summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2022-05-16acl: memory leak in acl_fa_session_cleaner_processSteven Luong1-0/+1
The statement pw0->pending_clear_sw_if_index_bitmap = clib_bitmap_dup (pw0->serviced_sw_if_index_bitmap); will cause pw0->pending_clear_sw_if_index_bitmap's previous vector to be gone. Need to free it prior to calling clib_bitmap_dup() Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I20de780e73daea7be17efa0bf660af2592cd4680
2022-05-16flowprobe: add api messages to obtain current stateAlexander Chernavin3-6/+383
Type: improvement With this change: - add dump/details messages to obtain interfaces for which IPFIX flow record generation is enabled; - add get message to obtain parameters; - add a new message to set parameters with validation present and to correspond with get/set naming; - add tests for get/set parameters and dump/details interfaces. Change-Id: I09f6ec990171ac8bcb9d2f5c92629803b8ab6c28 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2022-05-16vlib: exec cli line-by-line processing and script updatesDamjan Marion4-78/+78
Type: improvement Change-Id: I82e7c0acc547794bcc7c42f4b8881a8251bf7a9b Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-05-13dpdk: fix overflow in mtu arithmeticMohammed Hawari2-2/+2
When the driver's max_rx_pktlen is >= 65536, max_supported_frame_size overflows and queue creation fails. Change-Id: If78707cb698adf8619ec44a852dd05d570917577 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix
2022-05-13flowprobe: add support for reporting on inbound packetsAlexander Chernavin7-91/+441
Type: feature Currently, the plugin supports only IPFIX flow record generation for outbound packets. With this change: - add a new API message for enabling the feature on an interface that accepts direction (rx, tx, both); - update existing debug command for feature enabling to accept direction; - update existing debug command for showing currently enabled feature on interfaces to display direction; - update templates to include a direction field; - generate flow records on the specified direction and data path; - report direction in flow data; - update tests to use the new API; - add tests for inbound flows. Change-Id: I121fd904b38408641036ebeea848df7a4e5e0b30 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2022-05-12pnat: add support to wildcard IP Protocol field if not specifiedFahad Naeem4-4/+39
- add pnat_binding_add_v2 which explicitly requires match mask to set to PNAT_PROTO if we want to match on IP Protocol - fix pnat_binding_add backward compatibility i.e. no need to set match mast to PNAT_PROTO Type: improvement Signed-off-by: Fahad Naeem <fahadnaeemkhan@gmail.com> Change-Id: I5a23244be55b7d4c10552c555881527a4b2f325f
2022-05-11dpdk: clear the RTE_MEMPOOL_F_NON_IOMohammed Hawari1-0/+3
This mempool flag should be cleared when the mempool is populated, to reproduce the behaviour of rte_mempool_populate_iova in DPDK 22.03 Change-Id: I4c0e07efca9df2e472e8e393689127c01cf66da2 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix Fixes: 2f132efc3cafde5a0dd01ef8a91606528970cdf7
2022-05-10tests: replace pycodestyle with blackKlement Sekera18-709/+1061
Drop pycodestyle for code style checking in favor of black. Black is much faster, stable PEP8 compliant code style checker offering also automatic formatting. It aims to be very stable and produce smallest diffs. It's used by many small and big projects. Running checkstyle with black takes a few seconds with a terse output. Thus, test-checkstyle-diff is no longer necessary. Expand scope of checkstyle to all python files in the repo, replacing test-checkstyle with checkstyle-python. Also, fixstyle-python is now available for automatic style formatting. Note: python virtualenv has been consolidated in test/Makefile, test/requirements*.txt which will eventually be moved to a central location. This is required to simply the automated generation of docker executor images in the CI. Type: improvement Change-Id: I022a326603485f58585e879ac0f697fceefbc9c8 Signed-off-by: Klement Sekera <klement.sekera@gmail.com> Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-05-10nat: improve icmp type detection performanceKlement Sekera1-12/+10
Replace code with branchless code. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic38a20ad33483c1c26f90a927f8b963b0ead4a87
2022-05-05rdma: two small improvements for rdma interfaceJieqiang Wang2-5/+5
- fix branch prediction for checking rdma ERROR flag - add the missing right angle bracket to help message Type: improvement Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I2ce667631b3e3f60939069e2a16ddba0ff12a695
2022-05-02vapi: support api clients within vpp processOle Troan2-1/+104
Add vapi_connect_from_vpp() and vapi_disconnect_from_vpp() calls to allow API clients from within VPP process. Add a new memclnt_create version that gives the user a knob to enable or disable dead client scans (keepalive). Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Id0b7bb89308db3a3aed2d3fcbedf4e1282dcd03f Signed-off-by: Ole Troan <ot@cisco.com>
2022-05-02dhcp: fix dhcp_compl_eventJing Peng1-3/+5
This patch fixes two problems: 1. The lease field in the dhcp_compl_event message can include a list of vl_api_domain_server_t structs, but no memory is allocated for it. 2. The DNS server address is not copied properly, resulting in wrong IP4 addresses in the event message. Type: fix Signed-off-by: Jing Peng <pj.hades@gmail.com> Change-Id: I42c533e7af697568c69714011d983f88368a7e15
2022-04-28wireguard: Document wireguard async mode defaultJon Loeliger1-2/+2
Type: improvement Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I446eb86c097d1bf99f05ee47f1c550689d70ced2
2022-04-28af_xdp: more meaningful frame_size error messageBenoît Ganne1-0/+14
Type: improvement Change-Id: If3a83848ae0741334887c654b65e424b99caa73c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-26linux-cp: sync addr and neigh only for lcp interfacesStanislav Zaikin1-3/+30
Type: fix Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com> Change-Id: I792467b73449074e59c4232b1f82d134c399624c
2022-04-26flow: enable RSS queue group action for 5G enhancementTing Xu1-0/+23
Enable the flow action for RSS queue group. Packets can be distributed among queues in group based on specific fields. Queues must be continous in the group. This feature is to support 5G enhancement requirement. Type: feature Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: I74fdc617659bcb61f00b3b1934c95ab1c73bb8f3
2022-04-21hsa: vcl test client epoll worker loopFlorin Coras3-15/+301
Supports more connections and track connect time. Can be used to measure CPS. Only works in unidirectional mode for now. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I70bc6a271996407dd16a96115f509bd680a0f302
2022-04-21nat: tweak rfc7857 tcp connection trackingOle Troan4-292/+61
The RFC7857 state machine introduced in 56c492a is a trade-off. It tries to retain sessions as much as possible and also offers some protection against spurious RST by re-establishing sessions if data is received after the RST. From experience in the wild, this algorithm is a little too liberal, as it leaves too many spurious established sessions in the session table. E.g. a oberserved pattern is: client server <- FIN, ACK ACK -> ACK -> RST, ACK -> With the current state machine this would leave the session in established state. These proposed changes do: - require 3-way handshake to establish session. (current requires only to see SYNs from both sides) - RST will move session to transitory without recovery if data is sent after - Only a single FIN is needed to move to transitory Fixes: 56c492aa0502751de2dd9d890096a82c5f04776d Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I92e593e00b2efe48d04997642d85bd59e0eaa2ea Signed-off-by: Ole Troan <ot@cisco.com>
2022-04-18nat: fix deleting nat ei out interface featureAlexander Skorichenko1-2/+2
Type: fix Set is_add function argument to 0 when deleting interface role. Change-Id: I6ca88d6511e1c88285e51b3750eb501fde2b341b Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2022-04-16hsa: vcl test client allow non-blocking connectsFlorin Coras3-45/+66
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If7dd56e76efc31ed66b865e2c7231d22ec2322b4
2022-04-15hsa: support configurable vcl client wrk loopFlorin Coras1-69/+128
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5e49f43b18ff011ce0b7259ed58854d81f910826
2022-04-14gtpu: fix memory leakLeung Lai Yung1-0/+1
Type: fix Free the old rewrite string before assigning a new rewrite string for the updated new tteid value. Signed-off-by: Leung Lai Yung <benkerbuild@gmail.com> Change-Id: I1ec19bce6afda3dfdc31c8724b32ac7b9bc84e89
2022-04-13crypto-openssl: use getrandom syscallGuillaume Solignac1-2/+2
The sys/random.h header, which provides the getrandom syscall wrapper, was only added in glibc2.25. To make it compatible with older version, we can directly call the syscall. Type: improvement Signed-off-by: Guillaume Solignac <gsoligna@cisco.com> Change-Id: I93c5f8a49c0323511a4e34273f0b3c0e24663bfd
2022-04-12hsa: fix coverity warningFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9cf21ee7ad363dd1af5ca75f07bfe38d8fe749f9
2022-04-12hsa: vcl test client option to close only clientFlorin Coras2-2/+12
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I45c63e0a7d7179a0f27ca3f093bd3cf7458a12d3
2022-04-12tests: fix bihash unit test threads countJing Peng1-4/+4
In test_bihash_threads, if a test thread fails to be created, it is still counted towards the total thread count, which could lead to never-ending test loop. This patch fixes the issue. Type: fix Signed-off-by: Jing Peng <pj.hades@gmail.com> Change-Id: Ic0f1d4dde9c5ea672b52f0e2e49f16d42f982b77
2022-04-11tls: fix connected notifications with no app wrkFlorin Coras1-1/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I805131b4e3d0cb2fab1d3bf76db659c67522c2e8
2022-04-11tests: fix bihash unittest error reportingJing Peng1-15/+21
This patch fixes test_bihash_unittest in two ways: 1. The number of searches, namely tm->search_iter, defaults to 0, thus disabling the test. This patch changes the default to 1. 2. Test errors are reported by clib_warning() instead of being returned, thus the caller test/test_bihash.py is never aware of them. This patch returns the errors constructed by clib_error_return(). Type: fix Signed-off-by: Jing Peng <pj.hades@gmail.com> Change-Id: I60e99a829ebe6aa2a56e7a9332cf973afa100311
2022-04-08linux-cp: fix setting mtu on hardware interfacesMatthew Smith1-1/+1
Type: fix Fixes: 616447c39231 In lcp_router_link_mtu(), either vnet_hw_interface_set_mtu() or vnet_sw_interface_set_mtu() is called, based on whether this appears to be a physical interface. The test to determine whether this is true was incorrect and probably never worked right so vnet_sw_interface_set_mtu() was always being called. This causes some breakage with Recent changes to code which manages interface MTUs. Fix the test so the right function is called. Change-Id: I1ecccbce37d5a1e53b2349ed40f3d0d27eb03569 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2022-04-08dpdk: add multi-txq supportMohsin Kazmi4-13/+31
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I9f061a05d947bc2867e1b962bf0522ad344bcc1a
2022-04-07tls http: run config fns after init onesFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia4d8aaafeb3629f421601edffefe9c61c3e69dba
2022-04-07tls: fix session pool realloc on acceptFlorin Coras1-0/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I68ada775810bb4a4f280962a979605b211562a52
2022-04-05wireguard: prevent segfault on non-adj packetsJon Loeliger2-0/+7
An unexpected packet that shows up on a Wireguard interace that happens not to have a forwarding peer will cause a segfault trying to index the vector of peers by adjacency. Rather than segfaulting, recognize a non-adjacent packet and drop it instead. This leaves open the question of what _should_ be happening to, say, IPv6 multicast packets. Signed-off-by: Jon Loeliger <jdl@netgate.com> Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Change-Id: Ic0a29e6cf6fe812a4895ec11bedcca86c62e590b
2022-04-05dpdk: macros changes for dpdk 22.03Dastin Wilski4-60/+62
New dpdk version deprecates some macros used by VPP. This patch changes them to 22.03 version. Type: improvement Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: Ic362ed318dc1ad88bb682ef13fbd6159171fbaef
2022-04-05dpdk: compatibility layer for dpdk 22.03 bumpDastin Wilski2-26/+87
New version of dpdk changes some macros names. This patch ensures VPP will be compatible with older dpdk versions. Type: improvement Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: I3d9736278e70064610a1dcad5f2d2f6eb26e0d4b
2022-04-05dpdk: fix max frame sizeDamjan Marion2-11/+11
Type: fix Change-Id: I70f9ec2eb6c9c1494a4ecd56e06898f6162a0e0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-05nat: nat44 cli bug fixFilip Varga5-42/+38
Two similar CLI paths "nat44" and "nat44 add interface address" caused unexpected behavior. If "nat44 add interface address" command would fail the vlib cli processing function would call "nat44" handler. This would also clean any previously set errors from the first command and basically return same error returned by "nat44" handler for every failed command that starts with the same path string. Fixes nat44-ed and nat44-ei plugin. Change-Id: I1aac85c8ae2932da582a2b78243521d1bf8a0653 Ticket: VPP-2021 Type: fix Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-05vppinfra: refactor address sanitizerDamjan Marion1-1/+1
Type: refactor Change-Id: I5ca142ec1557d5b5c3806b43553ad9d3b5ea1112 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-05crypto-openssl: use getrandom to reseed opensslBenoît Ganne1-13/+8
Type: improvement Change-Id: I84d594d8baaf18056580455f3b2790d0f31b7b0f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-04vppinfra: make _vec_len() read-onlyDamjan Marion39-92/+88
Use of _vec_len() to set vector length breaks address sanitizer. Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead. Type: improvement Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04tls: set client ckpair only for non-test ckpFlorin Coras1-13/+15
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7287e40ad95dfe061fd8a7b0e99921d5540e030d
2022-04-04tls: null terminate openssl chiphersFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5d4e68730a75337a2e532e72f366b62d6973235e
2022-04-04vlib: remove unused fieldsDamjan Marion1-8/+0
Type: refactor Change-Id: I449fcea92a1c96dd7dd0bcad893060ad1c614351 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-01vrrp: add stats support and update APIEmanuele Di Pascale8-18/+643
Add simple counter statistics to VRRP, based on a subset of those defined in RFC8347. Add an update API that allows in-place modification of an existing instance. The method returns a vrrp_index which can be used both for retrieving statistics and to modify non-key parameters. Also add a delete method which will take that vrrp_index as parameter. Type: improvement Signed-off-by: Emanuele Di Pascale <lele84@gmail.com> Change-Id: I2cd11467b4dbd9dfdb5aa748783144b4883dba57
2022-04-01dpdk: fix vlan creation on ixgbeAlexander Chernavin1-1/+0
Type: fix VLAN programming is currently enabled for IXGBE. However, that is only supported for IXGBE_VF. With this fix, disable VLAN programming for IXGBE. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I37b1d0733988c964d2b0f5a49328effacec1cb6f
2022-04-01dpdk: fix coverity issueFan Zhang1-13/+4
Type: fix This patch fixes the following DPDK plugin issue: CID 253333: Control flow issues (DEADCODE) The change also includes some cosmetic changes for error handling. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I830020bc3ae9a508f3a905f78333fa3ae25ce784
2022-04-01nat: VRF routing & FIB improvementsFilip Varga8-281/+727
This patch affects how destination fib is choosen during session creation. Default behavior of choosing fib based on output interfaces is kept. Configuration gives you the ability to change default behavior to direct or restrict traffic between different FIB tables. NAT specific VRF routing options: a) keeping communication in the same VRF b) option to add multiple destination VRFs c) option to control the resolution order of destination VRFs TX FIB resolution is based on looking up RX FIB entry in NATs VRF table and picking the first FIB that resolves destination address. Ticket: VPP-2009 Type: improvement Change-Id: If500c48d7ce3466533ad9581c0847870788fc4fb Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01nat: nat44-ed cleanup & fixesFilip Varga7-1303/+645
Set deprecated option on unsupported API calls. Cleaned up API calls with deprecated option. Removed in progress option from long term used API calls. Removed obsolete/unused nodes, functions, variables. Fixed set frame queue nelts function. Calling API would incorrectly not fail even though frame queue nelts can only be set before first call nat44_plugin_enable. Moved all formatting functions to _format.c file. Type: refactor Change-Id: I3ca16e0568f8d7eee3a27c3620ca36164833a7e4 Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01tls: enable host verification by hostnamesatna1-3/+40
Type: improvement Signed-off-by: satna <satbeervarma9596@gmail.com> Change-Id: I1b1db60fa1a0e47fce273bc07b01887813fd3c48
2022-03-31stats: convert error counters to normal countersDamjan Marion1-23/+0
Change-Id: I9794da718805b40cc922e4f3cf316255398029a9 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>