summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2021-10-29policer: fix coverity warning/NULL dereferenceKlement Sekera1-2/+10
Add a NULL check in case of hash lookup failure to make coverity happy. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I3cfa5960458d3618f1277ba442b4ca5ca15064ea
2021-10-29devices: default mode eth in the apiNathan Skrzypczak2-2/+4
Type: fix https://gerrit.fd.io/r/c/vpp/+/34027 added support for l3 mode, but as the eth_mode constant was set to 1 we did default to l3 mode in the api. This reverts to the original logic. Change-Id: If8b90b300d3868de5233dfa1f33ec975853cba11 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-28interface: refactor interface output node in different processing levelsMohsin Kazmi1-13/+9
Type: refactor Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I4f29e6118630146876b7f58f1afe6b6733401047
2021-10-28ip: improve csum fold on x86_64Damjan Marion1-1/+15
New code seems to be 1.5 clocks faster. old: mov eax,edi shr rdi,0x20 add rdi,rax movzx edx,di shr rdi,0x10 add rdx,rdi movzx eax,dx shr rdx,0x10 add rax,rdx mov rdx,rax shr rdx,0x10 add eax,edx new: mov rax,rdi shr rax,0x20 add eax,edi mov edi,0x10 shrx edi,eax,edi adc ax,di adc ax,0x0 Type: improvement Change-Id: I3c565812c67ff4c3db197a9d4137a6c131b5b66c Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-28vrrp: fix coverity warning/NULL dereferenceKlement Sekera1-4/+25
Add error handling for unlikely case where getting IP address of an interface fails. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ief8642af79fb1d25f061357cd716b93cfdf23fc8
2021-10-28tap: handle null namespace and bridge correctlyMatthew Smith1-2/+4
Type: fix In tap_create_if(), if args->host_namespace or args->host_bridge are null because no values were set for those, the virtio_if_t entry in virtio_main.interfaces ends up getting populated with values of "(nil)" in net_ns or host_bridge, respectively. Check whether args->host_namespace and args->host_bridge are null before trying to set the corresponding fields on virtio_if_t. Change-Id: I8e1e66a6d7b246e7c66fece406d116ffb1312c64 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-10-28vppinfra: A bitmap copy functionNeale Ranns1-0/+18
Type: improvement Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Id7a7788b41dbcf280e025e5256c41729b0c95f39
2021-10-28perfmon: fix coverity warningKlement Sekera1-0/+8
Check that cpumask is initialised properly to avoid possible NULL pointer dereference. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I8df5a718104fe703d6baf3f1294b4a6d2ca01619
2021-10-28ioam: fix coverity warning/NULL dereferenceKlement Sekera1-9/+12
Add a NULL check and missing array index to avoid multiple NULL derefences. Runnning: set ioam ip6 sr-tunnel-select disable on a fresh VPP no longer crashes. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia85f92024f3b14ef1c4cdb9fcf794b962cad9422
2021-10-27devices: fix coverity warning/don't leak fdKlement Sekera1-1/+2
Move socket creation past code which returns from function to avoid leaking the socket in case of an early error return. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9e18bd32022441c17ca920d1c2458b058b76c3c0
2021-10-27tcp: fix use of invalid local sw_if_indexFlorin Coras2-5/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id58ac44d45fb8b8a0d803f02e0242ec6f4b3db05
2021-10-27vppinfra: improve clib_array_mask_u32Damjan Marion1-33/+52
Type: improvement Change-Id: Ibdb79a0a1c3ba56f9b2f0f2536aafcdeda5cb6d6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-27vppinfra: use bzhi in pow2_mask when availableDamjan Marion1-0/+3
Saves one clock.... Type: improvement Change-Id: I43da40fb4887b77ac851f759c50a7ca2814f8f40 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-27api: fix buffer overflow in vl_msg_replay_jsonBenoît Ganne1-0/+4
cJSON_Parse() and vlib_cli_output() expect a NULL-terminated C-string. Type: fix Fixes: 36217e3ca8a1ca2e7a341b6b44ffc25e6497191c Change-Id: Id9819314fcd332c6076d1330b3433885fff07e36 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-27libmemif: fix gcc strict-proto errorMatthew Giassa1-3/+3
- Changing function prototypes for a couple libmemif functions so that gcc will successfully compile with the "-Wstrict-prototypes" flag enabled. - Re-ran unit tests via "make test" locally on Ubuntu 20.04 LTS x64. One issue (likely unrelated to patch): * Testcase name: Bidirectional Forwarding Detection (BFD) ERROR: put session admin-up and admin-down [test_bfd.BFD4TestCase.test_admin_up_down] Type: fix Change-Id: Ibcb7210873d39aec9348fe8ac7eebc78d089d8e0 Signed-off-by: Matthew Giassa <mgiassa@cisco.com>
2021-10-26crypto: add barrier in crypto key addGabriel Oginski1-0/+12
Originally the pool of keys can be expand and cache with pointer for key can be invalid. For example in Wireguard during handshake process this pool can be expand and pointer for these keys in cache can be invalid for workers or can has incorrect value (poison memory). The fixes add barrier if the pool needs be to expand to ensure that cache in function will be valid and avoid situation when cache has invalid pointer for these keys. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Ida8f300213dfebb91ecaf1937fb08de81c20ba7b
2021-10-26perfmon: properly unmap mmapped pagesKlement Sekera1-1/+1
Add missing array index so that actual mmapped pages are unmpapped instead of attempting to unmap array holding those pages. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ib8709cce1bcbfb505307c140266834b284af796c
2021-10-25tcp: fix: TCP timewait port reuse rfc complianceMichal Kalderon2-4/+84
This patch provides a fix for early-kill of timewait sockets that is based on rfc's 1122, 6191. The following commits provided a solution for port re-use. However, they are not fully compliant with rfc 1122 4.2.2.13 ( Closing a connection ) and rfc 6191 (Reducing the TIME-WAIT State Using TCP Timestamps) commit b092b77cf238ba ("tcp: Enable TCP timewait port use") introduced a significant improvement by enabling TCP timewait port re-use. commit ee1cb469b2dd ("tcp: fix port reuse with multiple listeners") fixed usage of the wrong value for connection_index when searching for a listener, by storing the state in tcp.flags. Implementation details: When a SYN is received during time-wait state, the code checks whether all the requirements for accepting the SYN packet are met. If they aren't, the SYN can't be accepted and the packet is dropped, otherwise, connection is deleted and a new connection with same port is opened. Type: fix Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Yuval Caduri <cyuval@marvell.com> Signed-off-by: Michal Kalderon <mkalderon@marvell.com> Change-Id: I38a33c6e321c760d45ebec9154399e1c90dd0250
2021-10-25bier: Disposition paths don't set the next-hopNeale Ranns1-14/+9
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I3c4152219e5307ac0fe773e16d597f0e4b9a7d4c
2021-10-23arp: fix for source address selectionEd Warnicke1-1/+1
Type: fix Ticket: VPP-1970 Ticket: VPP-1992 Fixes: 9e17887db97bb9f6507270f9fa9923c10816e0df https://gerrit.fd.io/r/c/vpp/+/33495/7 introduced a bug where ND responses are inproperly dropped. This fixes that bug. Signed-off-by: Ed Warnicke <hagbard@gmail.com> Change-Id: Iec4b07646332ced292e2211408c4f7af3088ac28 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2021-10-22vcl: fix cfg parser handling of empty linesFlorin Coras1-0/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibef04947c3a2f4e700233157d581ed54558b51ed
2021-10-22session: fix minor issueFilip Tehlar1-1/+1
Type: fix Change-Id: I2f7579980f081d3b0a8d19baade0a6599d55cf80 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-10-22devices: add support for l3 af_packet interfaceMohsin Kazmi5-37/+106
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ia6b9d4ac55be2216887bfdb99be4021f6a96f166
2021-10-22ipsec: add api test fileFilip Tehlar2-0/+598
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ib3fe4f306f23541a01246b74ad0f1a7074fa03bb
2021-10-22fib: Don't back walk from a path-list when a child fist attaches.Neale Ranns2-12/+18
Type: fix If the walk is triggered when the child is added, then that child is visited in the walk. However, since it is just attahcing to the path-list it may not, or indeed cannot, have all the context it needs to successfully handle the walk. In the case of MPLS tunnel, it does not have the path extensions ready, and cannot since the path extensions need to resolve on the path-list. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I027af8cf2f522d2f6e37931bea60c767f0cb667d
2021-10-21fib: respect mfib entry flags on create with pathsPaul Atkins18-149/+125
When an mfib entry was created with both paths and entry_flags then the entry flags were being ignored. If there are no paths then the flags were passed into mfib_table_entry_update, but in the case where the entry didn't exist and there were paths and flags, the entry was created within mfib_table_entry_paths_update() which used a default of MFIB_ENTRY_FLAG_NONE. Pass the flags through into the mfib_table_entry_paths_update fn. All existing callers other than the create case will now pass in MFIB_ENTRY_FLAG_NONE. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I256375ba2fa863a62a88474ce1ea6bf2accdd456
2021-10-21ip: Add ip46-local node for local swif[rx]Nathan Skrzypczak5-44/+132
Type: improvement This adds a new ip[46]-receive node, sibling of ip[46]-local. Its goal is to set vnet_buffer (b)->ip.rx_sw_if_index to the sw_if_index of the local interface. In dependant nodes further down the line (e.g. hoststack) we then set sw_if_idx[rx] to this value. So that we know which local interface did receive the packet. The TCP issue this fixes is that : On accepts, we were setting tc->sw_if_index to the source sw_if_index. We should use the dest sw_if_index, so that packets coming back on this connection have the right source sw_if_index. And also setting it in the tx-ed packet. Change-Id: I569ed673e15c21e71f365c3ad45439b05bd14a9f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-21l2: add api test fileFilip Tehlar2-0/+1419
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ie79a2deac03c04c0697e482a649ff151142126ed
2021-10-21ip6: set local flag on outbound echo replyMatthew Smith1-0/+4
Type: fix When VPP generates an ICMP echo reply in response to an incoming echo request to a local address, set VNET_BUFFER_F_LOCALLY_ORIGINATED on the buffer. It will prevent ip6-rewrite from decrementing the hop limit. Outbound IPv4 echo replies also get this flag set. Change-Id: Iaa229294eb158edb58cf1bf1b7a90da281321406 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-10-21cnat: improve testsNathan Skrzypczak1-737/+562
Type: improvement This is an attempt to make the cnat tests more readable by hiding the scapy packet generation under a common context concept. This in order to add tests covering a wider range of scenarios. As of now, only VIP, snat & DHCP being covered Change-Id: Ia84868984506bbb652fe974e9a6f54f7a3cc0bd9 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-21session: add api test fileFilip Tehlar2-0/+364
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I6b89c4158d10d4928c8418312180dbeba7d70ab2
2021-10-20ip6: fix IPv6 address calculation error using "ip route add" CLIJieqiang Wang3-20/+61
Using VPP CLI "ip route add" to add static IPv6 entries outputs wrong results. Fix this error by correctly calculating IPv6 addresses with different increased ranges and grouping ip4/ip6 prefix calculation functionality into two functions. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: If954876301ca2095f9331799a086f75db936f246
2021-10-20gso: add support for gso perf unittestMohsin Kazmi4-0/+393
Type: test Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I5d44a6ea24e4aa0842024a0961f1fb22c6e6419a
2021-10-20nat: enable skipped nat44-ed multi worker testsFilip Varga1-57/+0
Type: test Change-Id: I185725c0f94084d08c8514642a84a04da62398e1 Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-10-20nat: nat44-ei configuration improvementsFilip Varga7-1043/+1575
nat44-ed core configuration improvements & fixes [0-5] adjusted for nat44-ei plugin. Improvements: * repeating code converted to functions * simplified functions used for pool address, static mapping and interface configuration. Clean up: * remove obsolete code and logic persisted after plugin separation from old SNAT plugin. Fixes: * [0] return correct API behavior changed in [5] Type: improvement [0] https://gerrit.fd.io/r/c/vpp/+/33622 [1] https://gerrit.fd.io/r/c/vpp/+/33431 [2] https://gerrit.fd.io/r/c/vpp/+/33337 [3] https://gerrit.fd.io/r/c/vpp/+/33249 [4] https://gerrit.fd.io/r/c/vpp/+/32796 [5] https://gerrit.fd.io/r/c/vpp/+/32951 Signed-off-by: Filip Varga <fivarga@cisco.com> Change-Id: Ie197faa576cb49acb3d218f14e00cb7d13ad9342
2021-10-20nat: NAT44-ED api fix and improvementFilip Varga4-16/+14
This patch fixes issue with NAT_API_IS_TWICE_NAT and NAT_API_IS_ADDR_ONLY flags. Because of control plane code change - move from boolean parameters to flags in https://gerrit.fd.io/r/c/vpp/+/32796 patch these api flags weren't correctly set. Type: fix Change-Id: Ieec5fe6bdcca314da027f2d23e3a24f174391a6f Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-10-19bfd: fix bfd_key_id updateAlexander Skorichenko1-4/+8
Type: fix Currently, auth activation CLI command "bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>" allows to change both key-ids to new values at once. But if only bfd-key-id should be corrected, e.g. as a result of mistyping, we can't do that in a single operation, and have to deactivate auth first and then reactivate it with a correctly entered pair of ids. Currently, backend's bfd_auth_activate() function returns immediately, with no action, if it finds that submitted conf-key-id matches the current record. No check on bfd-key-id value is made. With this fix, bfd_auth_activate() checks if session's bfd-key-id has to be changed to a new value, and if so, it updates and logs appropriately. Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2021-10-19bfd: fix desired_min_tx_nsec updateAlexander Skorichenko1-0/+2
Type: fix Currently, the change in desired_min_tx value initiated locally doesn't result in actual update of the transmission interval. bfd_session_t structure has two fields for each of protocol's local time parameters desired_min_tx, required_min_rx In a case of a parameter update, "config_" prefixed fields store new values sent to remote bs.config_desired_min_tx_nsec, bs.config_required_min_rx_nsec Those prefixed "effective_", keep old values, still in charge, until new ones are being negotiated between peers: bs.effective_desired_min_tx_nsec, bs.effective_required_min_rx_nsec Currently, upon termination of the Poll Sequence (negotiation) only bfd_set_effective_required_min_rx() is called to update effective RX value. TX value remains unchanged. With this fix, add a call to bfd_set_effective_desired_min_tx() to set new, acknowledged TX value in effect. Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com> Change-Id: I80b6746533839c9572598f1ad9dabb33e621a525
2021-10-18api: remove legacy pd msg handlersKlement Sekera5-48/+0
While looking at a coverity warning it was discovered that it's caused by return value modified by pd msg handlers. As these are legacy, it's a good time to remove them and also fix the warning this way. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic72ab8b2b7a2e55188d1c31cfd18a74b7cf82c43
2021-10-18interface: add api test fileFilip Tehlar21-164/+1484
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ib07029204ecf12bf2adb5a39afa54bc98fb81f34
2021-10-16interface: fix offload flag checkNathan Skrzypczak1-1/+4
We should compute offloads in interface_ouput.c in the case when any of the UDP, TCP or IP offload flags is not present in the interface capabilities. e.g. if the interface supports IP cksum offload but not tcp/udp we should still compute cksums here. Type: fix Change-Id: Ibaa3a56dbc92938dca45311c38f079d040052194 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-16memif: Enhance show memif descriptors to display regionSteven Luong1-14/+13
memif descriptors table may have more than one shared memory region. To see whether a descriptor's memory address is valid or not, it is beneficial to also display the descriptor's region. While at it, fix the truncation problem for the offset field. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ia3b7062ac0323c39ade6f3a58333c6405889148f
2021-10-16perfmon: topdown lvl 2 support on sapphire rapidsRay Kinsella3-11/+168
Added topdown level 2 support on sapphire rapids, including ability to indentify a sapphire rapids cpu. Type: improvement Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I9f99a92fa0886b98bb5185cff32bebd5a094f329
2021-10-16perfmon: additional perf counters on icelakeRay Kinsella2-1/+31
The Intel Icelake uArch supports measuring up to 12 counters, comprised of 4 fixed and 8 general counters. Type: improvement Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I68369ea55a0c95d6a4a280a464e69502bbf5474f
2021-10-15vcl: narrow the scope of the restriction of vlsh_bit_valwanghanlin1-3/+4
The restriction of vlsh_bit_val only effect select/pselect, so move the check to select/pselect function. Type: fix Signed-off-by: wanghanlin <wanghanlin@corp.netease.com> Change-Id: I3585c83cfc2f0a2fd834450be650dccda67e3faa
2021-10-14pppoe: fix coverity warningKlement Sekera1-6/+12
Initialise variable used in tracing code in case of early error so that tracing doesn't use this uninitialised variable. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I6b1cef07e1f126cee56e1116606869dd667274d2
2021-10-14nat: static mappings in flow hashKlement Sekera31-1485/+1324
Put static mappings in flow hash, drop existing hash tables used for static mappings. Drop refcount variables and use hash table as a single point of truth. Allow creating a static mapping conflicting with dynamic mapping, which will take precedence after dynamic mapping is freed, so that the existing flow can finish transferring data. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Idfde8efabc09971be38921d4b0ca5ccf4e9fe412
2021-10-14ip6-nd: fix coverity warningKlement Sekera1-0/+4
Add a missing return statement in case there are no parameters supplied to 'set ip6 nd proxy' CLI to avoid calling code with uninitialised parameters. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ie4fdb4df5d1af49471c421e5e7a6c2f885d2e8d2
2021-10-14tests: fix coverity warningsKlement Sekera1-6/+2
Fix coverity warnings by initialising variables and removing dead code. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I0254b81020cdc3d7075df003309065438526918f
2021-10-14misc: fix coverity warning in ila pluginKlement Sekera1-1/+1
Remove non-null check for a pointer which cannot be null to avoid dead code warning. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I5ff40a4f80db7bb0dff9928c90ff757b763902fd