summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2021-12-21hsi: host stack intercept pluginFlorin Coras6-0/+458
Enable selective punting of flows to host stack Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib31a3abfe3b21a2aa448bfacc4591fa5c840f935
2021-12-21tls: don't add listen to lookup tableFilip Tehlar1-0/+1
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I0432dd0209f9c7702a8497161e21e178ee243bb1
2021-12-21fib: MPLS EOS chains built for attached prefixes should link to a lookup DPONeale Ranns10-66/+84
Type: fix Presently a local label associated with an attached or connected prefix will link to the glean. This is a problem since it will never use the adj-fibs that are installed for that attached prefix. Instead link the local label to a lookup in the table in which the attached link is bound. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Iad49fb6168b9ba47216a9a52bd262363b49c3c43
2021-12-20vrrp:fix vrrp vr delete case memory leakjinsh1-0/+1
when vrrp vr delete, vr->config.peer_addrs not free Type: fix Signed-off-by: jinsh <jinsh11@chinatelecom.cn> Change-Id: I9ead188d6409412b475b5f6add767cb58f1af6e0
2021-12-20session: ignore rpc in fifo event lookupsFlorin Coras1-10/+0
RPCs are not associated to sessions. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6b7870a3ebc2e8f32a6c1b10e2552d9e074c7eb3
2021-12-20session: improve sh segment-manager cliFlorin Coras2-67/+87
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5d669fcba609bcdb35103f57c45e0a270213d84a
2021-12-20ip: SVR fix race conditionKlement Sekera2-2/+14
There could be a race condition where two fragments of one chain end up at the same time on different workers, one overwriting others hash entry. Add a check for that and restart processing on the unlucky worker who ends up being second from hash table POV. This will then result in a proper handover to worker now owning this reassembly. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
2021-12-19fib: Incorrect logic for IPv6 link-local attached export.Neale Ranns1-1/+1
Type: fix IPv6 link-local FIB entries are never needed for attached export. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I08aad78e754d89ad54d07a211fb7a0d7fbc7a0fe
2021-12-18bfd: fix NULL dereference in bfd_api_verify_commonFrédéric Perrin1-1/+1
ip6_get_link_local_address() may return NULL if the local interface is not (or not yet) configured Type: fix Signed-off-by: Frédéric Perrin <fred@fperrin.net> Change-Id: I42bf2081582c4a36fa4e32145ca2f0ff73488110
2021-12-17vppinfra: missing __clib_exportbenker1-1/+1
Type: fix hash_resize is available in hash.h file, but missing __clib_export in hash.c Signed-off-by: Leung Lai Yung <benkerbuild@gmail.com> Change-Id: Ibb741b532cd1080ec5d8314aae8dbbca87f42502
2021-12-16session: app mq congestion detectionFlorin Coras3-266/+349
Detect mq congestion and handle it by queueing messages in a fifo and postponing handling via rpcs. App workers with congested mqs cannot accept nor connect additional sessions. Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I401d971a1a53896758b88fc60f158cbc31e0c7cb
2021-12-16vppinfra: clang doesn't know about attribute nocloneDamjan Marion1-0/+4
Type: fix Fixes: 88019c40 Change-Id: I219597c95883f49b6ff51e65e6c6c80e3c1518b7 Signed-off-by: Damjan Marion <dmarion@me.com>
2021-12-16ip: add tests for message size verificationKlement Sekera1-5/+24
Coverity complained that there is boundary checking in add_del_punt_redirect_v2 handler. This test proves that such boundary checking is not necessary as it is handled in the common path. Type: test Change-Id: Ibec054c01d4eb057accdc9d5732aba6fe6de51cc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-16af_xdp: mark API as stableBenoît Ganne1-6/+1
Type: improvement Change-Id: I55b080f994eafc4ecfe0e774d7cd05218d715526 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-12-16vppinfra: fix clib_fifo_elt_at_indexFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4924420b827bdf7d161a1f723c2bfd5370d43772
2021-12-16af_xdp: bump libbpf version to 0.5Benoît Ganne1-2/+2
Type: improvement Change-Id: Ia089a82a460b69e0edf69c8b8d3dc2814fa54c35 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-12-16api: Fix reaper functions for socket clientsNeale Ranns1-1/+2
Type: fix The pub_sub_handler() stores registrations key'd with the message's client_index (which is in network-order). The socket-client invokes the reaper function (to cleanup these registrations) using the pool index of the registration. hence the pub-sub registration is not removed. change the socket-client to pass the network-order client_index. This approach was chosen in preference to chaning the way the registrations are key'd since the memory-client also uses this registration, and correclty passes the client_index to the reaper. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I6118555c8601149d05801f558e08bcc7aed4fc98
2021-12-15vppinfra: toeplitz hash four in parallelDamjan Marion6-76/+622
Type: improvement Change-Id: Icb3f39f42d01c51d7b03543cb7d6b5dabad11866 Signed-off-by: Damjan Marion <dmarion@me.com>
2021-12-14virtio: integrate with new tx infraMohsin Kazmi11-58/+251
Type: improvement Change-Id: I337ec63d0868f665329d68eadf1744e080b73a0d Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-12-14vppinfra: toeplitz hashDamjan Marion5-0/+704
Type: feature Change-Id: I0ccf280c4b769ee624cfb780146b847a0e8e4942 Signed-off-by: Damjan Marion <dmarion@me.com>
2021-12-14vppinfra: display cpu frequency in test_vector_funcs perf testDamjan Marion2-8/+24
Type: improvement Change-Id: I350a30eca0d3d7ec8816e4e7c30889621029c694 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-14interface: Add interface monitor cliNathan Skrzypczak4-0/+141
This adds an interface CLI 'monitor interface <interface>' that periodically reports rx/tx pps & bandwidth for a given interface. Type: feature Change-Id: Ia9d59b3443913520a52b38d7bda012190be6f167 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-12-14crypto-native: fix build error on Arm using clang-13Jieqiang Wang1-2/+2
Building VPP on Arm using clang-13 as compiler will fail with following error message. The root cause is the unmatched alignment of parameter key for functions aes128_key_expand/aes256_key_expand on aarch64. Fix this error by explicitly declaring parameter key as type u8x16u. [285/2593] ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c FAILED: CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o ccache /home/snowball/tasks/benchmark_compilers/clang_13/bin/clang-13 --target=aarch64-linux-gnu -D_FORTIFY_SOURCE=2 -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src -ICMakeFiles -I/home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins -ICMakeFiles/plugins -fPIC -g -fPIC -Werror -Wall -Wno-address-of-packed-member -O3 -fstack-protector -fno-common -march=armv8.1-a+crc+crypto -MD -MT CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -MF CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o.d -o CMakeFiles/plugins/crypto_native/CMakeFiles/crypto_native_armv8.dir/aes_cbc.c.o -c /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c In file included from /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes_cbc.c:22: /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:415:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes128_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch] aes128_key_expand (key_schedule, (u8x16u const *) key); ^ /home/snowball/tasks/benchmark_compilers/vpp-clang-13/src/plugins/crypto_native/aes.h:421:40: error: passing 1-byte aligned argument to 16-byte aligned parameter 2 of 'aes256_key_expand' may result in an unaligned pointer access [-Werror,-Walign-mismatch] aes256_key_expand (key_schedule, (u8x16u const *) key); ^ 2 errors generated. Type: fix Fixes: 415b4b0bb ("crypto-native: refactor GCM code to use generic types") Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: Ic99a63526031e60760929238922a6e4547388368
2021-12-14misc: vppctl fix heap-buffer-overflow & memleaksTianyu Li1-0/+8
1. Malloc may return not zero buffer, causing strncat buffer overflow 2. Malloc buffer not freed Type: fix Fixes: 31f192434660 ("misc: vppctl - remove the dependency on vppinfra") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I5aebaccf3d0f8b7e3617068267f62cc2aa39d827
2021-12-14vxlan: crash on configuring vxlan tunnel on l3 modeSteven Luong2-7/+9
Configure a vxlan tunnel using this CLI and then assign an ip address to the vxlan tunnel cause VPP to crash immediately create vxlan tunnel src x.x.x.x dst y.y.y.y vni 1000 decap-next node ethernet-input l3 set interface ip address vxlan_tunnel0 z.z.z.z/24 It looks like when l3 mode is configured, the code calls the wrong function to register the interface Type: fix Fixes: 3e38422ab905d26ab1625c74268e30c94327ea54 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ie1a08efc028f37fb528a7dfd7048ff6836bb8ddc
2021-12-14api: verify message size on receiptKlement Sekera16-88/+280
When a message is received, verify that it's sufficiently large to accomodate any VLAs within message. To do that, we need a way to calculate message size including any VLAs. This patch adds such funcionality to vppapigen and necessary C code to use those to validate message size on receipt. Drop messages which are malformed. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
2021-12-14ip: reassembly: drop zero length fragmentsKlement Sekera4-0/+35
Zero length fragments are invalid and should be dropped. This patch adds that. Type: improvement Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-13vppinfra: multiple perf bundle support in test_vector_funcsDamjan Marion2-10/+79
Type: improvement Change-Id: I93be722f4dabc2b49a5e83f61f4eb1d72f5f7d45 Signed-off-by: Damjan Marion <dmarion@me.com>
2021-12-12arp: fix arp_vft callbackMercury1-1/+1
arp proxy is not enabled correctly by ip4_neighbor_proxy_enable() Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: I672b5d4a9652030b5604e9d39743c39cb93a2531
2021-12-12tcp: fix the tcp src-address cliMercury1-0/+2
When the src-address to add match a route without a valid output interface(such as default route 0.0.0.0/0), fib_entry_get_resolving_interface() will return (u32)~0, which will cause crash in ip4_neighbor_proxy_enable(). Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: I5aee5676a2ff43ec06745ebed4dba2b9e5b98c4d
2021-12-10ip: reassembly: handle atomic fragments correctlyKlement Sekera4-47/+177
If a fragment arrives with fragment offset = 0 and M = 0, it means that this is actually a complete packet and per RFC 8200, it should be treated independently from other fragments. This patch does that. Fragmentation header is stripped and fragment is forwarded irregardles of other existing reassemblies in case of full reassembly and treated the same way as regular packet in shallow virtual reassembly. Type: improvement Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-09dpdk: disable l4 csum offload for vmxnet3Florin Coras1-1/+4
TCP csum offload fails although udp seems to work. Type: fix Fixes: fa1fb60 Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie0651887b09920365806eaad776b0d13059faee8
2021-12-09build: fix PYTHONPYCACHEPREFIX pathDamjan Marion1-1/+1
Type: make Change-Id: I20fd245585e5b62ff20fe3adf20b14bfef47a9ca Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-08vcl: validate closed sessions on disconnect and resetFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0375d639e979e29d287dc9fee16b0434fb5c788b
2021-12-08memif: fix the memory leak when memif cli getting wrong parameters inputsHan Wu1-4/+12
Type: fix Signed-off-by: Han Wu <wuhan9084@163.com> Change-Id: I0aeafd273b3d1d01df02d638c72461943f91ef90
2021-12-08api: improve REPLY_MACRO safetyKlement Sekera3-134/+167
Improve vppapigen to generate per-message #define indicating whether said message is dynamically sized (due to VLA or string) or not. Use these #defines in REPLY_MACROs to prevent improper usage. Fix existing improper REPLY_MACRO* usage. Type: improvement Change-Id: Ia77aaf9f6cf3ed68ea21075a4cc8deda78a68651 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-08session: stricter tx checks for ct sessionsFlorin Coras1-1/+11
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ied4fe0f2b35eeca4e3e82fa21346de7f243aa52a
2021-12-08session: fix duplicate segment del messageFlorin Coras1-6/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I42b5a5a07aae6708a20ed424c8f26ddbe91278fb
2021-12-07vcl: debug code improvementsFlorin Coras1-36/+33
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I18cd4131c692e776c98eba36161813035e9dec53
2021-12-07vcl: handle reordering of disconnect and reset msgsFlorin Coras2-11/+61
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I817e8510029a060876697701b81a952286597db1
2021-12-07libmemif: reset memif buffer flagsJakub Grajciar1-0/+2
Reset memif_buffer_t flags in memif_buffer_alloc and memif_rx_burst Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: If62ba510fad783afb9f7f58411562b6989fa1573
2021-12-07fib: fix coverity warning/don't dereference NULLKlement Sekera1-1/+1
fib_sas6_get is called with NULL dst explicitly so add a NULL check to avoid a NULL dereference. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
2021-12-06vcl: fix ldp shared listener bitmap leakFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id1e273bf80c1cc687ce7e5ea3b8cc6a3ec3862f9
2021-12-06vppinfra: add 'filter' option to test_vector_funcsDamjan Marion2-1/+9
Type: improvement Change-Id: I5ed9029e5dc1368b7debbef04a3ac439a61af9ea Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-06vppinfra: sha2 testsDamjan Marion4-3/+345
Type: improvement Change-Id: I8a5d8d5db4e4a8ee3a1164bfbe91badff181d06a Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-06build: leave to CMake to deal with -fPIEDamjan Marion1-2/+1
Type: make Change-Id: Icced0e09b75b3114b1652d552e288091968ee7cc Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-04ipsec: fix async buffer leakMatthew Smith3-3/+2
Type: fix Fixes: f16e9a5507 If an attempt to submit an async crypto frame fails, the buffers that were added to the frame are supposed to be dropped. This was not happening and they are leaking, resulting in buffer exhaustion. There are two issues: 1. The return value of esp_async_recycle_failed_submit() is used to figure out how many buffers should be dropped. That function calls vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always returns 0. It is safe to remove the call to reset the frame because esp_async_recycle_failed_submit() is called in 2 places and a call to reset the frame is made immediately afterwards in both cases - so it is currently unnecessary anyway. 2. An array and an index are passed to esp_async_recycle_failed_submit(). The index should indicate the position in the array where indices of the buffers contained in the frame should be written. Across multiple calls, the same index value (n_sync) is passed. This means each call may overwrite the same entries in the array with the buffer indices in the frame rather than appending them to the entries which were written earlier. Pass n_noop as the index instead of n_sync. Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-12-03interface: add multi tx-queues support for new tx infraMohsin Kazmi15-138/+869
Type: feature Change-Id: I231f782b3c56dc2b10321e4569ac7acdad1c11da Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-12-03api: refactor to use REPLY_MSG_ID_BASE #defineKlement Sekera10-50/+41
REPLY_MSG_ID_BASE is the standard way to define reply message id base, so this refactor makes all the files use that. This is a preparation patch for future safety add-ons which rely on REPLY_MACRO* parameters to be preprocessor tokens identifying the message instead, Type: refactor Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ibe3e056a3d9326d08af45bbcb25588b11e870141
2021-12-03ip: extension header parsing fails for fragment headerOle Troan9-303/+310
Refactor and improve boundary checking on IPv6 extension header handling. Limit parsing of IPv6 extension headers to a maximum of 4 headers and a depth of 256 bytes. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556 Signed-off-by: Ole Troan <ot@cisco.com>