summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2021-09-30wireguard: move adjacency processing from wireguard_peer to wireguard_interfaceArtem Glazychev7-233/+123
now we should add routes manually Type: improvement Change-Id: I877511a18854efdfad02939267d38a216b2ccec3 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
2021-09-30nat: doc nitfixesNathan Skrzypczak5-8/+8
Type: improvement Change-Id: I9a4303030b9657c28bbd73168def72c7daa13483 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-29nat: nat44-ed add session timing out indicator in api (2)Alexander Chernavin2-1/+146
Type: improvement Currently, NAT44-ED users sessions details are returned for both active and timed out NAT sessions. It may confuse users that expect to see only active sessions in the response and make them think that timeouts for NAT sessions do not work. With this change, introduce an indicator of timing out for NAT sessions returned in NAT44-ED user session details. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ib4d689f77cec4b0b0cc8484019e13733cc8bdc0d
2021-09-29ikev2: build only when deps requirements are metFilip Tehlar2-113/+5
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I89bcc1ba804ded676b194dbda52704cd0c54a67e
2021-09-28api: API trace improvementsFilip Tehlar3-18/+17
Type: improvement * add support for JSON format in API trace * add ability to replay JSON API trace in both VPP and VAT2 * use CRC for backward compatibility check during JSON API replay * fix API trace CLI (and remove duplicits) * remove custom dump * remove vppapitrace.py * update docs accordingly Change-Id: I5294f68bebe6cbe738630f457f3a87720e06486b Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>
2021-09-28misc: vpe.api messages dynamically allocatedOle Troan2-34/+0
This is the last in the series of moving API messages from vpp/api/vpe.api to vlibmemory/memclnt.api. This patch makes the remaining vpe.api messages dynamic, to help VAT2 binary-api command. Moves the VAT test code to a separate file and removes the now unnused API meta files. Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I01dd78eaff1d3715dff17d2643bf0f7f0089935b Signed-off-by: Ole Troan <ot@cisco.com>
2021-09-28af_xdp: fix init lock for shared txqarikachen1-6/+7
Type: fix Signed-off-by: arikachen <eaglesora@gmail.com> Change-Id: Idb5e66d7a2a7ccb6fb5155341df54586186eb11f
2021-09-28nat: NAT44 ED & EI session filtering CLIJúlius Milan2-15/+103
Improving session filtering capabilities of show nat44 sessions CLI command for EI and ED NAT plugins. Adding filtering options: saddr, sport, daddr, dport, proto for both i2o and o2i flows. Type: improvement Change-Id: I70bc94a2e922cddf9451eb7dcbf4a7be21ebf0df Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-09-28af_xdp: fix free mem in tx while no free slotarikachen1-2/+2
Type: fix Signed-off-by: arikachen <eaglesora@gmail.com> Change-Id: Id305b9d311b2d0d11583db1a14a45d9187a1e628
2021-09-27ikev2: support variable-length noncesBenoît Ganne1-21/+34
IKEv2 nonces can be 16 to 256 bytes. Type: fix Change-Id: Ib332028594355c9e5b462bddb7e4dffbcdc9a927 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-27fib: fix crash on exporter tracker removeVladislav Grishenko1-1/+39
Exported entries are tracked only when the prefix found in the export FIB is really attached, exporter tracker is not set if the export entry is not valid for export, ex. for special FIB entries - default route, zeronet, mcast and broadcast prefixes. When imported entries need to be purged, such unset exporter tracker is being removed by non-initialized index with absent delegate entries, causing corresponding assert and crash. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Ib24a2e7853a03a960577872480213e1e8097da5a
2021-09-27misc: api move continuedFlorin Coras13-15/+13
Move control ping and change dependencies from vpe.api_types to memclnt.api_types Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9f8bc442e28738c48d64d1f6794082c8c4f5725b
2021-09-23wireguard: fix wg-output-tun feature configurationAloys Augustin1-3/+0
The removed code caused the feature to be wrongly removed on the wg interface. Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Change-Id: I998e01ec231527128eaeae78bcc7576ac00e5b12
2021-09-23svm: remove unused fifo functionsFlorin Coras1-3/+3
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4525bc669d1c42c41dbc398cf239a093b6853298
2021-09-22ping: set fib_index for lookup_nodeArtem Glazychev1-0/+1
lookup node uses this field later to set fib_index for buffer Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I993cf80296e1713b4f13fc6ccdf49ebeaf295467
2021-09-21pnat: fix the version of the PNAT plugin from the hardcoded 0.0.1Andrew Yourtchenko1-1/+2
Type: fix Change-Id: I35db6763f3c5bd73169a222a4a93a917e8f468e6 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
2021-09-21session: implement app_ns deletionNathan Skrzypczak1-0/+12
Type: feature Change-Id: If0edbb21a0283d66c648a9e190d238c8cfa56353 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-20hash: add support for hashing infraMohsin Kazmi2-0/+332
Type: feature Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I3652ae275385d9b1eb1b11f418e3a7e5fef2f556
2021-09-17dpdk: enable ENA tx offloadBenoît Ganne1-0/+7
Type: improvement Change-Id: Ic7c2ac4237ecd192def7c3530ae5f788c62cf9ad Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-17vppinfra: move format_table from perfmonNathan Skrzypczak4-373/+1
This code seems really usefull for reuse in other plugins, for pretty table formatting Type: feature Change-Id: Ib5784a0dfc81b7d5a5d1f5ccdd02072e460a50fb Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-17misc: put devtools plugins into separate component/packageDamjan Marion6-3/+18
Type: make Change-Id: I2958e9eddadee6434766ecd3cdb3b9cea742ed64 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-09-17memif: avoid double pool_put on a clib_fileSteven Luong1-1/+2
When memif CP processes the socket connection error, it may go through the following code paths which may eventually cause double pool_put on a clib_file memif_master_conn_fd_error:633 -> memif_disconnect -> memif_socket_close -> memif_file_del_by_index -> clib_file_del_by_index -> clib_file_del -> pool_put After memif_master_conn_fd_error:633, the code continues on memif_maser_conn_fd_error:651 -> memif_file_del -> clib_file_del -> pool_put The fix is to skip calling memif_file_del in memif_master_conn_fd_error:651 if uf->file_descriptor == ~0 to catch problem from all possible paths in memif_master_conn_fd_error Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I0960998db1ff358a8ddd4a5e22188a244eccd270
2021-09-16dpdk: fix checksum offloadFlorin Coras1-2/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I89fb738903ee74ffcb7c77a041391f0388df6991
2021-09-16avf: fix RSS hash keyBenoît Ganne1-4/+11
Toeplitz hash key must respect certain properties, it cannot be purely random. Use the default one from i40e. Type: fix Change-Id: Ic8e67a0426de8adfecc1fcdaa99879e13ae38cc9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-16dpdk: add support for outer udp and ipv4 checksumsMohsin Kazmi3-16/+66
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I10141033030342881298d70742fa5bdea402b4c9
2021-09-13interface: fix init fib_index_by_sw_if_indexNathan Skrzypczak5-26/+0
Type: fix The init of fib_index_by_sw_if_index wasn't setting default value to 0. Which we now need for setting interfaces unnumbered Change-Id: Ie5be9b5e5373ef055557a871ad4d1c45fbfc1dee Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-13snort: fix epoll_wait unsigned return valueTianyu Li1-3/+9
When epoll_wait return -1, access array epoll_events[i] out of bound and lead to segmentation fault. 1. Change return value to signed return value 2. Skip non fatal error e.g. EINTR Type: fix Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I4ece118999402ec6054baf0efb52419151655def
2021-09-13dpdk: fix prefetch assert on ArmTianyu Li1-4/+4
CLIB_PREFETCH (cop[1], CLIB_CACHE_LINE_BYTES * 3, STORE); Note on 64 bytes cache line size arm machines, CLIB_CACHE_LINE_BYTES 128 CLIB_CACHE_PREFETCH_BYTES 6 above CLIB_PREFETCH () macro will be expand to ASSERT ((size) <= 4 * CLIB_CACHE_PREFETCH_BYTES); it will hit assert due to size (i.e. 3 * 128) > 4 * 64 Solution: Change to CLIB_PREFETCH (cop[1], sizeof(*cop[1]), STORE); Type: fix Signed-off-by: Tianyu Li <tianyu.li@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Change-Id: Id0981fd5bd2b25ff71db4197b25578d0b7a9803e
2021-09-09nat: Revert "nat: nat44-ed add session timing out indicator in api"Andrew Yourtchenko2-150/+1
This reverts commit f059a3452c285ec57a75c7b1ede5052244be4e5d, which broke the build. https://s3-logs.fd.io/logs/production/vex-yul-rot-jenkins-1/vpp-merge-master-debian10-x86_64/1344/console.log.gz Change-Id: I16fece8128fa9973495c587d105a8db57738e8f2 Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-09-09srtp: fix header len assertFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie7b04b11987caadde0942483f171a318ce852228
2021-09-09nat: nat44-ed add session timing out indicator in apiAlexander Chernavin2-1/+150
Type: improvement Currently, NAT44-ED users sessions details are returned for both active and timed out NAT sessions. It may confuse users that expect to see only active sessions in the response and make them think that timeouts for NAT sessions do not work. With this change, introduce an indicator of timing out for NAT sessions returned in NAT44-ED user session details. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ib81ed90369d4b495117538f521e5112e289cf7e6
2021-09-09linux-cp: fix non-NULL terminated stringBenoît Ganne1-1/+1
lip->lip_host_name is a non-NULL terminated vector. Type: fix Change-Id: Ic154ad7f57f0b507204e55f78995cc0e89132e57 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-09linux-cp: Complete interface creation logicPim van Pelt6-86/+268
Linux Control Plane interface creation logic is currently only able to create untagged interfaces, and dot1q VLAN sub-interfaces. This change makes it possible to create dot1ad VLAN sub-ints, and Q-in-AD as well as Q-in-Q sub-interfaces as well. It makes the plugin a bit more robust by catching a few common errors, such as creating an lcp on a sub-interface without its parent having one, and creating an lcp on a sub-interface that is not exact-match. This change has a bunch of smaller improvemnets as well. I documented my work in this post: https://ipng.ch/s/articles/2021/08/12/vpp-1.html It shows that after the change is merged, all VPP interface types now create and operate cleanly as LCP interfaces as well. Type: improvement Signed-off-by: Pim van Pelt <pim@ipng.nl> Change-Id: I322669f7316d44c227090b83d6a574fb9c00e76a
2021-09-08linux-cp: fix crash on failed vlib_buffer_copyPim van Pelt1-12/+24
Type: fix Signed-off-by: Pim van Pelt <pim@ipng.nl> Change-Id: I390282ecc63600728cf11413510c0169178e305c
2021-09-08vrrp: fix source address on advertisementsMatthew Smith1-2/+13
Type: fix Advertisements are dropped by anti spoofing check in some situations. When a VR has "accept mode" enabled, we must add the virtual IP addresses to the interface when the VR transitions to master state. When this happens, fib_sas4_get() starts selecting the newly added virtual IP address as the source address for packets sent on the interface, so advertisements are sent with that source address. When the virtual IP address is being used as a NAT pool address on a peer in the backup state, the peer sees the address as a local address and drops incoming advertisements with that source address. RFC 5798 section 5.1.1.1 says advertisements should use the primary IPv4 address of the interface they are being sent on as the source IP address. Since the virtual IP address is only temporarily added while the VR is in the master state, the virtual IP address should probably not be considered the primary address of the interface. The definition of Primary IP Address in section 1.6 says that selecting the first address is a valid selection algorithm. Do that instead of calling fib_sas4_get(). Change-Id: Id92f0e3237c7fd491dd8d695bb27307d494f8573 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-09-08perfmon: sort 'show perfmon bundle' outputZachary Leaf1-0/+11
This patch sorts 'show perfmon bundle' output in alphabetical order. Type: improvement Signed-off-by: Zachary Leaf <zachary.leaf@arm.com> Change-Id: I26b379b5d6766b9f87f9a3a5013ea92b207fb5d4
2021-09-08perfmon: add membw-bound bundleRay Kinsella4-1/+80
Added memory bandwidth boundedness bundle, closely related to cache-hierarchy. This bundle works on ICX only, due to an ICX specific counter. Type: improvement Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: Id385bd5f4e645ac020774e311c623afb64b79b1e
2021-09-08perfmon: adding support for papi TMAMRay Kinsella4-54/+113
Adding support for Linux papi TMAM on Intel Snowridge. Adds the ability to indicate that a bundle should be thread or node bundle type based on available cpu features (rdpmc support). Type: feature Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: Ib871b2644fdb2410fbb580e0d21c3a8e2be13aba
2021-09-08nat: remove unusued parameters and use correct parameter typesKlement Sekera2-20/+15
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I4f7b3d5354a7658d7271c28444f2f4641f05b28b
2021-09-08dpdk: fix coverityMohammed Hawari1-0/+2
Coverity does not seem happy about exotic control flows in switch/case statements Change-Id: Ie006190058f811aacf85125ebc58330d9c53510f Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix Fixes: 0b42ac565b970c186a9ad734f980b440f56fb25b
2021-09-07dpdk: lro supportMohammed Hawari5-19/+110
Change-Id: Ifa09dcdfd567ac3c2afab4bd3bd468260f766e1d Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2021-09-03sr: fixing typo in srv6 End.AS Proxy documentationAhmed Abdelsalam1-2/+2
Type: docs Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com> Change-Id: I0cbc1b21f156425e067e9ce90769a62983ca5d01
2021-09-02nat: NAT44 ED improvements and fixesFilip Varga8-392/+353
Fixed FIB entry per interface, pool and static mapping registrations in NAT control plane. Improved FIB configuration handling in NAT - added functions to generalize handling of FIB & NAT, cleaned up interface callback functions. Changed "is_" macros to inline functions for easier debugging. Type: improvement Change-Id: I68a17761a975dd819139ae94e52a8a85d3f27ffc Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-08-31vmxnet3: set RX interrupt pending only when neededSteven Luong3-6/+59
When an RX thread handles more than one RX queue and has a mix of queues in interrupt mode and polling mode, the RX input routine is naturally in polling mode. In that case, there is no need to set RX interrupt pending when descriptor is available in the queue for interrupt mode. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iedbe57941eca3152c0e8ab9096cc81f315e0a915
2021-08-31flow: add esp spi rss typePiotr Bronowski2-26/+35
Type: feature This patch adds IPsec ESP SPI as RSS key for better IPsec inbound processing scaling. With this feature enabled, The NIC will use the packets' SPI index as the RSS key to distribute them to different queues. The dpdk-input is also updated to support this feature. Sample CLI command to enable Ipsec ESP SPI as RSS key: test flow add src-ip any dst-ip any rss types esp test flow enable eth0 index 0 Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I8b7d01cfc065e9099fad33042ce76898e16ddbf0
2021-08-30tls: use default OpenSSL built-in DH parametersOfer Heifetz1-0/+8
Type: improvement Motivation for this addition is to add support for cipher suites that use Diffie-Hellman Ephemeral (DHE) for key exchange. Using ephemeral DH key exchange yields forward secrecy as the connection can only be decrypted when the DH key is known. Configure OpenSSL to use the default built-in DH parameters for the SSL_CTX object. Change-Id: I31aadad047a6394ddf8bfa08471c239e0d1cd63c Signed-off-by: Ofer Heifetz <oferh@marvell.com>
2021-08-27snort: fix incorrect data length for snort inspectionSivaprasad Tummala1-0/+1
set the right data length to decode the packet properly. Type: fix Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com> Change-Id: I6a35fa54851496d0a958f1a64a547b7f08bb4c19
2021-08-27bufmon: add buffer monitoring pluginBenoît Ganne4-0/+362
This plugin allow to keep track of buffer usage in VPP graph nodes. The main use is to detect buffer leakages. Type: feature Change-Id: Iadcf4ab98207fab6e2fa375060879bc2a25b711e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-08-27snort: fix snort hang issue when interruptedSivaprasad Tummala1-1/+20
fix vpp daq to break out-of-loop when interrupted. Type: fix Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com> Change-Id: I04594a0b872d16f803d7d7c3b7d9bb60e94bc707
2021-08-26ikev2: check for valid cipher + integrityBenoît Ganne1-6/+6
Type: improvement Change-Id: Ic09b2c777a7c82e8d7074164280f817f9141529b Signed-off-by: Benoît Ganne <bganne@cisco.com>