| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Integer math on 32 bytes of base64 data might yield 33 bytes
of data in some poorly formed user input of private key values.
Rather than smashing the stack (detected) and aborting, simply
allow for the possible yet irrelevant 33-rd byte of data.
Type: fix
Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Change-Id: I42acfbf3e8fbb3d517e21c53d4f80459d4800e9d
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Type: fix
otherwise the feature is enabled n times for n lcp-pairs and the packets go n times through the feature.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8e47e4a293d6e2711f54aa09e9545e5e07728026
|
|
Revert "vxlan: crash on configuring vxlan tunnel on l3 mode"
This reverts commit b8de7d43e4955bb4025cd0e0e7390279841b6d7d.
Reason for revert: VPP-2014
Type: fix
Fixes: b8de7d43e4955bb4025cd0e0e7390279841b6d7d
Change-Id: Ic4d10f28985ee10e0550a1bbfd465ada915e4aa6
Signed-off-by: Ed Warnicke <hagbard@gmail.com>
|
|
adj_get() crashed in worker thread. The index is valid but was freed.
0x00007fba5fb07921 in __GI_abort () at abort.c:79
0x00007fba528de7c3 in os_panic () at /development/libvpp/src/vpp/vnet/main.c:618
0x00007fba506f2a19 in debugger () at /development/libvpp/src/vppinfra/error.c:84
0x00007fba506f2797 in _clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fba521cecd9 "%s:%d (%s) assertion `%s' fails") at /development/libvpp/src/vppinfra/error.c:143
0x00007fba51d88254 in adj_get (adj_index=79) at /development/libvpp/src/vnet/adj/adj.h:472
0x00007fba51d87642 in icmp6_neighbor_solicitation_or_advertisement (vm=0x7fb9f19a0580, node=0x7fb9bb820340, frame=0x7fb9b718bc40, is_solicitation=0) at /development/libvpp/src/vnet/ip6-nd/ip6_nd.c:134
0x00007fba51d8f479 in icmp6_neighbor_advertisement (vm=0x7fb9f19a0580, node=0x7fb9bb820340, frame=0x7fb9b718bc40) at /development/libvpp/src/vnet/ip6-nd/ip6_nd.c:348
Type: fix
Signed-off-by: Rajith P R <rajith@rtbrick.com>
Change-Id: Ibe29854137ee9680f7947450eb7e256b8c0ade31
|
|
mpls fib DB size was 2^20 instead of intended 2^21.
Therefore large mpls labels caused DB to overflow and write
to other tables or some random objects. Or crash with ASAN.
Sometimes.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: I6db65680037a266fe47e8213464a0c16de63c06c
|
|
Type: fix
Fixes: 6fdcc3d
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I820c505482801ff2ab8dac41a0016bb3a741a4ee
|
|
Add support for inline packet counter verification to send_and_* functions.
Diff dictionary is a dictionary of dictionaries of interesting stats:
diff_dictionary =
{
"err" : { '/error/counter1' : 4, },
sw_if_index1 : { '/stat/segment/counter1' : 5,
'/stat/segment/counter2' : 6,
},
sw_if_index2 : { '/stat/segment/counter1' : 7,
},
}
It describes a per sw-if-index diffset, where each key is stat segment
path and value is the expected change for that counter for sw-if-index.
Special case string "err" is used for error counters.
This then allows more precise packet counter verification by first
defining a "zero" dictionary, e.g. for ED NAT:
cls.no_diff = StatsDiff({
pg.sw_if_index: {
'/nat44-ed/in2out/fastpath/tcp': 0,
'/nat44-ed/in2out/fastpath/udp': 0,
'/nat44-ed/in2out/fastpath/icmp': 0,
'/nat44-ed/in2out/fastpath/drops': 0,
'/nat44-ed/in2out/slowpath/tcp': 0,
'/nat44-ed/in2out/slowpath/udp': 0,
'/nat44-ed/in2out/slowpath/icmp': 0,
'/nat44-ed/in2out/slowpath/drops': 0,
'/nat44-ed/in2out/fastpath/tcp': 0,
'/nat44-ed/in2out/fastpath/udp': 0,
'/nat44-ed/in2out/fastpath/icmp': 0,
'/nat44-ed/in2out/fastpath/drops': 0,
'/nat44-ed/in2out/slowpath/tcp': 0,
'/nat44-ed/in2out/slowpath/udp': 0,
'/nat44-ed/in2out/slowpath/icmp': 0,
'/nat44-ed/in2out/slowpath/drops': 0,
}
for pg in cls.pg_interfaces
})
and then to specify only changed counters directly when calling
one of send_and_* functions:
self.send_and_assert_no_replies(
self.pg0, pkts, msg="i2o pkts",
stats_diff=self.no_diff | {
"err": {
'/err/nat44-ed-in2out-slowpath/out of ports': len(pkts),
},
self.pg0.sw_if_index: {
'/nat44-ed/in2out/slowpath/drops': len(pkts),
},
}
)
operator | is overloaded by StatsDiff class to perform a deep merge operation,
so in above case, dictionaries for "err" and self.pg0.sw_if_index do not
overwrite whole sub-dictionaries, rather the contents are merged,
assuring that all the remaining counters are verified to be zero.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I2b87f7bd58a7d4b34ee72344e2f871b2f372e2d9
|
|
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I5e0fd1019372df0cd403725b8cac52363af13718
|
|
Some tests might want to keep vpp config in between test functions.
Add a flag to allow that.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I90243cd667dce922b43b381f3d52f4ac0f6bf3a7
|
|
TCP/UDP packets which are dropped are not counted towards TCP/UDP
counters. Apply same behaviour to ICMP packets.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I487fa7135ac8e49431a621fac213638d2dab31c8
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I4ede67c901456d57e457c648d28153423d45fb41
|
|
Breakdown the distribution of uops delivered to the frontend.
Collerates directly with the source of the uops.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I93a57dbe56dfa0f378527844aa4e63f45a548e55
|
|
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I2fd12a5b30aacdbaecb9156b829bfc06dfea377f
|
|
Type: improvement
remove the [un]lock logs, they are not useful.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I903d3088b8ed9831f931208aeb6b6862a945550c
|
|
This is required after distinguishing between max_frame_size and MTU
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ie642bee4e30ca76903bb8be5eeb6914c2c09bf35
|
|
Type: fix
Fixed coverity-issue CID 248517.
Originally possibly passing null pointer to one function and
directly dereferences it.
This patch fixes the problem by add a new condition.
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I02fc6fb5d1cfd6138ea4ba2b1946fd8a7ef34d3b
|
|
Type: test
there were multiple instances of send_and_expect_load_balancing
and a send_and_expect_one_itf which has the same functionality as send_and_expect_one.
Put one implementation of both in framework.py (where the other send_and_X functions reside).
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I7f629d440220bee29368067f475059322e1134f7
|
|
Originally after remove the policy entry in spd, macro "vec_del1"
can change localization of the last entry in vector and finally the
entry list has not been sorted.
This patch fixes this issue by change executed macro "vec_delete"
instead of "vec_del1".
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I396591cbbe17646e1d243aedb4cdc272ed4d5e25
|
|
If the user supplies an instance number when creating a wireguard
interface, it should be used in the device name. If no user-instance
is given, the device instnce (tunnel number) is used.
For example:
vpp# wireguard create instance 17 listen-port 23023 src 1.2.3.4
private-key MDEwMjAzMDQwNTA2MDcwODA5MTAxMTEyMTMxNDE1MTY=
wg17
Type: fix
Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: Ibf51868bf7b4b9e8a3f85557d05667207873bc91
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If5e6d0e8c686ea93674d6201c38b3a4d1c4786a5
|
|
Implement command line argument parsing instead of passing arguments via
environment variables. Add script for running tests without having to
invoke make. Deprecate running tests via make.
Type: improvement
Change-Id: I2e3054a61a2ae25d460e9be00be7d7705fbf943e
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Supported only when eventfd option is enabled.
Type: feature
Change-Id: Ic9d6e38604e978f7bc8e54d74fe9b8f3fc53622d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: refactor
To be consistent with the location of the IPv4 responder
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3a5c3ecc10755317591d7ff57b74770c2798e77
|
|
Type: improvement
Ethernet frames on the wire are a minimum of 64 bytes, so use the length in the UDP header to determine if the ESP payload is one bytes of the special SPI, rather than the buffer's size (which will include the ethernet header's padding).
In the case of drop advance the packet back to the IP header so the ipx-drop node sees a sane packet.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ic3b75487919f0c77507d6f725bd11202bc5afee8
|
|
Type: fix
Signed-off-by: Vyshakh Krishnan <vyshakh@rtbrick.com>
Change-Id: I0b085fd2d3d9b8e08a16585c4964101b6461bf06
|
|
Type: fix
Since commit https://github.com/DPDK/dpdk/commit/e2a6d08bef489215ebb77b1d3033875ada757cfa
DPDK started advertising scattered Rx feature for elastic network adapters. Thus, dpdk
plugin doesn't have to disable it for ENA by default anymore
Signed-off-by: akolechk <akolechk@cisco.com>
Change-Id: I2d4f429be992e3c4edcc0c3adf8c55f3d5381631
|
|
Originally XDP_FLAGS_REPLACE was passed to the function.
For kernels not defining this macro (for example 5.4) in if_link.h vpp
sets it to 0.
If kernel has this macro problem appears, replace flag requires
specifying the program to be replaced. bpf_set_link_xdp_fd wraps
around __bpf_set_link_xdp_fd_replace and passes 0 as old_fd, it leads to
an error while assessing for replacement (if 0 is passed
there is no assessing for replacement).
To address this issue no flag is passed to the function, only 0.
Type: improvement
Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com>
Change-Id: I3689ce7eb8c71c699f0e589111929979c2bbe213
|
|
Type: improvement
When the adj subsystem is notified of a BFD session, it attempts to find the appropriate adjacency from the session's key.
This could lead to a mismatch between the adj used by BFD and that of FIB. The BFD session stores the adj it is using, so FIB uses that instead.
Since adj is now using the same adj as BFD, it does not need to maintain its own locks.
In BFD it is necessary to initialise the adj index used in INVALID and ensure it is not unlock before listeners are notified of the session delete.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I9630867b10bb18969475299a0c754942a8df0f44
|
|
Type: fix
The adjacency used is then the same one as that used by routes in the FIB and so the BFD protection/fast-failover works for thise route, since they are children of the BFD protected adjacency.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I72e10b3074697cba8a002a4c1acf690983985157
|
|
When the ipfix address was changed to be an ip_address instead of
an ip4_address the output when creating an exporter via the cli
should have been modified to take the address of the v4 part of
the addr.
Type: fix
Signed-off-by: Paul Atkins <patkins@graphiant.com>
Change-Id: I141456cd9092c861a4c4aefba4035dbde23efcd6
|
|
Fix for the crash when both crypto_native_plugin and DPDK QAT
are enabled in startup conf.
Type: fix
Signed-off-by: mgovind <govindarajan.mohandoss@arm.com>
Change-Id: Ib020ed7130a99080a093c70c06d47bcacd6d23b1
|
|
Type:fix
Signed-off-by: fanxb <fxb_mail@163.com>
Change-Id: I244f6ddd0a34e82ababd375646d3bb194602b5d5
|
|
Type: refactor
IP4 does not depend on TCP (it's the other way around).
This upside down dependency leads to some nasty circular includes when trying to use ip46_address.h in interface.h
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I4a1bd21543b08b9c1cf1e5563da738414734a878
|
|
Add udp total session counts - as stat segment entries:
/bfd/udp4/sessions
/bfd/udp6/sessions
and per session packet/byte counters:
/bfd/rx-session-counters
/bfd/rx-session-echo-counters
/bfd/tx-session-counters
/bfd/tx-session-echo-counters
These counters are per-thread and per-session id.
Adjust tests to verify proper function.
Type: refactor
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: Ie597928022b6ac74c2220019b9e8e1714295f170
|
|
This change fixes multiple unused parameter warnings, narrowing
conversion warnings and identical switch statement warnings.
Type: refactor
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I4140e939c409ce06cc5aaaf5e1b042681f7ca448
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id78cdf742689a5cff356ac0aa3167af1c886b531
|
|
Type: fix
Signed-off-by: Rajith P R <rajith@rtbrick.com>
Change-Id: I8c9c85081c27bfe7ee71b5b620a2a761e027789c
|
|
Can be used for throughput testing over http. For instance, start
server:
http tps #implicitly listens on port 80
Then, to test throughput with curl:
curl <server_ip>/test_file_10g
curl <server_ip>/test_file_123m
Similarly, for https:
http tps uri tls://<server_ip>/443
curl -k <server_ip>/test_file_1g
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I30ab7f0d94a7357b3f04546e4a3d3c410a733908
|
|
Type: fix
Change-Id: Id183c47328510b5db7ffcc7a4dfb41f5a3151399
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iad7304c3a8fef14ec85c4240714feb86637411ca
|
|
Support segment and fifo sizes for now.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7242936de7a87df8a703eb371f665be5be4390d
|
|
Makes it similar to connects.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I38c328670054e1a9ba4dc4ea8fe7519a5a09e8be
|
|
Special bitmaps with VLIB_FRAME_SIZE bits.
Type: improvement
Change-Id: I48747e422e519e7b5e930fa720397459d3adbb8e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: test
The FIB UT fails in debug mode because there is no string associated woth its fib_node_type_t.
Change the tests to register their own type, which will give it a name.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I36e546718faa7241c088494cbae10939aca51d5a
|
|
It is annoying to see unsolicited message like this spew out to the
console which an end-user cares less about.
vlib_stats_rename_symlink:301: RENAME new name: /nodes/unix-cli-local:52/clocks
Type: fix
Fixes: I92a62bb1cb799e8fdc3ec4110ae3428825254f8a
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I071f3d3736c06cd95a38ec46c7e2222caad01283
|
|
Type: improvement
Change-Id: I4b89c32c224caf8a3a4ac94b26ecefffd26c7038
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Faster memcpy variant when overrun of up to SIMD register size - 1 is
accepable.
Type: improvement
Change-Id: I1fb22e2989f2156caa9f34fa096e6ff9ea9ec7b6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
not needed, '>' works...
Type: improvement
Change-Id: I9bfbac787e8dca24e9b1bceda0922740eed26346
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Half-opens are only allocated from main with worker barrier but can be
cleaned up, i.e., session_half_open_free, from main without a barrier.
In debug images, the free_bitmap can grow while workers peek the
sessions pool, e.g., session_half_open_migrate_notify, and as a result
crash while validating the session. To avoid, proactively grow bitmap in
debug images.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2410793f933fb638651fe8dc08ba78e9bee0bd77
|
|
Type: feature
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Id25e2188c9167b2e187923ebe10660e0bc9c3c0a
|
Jon Loeliger
Neale Ranns
Ed Warnicke
Rajith P R
Dmitry Valter
Florin Coras
Klement Sekera
Filip Tehlar
Ray Kinsella
Vladimir Ratnikov
Artem Glazychev
Gabriel Oginski
Klement Sekera
Vyshakh Krishnan
akolechk
Dastin Wilski
Paul Atkins
mgovind
fanxb
Klement Sekera
Nathan Skrzypczak
Damjan Marion
Steven Luong