aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2019-03-01VPP-1529: check hop-by-hop header lengthDave Barach1-7/+37
Fix a single packet-of-death case, caught by vlib_buffer_advance() in debug images. Change-Id: I9c107f20d7c053c3e40a0756dd7ca1c3be276a1a Signed-off-by: Dave Barach <dave@barachs.net>
2018-11-23acl-plugin: fix coverity error that the fix related for [VPP-1502] has triggeredAndrew Yourtchenko1-9/+13
Fix the trivial use-before-check copypaste error. There was a more subtle issue with that patch that Coverity didn't notice: namely, vec_validate(v, len-1) is a terrible idea if len happens to be == 0. Fix that. Change-Id: I0fab8b1750e9e9973eefb5d39f35e4c3a13fc66f Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit e0152461cbc84d6d4df3f05dddabe992c1c59052)
2018-11-23NAT44: improve expired sessions reuse (VPP-1503)Matus Fabian2-79/+65
Change-Id: Iab506f127136c94a641df31ded108016de26260b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-11-22acl-plugin: optimize hash memory usage + fix the startup config parsing for ↵Andrew Yourtchenko3-7/+33
memory sizes [VPP-1502] In a couple of places vec_add1()-style was repeatedly called in a loop for smallish vectors where the number of additions was known in advance. With a test with large number of ACEs these numbers contribute to heap fragmentation noticeably. Minimize the number of allocations by preallocating the known size and then resetting the length accordingly, and then calling vec_add1() Also unify the parsing of the memory-related startup config parameters. Change-Id: If8fba344eb1dee8f865ffe7b396ca3b6bd9dc1d0 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 94f509615eb97cebc9192e7290c84cf166518039)
2018-11-22NAT44: Apply transitory timeout on TCP RST (VPP-1494)Matus Fabian2-0/+9
RFC7857 section 2.2. Change-Id: I031af5fe379b72262e83fd8565c34fa1b772f2c8 Signed-off-by: Matus Fabian <matfabia@cisco.com> (cherry picked from commit 15e8e681813a2e88dad107b5fe238bc8abee17d2)
2018-11-20NAT44: fix virtual fragmentation reassembly in forwarding mode (VPP-1501)Matus Fabian1-0/+8
Change-Id: Id86d8aa8753b9b2ff4c709b11e3901ba8d552918 Signed-off-by: Matus Fabian <matfabia@cisco.com> (cherry picked from commit 111add7e5d6581bb4eca05cc862a651ff6a09792)
2018-11-19NAT44: fix bug in TCP close with output-feature interface (VPP-1493)Matus Fabian4-4/+82
Change-Id: If8c883d6b1ee58de9a03012d3567ec82211a0225 Signed-off-by: Matus Fabian <matfabia@cisco.com> (cherry picked from commit 6c01dceea5c612373453db7f1ccda589a2cd782e)
2018-11-07NAT44: fix undesired dependency between static mapping and address from the ↵Matus Fabian2-1/+9
pool (VPP-1485) Change-Id: Iaa404361eac2a6612dcdaba3f73bae41a35c5446 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-10-23vmxnet3: add logging support to the control plane [VPP-1470]Steven4-17/+87
There are different flavors of vmxnet3 device, esxi server, vm fusion, vmware workstation, and vmware player, that we need to communicate with. Each of them also has different versions. We really need the control plane logging to debug when things don't work as expected. Change-Id: Idab6896e3d8bf841f1cd877c13a21531fa110568 Signed-off-by: Steven <sluong@cisco.com>
2018-10-21tcp: count first lost hole (VPP-1465)Florin Coras1-3/+29
Change-Id: I3ac136e2a10796d8fa86ddb6f0d6cabe5fa749f8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-10-19NAT44: fix ICMP virtual fragmentation reassembly (VPP-1466)Matus Fabian4-63/+122
Change-Id: I8006bca02948d9121f474a3d14f0576747bb3c51 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-10-19tls: fix connection failures/interrupts at scale (VPP-1464)Florin Coras1-2/+3
Change-Id: I0bc4062c1fd3202ee201acb36a2bb14fc6ee1543 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit c01d578a625fb136bc33b0eb9c19907769a67989)
2018-10-19tcp: fix sacks lost bytes counting (VPP-1465)Florin Coras1-34/+90
Change-Id: Ie46b3a81de4ed39b7b40e3879436f7e5a2908d98 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-10-17tcp: avoid sack processing when not needed (VPP-1460)Florin Coras1-1/+1
Change-Id: If81ee34e1f1e929de1a5b758ddb9aede4002e858 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-10-16acl-plugin: tuplemerge: refresh the pointer to hash-readied ACL entries per ↵Andrew Yourtchenko1-0/+2
each collision in split_partition() (VPP-1458) A pointer to hash-ready ACL rules is only set once, which might cause a crash if there are colliding entries from more than one ACL applied. Solution: reload the pointer based on the element being processed. Change-Id: I7a701c2c3b4236d67293159f2a33c4f967168953 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-10-15vmxnet3: show vmxnet3 with filtering capability [VPP-1452]Steven3-12/+234
show vmxnet3 desc may display 5000 lines of output since it has 5 tables. Each table may have 1000 entries. It would not be very useful to debug problem. We need filtering capability for the subject show command. We need to be able to display the descriptor table per interface, per interface per table, and per interface per table per slot. The latter is the most useful. tested the following valid combinations show vmxnet3 show vmxnet3 desc show vmxnet3 vmxnet3-0/13/0/0 show vmxnet3 vmxnet3-0/13/0/0 desc show vmxnet3 vmxnet3-0/13/0/0 rx-comp show vmxnet3 vmxnet3-0/13/0/0 rx-comp 1 show vmxnet3 vmxnet3-0/13/0/0 tx-comp show vmxnet3 vmxnet3-0/13/0/0 tx-comp 1 show vmxnet3 vmxnet3-0/13/0/0 rx-desc-0 show vmxnet3 vmxnet3-0/13/0/0 rx-desc-0 1 show vmxnet3 vmxnet3-0/13/0/0 rx-desc-1 show vmxnet3 vmxnet3-0/13/0/0 rx-desc-1 1 show vmxnet3 vmxnet3-0/13/0/0 tx-desc show vmxnet3 vmxnet3-0/13/0/0 tx-desc 1 negative tests and command is rejected show vmxnet3 abc show vmxnet3 desc abc show vmxnet3 vmxnet3-0/13/0/0 abc show vmxnet3 vmxnet3-0/13/0/0 desc abc show vmxnet3 vmxnet3-0/13/0/0 rx-comp abc show vmxnet3 vmxnet3-0/13/0/0 rx-comp 1 abc Change-Id: I0ff233413496e58236f8fb4a94e493494c20c5cb Signed-off-by: Steven <sluong@cisco.com>
2018-10-15vmxnet3: vmxnet3_test_plugin.so: undefined symbol: format_vlib_pci_addr ↵Steven1-1/+9
[VPP-1456] When using vpp_api_test, there is an undefined symbol error for format_vlib_pci_addr when vmxnet3_test_plugin.so is loaded. The cause is due to vlib not included in vpp_api_test. Remove the reference for vlib.so in vmxnet3_test. Change-Id: I37c00dfe2f843d99ad6c4fc7af6ed10bac4c2df8 Signed-off-by: Steven <sluong@cisco.com>
2018-10-11vmxnet3: better error handling [VPP-1449]Steven2-20/+42
try harder on output - if there is no descriptor space available, try to free up some and check again. make sure we free the buffer if error is encountered on input. Change-Id: I41a45213e29de71935afe707889e515037cd081f Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit 8b0995366110ff8c97d1d10aaa8291ad465b0b2f)
2018-10-11NAT44: identity NAT fix (VPP-1441)Matus Fabian4-32/+118
Change-Id: Ic4affc54d15d08b9b730f6ec6146ee053b28b4b6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-10-11acl-plugin: reduce the syslog level for debug messages (VPP-1443)Andrew Yourtchenko1-5/+6
Change-Id: Ie8380cb39424548bf64cb19aee59ec20e29d1e39 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-10-09memif: coverity fixJakub Grajciar1-2/+4
Change-Id: I2b14e2a035a37b04816aac1e610146be58ad1e92 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2018-10-08memif: socket filename add/del bugfixJakub Grajciar1-3/+3
Check access rights using effective user/group IDs Change-Id: I3683258c24bcd7817024bffbd56b54b2f596fdd7 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2018-10-08Fix coverity issue for NSH pluginHongjun Ni1-69/+70
Change-Id: Ie99ff9aebe3c896e3e104a5a7bebd84f7766e713 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2018-10-08NAT44: do not create session record for identity mapping (VPP-1439)Matus Fabian10-103/+233
Change-Id: I39a3146a4e4ba8eadf50af7113b9ae6b1c1d688f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-10-05Source VRF Select testsNeale Ranns2-9/+15
Change-Id: Id6c16462fccf890eaa0e526ad048e032c9da8800 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-10-05NAT: convert remaining clib_warning to nat_log_*Juraj Sloboda4-30/+30
Change-Id: Ie999ab852cc3775ec90820624d97be746d2590a4 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-10-04acl-plugin: tuplemerge: avoid batch-resize of the applied entries vector - ↵Andrew Yourtchenko1-2/+6
VPP-1352 If the number of rules within a given partition exceeds the limit, the split_partition() might get called, in which we calculate the relaxed mask, create a new partition with that mask and attempt to reallocate some entries from the overcrowded partition. The non-TM code was pre-expanding the vector with rules by the number of rules in the new ACL being applied - which caused the split_partition() to iterate over the rules filled with zeroes. Most of the time it is benign, but if a newly created relaxed partition is such that these entries can be "relocated", then the code attempts to do so, which does not end well. Change-Id: I2dbf3ccd29ff97277b21cdb11c4424ff0915c3b7 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-10-03vmxnet3: coverity woeSteven2-12/+12
Coverity complains that hb might be null when !prev_b0 is true. It may be right, but not likely. To make the code more explicit when it parses a complete packet, set got_packet = 1 and test got_packet instead of prev_b0 which is somewhat obscure. Use vlib_buffer_free_one rather than vlib_buffer_free_no_next in output.c which takes care of chain buffers. Change-Id: I6e0587605fdc622c3f55fedd74c474666631ed91 Signed-off-by: Steven <sluong@cisco.com>
2018-10-03memif: include interface name in logsJuraj Sloboda3-29/+57
Change-Id: I67f58aa93c721dbd518cc2ddcea330006693662f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-10-03VPP-1440: clean up coverity warningsDave Barach1-2/+2
Change-Id: Ie315d4e83c0575d82aee0369ef50e8dd2dad6a2a Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-03vmxnet3: error handlingSteven4-60/+84
outbound -- if we have to drop the packet due to no descriptor space is available, drop the whole packet, not fragments. inbound -- check and drop error packets Change-Id: Ida1d32e61521bafd67f714d729ad53cd7c487dc6 Signed-off-by: Steven <sluong@cisco.com>
2018-10-02VPP-1440: clean up coverity warningsDave Barach2-5/+8
Change-Id: Ic6823fb617ecae547a5f0e28b1e037848e40f682 Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-02Update code to compute checksum for buffer chainsJuraj Sloboda2-6/+10
Compute ICMP checksum for buffer chains Fix checksum function for buffer chains Change-Id: I39b845b94a63c3ab5fc9f6f9ab36cadbc67c104f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-10-02tls: fix disconnects for sessions with pending dataFlorin Coras2-20/+20
TLS can enqueue events to itself when app session queue cannot be entirely drained. If a pending disconnect is handled before any such event, session layer may try to dequeue data on deallocated sessions. Change-Id: I5bfc4d53ce95bc16b6a01e1b0e644aafa1ca311b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-10-01Source VRF SelectNeale Ranns7-0/+1141
match against a packet's source address to determine the VRF for the subsequent destination address lookup. Change-Id: I48ee0ef54dcb891f0ec7f879e4d3b925a0ed0081 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-10-01Rename device class from PPPPOE to PPPoEPaul Vinciguerra2-10/+10
Change-Id: Ia20eee6cef360b1acd768101df0713f0005a7d14 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2018-10-01thread: Add show threads apiMohsin Kazmi3-3/+3
Change-Id: I3124238ab4d43bcef5590bad33a4ff0b5d8b7d15 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-10-01IGMP: handle (*,G) report with no source addressesNeale Ranns1-8/+14
Change-Id: I363370b9d4a27b992bad55c48fc930a2fbea2165 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-09-28MAP: Add check for well known ports.Ole Troan1-0/+8
And more unit-tests. Change-Id: I4667d82d928b7ba8d96b5a5648d464115b3ed216 Signed-off-by: Ole Troan <ot@cisco.com>
2018-09-27MAP: Correctly print ea-bits-len in map commands.Ole Troan1-1/+1
Change-Id: I17b19875547cd6056aaf8f8fde439caa8e42d274 Signed-off-by: Ole Troan <ot@cisco.com>
2018-09-27MAP: 64-bit DMROle Troan2-17/+15
Change-Id: I261e11f1006039e4a4019fec2fd3271763ae476a Signed-off-by: Ole Troan <ot@cisco.com>
2018-09-27dpdk_plugin: fix mlx5 build and runtime issuesSirshak Das1-2/+10
There are issues with VPP finding and linking the mlx5 shared glue library which was built by default if mlx5 was enabled. Runtime Errors this patch fixes: net_mlx5: cannot load glue library: librte_pmd_mlx5_glue.so.18.05.0: cannot open shared object file: No such file or directory net_mlx5: cannot initialize PMD due to missing run-time dependency on rdma-core libraries (libibverbs, libmlx5) This patch introduces additional config parameter to disable glue library building and instead statically link ibverbs and mlx5 libraries to the PMD and dpdk_plugin. Change-Id: I0b2f67652a57854c778e991780903fb15706ace8 Signed-off-by: Sirshak Das <sirshak.das@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
2018-09-27add cmake build option to build openssl asyncPing Yu1-0/+11
This code is orignally in automake, but it is missing in cmake. Thus add it to make openssl async work in cmake build system Change-Id: Ie69ee9c2099273e51ce13ccab27bdd2619db4814 Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-09-27avf: may crash if failed to allocate buffers to ringSteven1-1/+1
In avf_rxq_refill, we invoke vlib_buffer_alloc_to_ring which may fill buffers from the end of the ring and continue to the beginning of the ring. If we fill some in the end and continue to fill some in the beginning, but does not have enough buffers to fill the whole request, n_alloc returns a value which is not equal to n_refill to indicate partial refill. We don't like partial refill and invoke vlib_buffer_free to get rid of the buffers that just got refilled. However, vlib_buffer_free API is to free the buffers from the slot continuously. It does not know how to free some from rxq->bufs[slot], and then continue to free the rest when it reaches the end of the ring. The fix is to use vlib_buffer_free_from_ring which is smart enough to figure that stuff out. Change-Id: I93c28e0b0d8d8f22c321d1a5912e00c27b4e2e8d Signed-off-by: Steven <sluong@cisco.com>
2018-09-27IPIP and IPv6 fragmentationOle Troan4-19/+4
- Error where ICMPv6 error code doesn't reset VLIB_TX = -1 Leading to crash for ICMP generated on tunnelled packets - Missed setting VNET_BUFFER_F_LOCALLY_ORIGINATED, so IP in IPv6 packets never got fragmented. - Add support for fragmentation of buffer chains. - Remove support for inner fragmentation in frag code itself. Change-Id: If9a97301b7e35ca97ffa5c0fada2b9e7e7dbfb27 Signed-off-by: Ole Troan <ot@cisco.com>
2018-09-26vmxnet3: delete interface causes a crashSteven1-9/+4
Need to free the buffers starting from ring->consume+1, not ring->consume Make use of the cool API vlib_buffer_free_from_ring Fix a memory leak in vmxnet3_txq_init Change-Id: I0a539ea75211408d84ce433d97a0a0aec5a9618d Signed-off-by: Steven <sluong@cisco.com>
2018-09-26acl-plugin: fix the stateful ICMP handling and add testcasesAndrew Yourtchenko1-39/+40
The stateful ICMP/ICMPv6 handling got broken. Fix that and introduce testcases to catch in the future. Change-Id: Ie602e72d6ac613d64ab0bf6693b6d75afb1a9552 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-09-26dpdk: fix QSFP+ module infoDamjan Marion1-1/+2
Change-Id: I89c7df778e66a5d2147190dc99445405d81964e5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-09-26NAT44: endpoint-dependent mode session timeout improvement (VPP-1423)Matus Fabian2-0/+28
Change-Id: Ib62e503f4eb5d72431288de32f417a4553df4e0c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-09-25L2 BD: introduce a BD interface on which to send UU packetsNeale Ranns1-2/+2
Change-Id: I21ad6b04c19c8735d057174b1f260a59f2812241 Signed-off-by: Neale Ranns <nranns@cisco.com>