Age | Commit message (Collapse) | Author | Files | Lines |
|
CID 147141: Security best practices violations (DC.WEAK_CRYPTO)
/vnet/vnet/ip/ping.c: 496 in run_ping_ip46_address()
490 ping_main_t *pm = &ping_main;
491 uword curr_proc = vlib_current_process (vm);
492 u32 n_replies = 0;
493 u32 n_requests = 0;
494 ping_run_t *pr = 0;
495 u32 ping_run_index = 0;
CID 147141: Security best practices violations (DC.WEAK_CRYPTO)
"rand" should not be used for security related applications, as linear congruential algorithms are too easy to break.
496 u16 icmp_id = rand ();
497 while (hash_get (pm->ping_run_by_icmp_id, icmp_id))
498 { 499 vlib_cli_output (vm, "ICMP ID collision at %d, incrementing", icmp_id); 500 icmp_id++; 501 }
Change-Id: I822350c03afce0b2dd35f37e27f55df82ca3443f
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Icb240ce9c62e9a2e2ff18107729cffb8e4884a0c
Signed-off-by: Alex Popovsky <apopovsk@cisco.com>
|
|
Change-Id: Iaeca4a86eb96096d6840d38c16d60641e9179662
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I894d71b397e7451d4e596b10258933287b7e965f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Iac96773e7f9028c0f09c3388893e69f67177439d
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Id53797c795c17fbacce3659c945f5126dc9dee86
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I84e9d7c3ccd32814c3eebf1cef0a4887c75812a8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I5b282964330f4c14f7991453ee02c455a8d367ea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- refactor VAT so it won't cache data
- remove unused filter flag from locator dump API call
- json structure changed for locator and EID table dump calls
- remote mapping VAT cli now accepts string for negative mapping action
Change-Id: I776fb50659aaa7e98ad93715d282a83f78287344
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: I55b552fd054610c993d14078ce048c8c4b676104
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Fixed bug in message-id mapping with non-consequtive APIs.
Change-Id: Icd6073e4655f7ce5432816861ae58915e5b336af
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ia7837dfaa9ed200145aeea19177fe549ab4bd087
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I7a8024378dee33c89b58835af1b7de020fac3e5e
Signed-off-by: Jan <jgelety@cisco.com>
|
|
Change-Id: Ifbd99818ead5f38c5f8ad3ecdb36b24a9fa59798
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|
|
Change-Id: Iee203bf24e8c68e1367d12f297bf31019cc44c5c
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I7850f04787fa7ce10c0ae8adefa166c91420f02d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
http://dpdk.org/dev/patchwork/patch/15610/
This change only includes patch for DPDK 16.07 as
DPDK 16.04 doesn't seem to compile for me.
Change-Id: I18d84456ef6a15aa308d5e14673a24cb4a7b6909
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
vnet_main->hw_interface_link_up_down_functions
Change-Id: I7aacaebade695e8fec8306426f693f287b605ed8
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I50ad0d79a6ffaf0a51848abf2c5ed57e83c8640f
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
vpp now depends on the version of vpp-lib it was built with
vpp-plugins now depends on the version of vpp it was built with
Change-Id: Idf706f94d3a35bdf51930badf61cac288855873d
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|
|
- The previous change only accounted for a missing Graphviz config
file; apparently it can be zero-sized too.
Change-Id: Ic6957d10cdc7cb7b9da72d2b2a0f8913100870c5
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
- Sometimes it seems Ubuntu doesn't always set up the Graphviz
handler config. If it's missing, generate it.
Change-Id: I2c1e566817de8415f8b360c6f967cd76307a2a52
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: Ibe6ccb99c3c29c14efb34191f209a2f6a14293f7
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
highlighting this.
Change-Id: I22b1dc800624042e043e7632179f6281a6ccaafc
Signed-off-by: Vengada Govindan <venggovi@cisco.com>
|
|
- If present, include the directories where API header files
are generated into.
- Improve extraction of include paths from CPP
- Generalize the file/directory exclusion
This reduces some of the "warning" chatter from Doxygen.
Change-Id: I7ac02bff1639fe63f11263176020b0f040255017
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: I5df0067c9ce56d7a15a991b82d4761924d91758b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Configure the MTU/L3 packet size of the bonded interface
as the lowest value of the slave intefaces
Change-Id: I34fb4c2156e8ad3d9bf45efe332405d53f72867c
Signed-off-by: Steve Shin <jonshin@cisco.com>
|
|
Currently, vpp-lib rpm includes symlinks for
*.so.0 -> *.so.0.0.0
but not
*.so -> *.so.0.0.0
This causes linker issues in cases where vpp-lib and vpp-devel rpms
are installed and sources are built that rely on libraries in vpp-lib.
Example:
libtool: link: gcc -shared -fPIC -DPIC jvpp/.libs/libjvpp_nsh_la-jvpp_nsh.o -lvlibmemoryclient -lvlibapi -lsvm -lvppinfra -lpthread -lm -lrt -ljvpp_common -L/usr/lib64 -O2 -Wl,-soname -Wl,libjvpp_nsh.so.0 -o .libs/libjvpp_nsh.so.0.0.0
/usr/bin/ld: cannot find -lvlibmemoryclient
/usr/bin/ld: cannot find -lvlibapi
/usr/bin/ld: cannot find -lsvm
/usr/bin/ld: cannot find -lvppinfra
collect2: error: ld returned 1 exit status
Change-Id: Ic8eebc696f973ea348be0b43e7cfb289efbe44fe
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|
|
Change-Id: I9e49c9b6deedb750269da04e3332a3b0742d382c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I0a687c5d5f745a6c82a58c8e20b987180704a685
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
One of the main issue with virtio is the small queue size.
VPP can quickly fill the queue before Linux could empty it,
resulting in packet losses.
Virtio indirect descriptors double the number of packet
which may fit in the virtio queue (From 128 to 256 with standard qemu
which hardcodes queue size to 256).
Linux will not use such descriptors if the virtio MRG feature is
enabled. You may add mrg_rxbuff=off option to qemu commandline
when starting the VM such as to disable this feature. This way,
Linux will use indirect buffers to receive packets.
But it seems that Linux never uses indirect buffers to send packets.
This patch also includes some optimization modifications.
Change-Id: I26940d41ce6b7e3a08d5516018a8c46c5316ce1c
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
This change makes checkstyle much faster by checking only recently
changed files. It only checks files changed in last commit and files
which are localy modified. Old behavior is preserved by specifying
argument "--full" when invoking script.
In addition "make checkstyle" and "make "fixstyle" actions are added
to the top-level Makefile.
Change-Id: I7d86225bd282f32ee508e7f52692a3778ac8dcda
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Rework flow report registration system - add streams
Add support for IPv6 and src and dst ports for TCP and UDP protocols
Implement binary API for IPFIX classifier module
Change-Id: Id05cc0127a7b95ceaeebf9c79a32c6936449bd63
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
In some cases it is convenient to use 0 as an invalid node index
so here we make sure that index 0 is not used.
Change-Id: I5af6bef6769d56086ceb343423185f22843732bd
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ice2e0e60c801bd6fb67f3a544e95e9ffaa22ca16
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- Fix issue in Doxy dependency check when nothing needs to be installed.
'set -e' and plain '[]' logic don't mix well.
- Fix Makefile snafu when building Doxy output for a single file.
- Include only one of vnet/vnet/buffer.c/dpdk_buffer.c in docs depending on
DPDKness. This could do with some improvement in future, eg to properly
align the pre-doxy steps with what Doxy does.
- Fix rendering of 'inline' tag in Doxygen by having it interpret
always_inline as "inline static".
- Bunch of duplicate CLI command structure names that confused docs and may
one day have caused debugging issues.
- Several other Doxygen syntax issues fixed, like documenting non-existant
parameters (usually just the wrong parameter name, typos, etc)
Change-Id: Ia8cca545e5de9f8750602bffa3c4548acc8971aa
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: I167c49d2a64e7a36a176d57054ecd99b398a9cca
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I78322e91485e5429871bd356f668b8ed90f4265a
Signed-off-by: Vengada Govindan <venggovi@cisco.com>
|
|
Change-Id: I67dd7896932b8ea96062b9ff074959c172b51ba4
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I62b65472e77a33b1fc94f7c4975b5e9cbf358f41
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Enqueue buffers into next frame before validating them.
Change-Id: I466518bc6f304678136a2c3d37f136ce878eef05
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Change-Id: I48cffb8acbd9e6655d7ec661ee8f7e0689b12a2d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- update of CSIT operational branch to be used for VPP-patch test
Change-Id: I5159d0a320305fd3a8ca927fa742ddd4df87b271
Signed-off-by: Jan Gelety <jgelety@cisco.com>
|
|
Additional fix to vpp_api_test to show which kind of arp/ip6-nd
event is received, whether it is address resolution or mac/ip binding.
Change-Id: Ic65b895cd1bfbe2f34d1b68891a1a580852fbcdb
Signed-off-by: John Lo <loj@cisco.com>
|
|
This new CLI API is meant to replace the
cli_request/cli_reply that uses shared memory.
PS: checkstyle -- *hate*
Change-Id: I6318f8f6b9be2c2398b49dac9e2193c1998ea724
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
When looking up a UDP port / GRE protocol in the sparse vectors
next_by_dst_port / next_by_protocol a data from the vector was
tested for SPARSE_VEC_INVALID_INDEX instead of sparse index itself.
This doesn’t matter for most cases since V[0] = 0 is true for all
sparse vectors. This however could cause an issue when a valid
sparse entry e.g. V[1234] = 0, with data (0) mistakenly passing
the test for SPARSE_VEC_INVALID_INDEX, while the index itself (1234)
is a valid index.
Change-Id: I04818cc43efeae047a4dae79078157d48b8c359c
Signed-off-by: Alex Popovsky <apopovsk@cisco.com>
|
|
Only try to install packages if they're not installed.
Saves a trip through sudo which is useful when you have a
non-privileged account generating the docs.
Change-Id: I3709aceb15516a45ea2f9510d91c6d2e42c8c349
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: Ia2643f33170da92fde0f8228c8d8393f23e98d11
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|
|
Removed unused sparse_index_by_next_index vector in local context
of UDP and GRE nodes. Most probably copy paste leftovers from PPP
implementation where it is realy used
Change-Id: I97e81035e2fd451c6f5a7bc31df96db9e6d2cebf
Signed-off-by: Alex Popovsky <apopovsk@cisco.com>
|
|
Change-Id: I7f8fe8fa6c24b4229b0cb45e6c83e7cb2828e2da
Signed-off-by: Ed Warnicke <eaw@cisco.com>
|