Age | Commit message (Collapse) | Author | Files | Lines |
|
It is a bad idea to poison memory after munmap because the address space
can be reused (eg. for global data of dlopen()ed object) and ASan model
allows access by default.
Moreover, access to a stale address space will fault.
Type: fix
Change-Id: I356de422f255447d9d50a3a71fb0c2eaa790d731
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: I3c7ebbe91e7dffe9fd6851e5334fe920f2187cf0
Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
|
|
Previously dslite was moved to separate plugin folder
and CE mode was removed. But it still needed.
This patch adds CE option to separate config entry
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: If153ae08fa385ba5a6605cb412e49bbb4d1db46c
|
|
Template instances can allocate BIHASH_KVP_PER_PAGE data records
tangent to the bucket, to remove a dependent read / prefetch.
Template instances can ask for immediate memory allocation, to avoid
several branches in the lookup path.
Clean up l2 fib, gpb plugin codes: use clib_bihash_get_bucket(...)
Use hugepages for bihash allocation arenas
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I92fc11bc58e48d84e2d61f44580916dd1c56361c
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Change-Id: Ib85c2f01dc7ec9858f2f88b89e209f989d78c5d9
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: If5c00faa309cf3e1ea8bdf8b23250041f6a499c4
|
|
Type: fix
Change-Id: Ib455b0a57f9b4f9cb82bb295c220270d0c6e5fe5
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Id84fbe412c99b39a0754b892ca971dd3e4434264
|
|
Now UDP encapsulation doesn't work in transport mode because:
- the encrypt node misses filling of UDP header and it gets sent with
all zeros;
- the decrypt node misses filling of new IP header and it contains
garbage data.
With this commit, fill UDP header during encryption and fill IP header
during decryption.
Change-Id: I87a7bd594f0e312b16d3e5eb19e568b4e3164d36
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
When merging proxy groups in igmp_proxy_device_merge_group(), the call
to igmp_proxy_device_merge_src() can end up removing the current proxy
group via igmp_group_clear(). When that happens, it must returns NULL so
that igmp_proxy_device_merge_config() does not send a IGMPv3 report for
a dead proxy group.
Make igmp_group_clear() reset the group pointer to NULL to fix this bug
and to detect similar bugs more easily.
Type: fix
Change-Id: I229e55b5bfa71734d7844893f5209a66fa3cc8ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: refactor
Change-Id: I9f743ba2818e1b1c5004c3575925cc7b479948d8
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Change-Id: I87d301aec20b9f5b34997b394493c796188fce14
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: feature
- move the IP4 code to plugin
- add ip6 support
- add suport for uRPF on TX
- add tests
Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Send dhcp unicast packets to ip4-lookup. Otherwise, these packets
won't reach a dhcp server on a different subnet.
Do an immediate client scan after processing wakeup events.
Calculate the next process wakeup time by scanning all
clients.
Increase maximum (idle, no-clients-configured) timeout to 1000
seconds.
Reduce log spew.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I3d10cd4c353298ed0b19e7e30887dc1d8d07b19e
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ia8656fe2c48799e53c1b2c064009848ad3457659
|
|
Type: refactor
To reproduce functionality, use udp in combination with
TRANSPORT_CFG_F_CONNECTED transport flag set in connect and listen
parameters.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id88470c38326f8168b9646b0de49a674e0f4266f
|
|
Properly close the stream sending side instead of resetting the entire
stream.
Change-Id: I2daca7e507daa7bf9cd6a27fa8828a9ea7d175f9
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: fix
- swipe away the vomit indent left last time.
- add tests for VNIs > 16bit
Change-Id: I2d1f591bfb9d7a18996c38969365a509168d4193
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I58fea0474e293d5e6a029e0dccd4a24b07b76a90
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ida9daefc20a161b36d6f36c56267123c7f2efc01
|
|
The code sets f->n_vectors = n_to_send, but it can bail out of the
loop if vlib_buffer_copy(...) returns 0.
Need to fix f->n_vectors in the error return path, or we enqueue some
number of 0xfefefefe buffer indices in a debug image or worse in a
production image.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2d886266006c6c1c2f9ef8e3b95eb46ac6c0b3df
|
|
vlib_buffer_copy(...) returns NULL if the system is temporarily out of
buffers.
This is NOT correct. Please don't be this person:
c0 = vlib_buffer_copy (vm, p0);
ci0 = vlib_get_buffer_index (vm, c0);
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ic25ef58965871ea5d2b40904df9506803f69e47e
|
|
Type: fix
the GBP unit tests would peridocially fail. The reason being that there
is dynamic state whose presence nneds to be created, tested and then
timeed out. The failures occurded when the timeout occured before the
state could be tested. the previous timeout was 2 seconds, this has been
doubled, as a result i saw no faliures running continuously for ~16
hours.
bumping the timer increasing the test run time from ~40 to ~53 seconds,
a small price to pay.
in test cases where the state is not timed out i bumped the timer to 60
seconds.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I11b0970570caa8eebf486fe8cd8e44a4b2b1fc36
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Id2d181385f109163d4c806eecda166c2087c4b92
|
|
Type: fix
Change-Id: I5bf8d6043a49985b9241df8ff24774892678b557
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Maintain a global session LRU allowing reuse of expired session instead
of relying on a scavenging mechanism to periodically walk sessions.
Whenever a new session is being allocated in slow path, also attempt to
free an expired session from global LRU list.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9edde9ec138de67c9a4888e915b0490ec16415fa
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1be559a98f74c28a9c83fe320c8ce02459793e66
|
|
Type: fix
Change-Id: I11440c855eb35d2a6095dfe135e4ab5090f11ff3
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
If session is expired, the packet which we just received might be a one,
which legitimely creates a new session, process it in slow path instead
to decide the outcome.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I45628f52d37ae9dee5e8aa58171ff0b86f91f5dd
|
|
Introduce new cli for setting liveness check period and max retries for
a peer to consider its partner dead.
ikev2 set liveness <period-in-seconds> <max-retires>
Type: improvement
Change-Id: Iadae1de245d34fe3ee85e09b570f9df8c401772b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
1. Add uSID function in VNET SRv6
2. Add test case for uSID
Type: feature
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I354fc687192ed713ceb81fccc9f7b69b6777f6f6
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4a3861e31ca42faf0b59f8f09393fb10413bf3af
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7102355b95eefb233ec7d146e61819051a7bf07
|
|
Fix of the top 11 python issues flagged as BLOCKER.
Ticket: VPP-1856
Type: fix
Change-Id: Icf4691e62f4a69d6ee196b6d6e2ab52d961b5c76
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Change-Id: Ia7b07b4ec9e5681946f3f5c01c230c1f814e2cf6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Causes static analysis "vulnerability" warnings
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I272fa69251d70f62178e6dff0423c16f99937af1
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ieb8bb9c6deb92479fdd3e045778fe5ae4782d1ea
|
|
Type: improvement
- allow apps to request rescheduling of tx events via
SESSION_F_CUSTOM_TX flag
- limit max burst per session custom tx dispatch
In tls
- use the new infra to reschedule tx events
- use max burst bytes as upper limit to number of bytes to be encrypted
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I544a5a3337af7ebdff3406b776adf30cf96ebf3c
|
|
Along with related static analysis warnings...
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2c6949c7a2250b8f76a63508c7c210daecfe0f91
|
|
Type: improvement
Change-Id: I9dd850a1ce85b0adb5136233f176117e0ee38817
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I840d43e79b1f826380bd56485441510e45bdfc7f
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia14800710aca7c1bc315b6da3c69d623f79a5b63
|
|
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I8074db3623ee4b37ac70ce8ea0d1912b97e5c059
|
|
DPDK recently added a check in the virtio driver to make sure that
rxmode->mq_mode == ETH_MQ_RX_NONE. We were passing ETH_MQ_RX_RSS
and the device initialization was not accepted.
The reason for the change in DPDK was that there is no controls
(algorithm, redirection table, hash function). So they thought ETH_MQ_RX_NONE
was the best choice for the value of mq_mode.
Type: fix
Ticket: VPP-1853
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ifa0fc4206cedc56a851f94f6434a2a7500bbd419
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia477b8dba9266f47907967e363c11048e5cd95ab
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6aaaec20a2b6d4c6ddfbe659d9402acc1be2f7e2
|
|
An unknown proto packet can be processed as UDP with destination port
rewriting which breaks the original packet.
With this commit, stop processing unknown proto packets after
nat44_ed_out2in_unknown_proto() execution.
Type: fix
Change-Id: Iea93faf3c282f542d5ee7120c15e1027c1e4abc9
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Fix crash when peer tries to build INFO req before key exchange which
results using NULL key pointers for crypto operations.
Type: fix
Change-Id: I20aaf1ce769e4bfb45235047c2dd38307b4e0b59
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Change-Id: I275bbca17c5a0263b3e017b48aa6ccd8f59bc7c3
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
This can be used as alternative to udpc
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic3f7efe6728b25d4a8a0b61ddb36de66b4672c4f
|