Age | Commit message (Collapse) | Author | Files | Lines |
|
In most cases we only need OpenSSL libcrypto (crypto primitives) but
not libssl (tls).
Type: improvement
Change-Id: I9dce27d23d65bf46aea2d0f8aaf417240701efcc
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
When use update api delete a virtual address, no matter which IP want to delete, always delete the last one.
Type: fix
Signed-off-by: GaoChX <chiso.gao@gmail.com>
Change-Id: Ia67c06dd53a442740794e1884d1a4aaa06965398
|
|
We were creating an additional worker not backed by any VPP threads,
leading off-by-1 access in the session main workers vector.
Also uses vec_elt_at_index() when accessing session main workers vector
elements to catch those errors more easily.
Type: fix
Change-Id: I6059116b7b64ae6b26ad83c1fcf55df8522868ad
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I208724a515c9a38c4032f101bdf73aa87b1c13be
|
|
Previously it was linked and worker properly. While rdma build
was simplified, link was lost so all encrypted data won't pass
via Mellanox interfaces(ipsec, ipip, ssh etc) and NetVSC taps
won't created the right way.
Errors:
mlx5_common: Verbs device not found: 21a5:00:02.0
mlx5_common: Failed to initialize device context.
EAL: Requested device 21a5:00:02.0 cannot be used
Tested on Azure. Same errors appears on physical machine with
Mellanox connect adapter
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Ib68976282e0ed91c016a7318db6b5eddf5510c47
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I3ec857adb3a9e8a778072a202a4d23f4101e83b2
|
|
- load openssl legacy providers during quic init
when building with openssl 3.0 or greater
- re-enable quic 'make test' testcases on
ubuntu-22.04
Type: fix
Change-Id: Icfd429b6bc1bddf9f9937baa44cc47cd535ac5f2
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I2a96ab0dafe4db796704341c325c43a6960be312
|
|
fix memory leak and refactor nat44-ed db init/free through.
how to reproduce memory leak: input "set nat44 session limit
50000 vrf 1" repeatedly.
Program received signal SIGABRT, Aborted.
0x00007ff4b3cc5337 in raise () from /lib64/libc.so.6
(gdb) bt
0 0x00007ff4b3cc5337 in raise () from /lib64/libc.so.6
1 0x00007ff4b3cc6a28 in abort () from /lib64/libc.so.6
2 0x00000000004079db in os_panic () at /usr/src/debug/vpp-23.02/src/vpp/vnet/main.c:417
3 0x00007ff4b43e784f in os_out_of_memory ()
at /usr/src/debug/vpp-23.02/src/vppinfra/unix-misc.c:221
4 0x00007ff4b43a71aa in clib_mem_heap_alloc_inline (heap=0x0, size=27263040, align=64,
os_out_of_memory_on_failure=1) at /usr/src/debug/vpp-23.02/src/vppinfra/mem_dlmalloc.c:613
5 0x00007ff4b43a7256 in clib_mem_alloc_aligned (size=27263040, align=64)
at /usr/src/debug/vpp-23.02/src/vppinfra/mem_dlmalloc.c:635
6 0x00007ff4b522fafa in alloc_aligned_16_8 (h=0x7ff46a7815b8 <snat_main+408>, nbytes=27262976)
at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:59
7 0x00007ff4b522fd12 in clib_bihash_instantiate_16_8 (h=0x7ff46a7815b8 <snat_main+408>)
at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:163
8 0x00007ff4b5230037 in clib_bihash_init2_16_8 (a=0x7ff465f36870)
at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:245
9 0x00007ff4b52300ac in clib_bihash_init_16_8 (h=0x7ff46a7815b8 <snat_main+408>,
name=0x7ff46a754871 "ed-flow-hash", nbuckets=262144, memory_size=0)
at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:260
10 0x00007ff46a7013e8 in reinit_ed_flow_hash ()
at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3264
11 0x00007ff46a7014fd in nat44_ed_sessions_clear ()
at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3299
12 0x00007ff46a701044 in nat44_update_session_limit (session_limit=70000, vrf_id=1)
at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3225
13 0x00007ff46a73d3d1 in nat44_set_session_limit_command_fn (vm=0x7ff473c8f740,
input=0x7ff465f36ef0, cmd=0x7ff474c5ce48)
at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed_cli.c:1638
14 0x00007ff4b5d56527 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740,
cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=97)
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:650
15 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740,
cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=98)
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607
16 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740,
cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=21)
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607
17 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740,
cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=0)
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607
18 0x00007ff4b5d569cb in vlib_cli_input (vm=0x7ff473c8f740, input=0x7ff465f36ef0,
function=0x7ff4b5dc2406 <unix_vlib_cli_output>, function_arg=0)
---Type <return> to continue, or q <return> to quit---
at /usr/src/debug/vpp-23.02/src/vlib/cli.c:753
19 0x00007ff4b5dc7b0c in unix_cli_process_input (cm=0x7ff4b5e4ae00 <unix_cli_main>,
cli_file_index=0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2616
20 0x00007ff4b5dc825a in unix_cli_process (vm=0x7ff473c8f740, rt=0x7ff4797a5280, f=0x0)
at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2745
21 0x00007ff4b5d80a25 in vlib_process_bootstrap (_a=140687718901968)
at /usr/src/debug/vpp-23.02/src/vlib/main.c:1221
22 0x00007ff4b439e298 in clib_calljmp () at /usr/src/debug/vpp-23.02/src/vppinfra/longjmp.S:123
23 0x00007ff4698268a0 in ?? ()
24 0x00007ff4b5d80b4e in vlib_process_startup (vm=0x7ff4b43a77a3 <clib_mem_size+24>,
p=0x7ff4698268d0, f=0x7ff474b1e580) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1246
25 0x00007ff4b5dbdbe6 in vec_max_bytes (v=0x8)
at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:161
26 0x00007ff474b1e598 in ?? ()
27 0x0000000000000004 in ?? ()
28 0x00000000000000ff in ?? ()
29 0x00007ff469826980 in ?? ()
30 0x00007ff4b5dbddcb in _vec_set_len (
v=<error reading variable: Cannot access memory at address 0xfffffffffffffff5>,
len=<error reading variable: Cannot access memory at address 0xffffffffffffffed>,
elt_sz=<error reading variable: Cannot access memory at address 0xffffffffffffffe5>)
at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:196
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb)
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I52a7d229c95e4ab30f7f2cfe574440aa37bed6a2
|
|
After deleting a sw interface with nat44 features, the next created
sw interface will get the same sw_index reused and therefore will
erroneously have the same nat features enabled.
Type: fix
Change-Id: I1d84f842ab7ab2a757668ae1a111efe67e1e924d
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
|
|
Some upon apps(e.g. Nginx-quic) package it's several protocol buffers into a struct msg
which is a combination of gso_buffer and gso_size.
but if HostStack regardless the gso_size to the buffer and split the buffer with default mss,
that cause peer client failed on parsing the package.
Type: improvement
Signed-off-by: Dou Chao <chao.dou@intel.com>
Change-Id: I805eb642be826038ba96d1b85dad8ec0c0f6c459
Signed-off-by: Dou Chao <chao.dou@intel.com>
|
|
Type: improvement
The log buffer and event buffer get lots of messages written like
"Processed 2 messages" by linux-nl when its enabled. This can crowd out
more important messages and should only actually be stored if debug
messages are desired. Change from logging with NL_INFO() to NL_DBG().
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I9055432f7ef35d3e0ad59dce307d2b3c6284002f
|
|
NAT44 enable/disable return status was used
instead of appropriate VNET_API_ERROR_ code.
Type: fix
Signed-off-by: Filip Varga <filipvarga89@gmail.com>
Change-Id: If944866bf3061afdc91284c0ad475135e529bdc4
|
|
Don't redirect to "favicon.ico/index.html" if you can't find
"favicon.ico".
If asked to serve up a nonexistent path, see if the path ends with a
known suffix: ".jpg, .html, .ico" etc. If it does, flunk the request
on the spot: "Error 404 Not Found." Do not issue a redirect.
This change will not break the obvious corner case: if the browser
asks for "its_a_dir.mp3/index.html" - and the file exists - the server
will produce it.
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I91aad90be05b98ba2b40e240d13d71816aed4526
|
|
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0f087477e257f5119d7d6182d19f8796773a1f19
|
|
The request vector generated by hss_ts_rx_callback() must be NULL
terminated.
The hss_main_t use_ptr_thresh member must be a u64 since
unformat_memory_size() expects it. Otherwise, the adjacent u8
enable_url_handlers may have an accident.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2cc08e3cbd31b225fb03799283c055515add13bf
|
|
Add an http redirect template to generate correct-looking "301 Moved
Permanently" replies.
Supply a default value of 1<<31 for the use_ptr_thresh config parameter.
Expose hss_session_get() so friend plugins which register GET / POST
handlers with the http_static server can add data to the session fifos.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ie1452eaf61c6f67311fbab092bc1fe03050bf94f
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I035e3fdbb52eca010ad7b2c20ca2930cb1645978
|
|
Type: improvement
Change-Id: I707399b8ba617a659476bfd7d793f04a1283e694
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
convert vhost device driver to a plugin as described in
https://jira.fd.io/browse/VPP-2065
Type: improvement
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ibfe2f351bcaed36a04b136d082ae414145dd37b5
|
|
Support generic flow in native avf.
Enable necessary RSS hash function for generic flow. Extend some
structures and functions from for FDIR only to for both RSS and FDIR
flows. Modify virtual channel message to align with ice kernel driver.
Add functions to parse generic flow patterns. The parsing results will
be delivered to the kernel driver and create corresponding flow rules.
Type: feature
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: I82ce102a21993f1bae8a8bf23e491d5e1c261f61
|
|
The initiate handshake process can be called a numbers times for each
peers, then the main VPP thread called by Wireguard starting to
allocate memory. This behaviour can lead to out of memory when VPP has
a lot of Wireguard tunnels concurrently.
This fix add mutex to send only once handshake initiate at time for
each peers.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I13b4b2d47021753926d42a38ccadb36a411c5b79
|
|
Also, use connected udp for builtin echo apps
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie24d7e97f4f27b67df9ceff3c268954485255c2d
|
|
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I477e92712e441c91789afdf9be389d967acfa799
|
|
When n_rx_packets is less then 16(VEC256) or 8(VEC128), code execution
will fall into scalar path of processing packets. But with a wrong
initialization value for n_left set to zero, i in the for-loop will
equal to n_rx_packets. This leads to the bypass of required ip4 checksum
validation and byte count endianness conversion in scalar path.
Besides, refactor the code using while instead of for-loop to keep
consistency with VPP code style.
Type: fix
Fixes: bf93670c515d ("rdma: fix ipv4 checksum check in rdma-input node")
Signed-off-by: Lijian Zhang <lijian.zhang@arm.com>
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Ib4e8cb5202735f8b060c99caddf26035657551e1
|
|
Type: fix
Fib entries for attached routes when sourced from
FIB_SOURCE_API or FIB_SOURCE_CLI
get the FIB_ENTRY_FLAG_ATTACHED flag raised on the source.
Such a route added from linux-cp doesn't get this flag.
Fix this flag for linux-cp sources by passing it to the
fib entry's update/create function in lcp_router_route_add().
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Change-Id: I24278ef86886cfee8a14acb250fb6992a754cc3c
|
|
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: Icb5450f4bd0eaef7684eb7e3816d1d6051e889d7
|
|
We add the crypto key to the vnet crypto library via vnet_crypto_key_add.
However, when the session is disconnected, we don't call
vnet_crypto_key_del and the memory is leaked in vnet_crypto library
as well as in pico tls key store.
It seems dispose crypto is the appropriate place to add
vnet_crypto_key_del.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: If6d1266baf686fefe5bb81330ce60b35c8ff574e
|
|
the batch
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Icd1e43a5764496784c355c93066273435f16dd35
|
|
Plugin checks just for AVX2 instruction set, while the v1.3 of IPsec
Multi-Buffer library checks for both AVX2 and BMI2 sets during init.
VirtualBox VM doesn't provide BMI2 by default to guest operating system.
Result is that VPP plugin decides to use AVX2 initialization and library
then doesn't do it. Since flush_job remains empty, the self-check fails
and with that the whole VPP crashes on start-up.
Type: fix
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: I6b661f2b9bbe6dd03b499c55c38a9b814e6d718a
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I572017433a1ba0f8576522f02138928e303e10ab
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I15fea1f90640ea54cafe3ea929e871ec6e86fc67
|
|
need free args.error if args.rv < 0
Type: fix
Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: I8ceebfc36f51798d8d1a8e4c41bec33d74344396
|
|
Type: feature
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I0738c0aefb41ab6c0ff717cfccd1df75ddb481fa
|
|
Type: fix
Signed-off-by: Filip Varga <filipvarga89@gmail.com>
Change-Id: I1f5069df2dc743ecd1269e947dd375cb1b84970f
|
|
End.AD.Flow localsid
Type: fix
Signed-off-by: ChinmayaAgarwal <chinmaya.agarwal@hsc.com>
Change-Id: Ifad23978b98c5e05d86f6254bfb65baa0b380436
|
|
API refactoring moved the address-family tag from rule
level down to prefix level.
This necessarily warrants the check that they are the same.
Also, add a check that the address family is sane.
Change-Id: Ia63b688cc9e7c9e9cc773e89708d9e9f99185fb7
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I620447c9aa8606a125063cdd724bfe74f8a870f6
|
|
Each NAT44 ED session has a per_vrf_sessions_index referencing
an element in the thread-local vector per_vrf_sessions_vec.
However this index can be possibly invalidated by vec_del1() in
per_vrf_sessions_cleanup(), before a session is registered.
Such a stale index can cause an assertion failure in function
per_vrf_sessions_is_expired() when we use it to locate the
per_vrf_sessions object.
A possible sequence to reproduce is:
1. Create two NAT44 ED sessions s1, s2 so that two per_vrf_sessions are created:
index 0: between VRF pair 10 and 11 (expired=0, ses_count=1)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s1->per_vrf_sessions_index == 0
s2->per_vrf_sessions_index == 1
2. Delete the first session via CLI, now the two per_vrf_sessions become:
index 0: between VRF pair 10 and 11 (expired=0, ses_count=0)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s2->per_vrf_sessions_index == 1
3. Delete the VRF 11:
index 0: between VRF pair 10 and 11 (expired=1, ses_count=0)
index 1: between VRF pair 20 and 21 (expired=0, ses_count=1)
For the sessions we have:
s2->per_vrf_sessions_index == 1
4. Create a new session s3 between VRF pair 20 and 21 so that the first
per_vrf_sessions will be deleted:
index 0: between VRF pair 20 and 21 (expired=0, ses_count=2)
For the sessions we have:
s2->per_vrf_sessions_index == 1
s3->per_vrf_sessions_index == 0
Here, note that the actual index of per_vrf_session is changed due
to vec_del1(). The new session is added after the cleanup so it gets
the correct index. But the index held by the existing session is not
updated.
5. Trigger the fast path of the session s2. To achieve this, session
s2 could be created in step 1 by
ping -i20 -Iiface_in_vrf_10 1.1.1.1
and steps 2-4 should then be performed within the 20-second interval.
This patch fixes this by changing per_vrf_sessions_vec to a pool so
that indicies are kept intact.
Type: fix
Signed-off-by: Jing Peng <jing@meter.com>
Change-Id: I4c08f9bfd50134bcb5f08e50ad61af2bddbcb645
|
|
fix byte order error about the struct snat_address_t's member net.
for example configurations:
set interface ip table loop1 1
set interface ip addr loop1 10.10.10.2/24
nat44 add address 10.10.10.2 tenant-vrf 1
the snat address's net should be "as_u8 = {0xa, 0xa, 0xa, 0x0}",
but now it's "as_u8 = {0x0, 0xa, 0xa, 0x2}" because of missing
transition of byte order about the member net of snat_address_t.
(gdb) p/x *snat_main->addresses
$3 = {addr = {data = {0xa, 0xa, 0xa, 0x2}, data_u32 = 0x20a0a0a,
as_u8 = {0xa, 0xa, 0xa, 0x2}, as_u16 = {0xa0a, 0x20a},
as_u32 = 0x20a0a0a}, net = {data = {0x0, 0xa, 0xa, 0x2},
data_u32 = 0x20a0a00, as_u8 = {0x0, 0xa, 0xa, 0x2},
as_u16 = {0xa00, 0x20a}, as_u32 = 0x20a0a00},
sw_if_index = 0x3, fib_index = 0x1,addr_len = 0x18}
(gdb)
Type: fix
Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
Change-Id: I4f25f0639ae90a7f2e8715b44f825571283d994d
|
|
When echo client fails to connect to remote, it should quit.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I787423bdc61a58eea48bab7bd8b73137626c02b4
|
|
Type: refactor
1) Removed deprecated API.
- These specific APIs do not have repleacement
because features that they controled
aren't part of current NAT44-ED
implementation anymore.
2) Removed unused typedef of port allocation funciton.
- Missed left over removed.
Change-Id: Ib3f763449065eda7cdcb2c6565a9cae51baf23d6
Signed-off-by: Filip Varga <filipvarga89@gmail.com>
|
|
_clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fffb3a7e1b5 "%s:%d (%s) assertion `%s' fails") at src/vppinfra/error.c:143
mbedtls_ctx_get (ctx_index=0) at src/plugins/tlsmbedtls/tls_mbedtls.c:114
tls_ctx_get (ctx_handle=536870912) at src/vnet/tls/tls.c:310
tls_app_session_cleanup (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/tls/tls.c:624
app_worker_cleanup_notify (app_wrk=0x7fffbef95f80, s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/application_worker.c:445
session_cleanup_notify (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/session.c:262
session_free_w_fifos (s=0x7fffbf102040) at src/vnet/session/session.c:268
session_delete (s=0x7fffbf102040) at src/vnet/session/session.c:287
session_transport_delete_notify (tc=0x7fffbdf63c40) at src/vnet/session/session.c:1159
tcp_handle_cleanups (wrk=0x7fffbef46d40, now=133.30033046694487) at src/vnet/tcp/tcp.c:1298
tcp_update_time (now=133.30033046694487, thread_index=2 '\002') at src/vnet/tcp/tcp.c:1309
session_update_time_subscribers (smm=0x7ffff7f75ce0 <session_main>, now=133.30033046694487, thread_index=2) at src/vnet/session/session_node.c:1817
session_queue_node_fn (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, frame=0x0) at src/vnet/session/session_node.c:1934
dispatch_node (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT, dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0, last_time_stamp=4722227957546624) at src/vlib/main.c:960
Putting a breakpoint in gdb, I found out ctx was free in mbedtls_app_close.
Looking at app_close function in picotls and openssl, I don't see they
free ctx and they don't crash when processing cleanup. I am inclined to
think that mbedtls_ctx_free should not be called in mbedtls_app_close
at src/plugins/tlsmbedtls/tls_mbedtls.c:92
at src/plugins/tlsmbedtls/tls_mbedtls.c:559
at src/vnet/tls/tls.c:360
thread_index=2) at src/vnet/tls/tls.c:762
conn_index=536870912, thread_index=2 '\002')
at src/vnet/session/transport.c:332
at src/vnet/session/session.c:1608
elt=0x7fffbdfef3dc)
at src/vnet/session/session_node.c:1672
node=0x7fffbe0b1340, frame=0x0)
at src/vnet/session/session_node.c:1966
node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT,
dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0,
last_time_stamp=4721919444027682)
at src/vlib/main.c:960
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic5c13e659aee618c8accee42af9f40931b62f467
|
|
Type: fix
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: I03cbd05d6d887d2ce8e7b7d20522e04012c5fe7a
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia03c3fe0ca669b319dec8decd503254d0a95e58b
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia2c771cbf826526d2d06b6da022509ab02917350
|
|
Fix initialization of the table u32 var which is leading to the incorrect
unformat of interface map type
Type: fix
Signed-off-by: Miguel Borges de Freitas <miguel-r-freitas@alticelabs.com>
Change-Id: I1e56acd0e4c735df755e85b172bb6623bf47a57b
|
|
CQE flags located in bits 16-31 at offset 0x1c should be defined as
actual numbers instead of indexes. Besides, L3 header type for IPv4 is
10(2 in decimal) and for IPv6 is 01(1 in decimal) according to CQE entry
fields description of page 120 in Mellanox Programmer Reference Manual.
(https://network.nvidia.com/files/doc-2020/ethernet-adapters-programming-manual.pdf)
Fixing this issue will lead to correct CQE flags printing for rdma-input
node when buffer trace is enabled.
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I9b578ca5cbd8cd93a577aa83131e31c79f60430e
|
|
- cqe_flags pointer should be incremented accordingly otherwise only the
first element in cqe_flags will be updated
- flag l3_ok should be set for match variable when verifying if packets
are IPv4 packets with flag l3_ok set
- mask/match variables should be converted to network byte order to
match the endianness of cqe_flags
- vector processing of checking cqe flags will set return value to
0xFFFF by mistake if packet numbers are not multiple of 16(VEC256) or
8(VEC128)
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I9fec09e449fdffbb0ace8e5a6ccfeb6869b5cac1
|
|
The documentation for the cnat plugin is highly outdated specially on
the snat section.
Type: docs
Signed-off-by: Miguel Borges de Freitas <miguel-r-freitas@alticelabs.com>
Change-Id: I30b0c6295d3c812b636374753af3c37f29b0cc53
|