aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2023-03-06af_packet: fix the first packet offsetMohsin Kazmi1-1/+1
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I927ba4e6f10ae4527f339a890c3a0de33a84b7eb
2023-03-06af_xdp: fix netns configurationBenoît Ganne1-1/+2
- clib_open_netns() expects a NULL-terminated C-string - if no netns was given, we should not try to format it otherwise we'll get "(nil)" as netns name. Type: fix Change-Id: I7b6022f6e8999640d0d2a83b854455b15fa4c134 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06build: add sanitizer option to configure scriptBenoît Ganne1-0/+10
Type: improvement Change-Id: Ia679d6e5fb7eff6dbd7363465e5667119751e908 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06vlib: avoid non-mp-safe cli process node updatesVladislav Grishenko1-56/+34
Node renames, clone and node_by_name hash updates should be done in vlib_node_register() / vlib_node_rename() under barrier, or else runtime per-node stats can be either inaccurate or lead to UB. Drop cli process nodes renaming rather than adding barrier syncronization on reuse, nodes will get "unix-cli-process-ID" stable names, description and terminal names are preserved and can be obtained with "show cli-sessions" and "show terminal" commands. Also fix insufficient name width for "show cli-sessions" with table formatting, output sample: DBGvpp# sh cli-sessions PNI FD Name Flags 708 14 unix-cli-local:10558 iSLpa 710 15 unix-cli-127.0.0.1:33252 ISlpA DBGvpp# sh terminal Terminal name: unix-cli-127.0.0.1:33252 Terminal node: unix-cli-process-1 Terminal mode: char-by-char Terminal width: 158 Terminal height: 43 ANSI capable: yes Interactive: yes History enabled: yes History limit: 50 Pager enabled: yes Pager limit: 100000 CRLF mode: CR+LF Type: improvement Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I40af4c0a5e5be92d5e3ebcd440fa55390aeb0e8b
2023-03-06interface: more cleaning after set flags is failed in vnet_create_sw_interfacevarasteh1-0/+1
There's a chance that vnet_sw_interface_set_flags_helper() has successfully called some sw interface add callback functions before returning the error. So the sw interface del callbacks should also be called Type: fix Signed-off-by: varasteh <mahdy.varasteh@gmail.com> Change-Id: I2cd7dc6d5b3a5ebfd2c4d1a6be5390083dee6401 Signed-off-by: varasteh <mahdy.varasteh@gmail.com>
2023-03-06interface: add the missing tag keyword in the cli helperMohsin Kazmi1-1/+2
Type: style Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I6399ad2b0b30f94c6c51db1afc39f5e875dfaa67
2023-03-06crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flagBenoît Ganne8-133/+9
IV requirements vary wildly with the selected mode of operation. For example, for AES-CBC the IV must be unpredictable whereas for AES counter mode (CTR or GCM), it can be predictable but reusing an IV with the same key material is catastrophic. Because of that, it is hard to generate IV in a generic way, and it is better left to the crypto user (eg. IPsec). Type: improvement Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06memif: fix input vector rate of memif-input nodeLiangxing Wang1-1/+4
Explicitly set the ptd->n_packets to 0 if no packet is received in memif_device_input_inline(). Otherwise ptd->n_packets just keeps last time rx packets number, then this stale number is added to memif_input_node->vectors_since_last_overflow in every dispatch_node() call for memif_input_node. Type: fix Signed-off-by: Liangxing Wang <liangxing.wang@arm.com> Change-Id: Ide98a481c925262f9a609535a314f784cab424d8
2023-03-06vlib: fix macro define command not work in startup config exec scriptXiaoming Jiang1-81/+8
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Idb34490199a78d5b0c1fe2382b6483a6e3a6fd1f
2023-03-06vlib: fix ASAN fake stack size set error when switching to processXiaoming Jiang1-1/+2
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I2add6cb8dba837e47596983ec8303883aba3a138
2023-03-06dpdk: plugin init should be protect by thread barrierXiaoming Jiang1-0/+2
Witout thread barrier, when dpdk_process_node initiating dpdk lib, workers thread may also be initiating. Main and workers threads may both setting error_main info, that will cause memory ASAN issue. Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I87b73b310730719035d4985a2cff2e3308120ec2
2023-03-06vppinfra: adding support for socket mounting pathsMohsin Kazmi1-1/+5
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d
2023-03-06flow dpdk: introduce IP in IP support for flowXinyao Cai3-29/+305
This patch introduces IP in IP packet support for flow cli and dpdk plugin. Specifically, the following IP in IP packet types are supported: MAC-IPv4-IPv4-TCP/UDP/None, MAC-IPv4-IPv6-TCP/UDP/None, MAC-IPv6-IPv4-TCP/UDP/None, MAC-IPv6-IPv6-TCP/UDP/None, IP in IP flow rules can be created by using the following new keywords in vppctl: in-src-ip, in-dst-ip : to provide information for inner IPv4 header in-ip6-src-ip, in-ip6-dst-ip: to provide information for inner IPv6 header in-proto : to specify inner transport layer protocol type (TCP or UDP) in-src-port, in-dst-port : to provide information for inner TCP/UDP header An example to create flow rule for MAC-IPv6-IPv6-TCP: test flow add index 0 ip6-src-ip any ip6-dst-ip any in-ip6-src-ip any in-ip6-dst-ip any in-proto tcp in-src-port 1234 in-dst-port any rss function default Another example to create flow rule for MAC-IPv6-IPv6: test flow add index 0 ip6-src-ip any in-ip6-src-ip any rss function default Type: feature Signed-off-by: Xinyao Cai <xinyao.cai@intel.com> Change-Id: I6a1ca36d47eb65b9cb5a4b8d874b2a7f017c35cd
2023-03-06vppinfra: fix clib_bitmap_will_expand() result inversionVladislav Grishenko3-10/+57
Pool's pool_put_will_expand() calls clib_bitmap_will_expand(), so every put except ones that leads to free_bitmap reallocation will get false positive results and vice versa. Unfortunatelly there's no related test and existing bitmap tests are failing silently with false positive result as well. Fortunatelly neither clib_bitmap_will_expand() nor pool_put_will_expand() are being used by current vpp codebase. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421
2023-03-06crypto: make it easier to diagnose keys use-after-freeBenoît Ganne1-2/+2
Type: improvement Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06build: replace phony target with .ok fileJieqiang Wang1-1/+1
When VPP builds its external packages from source, it will download the package, patch it, configure it, build and install it. For DPDK, it will depend on rdma-core if mlx4/mlx5 PMD is enabled. So phony target dpdk-config needs to have the prerequisites of rdma-core-install and ipsec-mb-install(x86 only), which are both phony targets. This leads to redundant behavior of recipes executing twice in dpdk-config. Replace the phony target with hidden file *.install.ok to avoid that. Type: improvement Signed-off-by: Lijian Zhang <lijian.zhang@arm.com> Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: Ibf3b766ab7a4ccfcbffe08f6cdb90da72ca1ce29
2023-03-06misc: define SElinux mapped file permissionsChristian Svensson1-1/+16
SElinux added support for defining what files can be mmap()'d a while back. This change defines those files that VPP maps. This is needed for EL9 support Type: fix Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: Iedd26914e29347169c4cc138628df7823ddd5691
2023-03-06build: add Rocky Linux 9 supportChristian Svensson2-7/+31
Currently only RHEL/CentOS 8 and Fedora are supported. EL9 is a middle ground and thus require some different dependencies. Type: feature Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: I7be79e61994800bb796d4e9141f0ff6ad8bdead2
2023-03-06snort: fix descriptor offset may be truncated if buffers num too largejiangxiaoming1-1/+1
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I9694f7d8aad8868b11e08fabe179fd51c14dfcdb
2023-03-06interface: fix 4 or more interfaces equality comparison bug with xor ↵lijinhui1-5/+4
operation using (a^a)^(b^b) Type: fix Signed-off-by: lijinhui <lijh_7@chinatelecom.cn> Change-Id: I80783eed2b819a9e6fd4cee973821c9d97c285a6
2023-03-06vppinfra: display only the 1st 50 memory traces by defaultBenoît Ganne2-3/+5
When using memory traces it can take a long time to display all traces bigger than 1k if there are lots of them, especially as we need to resolve symbols. It is better to display only the 1st 50 by default, unless verbose is used. Also fix the help string. Type: improvement Change-Id: I1e5e30209f10d2b05c561dbf856cb126e0cf513d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06stats: fix node name compare error when updating stats segmentXiaoming Jiang1-1/+1
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Ib39aa345415720dd05a1b3e12e3e03eac43c5606
2023-03-06memif: autogenerate socket_idsNathan Skrzypczak5-0/+181
This patch adds an API memif_socket_filename_add_del_v2 that allows autogenerating memif socket_id when passing ~0 in the socket_id field. It opportunistically walks the hash to find a free ID to use, and returns it in the reply. socket_filename also becomes a variable length string, to accomodate for longer names (in case a netns gets passed) Type: feature Change-Id: I33fc3e1cf553af27579d6bad8691b22b530531cc Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2023-03-02hs-test: add support for running vpp in gdbFilip Tehlar4-3/+44
Type: test Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I6e03b88ca013cafd73f424ea63f706f105bebe6b
2023-03-02vpp-swan: fix memory leaksGabriel Oginski2-65/+213
This patch fix the memory leaks discovered in the current implementation, inlcuding expired data, spd dump, and host names. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I3794f5db3c58d1e78df25f242c91e7a67363de53
2023-03-02wireguard: add barrier to sync dataGabriel Oginski6-32/+43
The current implmentation of the hash table is not thread-safe. This design leads to a segfault when VPP is handling a lot of tunnels for Wireguard, where one thread modifies the hash table and other threads start the lookup at the same time. This fix adds a barrier sync to the hash table access when Wireguard adds or deletes an element. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39
2023-03-02stats: expose symlink to stats clientOle Troan2-4/+6
For e.g. prometheus export it makes more sense to use the same metric name, and expose the various symlinks as labels. The VPP symlink metric: /interfaces/local0/rx_unicast that points to /if/rx_unicast Becomes in Prometheus: interfaces_rx_unicast_bytes{index="0",label="local0"} 0 Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide0ab4fda4b3eb7ba7ddfc44680121c53f5267f6
2023-03-01docs: fixed to use unified "pcap trace" commandNobuhiro MIKI5-9/+9
Type: docs Fixes: 33909777c637 ("misc: unify pcap rx / tx / drop trace") Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp> Change-Id: I049616cfad300658e62e5026c0655ee6f07a2421
2023-03-01vcl: accept bound notifications in epoll waitFlorin Coras1-0/+3
Async binds may be possible due to vls generated async binds as a result of application adding or removing listeners from epoll. App does not need to be notified of the event. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4d01be7ddb39ba894db85feef55e9935556c24f5
2023-03-01vcl: accept vcl spurious wakeup in epoll wait eventfdFlorin Coras1-1/+5
Accept one spurious wakeup from vcl in epoll_pwait_eventfd to avoid returning zero events to app without timeout. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I447c7f8176413c562be28605376a92d15e22a1f9
2023-03-01vcl: close libc epfd on vls epfd closeFlorin Coras1-7/+7
Nginx recreates epfds. Make sure ldp tracks the event and recreates the libc epfd or eventfd flavor of epoll pwait will not work. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2994bead9494f0fbb85dd32767cecc1cf69ff6eb
2023-03-01vcl: only add sessions to lt list if neededFlorin Coras1-1/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I777979dbb89f9af774533cb280e77af58b81fb29
2023-03-01hs-test: update hs-test documentationMaros Ondrejicka1-51/+36
Type: docs Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I123898923afa382ff0d4410652f4a17a8740d711
2023-03-01hs-test: fix error checkMaros Ondrejicka1-1/+1
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I445f5357817fceeb9b5ead01c3530edaae45189a
2023-03-01udp: fix optimistic assert for UDP RXMohammed Hawari2-1/+6
Change-Id: I431c4a6f409b129e4290dba2e1acadea460ac797 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-03-01vpp-swan: improve MakefileFan Zhang2-40/+90
Type: improvement Since VPP-SWAN does not really need StrongSwan to be compiled, this patch refines the Makefile to reflect the change. In addition README is updated. Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com> Change-Id: I185957167ac71a44f4d12e78e1dac31c194f80f4
2023-03-01vcl: fix undeclared UDP_SEGMENT for centos 8Tianyu Li1-0/+4
Old distros Centos 8 / Ubuntu 18.04 header files doesn't have UDP_SEGMENT declared, define UDP_SEGMENT to right value if not defined. Type: fix Fixes: eff5f7aea8c7 ("vcl: ldp support for ip_pktinfo") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I99314b895e7d09962a36e7f5582c09d0d77563dc
2023-03-01hs-test: fix wait for app after ldp changeFlorin Coras3-3/+4
After gerrit 38370 (729b9c94), apps are registered via ldp using program name. Update tests to support that. Also add make file help for UNCONFIGURE. Type: test Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4ad50abfd175664b47b358df1a72e0758f51190d
2023-02-28session: consolidate port alloc logicFlorin Coras4-52/+36
Move port allocation logic from transports into generic transport layer. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I55a21f185d00f5e118c36bcc4a6ffba2cbda885e
2023-02-28tcp: add dispatch errors to countersFlorin Coras1-9/+10
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I27112947071a757065162f0e50f69983d258525d
2023-02-28hs-test: fill configuration files at runtimeMaros Ondrejicka6-18/+56
Treat certain configuration files, which contain runtime-dependent information, as templates. The information is filled at runtime and the files are copied into containers. This allows to avoid hard-coding IP addresses into configuration files. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I1dae8f15f4f76c0bf1779d7c68b7f3859bf5a861
2023-02-28vcl: use program invocation name in ldp app nameFlorin Coras1-3/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2c97faa2cdca32d083aabc3344c8fe67c74ff2fd
2023-02-28hs-test: allow nginx suite to unconfigure topologyMaros Ondrejicka1-0/+2
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I84209e6d2c914d1c7b9dec7efc3898b75552db1b
2023-02-28hs-test: test vpp+nginx mirroring with tap ifacesMaros Ondrejicka13-16/+281
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I05bbed8fd9d40929f040574044aed5292a475e91
2023-02-28vcl: handle lt events in epoll ctlFlorin Coras1-18/+26
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4e176e9ada32d5f61d10aeca1c68f72114dec9b8
2023-02-28hs-test: add option to unconfigure topologyMaros Ondrejicka6-3/+42
Adding `UNCONFIGURE=true` argument when running `make test` will skip test run and unconfigure existing topology for that test. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I197747a56ca68807f0b2c3f25b6f61c3dcc41ace
2023-02-27vcl: improve vls handling of shared listenersFlorin Coras3-54/+49
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1970408de52e53d24cea06b3ae0cc68a38cbc97a
2023-02-27hs-test: refactor netconfigMaros Ondrejicka8-229/+165
This joins separate representations of veth and tap interfaces into a single struct. It removes the need for type interface and embedding which simplifies the code. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I1b2c368bfe90a5bdfaaa9a5129c27d7d96f8fe3b
2023-02-27vpp-swan: fix segmentation fault in arp functionGabriel Oginski1-5/+22
This patch adds a missing file descriptor free handler to prevent invalid dereferencing in the future Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Idc809a70b1fedec9a06446344d5481d467c78c19
2023-02-27wireguard: fix potential leaks of async frameGabriel Oginski1-12/+12
The current implementation can cause memory leaks of async frames and exhaust the async frames pool. Wireguard can early get async frame, even when later it turns out it is not needed. Then such frame won't be freed. This fix changes the moment of acquiring async frame from the pool, so it doesn't leak. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: If7696de6a6f5db84e0dffef60caa31d4a5e6280e