Age | Commit message (Collapse) | Author | Files | Lines |
|
IV requirements vary wildly with the selected mode of operation. For
example, for AES-CBC the IV must be unpredictable whereas for AES
counter mode (CTR or GCM), it can be predictable but reusing an IV with
the same key material is catastrophic.
Because of that, it is hard to generate IV in a generic way, and it is
better left to the crypto user (eg. IPsec).
Type: improvement
Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Explicitly set the ptd->n_packets to 0 if no packet is received in
memif_device_input_inline(). Otherwise ptd->n_packets just keeps
last time rx packets number, then this stale number is added to
memif_input_node->vectors_since_last_overflow in every dispatch_node()
call for memif_input_node.
Type: fix
Signed-off-by: Liangxing Wang <liangxing.wang@arm.com>
Change-Id: Ide98a481c925262f9a609535a314f784cab424d8
|
|
Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Idb34490199a78d5b0c1fe2382b6483a6e3a6fd1f
|
|
Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: I2add6cb8dba837e47596983ec8303883aba3a138
|
|
Witout thread barrier, when dpdk_process_node initiating
dpdk lib, workers thread may also be initiating. Main
and workers threads may both setting error_main info,
that will cause memory ASAN issue.
Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: I87b73b310730719035d4985a2cff2e3308120ec2
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d
|
|
This patch introduces IP in IP packet support for flow cli and dpdk plugin.
Specifically, the following IP in IP packet types are supported:
MAC-IPv4-IPv4-TCP/UDP/None,
MAC-IPv4-IPv6-TCP/UDP/None,
MAC-IPv6-IPv4-TCP/UDP/None,
MAC-IPv6-IPv6-TCP/UDP/None,
IP in IP flow rules can be created by using the following new keywords in vppctl:
in-src-ip, in-dst-ip : to provide information for inner IPv4 header
in-ip6-src-ip, in-ip6-dst-ip: to provide information for inner IPv6 header
in-proto : to specify inner transport layer protocol type (TCP or UDP)
in-src-port, in-dst-port : to provide information for inner TCP/UDP header
An example to create flow rule for MAC-IPv6-IPv6-TCP:
test flow add index 0 ip6-src-ip any ip6-dst-ip any in-ip6-src-ip any in-ip6-dst-ip any in-proto tcp in-src-port 1234 in-dst-port any rss function default
Another example to create flow rule for MAC-IPv6-IPv6:
test flow add index 0 ip6-src-ip any in-ip6-src-ip any rss function default
Type: feature
Signed-off-by: Xinyao Cai <xinyao.cai@intel.com>
Change-Id: I6a1ca36d47eb65b9cb5a4b8d874b2a7f017c35cd
|
|
Pool's pool_put_will_expand() calls clib_bitmap_will_expand(),
so every put except ones that leads to free_bitmap reallocation
will get false positive results and vice versa.
Unfortunatelly there's no related test and existing bitmap
tests are failing silently with false positive result as well.
Fortunatelly neither clib_bitmap_will_expand() nor
pool_put_will_expand() are being used by current vpp codebase.
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421
|
|
Type: improvement
Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
When VPP builds its external packages from source, it will download the
package, patch it, configure it, build and install it. For DPDK, it will
depend on rdma-core if mlx4/mlx5 PMD is enabled. So phony target
dpdk-config needs to have the prerequisites of rdma-core-install and
ipsec-mb-install(x86 only), which are both phony targets. This leads to
redundant behavior of recipes executing twice in dpdk-config.
Replace the phony target with hidden file *.install.ok to avoid that.
Type: improvement
Signed-off-by: Lijian Zhang <lijian.zhang@arm.com>
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Ibf3b766ab7a4ccfcbffe08f6cdb90da72ca1ce29
|
|
SElinux added support for defining what files can be mmap()'d a while back.
This change defines those files that VPP maps.
This is needed for EL9 support
Type: fix
Signed-off-by: Christian Svensson <blue@cmd.nu>
Change-Id: Iedd26914e29347169c4cc138628df7823ddd5691
|
|
Currently only RHEL/CentOS 8 and Fedora are supported.
EL9 is a middle ground and thus require some different dependencies.
Type: feature
Signed-off-by: Christian Svensson <blue@cmd.nu>
Change-Id: I7be79e61994800bb796d4e9141f0ff6ad8bdead2
|
|
Type: fix
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I9694f7d8aad8868b11e08fabe179fd51c14dfcdb
|
|
operation using (a^a)^(b^b)
Type: fix
Signed-off-by: lijinhui <lijh_7@chinatelecom.cn>
Change-Id: I80783eed2b819a9e6fd4cee973821c9d97c285a6
|
|
When using memory traces it can take a long time to display all traces
bigger than 1k if there are lots of them, especially as we need to
resolve symbols.
It is better to display only the 1st 50 by default, unless verbose is
used.
Also fix the help string.
Type: improvement
Change-Id: I1e5e30209f10d2b05c561dbf856cb126e0cf513d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Ib39aa345415720dd05a1b3e12e3e03eac43c5606
|
|
This patch adds an API memif_socket_filename_add_del_v2
that allows autogenerating memif socket_id when passing
~0 in the socket_id field.
It opportunistically walks the hash to find a free ID
to use, and returns it in the reply.
socket_filename also becomes a variable length string,
to accomodate for longer names (in case a netns gets
passed)
Type: feature
Change-Id: I33fc3e1cf553af27579d6bad8691b22b530531cc
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: test
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I6e03b88ca013cafd73f424ea63f706f105bebe6b
|
|
This patch fix the memory leaks discovered in the current
implementation, inlcuding expired data, spd dump, and host names.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I3794f5db3c58d1e78df25f242c91e7a67363de53
|
|
The current implmentation of the hash table is not thread-safe.
This design leads to a segfault when VPP is handling a lot of tunnels
for Wireguard, where one thread modifies the hash table and other
threads start the lookup at the same time.
This fix adds a barrier sync to the hash table access when Wireguard
adds or deletes an element.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39
|
|
For e.g. prometheus export it makes more sense to use the same metric name,
and expose the various symlinks as labels.
The VPP symlink metric:
/interfaces/local0/rx_unicast
that points to
/if/rx_unicast
Becomes in Prometheus:
interfaces_rx_unicast_bytes{index="0",label="local0"} 0
Type: improvement
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide0ab4fda4b3eb7ba7ddfc44680121c53f5267f6
|
|
Type: docs
Fixes: 33909777c637 ("misc: unify pcap rx / tx / drop trace")
Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
Change-Id: I049616cfad300658e62e5026c0655ee6f07a2421
|
|
Async binds may be possible due to vls generated async binds as a result
of application adding or removing listeners from epoll.
App does not need to be notified of the event.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4d01be7ddb39ba894db85feef55e9935556c24f5
|
|
Accept one spurious wakeup from vcl in epoll_pwait_eventfd to avoid
returning zero events to app without timeout.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I447c7f8176413c562be28605376a92d15e22a1f9
|
|
Nginx recreates epfds. Make sure ldp tracks the event and recreates the
libc epfd or eventfd flavor of epoll pwait will not work.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2994bead9494f0fbb85dd32767cecc1cf69ff6eb
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I777979dbb89f9af774533cb280e77af58b81fb29
|
|
Type: docs
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I123898923afa382ff0d4410652f4a17a8740d711
|
|
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I445f5357817fceeb9b5ead01c3530edaae45189a
|
|
Change-Id: I431c4a6f409b129e4290dba2e1acadea460ac797
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: improvement
|
|
Type: improvement
Since VPP-SWAN does not really need StrongSwan to be compiled,
this patch refines the Makefile to reflect the change.
In addition README is updated.
Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
Change-Id: I185957167ac71a44f4d12e78e1dac31c194f80f4
|
|
Old distros Centos 8 / Ubuntu 18.04 header files doesn't have UDP_SEGMENT
declared, define UDP_SEGMENT to right value if not defined.
Type: fix
Fixes: eff5f7aea8c7 ("vcl: ldp support for ip_pktinfo")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I99314b895e7d09962a36e7f5582c09d0d77563dc
|
|
After gerrit 38370 (729b9c94), apps are registered via ldp using program
name. Update tests to support that.
Also add make file help for UNCONFIGURE.
Type: test
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ad50abfd175664b47b358df1a72e0758f51190d
|
|
Move port allocation logic from transports into generic transport layer.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I55a21f185d00f5e118c36bcc4a6ffba2cbda885e
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I27112947071a757065162f0e50f69983d258525d
|
|
Treat certain configuration files, which contain runtime-dependent
information, as templates. The information is filled at runtime and the
files are copied into containers.
This allows to avoid hard-coding IP addresses into configuration files.
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I1dae8f15f4f76c0bf1779d7c68b7f3859bf5a861
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2c97faa2cdca32d083aabc3344c8fe67c74ff2fd
|
|
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I84209e6d2c914d1c7b9dec7efc3898b75552db1b
|
|
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I05bbed8fd9d40929f040574044aed5292a475e91
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4e176e9ada32d5f61d10aeca1c68f72114dec9b8
|
|
Adding `UNCONFIGURE=true` argument when running `make test` will skip
test run and unconfigure existing topology for that test.
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I197747a56ca68807f0b2c3f25b6f61c3dcc41ace
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1970408de52e53d24cea06b3ae0cc68a38cbc97a
|
|
This joins separate representations of veth and tap interfaces
into a single struct. It removes the need for type interface
and embedding which simplifies the code.
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I1b2c368bfe90a5bdfaaa9a5129c27d7d96f8fe3b
|
|
This patch adds a missing file descriptor free handler to prevent
invalid dereferencing in the future
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Idc809a70b1fedec9a06446344d5481d467c78c19
|
|
The current implementation can cause memory leaks of async frames
and exhaust the async frames pool. Wireguard can early get async frame,
even when later it turns out it is not needed. Then such frame won't
be freed.
This fix changes the moment of acquiring async frame from the pool, so
it doesn't leak.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: If7696de6a6f5db84e0dffef60caa31d4a5e6280e
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I9f4944f77ecf94f16f809392f28466e33f7f779d
|
|
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I50ad5d8c2e5066d8d24f7959aeb534a2f0a6fae0
|
|
This will make name of the test unique so that executing specifically
this test won't execute also other tests starting with same name.
Type: test
Signed-off-by: Maros Ondrejicka <mondreji@cisco.com>
Change-Id: I8013aa453c2a1c3c156e6476a93fd58bbb850b93
|
|
- add support for building/running debug/release images
- have one point of control (Makefile)
- list all test cases
Type: test
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I97949abc2fff85d7a2b3784122be159aeec72b52
|
|
- The version of libsrtp2 (2.4.2) on ubuntu-22.04 changed
the 'ekt' field in srtp_policy_t to 'deprecated_ekt'.
Type: fix
Change-Id: Icb9d8f3b56c8305bcdac5066a5f8e3e5d17d37cf
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Type: test
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I9c59d98d16e387925057626ba9080210f4334c53
|