aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2021-07-21hsa: separate ctrl and test session accept vcl serverFlorin Coras1-1/+43
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id6bcf6511c904c8625c0845cd9758539f35e6b50
2021-07-19nat: harden ICMP handlingKlement Sekera4-49/+110
Verify that headers are not truncated and that checksums are valid. Correct checksum computation in translation code. Type: fix Change-Id: I6acfcec4661411f83c86b15aafac90cd4538c0b5 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-07-16dpdk: improve tx offload formattingMohsin Kazmi1-16/+32
Type: improvement Change-Id: I06eaf39b1e441045c3402cbf40339054ad26ade9 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-07-16snort: snort3 plugin and DAQDamjan Marion8-0/+2326
Zero copy interface which exposes VPP buffers to snort instance(s). Includes VPP DAQ which is compiled only if libdaq 3 API headers are available. Type: feature Change-Id: I96611b43f94fbae091e7391589e0454ae66de88b Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-07-15dpdk: enable RX interrupts for the virtio driverRobert Shearman1-0/+8
Type: improvement Request use of RX interrupts for virtio if the system will support it, which is done by applying the same check as in the virtio driver, namely whether multiple interrupts are supported. This allows the use of RX adaptive/interrupt mode instead of just polling, which is useful in virtualised environments where functionality may be more important than performance and so using polling mode is wasteful. Signed-off-by: Robert Shearman <robertshearman@gmail.com> Change-Id: I29527b6f04b0b1d0c9f9424751b2bd252ed10505
2021-07-15acl: Fix the CLI to accept IPv6 prefixesNeale Ranns1-16/+5
Type: fix DBGvpp# set acl-plugin acl src 1::1/128 dst 2::/64 DBGvpp# sh acl-plugin acl acl-index 0 count 1 tag {cli} 0: ipv4 permit src 1.1.1.1/32 dst 1.1.1.2/32 proto 0 sport 0-65535 dport 0-65535 acl-index 1 count 1 tag {cli} 0: ipv6 permit src 1::1/128 dst 2::/64 proto 0 sport 0-65535 dport 0-65535 Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ibb8e20dd4ec2792f423a61eefe7398175e45a577
2021-07-15linux-cp: clear all db entries when deleting a pairSergio Gonzalez Monroy1-1/+2
Type: fix Change-Id: I5677cbb183b10c974a3a2e569d1a7a525a7eb45d Signed-off-by: Sergio Gonzalez Monroy <sgmonroy@gmail.com>
2021-07-15misc: replace CLIB_PREFETCH with clib_prefetch_{load,store}Damjan Marion30-121/+110
Type: refactor Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-07-15nat: nat44-ed sm fixFilip Varga1-15/+13
Fixing nat44-ed identity map in2out communication. TCP packets would get dropped because of the order of testing TCP state. Type: fix Change-Id: Ib11e7e75c66945224fecc0bb311733672e315c7d Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-07-14nat: refactoring NAT44ED cfg functionsFilip Varga4-344/+500
Refactored & fixed NAT44ED configuration functions used for handling interfaces and nodes. Type: refactor Signed-off-by: Filip Varga <fivarga@cisco.com> Change-Id: I6fbbb7f0fe35d572675997745d53290152987424
2021-07-13misc: remove vnet_all_api_h and vnet_msg_enumFilip Tehlar1-1/+0
These file are no longer needed Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I34f8e0b7e17d9e8c06dcd6c5ffe51aa273cdec07
2021-07-13mss_clamp: coverity test fixMiklos Tirpak1-3/+6
Silence the coverity test with setting the interface index in a variable before the boundary check. Type: fix Change-Id: I9bd6db08bfef93142581dada0b6a7d78b7de91e7 Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com>
2021-07-13misc: fix init order to avoid startup warningsBin Zhou (bzhou2)2-8/+8
Put plugin init order inside plugin instead of in vnet Type: improvement Signed-off-by: Bin Zhou (bzhou2) <bzhou2@cisco.com> Change-Id: Icbacdb3f1cb4ac9d74e3f78458e8bc333793b4d6
2021-07-13dpdk: add base-virtaddr config optionRobert Shearman1-1/+4
Type: improvement Allow the use of the base-virtaddr config option to be passed through to DPDK. This is useful to allow use of devices with an IOMMU in nested VMs without resorting to PA IOVA mode. Signed-off-by: Robert Shearman <robertshearman@gmail.com> Change-Id: I32b6513377e6d20bf155e12c45f902d51ea982c4
2021-07-12papi: remove shared memory transportOle Troan2-2/+0
This patch removes the papi transport shared memory plugin. It also removes any dependency on CFFI. Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ia81701c0dc506871e511495d837e41420e1fdf72 Signed-off-by: Ole Troan <ot@cisco.com>
2021-07-12session: api cleanupFilip Tehlar3-29/+39
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Iacc58d27ac51c8a1c571087f98297e046b3477c2
2021-07-06l3xc: reset dpo on deleteBenoît Ganne1-0/+1
When removing a l3xc path we must release the corresponding dpo. Type: fix Change-Id: Ib6309797cb11374264c786e064f262ad13c6f0a1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-07-02crypto: fix sw async crypto with chained buffersBenoît Ganne1-31/+30
When a buffer in the chain comes with a negative current_data offset, the conversion to sgl will skip it because of resetting offset to 0. Moreover, crypto_start_offset is relative to the 1st buffer data pointer so we should not check it against subsequent buffers anyway. Type: fix Change-Id: Id177a90bfda242a5372c7e8836cf6668e98c780e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-07-01vmxnet3: support manual thread assignment to tx queueSteven Luong3-18/+26
Thread assignment to tx queue has always been automatic and there was no way to modify it. With this patch, it is now possible to use the cli "set interface tx-queue" to change the thread assignment to tx queue for vmxnet3 interface, thanks to the new tx infra. Type: feature Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I1544e3557f70251d4bd423cc3d9f28ee1d44db4a
2021-06-30memif: fix tx desc length for chained buffers in copy modeBenoît Ganne1-0/+1
When enqueuing chained buffer, we must update the descriptor length for each fragment descriptor in addition to the last. Type: fix Change-Id: I9bc95fe557a049eeea4abd41c695153632d52a52 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-06-30rdma: fix chained buffer tx path in dv modeBenoît Ganne1-24/+20
When switching to the direct verb chain buffer tx path, we must account for all remaining packets, including the packets that would wrapped around. Previously we were using the 'n' counter but ignoring the 'n_wrap' counter: if some packets would have wrapped around in the default path, it would be ignored by the chained buffer tx path. Compute the correct number of remaining packets based on the old and current txq tail instead. Also simplify the chained tx function parameters. Type: fix Change-Id: If12b41a8f143fda80290342e2904792f7501c559 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-06-30memif: fix chain buffer length in zero-copy modeBenoît Ganne1-0/+1
The total_length_not_including_first_buffer field must be reset before being updated otherwise it will quicly grows as stale values are reused. Type: fix Change-Id: Ic48c0822660998b0dfc0b5fdeadae6071b2d03f7 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-06-26vrrp: prevent segfault in multicast join due to missing LL AddrJon Loeliger1-2/+5
If an IPv6 Link Layer Address is missing from an interface, treat it as a down interface. While this fails to send a VRRP multicast group join, it also prevents a seg fault. Type: fix Fixes: 39e9428b90bc74d1bb15fc17759c8ef6ad712418 Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: Iebf69bb30604a96de6587655eb872aa818158a56
2021-06-24linux-cp: stop managing adjacencies for tunnelsAlexander Chernavin1-0/+12
Type: fix Outbound packets which arrive on tun/L3 interfaces use a default adjacency for the interface & address family from the corresponding interface pair. However, there are entries in the linux-cp adj table that are created for them. Managing these entries might cause a segfault because the rewrite data might exceed the reserved space for it of 28 bytes in the linux-cp adj key (e.g. in case of GRE IPv6). With this change, stop creating adjacencies for tun/L3 interfaces in the linux-cp adj table and delegating them. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I4bcd685860053ab87c65064c182e3ed53fd4fae9
2021-06-24linux-cp: add callbacks for pair managementMatthew Smith2-15/+41
Type: improvement Allow callbacks to be registered which will be called when an interface pair is added or deleted. Change-Id: I1c413ac2ada802021f9e56e2f878ce67e5eda2f5 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-06-23mss_clamp: iterate enabled direction as a vector, not poolJon Loeliger1-2/+2
Type: fix Fixes: bf55e9931ce203049385fbf55dde291ead556679 Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I5410a7a5a8cdc1d41abcc42fe5b42e6e2991dc06
2021-06-23nat: ICMP handling fixesKlement Sekera4-24/+110
If ICMP comes from a router on path, source address must not be rewritten in o2i path to avoid getting wrong checksum. Fix ICMP checksum computations. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I035debccf966d7dbd63c364cb1e43380d641f708
2021-06-22dpdk: enable igc devicesMatthew Smith2-27/+29
Type: improvement Set port type and supported flow actions on 2.5G Intel NICs which are managed by the igc PMD. Change-Id: Id144eaa158e24a3f10effb6b517d1c62fba0d2e8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-06-22nat: don't drop packet with ttl=1 if output featureKlement Sekera1-2/+2
TTL was already decremented in ip4-rewrite so it's okay if it's 1. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I587dc343737c15247eb62837a06d5e44c0d11acc
2021-06-21fib: Add unit test for RR source using covers labelsNeale Ranns1-1/+69
Type: test UT for patch: 4fc68ee Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I96fac9a6407a7f3ebeecc5e68a7683e541063de7
2021-06-18session: udp accept session state should be updated by appjxm1-0/+1
Type: fix Signed-off-by: jxm <jiangxiaoming@outlook.com> Change-Id: I6fb2620e7076e1e38a2ab85a70febe614b079e67
2021-06-16vcl: basic support for epoll level-triggered evtsFlorin Coras2-6/+6
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2d5039cd35edd02ffa2439bcac119d0647234385
2021-06-16nat: test all intf addrs in is_interface_addr()Alexander Chernavin4-20/+42
Type: fix Currently, is_interface_addr() tests if a given IPv4 address belongs to an interface by a given sw_if_index. However, there are several issues: * only the first found address on the interface is actually tested, * sw_if_index is always cached even if the interface hasn't been assigned any addresses yet. With this change, is_interface_addr() tests all IPv4 addresses on an interface by a given sw_if_index and caches sw_if_index only if there are addresses present. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: If1acc4a534647a5f0ce8e9b565b867c92a016dc3
2021-06-16nat: fix crash when translate unknown proto packetsAlexander Chernavin2-4/+5
Type: fix Currently, there might be a crash in NAT ED mode: * if a session for an unknown proto packet cannot be created in2out, * if a session for an unknown proto packet cannot be found out2in. With this change, translate packets only if a session is given in NAT ED mode. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Iafb332db1ae9a3e76435964ad636037d1b8a51e8
2021-06-14nsh: api cleanupFilip Tehlar2-174/+8
use autogenerated code Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I91a55412f96b138c3c00cbb8943d271c8a6452c9
2021-06-11memif: fix crash with zero-copy slaveDamjan Marion1-1/+1
Type: fix Change-Id: I456cc0b0a6f2dc32b14791baf9d4a7f67279e8df Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-06-10memif: fix the spinlock and unlock issue.fangtong1-1/+2
when the configuration of tx queues is larger than the worker-threads, the clib_spinlock_lock_if_init will not be executed, and then this function will executed the clib_spinlock_unlock_if_init, so this may caused the issue. Type: fix Signed-off-by: fangtong <fangtong2007@163.com> Change-Id: I3ce244cd5e1f410e9f14bd060b929238f069b9fa
2021-06-09cnat: fix spinlockNathan Skrzypczak1-1/+4
Type: fix Change-Id: Id6406702061ada54e51ebcf5c367328605de2b6b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-06-08vppinfra: pool_free_elts() now supports fixed-size poolsDave Barach2-0/+63
Test added to the unittest plugin / test_vlib.py Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I73445e57918347c102ff6f5e8c9ddb9bd96f1407
2021-06-07tls: change picotls plugin crypto module to accommodate new version picotlsSimon Zhang2-3/+3
Type: fix Change-Id: I58931e235535be7d596ca578790f389b64a4fbd2 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2021-06-04dpdk: silence coverity warning on use of uninitialized valuepibr1-0/+1
Type: fix Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I76923ad5035498aae821db4fd42a127617476fbb
2021-06-03linux-cp: use default adjacencyMatthew Smith1-21/+16
Type: fix Outbound packets from the host have an adjacency lookup performed so buffer metadata can be filled in and output features can be applied. If no adjacency is found for a packet, it gets dropped. This breaks DHCP and possibly other things since the DHCP reply to a discover request is sent to a destination MAC address that is determined by the contents of the request packet rather than any existing neighbor table entry. If adjacency lookup for outbound packets does not find an entry, use the default adjacency for the interface & address family. Change-Id: Ia53a4df3a5bad2991768cfe4a84c560b879e656f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-06-01srtp: cleanup build and default to disabledFlorin Coras2-12/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I62fb56257445a05105e556d1ea6cc6280b5eeccc
2021-05-31nat: fix broken nat44-ed cliRuslan Babayev2-10/+1
snat_set_frame_queue_nelts has been replaced with nat44_ed_set_frame_queue_nelts. Type: fix Signed-off-by: Ruslan Babayev <ruslan@babayev.com> Change-Id: I8d970be71376fdbb2bfd383d4d5824a8def93bb3
2021-05-29hsa: proxy listener support addition of fifo segmentsFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I59218f784140ef5ecb8468af6aebfe25fd7703a4
2021-05-28tls: fix handling of failed acceptsFlorin Coras1-3/+12
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I34b53dcaf4f049157b538ea40a39033d43e525a5
2021-05-27dpdk: bump to 21.05Fan Zhang2-12/+29
Type: feature This patch bumps DPDK version to 21.05 and updated VPP to accomodate the changes in DPDK latest version. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: If217441f70c9ab531196dca7ec7a486ec9931cff
2021-05-26dpdk: fix missing symbolFan Zhang3-11/+23
Type: fix This patch fixes the missing symbol of dpdk_plugin.so when creating symmetric key. The solution is to add dependency of libssl to dpdk cryptodev and disable cryptodev engine when libssl is not presented. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I30aa6e3e3af1faefa82883bad613e1d82235a2ec
2021-05-26vppinfra: explicit blocking mode for sock connectsFlorin Coras1-2/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3a33230de13fef613dc9523cf24a9968d200c2e5
2021-05-26nat: add thread index assertionsKlement Sekera4-0/+11
Add extra assertions to debug build. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ib20130365e8f9dbb556fcbb4321dd184c7eff603