aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2020-04-22misc: asan: do not poison memory after munmap()Benoît Ganne3-8/+0
It is a bad idea to poison memory after munmap because the address space can be reused (eg. for global data of dlopen()ed object) and ASan model allows access by default. Moreover, access to a stale address space will fault. Type: fix Change-Id: I356de422f255447d9d50a3a71fb0c2eaa790d731 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-22vppinfra: fix potential race in bihash bucket lockDamjan Marion1-11/+9
Type: improvement Change-Id: Ia04bd26ecd689894753e036e52920316de611910 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-22vppinfra: improve bihash add/del performanceDamjan Marion2-26/+36
Measured improvement is from 439 to 167 clocks for add operation in 16_8 case... Type: improvement Change-Id: I975ff46ff30b983a3ec80a5cde25ccb68d7fa03b Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-22dpdk: DPDK 20.05 iavf flow director backporting to DPDK 20.02Chenmin Sun17-0/+6436
0001 ~ 0014 patches are for virtual channel and PMD 0015 is the iavf fdir framework 0016 ~ 0017 are for the iavf fidr driver Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I38e69ca0065a71cc6ba0b44ef7c7db51193a0899
2020-04-22devices: Adding ConnectX-6 DX Device ID for validationAmir Zeidner1-2/+7
Type: fix Change-Id: I3c7ebbe91e7dffe9fd6851e5334fe920f2187cf0 Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
2020-04-21vat: fix increment_address(...)Dave Barach1-2/+2
vl_api_address_t uses a packed enum for the address family, compare a->af directly with ADDRESS_IP4 / ADDRESS_IP6 instead of running a->af through clib_host_to_net_u32(...) before compare. Indirectly fixes api_ip_route_add_del(...) w/ count > 1. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ib7f562ec9e92ee63e52a338d318fcf1ce6221755
2020-04-21vlib: queue_hi_thresh fix to avoid deadlockElias Rudberg1-2/+4
Adapt queue_hi_thresh value using num_threads to avoid risk of deadlock between threads which could happen for example when different NAT threads try to handoff work to each other at the same time when their frame queues are congested. This change ensures that each thread can reserve a queue entry without causing problems even in the most extreme case when all threads attempt to add to the same queue simultaneously when the queue is nearly full. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: I9e02f753bd00833d8dd500d181b0d4f9a454d703
2020-04-21nat: dslite ce mode in separate config entryVladimir Ratnikov2-4/+20
Previously dslite was moved to separate plugin folder and CE mode was removed. But it still needed. This patch adds CE option to separate config entry Type: feature Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: If153ae08fa385ba5a6605cb412e49bbb4d1db46c
2020-04-21vppinfra: bihash improvementsDave Barach17-62/+285
Template instances can allocate BIHASH_KVP_PER_PAGE data records tangent to the bucket, to remove a dependent read / prefetch. Template instances can ask for immediate memory allocation, to avoid several branches in the lookup path. Clean up l2 fib, gpb plugin codes: use clib_bihash_get_bucket(...) Use hugepages for bihash allocation arenas Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Damjan Marion <damarion@cisco.com> Change-Id: I92fc11bc58e48d84e2d61f44580916dd1c56361c
2020-04-20sr: fix non-NULL terminated string overflowBenoît Ganne1-1/+1
Type: fix Change-Id: Ia5ae0e893a5358f61353d20f444d88d79953e482 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-20svm: check if fifo free list index is valid on allocFlorin Coras3-12/+38
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com> Change-Id: Ib85c2f01dc7ec9858f2f88b89e209f989d78c5d9
2020-04-20session: fix use-after-free in input nodeBenoît Ganne1-1/+2
Type: fix Change-Id: Ie60b07abe76ad166f048f5885accd7038d8153b2 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-20session: avoid rx notifications on accepting sessionsFlorin Coras1-0/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iba37e528e968104c3ba9c8324438ba695ddddfd1
2020-04-20vcl: ensure sessions are open on select eventsFlorin Coras1-7/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4d56b61af574dfdaf6028160ce331606bdf65609
2020-04-20vcl: expand vcl select maps in ldp if neededFlorin Coras1-4/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I56c487821233cebf2146745a4706cb573cc088a5
2020-04-20nat: remove unused codeKlement Sekera5-484/+3
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If5c00faa309cf3e1ea8bdf8b23250041f6a499c4
2020-04-20gbp: fix l3-out anonymous test cleanupBenoît Ganne1-3/+13
Type: fix Change-Id: Ib455b0a57f9b4f9cb82bb295c220270d0c6e5fe5 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-20tls: fix Picotls tx hang issueSimon Zhang1-2/+2
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: Id84fbe412c99b39a0754b892ca971dd3e4434264
2020-04-19session: fix half-open cleanupFlorin Coras1-3/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I931d23cf617c8f24fe9a02982ab129785bbd184d
2020-04-17lisp: fix use-after-freeBenoît Ganne1-8/+8
Type: fix Change-Id: I42c3e3514ba50d40e09ee688d083f3e78fa0713a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-17vat: fix static analysis warningAndreas Schultz1-2/+1
replace hand crafted version with existing vector function Type: fix Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com> Change-Id: I94834852469ed316c7bdbd48bb7f479648b2c8e5
2020-04-17tcp: cubic as default cc algorithmFlorin Coras1-1/+1
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I48ce827966667a767440149769eb1b24616ce4c1
2020-04-17virtio: fix to use chained descriptors when missing indirect descriptorMohsin Kazmi2-7/+79
Some vhost-backed missing the VIRTIO_RING_F_INDIRECT_DESC feature. Previously, vpp doesn't support jumbo frames using chained descriptors. This patch fixes this issue. Type: fix Change-Id: I20487e201e88ea136b556ac84dde058019ab3e78 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-04-17dpdk: fix udp-encap for esp in transport modeAlexander Chernavin2-10/+9
Now UDP encapsulation doesn't work in transport mode because: - the encrypt node misses filling of UDP header and it gets sent with all zeros; - the decrypt node misses filling of new IP header and it contains garbage data. With this commit, fill UDP header during encryption and fill IP header during decryption. Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36 Type: fix Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-04-17session tcp: track half open in app wrkFlorin Coras10-20/+164
Type: improvement Do extra checks when establishing an active connect and cleanup pending connects if application detaches. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibe9349db57b313ba2aa5ea3960ef5cf755f5098a
2020-04-17vcl: fix app destroyFlorin Coras3-21/+21
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I21daa87b1a301142270a1bf20680dd9e9395aac9
2020-04-17vppinfra: install missing tw_timer_2t_2w_512sl header fileYu Sun1-0/+1
Type: improvement Signed-off-by: Yu Sun <yusun2@cisco.com> Change-Id: I68aea7c5776c5b31081c98388df4133d2062218a
2020-04-17tap: add initial support for tunMohsin Kazmi9-47/+190
Type: feature Change-Id: I699a01ac925fe5c475a36032edb7018618bb4dd4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-04-16fib: fix use-after-freeBenoît Ganne1-10/+11
Type: fix Change-Id: Ie7081d977dd0d3e7d09bc0d1b4d53863288e443b Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-16ipsec: fix use-after-freeBenoît Ganne1-1/+1
Type: fix Change-Id: I1068ff1d03883addb5fe1005a8b608eab17e4168 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-16bier: fix vector size confusing ASanBenoît Ganne1-1/+2
The vector is initialized to 1024 entries which is guaranteed to be enough, but as its size can shrink between calls, make sure ASan is aware of the expected size before using it. Type: fix Change-Id: I4bcc39867a886b3cb463854d2cda0b32155650e9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-16igmp: fix igmp proxy group mergeBenoît Ganne6-24/+25
When merging proxy groups in igmp_proxy_device_merge_group(), the call to igmp_proxy_device_merge_src() can end up removing the current proxy group via igmp_group_clear(). When that happens, it must returns NULL so that igmp_proxy_device_merge_config() does not send a IGMPv3 report for a dead proxy group. Make igmp_group_clear() reset the group pointer to NULL to fix this bug and to detect similar bugs more easily. Type: fix Change-Id: I229e55b5bfa71734d7844893f5209a66fa3cc8ae Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-16udp: fix buffer traceAndreas Schultz1-3/+2
Type: fix Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com> Change-Id: I774ca50582281cb3cc5e43417e74d178bf4909bd
2020-04-16nat: scavenging functionality removedFilip Varga7-392/+9
Type: refactor Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-04-15vppinfra: don't use memcmp to compare keys in cuckooDamjan Marion4-10/+1
Type: improvement Change-Id: I7e11bf72be5fad5967724c038eb649a261294ca0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-15vppinfra: delay bucket2 calc in cuckoo searchDamjan Marion1-28/+25
There is no need to calculate bucket2 if there is hit on bucket1 Type: improvement Change-Id: Id01c37963497668c0160068501294568a181d011 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-15vppinfra: add clib_cuckoo_search_inline_with_hash functionDamjan Marion1-3/+10
Type: improvement Change-Id: I547263ae954506f11101666ff768524fbfdb579e Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-15pg: set vnet buffer flags in pg streamsDave Barach7-1/+78
See .../extras/pg/checksum_offload.pg for a nontrivial example, which deliberately sets bogus ip and udp checksums in the generated packets, then fixes the mess with (software emulated) hardware checksum offload. Validated via "pcap dispatch trace on max 1000 buffer-trace pg-input 100". Packets stuffed into loop1-output have the configured bogus ip and udp checksums. vnet_calc_checksums_inline(...) fixes the checksums, which are correct when packets visit loop1-tx. The packet generator is a dumb robot in this regard. If you ask for a ridiculous flag combination - example: ip4 and ip6 - your mileage may vary. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I6d9e790f373bcd9e445a89113ca8e4c8f9aa9419
2020-04-15vppinfra: install missing cuckoo hash header filesDamjan Marion1-0/+2
Type: improvement Change-Id: Ifb4eec00fd4f1d19e4b0af802d015a35e402e0af Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-15session: detach session from app on cleanupFlorin Coras1-1/+6
Type: fix Avoids unwanted notifications. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifff27fb0d3644194e3bb3f91d7ed1fd02c6730cd
2020-04-15urpf: Allow locally generated packets on TXNeale Ranns2-6/+9
Type: fix Change-Id: I87d301aec20b9f5b34997b394493c796188fce14 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-15tcp: allow local port sharing if 5-tuple availableFlorin Coras1-1/+14
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id0c4b46247e7419a328387678a4753cfb1e42d75
2020-04-15misc: refactor calc_checksumsDave Barach5-81/+64
Merge two mildly incompatible static inlines, and rename the results vnet_calc_checksums_inline (...). The resulting inline has three additional parameters: int is_ip4, int is_ip6, and int with_gso. All calls manage to pass one or more as compile-time constants, which causes a certain amount of code to disappear in each instantiation. Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I1a2a0e353b9a7bca20bc81318e8c915617261e1a
2020-04-14vat: fix socket connectionDave Barach2-15/+18
vat_socket_connect(...) needs to set the api main client index. The M2 helper macro needed to allocate a buffer of size sizeof(*mp) + n, not sizeof(*mp). Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I7abf35d2ba045d82765bd27f88899287fd351602
2020-04-14session: avoid all session cleanup on unlistenFlorin Coras1-9/+7
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifff49366ad538bf2dd64487cae17e7457dff064f
2020-04-14urpf: Unicast reverse Path Forwarding (plugin)Neale Ranns20-616/+1658
Type: feature - move the IP4 code to plugin - add ip6 support - add suport for uRPF on TX - add tests Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-14ipsec: validate number of input sasMatthew Smith2-1/+9
Type: fix There is a statically allocated array for inbound SAs which can hold 4 IDs. The input parameter containing the IDs of th inbound SAs is a vector and Its possible to pass a vector with more than 4 elements and write the memory past the end of the array. Fail if more than 4 SAs are passed in the vector. Change-Id: I0c9d321c902d6366b8aff816d04e343dcbd110eb Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-04-13session: remove ho with fifos supportFlorin Coras4-29/+5
Type: refactor UDPC (removed) was the only consumer. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2812bf58d3c68fe021ec73acaa1bd00ef3172846
2020-04-13buffers: configurable buffer fault injectorDave Barach7-0/+108
When configured at compile time via the cmake VPP_BUFFER_FAULT_INJECTOR option, the buffer allocator will appear to fail a certain fraction of the time. By default, the allocator succeeds 80% of the time. Detailed command line configuration options are available, but only when the image has been compiled with cmake option described above: vlib { buffer-alloc-success-rate [0.0 ... 1.0] buffer-alloc-success-seed <nnnn> } Modify vlib_buffer_pool_create(...) so 0 is always an invalid buffer index. Debug images: add checks for bad buffer index enqueues, and also verify that f->n_vectors doesn't accidentally map one or more instances of the frame poison pattern 0xfefefefe. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iab939858014463d1e664682805013d334d6fcbe5
2020-04-13dhcp: fix unicast pkts, clean up state machineDave Barach2-49/+42
Send dhcp unicast packets to ip4-lookup. Otherwise, these packets won't reach a dhcp server on a different subnet. Do an immediate client scan after processing wakeup events. Calculate the next process wakeup time by scanning all clients. Increase maximum (idle, no-clients-configured) timeout to 1000 seconds. Reduce log spew. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I3d10cd4c353298ed0b19e7e30887dc1d8d07b19e