aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-11-13NAT: Buufer overflow for memcpy()Ole Troan1-3/+2
Change-Id: I11d1f9507d429ad8b25e9873272ede231623e622 Signed-off-by: Ole Troan <ot@cisco.com>
2017-11-12session: add handle to disconnect_session_reply api msg.Dave Wallace1-1/+1
Change-Id: I40f80110f5224b676d60252f9721fd1bc8a10b58 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-11VCL: clean up disconnect_session debug output.Dave Wallace2-45/+61
- Run VPP in xfce4-terminal in VCL unit tests. Change-Id: Iba6a870617a811261de0a54fa38cdb5109ae1d07 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-12VCL/LDPRELOAD: Fix out-of-bounds access and inequality comparison coverity ↵Steven2-56/+47
errors Fixed out-of-bounds access in vcom_socket.c by limiting the copy to the size of the address field that was passed. Truncation will occur if the address field is not big enough. Fixed inequality comparison in vppcom.c by using the predefined macro MAP_FAILED. Change-Id: I9517c29ae811d08058621bd548a352b4d4f05139 Signed-off-by: Steven <sluong@cisco.com>
2017-11-11ACL: Add coding-style-patch-verification and indent.Jon Loeliger1-965/+1260
Change-Id: I2397ada9760d546423e031ad45535ef8801b05e7 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-11-11ACLs: Use better error return codes than "-1" everywhere.Jon Loeliger3-20/+22
Added two new errors: ACL_IN_USE_INBOUND ACL_IN_USE_OUTBOUND Update ACL tests to expect new, precise return values. Change-Id: I644861a18aa5b70cce5f451dd6655641160c7697 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-11-11MPLS disposition actions at the tail of unicast LSPsNeale Ranns10-39/+222
Change-Id: I8c42e26152f2ed1246f91b789887bfc923418bdf Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-11Update CPU listDamjan Marion1-17/+35
Change-Id: Ibee8973270366c38dced6eb3e8ca41784549183a Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-11dpdk: optimize buffer alloc/freeDamjan Marion1-49/+118
This reverts commit 45a588fa3efaaf52360986360ab1f6827bae3164. Change-Id: I7e541545791f7743ee827bdec8b6fc46cbb0938f Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-11Handle CPU flags from autotools projectDamjan Marion6-35/+28
Change-Id: Id085c1e3cbc7bf03df02755f9e35896cdb57e9e3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-10VCL: Fix accept state machine, EPOLLET logic.Dave Wallace2-178/+258
Change-Id: I909b717e5c62e91623483bdbb93d9fe4c14f0be7 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-10Map SVM regions at a sane offset on arm64Brian Brooks1-1/+7
Mapping shared virtual memory at 0x30000000, which appears to be derived from x86-32, turns out to be too close to the heap on arm64 systems. The symptoms of memory corruption were random and included crashes in the Python runtime and what appeared to be corruption of malloc's internal mutex. Thanks to Gabriel Ganne for pointing out that disabling ASLR seemed to mitigate the situation. This patch maps SVM regions at an offset from the arm64 kernel constant TASK_UNMAPPED_BASE and also assumes a 48-bit VA (for Ubuntu). Change-Id: I642e5fe83344ab9b5c66c93e0cf1575c17251f3b Signed-off-by: Brian Brooks <brian.brooks@arm.com>
2017-11-10VCL-LDPRELOAD: Fix epoll_pwait timeout.Dave Wallace2-12/+17
Change-Id: I5712f45c35dbdf34141c42b9d864cad1f918e5e8 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-10Break up vpe.apiNeale Ranns29-2523/+2888
- makes the VAPI generated file more consumable. - VOM build times improve. Change-Id: I838488930bd23a0d3818adfdffdbca3eead382df Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-10make test: fix logic for CACHE_OUTPUT optionKlement Sekera1-1/+1
Change-Id: I9938c0154c860913e27cecb18ec68f247943a2e6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-11-10add warning control macro setGabriel Ganne2-11/+106
Add a way to toggle on and off a warning for a specific section of code. This supports clang and gcc, and has no effect for any other compilers. This follows commit bfc29ba442dbb65599f29fe5aa44c6219ed0d3a8 and provides a generic way to handle warnings in such corner cases. To disable a warning enabled by "-Wsome-warning" for a specific code: WARN_OFF(some-warning) // disable compiler warning ; /* some code */ WARN_ON(some-warning) // enable the warning again Change-Id: I0101caa0aa775e2b905c7b3b5fef3bbdce281673 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-11-10Further fix to SHG handling for ARP/ICMPv6 from BVI in a BDJohn Lo1-6/+25
For ARP/ICMPv6 packets received from a BVI in a BD, allow flood to all remote VTEPs via VXLAN tunnels irrespective of SHG check for ARP request or ICMPv6 neighbor solicitation packets only. All other packets types will flood normally as per SHG check. Change-Id: I17b1cef9015e363fb684c2b6506ed6c4efe70bba Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 5b99133cff1ff0eb9043dd8bd3648b0b3aafa47e)
2017-11-10add classify session action set-sr-policy-indexGabriel Ganne7-1/+196
This allows to use the classifier to steer source routing packets instead of using the "sr steer" command. This way we can steer on anything instead of only the dst ip address. test: * add add_node_next function to the VppPapiProvider class. * add simple test scenario using the classifier to steer packets with dest ip addr == a7::/8 to the source routing insert node. * use new interface indexes (3,4) instead of (0,1) to prevent a cleanup conflict with the other tests which attach a specific fib to the interface. The test creates interfaces sepsrated from the other tests to prevent a conflict in the cleaning of the ip6 fib index 1 which causes vpp not to be able to find a default route on this table. Change-Id: Ibacb30fab3ce53f0dfe848ca6a8cdf0d111d8336 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-11-10Allow Openssl 1.1.0Marco Varlese5-12/+159
This patch addresses all the code changes required to VPP to support openssl 1.1.0 API. All the changes have been done so that VPP can still be built against current openssl API whilst forward-looking to version 1.1.0. Change-Id: I65e22c53c5decde7a15c7eb78a62951ee246b8dc Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-11-10make test: automatically seed random generatorKlement Sekera3-14/+34
Change-Id: I286b61d41cc2b557de3eb8801ff95c643f680acd Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-11-10vppinfra: add 512-bit vector definitions and typesDamjan Marion1-0/+25
Change-Id: I245c034684ba8585c8f5bb5353027aba13f8a53e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-10Fix bug in key calculation for IPsec tunnel interfaceMatthew Smith1-2/+2
When IPsec tunnel interface has the inbound SA updated, the key used to find the right interface for inbound packets was being generated using the destination address instead of the source. Change-Id: Id5a6fb1511637c912b329aad65188789646a5889 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-11-10session: add app ns index to ns create apiFlorin Coras3-4/+66
Change-Id: I86bfe4e8b0a899cc54c9b37eeb5eec701d0baf3d Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-10Add sw_if_index to the ip_neighbor_details_t response.Jon Loeliger2-4/+9
When a DUMP with sw_if_index == ~0 is used to get all Neighbor entries for all interfaces, it is unclear in the details to which interface the neighbor belongs. Clear that up by returning the associated sw_if_index as well. Change-Id: Ib584a57138f7faceffed64d7c1854f7af92e0e42 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-11-10session: use listener logic for proxy rulesFlorin Coras5-53/+133
This moves session proxy logic from session rules tables to table/logic used to manage session listeners in order to avoid overlap of semantically different rules. Change-Id: I463522cce91b92d942f6a2086fb14c3366b9f023 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-10VOM: enum_base - not constexpr to appease coverityNeale Ranns1-23/+23
Change-Id: Id87e245882eab80a85a2883ffdb7a0f3b7f26a75 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-10VOM: memset DHCP hostname in VPP APINeale Ranns1-0/+1
Change-Id: I74886c31f8ceba2561679513560cf5ae46757236 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-10BIER: replace uintXX_t with uXXNeale Ranns4-12/+12
Change-Id: I0ba698da9739c11de3a368fe4cf3617167a8d854 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-10session: use pool for segment manager propertiesFlorin Coras5-37/+83
Change-Id: I280fea2610dcfc0b2da84973b9f567daec42f1f6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09tcp: call accept notify after full connection initFlorin Coras1-9/+9
Change-Id: I69998aa4eb587d80fc61d14bb28a9318a318f9ec Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-10Add udp.api.h to vnet.amFlorin Coras1-1/+2
Change-Id: I77c1da7ba3770637a3414226f7ade229b8b0d216 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09VCL: Set debug output level from env varDave Wallace3-37/+67
Change-Id: Ia99047715ed652eca1aea1e4144e407f9608d59e Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-09session: fix app index in unbindFlorin Coras1-1/+1
Change-Id: Iff1a665b6cf9ca2def0fcdacf02d7f8c579c0f4e Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09buffers: fix bug in free list n_alloc trackingKlement Sekera1-0/+1
This change avoids hitting ASSERT (vec_len (f->buffers) == f->n_alloc); in vlib_buffer_delete_free_list_internal by updating vlib_buffer_free_list_t->n_alloc in case when buffers are removed from the free list due to overfill. Change-Id: Id60fa97e8cb0f02ef529b05816265a57a4e7d998 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-11-09memif: use clib_socket_t for socket connectionsDamjan Marion4-210/+122
This reverts commit 590acf8fa7af6a8604edd72a32f9f087be52c767. new version includes minor fix for the crash when the interface is deleted. Change-Id: I8fc56eb9145e4d8e1d410206f84e705045898608 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-09VOM: Inspect: fix the bugMohsin Kazmi1-2/+1
If key is passed without ":", results in segmentation fault. This patch fixes this issue. Change-Id: I4e6bb3431c261cc2ac752b966a11edd7aa3304a0 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2017-11-09VOM: Makefile: Fix the execution time initialization orderMohsin Kazmi1-1/+1
When compile with gcc version 4.8.5, the compiler doesn't able to optimize the execution time initialization order. This patch fixes the initialization order. Change-Id: I14eacdf30f7ef481f72452adfc955400e37ae559 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2017-11-09BIERNeale Ranns73-147/+10133
- see draft-ietf-bier-mpls-encapsulation-10 - midpoint, head and tail functions - supported payload protocols; IPv4 and IPv6 only. Change-Id: I59d7363bb6fdfdce8e4016a68a9c8f5a5e5791cb Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-09session: lookup/rules table improvements and cleanupFlorin Coras7-207/+363
Change-Id: I5217364220023df34d5bee071cb750df1661b093 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09session: fix app ns list cli dumpFlorin Coras1-4/+8
Change-Id: I9b0a4676d088bc7587d12023fc3a3ea53aeaba20 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09Port restricted NAT44 (VPP-1048)Matus Fabian3-8/+181
For the MAP-E CE limit port choice based on PSID CLI: nat44 addr-port-assignment-alg map-e psid <n> psid-offset <n> psid-len <n> Change-Id: Iecceee61fca372cb5790c16993a82fbdc9930f0f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-11-09Remove boost-log link dependency from test/ext/MakefileNeale Ranns1-1/+0
Change-Id: I388526c31c75e6af694b96141497c0c67d8fe310 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-09VOM logger levels fixNeale Ranns1-4/+4
Change-Id: I0e627adb7846a33ee6e43f66cde648b4ae7f5cd4 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-09lock initJingLiuZTE1-0/+1
writer_lock must be inited before used. Change-Id: Ib258aa09b3bccc4de6edba0eb75a7eec20f1a61f Signed-off-by: JingLiuZTE <liu.jing5@zte.com.cn>
2017-11-08memif: do not mask head and tail pointersDamjan Marion6-127/+101
Change-Id: Ie849ab713ff086187c18a91ab32e58207fe94033 Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech>
2017-11-08ACL plugin support tagged subinterfacesPavel Kotucek4-270/+820
Change-Id: I92b351895c7efb26533c05512b91ead8ddbfb9c8 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-11-08punt: fix sendmsg() failure detectionKlement Sekera1-1/+1
Change-Id: Ia8941b7b90f14dd688aca215b2dae1cc5c8f4472 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-11-08jvpp: test measuring number of invocations per time (VPP-619)Matej4-2/+454
test provide two ways to count invocations: 1) maximum number of invocations and received replyies within 1 sec 2) measure time in ns from first request to receiving last reply over set amount of requests specific command is included in Readme results from testing on my local machine were: 350K/sec Callback Api Read - show version 250K/Sec Future Api Read - show version 120K/sec allback Api Write - add table Change-Id: Ie0383d848b98ee2b4b90c38a827a24acd28cac72 Signed-off-by: Matej <matej.perina@pantheon.tech>
2017-11-08session: fix show app ns table cliFlorin Coras1-10/+15
Change-Id: I188e0471636683345bd9daa779c3680a616c2244 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-08NAT64: fixed csum crash (VPP-1055)Matus Fabian2-28/+25
Change-Id: I28c8abe49c9858966a66530d3dc41c074c6901f3 Signed-off-by: Matus Fabian <matfabia@cisco.com>