summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2020-10-15vcl: refactor session state enumFlorin Coras4-159/+159
Only allow one state instead of using flags. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I08ffccbf8c3f6e2f61533996bb36c799cbc931e7
2020-10-15misc: 20.09 Release NotesAndrew Yourtchenko1-1/+655
Type: docs Change-Id: I1b12f1d14a1a68504767c01ceac0eed115fb7ba6 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ray Kinsella <mdr@ashroe.eu> (cherry picked from commit 3c5414029bb432e51820e39e86f26fd6b39c6447)
2020-10-14crypto: fixed ipsec_mb lib dependenciesPiotrX Kleski5-19/+24
Type: fix This patch re-enables libIPSec_MB build for the ipsecmb crypto engine plugin. Also since DPDK meson build relies on system installed libIPSec_MB.so that may be inconsistent with VPP compiled one (system installed version vs VPP locally compiled version for example), this patch also disables all libIPSec_MB dependant PMDs from DPDK build. Also ipsec-mb version is incresed to 0.54. Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I2ff9e7cd0c35cff9fa642895301a26a5350ea94e
2020-10-14mpls: no per-MPLS-tunnel tx nodeNeale Ranns3-98/+161
Type: improvement do not add a per-MPLS tunnel tx node. per-tunnl nodes limit the number of tunnels that can be created to the number o fnodes that can be created (64k). improve the tx node. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6016f05e809c6c64a0b098a101b28c9dd47824b3
2020-10-14nat: Fix ICMP bypass session creationVladimir Isaev1-0/+6
After get_icmp_o2i_ed_key() bihash key may include IP protocol and addresses from inner ICMP packet. It is OK for session lookup, but we should not create a session on ICMP error message receiving. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: Ic93272ebe90d2288a975265439f9e079eb28936a
2020-10-14cnat: Fix backend LBNathan Skrzypczak1-1/+1
Type: fix Change-Id: I4ea263270bcc38e505e88d512acacef7439f3823 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-10-14build: add missing dnf-plugins-core package on centos-8Dave Wallace1-1/+1
Type: fix Change-Id: I1a4d9a7a8089cbf488dcd6f09eec6b4e0d0d72fe Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-10-14vlib: avoid clipping in show errorFlorin Coras1-4/+4
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia884d745a11565918c7bf89435ceb0e17b6aef59
2020-10-14vcl: set STATE_UPDATED state when connect with non-blocking socket!fanyf1-1/+4
State set to STATE_UPDATED to ensure the session is not assumed to be open and to also allow the app to close it prior to vpp's connected reply! Type: fix Signed-off-by: fanyf <fanyufei521@outlook.com> Change-Id: I7a6d0914599cb9296d112205dac725ecd11a5d0f
2020-10-14vcl: app_name format type errorjiangxiaoming1-1/+1
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I9f017ec84320ebc56f557385d73893ecf8f25bcd
2020-10-13tcp: fix bt acked_sacked on recoveryFlorin Coras1-2/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2e2d76661fbb07dd8c6afa3583bb18e01b7a7fb6
2020-10-13session: listeners verbose format alignmentFlorin Coras1-3/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic8e98d7372af3bfde36bface49f9b90de5f3c64b
2020-10-13svm: fix coverity warningFlorin Coras1-2/+2
Type: fix Change-Id: I6c6255e66dd4cd0e4174b2a1658a3b8be40f0f7a Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-10-13tcp: fix listener trace coverity warningFlorin Coras1-6/+2
Type: fix Change-Id: I75c0bd862260e188f625271c3bd545a7ab37af5d Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-10-13session: allow custom config of segment basevaFlorin Coras1-0/+2
Type: improvement Change-Id: If9ea09d652c228004492cf47854a7f6c1f8b3bc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-10-13stats: counters data modelOle Troan17-131/+373
This adds a new data model for counters. Specifying the errors severity and unit. A later patch will update vpp_get_stats to take advantage of this. Only the map plugin is updates as an example. New .api language: A new "counters" keyword to define counter sets. counters map { none { severity info; type counter64; units "packets"; description "valid MAP packets"; }; bad_protocol { severity error; type counter64; units "packets"; description "bad protocol"; }; }; Each counter has 4 keywords. severity, which is one of error, info or warn. A type, which is one of counter64 or gauge64. units, which is a text field using units from YANG. paths { "/err/ip4-map" "map"; "/err/ip6-map" "map"; "/err/ip4-t-map" "map"; "/err/ip6-t-map" "map"; }; A new paths keyword that maps the counter-set to a path in the stats segment KV store. Updated VPP CLI to include severity so user can see error counter severity. DBGvpp# show errors Count Node Reason Severity 13 ethernet-input no error error Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ib2177543f49d4c3aef4d7fa72476cff2068f7771 Signed-off-by: Ole Troan <ot@cisco.com>
2020-10-13ikev2: fix initial contact cleanupFilip Tehlar2-306/+562
When looking for existing SA connection to clean up search all per thread data, not only current one. Type: fix Change-Id: I59312e08a07ca1f474b6389999e59320c5128e7d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-13ikev2: fix coverity warningFilip Tehlar1-5/+21
Type: fix Change-Id: Iee96b3ea3e71ec248c3c3c98d153a08372b5faf0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-13ikev2: fix memory leak in auth routineFilip Tehlar1-0/+4
Type: fix Change-Id: I93529b069925fcef32cdb22e27975b802b4c3b97 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-12l2: mark l2 fib uninitialized after clearingMatthew Smith1-0/+2
Type: fix After clearing the l2fib with 'vppctl clear l2fib', a SEGV occurs the next time a MAC address is learned. In l2fib_clear_table(), the l2fib bihash is freed and then l2fib_table_init() is called to reinitialize it. l2fib_table_init() will not do anything if l2fib_main.mac_table_initialized is set to 1. Reset the value of l2fib_main.mac_table_initialized to 0 before calling l2fib_table_init(). Change-Id: I87f1a3f9a46c951f36c1c0a5ab795b0ec08c81a8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-10-12misc: clang-11 and gcc-10 supportDamjan Marion5-6/+6
clang-11 complains: error: field 'buffer_template' with variable sized type 'vlib_buffer_t' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end] Type: improvement Change-Id: I2cb6b4fde723a05b42cf33dd8130df074f0362ab Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-12ip: IP6 incorrectly disabled on removing first ip6 prefixNeale Ranns1-1/+3
Type: fix reference counting on the ip6 state was broken, meaning that disabling one of serveral ip6 configs on an interface, completely ip6 disabled the interface. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie3af51587310ffe871ad2a9cbd927e15a3ececa9
2020-10-12tcp: use 100us timer resolutionFlorin Coras1-4/+4
Experimental reduction of tcp timer resolution from 100ms that allows for finer grained timers, if needed. Please report issues if any encountered. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4050f7691aa7365b77298b4427408a4a447834fa
2020-10-12vcl svm: segments improvementsFlorin Coras4-25/+47
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I717c64666972bb4e440cb3d1180a5cb26ee25577
2020-10-12tcp: fix connection reuse with no listenerFlorin Coras1-0/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I674872f68406ac778779a68d3ad991f41765d4e2
2020-10-12nat: set fib index for bypass sessionVladimir Isaev2-1/+2
Bihash key already contains rx_fib_index for lookup but fib value for session itself is set to 0. In the result bihash is allocated with key with fib index set, but free function is looking for key with fib index set to zero. It leads to use-after-free because session itself is removed from pool but bihash is not because of key mismatch. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I8ac5a41b0a5a32b1baab9e9d757141d5b24b7798
2020-10-12lldp: fix typo in mac address constantDmitry Vakhrushev1-1/+1
Type: fix Fixes: 149fd3fbd069a5f7be86e68472578ee7af229cb6 Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com> Change-Id: I06956f3ed3689172c3682d6b707991613255cabd
2020-10-12lldp: fix memory leakageDmitry Vakhrushev1-6/+16
1. Typo in usage of vnet_hw_interface_add_del_mac_address(), which returns 0 when it succeeds instead non zero value. 2. Generated error doesn't clean allocated resources for an interface. 3. Returned value from vnet_hw_interface_add_del_mac_address() should be erased or reported. Type: fix Fixes: 149fd3fbd069a5f7be86e68472578ee7af229cb6 Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com> Change-Id: Ia6b28ae70fea127d15eb0102223ff972358766bc Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com>
2020-10-10session: app_name should format with %vjiangxiaoming2-4/+6
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: Ib096ad14e6ddbaff52429a416ea4d245703a368d
2020-10-10misc: clib_unix_warning usage errorjiangxiaoming2-5/+5
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: Ibc4e961388d0976b55b9b936d6a37d36cddab5fe
2020-10-09avf: add add_del_mac_address handlerDamjan Marion2-33/+89
Type: improvement Change-Id: I4d0b1cd87cf2f58a653f40a300da4b7a43348a06 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-09acl: move nonip nodes to separate fileDamjan Marion3-221/+296
Type: refactor Change-Id: Idcef8effa86d6421e4b3e5f747695ddb2982e78f Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-09wireguard: park the timer processDave Barach5-2/+68
Until the feature is configured. It would make sense to push more of the feature init code into the newly-added wg_feature_init() function. This patch fixes a severe hemorrhoid. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I87095575363baa41407dd52492159a7b8c2899e7
2020-10-09vlib: save signal handler data to global vblsDave Barach1-4/+4
Turns out that clang is a bit too enthusiastic about mapping static variables to registers, which makes it hard to extract (especially) the faulting VA from an optimized core file. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I836e5d9695aeb4c5ee4a27f9565acf08ee4eaac0
2020-10-09nat: ipfix logging separation & refactorFilip Varga14-263/+240
Type: refactor Change-Id: I8785e4987e4f60361072440d0c3c6954c9c12394 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-10-08tcp: treat pending timers as activeFlorin Coras3-3/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic63af51fab8dbefe79439554ea563f20e3788afa
2020-10-08tcp: custom geometry for timer wheelFlorin Coras5-25/+83
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I04f992e5d91d21f1e5bbafef070478cfe268d94a
2020-10-08vppinfra: memory leak be goneDave Barach1-1/+1
Type: fix Fixes: ab1a50cf7407e31097b550226c2b6954d6371bea / gerrit 29272 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic8146a66b54bb9ac6223cf984d4566554b73276d
2020-10-08pg: Choose the input interface from the stream's rxNeale Ranns2-2/+4
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I656918a417d33ec6bea30054805e03ae19c38f2d
2020-10-08gre: MPLS over GRE does not select correct fixup functionNeale Ranns3-3/+110
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9eff41407b0f172f2b567e6a4ea1c48be8df883a
2020-10-08l2: Fix compile error on unused next_indexNeale Ranns1-3/+0
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ifc6b4c15f6055df4f403e9cd633e31f061a6d2da
2020-10-08interface: shorten vnet_hw_if_rx_modeDamjan Marion21-93/+88
This is part of bigger refactor. Type: refactor Change-Id: I6fc2c0a1e2d217a70952901bcf775b8485bd3c20 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-08pci: add vlib_pci_get_msix_file_indexDamjan Marion2-0/+13
Type: improvement Change-Id: Ibc15aa6f75e989b2b7caa9a57e3665b1ffc7cc18 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-08ip-neighbor: Grat ARPs from different subnet are droppedNeale Ranns3-6/+41
Type: test Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Id07e8981a903f11f50fb494a93d01815382025e4
2020-10-08l2: input performanceNeale Ranns17-530/+724
Type: improvement - cache the values form the BD on the input config to avoid loading - avoid the short write long read on the sequence number - use vlib_buffer_enqueue_to_next Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I33442b9104b457e4c638d26e9ad3bc965687a0bc
2020-10-08virtio: fix the traceMohsin Kazmi1-23/+19
Type: fix This patch fixes the commit e347acbc31111504c015531e8ad764a86d489309 Change-Id: Icee7a6e250c94ae93e606d7869acc55c7a5806b1 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-08nat: use proper type for countersKlement Sekera1-2/+2
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I330822c5d675cdfa57ab75ceb0223f11e0ebb7d2
2020-10-08ipsec: Allow SAs with NULL auth &crypto on IPSec interfaceNeale Ranns2-6/+28
Type: improvement on the dedicated IPSec interface, the SA describes the peer, so it is not possible to forward to a peer for which there is no SA. Therefore if an SA is added with NULL auth and integ then this explicitly states that this is what the peer desires. on the contrary on the IP-IP/GRE interface, in the absence of protection and an SA, then the traffic is sent in the clear. So adding NULL auth/crypto iSA is a means to describe that the peer should not be sent traffic. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I7ad2d466cc74eb7ff8c4c84e0d7897d06e2fcf86
2020-10-08fib: Register multicast MAC with interface for accepting interfacesNeale Ranns8-9/+331
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ic6c76b65e2dcc08916373153944507a297c962c0
2020-10-08vppinfra: fix coverity warningsDave Barach2-5/+5
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I654747d618cc4fe99b7774827303769fe43392ed