summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-08-13lb: Fix generating illegal key in per-port vipYasuhiro Nakamura1-0/+2
VIP prefix index becomes always 0 when adding a VIP which is already registered different port, causing LB config crash. This change assigns the same VIP prefix index to the same VIP. Ticket: https://jira.fd.io/browse/VPP-1834 Type: fix Signed-off-by: Yasuhiro Nakamura <yanakamu@yahoo-corp.jp> Change-Id: Ib63b3e58db9bd85714d68cd1292aadd0c8580da8 (cherry picked from commit 551775eaaa9c162c73e15690e4d7580935e9a70a)
2020-08-13map: handle IPv6 extension headers for TCP/UDPVladimir Isaev1-2/+2
Without this patch offset for TCP/UDP headers was not calculated correctly if there is one or more IPv6 extension headers. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I04d6f5e42f8f072987192d6236085afbd74a4420 (cherry picked from commit 7d4cd0cf6f1a94953ef97ab885752424dea6948c)
2020-08-13unittest: Skip string test case for sizeof (src) > sizeof (dst)Steven Luong1-4/+13
coverity complains that the subject test may cause dst buffer overrun problem and it is right. The problem is when __builtin_constant_p (n) returns true, memcpy_s_inline skips all the errors checking and does the copy blindly. Please see the code in memcpy_s_inline. The fix is to skip the subject test when the aformentioned builtin function returns true. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I50de91cc0c853a134b3bcf3b0cd8d45d7668b092 (cherry picked from commit 2da39718f560478678caacccd198ee4c0c9673c3)
2020-08-12crypto-openssl: fix coverity warningsFilip Tehlar1-5/+5
Type: fix Change-Id: Ia42ff39a0a33f89901b8333a9e6ca82ca9805cc6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 41e831f5588fe5ebfd879f4e570e85e12770b360)
2020-08-12gbp: Coverity warnings for unitialized variablesNeale Ranns2-0/+3
Type: fix Change-Id: If74ad528e68f45b00719295388e0e1399452ef93 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit e9a630a5248ee6e234c1bf1fdb2c29fc6239f60d)
2020-08-12map: honor pre-resolve param in map-tAlexander Chernavin6-30/+153
With this commit, forward the translated packet directly to the specified next-hop if pre-resolve param is enabled in MAP-T. Type: fix Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574 Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit f145c15631ba62e798395499f83a2f8a91ae83c7) Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-08-12misc: fix coverity warningsDave Barach1-1/+1
Add an ALWAYS_ASSERT (...) macro, to (a) shut up coverity, and (b) check the indicated condition in production images. As in: p = hash_get(...); ALWAYS_ASSERT(p) /* was ASSERT(p) */ elt = pool_elt_at_index(pool, p[0]); This may not be the best way to handle a specific case, but failure to check return values at all followed by e.g. a pointer dereference isn't ok. Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ia97c641cefcfb7ea7d77ea5a55ed4afea0345acb (cherry picked from commit 47d41ad62c5d6008e72d2e9c137cf8f49ca86353)
2020-08-12dpdk: fix flow(with mark action) deletion crash issueChenmin Sun1-1/+1
Type: fix this patch fixes mark flow deletion crash issue, see below test flow add src-ip any proto udp src-port 111 dst-port 222 mark 100 test flow enable index 0 1/1 test flow disable index 0 1/1 test flow enable index 0 1/1 test flow disable index 0 1/1 -> [crash] This is because the code resets a wrong vector in flow lookup entry recycle logic. See function dpdk_flow_ops_fn(). Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I2b0a1e531931ab25541d672d88da18dc2289f1ce (cherry picked from commit cd120f9bbb2101dfd7eca11d1a28e06ac5ace479)
2020-08-12nsim: fix quad-loop packet traceDave Barach1-11/+12
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I756170bd799d1f482186cbb4b5dff9373ae6e08f (cherry picked from commit 3be33f17ecd14a12738a44f9c0e09cb3778b1345)
2020-08-12svm: use default SVM address in fifo unit testsBenoît Ganne1-1/+2
Using random addresses can confuse AddressSanitizer Type: fix Change-Id: I44368093f899672ac4d511cc5a01ed87c988e63a Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit dc90c719bca27856101f758939dcfb0b67124775)
2020-08-12map: Prevent IPv4 prefix spoofing during IPv6 -> IPv4Jon Loeliger2-2/+279
Prevent malicious packets with spoofed embedded IPv4 addresses by limiting the IPv6 ingress packets to known MAP-T domains. Drop spoofed packets. Add several tests that ensure spoofing isn't allowed. Type: fix Fixes: fc7344f9be Change-Id: I80a5dd10d5fe7492e3a1b04de389d649a78065e2 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit 65866f03d96bd41b99b1c823ea6f38cd77fac58c)
2020-08-12sr: fix possible null-pointer dereferenceIgnas Bacius1-9/+26
Steps to reproduce VPP crash: 1. configure localsid End behavior 2. ping the localsid address Type: fix Signed-off-by: Ignas Bacius <ignas@noia.network> Change-Id: Id780e0875ec9cdb25252217990919fb3dddbf06a (cherry picked from commit bd5c49a1615e36260a86184d087b5b47a5e747be)
2020-08-12map: api: fix tag overflow and leakBenoît Ganne2-4/+6
The 'tag' parameter is expected to be a NULL-terminated C-string in callees: - make sure it is null-terminated in both API and CLI cases - do not allocate & copy the string into a non-NULL-terminated vector in API case - fix leak in CLI case Type: fix Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 3b37125bdb0251181f90a429a4532b339711cf89)
2020-08-12nsim: enable output scheduling on main threadDave Wallace2-2/+29
Type: fix Change-Id: I5d47cb9bc7eb7f3c8485e3b42f0701e81d87ba2a Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit c0c4eec3bc309bcc656eade82f17754875f9ed7c)
2020-08-12lb: fix that lb_add_del_vip and lb_add_del_as api doesn't work correctlyYulong Pei3-12/+9
Currently if user want to set ip4 address to the api, it must convert to ip6 format, e.g. user want to ip4 "90.1.2.1" but must convert to "::5A01:0201", it is not acceptable, this fix solved the issue. Ticket: FDIO-753 Type: fix Change-Id: I2ffa5a3d38400ee176cf601421074f71fc395f03 Signed-off-by: Yulong Pei <yulong.pei@intel.com> (cherry picked from commit db43bb6af78c33e47d29889b047cced4b11fe4d7)
2020-08-12tls: enable async node on demandYu Ping1-3/+1
Type: fix Change-Id: Iab7c65614c94497e8ec5a96624be72c1a139e486 Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit d63b356bdf29fbb80f810d341dcaf8f5f92121c1)
2020-08-12tcp: handle ack advancement with no holes and renegingFlorin Coras1-1/+35
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9afba8dc9e087b8c436fe568531c02614a577a7c (cherry picked from commit c95eefb393d05167ce6e35e5617179f536de0bda)
2020-08-12dpdk: enforce max tx retriesBenoît Ganne1-0/+1
n_retry was never decremented and so never enforced. Type: fix Change-Id: I71d60a72c156286f7e5b82b1c77a723361317c69 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 207a1633094526697729f322269b937f841aaf47)
2020-08-12ct6: dst,src copy typoNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I266fa5dc637383fd8dac6592c9c266a1b70a73e9 (cherry picked from commit 629e268aa171a8bc03fb93fc995725b78ae64063)
2020-08-12tls: enable TLS OpenSSL plugin works in 3.0.0Yu Ping1-0/+5
Type: fix Change-Id: Id1602981fcc6efed1b0efe79a1fc8177457acdb5 Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit 1c6486f7b8a00a1358d5c8f4ea1d874073bbcd6c)
2020-08-12tcp: fix last sacked with no holesFlorin Coras1-0/+44
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id12b0a9b8bc47aef8b393544e5b4c8228ed6a606 (cherry picked from commit 479f7fec6a876bf06f6007c03fd7b9fa3404df54)
2020-08-12tls: Make tls CPS test run for a quite long timeYu Ping1-3/+7
Type: fix Change-Id: I8cfb48bd7f92689b296861dd368186408918061b Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit a9ed934745403461834b4361f06bd3865682f368)
2020-08-12tcp: fix duplicate sack whith renegingFlorin Coras1-11/+99
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6f7fb91e059996ff702eb9c36e3abaed237fe221 (cherry picked from commit 067f8f963d64b1cbc70f2b78ebd2c6d3791e7d22)
2020-08-12gtpu: Track the dst FIB entry instead of RR sourcing thatMiklos Tirpak1-9/+9
RR sourcing the destination FIB entry limits the number of tunnels to 255 for a particular destination. This change removes this limit. Type: fix The patch is based on 1f50bf8fc57ebf78f9056185a342493be460a847 that introduced the FIB entry tracking but did not update the gtpu plugin. Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com> Change-Id: I8a4a87382a6eb5120e2bb65b9bc3c446bbfdbd3b (cherry picked from commit 75c72369186f6341a13374d2dd6e60ce3c7a88a6)
2020-08-12vxlan geneve gtpu: fix short helpPaul Vinciguerra1-1/+1
Type: fix Change-Id: Id53eb6ed15f270d747b9831a7b585cbafe515dd2 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit 5fb2278cb8badbbfe727acbdcaeda008a7fd2833)
2020-08-12tls: change SSL_has_pending to avoid BIO check errorYu Ping1-2/+2
Type: fix Change-Id: I454aff1b187b75a1328c90e30b9b487377ae5f68 Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit ce9bdfe5fcfa6e2acd670ea0063ce5e0fde15096)
2020-08-12map: Fix a coverity MAP dead-code issue.Jon Loeliger1-3/+0
Type: fix Change-Id: I5467bbe3b25b1ea3fb44157abe6e7bfb3f191e77 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit 3aae3dc7acddbe2f46de785b50c3358b7d3e0acc)
2020-08-12map: Avoid null dereference in 'map show' and 'map del'Jon Loeliger1-12/+22
If a map domain is created without a tag name, inspecting the map data will segfault looking for an unset name in the so-called "domain extras" vector. Enhance "show map domain" to show all map domains. Type: fix Change-Id: Ic55662b84eec58221816da270b2ef9e89c3a31c3 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit 4a6d093e7ef72b06b35ffee911d35033dfde0171)
2020-08-12flow: fix several crash issuesChenmin Sun1-2/+0
Type: fix This patch fixes crash issues(marked in brackets) in the below test cases test flow enable index 0 1/1 -> [crash] test flow disable index 0 1/1 -> [crash] test flow add src-ip 192.168.8.8 proto udp redirect-to-queue 8 test flow enable index 0 1/1 test flow disable index 0 1/1 - [crash] test flow add src-ip 192.168.8.8 proto udp redirect-to-queue 8 test flow enable index 0 1/1 test flow enable index 0 1/2 test flow del index 0 -> [crash] Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I84bc6faa3d93a2cab4c82e8a876a8b1067257b62 (cherry picked from commit be2ad0b4743ed8a3875a5b6039c10c66eb07614c)
2020-08-12map: Fix inverted 'map security check enable' CLI flag.Jon Loeliger1-2/+2
Type: fix Fixes: 5a2e278a09726be627b8310e03f0522d60aafedf Change-Id: Ibdc2f0be44e382bfa4a8f3e16be8d6239d7a0ec1 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit acaa04a22dd8bade2eca944ddd8517961433a34f)
2020-08-12nat: respect arc features (multi worker)Filip Varga7-419/+887
Type: fix Ticket: VPP-1747 Change-Id: If282aae3e584d7017c200f897b99c8a37eb1b2e5 Signed-off-by: Filip Varga <fivarga@cisco.com> (cherry picked from commit 9a6dc8a9376e7270331255861b3ead1045b40c6d)
2020-08-07session: fix transport proto unformatFlorin Coras1-3/+12
Type: fix Change-Id: I38a5cbd53b278c21142bac4ee1bbe5dc8bcaaac9 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 3bbbf0dbd367fd8611f9f390a2c6e31a89ce08a9)
2020-08-07quic: Hotfix crypto context on migrateNathan Skrzypczak1-0/+17
Type: fix quicly_connections have internal references to crypto contexts which need to be updated when we switch thread as the supporting pools are thread-based. This under the assumption that the new contexts will be exactly identical Change-Id: I38083e59657ff068e347d9e7b47abe91a1167b6c Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> (cherry picked from commit d9942bcc61d83cee390fc2c6a428e562ec9750f0)
2020-08-07quic: remove redundant function callsDave Wallace1-2/+0
- session_transport_delete_notify() is called before and inside quic_connection_delete() Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I5c79a3269e36c4aab5aa99fdfdac06c1334f0f6f (cherry picked from commit 34d92ebde67efb96784e0360f25a3b3c3b86b8f0)
2020-08-07quic: disable failing testFlorin Coras1-0/+1
Type: fix Disable test until fixed. Change-Id: I1f03630d126e61578c63a3536a0dd1a7b4da2b92 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 3ad984732961d0a8ec3bd6e68a37a4927275419d)
2020-08-07quic: Add PICOTLS_INCLUDE_DIR var to CMakeLists.Mathias Raoul1-0/+6
Type: fix Change-Id: I10ebcc653491d11ca798e0a60be6eeef82c41766 Signed-off-by: Mathias Raoul <mathias.raoul@gmail.com> (cherry picked from commit 74dcbf97af4e55cb29932dad7d65472403c6006d)
2020-08-07memif: 14 bytes extra overhead issue fixed.Mrityunjay Kumar1-2/+2
Type: fix Signed-off-by: Mrityunjay Kumar <kumarnitp@gmail.com> Change-Id: I31cc5e853b57e285064647503231b251e5152d3f (cherry picked from commit 3f0579e8df831d42745e0b97191eb5e4bcffb011)
2020-08-07memif: fix zero-copy arg overwriteJakub Grajciar1-3/+0
Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I9a34465c85597baecdbc672ce395265f7dbb7f00 (cherry picked from commit 8a1dea4ce6fd0684aef6d0b0843a90658775129d)
2020-08-07gbp: More reliable unit-testsNeale Ranns1-16/+16
Type: fix the GBP unit tests would peridocially fail. The reason being that there is dynamic state whose presence nneds to be created, tested and then timeed out. The failures occurded when the timeout occured before the state could be tested. the previous timeout was 2 seconds, this has been doubled, as a result i saw no faliures running continuously for ~16 hours. bumping the timer increasing the test run time from ~40 to ~53 seconds, a small price to pay. in test cases where the state is not timed out i bumped the timer to 60 seconds. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I11b0970570caa8eebf486fe8cd8e44a4b2b1fc36 (cherry picked from commit 8d0d8d2fcccd77e462f30b21f7f8810db312ee62)
2020-06-11vppinfra: refactor mpcap.hDave Barach1-1/+1
vppinfra source files MUST NOT #include <vlib/vlib.h>, <vnet/vnet.h> or similar. Move mpcap_add_packet(...), mpcap_add_buffer(...) to a new file: src/vnet/mpcap.h. Type: refactor Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id517aef6fe49b618f853ce32940b91ba45a1e60d (cherry picked from commit 2a41919e39d4672f76a654f30be9c2093cef4fad)
2020-05-26ipsec: DES/3DES fixing the iv_len for openssl cryptoRajesh Goel1-1/+2
Type: fix Signed-off-by: Rajesh Goel <rajegoel@cisco.com> Change-Id: I8d128598b4c872f19b64c779c19b5908ba2f2c08 (cherry picked from commit d1d90f5951df93625594f1904cddd95880838ff0)
2020-04-13ping: fix buffer allocator error handlingDave Barach1-0/+2
The code sets f->n_vectors = n_to_send, but it can bail out of the loop if vlib_buffer_copy(...) returns 0. Need to fix f->n_vectors in the error return path, or we enqueue some number of 0xfefefefe buffer indices in a debug image or worse in a production image. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2d886266006c6c1c2f9ef8e3b95eb46ac6c0b3df (cherry picked from commit 8324c55f95dd5ddbf1f5f9c47907204a12e152ef)
2020-04-10misc: check return values from vlib_buffer_copy(...)Dave Barach1-3/+5
vlib_buffer_copy(...) returns NULL if the system is temporarily out of buffers. This is NOT correct. Please don't be this person: c0 = vlib_buffer_copy (vm, p0); ci0 = vlib_get_buffer_index (vm, c0); Type: fix Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit c25ef58965871ea5d2b40904df9506803f69e47e) Change-Id: I6cd4f289c4fadc3f36c3203b53546e9a788ef99b
2020-03-10rdma: fix bug related to ring bufferElias Rudberg1-2/+2
Fix a bug that caused some input packets to be dropped due to errors of the type 'ip4 length > l2 length'. The change is related to the second call to the rdma_device_input_bufs() function that happens when the end of the ring buffer is reached. Type: fix Change-Id: I332d69ab22242b3443a0baca6e5dd86349a54765 Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> (cherry picked from commit e5ecf3ea4b456afb710f4ed903cd7e4c1ae87859)
2020-02-29dpdk: TSO does not work for Cisco VICSteven Luong1-0/+11
While TSO is supported for Intel NIC, Cisco VIC does not work. The problem is due to txmode offloads is not properly set for the Cisco VIC when enable-tcp-udp-checksum is configured. Type: fix Ticket: VPP-1838 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I72c41db9b327ed8d08ef70d74e8cc6206d4a102f
2020-02-27avf: Handle chain buffer in TX properlySteven Luong2-7/+140
For chain buffer, need to traverse b->next_buffer to transmit all buffers in the chain. Only set EOP at the last descriptor in the chain to signal this is a chain descriptor. Introduce slow path to handle ring wrap. This is needed because chain buffer may consist of multiple pieces and it may span from near the end of the ring to the beginning of the ring. Type: fix Ticket: VPP-1843 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Id7c872f3e39e09f3566aa63f3cdba8f40736d508 (cherry picked from commit f7ab7b2d9bc0f42c1e766d22d49dd0dc4f28abb6)
2020-02-18mactime: remove unnecessary function declarationNeale Ranns1-2/+0
Type: fix Change-Id: I80cb666d9eae9d0f780d51fb95454d97ed320454 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit bb688a4dc188b097a2dbca91da58fc5585ab6838)
2020-02-13ikev2: correct byte order in api handlersAleksander Djuric1-10/+21
Type: fix Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com> Change-Id: I186286b8959ae138528a5171c22d3e1b00f46baf Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com> (cherry picked from commit 50c99b4a8679e6c0d6f48677a5b91455bb612c86)
2020-02-06lb: lb_add_del_vip and lb_add_del_as doesn't work.Hongjun Ni2-4/+14
Ticket: FDIO-753 Type: fix Change-Id: I4a8cf06970b658dfa15768459a3ff76571d6dfff Signed-off-by: Hongjun Ni <hongjun.ni@intel.com> (cherry picked from commit e69f4714323e1f7e7754fef58a2d75949e146317)
2020-02-06ikev2: fix memory leak in child SAFilip Tehlar1-16/+15
traffic selector vector isn't freed when freeing child SA Type: fix Change-Id: Icf6c240db5093f45d141451bad6f6627a61821cf Signed-off-by: Filip Tehlar <ftehlar@cisco.com> (cherry picked from commit 99eefc2cfee4f71e1aaad1d420e6d9335072eb2c)