aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-10-17VPP-1032: fix coverity warningsDave Barach3-14/+25
Change-Id: Ic3a0c51e5408921051deaf2e50372d9654574b27 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-17Initial commit for phase 2, Add some simple validation.John DeNisco4-8/+235
Change-Id: I5b1d5600cdef4b05cc7c2f1cddb60aed2cc49ac2 Signed-off-by: John DeNisco <jdenisco@cisco.com>
2017-10-17TEST,SPAN: add rx+tx span testEyal Bari1-127/+78
also refactored verify function Change-Id: Ib93c99c833dd7c75e416374530c631f954957d98 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-10-17VCL_LDPRELOAD: Add unit test scripts.Dave Wallace5-0/+160
Change-Id: I5fbb3339a6dbd7b40fecf66bfda3fd3249b4a90c Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-17VCL: refactor VCL_LDPRELOAD env vars.Dave Wallace2-6/+4
- Update vcl-ldpreload references to use $WS_ROOT. Change-Id: I8e79f7c5e330eda6548a2baf84613b0a4d360811 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-17Add API versioning to GENEVE tunnel implementation.Marco Varlese1-1/+3
Change-Id: I5974e5545d74af53c27938c8cdbae12745c38a54 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-17session: return local transport endpoint in connect replyFlorin Coras4-1/+20
Change-Id: I7794d5a0774017da4c1c15f45783a18754994ac8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-17Update CSIT tests 171002 -> 171017Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: Ib098170bbcdbbb01c25ef197d9181cfd826d2854 Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-10-16session: fix build when debugging is onFlorin Coras3-3/+3
Change-Id: I193832a0cd0557fffc034a1223f67fa64a4d45ae Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-16udp: refactor udp codeFlorin Coras40-1243/+1941
Change-Id: I44d5c9df7c49b8d4d5677c6d319033b2da3e6b80 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-16DNS name resolver improvementsDave Barach4-31/+217
- Cache intermediate CNAME records - Bug fixes Change-Id: I06dcb558212fc5e9434281493c872577cf9b83e1 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-16LDPRELOAD: Remove hack code in getpeernameSteven1-14/+0
Now the real implementation of getpeername is there, we remove the hack version of getpeername in LDPRELOAD. Change-Id: I8fa2ba93d346f78d04129a87ee17a834cba537da Signed-off-by: Steven <sluong@cisco.com>
2017-10-16LISP: fix map-request counters, ONE-25Filip Tehlar1-6/+5
Change-Id: I198f58a84c4692408f9205052af24ee22df7aeaa Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-10-16jvpp: stop plugin intialization on first mismatchMarek Gradzki9-12/+15
Java bindings use get_message_id from jvpp-common to detect if messages known at compile time are avaliable at runtime. In case of missing entry, Java exception is propagated via JNI using (*env)->ThrowNew. But this function does not end code execution so, in order to prevent unexpected behaviour (e.g. calling vl_msg_api_set_handlers with id == 0), get_message_id caller should do it manually. Change-Id: I2edb5013fd3658dcdd77a867b5cdf62e559ee071 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-10-16lb plugin - fix format() type mismatchesGabriel Ganne1-2/+3
* (vip - lbm->vips) is u64; change format from [%u] to [%lu] * vip->plen is u8, but format looks for u32; add exlicit cast (this cast was done implicitely) On ARM platforms, these prevent a loop in the second call to format_white_space() which would get an invalid (huge) indent value; the result *looked like* an infinite loop. Change-Id: I675ef2f98e4ba3d9e8aef12022d38b1d22981da8 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-15VCL/LDPRELOAD: getpeername and getsocknameSteven2-42/+39
Add support for getpeername and getsockname system calls Change-Id: Ie22787b967bb2a5fead0f5fcffd779e4f39b3302 Signed-off-by: Steven <sluong@cisco.com>
2017-10-15Fix minor issues in clib_spinlock_unlock()Dave Barach1-1/+3
Change-Id: I20ce799c9dd57332c06003b466ee7c36169bce98 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-15ip: avoid arp assert if out of buffers (VPP-1030)Florin Coras1-0/+4
Change-Id: Ia31b978c6c1619c3e0075a84fcbbb6ccbf1c0076 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-15Revert "Enforce FIB table creation before use"Florin Coras8-31/+101
This reverts commit f9342023c19887da656133e2688a90d70383b0c5. Reverting to unblock master. No idea why jjb +1ed this patch! On closer inspection it looks like it -1ed it and subsequently changed opinion. CSIT tests should be fixed before re-merging. Change-Id: I26608912a962c52083073e16c7c9d2cc44a3cc8d Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-14NAT: fix delete of sessions for 1:1 NAT if 1 worker (VPP-1023)Matus Fabian1-1/+1
Change-Id: I2446c646de7f227f9438dd7ef93a455ba5af0102 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-14change format_get_indent() to use u32 instead of uwordGabriel Ganne6-7/+8
This follows commit d3c008d108aa2187d1a2afe2833b4de25ca2c2ab by Christophe Fontaine. Change-Id: I0c4df40df44be2ac0ab25817fa050a1f619eca4d Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-14Fix bug with temporary directory when building rpms.Thomas F Herbert1-1/+1
Fixes bug introduced in commit 5349f94d. JIRA: VPP-1014 Change-Id: Ia18f4c6f5f1124306cce790a36f6de970d186687 Signed-off-by: Thomas F Herbert <therbert@redhat.com> (cherry picked from commit 8c5bfbcc09f44f3ed2b87b0b5c257fbb7b735f97)
2017-10-14Deps added to Makefile must also be in spec file.Thomas F Herbert2-5/+7
Deps are required for Fedora too. This patch is merged in version stable/17.10. It should also be merged in master because it fixes breaking rpm builds in some circumstances. JIRA: VPP-1015 Cherry-picked from stable/1710 Change-Id: I10807069742cdd6b09a0f34d9d05e9cae4146ec3 Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2017-10-14Add API call to set keys on IPsec tunnel intfMatthew Smith3-0/+152
There was already a CLI command and a libvnet function to set the keys on an existing IPsec tunnel interface. Expose this via the API. Change-Id: I226a9616f680fc022f04447177a2e8232690657f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-10-14Source Lookup progammable via APINeale Ranns12-13/+201
Change-Id: I5d5d4f22b6369d504455a644f73076d772fbcfb4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-14vhost: crash under heavy traffic condition due to memory corruption (VPP-1016)Steven1-2/+33
With heavy traffic, tx code path may crash due to memory corruption Thread 5 "vpp_wk_2" received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7fff3995c700 (LWP 2505)] 0x00007ffff73675e8 in vhost_user_if_input (vm=0x7fffb5f5bf9c, vum=0x7ffff7882a40 <vhost_user_main>, vui=0x7fffb65570c4, qid=0, node=0x7fffb6577dac, mode=VNET_HW_INTERFACE_RX_MODE_POLLING) at /home/sluong/vpp-master/vpp/build-data/../src/vnet/devices/virtio/vhost-user.c:1610 1610 bi_current = (vum->cpus[thread_index].rx_buffers) [vum->cpus[thread_index].rx_buffers_len]; (gdb) p vum->cpus[thread_index].rx_buffers_len $2 = 793212607 (gdb) Apparently, some code accidentally wrote the bad value in rx_buffers_len. rx_buffers_len should never be greater than 1024 since that is how many buffers we request each time. After debugging many hours, I discovered that the memory corruption happens in the tx code path right here on line 2176. { vhost_copy_t *cpy = &vum->cpus[thread_index].copy[copy_len]; copy_len++; cpy->len = bytes_left; cpy->len = (cpy->len > buffer_len) ? buffer_len : cpy->len; cpy->dst = buffer_map_addr; cpy->src = (uword) vlib_buffer_get_current (current_b0) + current_b0->current_length - bytes_left; (gdb) p cpy $3 = (vhost_copy_t *) 0x7fffb554077c (gdb) p copy_len $4 = 1025 (gdb) p &vum->cpus[3].rx_buffers_len $8 = (u32 *) 0x7fffb5540784 copy_len is picking up the index entry 1024 before it was incremented. copy array has only 1024 members (0 - 1023 are valid). The assignment here in cpy surely causes memory corruption. It is only discovered later when the memory location that it corrupted is used. The condition for the crash is to transmit jumbo frames under heavy volume. Since ring size is 1024, with one packet taking up one index for frame size (less 2048), it does not cause overflow. With jumbo frames, it requires multiple indices for one packet, it can cause the overflow under heavy traffic. The fix is to do copy out when we have 1000 entries in the array to avoid overflow. Change-Id: Iefbc739b8e80470f1cf13123113f8331ffcd0eb2 Signed-off-by: Steven <sluong@cisco.com>
2017-10-14plugins/dpdk: align memory to avoid potential segfault and false sharingGeorgina Sheehan1-1/+1
Made Update to src/plugins/dpdk/buffer.c Change-Id: I87bb8f38974a7be274c1b1d205f5513e7d068e48 Signed-off-by: Georgina <georgina.sheehan@intel.com>
2017-10-14Use AESNI=y only on x86_64 machinesBrian Brooks1-0/+6
This fixes the native build on arm64 machines. Change-Id: I89bff01beedb4c8e26ac55fab2dd1ed39754bf26 Signed-off-by: Brian Brooks <brian.brooks@arm.com> Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com>
2017-10-14VPP-1029: Don't call clib_longjmp(...) directly from the SIGTERM handlerDave Barach2-4/+8
It's way too easy to imagine leaving a mutex or a spin-lock held in the /vpe-api shared-memory segment, or elsewhere. Set a volatile variable and check it in a safe place... Change-Id: I9d91c38cffeb921143c272162d055c9c24a6c312 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-13Enforce FIB table creation before useNeale Ranns8-101/+31
last i the serise of the use of the FIB table create/delete API. VPP now forces the tables to have been explicitly creted before they are used. Change-Id: Ifde3b1bbb76697a01ab71bce4f5264e6d1725467 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-13acl-plugin: display "::" for INADDR6_ANY on ACL outputSteve Shin2-5/+10
INADDR6_ANY should be displayed as "::" instead of "0.0.0.0"(ipv4 format). Change-Id: I24ec7b6febbfeca5db7ff894f455ecb73d954334 Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-10-13LDPRELOAD: Add TCP_KEEPIDLE, TCP_KEEPINTVL, and SO_KEEPALIVESteven1-9/+32
Implement the subject setsockopt by passing them to VCL Change-Id: Ida5136cb3a51d2bf30080e8c4af4239681ed2184 Signed-off-by: Steven <sluong@cisco.com>
2017-10-13VPP-1027: DNS name resolverDave Barach14-9/+3205
This patch is a plausible first-cut, suitable for initial testing by vcl (host stack client library). Main features; - recursive name resolution - multiple ip4/ip6 name servers - cache size limit enforcement - currently limited to 65K - ttl / aging - static mapping support - show / clear / debug CLI commands Binary APIs provided for the following: - add/delete name servers - enable/disable the name cache - resolve a name To Do list: - Respond to ip4/ip6 client DNS requests (vs. binary API requests) - Perf / scale tuning - map pending transaction ids to pool indices, so the cache can (greatly) exceed 65K entries - Security improvements - Use unpredictable dns transaction IDs, related to previous item - Make sure that response-packet src ip addresses match the server - Add binary APIs - deliver raw response data to clients - control recursive name resolution - Documentation Change-Id: I48c373d5c05d7108ccd814d4055caf8c75ca10b7 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-13acl-plugin: split the "show" commands and add an option to show ACLs by ↵Andrew Yourtchenko1-317/+407
interface From the troubleshooting perspective, it is nice to immediately know the ACEs for the ACLs applied to an interface, so implement that. To make the CLI more friendly, split each of the "show" variants into an independent _cmd function with the distinct CLI path. Change-Id: I519e4799083c04e8f0fcdf3e262a73493be4b690 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-13LDPRELOAD: Add ioctl, fcntl, and setsockopt supportSteven6-32/+255
Add support for the following system calls: ioctl (FIONREAD) fcntl (F_GETFL) fcntl (F_SETFL) setsockopt (SOL_IPV6, IPV6_V6ONLY) setsockopt (SOL_TCP, TCP_NODELAY) setsockopt (SOL_SOCKET, SO_REUSEADDR) setsockopt (SOL_SOCKET, SO_BROADCAST) This patch supersedes https://gerrit.fd.io/r/#/c/8765/ Change-Id: I5d5309d9f43d93a990b389d8cb667631de1903fe Signed-off-by: Steven <sluong@cisco.com>
2017-10-12VCL: Add SET_KEEPALIVE, SET_TCP_KEEPIDLE, and SET_TCP_KEEPINTVLSteven2-0/+12
Add the subject enums to unblock LDPRELOAD. Just the enums, no real implementation yet. Change-Id: Ia3ec576c2779ee20956a37f0adebc06f16d1fe7f Signed-off-by: Steven <sluong@cisco.com>
2017-10-12dpdk/ipsec: coverity fixesSergio Gonzalez Monroy4-17/+28
Change-Id: Ica3bc74ffbb1c0df4e198b0abff8df10cdeb2182 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-10-12libmemif: Add memif_cancel_poll_event() + bug fixing.Milan Lenco3-30/+78
Change-Id: I27d6bf93216f1f639f01fad730506afdc7115e46 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-10-12Remove libsubunit 'dependency' for openSUSE and fix NASMMarco Varlese2-3/+14
This patch addresses the unrequired dependency on libsubunit for opensuse; it also adds the required new dependency on check (add check-devel to the top-level Makefile). It adds some extra logic to install the correct NASM version to support AESNI. Change-Id: Ie368dd8f8485a67ab125e735fd12cbe25b9b588f Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-12LLDP: Add Management Address TLVSteve Shin8-28/+271
- Management Address TLV is added as per IEEE Std 802.1AB-2009. - Support of management ipv4/ipv6 addresses and OID. Change-Id: I57c14741774390809ce5a829cc087947424432c7 Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-10-12Add support for packaging SUSE RPMs.Marco Varlese2-0/+384
This patch adds a new spec file for SUSE distribution and modifies the Makefile to learn which platform is building the RPMs for. Change-Id: Ic8ee0ddf978042cc1785ebc28bd1a6c9faf9bb74 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-12tcp: do not format sb if not established (VPP-1018)Florin Coras1-2/+3
Change-Id: I011dda118f37cb31a37dda270027612d0af57ca0 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 87f141172212b7568f519653ab32ebd1b5d34344)
2017-10-12VCL: Add REUSEADDR, BROADCAST, and V6ONLY to vppcom_session_attr APISteven2-1/+13
1. Add the subject enum type 2. Fix a typo for the clib_warning Change-Id: I59f6d15d51c66b96022d51592d65c41755c1582a Signed-off-by: Steven <sluong@cisco.com>
2017-10-12Initial push of vcl-ldpreload to extrasKeith Burns (alagalah)14-0/+8327
- fix checkstyle Change-Id: I4317757258ed6a65b8fae1377f17db39375282ac Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com> Signed-off-by: shrinivasan ganapathy <shrinivasanganapathy@gmail.com>
2017-10-11Revert "VPP-1001 - update AF Packet Driver to for modern kernels"Damjan Marion4-119/+10
Issues observed with specific kernel versions, e.g. stock Ubuntu 16.04 kernel. This reverts commit 3eab064e3fadaf2a6a128f167ad04ca0319b4e17. Change-Id: I24241f3b580df749fc686af3a319011ca035fb5e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-11test: retry 3 times if test fails during verifyDamjan Marion1-1/+1
Change-Id: Ib1cb7f09c444f3667904eade935eb220f327b6fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-11Redhat and small system supportJohn DeNisco23-0/+6148
Initial 17.10 commit Final 17.07 cleanup, 17.10 next Added CentOS grub support, this should complete the CentOS support Added Centos install/unistall Added TCP parameters. Change-Id: I064e3a4118969ac36e62924a6a3f8a98f132ba60 Signed-off-by: John DeNisco <jdenisco@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-10Add VCL session get/set attributes api function.Dave Wallace3-26/+193
Change-Id: I72b0c063e89bf8299699dafec2a7e0395b86c8b9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-10session: add support for application namespacingFlorin Coras43-793/+2927
Applications are now provided the option to select the namespace they are to be attached to and the scope of their attachement. Application namespaces are meant to: 1) constrain the scope of communication through the network by association with source interfaces and/or fib tables that provide the source ips to be used and limit the scope of routing 2) provide a namespace local scope to session layer communication, as opposed to the global scope provided by 1). That is, sessions can be established without assistance from transport and network layers. Albeit, zero/local-host ip addresses must still be provided in session establishment messages due to existing application idiosyncrasies. This mode of communication uses shared-memory fifos (cut-through sessions) exclusively. If applications request no namespace, they are assigned to the default one, which at its turn uses the default fib. Applications can request access to both local and global scopes for a namespace. If no scope is specified, session layer defaults to the global one. When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY) binds are converted to binds to the requested interface. Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-10dpdk: fix mempool size calculationDamjan Marion1-2/+3
Change-Id: I5b48310c46ca8a2143b2132110240d7e9a52c25d Signed-off-by: Damjan Marion <damarion@cisco.com>