summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-10-14crypto: fixed ipsec_mb lib dependenciesPiotrX Kleski1-15/+0
Type: fix This patch re-enables libIPSec_MB build for the ipsecmb crypto engine plugin. Also since DPDK meson build relies on system installed libIPSec_MB.so that may be inconsistent with VPP compiled one (system installed version vs VPP locally compiled version for example), this patch also disables all libIPSec_MB dependant PMDs from DPDK build. Also ipsec-mb version is incresed to 0.54. Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Reviewed-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I2ff9e7cd0c35cff9fa642895301a26a5350ea94e
2020-10-14nat: Fix ICMP bypass session creationVladimir Isaev1-0/+6
After get_icmp_o2i_ed_key() bihash key may include IP protocol and addresses from inner ICMP packet. It is OK for session lookup, but we should not create a session on ICMP error message receiving. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: Ic93272ebe90d2288a975265439f9e079eb28936a
2020-10-14cnat: Fix backend LBNathan Skrzypczak1-1/+1
Type: fix Change-Id: I4ea263270bcc38e505e88d512acacef7439f3823 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-10-13stats: counters data modelOle Troan7-89/+131
This adds a new data model for counters. Specifying the errors severity and unit. A later patch will update vpp_get_stats to take advantage of this. Only the map plugin is updates as an example. New .api language: A new "counters" keyword to define counter sets. counters map { none { severity info; type counter64; units "packets"; description "valid MAP packets"; }; bad_protocol { severity error; type counter64; units "packets"; description "bad protocol"; }; }; Each counter has 4 keywords. severity, which is one of error, info or warn. A type, which is one of counter64 or gauge64. units, which is a text field using units from YANG. paths { "/err/ip4-map" "map"; "/err/ip6-map" "map"; "/err/ip4-t-map" "map"; "/err/ip6-t-map" "map"; }; A new paths keyword that maps the counter-set to a path in the stats segment KV store. Updated VPP CLI to include severity so user can see error counter severity. DBGvpp# show errors Count Node Reason Severity 13 ethernet-input no error error Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ib2177543f49d4c3aef4d7fa72476cff2068f7771 Signed-off-by: Ole Troan <ot@cisco.com>
2020-10-13ikev2: fix initial contact cleanupFilip Tehlar2-306/+562
When looking for existing SA connection to clean up search all per thread data, not only current one. Type: fix Change-Id: I59312e08a07ca1f474b6389999e59320c5128e7d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-13ikev2: fix coverity warningFilip Tehlar1-5/+21
Type: fix Change-Id: Iee96b3ea3e71ec248c3c3c98d153a08372b5faf0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-13ikev2: fix memory leak in auth routineFilip Tehlar1-0/+4
Type: fix Change-Id: I93529b069925fcef32cdb22e27975b802b4c3b97 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-12misc: clang-11 and gcc-10 supportDamjan Marion2-3/+3
clang-11 complains: error: field 'buffer_template' with variable sized type 'vlib_buffer_t' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end] Type: improvement Change-Id: I2cb6b4fde723a05b42cf33dd8130df074f0362ab Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-12nat: set fib index for bypass sessionVladimir Isaev2-1/+2
Bihash key already contains rx_fib_index for lookup but fib value for session itself is set to 0. In the result bihash is allocated with key with fib index set, but free function is looking for key with fib index set to zero. It leads to use-after-free because session itself is removed from pool but bihash is not because of key mismatch. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I8ac5a41b0a5a32b1baab9e9d757141d5b24b7798
2020-10-12lldp: fix typo in mac address constantDmitry Vakhrushev1-1/+1
Type: fix Fixes: 149fd3fbd069a5f7be86e68472578ee7af229cb6 Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com> Change-Id: I06956f3ed3689172c3682d6b707991613255cabd
2020-10-12lldp: fix memory leakageDmitry Vakhrushev1-6/+16
1. Typo in usage of vnet_hw_interface_add_del_mac_address(), which returns 0 when it succeeds instead non zero value. 2. Generated error doesn't clean allocated resources for an interface. 3. Returned value from vnet_hw_interface_add_del_mac_address() should be erased or reported. Type: fix Fixes: 149fd3fbd069a5f7be86e68472578ee7af229cb6 Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com> Change-Id: Ia6b28ae70fea127d15eb0102223ff972358766bc Signed-off-by: Dmitry Vakhrushev <dmitry@netgate.com>
2020-10-09avf: add add_del_mac_address handlerDamjan Marion2-33/+89
Type: improvement Change-Id: I4d0b1cd87cf2f58a653f40a300da4b7a43348a06 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-09acl: move nonip nodes to separate fileDamjan Marion3-221/+296
Type: refactor Change-Id: Idcef8effa86d6421e4b3e5f747695ddb2982e78f Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-09wireguard: park the timer processDave Barach5-2/+68
Until the feature is configured. It would make sense to push more of the feature init code into the newly-added wg_feature_init() function. This patch fixes a severe hemorrhoid. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I87095575363baa41407dd52492159a7b8c2899e7
2020-10-09nat: ipfix logging separation & refactorFilip Varga14-263/+240
Type: refactor Change-Id: I8785e4987e4f60361072440d0c3c6954c9c12394 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-10-08interface: shorten vnet_hw_if_rx_modeDamjan Marion5-10/+10
This is part of bigger refactor. Type: refactor Change-Id: I6fc2c0a1e2d217a70952901bcf775b8485bd3c20 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-08nat: use proper type for countersKlement Sekera1-2/+2
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I330822c5d675cdfa57ab75ceb0223f11e0ebb7d2
2020-10-07misc: Purge unused pg includesNeale Ranns41-41/+0
Type: style Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I26a19e42076e031ec5399d5ca05cb49fd6fbe1cd
2020-10-07nat: move nat64 to a subfeatureFilip Varga21-2636/+3607
Type: refactor Change-Id: I3b9e17164647d2019b1f40cffeed63393345219e Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-10-07nat: det44 plugin fix style and api cleanupFilip Varga3-18/+22
Type: refactor Change-Id: I3c5ca31de8046b82fb3d3f364ba88370fe51ef02 Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-10-06feature: Add packet trace APIJon Loeliger9-4/+1036
Also spiffed up the vpp_api_test plugin loader so it executes VLIB_INIT_FUNCTIONs and VLIB_API_INIT_FUNCTIONs. Type: feature Change-Id: Id9a4f455d73738c41bcfea220df2112bb9679681 Signed-off-by: Jon Loeliger <jdl@netgate.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2020-10-05ikev2: support ipv6 traffic selectors & overlayFilip Tehlar11-380/+695
Ticket: VPP-1917 Type: feature Change-Id: Ie9f22e7336aa7807b1967c48de9843df10fb575c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-02lldp: set interface MAC address when enabledKlement Sekera3-10/+28
Type: improvement Change-Id: I4f2dc4e4c1c467fb9acd0fed231c56fcd54c8da9 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-10-02memif: map shared memory with clib_mem_vm_map_shared(...)Damjan Marion1-10/+25
Type: improvement Change-Id: I91031d56aae884a0a42fca343a2fc24c442b1da8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-02nat: add dummy nat_ha_resync() to avoid missing symbol errorsDamjan Marion1-0/+7
Type: fix Change-Id: I288e93da192cf48b3d774e36584d471d4daa2727 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-02ikev2: fix leaking pending INIT requestsFilip Tehlar1-0/+16
.. when associated profile is deleted. Type: fix Change-Id: Ib05831d79b3b58664ee0a930960513fd465373bf Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-02dpdk: split PCI blacklist rte_eal args from startup.confVladimir Ratnikov1-2/+3
Type: fix Fixes: ed04407829728c5d258b6600155edabd5198d971 Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I5aebcba7b97db758310042fd446328ee8f691641
2020-10-02ikev2: fix cli memory leakBenoît Ganne1-30/+40
Type: fix Change-Id: Ibdd83fa336427ec0c66224ecebb1b6bd36d1d1ba Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-09-30ikev2: fix issue when decrypting packet with no keysFilip Tehlar1-1/+1
Type: fix Change-Id: I0e615d5089587992012a0f280ee902b2906f21c2 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-10-01ikev2: refactor ikev2 nodeFilip Tehlar1-407/+359
Type: refactor Change-Id: I65acbd5d9724c500a24699de973df08016d9d8d6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30ikev2: better packet parsing functionsFilip Tehlar7-274/+596
Ticket: VPP-1918 Type: improvement Change-Id: I2bc3e30121697404dcd54f1c2127bd85ccc1029e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30ikev2: show IKE SA command improvementsFilip Tehlar1-95/+169
Ticket: VPP-1898 Type: improvement Change-Id: I1c56df331965c733a2d0eae63a12d5a4ee5a2e41 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-30avf: check duplicate pci address upon create interfaceSteven Luong1-0/+13
Entering duplicate pci address when creating an avf interface causes crash in register_node (gdb) f 4 145 error_exit (1); (gdb) up 354 clib_error ("more than one node named `%v'", n->name); (gdb) p n $1 = (vlib_node_t *) 0x7fffbbe55de4 (gdb) p n->name $2 = (u8 *) 0x7fffbc410b10 "avf-0/4/a/0-tx" (gdb) The fix is to loop through the pci addresses in the avf interface pool and to reject the duplicate. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I4ed6fb630fb11982d85c5bb325d9f0d6beeaf023
2020-09-30wireguard: fix udp-port registrationArtem Glazychev2-3/+10
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I698ef299316004b797da1e74b64d067caac4bd2d
2020-09-29hsa: fix coverity warningFlorin Coras1-3/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I046e5aa90016e45b5cbaec12593ba4ac7a659783
2020-09-29ikev2: fix false positive NAT detectionFilip Tehlar1-18/+13
Type: fix Change-Id: Id7f865f537c55d00a784eec51624ba28e903a083 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-09-29vcl svm: provide apps access to fifo chunksFlorin Coras2-7/+21
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2191b8594b1e87ecc00f237316457db249f73603
2020-09-29wireguard: fix license headersArtem Glazychev13-2/+25
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: If5cc8894e0d1785dd04ab1e460e017580c9b41ce
2020-09-29wireguard: fix indentsArtem Glazychev1-21/+35
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I84cd7b08eac62160cf407409d32dd40cec7ae9d6
2020-09-29wireguard: readme fixArtem Glazychev1-36/+17
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I0080a158fc3e17dfdd360f6ba164e3bfa3d585a6
2020-09-29dpdk: fix compileFan Zhang2-51/+15
Type: fix Since DPDK is now compiled by meson but some compiles in VPP is missing. This patch fixes that. - Fixes QAT PMD not compiled. QAT meson compile, even for sym crypto PMD, is happened in drive/compress/qat. Originally all PMDs in compressdev is disabled by default. This patch fixes that. - Fixes DPDK plugin version detection. DPDK meson build generates rte_build_config.h, which containing all version information in build-dpdk instead of rte_config.h in make. This patch uses the file to detect version data. - Removed SW crypto PMD auto-creation in cryptodev engine. In case the AESNI-MB PMD required shared library is missing. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I7cd91abb5de303ff5e4c55cd05e011b57f883524
2020-09-29avf: validate queue size configSteven Luong3-13/+52
Check CLI queue size is within the range of 64 and 4096 Enhance show hardware to display queue size and number of queues. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I360e3cdb2e69e4ea7380ed924e71a5ae84ed4b64
2020-09-28ikev2: fix memory leaksBenoît Ganne2-3/+21
Type: fix Change-Id: I5be19a4923b37e2636621d36155178ac348ee41c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-09-28quic: Fix protip #47 / unformat (input_line)Nathan Skrzypczak1-19/+41
Type: fix Change-Id: Id03f50c46d28c850865cc76692424d063a0c2cfb Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-27cnat: fix cnat_translation_cli_add_delDave Barach1-12/+24
Make the command scriptable, use unformat_line_input. "paths" never needed to be a pool, it's used as a vector. Pools *are* vectors so no harm but... use vec_add2(...) instead. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I65b42de77c3c17f532443319d8a5a15a0a930d66
2020-09-27cnat: fix session scanner restart pointDave Barach1-1/+1
Restart point saved by caller, do not restart at i=0. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I36b7570085c4cbe84cea24339ae579e1fc906af8
2020-09-25cnat: Add DHCP supportNathan Skrzypczak11-109/+716
Type: feature Change-Id: I4bd50fd672ac35cf14ebda2b0b10ec0b9a208628 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Introduce parametric source policyNathan Skrzypczak13-244/+445
Type: feature Change-Id: I60ae9dd1c100b587d1902a20596b99a5c8a95df7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Add support for SNat ICMPNathan Skrzypczak7-143/+461
Type: feature snat supports : * echo request/reply by allocating an identifier when translating echo requests * icmp errors in the same manner as dnat Change-Id: I684e983b0181f95c5eace5a984d40084e5625fa4 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-25cnat: Ip ICMP error supportNathan Skrzypczak6-165/+557
Type: feature Add CNAT translation for ICMP 4 & 6 errors inner packet will be translated according to existing sessions. Change-Id: If118751988f44ef96b800878596296d1ab8ab6f8 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>