| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When IPsec async mode is enabled, packets don't pass through the tunnel
if ciphers other than AES GCM are used for child SAs. An error that
arises is "bad-hmac" in the "crypto-dispatch" node.
On the encryption stage, the VNET_CRYPTO_OP_FLAG_HMAC_CHECK flag is set
for the integrity crypto operation when it's not supposed to. It seems
that the flag remains from the previous operation.
With this change, zero flags of crypto operations in the SW scheduler
during operation filling.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iabac253474e95cb01f9ec0933f3c4860f8a5289c
|
|
Type: fix
Change-Id: I1f8245e8cccacb5bbb511aef39e31d0a76bba95f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
root@ae2a2e85c5d4:/vpp/src/vpp-api/python# python3
Python 3.6.9 (default, Oct 8 2020, 12:12:24)
[GCC 8.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import vpp_papi
>>> vpp_papi.__version__
'1.6.2'
Type: feature
Change-Id: I73025427a58214a842245fceaa77daa7acd3e6f8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Change-Id: I4901f7eb9d739afd4d45a25306434e9d122a4068
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: make
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Icbbae3ab222e7d97e6c496c13ec9229e94cf5ede
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibea7ec844d1d910e8a3235e11154b1ecea8302ac
|
|
If static-mapping-only is enabled, NAT pool cannot be configured, only
static mappings. There're two ways to add addresses to the NAT pool:
by address range, or by first found address from an interface.
NAT44_ADD_DEL_ADDRESS_RANGE already tests if dynamic mappings are
available but NAT44_ADD_DEL_INTERFACE_ADDR doesn't. If
static-mapping-only is enabled, adding addresses by range is rejected
but by interface not.
With this change, if static-mapping-only is enabled, do not allow to
add addresses to the NAT pool both ways.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ifc055ea9a71a5e579388833a2990aef21bf7ed29
|
|
Including a general missing free in fromjson autogenerated code.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9ab2b0193135e2fb3d62d51b3c114df56969e341
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: improvement
Change-Id: I456f9b14e6a4eb46c9c49f6e09acccae530e4ebc
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
This reverts commit c7eaa711f3e25580687df0618e9ca80d3dc85e5f.
Reason for revert: The jenkins job named 'vpp-merge-master-ubuntu1804-x86_64' had 2 IPv6 AH tests fail after the change was merged. Those 2 tests also failed the next time that job ran after an unrelated change was merged.
Change-Id: I0e2c3ee895114029066c82624e79807af575b6c0
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
To catch coding mistakes: calling vlib_get_frame_to_node() from a
worker thread with vm = &vlib_global_main instead of
vm = vlib_mains[worker_thread_index]
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5a8f01fdf9f35daeeada2d6eaa7180a60c4ca529
|
|
support
Type: feature
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6d4a9b187daa725d4b2cbb66e11616802d44d2d3
|
|
Sometimes, vnet_hw_if_rx_queue_set_int_pending is called on rxqs which
are not in interrupt mode. Currently, it segfaults due to a too small
clib_interrupt_t structure. This change prevents that and makes the
framework slightly more robust to driver bugs (that might be subtle
to track in some cases involving concurrency...)
Change-Id: I9643b9b1aa37e6852754b93f10cd2f96ed9e6118
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ib3cefe5d27286c4853eb0c0e1803a94787a62c97
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I41faa2ca249ff75e564a732af896e6b5d76bf665
|
|
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I2325d311a6fd7343c7041dc516777f4db0029823
|
|
Allow to supply the external VPP worker config for tests which
do not specify the workers config explicitly, and use
the tags infra to flag those that need attention in this configuration.
This commit shows one example use of such a tag, there will be
a separate commit with the rest of the places needing it,
since that change is rather mechanical.
Thus, the assumption is that the test should by default be agnostic
of the VPP configuration, unless it explicitly specifies so.
Type: test
Change-Id: I3c0077e4e22a75cb9561fb98d3b783b93486b2be
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: fix
Currently ping stops on events like SOCKET_READ_EVENT,
which makes it hard to use over e.g. govpp as it aborts
immediately most of the time. With this patch, ping only
stops upon real CLI read / quit events.
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Change-Id: Id7a8d0b0fdeb7bbc7b85240e398d27bd5199345b
|
|
Type: feature
The added functionality is to support copying TTL and flow label from
inner to outer. The .api was extened to support expressing this and also
adding a common tunnel endpoint type. i find it best to make API changes
in one patch so there are less versions of the API.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
|
|
Fix dependency issues where multi-arch file is using API generated file.
Type: improvement
Change-Id: I5d4af7a630529bc138c35841723e38938f36d963
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
A calling patterm of "strncpy(dst, src, strlen(src))" invites a lot of troubles.
However, even using the target size may result in a problem if the string is
longer, since then the termination is not done.
Use strlcpy(dst, src, sizeof(dst)), which will always null-terminate
the string.
Change-Id: I8ddaf3dc8380a78af08914e81849279dae7ab24a
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Update descriptor offset based on data pointer
in memif_buffer_t.
Slave only, master will not modify the descriptor.
Type: feature
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ice1e94cec366face650c58df81795f4dea727010
|
|
Sending 128 bytes of zeroes via API shared memory interface (or putting any other message ID that results in
null message name - e.g. 2,4,5) results in this crash:
Program received signal SIGSEGV, Segmentation fault.
va_format (s=0x7fffb5643a60 "memclnt_create", fmt=0x0, va=0x7fffa739ccf0) at /home/ubuntu/vpp/src/vppinfra/format.c:395
395 c = *f;
(gdb) bt
0 va_format (s=0x7fffb5643a60 "memclnt_create", fmt=0x0, va=0x7fffa739ccf0) at /home/ubuntu/vpp/src/vppinfra/format.c:395
1 0x00007ffff50e7259 in elog_string (em=0x7ffff5f2fbc8 <vlib_global_main+968>, fmt=0x0) at /home/ubuntu/vpp/src/vppinfra/elog.c:592
2 0x00007ffff7bc4cec in vl_msg_api_handler_with_vm_node (am=0x7ffff7dd1c90 <api_global_main>, vlib_rp=0x130023000, the_msg=0x130086d50, vm=0x7ffff5f2f800 <vlib_global_main>,
node=0x7fffb5edd4c0, is_private=0 '\000') at /home/ubuntu/vpp/src/vlibapi/api_shared.c:585
3 0x00007ffff7ba6c86 in void_mem_api_handle_msg_i (am=0x7ffff7dd1c90 <api_global_main>, vlib_rp=0x130023000, vm=<optimized out>, node=<optimized out>, is_private=0 '\000')
at /home/ubuntu/vpp/src/vlibmemory/memory_api.c:696
4 vl_mem_api_handle_msg_main (vm=0x7ffff5f2f800 <vlib_global_main>, node=0x7fffb5edd4c0) at /home/ubuntu/vpp/src/vlibmemory/memory_api.c:707
5 0x00007ffff7bb573e in vl_api_clnt_process (vm=0x7ffff5f2f800 <vlib_global_main>, node=0x7fffb5edd4c0, f=<optimized out>) at /home/ubuntu/vpp/src/vlibmemory/vlib_api.c:338
6 0x00007ffff5cb3bb7 in vlib_process_bootstrap (_a=<optimized out>) at /home/ubuntu/vpp/src/vlib/main.c:1477
7 0x00007ffff514088c in clib_calljmp () from /home/ubuntu/vpp/build-root/install-vpp-native/vpp/lib/libvppinfra.so.21.01
8 0x00007fffa95b0550 in ?? ()
9 0x00007ffff5ca93e2 in vlib_process_startup (vm=0x7ffff5f2f800 <vlib_global_main>, p=0x7fffb5edd4c0, f=0x0) at /home/ubuntu/vpp/src/vlib/main.c:1502
10 dispatch_process (vm=0x7ffff5f2f800 <vlib_global_main>, p=0x7fffb5edd4c0, f=0x0, last_time_stamp=<optimized out>) at /home/ubuntu/vpp/src/vlib/main.c:1558
11 0x0000000000000000 in ?? ()
(gdb)
I am not sure if this place is better to fix it or the 4-5 places in vl_msg_api_handler_with_vm_node that it gets called from,
but submitting this one since it is the shortest
Type: fix
Change-Id: I659d2bea7405d8763181336f35ef468682f64cf2
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: fix
Ticket: VPP-1859
Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech>
Change-Id: Iaa5045001621ec99dc8579e8e989adf81dc60525
|
|
Change-Id: I59f55db7209549ad43a1205470a2f5ea9ea8a1c7
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: feature
|
|
The check in listen state that the listener is not valid is not enough
if the time wait session's index overlaps an actual listener's index.
Thanks wanghanlin@corp.netease.com for the report!
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3dff0cb134940a8265ff908faa607c67dba5e56b
|
|
Type: fix
Set the GSO flag when buffer length exceeds the
linux mtu. Don't listen for mtu changes on linux
side for now.
This also fixes a TX issue, as we only search for
valid frames on tx to the extent of n_left, we might
stay stuck.
Change-Id: Idf0bdd88990254a614962c2f7bc3e0292ccfd61a
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Avoid synchronizing producers and the consumer. Instead, only use mutex
or spinlock (if eventfds are configured) to synchronize producers.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie2aafbdc2e07fced5d5e46ee2df6b30a186faa2f
|
|
Type: refactor
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Iae135cbca372def29b1dd5e9f29b7db546ef1a3e
|
|
Fix arithmetic error in memif_refill_queue., where
some of the buffers didn't get properly refilled.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I9815a8ac9b899216581452c352e75e2a0454cbce
|
|
Adds memif_set_next_free_buffer - set internal pointer
to next free descriptor for any tx queue.
Type: feature
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ia24345a886a52c25c1723c6dbce023f2aed4a42c
|
|
A NAT sub-plugin doing statically configured match/rewrite on IP4 input or output.
It's stateless (no connection tracking).
Currently it supports rewriting of SA, DA and TCP/UDP ports.
It should be simple to add new rewrites if required.
API:
pnat_binding_add, pnat_binding_del, pnat_bindings_get, pnat_interfaces_get
CLI:
set pnat translation interface <name> match <5-tuple> rewrite <5-tuple> {in|out} [del]
show pnat translations
show pnat interfaces
Trying a new C based unit testing scheme. Where the graph node is tested
in isolation. See pnat/pnat_test.c.
Also added new cmake targets to generate coverage directly.
E.g.:
make test_pnat-ccov-report
File '/vpp/sdnat/src/plugins/nat/pnat/pnat.c':
Name Regions Miss Cover Lines Miss Cover
------------------------------------------------------------------------------------
pnat_interface_by_sw_if_index 39 8 79.49% 13 0 100.00%
pnat_instructions_from_mask 9 0 100.00% 13 0 100.00%
pnat_binding_add 64 8 87.50% 31 2 93.55%
pnat_flow_lookup 4 4 0.00% 10 10 0.00%
pnat_binding_attach 104 75 27.88% 33 6 81.82%
pnat_binding_detach 30 5 83.33% 23 2 91.30%
pnat_binding_del 97 33 65.98% 17 3 82.35%
pnat.c:pnat_calc_key_from_5tuple 9 1 88.89% 14 1 92.86%
pnat.c:pnat_interface_check_mask 10 2 80.00% 11 2 81.82%
pnat.c:pnat_enable 5 0 100.00% 11 0 100.00%
pnat.c:pnat_enable_interface 107 26 75.70% 60 15 75.00%
pnat.c:pnat_disable_interface 91 30 67.03% 32 7 78.12%
pnat.c:pnat_disable 7 2 71.43% 13 7 46.15%
------------------------------------------------------------------------------------
TOTAL 576 194 66.32% 281 55 80.43%
File '/vpp/sdnat/src/plugins/nat/pnat/pnat_node.h':
Name Regions Miss Cover Lines Miss Cover
------------------------------------------------------------------------------------
pnat_test.c:pnat_node_inline 67 11 83.58% 115 1 99.13%
pnat_test.c:pnat_calc_key 9 2 77.78% 14 2 85.71%
pnat_test.c:pnat_rewrite_ip4 55 11 80.00% 60 12 80.00%
pnat_test.c:format_pnat_trace 1 1 0.00% 12 12 0.00%
pnat_node.c:pnat_node_inline 63 63 0.00% 115 115 0.00%
pnat_node.c:pnat_calc_key 9 9 0.00% 14 14 0.00%
pnat_node.c:pnat_rewrite_ip4 55 55 0.00% 60 60 0.00%
pnat_node.c:format_pnat_trace 5 5 0.00% 12 12 0.00%
------------------------------------------------------------------------------------
TOTAL 264 157 40.53% 402 228 43.28%
Type: feature
Change-Id: I9c897f833603054a8303e7369ebff6512517c9e0
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: feature
Change-Id: I9f7742cb12ce30592b0b022c314b71c81fa7223a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: Icd01491043e9fd1bb8f51f4f55e1252fd78512de
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: feature
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Change-Id: I982205b48615395f19cbb36c73854fb5c3db45e8
|
|
missed in https://gerrit.fd.io/r/c/vpp/+/30238
Type: fix
Change-Id: I342868a77d7ca87896d97847ca6525ad1abcd1b6
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Make number of worker handoff frame queue elements configurable as
a set nat frame-queue-nelts command. The default value is 64 which
is the same value that was previously hard-coded. The idea is that
allowing larger values can be useful in some cases, to avoid
congestion drops. Also add nat_set_fq_options API support and a
corresponding test case.
Type: improvement
Change-Id: I5c321eb2d7997f76fac2703d9c4a5b2516375db3
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
|
|
Type: improvement
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ie30d51ab4df5599b52f7335f863b930cd69dbdc1
|
|
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: Ia12feee9e46d4951519d5c6f9d1a21d89701dc0f
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
|
|
Test whether responder sends info requests using correct ip table
Type: test
Change-Id: I9e97576f9d80686961f92de3cbc3e6f8d6341587
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: fix
MPLS hash includes the IP hash at the bottom of the stack. Default this
to the IP default and use the value passed in to the compute function.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I3f8cb0f7c4fe98ea903a752c2b5fd3d7e26d449a
|
|
Type: improvement
Ticket: VPP-1908
Change-Id: I1d86ea18fcb6174b86c449d5d9403fd0e5715318
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: fix
In responder initialize msgid in requests to 1 as the previous value (0) was
causing retransmision on the initiator.
Change-Id: I8f5b84331ecac5943129f4c9a377076768fec455
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: feature
Change-Id: Ide2901f5d2111a518b2c8212aa84468cef1d72ca
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Apparently snprintf is not thread safe!?
Thread 6 "vpp_wk_3" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffeed1a3700 (LWP 819375)]
0x00007ffff58fc2b4 in __GI__IO_default_xsputn (n=<optimized out>,
data=<optimized out>, f=<optimized out>) at genops.c:394
394 genops.c: No such file or directory.
(gdb) bt
0 0x00007ffff58fc2b4 in __GI__IO_default_xsputn (n=<optimized out>,
data=<optimized out>, f=<optimized out>) at genops.c:394
1 __GI__IO_default_xsputn (f=0x7ffeec35e050, data=<optimized out>,
n=9) at genops.c:370
2 0x00007ffff58e127c in __vfprintf_internal (s=s@entry=0x7ffeec35e050,
format=format@entry=0x7ffff5f833ce "%s",
ap=ap@entry=0x7ffeec35e1d0, mode_flags=mode_flags@entry=2) at
../libio/libioP.h:948
3 0x00007ffff58f611a in __vsnprintf_internal (string=0x7ffed57ed018
"", maxlen=<optimized out>, format=0x7ffff5f833ce "%s",
args=args@entry=0x7ffeec35e1d0, mode_flags=2) at vsnprintf.c:114
4 0x00007ffff5997fd1 in ___snprintf_chk (s=<optimized out>,
maxlen=<optimized out>, flag=<optimized out>, slen=<optimized out>,
format=<optimized out>) at snprintf_chk.c:38
5 0x00007ffff5f7fd74 in clib_mem_vm_map_internal (base=<optimized
out>, log2_page_sz=<optimized out>, size=<optimized out>,
fd=<optimized out>, offset=<optimized out>, name=0x0) at
/scratch/fcoras/vpp/src/vppinfra/linux/mem.c:502
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8ff7cfed422273dbdc55068772e11f5e550a9b60
|
|
Type: fix
This reverts commit 5a48b3b9d88fa2793793e2bf3db8bf156fe2951f.
Change-Id: Ifa91b18bdbbc32bb729abc09d95637d9cdf42c3b
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Making code more simple and storing thread index along with session
index as a preparation step for fixing thread safety patches.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ib0c531e9f1f64b1f1ee912d4a83279200638e931
|
|
Type: improvement
the empty pool chekc is always required, so make it alwayd happen.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I3879e752036a7dd49fff7e16dc6d9ea02563aa7a
|
|
Type: feature
please see FEATURE.yaml for details.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Signed-off-by: Pim van Pelt <pim@ipng.nl>
Change-Id: I04a45c15c0838906aa787e06660fa29f39f755fa
|
|
Type: improvement
AN SA is uni-drectional therefore it can be used only for encrypt or
decrypt, not both. So it only needs one thread ID. free up some space on
the 1st cacheline.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I21cb7cff70a763cbe2bffead860b574bc80b3136
|
Alexander Chernavin
Paul Vinciguerra
Neale Ranns
Klement Sekera
Ole Troan
Matthew Smith
Dave Barach
Mohammed Hawari
Mohsin Kazmi
Andrew Yourtchenko
Ivan Shvedunov
Jakub Grajciar
jan_cavojsky
Florin Coras
Nathan Skrzypczak
Benoît Ganne
Filip Tehlar
Neale Ranns
Elias Rudberg
Artem Glazychev
Tetsuya Murakami
Damjan Marion
Neale Ranns