Age | Commit message (Collapse) | Author | Files | Lines |
|
The NULL cipher is a (valid) non-AEAD choice for ESP encrypt path.
Allow it.
Type: fix
Signed-off-by: Christian E. Hopps <chopps@chopps.org>
Change-Id: I6d8b66223a0ffb0952c2dd6fa898a8a2289fef7a
(cherry picked from commit 5a2426386d31c90e833c639332a80a8b60bfed2f)
|
|
Type: feature
Change-Id: I913f08383ee1c24d610c3d2aac07cef402570e2c
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 7ca5aaac10e95306f74ea4afd52110dd46aa0381)
|
|
Fix problem with some strings not being null-terminated,
by using the vec_terminate_c_string macro in two places.
The problem was found using AddressSanitizer.
(Also make sure indentation is OK for those changes.)
Ticket: VPP-1772
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: Ib7826e3c322e58b649e2d7f6053786da618a5e9e
(cherry picked from commit 7fd402163c221919446942c0784073a56bfd4f70)
|
|
Type: fix
Fixes: 5025d40a1134272ab57c3c3f10311e31a65cd63c
Update the expression for a conditional block which should be executed
when an encrypted packet will be sent via IPv6. Coverity was
complaining that a NULL pointer could be dereferenced. It is unclear
whether that ever would have actually happened, but the updated
expression should quell the warning and should more accurately detect
whether the block for IPv6 should be executed.
Change-Id: I731cad1f982e8f55bd44e6e05e98eff96f1957bb
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit c458f5c09a21cc905aa1b53eda30736e52426418)
|
|
Type: feature
You can enable tso in starup.conf like this:
dev 0000:86:00.0{
tso on
}
TSO is disabled by default.
Change-Id: Ifdbaf5322f768c384aa54e532d7bf45e810ca01c
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
(cherry picked from commit de5ed58fdb72536ed928e12990a08104e1f89f51)
|
|
Type: feature
Change-Id: I21f8f4563f5545a684b2666f7410847e0f7bc403
Signed-off-by: Jim Thompson <jim@netgate.com>
(cherry picked from commit 4d843b9940a8fbcd0b54c8a66916b9ba66e4f2c9)
|
|
Type: feature
If an attempt was made to send an IPv6 packet over an IPv4 tunnel,
the DPDK esp_encrypt did not complete setting up
the crypto operation for a buffer, but still queued the crypto
operations that were allocated. This results in a SEGV when
attempting to dequeue them in dpdk-crypto-input.
Allow IPv6 packets to be sent over a v4 tunnel when using the DPDK
plugin esp crypto nodes.
Change-Id: Ic9a4cd69b7fc06a17ab2f64ae806ec2ceacfef27
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 5025d40a1134272ab57c3c3f10311e31a65cd63c)
|
|
In some cases it may happen that buffer is allocated by DPDK, and freed
by VPP native code. In such cases dpdk metadata is not reset, so we need
to do that during mempool dequeue. Template approach is taken to reduce
cost of that operation.
Type: fix
Fixes: 910d369
Change-Id: Ic239007cfc8fbceb965021c56963cda9d53f63be
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Extended stats are not displayed due to incorrect condition.
Type: fix
Change-Id: Ie04664e6274137462dce832bf7ee06204cd77be5
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I3ee59106ba45164a4ee3788bf4dcf5bf4c2dc1c2
(cherry picked from commit 03598c4bcc639cbfc9afa13c5b4e52440f9eae2b)
|
|
hardware-interfaces verbose'
Type: fix
It's time-consuming to execute 'show hardware-interfaces detail' in CSIT script.
'show hardware-interfaces' dumps SFP eeprom, via a software emulated I2C bus.
Currently 'show hardware-interfaces', 'show hardware-interfaces verbose' and
'show hardware-interfaces detail' give exactly the same output,
and they all will dump SFP eeprom.
Will move the SFP eeprom dump to 'show hardware-interfaces detail' only,
and use “show hardware-interfaces verbose” in CSIT script to save time.
Change-Id: I1a6e5a0ca5fce5b4f0b9a6eb4e9dfd76d45b2487
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
Type: fix
Fixes: ce3e971
Change-Id: I30bbeced2f5ae7613e65546f2b9b41e2fb514208
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
sizeof(rte_mbuf) is 128 byte but 2* CLIB_CACHE_LINE_BYTES
is 256 byte for ThunderX/OCTEONTx targets.
Type: fix
Change-Id: If6893b168cf1c55c44bf4669a888ce858f2ef487
Signed-off-by: Nitin Saxena <nsaxena@marvell.com>
|
|
Type: fix
Several Fixes:
1 - Anti-replay did not work with GCM becuase it overwrote the sequence
number in the ESP header. To fix i added the seq num to the per-packet
data so it is preserved
2 - The high sequence number was not byte swapped during ESP encrypt.
3 - openssl engine was the only one to return FAIL_DECRYPT for bad GCM
the others return BAD_HMAC. removed the former
4 - improved tracing to show the low and high seq numbers
5 - documented the anti-replay window checks
6 - fixed scapy patch for ESN support for GCM
7 - tests for anti-reply (w/ and w/o ESN) for each crypto algo
Change-Id: Id65d96b6d1d4dd821b2ab557e87468fff6d70e5b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
The fast path almost always has to deal with the real
pointers. Deriving the frame pointer from a frame_index requires a
load of the 32bit frame_index from memory, another 64bit load of the
heap base pointer and some calculations.
Lets store the full pointer instead and do a single 64bit load only.
This helps avoiding problems when the heap is grown and frames are
allocated below vm->heap_aligned_base.
Type: refactor
Change-Id: Ifa6e6e984aafe1e2755bff80f0a4dfcddee3623c
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
If the corresponding vpp plugin is absent, return a non-zero
clib_error_t * from vat_plugin_register ("xxx plugin not loaded"). The
vat plugin calls dlclose on the vat plugin, and it disappears.
Depending on the plugin configuration, this can reduce the vpp virtual
size by several gigabytes.
Added a VAT_PLUGIN(<plugin-name>) macro to vat_helper_macros, clean up
boilerplate vat_plugin_register() implementations. Fixed a number of
non-standard vat_plugin_register methods.
Type: refactor
Change-Id: Iac908e5af7d5497c78d6aa9c3c51cdae08374045
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Print the SPI in hexadecimal and decimal.
Type: feature
Change-Id: I012e94f9147058064e06c6bb4622ab6b6507957d
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
|
|
Check the returned pointer, report error and return in case of failure.
This avoids crashing without any useful clues or debug messages.
Type: fix
Change-Id: I15d0735a531c2d9a8b6f67b7d6fe326b98c963c3
Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
|
|
.. and remove helper stat struct for keeping last cleared stats.
This is not needed anymore as dpdk lib provides rte_eth_dev_reset().
Change-Id: I78076e689aac7ca70836ce688dfa8e704f64cd84
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: I421192e1921d4c9c5486a6dcca745582aebf4e3e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Explains a variety of hard-to-diagnose problems with certain Atom and
Denverton NIC types.
I finally tripped over a highly-repeatable failure: home gateway
use-case bitten by refusal to negotiate a DHCP lease for the trunk
port.
The dhcp client won't send pkts unless VNET_HW_INTERFACE_FLAG_LINK_UP
is set on the tx hw interface:
/* Interface(s) down? */
if ((hw->flags & VNET_HW_INTERFACE_FLAG_LINK_UP) == 0)
return;
Change-Id: I17ef2ba7b39078555fa27d2d874a60c67e1530ee
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
This patch enables bonding numa awareness on multi-socket
server working in active-backeup mode.
The VPP adds capability for automatically preferring slave
with local numa node in order to reduces the load on the
QPI-bus and improve system overall performance in multi-socket
use cases. Users doesn't need to add any extra operation as
usual.
Change-Id: Iec267375fc399a9a0c0a7dca649fadb994d36671
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
We have native implementation and we should not maintain both....
Change-Id: Ic09ebffda52cdc733b3cfeff06690e0d3cc08084
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I0e28d059143fb7489d27a10c5b4a152d0d7dfb1f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
copy vlan strip config from default device
Change-Id: I4ad1c159bad964fd1900b5ae4960b7014dd9f9b1
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
|
|
Reorder foreach_dpdk_rss_hf to fix rss configuration error issue.
Change-Id: Idec45534cd7dfe810b25584b1b27ac52b1c45110
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
|
|
show_dpdk_hqos_queue_stats
Change-Id: Ic1a900e0fb85ee016af21535764dfca2e6282194
Signed-off-by: cohu <cong.hu@tieto.com>
|
|
When the same worker thread processes packet for encrypt and decrypt,
ie. single worker with bi-directional traffic, given that the queue is
shared results in packets to be decrypted being dropped as the encrypt
always happens first for each main loop.
With this change, each crypto device queue is logically split into two
queues, each half the real size, avoiding the described problem.
Change-Id: Ifd3f15e316c92fbd6ca05802456b10a7f73f85da
Signed-off-by: Sergio Gonzalez Monroy <sgmonroy@gmail.com>
|
|
The vlib init function subsystem now supports a mix of procedural and
formally-specified ordering constraints. We should eliminate procedural
knowledge wherever possible.
The following schemes are *roughly* equivalent:
static clib_error_t *init_runs_first (vlib_main_t *vm)
{
clib_error_t *error;
... do some stuff...
if ((error = vlib_call_init_function (init_runs_next)))
return error;
...
}
VLIB_INIT_FUNCTION (init_runs_first);
and
static clib_error_t *init_runs_first (vlib_main_t *vm)
{
... do some stuff...
}
VLIB_INIT_FUNCTION (init_runs_first) =
{
.runs_before = VLIB_INITS("init_runs_next"),
};
The first form will [most likely] call "init_runs_next" on the
spot. The second form means that "init_runs_first" runs before
"init_runs_next," possibly much earlier in the sequence.
Please DO NOT construct sets of init functions where A before B
actually means A *right before* B. It's not necessary - simply combine
A and B - and it leads to hugely annoying debugging exercises when
trying to switch from ad-hoc procedural ordering constraints to formal
ordering constraints.
Change-Id: I5e4353503bf43b4acb11a45fb33c79a5ade8426c
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Id406eb8c69a89c57305d8f138e8e6730037aa799
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Recent changes removed the function that was incrementing the
tx counters. Increment them in the esp_encrypt functions.
Change-Id: I446333a23ccf66e34893adb2aa49af562cf35507
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
The function dpdk_ol_flags_extract should return u16
instead of u8.
Change-Id: Id0b08b04c93598818f9a2eee5a88733900320dfa
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Change-Id: Idc3763c38f5aa638d4f290f4d4730577601d78b8
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
Change-Id: Ide2a9df18db371c8428855d7f12f246006d7c04c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ia092a93a7ac0cbf9338f9d4a5db8b94b23549a13
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I65e7188c6893acca67455ff37f2dfbd0bedd5c09
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
The memory areas storing vlib_buffer_t and ip4|6_and_esp_header_t
are not prefetched. The patch help dpdk_esp_encrypt to reduce 18
clocks/pkt from 149 to 131 on Haswell when running IPsec in tunnel
mode.
Change-Id: I4f4e9e2b3982a4b7810cab8ed828a5e4631f8f8c
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Change-Id: I65b1af5fa0cec4f9789f91f720d1396d06fa0206
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
As DVN has fewer DTLB entries supported for 2M page, default numbers of
RX/TX descriptors are changed to 512 if nums of RX/TX descriptors are not
specified by VPP users.
Change-Id: I076493b802b15d12750a5b49d1554da4d19ad460
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Change-Id: I48cd8052f9509efdf13f64ab279edb66a2d4a0a9
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
Change-Id: Idfcf1644952d647c6e1b61216d9b365d58b77814
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
VPP rdma driver relies on an internal rdma-core not compatible with DPDK
MLX driver. Force the use of external rdma-core through
RTE_IBVERBS_LINK_DLOPEN DPDK build option and make sure internal
rdma-core symbols are not leaked outside of the rdma plugin.
Change-Id: I5b2281259f517c4e109d388d172b72eadd69986f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
When building with environment variables set to enable mlx PMD
support in DPDK, an error occurs:
CMake Error at plugins/dpdk/CMakeLists.txt:104 (vpp_plugin_find_library):
vpp_plugin_find_library Macro invoked with incorrect arguments for macro
named: vpp_plugin_find_library
Update a call to vpp_plugin_find_library() to include the right
number of parameters.
Change-Id: Ia0d66f93c6f94fdf822e2c3c4fe3f0ad01a90d57
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Change-Id: Ib828ea5106f3ae280e4ce233f2462dee363580b7
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I0b996460e05c40e74766563fb2a94c62a65063ce
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib73352d6be26d639a7f9d47ca0570a1248bff04a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I81ecdf9fdcfcb017117b47dc031f93208e004d7c
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
With the following local patch, VIC adapters remove default vlan tags
from ingress packets. So, it is no longer necessary to enable VLAN
stripping by default. This change also allows VLAN sub interfaces to
work with VIC adapters.
patches/dpdk_19.02/0001-net-enic-untag-default-vlan-by-default.patch
Change-Id: I2e7d62c62120c351c27d827d90de4a8335efa044
Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
|
|
Change-Id: Id5b30d7a394551844a79b3d222d2d26194d033df
Signed-off-by: ChenminSun <chenmin.sun@intel.com>
|
|
Change-Id: I572cbba817275d85c200a4b09a63f4650075f638
Signed-off-by: Jay Lubomirski <jlubomir@cisco.com>
|