aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2020-02-17ikev2: IKE plugin manages the state of the protected tunnel interfaceNeale Ranns1-2/+8
Type: improvement IKE will bring the tunnel up ince the negociation is complete and bring it down when the session ends. It is the clinets responsibility to manage the state of the tunnel before and after these events. So to prevent any unencrpyted traffic egressing the tunnel before the session is negpciated, the tunnel should be in the down state when it a associated with the IKE session. Change-Id: I8aee593c79ca006d6ab08f9fa560fbbf6f8dcc16 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-17crypto-native: calculate ghash using vpclmulqdq instructionsDamjan Marion2-0/+141
vpclmulqdq is introduced on intel icelake architecture and allows computing 4 carry-less multiplications in paralled by using 512-bit SIMD registers Type: feature Change-Id: Idb09d6f51ba6f116bba11649b2d99f649356d449 Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2020-02-17vlib: fix code of getting numa node with specific cpu_idLijian.Zhang1-3/+18
Use below sysfs files to check which numa node a specific cpu_id belongs to. /sys/devices/system/node/online /sys/devices/system/node/node0/cpulist /sys/devices/system/node/node1/cpulist Type: fix Change-Id: I124b80b1fd4a20dd7bd76f0ae27d5ab23a3a8ff1 Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
2020-02-15tls: Fix Picotls ctx_read rx_content issueSimon Zhang1-18/+21
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: I19cdd2055ea494fc36628b4a94fc56742c1d1a8a Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2020-02-15tap: fix the default parameter for num_rx_queuesMohsin Kazmi3-40/+53
Type: fix Change-Id: I1a20fea56f1ba1fada7c7ce96ea333bf097b1273 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-02-14tls: remove session lookup operation in TLSYu Ping1-2/+0
Type: fix Change-Id: I50329bda365d98f9f9d56a58187fb4fb2a4eb461 Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-02-14tcp: reset fin-wait-2 timeout connectionsFlorin Coras2-0/+9
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id931f3f308a01788d222d0d62f26f5c579321c6a
2020-02-14tunnel: add FEATURE.yamlNeale Ranns1-0/+9
Type: docs Change-Id: I171903bd3fd3219ad0e1ebd79a6dbf6f094d9cb8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-14vcl: fix ldp read on closing sessionFlorin Coras2-15/+10
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I60be191866d20721951ad22f571a2a3275511e12
2020-02-14vrrp dns: fix coverity warningsDave Barach3-2/+9
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0d164147173b452fee7e720e01e6a9991f43b64a
2020-02-14dpdk: TSO does not work for Cisco VICSteven Luong1-0/+11
While TSO is supported for Intel NIC, Cisco VIC does not work. The problem is due to txmode offloads is not properly set for the Cisco VIC when enable-tcp-udp-checksum is configured. Type: fix Ticket: VPP-1838 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I72c41db9b327ed8d08ef70d74e8cc6206d4a102f
2020-02-14dpdk: fix flow(with mark action) deletion crash issueChenmin Sun1-1/+1
Type: fix this patch fixes mark flow deletion crash issue, see below test flow add src-ip any proto udp src-port 111 dst-port 222 mark 100 test flow enable index 0 1/1 test flow disable index 0 1/1 test flow enable index 0 1/1 test flow disable index 0 1/1 -> [crash] This is because the code resets a wrong vector in flow lookup entry recycle logic. See function dpdk_flow_ops_fn(). Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I2b0a1e531931ab25541d672d88da18dc2289f1ce
2020-02-14tcp: improve reset generation in reset nodeFlorin Coras2-57/+41
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7a4a4a52c3e4ad47aabb2ef5f53a0e0bb7e71690
2020-02-14tcp: minimal set of worker statsFlorin Coras4-7/+115
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9dafe564229095d50285276a654f4983f93faff2
2020-02-14crypto-native: refactor CBC codeDamjan Marion5-606/+446
Type: refactor Change-Id: I61e25942de318d03fb3d75689259709d687479bc Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-13nsim: fix quad-loop packet traceDave Barach1-11/+12
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I756170bd799d1f482186cbb4b5dff9373ae6e08f
2020-02-13vcl: clear accept msg flagsFlorin Coras2-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idb513232e7b091c8f767726bfa1deb10a7e3b751
2020-02-13vrrp: add plugin providing vrrp supportMatthew Smith19-0/+6912
Type: feature Add a new plugin to support HA using VRRPv3 (RFC 5798). Change-Id: Iaa2c37e6172f8f41e9165f178f44d481f6e247b9 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-02-13vppinfra: add 128-bit and 512-bit a ^ b ^ c shortcutDamjan Marion4-18/+33
This allows us to combine 2 XOR operations into signle instruction which makes difference in crypto op: - in x86, by using ternary logic instruction - on ARM, by using EOR3 instruction (available with sha3 feature) Type: refactor Change-Id: Ibdf9001840399d2f838d491ca81b57cbd8430433 Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2020-02-13vcl: handle close after resetFlorin Coras2-10/+32
Can happen if a connection is reset before fully accepted. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0ae68d71b66722dd19ca6f1cee44a080e5ff4447
2020-02-13crypto-native: add AArch64 AES-GCM native implementationDamjan Marion7-55/+78
Type: feature Change-Id: I4f96b0af13b875d491704b010328a1814e1dbda1 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-13dpdk: Add iova-mode to startupVladimir Ratnikov1-1/+2
In some cases of using vfio-pci driver, it should be required to enable pa or va mode. Without it, rtl_eal_init unable to allocate memory required. Debugging told that iova-mode pa/va could help. And it helps. This patch allows to pass iova-mode to vpp startup.conf Type: feature Change-Id: I36b87f5d3d141891b37cda2c306d50433954a34a Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
2020-02-13fib: Fix some more realloc errorsNeale Ranns5-55/+34
Type: fix Change-Id: I6011f5d6eae79019d3c16a260a9bedf0a76d2151 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-13ikev2: Responder honours the protected tunnel configNeale Ranns2-0/+10
Type: feature Change-Id: Iee84f94c617c53658f13c5430b945568c5e06ce9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-13crypto-native: add AArch64 ghash supportDamjan Marion1-1/+23
Type: improvement Change-Id: I1f204685ea9374389fc24fc53184ce06806beed3 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-13vppinfra: add cmake option to grow vectors by 1Dave Barach3-0/+13
For debugging. Do not set this option in production. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I5e59671c4932e064bc087b85bf9c62c6f3bf48cf
2020-02-12classify: fix "show classify filter" debug CLIDave Barach1-3/+1
Null pointer bug, memory leak. D'oh! Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic2865757ed9cbb7f48d23c7c30b64299eb5f6674
2020-02-12vppinfra: add clib_prefetch_load and clib_prefetch_storeDamjan Marion1-0/+12
For people tired of typen CLIB_CACHE_LINE_BYTES.... Type: improvement Change-Id: I7658a8525ff6e3edc81a29b05a6fda33e537806e Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12vppinfra: add ARM NEON implementation of u8x16_word_shift_{left,right}Damjan Marion1-0/+12
Type: improvement Change-Id: I310e421513e9d3f96ad7debc72c9407e231962b8 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12tcp: improve invalid packet handling in syn-rcvdFlorin Coras2-4/+14
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie356b4d45d47e30c185caf2e66cdb16f1a97046f
2020-02-12tcp: move connections to wrk ctxFlorin Coras3-58/+50
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I06cc3f032a72eacc716eed8d6fe8856a2839def1
2020-02-12crypto-native: fix ghash function namingDamjan Marion1-6/+6
Type: refactor Change-Id: I1d594af6d7c0d065d5c2decc5b22d549189b1882 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: use and instead of blendDamjan Marion1-4/+1
Faster and more portable... Type: improvement Change-Id: I915f8d3c45d1ba76ddfdbfac98482b04c98d148b Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12crypto-native: add missing static_always_inlineDamjan Marion1-6/+6
Type: improvement Change-Id: Ibfa756f5f489882bc2ac658ae4d238e98da73875 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-12tcp: postpone rst handlingFlorin Coras3-71/+133
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id09fa54cc5657b3b5616ea6a6180c1344b0141d4
2020-02-12crypto-native: refactor GCM code to use generic typesDamjan Marion3-291/+325
Type: refactor Change-Id: I76733a9ed362ec60badd22c0fbc2a9c5749da88d Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-02-12api: do not truncate api dump file sizeBenoît Ganne1-1/+1
Type: fix Change-Id: I5c81d2f55057f5fba780cb12154a3fb1aef79f20 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-02-11vppinfra: remove the historical mheap memory allocatorDave Barach18-2195/+14
The mheap allocator has been turned off for several releases. This commit removes the cmake config parameter, parallel support for dlmalloc and mheap, and the mheap allocator itself. Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I104f88a1f06e47e90e5f7fb3e11cd1ca66467903
2020-02-11misc: fix coverity warningsDave Barach4-9/+19
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I6b1ea13fc83460bf4ee75cb9249d83dddaa64ded
2020-02-11ikev2: Configure a profile with an existing interfaceNeale Ranns7-30/+141
Type: feature ... rather than always creating a new interface. Change-Id: If8a22ad5a8a3a4e511bea7cab7d8bbf7e6af9433 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-11crypto-native: fix ARM compilatiion flagsDamjan Marion1-1/+1
Type: fix Change-Id: I3b39c17d9cfadc1d383d9c4dba9029ea279d09d7 Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-11vppinfra: add ARM cpu typesDamjan Marion1-0/+4
Type: improvement Change-Id: Ib2cb708fdcb14fdea9298c10d67f8fe73887f18b Signed-off-by: Damjan Marion <dmarion@me.com>
2020-02-11ipsec: add support for chained buffersFilip Tehlar17-351/+1376
Type: feature Change-Id: Ie072a7c2bbb1e4a77f7001754f01897efd30fc53 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-02-11session: avoid scanning new io list under loadFlorin Coras2-21/+51
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idaa7cc26ad941be86daec4ed5920727237712f4a
2020-02-11vppinfra: remove unused variable from timing wheelKlement Sekera2-4/+0
Type: fix Change-Id: I77b03efcac04cc46550d03657464ab8de5d7da78 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-02-11http_static: VPP web application HowToDave Barach2-1/+275
This sketch should save a lot of time working out uninteresting but important details. Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Icd5705230adfda6539360ef3c46ff3a68b3bed74
2020-02-11sr: update NH value for Ethernet payloadspcamaril12-38/+39
Upon encapsulation of L2 frames, IETF has replaced the NextHeader value from 59 (IPv6 No Next Header) to 143 (Ethernet). https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml Type: fix Signed-off-by: pcamaril <pcamaril@cisco.com> Change-Id: I88aa5590c81d16700ff7a0bbe6337e113179496e Signed-off-by: pcamaril <pcamaril@cisco.com>
2020-02-11tls: refactor picotls ctx_read process to improve CPSSimon Zhang2-58/+55
Type: refactor Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: I2bb675b4df3c4151f4b0791efcfe05b1d0f87a33 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2020-02-11svm: numa awareness for ssvm segmentsFlorin Coras4-26/+70
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I999836a7893a89aac5243b111eac35fddd03e2a6
2020-02-11ip: fix ip-local errorsFlorin Coras4-5/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie8bc5c9a03e858487cf565b4e9b520e6b496337a