summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-04-23octeon: add promisc supportGuillaume Solignac1-0/+41
We add the capability to enable and disable promiscous mode on the octeon port. Type: feature Signed-off-by: Guillaume Solignac <gsoligna@cisco.com> Change-Id: I9a1464d2e1e8a0570ff16e221a4896aedc3ed6f8
2024-04-23tests: allow ip table nameMaxime Peim1-2/+4
Type: refactor Change-Id: I4abbc77a447358f4beaa05505299cae732a3f374 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-04-23ikev2: uptimeDenys Haryachyy7-8/+432
Introduced SA and child SA uptime. Type: improvement Change-Id: I28cf9f90d35ebe035a31ed0a985a5e462c8536a8 Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2024-04-23hs-test: add tests repeat optionMatus Fabian2-2/+11
Type: test Change-Id: I0143d26d929f6408a5399d7ca536e48cbd9d46bb Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-04-22hs-test: fix TCP with loss testMatus Fabian3-6/+5
Load NSIM plugin. Type: test Change-Id: I250f51e6622419d98fd17216031a5b4d2da07fba Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-04-22octeon: add support for SDP deviceMonendra Singh Kushwaha2-6/+15
This patch adds support for SDP (System DPI Packet Interface Unit) device. Type: feature Change-Id: Idf1f53b151edf2992613746d5818409187b4b051 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-04-22vlib: Place linux pci headers in a linux include blockTom Jones1-0/+2
Type: improvement Change-Id: I6b30ffd1eabfa9544d548082b7e38b8fe7224c07 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-22nat: add saddr info to nat44-ed o2i flow's rewritelijh_71-0/+2
Type: fix Change-Id: Ic303ff9b21872b7cc31f23c92e48ec3737eeb8fe Signed-off-by: lijinhui <lijh_7@chinatelecom.cn>
2024-04-19ipip: specify af for a tunnel ip addressesAnton Nikolaev1-11/+12
Currently ipip tunnel allows to use an empty addresses for dst when we trying to add tunnel, but it doesn't return it correctly on ipip dump call. There is case when we create an ipip tunnel with an empty ipv6 address, address is zero, but AF is ipv6. And when we dump ipip tunnels we get an emtpy ipv4 address instead of an empty ipv6 address. There is no point to detect AF for each address in send_ipip_tunnel_details, because ipip tunnel can't handle different AF for src and dst addresses, and prohibits creating ipip tunnel with different AF of dst and src addresses. With this fix, send_ipip_tunnel_details function return a correct AF despite address value. Type: fix Change-Id: Ib343293ad79a300cdb70135fffbfd156dfef6e27 Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
2024-04-19hs-test: transition to ginkgo test frameworkAdrian Villin25-230/+762
Type: test Change-Id: Ia38bf5549d20b22876f6082085b69a52a03d0142 Signed-off-by: Adrian Villin <avillin@cisco.com> Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-04-18sr: use correct reply to sr_policy_add_v2Vratko Polak1-1/+1
Type: fix Fixes: c4c205b091934d96a173f4c0d75ef7e888298ac7 Change-Id: I110729601a9f19451297883b781ec56e2b31465b Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2024-04-17session: force session cleanups on app detachFlorin Coras1-6/+23
Force transport and session cleanup on session detach if transport is already closing. This should also avoid races between transport initiated session cleanups and pending session control events. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I83a947a0c01f5af8ac70aa31fee660276f1d1c60
2024-04-15ip: fix comments for icmp4lijinhui1-1/+1
Type: fix Change-Id: I5f309ca4db4ae4a3e475d87b8f0188c4ead5e562 Signed-off-by: lijinhui <lijh_7@chinatelecom.cn>
2024-04-15crypto-sw-scheduler: crypto-dispatch improvementNiyaz Murshed1-0/+7
Currently sw_scheduler runs interchangeably over queues of one selected type either ENCRYPT or DECRYPT, then switches the type for the next run. This runs perfectly when we have elements in both ENCRYPT and DECRYPT queues, however, this leads to performance degradation when only one of the queues have elements i.e either all traffic is to be encrypted or decrypted. If all operations are encryption, then 50% of the time, the loop exits without dequeueing.With this change, that dequeueing happens on every loop. This increases the performance of single mode operation (ecryption or decryption) by over 15%. This change was also added in commit https://github.com/FDio/vpp/commit/61cdc0981084f049067626b0123db700035120df to fix similar performance issue when the crypto-dispatch node is in interrupt node, however was removed by https://github.com/FDio/vpp/commit/9a9604b09f15691d7c4ddf29afd99a31e7e31eed which has its own limitations. Type: improvement Change-Id: I15c1375427e06187e9c4faf2461ab79935830802 Signed-off-by: Niyaz Murshed <niyaz.murshed@arm.com>
2024-04-15linux-cp: fix seg fault in get_v2 methodsAnton Nikolaev1-2/+9
vl_api_lcp_itf_pair_get_v2_t_handler method was not be able to handle invalid sw_if_index, it caused a seg fault. With this fix, the method checks for an invalid sw_if_index and sends error back to caller. Type: fix Change-Id: I4e89b0cab34f9109c4ce2689021ecfc2786055ab Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
2024-04-11g2: fix gpointer cast complaintsFlorin Coras2-12/+13
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iadd6a4dd928002e764fc52343c14403620279aa7
2024-04-11stn: fix non-NULL terminated string overflowBenoît Ganne1-1/+1
Type: fix Change-Id: I9d7e6dd099cf9f4b7f6bb06d9e8a17fac7d7e772 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-04-11tcp: check for header truncationBenoît Ganne1-1/+3
Type: fix Change-Id: I0a43a37971d03a700926d59e848f0b6e6dbeb19a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-04-10session: add api to detach session from appFlorin Coras3-4/+17
Type: improvement Change-Id: Ib824d0ca9efc7d8967e043db69017655b2dcf6b5 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-04-10vlib: fix vlib_buffer_free_inline() AVX-512 overflowBenoît Ganne1-1/+1
'queue' is declared on the stack and must be big enough to handle queue_size + max processed elements per loops. When AVX-512 was added, this additional max was not increased from 4 to 8 accordingly. Type: fix Fixes: 767a9ab4b1 Change-Id: I15f2f930fc316f92da2e4642f41852d856c06a48 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-04-10build: use GNUInstallDirs where possibleWim de With6-11/+11
Some installation destinations were already converted to the GNUInstallDirs standard in e3cf4d0cf. This patch converts the share and include directories (typically /usr/share and /usr/include respectively) as well. Type: improvement Change-Id: Id481b16604f3f52203166a5c0647f43d6eb05239 Signed-off-by: Wim de With <wf@dewith.io>
2024-04-09vppinfra: add support for precomputed SHA2 HMAC key and chained buffersDamjan Marion1-209/+285
Change-Id: Ic1fa3bd164e80c2ca1146be001870da0238a5f2e Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-04-09tests: allow to add paths to default routeMaxime Peim1-2/+12
After adding a path to the default route, the prefix still be there in the table as it is a mandatory prefix. However, the registry hence fail to remove the route from VPP. Type: fix Change-Id: Ic4ad72455ac7a1a2f1d8baba59a7a3afe1610726 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-04-09tests: Added a simple prom(etheus exporter) plugin testadrianvillin1-0/+58
Type: test Change-Id: Ibceabc411f09d80cc23be6f2e7c8abd56d4c4ac2 Signed-off-by: adrianvillin <avillin@cisco.com>
2024-04-09build: Error out Makefile if bash can't be foundTom Jones1-0/+4
Type: improvement Change-Id: I3bba4e53364dbcc0d7a373fdc9cac2db3bbb4249 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-09acl: Use clib_net_to_host rather than library bswapTom Jones1-3/+3
Type: improvement Change-Id: I51345fb75843c67c6bf6a4c56380e1f0899c45b1 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-09fib: fix off-by-one error in rewrite length checkBenoît Ganne1-2/+2
The rewrite string can be up to max_size, and max_size can be up to VNET_REWRITE_TOTAL_BYTES. Don't waste the last byte. Type: fix Change-Id: I2fb7e9873b6b4c1e6a55b172c7f753f3c5910802 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-04-09mpls: fix default mpls lb hash configVladislav Grishenko4-127/+226
In case of multiple path within tunnel, mpls lookup node computes lb hash with mpls_compute_flow_hash config value 0, so only mpls label and l4 ports gets accounted, not 5-tuple. This leads to flow traffic polarization and disbalance over mpls paths. Use mpls hash config from lb instead, usually it'll be MPLS_FLOw_HASH_DEFAULT with 5-tuple plus flowlabel. As optimization, fix flow hash reuse from the previous lookup node if present, like ip_lookup does. Previously mpls lookup always calcs the hash. Test lb distribution for both cases. Also, use the same flow hash hex format in ip4/ip6 and mpls traces for easier reading, most code changes is due fixstyle formatting. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Ib89e1ab3edec14269866fe825a3e887d6c817b7c
2024-04-09vnet: fix ARP for unnumberedPim van Pelt2-21/+30
On unnumbered interfaces, ARP fails because there is no attached route. Allow replies to peer-to-peer addresses on unnumbered interfaces: eg. 192.0.2.1/32 <-> 192.0.2.2/32 Type: fix Change-Id: Ibeb8d8ebc8d58d5bfb0724739a17694e0217356e Signed-off-by: Pim van Pelt <pim@ipng.nl>
2024-04-08tls: fix session state update on acceptFlorin Coras1-1/+3
Only set state to ready if session is not already closing. Type: fix Change-Id: Ic95667f43ed09d693f1cf7c9f1c16f7f995ea2d8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-04-08vppinfra: fix mask compare and compress OOB readsDmitry Valter3-33/+297
Use mask_load_zero to avoid out-of-buffer reads in vectorized function versions. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Change-Id: I12bcb817ccf2db210c1c99fdfa444dc3f540035b
2024-04-05octeon: fix memory ordering issue in tx batch freeDamjan Marion4-19/+42
Type: fix Fixes: 01fe7ab Change-Id: I4425e809f0977521ddecf91b58b26fe4519dd6e0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-04-05session: fix cleanup for refused sessionsFlorin Coras1-6/+7
Type: fix Change-Id: I739b7129c7e5a3fccefcdeeaf7f4a298223dd8eb Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-04-05octeon: fix buffer free on full tx ringDamjan Marion1-4/+4
Type: fix Fixes: 01fe7ab Change-Id: I4419107c4bcb7f85b76addfc62178b6e75e10a52 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-04-05api: fix [un]formatting in vpp/api/types.cKlement Sekera3-26/+54
vl_api_prefix_t.len is 1 byte only, but unformat %d writes 4 bytes add helper functions unformat_u(8|16) which don't write more than appropriate amount of bytes fix other similar errors in vpp/api/types.c Type: fix Change-Id: I74a61a377147c373f8c25ed083052b2287763c39 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-04-04ip6: fix icmp trace flag copyMaxime Peim1-1/+1
Type: fix Change-Id: I56c1a2717f197c889425449b37f51b0f2cc89ea5 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-04-03tests: upgrade python packagesDave Wallace11-516/+574
Type: test Change-Id: I01500466f3d15c79e38028677ce7e5c75d427fdc Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-04-02tests: figure out correct version of sed to runMatthew Smith1-1/+3
In run_in_venv_with_cleanup.sh, sed was changed to gsed to allow the script to run properly on FreeBSD because the sed script uses an expression that is specific to the gnu sed. Gnu sed is available to be invoked as gsed on FreeBSD systems, but there is no executable or symlink which allows sed to be run by the name gsed on ubuntu 22.04. Check for the existence of gsed. If it's found, use it. Otherwise, just use sed. Type: fix Fixes: b3c863eae4 Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I487197e486f500711aa3e87ec7ba899a53606b40
2024-04-02session: fix closing ntfs handling for refused sessionsFlorin Coras1-0/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1464e93cd3020eaa26068df558924e39dd255ccb
2024-04-02fib: coverity 335348 out-of-bounds accessDave Wallace1-2/+6
- also fix memory leak in adj_glean_walk_proto() Type: fix Change-Id: I3cd72b14506e6bfc9d8d77a65d7b9b2703992367 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-04-02vppinfra: fix array_mask_u32 underrunDmitry Valter1-0/+1
Properly handle small buffers in the AVX256 version of array_mask_u32. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Fixes: f62ed3f9c1ec3e8db36f63d6a54f46b7bea43723 Change-Id: Idf1cb43ccf37bd7c439d11e4f68fe30064c6d09a
2024-04-02api: fix rx timeout thread busy loop after reconnectVladislav Grishenko1-0/+2
After memclnt api client disconnect, read timeout is set to zero and stays the same even after same client reconnect. It causes client process to spin in timeout loop up to 100% cpu. Fix it by resetting timeout process state upon every (re)connect. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I56812972a69c343f869eebbdfebdcbefd3d201e0
2024-04-02map: BR rule lookup updateDan Geist4-7/+39
Update to the MAP rule lookup (in IPv6) based on the rule's source prefix instead of DMR Type: improvement Per RFC, the DMR is allowed to serve multiple MAP Basic Mapping Rules, but this capability was prevented by the above logic. Updates to the code include populating a new hash table based on the MAP rule ip6 prefix and length, changing several functions to reference this new table, and slight alterations to a few functions regarding pre-lookup bitmasking. All changes are commented with [dgeist] and are in need of peer review, especially the bitmask alterations. An attempt was made at generating an additonal MAP rule in the test_map_br test harness, but the coding appears very much oriented towards testing just one rule. I would appreciate suggestions on how to test multi-rule cases. Issue: VPP-2111 Change-Id: Id1fea280eba625e23cd893575d9b63aac7f48405 Signed-off-by: Dan Geist <dan@polter.net>
2024-04-02misc: in crcchecker.py, don't check for uncommitted changes in CIDave Wallace1-7/+9
Type: fix Change-Id: I63260a953e54518b3084b62fccdb4af81315b229 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-04-02vapi: avoid memory leakKlement Sekera1-1/+1
Erase removed elements to avoid memory leaks. Type: fix Change-Id: I1605bea8df7e08455691364efb0a12eb0d9dae93 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-04-02lb: fix using vip after freeGeorgy Borodin1-3/+3
fix use of vip after it was deleted Type: fix Fixes: 041eacc81656d2ed5bc01b96b15a7d03a1700f13 Change-Id: I5723485c5da7507fbc6c86ff6eb9f77127439f67 Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
2024-04-02tests: Use gnu sed explicitly in test setup/tear downTom Jones1-1/+1
Type: improvement Change-Id: Ie79fd8a5bcfd72a97bf460ef6437913ac34f439c Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-02tests: Add missing socket imports in testsTom Jones3-0/+4
Type: fix Change-Id: I646f96517d3bda5c0f5644e6bb89ade7818fc466 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-04-02l2: fix vxlan src port entropy with mpls payloadVladislav Grishenko3-4/+85
l2 tunnels like vxlan, gtpu, geneva use vnet_l2_compute_flow_hash() to compute flow hash for udp src port entropy. In case of inner mpls tunnels to the same lsr ethernet src and dst macs are the same, so l2 flow hash is also the same leading to no src port entropy and the only rss queue overflow on receiver side. Fix it for all the possible vnet_l2_compute_flow_hash callers by making mpls playload hash in additon to ip4/ip6. Visible performance impact is not expected as it's only one check for mpls ethertype for common cases. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I69153d42fb3d7c094a670c674fac8d14039c626a
2024-04-01linux-cp: add support for tap num queues configVladislav Grishenko3-2/+39
This change allows to limit lcp interface queues to be used by explicit host interface workers. Type: improvement Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I0626f66021e5a5f251470156231dc44ddaea5ee6