aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-04-22svm: asan: fix asan supportBenoît Ganne1-2/+2
- restrict the unittests SVM address space to what is supported by ASan - mark SVM mmap()ed address space accessible for ASan - SVM shared memory heap scheme means some allocation can happen outside the current process. Lazily mark those accessible for ASan Type: fix Change-Id: I7c196c80b2a5297651d0afa54f1a8e478fcf59b1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-22misc: fix coverity warningsDave Barach1-2/+3
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I9ec87d2293d8f92c3e488a0f61083cf815ac496c
2020-04-22misc: asan: do not poison memory after munmap()Benoît Ganne1-2/+0
It is a bad idea to poison memory after munmap because the address space can be reused (eg. for global data of dlopen()ed object) and ASan model allows access by default. Moreover, access to a stale address space will fault. Type: fix Change-Id: I356de422f255447d9d50a3a71fb0c2eaa790d731 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-22devices: Adding ConnectX-6 DX Device ID for validationAmir Zeidner1-2/+7
Type: fix Change-Id: I3c7ebbe91e7dffe9fd6851e5334fe920f2187cf0 Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
2020-04-21nat: dslite ce mode in separate config entryVladimir Ratnikov2-4/+20
Previously dslite was moved to separate plugin folder and CE mode was removed. But it still needed. This patch adds CE option to separate config entry Type: feature Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: If153ae08fa385ba5a6605cb412e49bbb4d1db46c
2020-04-21vppinfra: bihash improvementsDave Barach1-6/+6
Template instances can allocate BIHASH_KVP_PER_PAGE data records tangent to the bucket, to remove a dependent read / prefetch. Template instances can ask for immediate memory allocation, to avoid several branches in the lookup path. Clean up l2 fib, gpb plugin codes: use clib_bihash_get_bucket(...) Use hugepages for bihash allocation arenas Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Damjan Marion <damarion@cisco.com> Change-Id: I92fc11bc58e48d84e2d61f44580916dd1c56361c
2020-04-20svm: check if fifo free list index is valid on allocFlorin Coras1-12/+29
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com> Change-Id: Ib85c2f01dc7ec9858f2f88b89e209f989d78c5d9
2020-04-20nat: remove unused codeKlement Sekera5-484/+3
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If5c00faa309cf3e1ea8bdf8b23250041f6a499c4
2020-04-20gbp: fix l3-out anonymous test cleanupBenoît Ganne1-3/+13
Type: fix Change-Id: Ib455b0a57f9b4f9cb82bb295c220270d0c6e5fe5 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-20tls: fix Picotls tx hang issueSimon Zhang1-2/+2
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: Id84fbe412c99b39a0754b892ca971dd3e4434264
2020-04-17dpdk: fix udp-encap for esp in transport modeAlexander Chernavin2-10/+9
Now UDP encapsulation doesn't work in transport mode because: - the encrypt node misses filling of UDP header and it gets sent with all zeros; - the decrypt node misses filling of new IP header and it contains garbage data. With this commit, fill UDP header during encryption and fill IP header during decryption. Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36 Type: fix Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-04-16igmp: fix igmp proxy group mergeBenoît Ganne6-24/+25
When merging proxy groups in igmp_proxy_device_merge_group(), the call to igmp_proxy_device_merge_src() can end up removing the current proxy group via igmp_group_clear(). When that happens, it must returns NULL so that igmp_proxy_device_merge_config() does not send a IGMPv3 report for a dead proxy group. Make igmp_group_clear() reset the group pointer to NULL to fix this bug and to detect similar bugs more easily. Type: fix Change-Id: I229e55b5bfa71734d7844893f5209a66fa3cc8ae Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-16nat: scavenging functionality removedFilip Varga7-392/+9
Type: refactor Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-04-15urpf: Allow locally generated packets on TXNeale Ranns1-2/+9
Type: fix Change-Id: I87d301aec20b9f5b34997b394493c796188fce14 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-14urpf: Unicast reverse Path Forwarding (plugin)Neale Ranns9-0/+1535
Type: feature - move the IP4 code to plugin - add ip6 support - add suport for uRPF on TX - add tests Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-13dhcp: fix unicast pkts, clean up state machineDave Barach2-49/+42
Send dhcp unicast packets to ip4-lookup. Otherwise, these packets won't reach a dhcp server on a different subnet. Do an immediate client scan after processing wakeup events. Calculate the next process wakeup time by scanning all clients. Increase maximum (idle, no-clients-configured) timeout to 1000 seconds. Reduce log spew. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I3d10cd4c353298ed0b19e7e30887dc1d8d07b19e
2020-04-11tls: make ctx_write function return the length of enqueueSimon Zhang1-1/+1
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: Ia8656fe2c48799e53c1b2c064009848ad3457659
2020-04-10udp: remove connected udp transport protoFlorin Coras3-10/+1
Type: refactor To reproduce functionality, use udp in combination with TRANSPORT_CFG_F_CONNECTED transport flag set in connect and listen parameters. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id88470c38326f8168b9646b0de49a674e0f4266f
2020-04-10quic: fix clean stream closeAloys Augustin2-9/+26
Properly close the stream sending side instead of resetting the entire stream. Change-Id: I2daca7e507daa7bf9cd6a27fa8828a9ea7d175f9 Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2020-04-10geneve: Fix the byte swapping for the VNINeale Ranns1-2/+3
Type: fix - swipe away the vomit indent left last time. - add tests for VNIs > 16bit Change-Id: I2d1f591bfb9d7a18996c38969365a509168d4193 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-09tls: adopt picotls engine to new session scheduling mechanismSimon Zhang1-2/+2
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: I58fea0474e293d5e6a029e0dccd4a24b07b76a90
2020-04-08udp: cleanup input nodeFlorin Coras1-2/+2
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ida9daefc20a161b36d6f36c56267123c7f2efc01
2020-04-08ping: fix buffer allocator error handlingDave Barach1-0/+2
The code sets f->n_vectors = n_to_send, but it can bail out of the loop if vlib_buffer_copy(...) returns 0. Need to fix f->n_vectors in the error return path, or we enqueue some number of 0xfefefefe buffer indices in a debug image or worse in a production image. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2d886266006c6c1c2f9ef8e3b95eb46ac6c0b3df
2020-04-08misc: check return values from vlib_buffer_copy(...)Dave Barach7-4/+27
vlib_buffer_copy(...) returns NULL if the system is temporarily out of buffers. This is NOT correct. Please don't be this person: c0 = vlib_buffer_copy (vm, p0); ci0 = vlib_get_buffer_index (vm, c0); Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic25ef58965871ea5d2b40904df9506803f69e47e
2020-04-08gbp: More reliable unit-testsNeale Ranns1-16/+16
Type: fix the GBP unit tests would peridocially fail. The reason being that there is dynamic state whose presence nneds to be created, tested and then timeed out. The failures occurded when the timeout occured before the state could be tested. the previous timeout was 2 seconds, this has been doubled, as a result i saw no faliures running continuously for ~16 hours. bumping the timer increasing the test run time from ~40 to ~53 seconds, a small price to pay. in test cases where the state is not timed out i bumped the timer to 60 seconds. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I11b0970570caa8eebf486fe8cd8e44a4b2b1fc36
2020-04-08nat: use correct data types for memory sizesKlement Sekera8-25/+25
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Id2d181385f109163d4c806eecda166c2087c4b92
2020-04-08acl: fix unresolved symbol for format_fib_prefix in vat pluginNeale Ranns1-8/+8
Type: fix Change-Id: I5bf8d6043a49985b9241df8ff24774892678b557 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-08nat: ED: global session LRU listKlement Sekera6-19/+110
Maintain a global session LRU allowing reuse of expired session instead of relying on a scavenging mechanism to periodically walk sessions. Whenever a new session is being allocated in slow path, also attempt to free an expired session from global LRU list. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9edde9ec138de67c9a4888e915b0490ec16415fa
2020-04-08nat: preallocate poolsKlement Sekera1-0/+3
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I1be559a98f74c28a9c83fe320c8ce02459793e66
2020-04-07nat: ED: port re-use algorithmKlement Sekera6-45/+196
Type: fix Change-Id: I11440c855eb35d2a6095dfe135e4ab5090f11ff3 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-04-07nat: don't drop packet for expired sessionKlement Sekera3-6/+4
If session is expired, the packet which we just received might be a one, which legitimely creates a new session, process it in slow path instead to decide the outcome. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I45628f52d37ae9dee5e8aa58171ff0b86f91f5dd
2020-04-07ikev2: make liveness params configurableFilip Tehlar7-4/+130
Introduce new cli for setting liveness check period and max retries for a peer to consider its partner dead. ikev2 set liveness <period-in-seconds> <max-retires> Type: improvement Change-Id: Iadae1de245d34fe3ee85e09b570f9df8c401772b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-04-07sr: Support uSID function.Tetsuya Murakami5-561/+3
1. Add uSID function in VNET SRv6 2. Add test case for uSID Type: feature Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: I354fc687192ed713ceb81fccc9f7b69b6777f6f6 Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
2020-04-06vcl session: enforce full dgram reads/writesFlorin Coras1-8/+13
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4a3861e31ca42faf0b59f8f09393fb10413bf3af
2020-04-06session udp: shared local endpointsFlorin Coras1-1/+1
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie7102355b95eefb233ec7d146e61819051a7bf07
2020-04-06misc: fix python sonarcloud BLOCKER level issuesPaul Vinciguerra2-4/+7
Fix of the top 11 python issues flagged as BLOCKER. Ticket: VPP-1856 Type: fix Change-Id: Icf4691e62f4a69d6ee196b6d6e2ab52d961b5c76 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-06ikev2: fix wrong index computationFilip Tehlar1-1/+1
Type: fix Change-Id: Ia7b07b4ec9e5681946f3f5c01c230c1f814e2cf6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-04-04misc: strcpy be goneDave Barach4-6/+8
Causes static analysis "vulnerability" warnings Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I272fa69251d70f62178e6dff0423c16f99937af1
2020-04-04session tls: support tls deschedulingFlorin Coras4-27/+43
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ieb8bb9c6deb92479fdd3e045778fe5ae4782d1ea
2020-04-04session tls: improve app transports tx schedulingFlorin Coras3-17/+17
Type: improvement - allow apps to request rescheduling of tx events via SESSION_F_CUSTOM_TX flag - limit max burst per session custom tx dispatch In tls - use the new infra to reschedule tx events - use max burst bytes as upper limit to number of bytes to be encrypted Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I544a5a3337af7ebdff3406b776adf30cf96ebf3c
2020-04-04misc: sprintf be goneDave Barach6-28/+39
Along with related static analysis warnings... Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2c6949c7a2250b8f76a63508c7c210daecfe0f91
2020-04-03session: improve error reportingFlorin Coras10-37/+39
Type: improvement Change-Id: I9dd850a1ce85b0adb5136233f176117e0ee38817 Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-04-03session udp: fix transport flags and migrationFlorin Coras2-5/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I840d43e79b1f826380bd56485441510e45bdfc7f
2020-04-03session: remove obsolete apisFlorin Coras1-1/+0
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia14800710aca7c1bc315b6da3c69d623f79a5b63
2020-04-03ip: remove vl_api_address_family_t byte order swapJakub Grajciar1-4/+4
Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I8074db3623ee4b37ac70ce8ea0d1912b97e5c059
2020-04-02dpdk: VM VHOST tests with rxq>1 failingSteven Luong1-0/+1
DPDK recently added a check in the virtio driver to make sure that rxmode->mq_mode == ETH_MQ_RX_NONE. We were passing ETH_MQ_RX_RSS and the device initialization was not accepted. The reason for the change in DPDK was that there is no controls (algorithm, redirection table, hash function). So they thought ETH_MQ_RX_NONE was the best choice for the value of mq_mode. Type: fix Ticket: VPP-1853 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ifa0fc4206cedc56a851f94f6434a2a7500bbd419
2020-04-02tcp: move features to separate filesFlorin Coras1-0/+1
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia477b8dba9266f47907967e363c11048e5cd95ab
2020-04-01session udp: support connect on listenersFlorin Coras1-1/+1
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6aaaec20a2b6d4c6ddfbe659d9402acc1be2f7e2
2020-03-31nat: fix unknown proto translation out2in_edAlexander Chernavin1-2/+2
An unknown proto packet can be processed as UDP with destination port rewriting which breaks the original packet. With this commit, stop processing unknown proto packets after nat44_ed_out2in_unknown_proto() execution. Type: fix Change-Id: Iea93faf3c282f542d5ee7120c15e1027c1e4abc9 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-03-31ikev2: fix crash during peer live checkFilip Tehlar1-1/+8
Fix crash when peer tries to build INFO req before key exchange which results using NULL key pointers for crypto operations. Type: fix Change-Id: I20aaf1ce769e4bfb45235047c2dd38307b4e0b59 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>