Age | Commit message (Collapse) | Author | Files | Lines |
|
when vrrp vr delete, vr->config.peer_addrs not free
Type: fix
Signed-off-by: jinsh <jinsh11@chinatelecom.cn>
Change-Id: I9ead188d6409412b475b5f6add767cb58f1af6e0
|
|
RPCs are not associated to sessions.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6b7870a3ebc2e8f32a6c1b10e2552d9e074c7eb3
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5d669fcba609bcdb35103f57c45e0a270213d84a
|
|
There could be a race condition where two fragments of one chain end up
at the same time on different workers, one overwriting others hash
entry. Add a check for that and restart processing on the unlucky worker
who ends up being second from hash table POV. This will then result in a
proper handover to worker now owning this reassembly.
Type: fix
Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
|
|
Type: fix
IPv6 link-local FIB entries are never needed for attached export.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I08aad78e754d89ad54d07a211fb7a0d7fbc7a0fe
|
|
ip6_get_link_local_address() may return NULL if the local interface
is not (or not yet) configured
Type: fix
Signed-off-by: Frédéric Perrin <fred@fperrin.net>
Change-Id: I42bf2081582c4a36fa4e32145ca2f0ff73488110
|
|
Type: fix
hash_resize is available in hash.h file, but missing __clib_export in hash.c
Signed-off-by: Leung Lai Yung <benkerbuild@gmail.com>
Change-Id: Ibb741b532cd1080ec5d8314aae8dbbca87f42502
|
|
Detect mq congestion and handle it by queueing messages in a fifo and
postponing handling via rpcs. App workers with congested mqs cannot
accept nor connect additional sessions.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I401d971a1a53896758b88fc60f158cbc31e0c7cb
|
|
Type: fix
Fixes: 88019c40
Change-Id: I219597c95883f49b6ff51e65e6c6c80e3c1518b7
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Coverity complained that there is boundary checking in
add_del_punt_redirect_v2 handler. This test proves that such boundary
checking is not necessary as it is handled in the common path.
Type: test
Change-Id: Ibec054c01d4eb057accdc9d5732aba6fe6de51cc
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: improvement
Change-Id: I55b080f994eafc4ecfe0e774d7cd05218d715526
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4924420b827bdf7d161a1f723c2bfd5370d43772
|
|
Type: improvement
Change-Id: Ia089a82a460b69e0edf69c8b8d3dc2814fa54c35
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
The pub_sub_handler() stores registrations key'd with the message's client_index (which is in network-order).
The socket-client invokes the reaper function (to cleanup these registrations) using the pool index of the registration. hence the pub-sub registration is not removed.
change the socket-client to pass the network-order client_index.
This approach was chosen in preference to chaning the way the registrations are key'd since the memory-client also uses this registration, and correclty passes the client_index to the reaper.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6118555c8601149d05801f558e08bcc7aed4fc98
|
|
Type: improvement
Change-Id: Icb3f39f42d01c51d7b03543cb7d6b5dabad11866
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Type: improvement
Change-Id: I337ec63d0868f665329d68eadf1744e080b73a0d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: feature
Change-Id: I0ccf280c4b769ee624cfb780146b847a0e8e4942
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Type: improvement
Change-Id: I350a30eca0d3d7ec8816e4e7c30889621029c694
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This adds an interface CLI 'monitor
interface <interface>' that periodically
reports rx/tx pps & bandwidth for a
given interface.
Type: feature
Change-Id: Ia9d59b3443913520a52b38d7bda012190be6f167
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Building VPP on Arm using clang-13 as compiler will fail with following
error message. The root cause is the unmatched alignment of parameter
key for functions aes128_key_expand/aes256_key_expand on aarch64.
Fix this error by explicitly declaring parameter key as type u8x16u.
[285/2593] ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c
FAILED: CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o
ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c
In file included from /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c:22:
/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:415:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes128_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
aes128_key_expand (key_schedule, (u8x16u const *) key);
^
/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:421:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes256_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch]
aes256_key_expand (key_schedule, (u8x16u const *) key);
^
2 errors generated.
Type: fix
Fixes: 415b4b0bb ("crypto-native: refactor GCM code to use generic types")
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Reviewed-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: Ic99a63526031e60760929238922a6e4547388368
|
|
1. Malloc may return not zero buffer, causing strncat buffer overflow
2. Malloc buffer not freed
Type: fix
Fixes: 31f192434660 ("misc: vppctl - remove the dependency on vppinfra")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I5aebaccf3d0f8b7e3617068267f62cc2aa39d827
|
|
Configure a vxlan tunnel using this CLI and then assign an ip address to
the vxlan tunnel cause VPP to crash immediately
create vxlan tunnel src x.x.x.x dst y.y.y.y vni 1000 decap-next node ethernet-input l3
set interface ip address vxlan_tunnel0 z.z.z.z/24
It looks like when l3 mode is configured, the code calls the wrong function
to register the interface
Type: fix
Fixes: 3e38422ab905d26ab1625c74268e30c94327ea54
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ie1a08efc028f37fb528a7dfd7048ff6836bb8ddc
|
|
When a message is received, verify that it's sufficiently large to
accomodate any VLAs within message. To do that, we need a way to
calculate message size including any VLAs. This patch adds such
funcionality to vppapigen and necessary C code to use those to validate
message size on receipt. Drop messages which are malformed.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
|
|
Zero length fragments are invalid and should be dropped. This patch adds
that.
Type: improvement
Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: improvement
Change-Id: I93be722f4dabc2b49a5e83f61f4eb1d72f5f7d45
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
arp proxy is not enabled correctly by ip4_neighbor_proxy_enable()
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I672b5d4a9652030b5604e9d39743c39cb93a2531
|
|
When the src-address to add match a route
without a valid output interface(such as default route 0.0.0.0/0),
fib_entry_get_resolving_interface() will return (u32)~0,
which will cause crash in ip4_neighbor_proxy_enable().
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I5aee5676a2ff43ec06745ebed4dba2b9e5b98c4d
|
|
If a fragment arrives with fragment offset = 0 and M = 0, it means that
this is actually a complete packet and per RFC 8200, it should be
treated independently from other fragments. This patch does that.
Fragmentation header is stripped and fragment is forwarded irregardles
of other existing reassemblies in case of full reassembly and treated
the same way as regular packet in shallow virtual reassembly.
Type: improvement
Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
TCP csum offload fails although udp seems to work.
Type: fix
Fixes: fa1fb60
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie0651887b09920365806eaad776b0d13059faee8
|
|
Type: make
Change-Id: I20fd245585e5b62ff20fe3adf20b14bfef47a9ca
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0375d639e979e29d287dc9fee16b0434fb5c788b
|
|
Type: fix
Signed-off-by: Han Wu <wuhan9084@163.com>
Change-Id: I0aeafd273b3d1d01df02d638c72461943f91ef90
|
|
Improve vppapigen to generate per-message #define indicating whether
said message is dynamically sized (due to VLA or string) or not. Use
these #defines in REPLY_MACROs to prevent improper usage. Fix existing
improper REPLY_MACRO* usage.
Type: improvement
Change-Id: Ia77aaf9f6cf3ed68ea21075a4cc8deda78a68651
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ied4fe0f2b35eeca4e3e82fa21346de7f243aa52a
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I42b5a5a07aae6708a20ed424c8f26ddbe91278fb
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I18cd4131c692e776c98eba36161813035e9dec53
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I817e8510029a060876697701b81a952286597db1
|
|
Reset memif_buffer_t flags in memif_buffer_alloc and
memif_rx_burst
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: If62ba510fad783afb9f7f58411562b6989fa1573
|
|
fib_sas6_get is called with NULL dst explicitly so add a NULL check to
avoid a NULL dereference.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id1e273bf80c1cc687ce7e5ea3b8cc6a3ec3862f9
|
|
Type: improvement
Change-Id: I5ed9029e5dc1368b7debbef04a3ac439a61af9ea
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I8a5d8d5db4e4a8ee3a1164bfbe91badff181d06a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: make
Change-Id: Icced0e09b75b3114b1652d552e288091968ee7cc
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Fixes: f16e9a5507
If an attempt to submit an async crypto frame fails, the buffers that
were added to the frame are supposed to be dropped. This was not
happening and they are leaking, resulting in buffer exhaustion.
There are two issues:
1. The return value of esp_async_recycle_failed_submit() is used to
figure out how many buffers should be dropped. That function calls
vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting
the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always
returns 0. It is safe to remove the call to reset the frame because
esp_async_recycle_failed_submit() is called in 2 places and a call to
reset the frame is made immediately afterwards in both cases - so it
is currently unnecessary anyway.
2. An array and an index are passed to esp_async_recycle_failed_submit().
The index should indicate the position in the array where indices of the
buffers contained in the frame should be written. Across multiple calls,
the same index value (n_sync) is passed. This means each call may overwrite
the same entries in the array with the buffer indices in the frame rather
than appending them to the entries which were written earlier. Pass n_noop
as the index instead of n_sync.
Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: feature
Change-Id: I231f782b3c56dc2b10321e4569ac7acdad1c11da
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
REPLY_MSG_ID_BASE is the standard way to define reply message id base,
so this refactor makes all the files use that. This is a preparation
patch for future safety add-ons which rely on REPLY_MACRO* parameters to
be preprocessor tokens identifying the message instead,
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibe3e056a3d9326d08af45bbcb25588b11e870141
|
|
Refactor and improve boundary checking on IPv6 extension header handling.
Limit parsing of IPv6 extension headers to a maximum of 4 headers and a
depth of 256 bytes.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: fix
When registering a new FIB node type, no name was required on the API, and so no name was printed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
|
|
Type: test
Change-Id: Ic9fddc9fedd5140984c5901c4cac53dec022dcec
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
A bit ugly, but generates faster and less noisy code which
should be important for this particular use case.
Type: improvement
Change-Id: If2bba947dac33ffedb4236a5b3fb50fc783668e1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|