnels after subsequent sa-init
Type: fix
Change-Id: I44e51bc37ff43999290d97fceb5f94b7c64041ec
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 12:56:22 +0000 (12:56 +0000)]
gbp: Coverity warnings for unitialized variables
Type: fix
Change-Id: If74ad528e68f45b00719295388e0e1399452ef93
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 13:10:47 +0000 (13:10 +0000)]
fib: Uninitialised pad in the prefix (coverity warning)
Type: fix
Change-Id: Ia61d6fbf6e80977f83f1f6672e5e83b52ddeb0e5
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Mon, 16 Dec 2019 00:53:11 +0000 (00:53 +0000)]
ipsec: IPSec protection for multi-point tunnel interfaces
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iaba2ab11bfaa1c8db4023434e3043ac39500f938
Neale Ranns [Thu, 20 Feb 2020 13:16:49 +0000 (13:16 +0000)]
ipip: Unintialized return variable (coverity warning)
Type: fix
Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 20 Feb 2020 13:13:45 +0000 (13:13 +0000)]
ip: Unintialized variables in prefx setup (coverity warning)
Type: fix
Change-Id: I048c9ed423ca2993d2179cdce364ac98980311bb
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Thu, 20 Feb 2020 21:17:58 +0000 (16:17 -0500)]
dhcp: update secondary radv_info structures
For details, see the Jira ticket below. Fix gerrit 23350.
Type: fix
Fixes:
28a6eb7
Ticket: VPP-1840
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ic9248734bb330eadb302f8410e8db9c64723f075
Matthew Smith [Thu, 20 Feb 2020 14:58:15 +0000 (08:58 -0600)]
vrrp: fix coverity errors
Type: fix
Fixes:
39e9428b90
Fix warnings about potential problems with an implicit type cast
and a null pointer dereference.
Change-Id: I8c8d220e79ba45b62ba783cfe53cb49eef175fc8
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Florin Coras [Thu, 20 Feb 2020 16:04:03 +0000 (16:04 +0000)]
tcp: fix coverity warning in bt
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4153a9a377b8b1da1366a94ff791ad99617b7a6d
Florin Coras [Thu, 20 Feb 2020 16:11:23 +0000 (16:11 +0000)]
lisp: fix coverity warnings
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie060b25b5e8c85d9b2037e300723a2b6023c65d1
Dave Wallace [Tue, 18 Feb 2020 21:09:12 +0000 (21:09 +0000)]
hsa: cleanup vpp_echo JSON output
- Fix invalid json syntax
- Add bits_per_second rx/tx fields
Type: fix
Change-Id: I4100245b01093e99a6c7def16cd83572ab033e24
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Florin Coras [Wed, 19 Feb 2020 21:38:15 +0000 (21:38 +0000)]
dpdk: rx checksum offload
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5a3e3a41dcc60c0d9b291e51bb112e7701f73050
Neale Ranns [Tue, 18 Feb 2020 13:56:24 +0000 (13:56 +0000)]
fib: adjacency midchain teardown (VPP-1841)
Type: fix
Change-Id: I57f8bfbce4feed9d2775875cb8b1b729a47900a4
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit
24064d02aa9810ebc64c16dc778a179bb0ef5483)
Filip Varga [Thu, 13 Feb 2020 13:52:18 +0000 (14:52 +0100)]
nat: user deletion function & extra metrics
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ia5dbfe864c18e953ff49147a9a4684d2ca14b96e
Vladimir Isaev [Tue, 18 Feb 2020 12:26:12 +0000 (15:26 +0300)]
ip-neighbor: Fix aging timeout
Before this patch VPP checked age for ARP/NDP records every 1e5 seconds
for any configured aging time. This is 27 hours and it looks like
misprint because 1e5 is the number of 10us ticks in a second.
Also time to wait is now difference between aging time and time alive
for nodes in alive state.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Ib5baa85032a44402d5f48c1145245260a42c7bae
Alexander Chernavin [Tue, 11 Feb 2020 14:57:09 +0000 (09:57 -0500)]
map: honor pre-resolve param in map-t
With this commit, forward the translated packet directly to the
specified next-hop if pre-resolve param is enabled in MAP-T.
Type: fix
Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Alexander Chernavin [Wed, 5 Feb 2020 14:05:06 +0000 (09:05 -0500)]
map: honor icmp6-unreachables param in map-t
With this commit, send ICMPv6 unreachable messages back if security
check fails and icmp6-unreachables param enabled in MAP-T.
Type: fix
Change-Id: I9a8869df7763c764a1672e3faa1fde8dc13ec85a
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Klement Sekera [Mon, 17 Feb 2020 13:37:20 +0000 (13:37 +0000)]
nat: avoid running pointless session cleanups
Save the next session timeout when sweeping sessions for cleanup so that
we can avoid unnecessary runs of the sweeping algorithm.
Type: fix
Change-Id: I736d00f2dfe242af10f963fbe34b11128f8b0613
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Filip Varga [Mon, 17 Feb 2020 16:49:53 +0000 (17:49 +0100)]
nat: nat44 split slow and fast path
Type: improvement
Change-Id: I07c7e1c154583906ac9af958f22ed9a1be382f4a
Signed-off-by: Filip Varga <fivarga@cisco.com>
Filip Tehlar [Tue, 18 Feb 2020 23:34:23 +0000 (23:34 +0000)]
ikev2: fix logging init
Type: fix
Change-Id: I76bed5ce2df897d0e8e822ee1244018b0e39494d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Tue, 18 Feb 2020 15:23:29 +0000 (15:23 +0000)]
fib: fib path realloc during midchain stack
Type: fix
Change-Id: I0677f46dfa22c8abab7f311230a09ef1cd8ac335
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit
02d5a67d39cbb8f1865227afdc79533578067b8d)
Yu Ping [Wed, 19 Feb 2020 17:40:53 +0000 (01:40 +0800)]
tls: need to use thread id to fetch the event
Type: fix
Change-Id: I429351f04a2865be4a289a3021277f9b2ced902b
Signed-off-by: Yu Ping <ping.yu@intel.com>
Florin Coras [Tue, 18 Feb 2020 22:51:26 +0000 (22:51 +0000)]
tcp: fix syn-sent reset
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2799ac9723ec3e7effe910bba401fc486c552cac
Yu Ping [Tue, 18 Feb 2020 18:31:22 +0000 (02:31 +0800)]
tls: handle disconect and reset in async mode
Type: fix
When async is enabled and request is inflight, delay close oepration
Change-Id: I713078fe9832c1599e8860fc0a6bb98588f20943
Signed-off-by: Yu Ping <ping.yu@intel.com>
Mohsin Kazmi [Fri, 31 Jan 2020 11:37:44 +0000 (12:37 +0100)]
devices: netlink: add more error logging
Type: improvement
Change-Id: I4d8ca04840845e1ba631e4260e155df2486155e6
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Florin Coras [Tue, 18 Feb 2020 21:05:28 +0000 (21:05 +0000)]
misc: deprecating the plugin
Type: refactor
Not maintained
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5568ecf1161b63cd0f314e2b1503e350e214e51b
Filip Tehlar [Thu, 13 Feb 2020 20:50:12 +0000 (20:50 +0000)]
crypto: show crypto handlers re-design
Type: improvement
Show simple and chained handler details on a single line.
Change-Id: I5ad807a4d3608fc38c1134f564755d5751c30070
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Filip Tehlar [Wed, 3 Jul 2019 09:04:54 +0000 (09:04 +0000)]
crypto: add support for testing quad loops in crypto algos
This patch adds support for test cases with arbitrary long plaintext.
Type: feature
Change-Id: I48cd3642e30cc49eabc196c45d7f73c484e93057
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Florin Coras [Tue, 18 Feb 2020 20:17:30 +0000 (20:17 +0000)]
tcp: add fib to connection cli output
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3de653fd90b8030125b627f751c7fb665ade5aee
Filip Tehlar [Thu, 13 Feb 2020 22:34:05 +0000 (22:34 +0000)]
crypto: add chained buffer support in ipsecmb (AES-GCM)
Type: feature
Change-Id: Ia65caf38988c7e860e6d028f93659916825ef16b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Vratko Polak [Tue, 18 Feb 2020 18:12:47 +0000 (19:12 +0100)]
vrrp: do not define _details as autoreply
Without this, _details_reply messages also end up defined;
which is not intended, as there are no _details_t_handler functions.
Type: fix
Fixes:
39e9428b90bc74d1bb15fc17759c8ef6ad712418
Change-Id: Id052b00b00623ca92e5ddce4cc5e1bdfbb1031db
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Dave Barach [Tue, 18 Feb 2020 15:12:23 +0000 (10:12 -0500)]
misc: fix coverity warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I402b1b06db736b2a7a242ce70ffd409c7c0a4fc2
Dave Barach [Mon, 17 Feb 2020 22:07:12 +0000 (17:07 -0500)]
vlib: calculate per-worker loops/second metric
Use exponential smoothing. Each sample has a half-life of 1
second. reported_rate(t) = reported_rate(t-1) * K + rate(t)*(1-K)
Sample every 20ms, i.e. 50 samples per second
K = exp (-1.0/20.0);
K = 0.95;
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I9aea5dd5fecfaefffb78245316adb4bf62eb2bd4
Florin Coras [Mon, 10 Feb 2020 17:44:13 +0000 (17:44 +0000)]
tcp: allow custom mss on connects
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie4bd68a387f706b3e6868bece2ec4c8c1d92a9c3
Florin Coras [Fri, 14 Feb 2020 23:41:25 +0000 (23:41 +0000)]
tcp: pace timer handling
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I93067054631d6ae2411a7b08d7b681aed7a121b2
Damjan Marion [Tue, 18 Feb 2020 14:12:07 +0000 (15:12 +0100)]
vppinfra: fix debug image builds on arm
vextq_u8(...) reuqires constant value so instead of
inline function we need to use macro.
Type: fix
Signed-off-by: Damjan Marion <dmarion@me.com>
Change-Id: I9c1d878c9ec750f0ed5b5eac4dffde50e97e7357
Yu Ping [Tue, 18 Feb 2020 19:16:50 +0000 (03:16 +0800)]
tls: Add Feature yaml
Type: docs
Change-Id: Id1972fd1d0769f26ee73db326c22c6a57eb6ceab
Signed-off-by: Yu Ping <ping.yu@intel.com>
Elias Rudberg [Tue, 18 Feb 2020 11:12:25 +0000 (12:12 +0100)]
rdma: fix bug related to ring buffer
Fix a bug that caused some input packets to be dropped due to errors of
the type 'ip4 length > l2 length'. The change is related to the second
call to the rdma_device_input_bufs() function that happens when the end
of the ring buffer is reached.
Type: fix
Change-Id: I332d69ab22242b3443a0baca6e5dd86349a54765
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Simon Zhang [Mon, 9 Dec 2019 11:58:39 +0000 (19:58 +0800)]
tls: Picotls engine symmetric crypto enhancement by vpp crypto framework
Type: feature
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I1d4fe75e5faf3fa2086d11020828345b173ebd03
Dave Barach [Mon, 17 Feb 2020 14:13:26 +0000 (09:13 -0500)]
misc: fix coverity warnings
Add an ALWAYS_ASSERT (...) macro, to (a) shut up coverity, and (b)
check the indicated condition in production images.
As in:
p = hash_get(...);
ALWAYS_ASSERT(p) /* was ASSERT(p) */
elt = pool_elt_at_index(pool, p[0]);
This may not be the best way to handle a specific case, but failure to
check return values at all followed by e.g. a pointer dereference
isn't ok.
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia97c641cefcfb7ea7d77ea5a55ed4afea0345acb
Klement Sekera [Mon, 10 Feb 2020 11:49:52 +0000 (11:49 +0000)]
bfd: use tw_timer_template instead of legacy wheel
Type: refactor
Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Chenmin Sun [Sun, 16 Feb 2020 18:19:15 +0000 (02:19 +0800)]
gtpu: offload RX flow
ip4 gtpu cli/api (using flow infra) to create flows and enable them on
different hardware (currently tested with ice)
to offload a gtpu tunnel onto hw:
set flow-offload gtpu hw TwentyFiveGigabitEthernet3/0/0 rx gtpu_tunnel0
to remove offload:
set flow-offload gtpu hw TwentyFiveGigabitEthernet3/0/0 rx gtpu_tunnel0 del
TODO:ipv6 handling
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I8e356feeb0b16cfeadc1bbbe92f773aa2916e715
Neale Ranns [Mon, 17 Feb 2020 10:39:09 +0000 (10:39 +0000)]
ikev2: IKE plugin manages the state of the protected tunnel interface
Type: improvement
IKE will bring the tunnel up ince the negociation is complete and bring
it down when the session ends. It is the clinets responsibility to
manage the state of the tunnel before and after these events. So to
prevent any unencrpyted traffic egressing the tunnel before the session
is negpciated, the tunnel should be in the down state when it a
associated with the IKE session.
Change-Id: I8aee593c79ca006d6ab08f9fa560fbbf6f8dcc16
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Sun, 16 Feb 2020 12:07:13 +0000 (13:07 +0100)]
crypto-native: calculate ghash using vpclmulqdq instructions
vpclmulqdq is introduced on intel icelake architecture and
allows computing 4 carry-less multiplications in paralled by using
512-bit SIMD registers
Type: feature
Change-Id: Idb09d6f51ba6f116bba11649b2d99f649356d449
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
Lijian.Zhang [Fri, 14 Feb 2020 07:16:49 +0000 (15:16 +0800)]
vlib: fix code of getting numa node with specific cpu_id
Use below sysfs files to check which numa node a specific cpu_id belongs to.
/sys/devices/system/node/online
/sys/devices/system/node/node0/cpulist
/sys/devices/system/node/node1/cpulist
Type: fix
Change-Id: I124b80b1fd4a20dd7bd76f0ae27d5ab23a3a8ff1
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
Simon Zhang [Sat, 15 Feb 2020 13:50:16 +0000 (21:50 +0800)]
tls: Fix Picotls ctx_read rx_content issue
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I19cdd2055ea494fc36628b4a94fc56742c1d1a8a
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Mohsin Kazmi [Fri, 14 Feb 2020 12:09:04 +0000 (12:09 +0000)]
tap: fix the default parameter for num_rx_queues
Type: fix
Change-Id: I1a20fea56f1ba1fada7c7ce96ea333bf097b1273
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Yu Ping [Fri, 14 Feb 2020 11:14:36 +0000 (19:14 +0800)]
tls: remove session lookup operation in TLS
Type: fix
Change-Id: I50329bda365d98f9f9d56a58187fb4fb2a4eb461
Signed-off-by: Yu Ping <ping.yu@intel.com>
Florin Coras [Thu, 13 Feb 2020 19:24:58 +0000 (19:24 +0000)]
tcp: reset fin-wait-2 timeout connections
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id931f3f308a01788d222d0d62f26f5c579321c6a
Code Review / vpp.git / log