summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2023-03-06crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flagBenoît Ganne8-133/+9
IV requirements vary wildly with the selected mode of operation. For example, for AES-CBC the IV must be unpredictable whereas for AES counter mode (CTR or GCM), it can be predictable but reusing an IV with the same key material is catastrophic. Because of that, it is hard to generate IV in a generic way, and it is better left to the crypto user (eg. IPsec). Type: improvement Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06memif: fix input vector rate of memif-input nodeLiangxing Wang1-1/+4
Explicitly set the ptd->n_packets to 0 if no packet is received in memif_device_input_inline(). Otherwise ptd->n_packets just keeps last time rx packets number, then this stale number is added to memif_input_node->vectors_since_last_overflow in every dispatch_node() call for memif_input_node. Type: fix Signed-off-by: Liangxing Wang <liangxing.wang@arm.com> Change-Id: Ide98a481c925262f9a609535a314f784cab424d8
2023-03-06vlib: fix macro define command not work in startup config exec scriptXiaoming Jiang1-81/+8
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Idb34490199a78d5b0c1fe2382b6483a6e3a6fd1f
2023-03-06vlib: fix ASAN fake stack size set error when switching to processXiaoming Jiang1-1/+2
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I2add6cb8dba837e47596983ec8303883aba3a138
2023-03-06dpdk: plugin init should be protect by thread barrierXiaoming Jiang1-0/+2
Witout thread barrier, when dpdk_process_node initiating dpdk lib, workers thread may also be initiating. Main and workers threads may both setting error_main info, that will cause memory ASAN issue. Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I87b73b310730719035d4985a2cff2e3308120ec2
2023-03-06vppinfra: adding support for socket mounting pathsMohsin Kazmi1-1/+5
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d
2023-03-06flow dpdk: introduce IP in IP support for flowXinyao Cai3-29/+305
This patch introduces IP in IP packet support for flow cli and dpdk plugin. Specifically, the following IP in IP packet types are supported: MAC-IPv4-IPv4-TCP/UDP/None, MAC-IPv4-IPv6-TCP/UDP/None, MAC-IPv6-IPv4-TCP/UDP/None, MAC-IPv6-IPv6-TCP/UDP/None, IP in IP flow rules can be created by using the following new keywords in vppctl: in-src-ip, in-dst-ip : to provide information for inner IPv4 header in-ip6-src-ip, in-ip6-dst-ip: to provide information for inner IPv6 header in-proto : to specify inner transport layer protocol type (TCP or UDP) in-src-port, in-dst-port : to provide information for inner TCP/UDP header An example to create flow rule for MAC-IPv6-IPv6-TCP: test flow add index 0 ip6-src-ip any ip6-dst-ip any in-ip6-src-ip any in-ip6-dst-ip any in-proto tcp in-src-port 1234 in-dst-port any rss function default Another example to create flow rule for MAC-IPv6-IPv6: test flow add index 0 ip6-src-ip any in-ip6-src-ip any rss function default Type: feature Signed-off-by: Xinyao Cai <xinyao.cai@intel.com> Change-Id: I6a1ca36d47eb65b9cb5a4b8d874b2a7f017c35cd
2023-03-06vppinfra: fix clib_bitmap_will_expand() result inversionVladislav Grishenko3-10/+57
Pool's pool_put_will_expand() calls clib_bitmap_will_expand(), so every put except ones that leads to free_bitmap reallocation will get false positive results and vice versa. Unfortunatelly there's no related test and existing bitmap tests are failing silently with false positive result as well. Fortunatelly neither clib_bitmap_will_expand() nor pool_put_will_expand() are being used by current vpp codebase. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421
2023-03-06crypto: make it easier to diagnose keys use-after-freeBenoît Ganne1-2/+2
Type: improvement Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06build: replace phony target with .ok fileJieqiang Wang1-1/+1
When VPP builds its external packages from source, it will download the package, patch it, configure it, build and install it. For DPDK, it will depend on rdma-core if mlx4/mlx5 PMD is enabled. So phony target dpdk-config needs to have the prerequisites of rdma-core-install and ipsec-mb-install(x86 only), which are both phony targets. This leads to redundant behavior of recipes executing twice in dpdk-config. Replace the phony target with hidden file *.install.ok to avoid that. Type: improvement Signed-off-by: Lijian Zhang <lijian.zhang@arm.com> Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: Ibf3b766ab7a4ccfcbffe08f6cdb90da72ca1ce29
2023-03-06misc: define SElinux mapped file permissionsChristian Svensson1-1/+16
SElinux added support for defining what files can be mmap()'d a while back. This change defines those files that VPP maps. This is needed for EL9 support Type: fix Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: Iedd26914e29347169c4cc138628df7823ddd5691
2023-03-06build: add Rocky Linux 9 supportChristian Svensson2-7/+31
Currently only RHEL/CentOS 8 and Fedora are supported. EL9 is a middle ground and thus require some different dependencies. Type: feature Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: I7be79e61994800bb796d4e9141f0ff6ad8bdead2
2023-03-06snort: fix descriptor offset may be truncated if buffers num too largejiangxiaoming1-1/+1
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I9694f7d8aad8868b11e08fabe179fd51c14dfcdb
2023-03-06interface: fix 4 or more interfaces equality comparison bug with xor ↵lijinhui1-5/+4
operation using (a^a)^(b^b) Type: fix Signed-off-by: lijinhui <lijh_7@chinatelecom.cn> Change-Id: I80783eed2b819a9e6fd4cee973821c9d97c285a6
2023-03-06vppinfra: display only the 1st 50 memory traces by defaultBenoît Ganne2-3/+5
When using memory traces it can take a long time to display all traces bigger than 1k if there are lots of them, especially as we need to resolve symbols. It is better to display only the 1st 50 by default, unless verbose is used. Also fix the help string. Type: improvement Change-Id: I1e5e30209f10d2b05c561dbf856cb126e0cf513d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06stats: fix node name compare error when updating stats segmentXiaoming Jiang1-1/+1
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Ib39aa345415720dd05a1b3e12e3e03eac43c5606
2023-03-06memif: autogenerate socket_idsNathan Skrzypczak5-0/+181
This patch adds an API memif_socket_filename_add_del_v2 that allows autogenerating memif socket_id when passing ~0 in the socket_id field. It opportunistically walks the hash to find a free ID to use, and returns it in the reply. socket_filename also becomes a variable length string, to accomodate for longer names (in case a netns gets passed) Type: feature Change-Id: I33fc3e1cf553af27579d6bad8691b22b530531cc Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2023-03-02hs-test: add support for running vpp in gdbFilip Tehlar4-3/+44
Type: test Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I6e03b88ca013cafd73f424ea63f706f105bebe6b
2023-03-02vpp-swan: fix memory leaksGabriel Oginski2-65/+213
This patch fix the memory leaks discovered in the current implementation, inlcuding expired data, spd dump, and host names. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I3794f5db3c58d1e78df25f242c91e7a67363de53
2023-03-02wireguard: add barrier to sync dataGabriel Oginski6-32/+43
The current implmentation of the hash table is not thread-safe. This design leads to a segfault when VPP is handling a lot of tunnels for Wireguard, where one thread modifies the hash table and other threads start the lookup at the same time. This fix adds a barrier sync to the hash table access when Wireguard adds or deletes an element. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Id460dfcd46ace17c7bdcd23bd9687d26cecf0a39
2023-03-02stats: expose symlink to stats clientOle Troan2-4/+6
For e.g. prometheus export it makes more sense to use the same metric name, and expose the various symlinks as labels. The VPP symlink metric: /interfaces/local0/rx_unicast that points to /if/rx_unicast Becomes in Prometheus: interfaces_rx_unicast_bytes{index="0",label="local0"} 0 Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide0ab4fda4b3eb7ba7ddfc44680121c53f5267f6
2023-03-01docs: fixed to use unified "pcap trace" commandNobuhiro MIKI5-9/+9
Type: docs Fixes: 33909777c637 ("misc: unify pcap rx / tx / drop trace") Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp> Change-Id: I049616cfad300658e62e5026c0655ee6f07a2421
2023-03-01vcl: accept bound notifications in epoll waitFlorin Coras1-0/+3
Async binds may be possible due to vls generated async binds as a result of application adding or removing listeners from epoll. App does not need to be notified of the event. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4d01be7ddb39ba894db85feef55e9935556c24f5
2023-03-01vcl: accept vcl spurious wakeup in epoll wait eventfdFlorin Coras1-1/+5
Accept one spurious wakeup from vcl in epoll_pwait_eventfd to avoid returning zero events to app without timeout. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I447c7f8176413c562be28605376a92d15e22a1f9
2023-03-01vcl: close libc epfd on vls epfd closeFlorin Coras1-7/+7
Nginx recreates epfds. Make sure ldp tracks the event and recreates the libc epfd or eventfd flavor of epoll pwait will not work. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2994bead9494f0fbb85dd32767cecc1cf69ff6eb
2023-03-01vcl: only add sessions to lt list if neededFlorin Coras1-1/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I777979dbb89f9af774533cb280e77af58b81fb29
2023-03-01hs-test: update hs-test documentationMaros Ondrejicka1-51/+36
Type: docs Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I123898923afa382ff0d4410652f4a17a8740d711
2023-03-01hs-test: fix error checkMaros Ondrejicka1-1/+1
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I445f5357817fceeb9b5ead01c3530edaae45189a
2023-03-01udp: fix optimistic assert for UDP RXMohammed Hawari2-1/+6
Change-Id: I431c4a6f409b129e4290dba2e1acadea460ac797 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-03-01vpp-swan: improve MakefileFan Zhang2-40/+90
Type: improvement Since VPP-SWAN does not really need StrongSwan to be compiled, this patch refines the Makefile to reflect the change. In addition README is updated. Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com> Change-Id: I185957167ac71a44f4d12e78e1dac31c194f80f4
2023-03-01vcl: fix undeclared UDP_SEGMENT for centos 8Tianyu Li1-0/+4
Old distros Centos 8 / Ubuntu 18.04 header files doesn't have UDP_SEGMENT declared, define UDP_SEGMENT to right value if not defined. Type: fix Fixes: eff5f7aea8c7 ("vcl: ldp support for ip_pktinfo") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I99314b895e7d09962a36e7f5582c09d0d77563dc
2023-03-01hs-test: fix wait for app after ldp changeFlorin Coras3-3/+4
After gerrit 38370 (729b9c94), apps are registered via ldp using program name. Update tests to support that. Also add make file help for UNCONFIGURE. Type: test Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4ad50abfd175664b47b358df1a72e0758f51190d
2023-02-28session: consolidate port alloc logicFlorin Coras4-52/+36
Move port allocation logic from transports into generic transport layer. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I55a21f185d00f5e118c36bcc4a6ffba2cbda885e
2023-02-28tcp: add dispatch errors to countersFlorin Coras1-9/+10
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I27112947071a757065162f0e50f69983d258525d
2023-02-28hs-test: fill configuration files at runtimeMaros Ondrejicka6-18/+56
Treat certain configuration files, which contain runtime-dependent information, as templates. The information is filled at runtime and the files are copied into containers. This allows to avoid hard-coding IP addresses into configuration files. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I1dae8f15f4f76c0bf1779d7c68b7f3859bf5a861
2023-02-28vcl: use program invocation name in ldp app nameFlorin Coras1-3/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2c97faa2cdca32d083aabc3344c8fe67c74ff2fd
2023-02-28hs-test: allow nginx suite to unconfigure topologyMaros Ondrejicka1-0/+2
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I84209e6d2c914d1c7b9dec7efc3898b75552db1b
2023-02-28hs-test: test vpp+nginx mirroring with tap ifacesMaros Ondrejicka13-16/+281
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I05bbed8fd9d40929f040574044aed5292a475e91
2023-02-28vcl: handle lt events in epoll ctlFlorin Coras1-18/+26
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4e176e9ada32d5f61d10aeca1c68f72114dec9b8
2023-02-28hs-test: add option to unconfigure topologyMaros Ondrejicka6-3/+42
Adding `UNCONFIGURE=true` argument when running `make test` will skip test run and unconfigure existing topology for that test. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I197747a56ca68807f0b2c3f25b6f61c3dcc41ace
2023-02-27vcl: improve vls handling of shared listenersFlorin Coras3-54/+49
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1970408de52e53d24cea06b3ae0cc68a38cbc97a
2023-02-27hs-test: refactor netconfigMaros Ondrejicka8-229/+165
This joins separate representations of veth and tap interfaces into a single struct. It removes the need for type interface and embedding which simplifies the code. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I1b2c368bfe90a5bdfaaa9a5129c27d7d96f8fe3b
2023-02-27vpp-swan: fix segmentation fault in arp functionGabriel Oginski1-5/+22
This patch adds a missing file descriptor free handler to prevent invalid dereferencing in the future Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Idc809a70b1fedec9a06446344d5481d467c78c19
2023-02-27wireguard: fix potential leaks of async frameGabriel Oginski1-12/+12
The current implementation can cause memory leaks of async frames and exhaust the async frames pool. Wireguard can early get async frame, even when later it turns out it is not needed. Then such frame won't be freed. This fix changes the moment of acquiring async frame from the pool, so it doesn't leak. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: If7696de6a6f5db84e0dffef60caa31d4a5e6280e
2023-02-25tcp: fix error countersFilip Tehlar4-44/+43
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I9f4944f77ecf94f16f809392f28466e33f7f779d
2023-02-24hs-test: store logsMaros Ondrejicka3-2/+79
Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I50ad5d8c2e5066d8d24f7959aeb534a2f0a6fae0
2023-02-24hs-test: modify nginx testsMaros Ondrejicka1-2/+2
This will make name of the test unique so that executing specifically this test won't execute also other tests starting with same name. Type: test Signed-off-by: Maros Ondrejicka <mondreji@cisco.com> Change-Id: I8013aa453c2a1c3c156e6476a93fd58bbb850b93
2023-02-24hs-test: improve test infraFilip Tehlar7-40/+141
- add support for building/running debug/release images - have one point of control (Makefile) - list all test cases Type: test Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I97949abc2fff85d7a2b3784122be159aeec72b52
2023-02-23srtp: fix build on ubuntu-22.04Dave Wallace1-1/+1
- The version of libsrtp2 (2.4.2) on ubuntu-22.04 changed the 'ekt' field in srtp_policy_t to 'deprecated_ekt'. Type: fix Change-Id: Icb9d8f3b56c8305bcdac5066a5f8e3e5d17d37cf Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-02-22hs-test: fix install/build on new ubuntu instanceDave Wallace2-4/+4
Type: test Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I9c59d98d16e387925057626ba9080210f4334c53