aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-07-15nat: fix regarding vm arg for vlib_time_now callElias Rudberg1-1/+2
Change in snat_ipfix_header_create() to use thread-specific vlib_main_t *vm pointer to avoid problems with different threads accessing the same vlib_main_t data structure. This avoids assertion failure when vlib_time_now() is called with a vm corresponding to a different thread. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: I2096c1debb5688d3b97e5ed9a0ea78d94053d8b7 (cherry picked from commit 5556813fb63d28240a17ccf18f947e60c4cbb263)
2020-06-11vppinfra: refactor mpcap.hDave Barach1-1/+1
vppinfra source files MUST NOT #include <vlib/vlib.h>, <vnet/vnet.h> or similar. Move mpcap_add_packet(...), mpcap_add_buffer(...) to a new file: src/vnet/mpcap.h. Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id517aef6fe49b618f853ce32940b91ba45a1e60d (cherry picked from commit 2a41919e39d4672f76a654f30be9c2093cef4fad)
2020-06-11nat: update ip4-udp src port for checksum == 0 pktsDave Barach1-3/+6
Otherwise, the out2in path will discard return-path traffic with probability 1.0. Type: fix Fixes: gerrit 23963 / f126e746fc01c75bc99329d10ce9127b26b23814 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I621ed99329c04ef358035747dde599c0016b58f5 (cherry picked from commit 63c672c440d92cc570c587254afb4167617ec0b7)
2020-06-01ethernet: fix DMAC check and skip unnecessary ones (VPP-1868)John Lo3-39/+68
Fix and optimize DMAC check in ethernet-input node to utilize NIC or driver which support L3 DMAC-filtering mode so that DMAC check can be bypassed safely for interfaces/sub-interfaces in L3 mode. Checking of interface in L3-DMAC-filtering state to avoid DMAC check require the following: a) Fix interface driver init sequence for devices which supports L3 DMAC-filtering to indicate its capability and initialize interface to L3 DMAC-filtering state. b) Fix ethernet_set_flags() function and its associated callback flags_change() functions registered by various drivers in interface infra to provide proper L3 DMAC filtering status. Maintain interface/sub-interface L3 config count so DMAC checks can be bypassed if L3 forwarding is not setup on any main/sub-interfaces. Type: fix Ticket: VPP-1868 Signed-off-by: John Lo <loj@cisco.com> Change-Id: I204d90459c13e9e486cfcba4e64e3d479bc9f2ae (cherry picked from commit 4a302ee7c75f3d4fd1a73a9d1f6c34b3bde8d620)
2020-05-26ipsec: DES/3DES fixing the iv_len for openssl cryptoRajesh Goel1-1/+2
Type: fix Signed-off-by: Rajesh Goel <rajegoel@cisco.com> Change-Id: I8d128598b4c872f19b64c779c19b5908ba2f2c08 (cherry picked from commit d1d90f5951df93625594f1904cddd95880838ff0)
2020-05-25tcp: fix sack block validation on wrapFlorin Coras1-0/+26
Type: fix Fixes: 487507f Ticket: VPP-1879 Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia9813ae09d14111dc8edac0fa6ab082e13ab6e2e (cherry picked from commit 3b9540966f877ae67d374cab334c31bd6e3f8c8b)
2020-05-25srv6-mobile: Update the doc of 20.05 for gtp4.dt and gtp6.dt funcitons.Satoru Matsushima1-5/+64
Document update to reflect merged SRv6 functions into 20.05 of lookup and forwarding for inner IP packet encapsulated with outer IP and GTP-U headers. Type: docs Signed-off-by: Satoru Matsushima <satoru.matsushima@gmail.com> Change-Id: I85c9ddf6bf9fa63f2b8b6e03eff3ecec1e7615ab
2020-05-20nat: fix segv if out of ports in ed modev20.05-rc2Alexander Chernavin2-1/+47
Type: fix Ticket: VPP-1870 Change-Id: Ife726d2f6baaa3516c209011183f39670cf6a55d Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit 88120824acc299a0aec17ce4c208dbc8be394779)
2020-05-20dpdk: fix pktmbuf pool private data initBenoît Ganne1-0/+1
Type: fix Change-Id: I7349840af48eec209532dab43a8ad0bd68993268 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit c32a84c70efb45081568fc8aa5fa1884d74865fe)
2020-05-13sr: fix srv6/srv6-ad/srv6-as promisc mode switchJohn Lo2-6/+22
Calling ethernet_set_flags() to switch interface to/from promiscuous mode must use use hw_if_index instead of sw_if_index. Type: fix Signed-off-by: John Lo <loj@cisco.com> Change-Id: I72da286b913893227e32193ee11fbbc56e04804d
2020-05-13nat: fix broken buildKlement Sekera1-1/+1
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2a70db3a25450e014adaed84989f4da9bb77b14d
2020-05-13nat: fix LRU blocked by inactive sessionKlement Sekera10-161/+391
This fixes a situation where long-lived inactive session blocks LRU list. Solution is to have multiple LRU lists based on session type. This helps because session timeout is same for all sessions of same type. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I5e54b2aab73b23911d6518d42e8c3f166c69a38c
2020-05-13nat: perf improvement - replace branchy codeKlement Sekera32-451/+401
Use a lookup table instead. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia8461099828bb8824bf016201f135e6b69c444d1
2020-05-13nat: handoff next node feature fixFilip Varga7-47/+159
Type: fix Change-Id: I14e323e7bb1db7a3d40668212535c07504374e59 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-05-13ikev2: fix removing of expired SAsFilip Tehlar1-1/+1
Type: fix Change-Id: Idf9b0ffb4e3a0113bece80d1195192bdf46feb89 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-05-12lacp: missing endian conversions for trace packet formatSteven Luong1-2/+2
Fix a couple endian conversions for displaying Marker Protocol packet in the trace Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I746a67fb6143b5ad52bc4af9604ff8760dbdec9b
2020-05-11crypto-native: properly deal with broken or outdated toolchainsDamjan Marion5-42/+54
Avoids crash due to missing symbol, when build system detects toolchain which is not able to produce binaries for all targets we need.... Type: fix Change-Id: I77ee63cb8dca3c9e4e83a6235c60f1439a472444 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-05-09gtpu: fix coverity issueChenmin Sun1-2/+2
Fix coverity issue #210194 in gtpu-decap Type: fix Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I5b172c8494527e7117c4e7e7083a8473165aa40f
2020-05-08docs: fix merge damage in nat.hDave Wallace1-4/+0
Type: fix Fixes: b5a575b09 Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I22d35159a923075243df9760f1a74e2ca74e30e1
2020-05-08nat: fix per thread data vlib_main_t usage take 2Ole Troan7-42/+32
The original fix access vlib_main before these was initialized. Removed cached vlib_mains structure. Type: fix Fixes: 9bb09afb56b1aa787ca574cc732085272059fd5f Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I686bab9220e27891f66bf60489c1602855786aa8 Signed-off-by: Ole Troan <ot@cisco.com>
2020-05-07nat: remove duplicate line of codeKlement Sekera1-1/+0
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I3c914d5c457df40205280ac589a2d353261343d5
2020-05-07nat: fix per thread data vlib_main_t usageFilip Varga9-75/+97
Type: fix Change-Id: If6784c9eb278f525e05304d10fd1a00641faaaf0 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-05-07lacp: fix regarding vm arg for vlib_time_now callsElias Rudberg6-43/+26
Use thread-specific vlib_main_t *vm pointers to avoid problems with different threads accessing the same vlib_main_t data structure. This avoids assertion failure when vlib_time_now() is called with a vm corresponding to a different thread. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: I359596ecff86e03d57aa8d2330f77bf9a913485f
2020-05-07rdma: fix alignment issueDamjan Marion1-2/+2
Type: fix Change-Id: I0ff7a6f3354066c2252c1ebd0d43ac59db278bf0 Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
2020-05-06docs: clean up make docs jobPaul Vinciguerra21-42/+70
Type: docs Change-Id: I9b5e5137eb4c1e89f6e8d7a278cd11a0fd496471 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-05-06crypto: fix coverity issuesFan Zhang1-5/+11
Fix coverity issues in crypto framework and cryptodev engine. Type: fix Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: Ib261da0163c8182c803600db22c5a6dad5a19999
2020-05-06rdma: fix clang buildBenoît Ganne1-2/+9
Type: fix Change-Id: I9b613f0af484f601dd20a851e2f59ee5e06b5c37 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-05-06nat: ipfix logging vlib_mains[thread_index] bugfixElias Rudberg1-16/+16
Use thread-specific vlib_main_t *vm pointers to avoid problems with different threads accessing the same vlib_main_t data structure. This avoids crashing when ipfix logging is enabled and several threads are used. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: Ic1d3d335919d7666ead14be1153eb8c8c07b7356
2020-05-06nat: enable force session cleanupFilip Varga6-142/+236
Force session cleanup drops NAT db. Also fixing user specific cli/api calls. Type: improvement Change-Id: Ia3e25fcf07fe5fb9a83d55c03fe90aca727b41ac Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-05-06nat: fix coverity warningKlement Sekera1-19/+5
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I609fef6f96c6a3fc85a4dc07e75244b0e1ba9239
2020-05-05tests: add test description to quic testsDave Wallace1-0/+24
Type: style Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: Ief894e940a913a4ccf5368a2fdcf5479917f56cb
2020-05-05ipsec: User can choose the UDP source portNeale Ranns1-2/+2
Type: feature thus allowing NAT traversal, Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-05-05ikev2: remove sa from main threadFilip Tehlar1-17/+29
Type: fix Change-Id: Ib73ce48552cfa9e825a6833f5594650783d82f3b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-05-05gtpu: RX offload for IPv6 payload supportingChenmin Sun3-8/+38
this patch adds the offloading capability for the IPv4 GTPU tunnel which the next-node is assigned as IPv6 Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Ie39cd43058d36514656351dc6e906a19d5de89c0
2020-05-05flow: explicitly convert RSS function types in dpdk_pluginChenmin Sun1-1/+34
explicitly convert RSS function types from vnet_rss_function_t to rte_eth_hash_function to avoid these two types go out of sync in the future... Type: fix Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Ic09f6bb7f2cfbcf7cc4d380e51554b7f2b7a3b90
2020-05-05nat: remove unused codeKlement Sekera1-27/+0
Type: refactor Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I33b2b38961b200dc3297b82124a7107b9ecbd0de
2020-05-04session: add option to preallocate fifo headersFlorin Coras2-2/+58
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
2020-05-04ikev2: fix string in apiFilip Tehlar1-1/+1
Type: fix key file name should be a string and not array of u8. Change-Id: I7d280d2397030e73732b374ad9d3146fad0bb19f Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-05-04fib: midchain adjacency optimisationsNeale Ranns2-15/+0
Type: improvement - inline some common encap fixup functions into the midchain rewrite node so we don't incur the cost of the virtual function call - change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header - add adj-midchain-tx to multiarch sources - don't run adj-midchain-tx as a feature, instead put this node as the adj's next and at the end of the feature arc. - cache the feature arc config index (to save the cache miss going to fetch it) - don't check if features are enabled when taking the arc (since we know they are) the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc) for IPSec: - don't run esp_encrypt as a feature, instead when required insert this node into the adj's next and into the end of the feature arc. this implies that encrypt is always 'the last feature' run, which is symmetric with decrypt always being the first. - esp_encrpyt for tunnels has adj-midchain-tx as next node Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-05-04misc: binary api fuzz test fixesDave Barach4-5/+207
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API messages, e.g. by xoring random data into them before processing. We specifically exempt client connection messages, and inband debug CLI messages. We step over msg_id, client index, client context, and sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn anything. The goal is to reduce the number of crashes caused to zero. We're fairly close with this patch. Add vl_msg_api_max_length(void *mp), which returns the maximum plausible length for a binary API message. Use it to hardern vl_api_from_api_to_new_vec(...) which takes an additional argument - message pointer - so it can verify that astr->length is sane. If it's not sane, return a u8 *vector of the form "insane astr->length nnnn\0". Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...) and vl_api_dhcp6_pd_send_client_message_t_handler(...). Add a fairly effective binary API fuzz hook to the unittest plugin, and modify the "make test" framework.py to pass "api-fuzz { on|off }" to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
2020-05-04nat: per vrf session limitsFilip Varga9-29/+310
Type: improvement Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-05-03tests: vpp_interface remove deprecated packed propertiesPaul Vinciguerra2-18/+19
The api no longer requires packed ip addresses. Type: test Change-Id: If67365d86b7c3189f871a58234e99f9c8f875371 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-30hsa: bind af-unix socket only for echo testsFlorin Coras1-60/+77
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6da8cc7c4577d199e9dc0aa52c73b1230a380018
2020-04-30flow: add l2tpv3oip flowChenmin Sun1-9/+45
This patch adds the l2tpv3oip type flow support Have tested on E810 with Intel iAVF driver Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Icb5114b5f70dd7a63f681e7c6ac802fade8b8cf1
2020-04-30crypto: introduce async crypto infraFan Zhang7-9/+1443
Type: feature Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com> Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com> Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
2020-04-30ikev2: use thread local vlib_main in vlib_time_nowFilip Tehlar1-13/+9
Type: fix Change-Id: I8e4a47bd16fa8475ef695c09e3487eabf08faabe Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-04-29misc: switch to clang-9Damjan Marion2-4/+4
Type: improvement Change-Id: Iebf77a63c0c19b130a3fbd26b5293304a9fed4c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-04-29hsa: cleanup ifdefs in sock testsFlorin Coras4-532/+168
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1f03d80c4ee2a555dc6baa262d6df4521c1ae818
2020-04-29flow: explicit rss function enum castFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8c0eb5b5b12ffac1ff5dc89cab10bdb8e4be4322
2020-04-28flow: add RSS supportChenmin Sun4-32/+80
This patch enables the RSS configuration through vnet/flow interface With this RSS feature, users can config the RSS functions for specific flows Currently, it supports: default, toeplitz and symmetric_toeplitz rss function, and ipv4-tcp/ipv4-udp/ipv6-tcp/ipv6-ucp flow types Users can use the following options to combine with above flow types for more specific hash input set selection: l3-src-only, l3-dst-only, l4-src-only, l4-dst-only Command line: test flow add dst-ip any proto udp rss function default rss types ipv4-tcp use l3-dst-only test flow add dst-ip any proto udp rss function toeplitz rss types ipv4-udp use l4-src-only test flow add dst-ip any proto udp rss function symmetric_toeplitz rss types ipv6-udp use l3-src-only and l3-dst-only Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I213efc76dc8af37f2f63605884f353e05b0f5d2a