Neale Ranns [Mon, 25 Feb 2019 10:28:29 +0000 (10:28 +0000)]
IKEv2 to plugin
for easy integration with ptoducts running their own Ike stack.
Without the VPP IKE plugin loaded, the product is free to handle
IKE packets as it pleases.
Change-Id: Id0839f4d58b797f4c2da0382eb499fc08b05f66f
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Wed, 13 Feb 2019 10:01:32 +0000 (11:01 +0100)]
buffer chain linearization
Rewrite vlib_buffer_chain_linearize function so that it works as intended.
Linearize buffer chains coming out of reassembly to work around some
dpdk-tx issues. Note that this is not a complete workaround
as a sufficiently large packet will still cause the resulting chain to
be too long.
Drop features from reassembly code which relies on knowing which and how
many buffers were freed during linearization, buffer counts and tracing
capabilities for these cases.
Change-Id: Ic65de53ecb5c78cd96b178033f6a576ab4060ed1
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Steven Luong [Thu, 24 Jan 2019 06:20:19 +0000 (22:20 -0800)]
vhoat: potential crash in map_guest_mem using debug image
map_guest_mem may be called from worker-thread/dataplane. It has a call
to vlib_log and may crash inside vlib_log's ASSERT statement
/* make sure we are running on the main thread to avoid use in dataplane
code, for dataplane logging consider use of event-logger */
ASSERT (vlib_get_thread_index () == 0);
The fix is to convert the vlib_log call in map_guest_map to event logger
Change-Id: Iaaf6d86782aa8a18d25e0209f22dc31f04668d56
Signed-off-by: Steven Luong <sluong@cisco.com>
jdenisco [Tue, 19 Feb 2019 21:25:05 +0000 (16:25 -0500)]
Add support for 19.01
Change-Id: I8583f6f6432d8d7c449f43d62d8707a1718f3240
Signed-off-by: jdenisco <jdenisco@cisco.com>
Florin Coras [Fri, 22 Feb 2019 21:11:38 +0000 (13:11 -0800)]
session: separate local session logic
Move local session to separate header and source files. First step to
refactoring local sessions.
Change-Id: I280fdfef20ba8a0977d15c1c8ce030ea2fb72dde
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 22 Feb 2019 17:07:20 +0000 (09:07 -0800)]
tcp: keep snd sack block free list
Instead of constantly reallocating the new sack block list, keep the old
one as a reusable free list.
Change-Id: Iad79a72204f97b96352c1c6eea66c2839a35cfe6
Signed-off-by: Florin Coras <fcoras@cisco.com>
Steven Luong [Fri, 22 Feb 2019 19:11:14 +0000 (11:11 -0800)]
Makefile: fix missing help instruction
make pkg-deb-debug and make vom-pkg-deb-debug were missing in the help
instruction
Change-Id: Ic49a7c29b3394ee9fc259bd40ecf0611470125c6
Signed-off-by: Steven Luong <sluong@cisco.com>
Filip Tehlar [Fri, 22 Feb 2019 13:05:53 +0000 (05:05 -0800)]
stats: add buffer gauges
Change-Id: I7f7a459f25d64ea5fa36e30d7dccc667bc19c5a9
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 18:33:21 +0000 (10:33 -0800)]
VOM: GBP use singular instance if shared-ptr is set
Change-Id: I845e0aa0b657b7a4745c158c4c510f604f4502bb
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 07:34:59 +0000 (23:34 -0800)]
IPSEC: header exports
Change-Id: I7d48a4e236c6e7b11b0c9750a30fb68e829d64a5
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 12:40:53 +0000 (12:40 +0000)]
Callback functions must have the correct signature
Change-Id: I642823bdc3c7006a0b719ec1e3a9cd75b2b37253
Signed-off-by: Neale Ranns <nranns@cisco.com>
Marco Varlese [Fri, 22 Feb 2019 13:18:48 +0000 (14:18 +0100)]
Maintainers list update
Change-Id: I133ad79bac79c50caefed01c638f26ec9b3cd6c3
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
Damjan Marion [Fri, 22 Feb 2019 16:25:00 +0000 (17:25 +0100)]
avf: fix eat own tail issue on tx
Change-Id: Ie14ca18bab47ac6765ff0799475d0c2a4d936f90
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 14:15:57 +0000 (06:15 -0800)]
VOM: mroute dump debug level fix
Change-Id: Ice8c3e76857ee35c079d72d6697e6a3fbc99b7aa
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 08:44:40 +0000 (00:44 -0800)]
VOM: De-template the ACL code.
there's something going wrong with the dependency ordering.
i have added hacks in the past, but these are not reliable
across compiler versions.
Change-Id: I34b4aae4c7ed7beaa424cd692ff34cba21ba802a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 12:56:14 +0000 (12:56 +0000)]
GBP: include sclass in format EPG
Change-Id: I6cbc7dafcc59aa67d79c718d88f67d71ee97b4b6
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 10:48:25 +0000 (02:48 -0800)]
VOM: fix tests and namespacify l2_vtr
Change-Id: Ie59220a622c3a5195485cd6857b45f57d6eeaf95
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Fri, 22 Feb 2019 07:25:17 +0000 (23:25 -0800)]
GBP: remove testing asserts
Change-Id: I27ba13b3501debd4dcbda5df05afdcfc497f608f
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Fri, 22 Feb 2019 00:46:24 +0000 (16:46 -0800)]
tcp: send enough dupacks to cover all sack holes
Make sure we send enough dupacks to cover all the holes created in the
last frame received. Also make sure we send all the blocks, not just the
first.
Change-Id: I9597a34ac14473d1cc3ad07d65bc37043e3d0582
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Fri, 22 Feb 2019 04:04:15 +0000 (20:04 -0800)]
session/vcl: fix coverity warnings
Change-Id: I9b0e6d65255e516cf5bf18757d4769176ef76e92
Signed-off-by: Florin Coras <fcoras@cisco.com>
Steven Luong [Thu, 21 Feb 2019 22:55:52 +0000 (14:55 -0800)]
tapv2: coverity strikes back
while https://gerrit.fd.io/r/#/c/16590/ fixed the leaked fd which coverity
reported at that time, new coverity run reports simailar leaked fd in a
different goto punt path. It would be nice if coverity reported both of them
at the same time. Or perhaps it did and I just missed it. Anyway, the new fix
is to put the close (fd) statement prior to the return of tap_create_if routine
which should catch all goto's.
Change-Id: I0a51ed3710e32d5d74c9cd9b5066a667153e2f9d
Signed-off-by: Steven Luong <sluong@cisco.com>
Damjan Marion [Thu, 21 Feb 2019 19:24:54 +0000 (20:24 +0100)]
Add no-append flag to vlib_frame_t
Change-Id: I01c4f5755d579282773ac227b0bc24f8ddbb2bd1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Steven Luong [Fri, 1 Feb 2019 18:23:56 +0000 (10:23 -0800)]
vhost: VPP stalls with vhost performing control plane actions
Symptom
-------
With NDR traffic blasting at VPP, bringing up a new VM with vhost
connection to VPP causes packet drops. I am able to recreate this
problem easily using a simple setup like this.
TREX-------------- switch ---- VPP
|---------------| |-------|
Cause
-----
The reason for the packet drops is due to vhost holding onto the worker
barrier lock for too long in vhost_user_socket_read(). There are quite a
few of system calls inside the routine. At the end of the routine, it
unconditionally calls vhost_user_update_iface_state() for all message
types. vhost_user_update_iface_state() also unconditionally calls
vhost_user_rx_thread_placement() and vhost_user_tx_thread_placement().
vhost_user_rx_thread_placement scraps out all existing cpu/queue mappings
for the interface and creates brand new cpu/queue mappings for the
interface. This process is very disruptive and very expensive. In my
opinion, this area of code needs a makeover.
Fixes
-----
* vhost_user_socket_read() is rewritten that it should not hold
onto the worker barrier lock for system calls, or at least minimize the
need for doing it.
* Remove the call to vhost_user_update_iface_state as a default route at
the end of vhost_user_socket_read(). There is only a couple of message
types which really need to call vhost_user_update_iface_state(). We put
the call to those message types which need it.
* Remove vhost_user_rx_thread_placement() and
vhost_user_tx_thread_placement from vhost_user_update_iface_state().
There is no need to repetatively change the cpu/queue mappings.
* vhost_user_rx_thread_placement() is actually quite expensive. It should
be called only once per queue for the interface. There is no need to
scrap the existing cpu/queue mappings and create new cpu/queue mappings
when the additional queues becomes active/enable.
* Change to create the cpu/queue mappings for the first RX when the
interface is created. Dont remove the cpu/queue mapping when the
interface is disconnected. Remove the cpu/queue mapping only when the
interface is deleted.
The create vhost user interface CLI also has some very expensive system
calls if the command is entered with the optional keyword "server"
As a bonus, This patch makes the create vhost user interface binary-api and
CLI thread safe. Do the protection for the small amount of code which is
thread unsafe.
Change-Id: I4a19cbf7e9cc37ea01286169882e5603e6d7eb77
Signed-off-by: Steven Luong <sluong@cisco.com>
Steven Luong [Thu, 21 Feb 2019 19:58:14 +0000 (11:58 -0800)]
string_test: Coverity woe
Coverity complains about dead code as shown below and it is right.
The fix is to simply remove the dead code.
503 if (v_indicator != indicator)
CID 190173 (#3 of 3): Logically dead code (DEADCODE)
dead_error_line: Execution cannot reach this statement: return -1;.
504 return -1;
Change-Id: Ibca9e10451a4459db099bef5ecc6939474bdb903
Signed-off-by: Steven Luong <sluong@cisco.com>
Peter Mikus [Thu, 14 Feb 2019 07:44:14 +0000 (07:44 +0000)]
Revert "bond: problem switching from l2 to l3"
During CSIT testing we discovered that LACP tests were failing and
producing coredumps. Reverting this patch fix the problem with VPP
crashing.
This reverts commit
f23890138e02d4218c828c427f687f8ecdb0e165.
Change-Id: Icf97053ce1473350add885cbebe591f7f3efcbea
Signed-off-by: Peter Mikus <pmikus@cisco.com>
Damjan Marion [Thu, 21 Feb 2019 13:44:59 +0000 (14:44 +0100)]
physmem: keep physmem VA in 39-bit address space on x86_64
Some x86 CPUs have IOMMU capable dealing only with 39-bit address space
This patch also adds option to specify physmem base address from
startup.conf
Change-Id: I9e8abd26efb60e9c4ad54c035fb1751a4a61f4dc
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Tue, 19 Feb 2019 08:41:22 +0000 (00:41 -0800)]
API: client does not set root permissions on shm segment
Change-Id: I4ba099832b646392c1b6fa34236ca3377c9f786c
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Thu, 21 Feb 2019 13:28:11 +0000 (05:28 -0800)]
GBP: BD index not BD ID
Change-Id: I6da1ea25d688011b7aead1f639dd6a234ca4f20a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Thu, 21 Feb 2019 03:48:31 +0000 (19:48 -0800)]
vcl/session: send unlisten over message queue
Change-Id: I68cd6c0e6be3e8088792df3885ae190bb00462b0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Thu, 21 Feb 2019 03:48:31 +0000 (19:48 -0800)]
tcp: drop outstanding data when entering closing state
Change-Id: I92a009b9630b0d882ea3c5c99aad88ed6f5109a0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Thu, 21 Feb 2019 07:13:43 +0000 (23:13 -0800)]
svm: fix mem ordering for enqueue nocopy
Change-Id: Ibc852f88747125a895415570349975d3b379a6f4
Signed-off-by: Florin Coras <fcoras@cisco.com>
Paul Vinciguerra [Wed, 20 Feb 2019 17:01:14 +0000 (09:01 -0800)]
TESTS: refactor framework send_and_expect.
Create a common pg_send method for cases when results are just discarded.
Change-Id: I786960d2d7bbb96dcb407f6e59aa96951b7b19e7
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Kingwel Xie [Wed, 13 Feb 2019 07:03:33 +0000 (02:03 -0500)]
pg: fix payload hex-string bug
Change-Id: I0ea98bf9c203398d9cf85d22994a10217bb511d2
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Benoît Ganne [Wed, 20 Feb 2019 09:36:37 +0000 (10:36 +0100)]
Remove autotools leftovers from gitignore
Some tracked files were ignored due to gitignore rules that date back to
autotools based buildsystem. Update gitignore accordingly.
~# git ls-files -i --exclude-standard
Makefile
build-root/Makefile
build/external/Makefile
build/external/deb/debian/dkms/Makefile
doxygen/Makefile
extras/rpm/Makefile
src/vnet/config.h
test/Makefile
test/doc/Makefile
test/ext/Makefile
Change-Id: I3326c932cd174434211b744bf5e26bc4da450339
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Damjan Marion [Wed, 20 Feb 2019 14:34:00 +0000 (15:34 +0100)]
pg: fix tracing when device-input feature arc is used
Change-Id: I82240b43d3a5f3f33ac9ab2de106b3ec0ea31780
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 20 Feb 2019 13:11:51 +0000 (14:11 +0100)]
pg: fix crash when multiple streams are enqueuing to the same next
Only with debug image and when next node is not ethernet-input...
Change-Id: Iaa404b5d35d5c04996ff48cd16877858092b78d7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Damjan Marion [Wed, 20 Feb 2019 13:15:25 +0000 (14:15 +0100)]
pg: remove no-recycle option
Change-Id: Ic47bde2d08b2719b5c6c87cb2e9a8af0d2160e6e
Signed-off-by: Damjan Marion <damarion@cisco.com>
Dave Barach [Tue, 19 Feb 2019 22:05:30 +0000 (17:05 -0500)]
calculate per-thread time offset
The main thread squirrels away vlib_time_now (&vlib_global_main),
worker threads use it to calculate an offset in f64 seconds from their
own vlib_time_now(vm) value. We use that offset until the next barrier
sync.
Thanks to Damjan for the suggestion.
Change-Id: If56cdfe68e5ad8ac3b0d0fc885dc3ba556cd1215
Signed-off-by: Dave Barach <dave@barachs.net>
Florin Coras [Wed, 20 Feb 2019 04:57:06 +0000 (20:57 -0800)]
session: fix local sessions disconnects
Change-Id: Ib4ca472aa2413ced7f82d87e4fee65ca86ab1f2b
Signed-off-by: Florin Coras <fcoras@cisco.com>
Mohsin Kazmi [Wed, 20 Feb 2019 10:07:27 +0000 (11:07 +0100)]
vom: Fix the versioning issue [vpp-1555]
vom library was missing version apended to libvom.so
This patch fixes this issue.
Change-Id: I99a6c282d651e1882574af999f04610d7a2c4d44
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Paul Vinciguerra [Thu, 14 Feb 2019 04:59:30 +0000 (20:59 -0800)]
docs: use python3 for make docs.
Change-Id: If62b5ef563523b400fb5160d0343210407905094
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Paul Vinciguerra [Wed, 13 Feb 2019 15:44:52 +0000 (07:44 -0800)]
make test-doc: Clean up import errors.
Mock additional 3rd party modules and replace wildcard imports that
were confusing sphinx.
Change-Id: Ia9e599901a2a3fad854d3631dd0991183ae6d715
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Tue, 19 Feb 2019 06:39:39 +0000 (22:39 -0800)]
tls: add vcl test
Change-Id: If4c7efaf6506a827e7a95a56c2f6b6060df03fa1
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Tue, 19 Feb 2019 16:27:34 +0000 (08:27 -0800)]
IPSEC: API coverity error of unitialised stat_index value
Change-Id: If884a3840f34090e33ce7808d38e50f919290d9f
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 19 Feb 2019 14:33:14 +0000 (06:33 -0800)]
IPSEC-GRE: no clib_warning in the DP
Change-Id: If30c7334de55d32e57554cf1601c529cd807b834
Signed-off-by: Neale Ranns <nranns@cisco.com>
Ed Kern [Tue, 19 Feb 2019 17:27:23 +0000 (10:27 -0700)]
Makefile: correct opensuse 15.0 dep naming
This covers both naming option for opensuse leap15
dep package naming
Change-Id: I2ade004e44e75c08afde0f3af42b33cd97ce0ebc
Signed-off-by: Ed Kern <ejk@cisco.com>
Haggai Eran [Tue, 19 Feb 2019 13:04:42 +0000 (15:04 +0200)]
ldp: return byte count from a successful recvfrom
Unless there's an error, recvfrom should return the number of bytes
received. The current code returns zero on success due to
ldp_copy_ep_to_sockaddr returning zero.
Change-Id: Ib843b99a08c44b5ee2d16efe9edab0cf5df65170
Signed-off-by: Haggai Eran <haggai.eran@gmail.com>
Klement Sekera [Tue, 19 Feb 2019 13:47:25 +0000 (14:47 +0100)]
reassembly: handle ip6 atomic fragments
Change-Id: Ide3425f144fb17201dcde7ba89f39e460048100d
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Damjan Marion [Tue, 19 Feb 2019 14:15:40 +0000 (15:15 +0100)]
avf: fix feature arc, take two
Change-Id: Ic191850739da82de32d87bbf17947b55cf962f2d
Signed-off-by: Damjan Marion <damarion@cisco.com>
Klement Sekera [Tue, 19 Feb 2019 12:53:43 +0000 (13:53 +0100)]
reassembly: fix buffer usage counter
Change-Id: I713904f8eb2f724cb08dba494c160c14cc8b24a1
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Michal Cmarada [Thu, 31 Jan 2019 09:57:40 +0000 (10:57 +0100)]
VPP-1504: Remove JVPP
As part of JVPP migration this removes JVPP completely from VPP.
Change-Id: I6b74e7961aa474ae471e63fe43a624cd9fc3659b
Signed-off-by: Michal Cmarada <mcmarada@cisco.com>
Hyong Youb Kim [Tue, 19 Feb 2019 12:32:55 +0000 (04:32 -0800)]
dpdk: update Cisco VIC port type
Recent VIC models can support 25, 50, and 100Gbps links. Use the
helper (port_type_from_link_speed) to set the port type as it supports
all possible link speeds.
Change-Id: I748d8ac716a6393d116a9db8a599151c70a9000a
Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
Hyong Youb Kim [Tue, 19 Feb 2019 13:04:49 +0000 (05:04 -0800)]
dpdk: do not shift PKT_RX_FDIR
PKT_RX_FDIR is a bit flag, not a bit position.
Change-Id: Ib31ec9257e906b045522fa7c2b515b7b0c13bb32
Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
Andrew Yourtchenko [Tue, 5 Feb 2019 14:15:59 +0000 (15:15 +0100)]
acl-plugin: split the dataplane function into two, save 10sec in compile time
Change-Id: I00618f12dfd5ab4a2baf6c8ec1f53b4c7179aed7
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
mu.duojiao [Thu, 14 Feb 2019 08:57:54 +0000 (16:57 +0800)]
VPP-1568:when entry src cover change, recursive-loop fib still can not work.
Change-Id: I90762b59f94175f278380c95776471a30bc94d34
Signed-off-by: mu.duojiao <mu.duojiao@zte.com.cn>
Andrew Yourtchenko [Fri, 12 Oct 2018 14:09:22 +0000 (16:09 +0200)]
tap gso: experimental support
This commit adds a "gso" parameter to existing "create tap..." CLI,
and a "no-gso" parameter for the compatibility with the future,
when/if defaults change.
It makes use of the lowest bit of the "tap_flags" field in the API call
in order to allow creation of GSO interfaces via API as well.
It does the necessary syscalls to enable the GSO
and checksum offload support on the kernel side and sets two flags
on the interface: virtio-specific virtio_if_t.gso_enabled,
and vnet_hw_interface_t.flags & VNET_HW_INTERFACE_FLAG_SUPPORTS_GSO.
The first one, if enabled, triggers the marking of the GSO-encapsulated
packets on ingress with VNET_BUFFER_F_GSO flag, and
setting vnet_buffer2(b)->gso_size to the desired L4 payload size.
VNET_HW_INTERFACE_FLAG_SUPPORTS_GSO determines the egress packet
processing in interface-output for such packets:
When the flag is set, they are sent out almost as usual (just taking
care to set the vnet header for virtio).
When the flag is not enabled (the case for most interfaces),
the egress path performs the re-segmentation such that
the L4 payload of the transmitted packets equals gso_size.
The operations in the datapath are enabled only when there is at least
one GSO-compatible interface in the system - this is done by tracking
the count in interface_main.gso_interface_count. This way the impact
of conditional checks for the setups that do not use GSO is minimized.
"show tap" CLI shows the state of the GSO flag on the interface, and
the total count of GSO-enabled interfaces (which is used to enable
the GSO-related processing in the packet path).
This commit lacks IPv6 extension header traversal support of any kind -
the L4 payload is assumed to follow the IPv6 header. Also it performs
the offloads only for TCP (TSO - TCP segmentation offload).
The UDP fragmentation offload (UFO) is not part of it.
For debug purposes it also adds the debug CLI:
"set tap gso {<interface> | sw_if_index <sw_idx>} <enable|disable>"
Change-Id: Ifd562db89adcc2208094b3d1032cee8c307aaef9
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Klement Sekera [Tue, 19 Feb 2019 10:28:47 +0000 (11:28 +0100)]
VPP-1573 fix crash in ip6 reassembly
Change-Id: I3a3076c7d87446b5ec2a02e70d3b6d05f1875875
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Damjan Marion [Tue, 19 Feb 2019 07:55:18 +0000 (08:55 +0100)]
ip6-local: fix uninitialized variable error
Change-Id: I245a8cc8f237242efadcf10d47b76222a6497e89
Signed-off-by: Damjan Marion <damarion@cisco.com>
Neale Ranns [Tue, 19 Feb 2019 09:41:59 +0000 (01:41 -0800)]
VOM: no assert on interface mac set
Change-Id: I0210b18dc37e1a425c75c95a2fb98c6a48d8ea7a
Signed-off-by: Neale Ranns <nranns@cisco.com>
Damjan Marion [Mon, 18 Feb 2019 16:29:04 +0000 (17:29 +0100)]
avf: fix feature arc
Change-Id: Ib7d8e8e2e4663daa1307e676c53f7ef8b91e60e6
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Tue, 19 Feb 2019 04:14:20 +0000 (20:14 -0800)]
tls: fix openssl/mbedtls use of app_wrk index
Change-Id: I7ccc948357d815a1bd4279a7079cf4db2949183c
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Mon, 18 Feb 2019 21:02:28 +0000 (13:02 -0800)]
session: move fifo allocation logic to app worker
Change-Id: I1662ec4b5503cb64a8a86a2441842311d959b3a6
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Mon, 18 Feb 2019 20:11:51 +0000 (12:11 -0800)]
NAT: fix: multiple definition of nat64_cleaner_process_event_e
Change-Id: Idcff6108f4f965344afce9ff614018239819dc95
Signed-off-by: Neale Ranns <nranns@cisco.com>
Paul Vinciguerra [Tue, 12 Feb 2019 20:21:01 +0000 (12:21 -0800)]
Resolve vppapigen DeprecationWarning.
/vpp/src/tools/vppapigen/vppapigen:823: DeprecationWarning:
the imp module is deprecated in favour of importlib;
see the module's documentation for alternative uses
Change-Id: If7729778374e9193f6381c8bd2ed34c875db3f1e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Florin Coras [Sun, 17 Feb 2019 04:47:32 +0000 (20:47 -0800)]
tcp: harden for high scale scenarios
- Better handle buffer starvation scenarios
- Handle case when both peers enter recovery due to packet loss.
- Fix passive open establish cleanup
Change-Id: I2f28baa2ff0383bb8f5f6d2452b49aa38ce69bce
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Mon, 18 Feb 2019 14:20:46 +0000 (06:20 -0800)]
DHCP: trace flags copied from old to new not vice-versa
Change-Id: I6c13af7e97753da013cdd5b212302d008cbd616d
Signed-off-by: Neale Ranns <nranns@cisco.com>
Filip Varga [Wed, 13 Feb 2019 09:42:59 +0000 (01:42 -0800)]
NAT: VPP-1552 code migration from old multiarch scheme
Change-Id: I88f3df8aaa521e7707ef3335acdbf1ab41e7ee28
Signed-off-by: Filip Varga <fivarga@cisco.com>
Benoît Ganne [Thu, 14 Feb 2019 14:32:45 +0000 (15:32 +0100)]
Explicit dual-loop in ip6-local
Makes ip6-local node dual-loop explicit. This is only a style change.
Change-Id: Ic8e7cecb3f51e98b8a069b501f5c338156934a6d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Neale Ranns [Sun, 17 Feb 2019 18:04:27 +0000 (18:04 +0000)]
IPSEC: move SA counters into the stats segment
1) stats are accessed via the stat segment which is more condusive to
monitoring
2) stats are accurate in the presence of multiple threads. There's no
guarantee that an SA is access from only one worker.
Change-Id: Id5e217ea253ddfc9480aaedb0d008dea031b1148
Signed-off-by: Neale Ranns <nranns@cisco.com>
Matus Fabian [Mon, 18 Feb 2019 09:54:16 +0000 (01:54 -0800)]
NAT44: fix snat_get_worker_out2in_cb (VPP-1536)
Change-Id: I9c562f8e3407ca60a4412a162015fa505b7590b6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
Florin Coras [Sat, 16 Feb 2019 02:20:58 +0000 (18:20 -0800)]
tcp: fix handling of retransmitted syns
Change-Id: I88fdeb0ca56d3a5d9c0f36def13c6de8142f59f0
Signed-off-by: Florin Coras <fcoras@cisco.com>
Benoît Ganne [Thu, 14 Feb 2019 14:32:45 +0000 (15:32 +0100)]
Optimize ip6-local
Optimize IPv6 ip6-local node by rewriting the dual/single loop with
prefetch and simpler unrolling.
My local, unrepresentative tests for GRE4 termination over IPv6 show a
performance improvement of ~40% for ip6-local node alone and ~5%
globally.
Change-Id: I11e1e86d3838dd3c081aa6be5e25dae16ed6e2d8
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Nathan Skrzypczak [Thu, 14 Feb 2019 12:24:43 +0000 (13:24 +0100)]
Fix connexion segfault in session api affecting tcp_echo
Change-Id: If6d45f7f6e6dab70eecd6ec7241126968a34ad6b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Kingwel Xie [Wed, 13 Feb 2019 07:48:41 +0000 (02:48 -0500)]
dpdk-ipsec: store buffer index into crypto-op private
don't have to convert from mbuf to vlib_buffer then buffer index
save a few clock cycles in crypto-input
plus, a bit improvements of CLI
1. show more information, resource placement & qp stats
2. clear dpdk qp statistics
cleanup cli as sugguested by Sergio Gonzalez Monroy
Change-Id: Ic4fd65bfa9a6b05b344a9a40c554990dde072d19
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Andrew Yourtchenko [Sun, 20 Jan 2019 18:32:44 +0000 (19:32 +0100)]
19.01 Release Notes
Change-Id: I43fd3aac9039c6d551fac8607374a0ebfdc6f74a
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit
67d9475ae3586e69356f939b36aefe8d6a6f0009)
Neale Ranns [Thu, 14 Feb 2019 14:58:40 +0000 (14:58 +0000)]
FIB: pass a copy the walk context
since it can realloc when new ctx are added. If
not we can get some nasty memory corruption.
Change-Id: I617709c3013acbcb8aee07dc147894f0de896555
Signed-off-by: Neale Ranns <nranns@cisco.com>
Klement Sekera [Thu, 7 Feb 2019 18:56:50 +0000 (19:56 +0100)]
make test: make test-ext working again
Change-Id: Ib30d0c6b8794488119f258f7617fce494aa28f1f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Mohsin Kazmi [Tue, 12 Feb 2019 16:24:17 +0000 (17:24 +0100)]
deb-pkg: Add libvom package support
Change-Id: I370a5198ea5b768d8c505679662a19797bd2740d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Kingwel Xie [Tue, 12 Feb 2019 12:47:33 +0000 (04:47 -0800)]
ipsec: memory leak fixup
Change-Id: Ib2ad196bec1005d6678589d5b5c199b8a541c720
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Benoît Ganne [Tue, 12 Feb 2019 12:35:08 +0000 (13:35 +0100)]
Add -fno-common compile option
-fno-common makes sure we do not have multiple declarations of the same
global symbol across compilation units. It helps debug nasty linkage
bugs by guaranteeing that all reference to a global symbol use the same
underlying object.
It also helps avoiding benign mistakes such as declaring enum as global
objects instead of types in headers (hence the minor fixes scattered
across the source).
Change-Id: I55c16406dc54ff8a6860238b90ca990fa6b179f1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Lollita Liu [Thu, 14 Feb 2019 10:02:44 +0000 (05:02 -0500)]
buffer: bug fix vlib_buffer_free_inline
buffer_pool_index, in case of buffer_pool_index change,
should free buffers in queue before setting buffer_pool_index again
Change-Id: I846ead947a7b2d940c8fc747976239d608597391
Signed-off-by: Lollita Liu <lollita.liu@ericsson.com>
Paul Vinciguerra [Tue, 12 Feb 2019 13:45:01 +0000 (05:45 -0800)]
make install-ext-deps broken.
make install-ext-deps broken due to nasm site being offline for days.
curl: (7) Failed to connect to www.nasm.us port 443: Connection refused
curl: (7) Failed to connect to www.nasm.us port 80: Connection refused
Pointing url to mirror at Oregon State University for the time being.
https://ftp.osuosl.org/pub/blfs/conglomeration/nasm/$(nasm_tarball)
Change-Id: I6310337ae6946fbcd5fd653dcd3780ec7e97fe9a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
Damjan Marion [Wed, 13 Feb 2019 18:30:09 +0000 (19:30 +0100)]
ip6: convert code to new multiarch
Change-Id: Idd09b5d0597336e4f2028113cae76c94fd1c5427
Signed-off-by: Damjan Marion <damarion@cisco.com>
Mohsin Kazmi [Tue, 12 Feb 2019 20:56:49 +0000 (21:56 +0100)]
vom: Add support for vtr in xconnect
Change-Id: Ib168a1d20c4609e4e64f472f75e9463161638e3e
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Neale Ranns [Wed, 13 Feb 2019 10:08:06 +0000 (02:08 -0800)]
IPSEC: restack SAs on backend change
Change-Id: I5852ca02d684fa9d59e1690efcaca06371c5faff
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Tue, 12 Feb 2019 14:18:30 +0000 (06:18 -0800)]
VOM: neighbour API flags
Change-Id: Ia664cd4c77f1c5b4bc46c5e191bb57704b3ccc46
Signed-off-by: Neale Ranns <nranns@cisco.com>
Dave Barach [Mon, 11 Feb 2019 23:44:18 +0000 (18:44 -0500)]
fix assert failure
Change-Id: I9a2e8ea2bf334dd8dabf3d25abbcc91087a43882
Signed-off-by: Dave Barach <dbarach@cisco.com>
Kingwel Xie [Tue, 12 Feb 2019 11:45:08 +0000 (06:45 -0500)]
ipsec: cli bug fix
1. unformat_ip46_address must have ip-type specified
2. cannot unformat ip46_address_t with unformat_ip4_address
Change-Id: I5f1eecfe71a808302428afb39f910ebf0c7cef71
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Neale Ranns [Mon, 11 Feb 2019 11:24:07 +0000 (11:24 +0000)]
IPSEC-tun: The tunnel DB uses the network order SPI to save the byte swap in the DP
Change-Id: I78a1c39682d5afd356a3cfe70097fc682e8cb938
Signed-off-by: Neale Ranns <nranns@cisco.com>
Florin Coras [Sat, 9 Feb 2019 21:51:25 +0000 (13:51 -0800)]
session: add config for evt qs segment size
Change-Id: I286d0d53a9ef2d6e28cd301eae25fc119d491f22
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Sat, 9 Feb 2019 02:27:29 +0000 (18:27 -0800)]
session: cleanup application interface
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
Kingwel Xie [Mon, 4 Feb 2019 09:49:29 +0000 (01:49 -0800)]
ipsec: multi-arch, next-node-index cleanup
1. specify ipsec_xxx_node.c in MULTIARCH_SOURCES
2. cleanup foreach_ipsec_output_next & foreach_ipsec_input_next,
as next-nodes are actually added by ipsec_register_xx_backend dynamically
thus, ipsec4-input-feature will point to ah4/esp4-encrypt, instead of
pointing to ah6/esp6-encrypt
3. remove an unused count and add counter IPSEC_INPUT_ERROR_RX_MATCH_PKTS
in ipsec-input
Change-Id: Ifcf167812d2cc18187c2cea84b657a52b67e17d4
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
Damjan Marion [Sat, 9 Feb 2019 22:29:26 +0000 (23:29 +0100)]
buffers: fix typo
Change-Id: I4e836244409c98739a13092ee252542a2c5fe259
Signed-off-by: Damjan Marion <damarion@cisco.com>
Florin Coras [Thu, 7 Feb 2019 23:34:52 +0000 (15:34 -0800)]
tls: move test certificates to separate header file
Change-Id: I543cb78e268d7a4a7fba590d305351ec79f4e4da
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Wed, 6 Feb 2019 04:55:11 +0000 (20:55 -0800)]
session: refactor listen logic
Make app-listener the handle for app listens. Consequently transport and
local listen sessions are now associated to the app-listener.
Change-Id: I9397a26d42cccb100970b6b4794c15bac2e11465
Signed-off-by: Florin Coras <fcoras@cisco.com>
Florin Coras [Thu, 7 Feb 2019 18:31:08 +0000 (10:31 -0800)]
tcp: fix fib_index for v6 ll packets
Change-Id: Ie69bdb9860d61f2c599c0c80b0ea80dfdfe178bd
Signed-off-by: Florin Coras <fcoras@cisco.com>
Neale Ranns [Thu, 7 Feb 2019 07:00:16 +0000 (23:00 -0800)]
IPSEC: remove unused members of main struct
Change-Id: Ib55deb620f4f58cac07da7cb69418a3a30ff3136
Signed-off-by: Neale Ranns <nranns@cisco.com>
Neale Ranns [Wed, 6 Feb 2019 09:41:05 +0000 (01:41 -0800)]
IPSEC: no second lookup after tunnel encap
in the same maaner as with other tunnel tyeps we use
the FIB to cache and track the destination used to reach
the tunnel endpoint. Post encap we can then ship the packet
straight to this adjacency and thus elide the costly second
lookup.
- SA add and del function so they can be used both directly
from the API and for tunnels.
- API change for the SA dump to use the SA type
- ipsec_key_t type for convenience (copying, [un]formating)
- no matching tunnel counters in ipsec-if-input
Change-Id: I9d144a59667f7bf96442f4ca66bef5c1d3c7f1ea
Signed-off-by: Neale Ranns <nranns@cisco.com>
Benoît Ganne [Thu, 7 Feb 2019 12:21:42 +0000 (13:21 +0100)]
Fix parsing overflow in unformat_mac_address_t()
'%x' unformat specifier expects a pointer to a 4-byte object and will
overflow when using a pointer to a 1-byte object. Use '%X' instead which
allows to pass the size of the object alongside its pointer.
The bug was exposed with the following commands:
~# make run
DBGvpp# loop create
loop0
DBGvpp# set ip6 neigh loop0 3001::2 a:a:a:a:a:a
DBGvpp# show ip6 neigh
Time Address Flags Link layer Interface
35.7743 ::2 D 0a:0a:0a:0a:0a:0a loop0
^^^
wrong address: should be 3001::2
Note that the bug impact depends from the parsing order and memory
layout.
Change-Id: I29ba2eb53ba5a2daf4517215602d027508e2cb9f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Florin Coras [Thu, 7 Feb 2019 08:15:53 +0000 (00:15 -0800)]
tcp: fix reset sending in syn-sent
Change-Id: I468b1015bca5f95b162fb49e904aa4e4d38db75e
Signed-off-by: Florin Coras <fcoras@cisco.com>
Code Review / vpp.git / log