summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2023-03-14session: cleanup lcl endpt freelist before all allocFlorin Coras1-4/+5
Make sure endpoint freelist is drained before alloc of fixed local source port is tried. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I302deee5609a463af8135185af71722ac8c55a27
2023-03-14build: add support for intel alderlake and sapphirerapidsDamjan Marion2-1/+28
Disabled by default.. Type: improvement Change-Id: I36176c009e0873c048874ae38a7ea0a91449235c Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-14crypto-native: avoid crash on 12th and 13th gen Intel client CPUsDamjan Marion1-2/+4
Those CPUs are announcing VAES capability but they don't support AVX512. Type: fix Fixes: 73a60b2 Change-Id: I7b4be95e91bb6f367cd71461f1126690f3ecd988 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-14memif: don't leak error strings in API handlersDamjan Marion2-4/+12
Type: fix Fixes: ab4d917 Change-Id: I226044f64e1577033798fd203a2e981c894830d6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-03-13udp: Use udp_output_get_connection instead of udp_connection_getSteven Luong1-12/+11
udp_output_get_connection handles correctly if the connection is a listener whereas udp_connection_get does not which may lead to a crash. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I40b57287a8686820d29872cae2cfd6ae27a57c26
2023-03-13avf: 512-bit SIMD version of avf_tx_prepareLeyi Rong2-0/+53
Exploiting AVX-512 operations on avf_tx_prepare(). Type: improvement Signed-off-by: Leyi Rong <leyi.rong@intel.com> Change-Id: I01e0b4a2e2d440659b4298668a868d983f5091c3
2023-03-10vcl: init ldp config before vcl initFlorin Coras1-26/+31
This avoids printing ldp debug messages while debug is disabled and vcl is initializing. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5dfd1d59032db937fea146b6b84b8e26307a0de0
2023-03-10vlib: 512-bit SIMD version of vlib_buffer_freeLeyi Rong2-2/+73
Process 8 packets perf batch in vlib_buffer_free_inline() when CLIB_HAVE_VEC512 is enabled. Type: improvement Signed-off-by: Leyi Rong <leyi.rong@intel.com> Change-Id: I78b8a525bce25ee355c9bf0e0f651698a8c45bda
2023-03-10af_packet: fix the broken functionality upon admin downMohsin Kazmi2-41/+25
Type: fix In vpp, file descriptor handler closes the fd upon error if there is no error handling function is registered. This patch fixes the issue for af_packet interface by registering the error handling function. Errors will also be gracefully logged. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I260d780ac54ffd0199dcd6ca5b95e5afe957e968
2023-03-09vcl: fix select connected deq notificationFlorin Coras1-6/+12
Also make sure that only sessions with fifos try to set deq notification flag on fifo Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I878c2d2e18bb98109ee03b42a4f0f8c48aa23e9f
2023-03-09vcl: fix epoll out evt on connectFlorin Coras1-1/+1
Make sure session has a tx fifo. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibde40645b401ca0255da298ea4ba691ee924a2d2
2023-03-08session: Use session->thread_index to correctly retrieve the sessionSteven Luong1-1/+3
For non-connected udp, when retrieving the subscriber session to send the notification, it uses the current worker thread index whereas the subscriber session is actually on the main thread. Using the worker thread may cause a crash since the corresponding session may not be valid in the worker thread context and even if it is valid, it is the wrong session. This scenario is seen when the application forks and adds subscribers to the worker thread session. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I236ee9d9ff9f3b2f7f9f8e782d70d1080aa1b627
2023-03-08hs-test: fix install-depsDave Wallace1-6/+10
- Skip addition of docker apt source/key if already installed. Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I747e4dd5e79e23b64e6eb11c6a9348e2ae1a157f
2023-03-08quic: use tx instead of builtin_tx event with timersFlorin Coras1-3/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic11069c912a5e59bb3ea0e0c6de6cfcc879c5f4e
2023-03-08hs-test: fix docker-ce installDave Wallace1-5/+17
Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I449cd4ad71e33a2dd41e53accc6b325803a32c70
2023-03-08hs-test: add vppctl wrapper scriptFilip Tehlar1-0/+6
Type: test Add a helper wrapper script for vppctl called vppcli to vpp docker image with proper cli socket path. Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I1a51aa54bc91c1c812698501a56401c525d498e8
2023-03-07hs-test: fix envoy testFilip Tehlar3-10/+12
Type: test Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I776e0f1f7ea700439d1fe6a598772776ae6a1493
2023-03-07avf: enable rss action of flowXinyao Cai4-152/+2925
This patch enables RSS action of avf flow. Type: feature Signed-off-by: Xinyao Cai <xinyao.cai@intel.com> Change-Id: I65de18d0c2eaa415893959563ea917a6b1956550
2023-03-07vlib: stop worker threads on main loop exitVladislav Grishenko1-1/+2
If not, worker threads may continue own loops after deinit and/or thread0 exit with related crashes due no rpc capability, unmapped shared memory, etc. Main loop exit handlers that uses barrier sync will be happy too as long as recursive barrier sync is supported. Type: feature Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I255a796b06936d96715683e3f062128060233dc6
2023-03-07avf: fix cli memory leak with incorrect optionsTianyu Li1-37/+19
Remove extra line_input and unformat_user. Type: fix Fixes: b4ff07a2f843 ("Intel Adaptive Virtual Function native device driver plugin") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I9e502f3b254d0b1c7d8fd4b80925338a18da8269
2023-03-07udp: crash in format_udp_connectionSteven Luong1-1/+1
format_udp_connection takes 2 arguments from the caller. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ie618a809936a01c094982f9a8c81309826e0b087
2023-03-07build: check for presence of python plyDamjan Marion1-0/+16
Type: improvement Change-Id: I4f190607bfce404fbe68ec968e6923509ea9519b Signed-off-by: Damjan Marion <dmarion@me.com>
2023-03-07build: make Python3 mandatoryDamjan Marion1-23/+17
Type: refactor Change-Id: Iac27ac4d11745b68c57a0394ced51942db8f0431 Signed-off-by: Damjan Marion <dmarion@0xa5.net>
2023-03-06tcp: allow syns in closed stateFlorin Coras1-2/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If223096cf912c1748ae417b40585a9bea5d9d9a9
2023-03-06vcl: do not stop listeners on vls epoll delFlorin Coras1-1/+7
Although removal from epoll means listener no longer accepts new sessions, the accept queue built by vpp cannot be drained by stopping the listener. Morover, some applications, e.g., nginx, might constantly remove and add listeners to their epfds. Removing listeners in such situations causes a lot of churn in vpp as segments and segment managers need to be recreated. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia412b3f8d50fbb4881a99ff024f798353b521af7
2023-03-06vcl: always drain libc epoll with eventfds in ldpFlorin Coras1-17/+36
Otherwise if vcl epoll lt events are ignored by the app, libc and vcl mq events are never drained. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1e22f6da46d56236c52714181f6c20dcb80a33a5
2023-03-06hs-test: nginx mirroring test improvementsFlorin Coras4-5/+14
- avoid setting LD_PRELOAD for container - save nginx error log to shared volume - reduce test run time to 10s - add vcl and ldp debug env variables to docker file. Default to disabled. Type: test Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I401ac74e7c0ebe87befedb44150b04f773f244ea
2023-03-06vlib: fix vlib_log for elogluoyaozu1-8/+8
test output before fix: DBGvpp# event-logger clear DBGvpp# test log warn cli log test-log for-elog cli/log [warn ]: test-log for-elog DBGvpp# test log info cli log test-log for-elog cli/log [info ]: test-log for-elog DBGvpp# show event-logger 2 of 131072 events in buffer, logger running 53.022586433: log-notice: test-log for-elog 60.318329361: log-debug: test-log for-elog DBGvpp# test output after fix: DBGvpp# event-logger clear DBGvpp# test log warn cli log test-log for-elog cli/log [warn ]: test-log for-elog DBGvpp# test log info cli log test-log for-elog cli/log [info ]: test-log for-elog DBGvpp# show event-logger 2 of 131072 events in buffer, logger running 18.362721151: log-warn: test-log for-elog 25.124570555: log-info: test-log for-elog DBGvpp# Type: fix Signed-off-by: luoyaozu <luoyaozu@foxmail.com> Change-Id: Ie1122787f9efb611cdafc671b4ccf68b43984924
2023-03-06stats: fix tests with multiple workersBenoît Ganne1-16/+26
Type: fix Change-Id: Ic4b8478d390c7373bfb43a39ae6a70e978ae9321 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06lb: keep AddressSanitizer happyBenoît Ganne2-3/+2
vec_alloc() does not mark vector as accessible contrary to vec_validate(). Also removes redundant memset(0) as vector allocation always zeroed new memory. Type: fix Change-Id: I8309831b964a618454ed0bebbcdec7ec21149414 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06vppinfra: fix memory tracesBenoît Ganne1-49/+82
- allocates the memory trace spinlock independently from the main heap - disable tracing on a per thread basis - make sure we hold the memory trace spinlock when changing tracing Type: fix Change-Id: I7d84f22132abdc895343d447cd3a2c574786f58d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06af_packet: fix the first packet offsetMohsin Kazmi1-1/+1
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I927ba4e6f10ae4527f339a890c3a0de33a84b7eb
2023-03-06af_xdp: fix netns configurationBenoît Ganne1-1/+2
- clib_open_netns() expects a NULL-terminated C-string - if no netns was given, we should not try to format it otherwise we'll get "(nil)" as netns name. Type: fix Change-Id: I7b6022f6e8999640d0d2a83b854455b15fa4c134 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06build: add sanitizer option to configure scriptBenoît Ganne1-0/+10
Type: improvement Change-Id: Ia679d6e5fb7eff6dbd7363465e5667119751e908 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06vlib: avoid non-mp-safe cli process node updatesVladislav Grishenko1-56/+34
Node renames, clone and node_by_name hash updates should be done in vlib_node_register() / vlib_node_rename() under barrier, or else runtime per-node stats can be either inaccurate or lead to UB. Drop cli process nodes renaming rather than adding barrier syncronization on reuse, nodes will get "unix-cli-process-ID" stable names, description and terminal names are preserved and can be obtained with "show cli-sessions" and "show terminal" commands. Also fix insufficient name width for "show cli-sessions" with table formatting, output sample: DBGvpp# sh cli-sessions PNI FD Name Flags 708 14 unix-cli-local:10558 iSLpa 710 15 unix-cli-127.0.0.1:33252 ISlpA DBGvpp# sh terminal Terminal name: unix-cli-127.0.0.1:33252 Terminal node: unix-cli-process-1 Terminal mode: char-by-char Terminal width: 158 Terminal height: 43 ANSI capable: yes Interactive: yes History enabled: yes History limit: 50 Pager enabled: yes Pager limit: 100000 CRLF mode: CR+LF Type: improvement Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I40af4c0a5e5be92d5e3ebcd440fa55390aeb0e8b
2023-03-06interface: more cleaning after set flags is failed in vnet_create_sw_interfacevarasteh1-0/+1
There's a chance that vnet_sw_interface_set_flags_helper() has successfully called some sw interface add callback functions before returning the error. So the sw interface del callbacks should also be called Type: fix Signed-off-by: varasteh <mahdy.varasteh@gmail.com> Change-Id: I2cd7dc6d5b3a5ebfd2c4d1a6be5390083dee6401 Signed-off-by: varasteh <mahdy.varasteh@gmail.com>
2023-03-06interface: add the missing tag keyword in the cli helperMohsin Kazmi1-1/+2
Type: style Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I6399ad2b0b30f94c6c51db1afc39f5e875dfaa67
2023-03-06crypto: remove VNET_CRYPTO_OP_FLAG_INIT_IV flagBenoît Ganne8-133/+9
IV requirements vary wildly with the selected mode of operation. For example, for AES-CBC the IV must be unpredictable whereas for AES counter mode (CTR or GCM), it can be predictable but reusing an IV with the same key material is catastrophic. Because of that, it is hard to generate IV in a generic way, and it is better left to the crypto user (eg. IPsec). Type: improvement Change-Id: I32689c591d8c6572b8d37c4d24f175ea6132d3ec Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06memif: fix input vector rate of memif-input nodeLiangxing Wang1-1/+4
Explicitly set the ptd->n_packets to 0 if no packet is received in memif_device_input_inline(). Otherwise ptd->n_packets just keeps last time rx packets number, then this stale number is added to memif_input_node->vectors_since_last_overflow in every dispatch_node() call for memif_input_node. Type: fix Signed-off-by: Liangxing Wang <liangxing.wang@arm.com> Change-Id: Ide98a481c925262f9a609535a314f784cab424d8
2023-03-06vlib: fix macro define command not work in startup config exec scriptXiaoming Jiang1-81/+8
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Idb34490199a78d5b0c1fe2382b6483a6e3a6fd1f
2023-03-06vlib: fix ASAN fake stack size set error when switching to processXiaoming Jiang1-1/+2
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I2add6cb8dba837e47596983ec8303883aba3a138
2023-03-06dpdk: plugin init should be protect by thread barrierXiaoming Jiang1-0/+2
Witout thread barrier, when dpdk_process_node initiating dpdk lib, workers thread may also be initiating. Main and workers threads may both setting error_main info, that will cause memory ASAN issue. Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I87b73b310730719035d4985a2cff2e3308120ec2
2023-03-06vppinfra: adding support for socket mounting pathsMohsin Kazmi1-1/+5
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d
2023-03-06flow dpdk: introduce IP in IP support for flowXinyao Cai3-29/+305
This patch introduces IP in IP packet support for flow cli and dpdk plugin. Specifically, the following IP in IP packet types are supported: MAC-IPv4-IPv4-TCP/UDP/None, MAC-IPv4-IPv6-TCP/UDP/None, MAC-IPv6-IPv4-TCP/UDP/None, MAC-IPv6-IPv6-TCP/UDP/None, IP in IP flow rules can be created by using the following new keywords in vppctl: in-src-ip, in-dst-ip : to provide information for inner IPv4 header in-ip6-src-ip, in-ip6-dst-ip: to provide information for inner IPv6 header in-proto : to specify inner transport layer protocol type (TCP or UDP) in-src-port, in-dst-port : to provide information for inner TCP/UDP header An example to create flow rule for MAC-IPv6-IPv6-TCP: test flow add index 0 ip6-src-ip any ip6-dst-ip any in-ip6-src-ip any in-ip6-dst-ip any in-proto tcp in-src-port 1234 in-dst-port any rss function default Another example to create flow rule for MAC-IPv6-IPv6: test flow add index 0 ip6-src-ip any in-ip6-src-ip any rss function default Type: feature Signed-off-by: Xinyao Cai <xinyao.cai@intel.com> Change-Id: I6a1ca36d47eb65b9cb5a4b8d874b2a7f017c35cd
2023-03-06vppinfra: fix clib_bitmap_will_expand() result inversionVladislav Grishenko3-10/+57
Pool's pool_put_will_expand() calls clib_bitmap_will_expand(), so every put except ones that leads to free_bitmap reallocation will get false positive results and vice versa. Unfortunatelly there's no related test and existing bitmap tests are failing silently with false positive result as well. Fortunatelly neither clib_bitmap_will_expand() nor pool_put_will_expand() are being used by current vpp codebase. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421
2023-03-06crypto: make it easier to diagnose keys use-after-freeBenoît Ganne1-2/+2
Type: improvement Change-Id: Ib98eba146e24e659acf3b9a228b81fcd641f4c67 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-03-06build: replace phony target with .ok fileJieqiang Wang1-1/+1
When VPP builds its external packages from source, it will download the package, patch it, configure it, build and install it. For DPDK, it will depend on rdma-core if mlx4/mlx5 PMD is enabled. So phony target dpdk-config needs to have the prerequisites of rdma-core-install and ipsec-mb-install(x86 only), which are both phony targets. This leads to redundant behavior of recipes executing twice in dpdk-config. Replace the phony target with hidden file *.install.ok to avoid that. Type: improvement Signed-off-by: Lijian Zhang <lijian.zhang@arm.com> Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: Ibf3b766ab7a4ccfcbffe08f6cdb90da72ca1ce29
2023-03-06misc: define SElinux mapped file permissionsChristian Svensson1-1/+16
SElinux added support for defining what files can be mmap()'d a while back. This change defines those files that VPP maps. This is needed for EL9 support Type: fix Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: Iedd26914e29347169c4cc138628df7823ddd5691
2023-03-06build: add Rocky Linux 9 supportChristian Svensson2-7/+31
Currently only RHEL/CentOS 8 and Fedora are supported. EL9 is a middle ground and thus require some different dependencies. Type: feature Signed-off-by: Christian Svensson <blue@cmd.nu> Change-Id: I7be79e61994800bb796d4e9141f0ff6ad8bdead2
2023-03-06snort: fix descriptor offset may be truncated if buffers num too largejiangxiaoming1-1/+1
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I9694f7d8aad8868b11e08fabe179fd51c14dfcdb