Age | Commit message (Collapse) | Author | Files | Lines |
|
nat44-ed core configuration improvements & fixes [0-5] adjusted
for nat44-ei plugin.
Improvements:
* repeating code converted to functions
* simplified functions used for pool address, static mapping
and interface configuration.
Clean up:
* remove obsolete code and logic persisted after plugin
separation from old SNAT plugin.
Fixes:
* [0] return correct API behavior changed in [5]
Type: improvement
[0] https://gerrit.fd.io/r/c/vpp/+/33622
[1] https://gerrit.fd.io/r/c/vpp/+/33431
[2] https://gerrit.fd.io/r/c/vpp/+/33337
[3] https://gerrit.fd.io/r/c/vpp/+/33249
[4] https://gerrit.fd.io/r/c/vpp/+/32796
[5] https://gerrit.fd.io/r/c/vpp/+/32951
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: Ie197faa576cb49acb3d218f14e00cb7d13ad9342
|
|
This patch fixes issue with NAT_API_IS_TWICE_NAT and
NAT_API_IS_ADDR_ONLY flags. Because of control plane
code change - move from boolean parameters to flags
in https://gerrit.fd.io/r/c/vpp/+/32796 patch these
api flags weren't correctly set.
Type: fix
Change-Id: Ieec5fe6bdcca314da027f2d23e3a24f174391a6f
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Ib07029204ecf12bf2adb5a39afa54bc98fb81f34
|
|
memif descriptors table may have more than one shared memory region.
To see whether a descriptor's memory address is valid or not, it
is beneficial to also display the descriptor's region. While at it,
fix the truncation problem for the offset field.
Type: improvement
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ia3b7062ac0323c39ade6f3a58333c6405889148f
|
|
Added topdown level 2 support on sapphire rapids,
including ability to indentify a sapphire rapids cpu.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I9f99a92fa0886b98bb5185cff32bebd5a094f329
|
|
The Intel Icelake uArch supports measuring up to 12 counters,
comprised of 4 fixed and 8 general counters.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I68369ea55a0c95d6a4a280a464e69502bbf5474f
|
|
Initialise variable used in tracing code in case of early error so that
tracing doesn't use this uninitialised variable.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I6b1cef07e1f126cee56e1116606869dd667274d2
|
|
Put static mappings in flow hash, drop existing hash tables used for
static mappings. Drop refcount variables and use hash table as a single
point of truth. Allow creating a static mapping conflicting with dynamic
mapping, which will take precedence after dynamic mapping is freed, so
that the existing flow can finish transferring data.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Idfde8efabc09971be38921d4b0ca5ccf4e9fe412
|
|
Remove non-null check for a pointer which cannot be null to avoid dead
code warning.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I5ff40a4f80db7bb0dff9928c90ff757b763902fd
|
|
Type: improvement
Change-Id: I7e821cce1feae229e1be4baeed249b9cca658135
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Fix coverity warning by initialising proto variable to a dummy value.
This value is never used because consuming function uses this
parameter value only if is_addr_only flag is not set and this flag is
always set if proto value is not provided by user.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9b5e8c08346bea1e2b460bb09e962c4b8d3b6947
|
|
Adding a nat44 static mapping during startup on a DHCP interface leads
to a segv via this path:
- dhcp_client_acquire_address
- ip4_add_del_interface_address
- ip4_add_del_interface_address_internal
- nat44_ed_add_del_interface_address_cb
- nat44_ed_add_static_mapping
- ip4_interface_first_address
Type: fix
Signed-off-by: Joshua Roys <roysjosh@gmail.com>
Change-Id: I38dac8a096b052550f2b87b4e13a950d2cd868b0
|
|
unformat_init_vector() expects a vector, not a NULL-terminated C-string.
Type: fix
Change-Id: I20a266243f63d94b0c6fe24e25ee8346c08c8ff2
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2367e86fb22176881d118342f6e991dbc708b1f2
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id41e22345be3ec401813ba43ddc7d92666784eb4
|
|
Type: fix
Fixes: 3effb4e63068 ("memif: integrate with new tx infra")
memif is recently integrated with new tx infra. But it
introduces a crash when slave disconnect from master but
interface is not deleted. Disconnect routine was missing
unregister of all tx queues. This patch fixes it.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I81c59cc1a03561248ec8595d5e3caa54f421833e
|
|
This reverts commit 69b7599e4b061a8996205f0304232ede84cb70d4.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: If531b122ae5a9f91c2fe6eaa0da69922a91f16d3
|
|
Put static mappings in flow hash, drop existing hash tables used for
static mappings. Drop refcount variables and use hash table as a single
point of truth. Allow creating a static mapping conflicting with dynamic
mapping, which will take precedence after dynamic mapping is freed, so
that the existing flow can finish transferring data.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ieeba691d83a83887d0a0baccd5f3832f66126096
|
|
Type: improvement
Change-Id: I3d8e1c7a83530bbc4b1751358ad7d034476ff13f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
This patches fixes an issue that could cause
fib locks to underflow: if an API user deletes
a fib and quickly recreates it, the fib may not
have been actually deleted. As a result, the
lock would not be incremented on the create call
leading to the fib potentially disappearing
afterwards - or to the lock to underflow when
the fib is deleted again.
In order to keep the existing API semantics,
we use the locks with API and CLI source as flags.
This means we need to use a different counter
for the interface-related locks.
This also prevents an issue where an interface being
bound to a vrf via API and released via CLI could
mess up the lock counter.
Finally, this will help with cleaning up the
interface-related locks on interface deletion
in a later patch.
Type: fix
Change-Id: I93030a7660646d6dd179ddf27fe4e708aa11b90e
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: improvement
Change-Id: Iec585880085b12b08594a0640822cd831455d594
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Attempting to create an af_xdp interface with zerocopy where the
underlying driver didn't support it would lead to a crash due to
queue creation silently failing.
Type: fix
Signed-off-by: Joshua Roys <roysjosh@gmail.com>
Change-Id: Ifd9070b8c2b3023d71120c5cf20f7e89d04e4cb3
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie0fde16fb4e41637169474628808fddf343884f3
|
|
similar behavior as here: 839dcc0fb7313638d9b8f52a9db81350dddfe461
Type: improvement
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I1b0a8f8f3dab48839e27df7065cf5f786cf0b5e9
|
|
- do not initialize resources if ikev2 is not used.
- process IKE packets only if we have profile(s) configured
Type: improvement
Change-Id: I57c95a888532eafd70989096c0555ebb1d7bef25
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I4450b8c8b50a3be8d6a399f6a58bc0e8eb500b28
|
|
Type: improvement
Change-Id: Ia63899b82e34f179f9efa921e4630b598f2a86cb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
This patch fixes the chacha20-poly1305 support check in ipsecmb
engine build.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com>
Change-Id: I74b52a27f78a0f6a65c867dbd44a44a8f4a2ed60
|
|
IDr is optional in IKE AUTH from the initiator. In that case, the
responder is free to use any matching profile and fills the
corresponding IDr in the response.
The initiator is then free to accept or reject it.
Type: improvement
Change-Id: I07a1c64a40ed22bd41767c259406238bbbab5cf4
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: Id0a6a9e68725ea7aa0b7da14cf54d14405a907fb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
The IDi is not mentioned in the RFC for the responder AUTH message, and
it confuses some IKE implementations.
Type: fix
Change-Id: I2bcefa1efd315412a6f5fa592668d4e0da510264
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Enable Topdown Level 1 support on Snowridge,
enabled with standard CPU events on small core.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I58ad09383de7464265ac1b69e683f253591e3b5e
|
|
Add a check bundle is supported before futher activation.
Enable different bundles with same name, supported on different platforms.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I73e8bbd1e07c05ebccd9146d48a234eb598a2388
|
|
Fix peusdo events, missed populating "core" events with peusdo events.
Type: fix
Fixes: bf37bf6f7
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I569fa876f1b58540adac0b095be0ff4ade664dec
|
|
we can receive events from peer about its state:
-WIREGUARD_PEER_STATUS_DEAD
-WIREGUARD_PEER_ESTABLISHED
Type: improvement
Change-Id: Ide83fbe2cfafa79ded5bcf3f6a884c26a7583db0
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
|
|
Type: improvement
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: If1a7e82ce163c4c4acaa5acf45ad2b88371396f6
|
|
Type: fix
Change-Id: I41455e1cdc62e7c0baa148630b0701b042f3b156
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Allow perfmon bundles to support more than one bundle type, either node
or thread. Only used for topdown bundle for the moment.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: Iba3653a4deb39b0a8ee8ad448a7e8f954283ccd8
|
|
Backward compatibility fix returns erroneous behavior that lets user
add internally unused inside interface for the purpose
of complying with the old add/dump/details API behavior.
Change introduced in https://gerrit.fd.io/r/c/vpp/+/32951 removed
extra inside interface that wasn't required or any how used by the
output feature. This patch also changed outside interface flags to
inside & outside. This fix returns the old behavior by imitating
the old behavior through dummy registratoin data.
Added new API calls nat44_ed_add_del_output_interface
and nat44_ed_output_interface_get/details as a
replacement of old API's. New API introduces
simplified and cleaner way of configuring outside
feature without requirement of config flags.
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I7a170f7325727c04da5e2e3ffbe3f02179531284
|
|
The 0.55 version of libipsec_mb does not support the chacha functions
used in the plugin.
The missing symobls are:
ipsecmb_ops_chacha_poly
ipsecmb_ops_chacha_poly_chained
IMB_CIPHER_DIRECTION
Check for ipsecmb_ops_chacha_poly() and conditionalise the chacha code
in the plugin on this.
ipsec_mb 0.55 is the version currently found in Debian Stable (bullseye)
Type: make
Signed-off-by: Nick Brown <nickbroon@gmail.com>
Change-Id: I88c962ac4f99a58b5cd61fb9b75f692e27d4ec30
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I7c2b9891e269f23c3aa2a0abfee3cf0a0f1e2135
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I25d3ac72360bea130f567095b486d8e295d2f2f7
|
|
now we can reuse udp-port for many wireguard interfaces
Type: improvement
Change-Id: I14b5a9dbe917d83300ccb4d6907743d88355e5c5
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
|
|
_pool_init_fixed uses mmap to initialize a fixed-size and preallocated
pool, whose size is the sum of vector_size and free_index_size with
alignment to the CLIB_CACHE_LINE_BYTES and page size. In this way
vector_size equals to pool_header_t + vec_header_t + elt_size * max_elts
so moving to the end of the pool space should be pool_header_t pointer +
vector_size, instead of vec_header_t pointer + vector_size.
Simple code to reproduce this error:
u64 *pool;
pool_init_fixed(pool, 2042);
Improve unit test to cover this case
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Reviewed-by: Lijian Zhang <lijian.zhang@arm.com>
Reviewed-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: If088ef89b3dcb2d874ee837ae9da60983b14615c
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Topdown events are peusdo events exposed by linux,
and are only present on Intel platforms.
Change to clarifies this.
Type: fix
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I6a3dcea5f43f53dbb96475329baf5e596a24d54f
|
|
Type: improvement
Change-Id: Ib7e2f5f314144064de7b6be0fade3db2f9c943fe
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
proxy main lock not released in certain cases and resulting in deadlock.
Type: fix
Signed-off-by: Sivaprasad Tummala <Sivaprasad.Tummala@intel.com>
Change-Id: Ib869f459b447189bb921c05fd260f3691c2ac787
|
|
Type: improvement
Linux uses pseudo header checksum when checksum of l4 is offloaded.
This patch adds similar support in virtual interfaces.
Change-Id: I6a94d1104e59356f95057e7c122e3be9cd8659a3
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
now we should add routes manually
Type: improvement
Change-Id: I877511a18854efdfad02939267d38a216b2ccec3
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
|
|
Type: improvement
Change-Id: I9a4303030b9657c28bbd73168def72c7daa13483
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|