aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-10-01ikev2: refactor ikev2 nodeFilip Tehlar1-407/+359
Type: refactor Change-Id: I65acbd5d9724c500a24699de973df08016d9d8d6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30ikev2: better packet parsing functionsFilip Tehlar7-274/+596
Ticket: VPP-1918 Type: improvement Change-Id: I2bc3e30121697404dcd54f1c2127bd85ccc1029e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30ikev2: show IKE SA command improvementsFilip Tehlar1-95/+169
Ticket: VPP-1898 Type: improvement Change-Id: I1c56df331965c733a2d0eae63a12d5a4ee5a2e41 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30avf: check duplicate pci address upon create interfaceSteven Luong1-0/+13
Entering duplicate pci address when creating an avf interface causes crash in register_node (gdb) f 4 145 error_exit (1); (gdb) up 354 clib_error ("more than one node named `%v'", n->name); (gdb) p n $1 = (vlib_node_t *) 0x7fffbbe55de4 (gdb) p n->name $2 = (u8 *) 0x7fffbc410b10 "avf-0/4/a/0-tx" (gdb) The fix is to loop through the pci addresses in the avf interface pool and to reject the duplicate. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I4ed6fb630fb11982d85c5bb325d9f0d6beeaf023
2020-09-30wireguard: fix udp-port registrationArtem Glazychev2-3/+10
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I698ef299316004b797da1e74b64d067caac4bd2d
2020-09-29hsa: fix coverity warningFlorin Coras1-3/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I046e5aa90016e45b5cbaec12593ba4ac7a659783
2020-09-29ikev2: fix false positive NAT detectionFilip Tehlar1-18/+13
Type: fix Change-Id: Id7f865f537c55d00a784eec51624ba28e903a083 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-29vcl svm: provide apps access to fifo chunksFlorin Coras2-7/+21
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2191b8594b1e87ecc00f237316457db249f73603
2020-09-29wireguard: fix license headersArtem Glazychev13-2/+25
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: If5cc8894e0d1785dd04ab1e460e017580c9b41ce
2020-09-29wireguard: fix indentsArtem Glazychev1-21/+35
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I84cd7b08eac62160cf407409d32dd40cec7ae9d6
2020-09-29wireguard: readme fixArtem Glazychev1-36/+17
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I0080a158fc3e17dfdd360f6ba164e3bfa3d585a6
2020-09-29dpdk: fix compileFan Zhang2-51/+15
Type: fix Since DPDK is now compiled by meson but some compiles in VPP is missing. This patch fixes that. - Fixes QAT PMD not compiled. QAT meson compile, even for sym crypto PMD, is happened in drive/compress/qat. Originally all PMDs in compressdev is disabled by default. This patch fixes that. - Fixes DPDK plugin version detection. DPDK meson build generates rte_build_config.h, which containing all version information in build-dpdk instead of rte_config.h in make. This patch uses the file to detect version data. - Removed SW crypto PMD auto-creation in cryptodev engine. In case the AESNI-MB PMD required shared library is missing. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I7cd91abb5de303ff5e4c55cd05e011b57f883524
2020-09-29avf: validate queue size configSteven Luong3-13/+52
Check CLI queue size is within the range of 64 and 4096 Enhance show hardware to display queue size and number of queues. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I360e3cdb2e69e4ea7380ed924e71a5ae84ed4b64
2020-09-28ikev2: fix memory leaksBenoît Ganne2-3/+21
Type: fix Change-Id: I5be19a4923b37e2636621d36155178ac348ee41c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-09-28quic: Fix protip #47 / unformat (input_line)Nathan Skrzypczak1-19/+41
Type: fix Change-Id: Id03f50c46d28c850865cc76692424d063a0c2cfb Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-27cnat: fix cnat_translation_cli_add_delDave Barach1-12/+24
Make the command scriptable, use unformat_line_input. "paths" never needed to be a pool, it's used as a vector. Pools *are* vectors so no harm but... use vec_add2(...) instead. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I65b42de77c3c17f532443319d8a5a15a0a930d66
2020-09-27cnat: fix session scanner restart pointDave Barach1-1/+1
Restart point saved by caller, do not restart at i=0. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I36b7570085c4cbe84cea24339ae579e1fc906af8
2020-09-25cnat: Add DHCP supportNathan Skrzypczak11-109/+716
Type: feature Change-Id: I4bd50fd672ac35cf14ebda2b0b10ec0b9a208628 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Introduce parametric source policyNathan Skrzypczak13-244/+445
Type: feature Change-Id: I60ae9dd1c100b587d1902a20596b99a5c8a95df7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Add support for SNat ICMPNathan Skrzypczak7-143/+461
Type: feature snat supports : * echo request/reply by allocating an identifier when translating echo requests * icmp errors in the same manner as dnat Change-Id: I684e983b0181f95c5eace5a984d40084e5625fa4 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Ip ICMP error supportNathan Skrzypczak6-165/+557
Type: feature Add CNAT translation for ICMP 4 & 6 errors inner packet will be translated according to existing sessions. Change-Id: If118751988f44ef96b800878596296d1ab8ab6f8 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-24wireguard: coverity fixArtem Glazychev1-1/+1
Type: fix Change-Id: Ib69b9d83a77d315368ce091085b6bc2d26994282 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2020-09-24session tcp udp tls quic: improve cli formattingFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iae5dbb8aaaf82d8e95c2ee8bbbe6844c9dd49f80
2020-09-23lldp: fix format string for hw->nameVladimir Isaev1-3/+3
Sanitizer found it. hw->name is not null terminated vector. So use '%v' for it. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: Idea16b33d33b371f5b6f6ab403edd0b4860c95f2
2020-09-23cnat: Disable default scanner processNathan Skrzypczak8-24/+120
Type: feature Change-Id: Iba9d9f384eaa35c5522e828e3cbe4516416294db Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-23wireguard: add handoff nodeArtem Glazychev18-448/+889
All timer and control plane functions happen from main thread Type: fix Change-Id: I4fc333c644485cd17e6f426493feef91688d9b24 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2020-09-22lisp: Move to pluginNeale Ranns56-9/+33296
Type: refactor Change-Id: I54df533a8f863c4e49742903cf2457f18b4fc506 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-21geneve: Move to pluginNeale Ranns11-0/+4613
Type: refactor Change-Id: I613bf4d6517591351b212bfe6c8d93abf235f5dc Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-21misc: Move l2tp to pluginNeale Ranns12-0/+2372
Type: refactor Change-Id: Ifb36eeb146b87e9e305881429d32d6879e955e1e Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-21lldp: Move to pluginNeale Ranns15-0/+2549
Type: refactor Change-Id: Ifd770ff4850e63474bf4682ad463021b03786b4b Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-21vrrp: set up multicast for both address familiesMatthew Smith1-2/+14
Type: fix When a VR is added, multicast accept routes are added which allow inbound packets sent to the VRRP group address on the interface of the VR so advertisements from peers can be received. If this is the first VR added, also add a local forward route for the VRRP group address so the packets will be processed by the VRRP input nodes. When deciding whether to add/delete the local forward route, the total number of VRs configured was being checked. If there are no VRs configured initially and a VR is added for IPv4, this check would correctly see that this was the first VR and add an IPv4 route. If an IPv6 VR was configured subsequently, this check would find that a VR was already configured and incorrectly decide that no route needed to be added and IPv6 VRRP advertisements from peers would be dropped as a result. The opposite would occur if you first added an IPv6 VR followed by adding an IPv4 VR - whichever address family was added first would work correctly and the other one would not work. Since a route is needed for each address family, check on the per address family count of VRs when deciding whether to add/delete the local forward route instead of checking on the global count of VRs. Change-Id: I851a7ef8a4f9e4e370d08b0832284a13387eb083 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-09-21acl: remove custom ACL-plugin heapAndrew Yourtchenko7-232/+17
Custom ACL-plugin heap was useful in early stages, but it interferes with other infra optimizations. Remove it and use global heap. Change-Id: I2300548f1d1798dec27bc5a2a41cf37f9fcda95d Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-09-21dpdk: hugepage availibility check using new apiDamjan Marion1-11/+9
Type: improvement Change-Id: Iab623a2e11bd5787f4cae549143f49888e0dd9c4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-17vppinfra: support main heap with different page sizesDamjan Marion1-1/+1
Type: improvement Change-Id: I381fc3dec8580208d0e24637d791af69011aa83b Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-16avf: wrong argument passed to avf_log_errSteven Luong1-1/+1
Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ica4601c9d17e182cbc348989a9f75ab1cb18b78a
2020-09-16vmxnet3: gso fixesSteven Luong4-13/+29
outbound: wrong header len computation gso size and header length need to be set in the first segment of the chain inbound: EOP may have zero length descriptor to terminate the chain missing endian conversion for ethertype Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iaa003c0e9af3ead4df6c6c0d5772a179d2ff15c4
2020-09-16api: clean up use of deprecated flagOle Troan3-13/+13
The syntax of the deprecated flag has evolved. Clean up usage to be "option deprecated;". Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: If2b639f275eb8db58b36c457f9245fe35a4d8cb1
2020-09-16flowprobe: add show commands for params and list of interfaces for recordingjan_cavojsky1-0/+87
Type: feature Ticket: VPP-1861 Signed-off-by: jan_cavojsky <Jan.Cavojsky@pantheon.tech> Change-Id: Iaeff13b19a712257223a4e77893cfd9398c18327
2020-09-15crypto: Crypto SW Scheduler Coverity WarningsNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I7f98d0c7847ecc40b90b78e5ae83f320575be310
2020-09-15crypto-native: fix issues detected by coiverityDamjan Marion2-3/+11
Type: fix Change-Id: Id61aa407eeeb4d44cf47ed39283a0c79ed3abbee Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-14wireguard: coverity fixesNeale Ranns2-6/+10
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ib1eabbc87a573c660ac251602d631f167928259b
2020-09-14wireguard: increase FIB source priorityNeale Ranns1-2/+7
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Icc1c458474d357c7d9b3b4df1897500de0c314a1
2020-09-14nat: delay datastructure allocation until configuredOle Troan2-18/+33
The dslite plugin would on plugin load initialize large bihash datastructures. Postpone until configured. Type: improvement Change-Id: Ie790ab8c5fc39fac18153acd54dcd051805e763a Signed-off-by: Ole Troan <ot@cisco.com>
2020-09-10ikev2: fix copy-paste error when freeing memoryFilip Tehlar1-1/+1
Type: fix Change-Id: If44c807d188b3e88d819f4132d73e6a34402a525 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-12wireguard: Fix for tunnel encapNeale Ranns7-89/+468
Type: fix add UT for sneding handshale init and transport packets Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc
2020-09-11quic: Clean quic_crypto_setup_cipherNathan Skrzypczak1-16/+13
Type: fix Change-Id: I4c19636c2be8a577c6cba272708cb04bcc24785b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-11dpdk: fix coverity defect #214232, #182930Chenmin Sun2-1/+8
Type: fix Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Ie328834159687cdb4314c37d36697f2fb9081fbd
2020-09-11avf: add assert to ensure that adminq is used only from avf processDamjan Marion1-0/+5
Type: improvement Change-Id: Ib64c9b8207776986656e5a26c13a221edc6cc950 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-11avf: change promisc mode from the avf process nodeDamjan Marion2-7/+26
Avoid situations where promisc mode is chaged while avf process is suspended in the middle of adminq operation. Type: fix Change-Id: Ia1fc6551e83218b5938630ad3a15d4f3f0ceceff Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-11nat: Fix next feature for ED with multiple workersVladimir Isaev3-2/+25
Multiple (> 1) workers leads to handoff node being enabled. This node pops next feature index to nat.arc_next to make sure that packet will be pushed to the next feature in the arc. But node nat44-ed-in2out-output also pops next feature and changes arc_next. So actual next feature will be skipped in that case. It leads to all nat44-ed-in2out packets being dropped if we have multiple workers (handoff node enabled). To resolve this a new node was added (nat-pre-in2out-output) to fill arc_next in single worker case and multiple worker case is already handled by handoff node. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I9dfba68f00164d2d5ab867224871811bef4411ed