Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.
The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.
Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.
Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".
Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).
Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
|
|
Type: improvement
Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
The api no longer requires packed ip addresses.
Type: test
Change-Id: If67365d86b7c3189f871a58234e99f9c8f875371
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6da8cc7c4577d199e9dc0aa52c73b1230a380018
|
|
This patch adds the l2tpv3oip type flow support
Have tested on E810 with Intel iAVF driver
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Icb5114b5f70dd7a63f681e7c6ac802fade8b8cf1
|
|
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com>
Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com>
Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
|
|
Type: fix
Change-Id: I8e4a47bd16fa8475ef695c09e3487eabf08faabe
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Change-Id: Iebf77a63c0c19b130a3fbd26b5293304a9fed4c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1f03d80c4ee2a555dc6baa262d6df4521c1ae818
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8c0eb5b5b12ffac1ff5dc89cab10bdb8e4be4322
|
|
This patch enables the RSS configuration through vnet/flow interface
With this RSS feature, users can config the RSS functions for specific flows
Currently, it supports:
default, toeplitz and symmetric_toeplitz rss function, and
ipv4-tcp/ipv4-udp/ipv6-tcp/ipv6-ucp flow types
Users can use the following options to combine with above flow
types for more specific hash input set selection:
l3-src-only, l3-dst-only, l4-src-only, l4-dst-only
Command line:
test flow add dst-ip any proto udp rss function default rss types ipv4-tcp use l3-dst-only
test flow add dst-ip any proto udp rss function toeplitz rss types ipv4-udp use l4-src-only
test flow add dst-ip any proto udp rss function symmetric_toeplitz rss types ipv6-udp use l3-src-only and l3-dst-only
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I213efc76dc8af37f2f63605884f353e05b0f5d2a
|
|
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I0f82d937b4829e5a7f074d4d566fa49319a11716
|
|
Bonus corner-case bugfix in bitmap.h, found during the exercise.
Issue dates from 2001 or thereabouts. Please review this specific
change carefully.
lcov_post: filter system include directories and generated files in
build-root
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Iaa0b63e9dc571dfe3d992197ac49ba4d93403c61
|
|
facilitates use of papi beyond the tests.
Type: improvement
Change-Id: I3d502d9130b81a7fb65ee69bb06fe55802b28a27
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I5a73e45e5b8a6a97c068e1ca108d8f8a2c1c0f90
|
|
i2c follows its only use case - the original 82599 driver - into
extras/deprecated.
cj is/was an emergency debug tool unused in several years. Move to
extras/deprecated/vlib
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ib55b65373f62630db295c562974bd8f2456c3107
|
|
vxlan_gpe_init() is already defined in libvnet. When loading ioam plugin
we end up having 2 different objects using the same symbol.
ASan in GCC-10 started to enforce the One-Definition-Rule and it seems
like good hygiene anyway.
Type: fix
Change-Id: I2ea9af1821bca6482a290742e9a109fc25692f37
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: Ic2d9b17cf5e524f3ad2a3c5343fe1230aa360e73
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Idbbad246161d28f595c25e10d7282c8b33fa9876
|
|
Previous behavior worked only when subinterface ID matches with dot1q tag and doesn't work at all in QinQ case.
In this patch I'm checking how subinterface is configured.
Type: fix
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Change-Id: I7a662a0442fdc8e68aba5d6f469f3b1139a4bc2d
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I026f0d8385b538e543bae0c1f7e56e49e4713ba1
|
|
With port overloading, port is no longer a scarce resource and there
is no need to limit connections per internal IP. This saves one hash
insert in slow path.
Type: improvement
Change-Id: I8a7a9713ac855fa99fa1617ec684f757cf6e09ae
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I50df248afb3f6b46c49e6695b3f124cfd584f016
|
|
Use out2in_ed hash table for port overloading tracking instead of
global table. This reduces number of hash insertions in slowpath.
Type: improvement
Change-Id: Iad4e897d52033beb7f6d76a7ddb596eef586c6cb
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Fixes: b86437b79b82493c2e9728929df417f55b153824
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2c833928dcdceb4d23dfc161bcc3358272076980
|
|
interface
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0b7c189006e30a357cd6be4f3c9c61fded4157cb
|
|
Add a suitable ASSERT in the bihash template in case this happens again.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ib370d4238f6bae2995bc30fd17fad5c41053c3d1
|
|
Type: feature
- replace functions for prefixes attached to interfaces
- add ip_interface.[ch] to consoldate the functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9c0c39c09dbf80ea1aadefee02c9bd16f094b6ad
|
|
- restrict the unittests SVM address space to what is supported by ASan
- mark SVM mmap()ed address space accessible for ASan
- SVM shared memory heap scheme means some allocation can happen
outside the current process. Lazily mark those accessible for ASan
Type: fix
Change-Id: I7c196c80b2a5297651d0afa54f1a8e478fcf59b1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I9ec87d2293d8f92c3e488a0f61083cf815ac496c
|
|
It is a bad idea to poison memory after munmap because the address space
can be reused (eg. for global data of dlopen()ed object) and ASan model
allows access by default.
Moreover, access to a stale address space will fault.
Type: fix
Change-Id: I356de422f255447d9d50a3a71fb0c2eaa790d731
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: I3c7ebbe91e7dffe9fd6851e5334fe920f2187cf0
Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
|
|
Previously dslite was moved to separate plugin folder
and CE mode was removed. But it still needed.
This patch adds CE option to separate config entry
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: If153ae08fa385ba5a6605cb412e49bbb4d1db46c
|
|
Template instances can allocate BIHASH_KVP_PER_PAGE data records
tangent to the bucket, to remove a dependent read / prefetch.
Template instances can ask for immediate memory allocation, to avoid
several branches in the lookup path.
Clean up l2 fib, gpb plugin codes: use clib_bihash_get_bucket(...)
Use hugepages for bihash allocation arenas
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I92fc11bc58e48d84e2d61f44580916dd1c56361c
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Change-Id: Ib85c2f01dc7ec9858f2f88b89e209f989d78c5d9
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: If5c00faa309cf3e1ea8bdf8b23250041f6a499c4
|
|
Type: fix
Change-Id: Ib455b0a57f9b4f9cb82bb295c220270d0c6e5fe5
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Id84fbe412c99b39a0754b892ca971dd3e4434264
|
|
Now UDP encapsulation doesn't work in transport mode because:
- the encrypt node misses filling of UDP header and it gets sent with
all zeros;
- the decrypt node misses filling of new IP header and it contains
garbage data.
With this commit, fill UDP header during encryption and fill IP header
during decryption.
Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
When merging proxy groups in igmp_proxy_device_merge_group(), the call
to igmp_proxy_device_merge_src() can end up removing the current proxy
group via igmp_group_clear(). When that happens, it must returns NULL so
that igmp_proxy_device_merge_config() does not send a IGMPv3 report for
a dead proxy group.
Make igmp_group_clear() reset the group pointer to NULL to fix this bug
and to detect similar bugs more easily.
Type: fix
Change-Id: I229e55b5bfa71734d7844893f5209a66fa3cc8ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: refactor
Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Change-Id: I87d301aec20b9f5b34997b394493c796188fce14
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: feature
- move the IP4 code to plugin
- add ip6 support
- add suport for uRPF on TX
- add tests
Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Send dhcp unicast packets to ip4-lookup. Otherwise, these packets
won't reach a dhcp server on a different subnet.
Do an immediate client scan after processing wakeup events.
Calculate the next process wakeup time by scanning all
clients.
Increase maximum (idle, no-clients-configured) timeout to 1000
seconds.
Reduce log spew.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I3d10cd4c353298ed0b19e7e30887dc1d8d07b19e
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ia8656fe2c48799e53c1b2c064009848ad3457659
|
|
Type: refactor
To reproduce functionality, use udp in combination with
TRANSPORT_CFG_F_CONNECTED transport flag set in connect and listen
parameters.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id88470c38326f8168b9646b0de49a674e0f4266f
|
|
Properly close the stream sending side instead of resetting the entire
stream.
Change-Id: I2daca7e507daa7bf9cd6a27fa8828a9ea7d175f9
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: fix
- swipe away the vomit indent left last time.
- add tests for VNIs > 16bit
Change-Id: I2d1f591bfb9d7a18996c38969365a509168d4193
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I58fea0474e293d5e6a029e0dccd4a24b07b76a90
|