aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-05-02NAT: VPP-1661 - test case cleanup and refactoringFilip Varga3-1333/+1304
Change-Id: I0eb85252d4b489ba25dcf59252e2bcf3b0cd5c6a Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-05-02vpp_papi_provider.py: update defautmapping.Paul Vinciguerra2-1/+3
Add missing create_bvi/delete_bvi to defaultmapping. Correct typo in interface.api documentation. Change-Id: I8aa187f3b33c21fb2fcd55311ef79777c81d94d4 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-01Freshen RPM dependencies in vpp specfile.Thomas F Herbert1-19/+16
VPP-1650 Also update specfile for fedora. Also update and rationalize python3 and python2 dependencies for CentOS. Change-Id: Ia87abfe7b7080ecd07e485e6c32270fda56a496a Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2019-05-01Add node, frame to vlib main loop perf analysis callback argumentsDave Barach3-7/+16
Change-Id: Iaa5cd89791b0dfdb56a75009c564581d10696d83 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-01virtio: Fix virtio buffer allocationMohsin Kazmi1-1/+1
Change-Id: I0ffb468aef56f5fd223218a83425771595863666 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-01virtio: remove configurable queue size supportMohsin Kazmi7-47/+27
Native virtio device through legacy driver can't support configurable queue size. Change-Id: I76c446a071bef8a469873010325d830586aa84bd Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-01svm: remove dead code triggering overflowBenoît Ganne1-26/+0
split_point is incremented twice per iteration whereas we only check for *split_point != '\0' at the beginning of the iteration. This code seems dead so remove it altogether. Change-Id: Iabaf26cd5c0c8f747e267bcff044540a2376d3f6 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-05-01vpp_config: Update deprecated platform.linux_distribution()Paul Vinciguerra2-8/+9
platform.linux_distribution() was deprecated in python 3.5 and removed in 3.8. update to use distro.linux_distribution(). >>> import platform >>> platform.linux_distribution() ('Ubuntu', '16.04', 'xenial') >>> import distro >>> distro.linux_distribution() ('Ubuntu', '16.04', 'xenial') Change-Id: Ia8a7cd2d78fd56145cdded0b9d361a1b45bb4d27 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-01vpp_config: correct usage of 'is' for equality tests.Paul Vinciguerra2-16/+16
Change-Id: I30b1cdb2930560d7c40c1bde098fd21f16a17683 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-01DOCS: Add link to 19.08 test framework docsDave Wallace1-0/+1
Change-Id: Ib0c3e3376152f4ec04e3689fb9ed94a859f1022f Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-01Enable NEON instructions in memcpy_leLijian.Zhang2-1/+9
Neon version of memcpy_le gives better performance compared with memmove on aarch64 Change-Id: I44b487bb0795a6e70dd1e55bdde4a077773ec859 Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> Reviewed-by: Sirshak Das <sirdas@arm.com>
2019-05-01esp_encrypt: remove unnecessary codeZhiyong Yang1-1/+1
Change-Id: I2d7e873fca6ab266af75814fac5d4cb5cda93cef Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-01DOCS: Add link to 19.04 make test documentationDave Wallace1-0/+1
Change-Id: Iffa44b6a20f8446c94f8412e937ca40273aa8f2f Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-01ipsec: fix ipsec format overflowBenoît Ganne1-4/+3
hi->name is not NULL-terminated. Use specialized format function which does the right thing. Change-Id: Iadda51461af0c1ad4f38a6d24b76e816020f35c8 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30VPP 19.04 Release NotesDave Wallace1-1/+64
Change-Id: I66b35c7c03303bc7200c01e9da926bce778b2d6b Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit 3d18a191aaf31ef8b1524ab80fed22a304adf75d)
2019-04-30svm: more fifo refactor/cleanupFlorin Coras12-715/+959
Change-Id: Ie76c69641c8598164d0d00fd498018037258fd86 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-30elf: fix memcmp() overflowBenoît Ganne1-1/+1
name can be (and will be) smaller than section_name_start. Both name and section_name_start are NULL-terminated so we can use strcmp. Change-Id: Iec414810109f9267de20c25c0fe601df35daf89e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30stats: fix non null terminated stringBenoît Ganne1-0/+5
Change-Id: I08e490d9e955072eff20d0141598157d995bcb56 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30vppinfra: fix buffer overflow in unformat_tokenBenoît Ganne1-2/+8
Change-Id: Ia60e4092c45c192002de064c362a9265bc9baeec Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30crypto: enforce per-alg crypto key lengthBenoît Ganne4-18/+57
Crypto algorithms have different requirements on key length. As we do not support key stretching (eg. PBKDF2), user must provide the exact key length used by the algorithm. Failing that means low-level crypto functions might read garbage (eg. aes128_key_expand() will read 16-bytes, regardless of the key provided by the user). Change-Id: I347a1ea7a59720a1ed07ceaad8b00a31f78458c9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30stats: Add version defines in stat_client.hOle Troan1-0/+3
Change-Id: I9894a0c613b0486112623920d49371ceec9e6111 Signed-off-by: Ole Troan <ot@cisco.com>
2019-04-30reassembly: avoid race-conditionsKlement Sekera1-12/+26
Change-Id: Ibf5c283217a985e43a562f1969573eeb26ee6017 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-04-30Sphinx docs: Fix security vulnerability (VPP-1655)Dave Wallace1-1/+1
Change-Id: I9b11d15866d708eb843936ebfd120940d284a2de Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit facb4d44475cd0040cc8964be30180e1adeb2021)
2019-04-29DOC ONLY: add a buffer metadata writeupDave Barach2-1/+192
Change-Id: Ic8034cfe3d3c5a9c3d32e97e93e5d9334cc58ca2 Signed-off-by: Dave Barach <dave@barachs.net>
2019-04-29API: Add support for limits to language.Ole Troan6-20/+65
string name [limit = 64]; Meta-data to do argument validation. Change-Id: I1f3e0f09b2d5285224399413d25206f77bd3f4b1 Signed-off-by: Ole Troan <ot@cisco.com>
2019-04-27svm: fix fifo tail/head/ooo logic for u32 wrapFlorin Coras3-16/+283
These were introduced with the switch to unbound tail/head size, so they only affect master. Added unit tests to avoid future surprises. Change-Id: I83b6c9efbe31d8092ba59b8e2ed46f4da97f35db Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-26IF: return VTR attributes for all ifs in dump APIAlexander Chernavin1-20/+20
With this commit, VTR attributes are shown not only for subinterfaces but for all interfaces. Change-Id: I498185d905c0bf48431cddb916165f8e9c841b1f Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-04-26crypto, ipsec: change GCM IV handlingDamjan Marion5-58/+39
- nonce construction out of salt and iv is ipsec specific so it should be handled in ipsec code - fixes GCM unit tests - GCM IV is constructed out of simple counter, per RFC4106 section 3.1 Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-26nat: fix ED mode unknown proto session managementMatthew Smith3-8/+24
In endpoint dependent mode, when a session at the head of a user LRU is reused, if the IP protocol for that session was unknown (any other than tcp, udp, or icmp), the attempt to delete the session mapping from the in2out bihash was not using the same key that was used when the mapping was added. This would cause the deletion of the mapping to fail. If packets arrive later which match the original session, the search for the session key would succeed when it should have failed and the session, which is now associated with a different pair of endpoints, may end up being updated when it should not be. Update the key generation when reallocating an existing session to do the right thing if the session is for an unknown protocol. Also update format_nat_session() for unknown protocols so that 'vppctl show nat44 session detail' will display the protocol correctly. In endpoint dependent mode, the IP protocol is stored in the port field on a session if the protocol is unknown. The value is stored in host byte order, but the format function was swapping the bytes before writing the protocol. Change-Id: I9e8daadd4569cb2610532dab4e4f41d1567cf3d1 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-04-26nat: prevent creation when-resolved static mappings on errorsAlexander Chernavin1-1/+1
When you create two identical NAT44 static mappings using interface name as external address and only local or ext port is different, VALUE_EXIST will be raised but when-resolved static mapping will remain. vpp# nat44 add static mapping tcp local 10.128.0.129 443 external GigabitEthernet0/8/0 8443 vpp# nat44 add static mapping tcp local 10.128.0.129 80 external GigabitEthernet0/8/0 8443 nat44 add static mapping: Mapping already exist. vpp# show nat44 static mappings NAT44 static mappings: tcp local 10.128.0.129:443 external 2.2.2.2:8443 vrf 0 tcp local 10.128.0.129:443 external GigabitEthernet0/8/0:8443 vrf -1 tcp local 10.128.0.129:80 external GigabitEthernet0/8/0:8443 vrf -1 With this commit, when-resolved static mapping is not created if the translation only differs in local or ext port. Change-Id: Ifc960b9dc1371caa2a8d3206a80a0ffd10d293e4 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-04-26svm: fifo segment support for chunk allocationFlorin Coras8-26/+338
Change-Id: Ie96706b4d8bcb32d2d5f065bc765f95f4e9369e7 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25crypto_ia32: minor change logicallyZhiyong Yang1-2/+1
"break;" will never be run after "return;" Change-Id: I4fdfd10406fdf61897078746d28fa1ee32fb0081 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-25crypto: AES GCM IV length is always 12Damjan Marion4-5/+2
... at least for use cases we are interested in Change-Id: I1156ff354635e8f990ce2664ebc8dcd3786ddca5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25docs: Add VPP inside the CloudFrancesco Spinelli9-4/+805
This commit updates the VPP docs, adding the VPP deployment and configuration inside the cloud Change-Id: I97322deb57f0dfb1aa46cca301adbc91ce4a19f6 Signed-off-by: Francesco Spinelli <francescospinelli94@live.it>
2019-04-25Clean up redirectsDave Barach1-21/+50
Both firefox and chrome seem happy to browse a hugo-generated site Change-Id: Id216ad9c781643df42ac4fbce598eb2afa600f4d Signed-off-by: Dave Barach <dave@barachs.net>
2019-04-25Change dpdk thread data flags type to u16 from u8 to get more useful dataSimon Zhang2-6/+7
Change-Id: Idc3763c38f5aa638d4f290f4d4730577601d78b8 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2019-04-25tap: Fix the indirect buffer allocationMohsin Kazmi1-1/+1
Change-Id: I73f76c25754f6fb14a49ae47b6404f3cbabbeeb5 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-04-25session: cleanup segment manager and fifo segmentFlorin Coras23-1005/+1001
Change-Id: I984f347fb465c0c405cef668d8690457e81788e2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25unittest: AES GCM test cases cleanupDamjan Marion1-270/+126
This reverts commit 7f2d57b69ea031cc6110b3a1f4c1ef1c35b67181. Change-Id: I23c3b4d2dab6e13cc8fbbf0ac9d0cfd8af3241c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto_ipsecmb: CBC IV size is always equal to block sizeDamjan Marion1-27/+13
Change-Id: If8b2c8942db17a853883360885def47ce50e7ddd Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto_ipsecmb: use pre-expanded keysDamjan Marion3-220/+209
Change-Id: Ie1d34b7e71554516595e0cd228e2cd54a3b8d629 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25session: use teps in accept/connect notificationsFlorin Coras11-81/+72
Change-Id: I58e713661a38cecbfdebd4609292d9d12e880cd2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25IPSEC; dpdk backend for tunnel interface encryptionNeale Ranns10-61/+169
Change-Id: Ide2a9df18db371c8428855d7f12f246006d7c04c Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-25ipsec: drop runts in esp-decryptDamjan Marion2-2/+30
Change-Id: Id7fcaf8590f9f2dcccdebea0ad31c7ecd1cbc8af Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto: improve key handlingDamjan Marion19-66/+351
Change-Id: If96f661d507305da4b96cac7b1a8f14ba90676ad Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25Remove dummy_interface_tx nodes from l2tp l2xcrw and nshJohn Lo3-27/+0
Change-Id: I51e0d4a9ec62514a85bbe4c5f56a48d60ab6f4e4 Signed-off-by: John Lo <loj@cisco.com>
2019-04-24Add get_endpoint in transport vftAloys Augustin7-14/+126
This allows QUIC & TLS specific logic to be implemented, and meaningfull IP/port to be returned when connection is overridden. Change-Id: Id79c59fe4d7b16d36f0e96ad3e281c4026b5fe65 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-04-24ip4_lookup_inline: leverage vlib_get_buffers to improve perfZhiyong Yang1-32/+27
vlib_get_buffers can save at least 1.2 clocks/pkt for ip4_lookup_inline on Haswell. Change-Id: I730fc346cec4d2eb5ca364308e45268bda4d5f89 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-24dpdk: fix interface namingFlorin Coras1-1/+1
Change-Id: Ia092a93a7ac0cbf9338f9d4a5db8b94b23549a13 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-24Clean up multi-thread barrier-sync hold-down timerDave Barach2-13/+57
Main thread: don't bother with the barrier sync hold-down timer if none of the worker threads are busy. Worker threads: avoid epoll_pwait (10ms timeout) when the control-plane has been active in the last half-second. Change-Id: I82008d09968c65e2a4af0ebb7887389992e60603 Signed-off-by: Dave Barach <dave@barachs.net>