summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2023-07-21vcl: ldp support SO_ORIGINAL_DSTqinyang1-0/+42
Type: improvement Support SO_ORIGINAL_DST socket option to get original dst_ip4 and dst_port if nat44 rule enabled. Change-Id: If00e00d03e48f3b78a23a68f1b078954d79dd0f7 Signed-off-by: qinyang <qiny@yusur.tech>
2023-07-13hsa: fix echo client initFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ieb2d1e6e0949844a70c81b218ca7dc83690776ca
2023-07-13lb: Fix src_ip_sticky evaluation bug in per-port-vip case.Nobuhiro MIKI3-469/+74
Before this fix, the src_ip_sticky flag was passed as an argument to the lb_node_get_hash function, which computes a hash value for a packet. However, in per-port-vip case, the value of src_ip_sticky flag may be different for each port number. As a result, the value is the same for all port numbers, even though it is a per-port-vip case. This commit fixes the src_ip_sticky evaluation by delaying it until the packet is received, so that the correct value is obtained. Also, the unit test case has been enhanced for this bug fix. The steps to reproduce this bug are described below: https://lists.fd.io/g/vpp-dev/message/23248 Type: fix Fixes: 613e6dc0bf92 ("lb: add source ip based sticky load balancing") Change-Id: I483492b214a1768e7a21fd86edd5151b3c46528b Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
2023-07-12linux-cp: fix crash on processing dump of routesAlexander Chernavin1-3/+10
nl_route_add() recently started to use its optional argument to check whether replace flag is set for the message. When notification messages are processed, the argument is a pointer to the corresponding message info. However, when dump replies are processed, the argument is a null pointer. This leads to null pointer dereference and crash when dump of routes is processed. With this fix, check for replace flag only if message info was passed to nl_route_add(). Otherwise, assume the flag is not set. Dump replies do not have it set. Type: fix Change-Id: Icb04a1146e09cc965b623018c28f91b347be0eab Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-07-11avf: remove barrierDamjan Marion2-2/+1
Type: improvement Change-Id: I95023d2e6034b77952e0423d0430b433ea0dab15 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-07-11linux-cp: Basic MPLS support.Adrian Pistol5-11/+419
1) Imports ENCAP_MPLS labels from IPv4/IPv6 routes. Note that this requires libnl 3.6.0 or newer. In previous patches, the fib_path_ext_t had a path ID of -1. After a long investigation, it turned out to be caused by route weight being set to 0. There is a comment explaining more details. 2) Handles MPLS routes. MPLS routes were wrongly added as IPv4 routes before. POP and SWAP are now both supported. All the routes are installed as NON-EOS and EOS routes, as the Linux kernel does not differentiate. EOS POP used in PHP uses the next-hop address family to determine the resulting address family. This patch is sufficient for P setups. PE setups with implicit null should also function okay, as long as a seperate label gets programmed per address family. PE setups with explicit null will also forward packets, but punting is a bit odd and needs MPLS input enabled on the LCP host device. 3) Propagate MPLS input state to LCP Pair and Linux. Since the Linux kernel uses the MPLS routes itself, the LCP pair tap needs MPLS enabled to allow host originated packets. This also syncs the Linux `net.mpls.conf.<host_if>.input` sysctl to allow punted packets to have MPLS labels, mostly explicit nulls. In addition, a special feature is enabled to cross connect MPLS packets coming from Linux directly to interface-output untouched. Make sure to enable MPLS/add a table in VPP first and load the MPLS kernel modules!! Type: feature Change-Id: Ie4184bb4cc96905bf8b483a27e7ca6d251697374 Signed-off-by: Adrian Pistol <vifino@posteo.net> Signed-off-by: Pim van Pelt <pim@ipng.nl>
2023-07-06api: lcp - Mark old message versions as deprecatedOndrej Fabry1-2/+6
List of changed messages: - lcp_itf_pair_add_del - lcp_itf_pair_add_del_reply - lcp_itf_pair_add_del_v2 - lcp_itf_pair_add_del_v2_reply This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: Ic20a852dd1fb27858c8776095f9c98757b89bfe8
2023-07-06api: memif - Mark old message versions as deprecatedOndrej Fabry1-0/+6
List of changed messages: - memif_socket_filename_add_del - memif_socket_filename_add_del_reply - memif_create - memif_create_reply This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: Id334990584b64a0efa3c28a3d8b6b641adab8c09
2023-07-06dpdk-cryptodev: introduce sw_ring to the crypto op data pathPiotr Bronowski2-124/+235
This patch introduces sw_ring to the crypto op data path implementation, so that raw data path and crypto op data path use same mechanism of processing async frames. Crypto op ring has been removed from the implementation. Type: improvement Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: Id823f80a88cfa0ff40252616a36de8bb044c7f45
2023-06-30bpf_trace_filter: plugin for BPF Trace FilteringMohammed Hawari9-0/+394
Change-Id: I342de0a375b783725aa2b621c1c70bc8bf646450 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-06-30vlib: introduce trace filter functionsMohammed Hawari3-0/+107
Change-Id: I7a988fafe98599e4fcf7cdaa307a69b9d76650f0 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-06-29dpdk-cryptodev: sync mbuf length with corresponding vlib bufferPiotr Bronowski1-12/+21
When vlib buffer is processed on vnet side its length is corrected by cipher padding and icv_sz. These changes need to be reflected in the mbuf internals. Type: fix Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I0aa03f67f556dfc8f9a577ca1967210527221e02
2023-06-27api: af_packet - Mark old message versions as deprecatedOndrej Fabry1-0/+8
List of changed messages: - af_packet_create - af_packet_create_reply - af_packet_create_v2 - af_packet_create_v2_reply This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: Ia065c3bbc2c7923de64f47417099aea1aa1216b1
2023-06-27api: vxlan - Mark old message versions as deprecatedOndrej Fabry1-0/+12
List of changed messages: - vxlan_add_del_tunnel - vxlan_add_del_tunnel_v2 - vxlan_add_del_tunnel_reply - vxlan_add_del_tunnel_v2_reply - vxlan_tunnel_dump - vxlan_tunnel_details This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I0a7227e76a493731fd136f8e6310ad372fab2494
2023-06-27af_xdp: create_api_v3 without namespace keywordStanislav Zaikin3-0/+132
Namespace keyword is reverved c++ word, so it's not possible to include vapi header for af_xdp plugin and use it. Type: fix Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com> Change-Id: I42a0e0a89ff2c407090d3c18c1bc5a5605ddf032
2023-06-21af_xdp: fix chained buffer free on failureBenoît Ganne1-1/+1
Type: fix Change-Id: I7c6fb783e5200773cbd02c86d39fd241efcc39f9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-06-19dpdk-cryptodev: enq/deq scheme reworkPiotr Bronowski4-223/+210
This rework tries to address issues found on SPR QAT, for traffic reaching max possible throughoutput for single QAT PF packet drops were observed. Fix changes enq/deq scheme by utilizing software ring in enq call from VNET but enq and deq to QAT happens only in deq callback function what should enable better utlization of hardware resources. Type: improvement Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I2e8c473d20a269fd5e93f0c8d1f8c8aa193712bd
2023-06-14af_xdp: linearize buffer chains before TXShmuel Hazan1-0/+20
The af_xdp plugin does not support chained buffers; attempting to send chain buffers will result truncated packets or even send other packet's data. As a workaround, turn any buffer chain into a single buffer before tx. Type: fix Change-Id: I05dec912455eb2bb6c8122a28cd646f88983aa9a Signed-off-by: Shmuel Hazan <shmuel.h@siklu.com>
2023-06-13dpdk-cryptodev: introduce sw_ringPiotr Bronowski2-0/+66
This patch introduces sw_ring. This ring is used in next set of patchas and plays role of a buffer for QAT, allowing collecting frame elements in case QAT queue is fully utilized, and assembling frame from QAT dequeued elements. Type: improvement Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: I20718e200986ab4dba5cbc31c05a904072a6981a
2023-06-13af_xdp: set frame_no_append flagArtem Glazychev1-0/+1
Make sure the same frame is not used for multiple interfaces, otherwise it breaks the ETH_INPUT_FRAME_F_SINGLE_SW_IF_IDX promise. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I02546259ceaea36f65cb9f78b9b3ee45ed4075c9
2023-06-08af_xdp: make sure all packets are transmittedBenoît Ganne2-7/+12
AF_XDP socket will only tx enqueued packets up to a max batch size so we need to retry until everything has been sent. Type: fix Change-Id: Ia487ab63d3e85a478471cd1d679c5fb471804ba3 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-06-08crypto: use fixed crypto frame poolgaoginskx2-0/+4
The async frames pool may be resized once drained. This will cause 2 problems: original pool pointer is invalidated and pool size changed, both problems will confuse the crypto infra user graph nodes (like IPsec and Wireguard) and crypto engines if they expect the pool pointers always valid and the pool size never changed (for performance reason). This patch introduces fixed size of the async frames pool. This helps zeroing surprise to the components shown above and avoiding segmentation fault when pool resizing happened. In addition, the crypto engine may take advantage of the feature to sync its own pool/vector with crypto infra. Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I2a71783b90149fa376848b9c4f84ce8c6c034bef
2023-06-08af_xdp: remove the previous program before loading a new oneArtem Glazychev1-1/+2
Otherwise, we will get an error. The program could remain from the previous run. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I68e4072bd3b327592013804d67ccab7eb0ed3a0e
2023-06-06misc: fix the license headerMohsin Kazmi3-30/+0
Type: style Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I6b3ecf0bdb6cfdf260cf4ccae89b6bc2335ff54c
2023-06-05linux-cp: Fix add vs update on routesPim van Pelt3-58/+69
Linux uses NLM_F_REPLACE in the netlink message to signal a FIB update The code invariably does a FIB update for IPv4 and a addition for IPv6. Without this fix, the following: ip route add 2001:db8::/48 via 2001:db8::1 ip route replace 2001:db8::/48 via 2001:db8::2 ends up as two separate FIB entries in VPP. With the fix, there will be one FIB entry (the second one with nexthop ::2). Type: fix Change-Id: I8f98d6ded52ae0c60bfddaa7fc39acbbaa19d34a Signed-off-by: Pim van Pelt <pim@ipng.nl>
2023-06-02wireguard: add support for chained buffersAlexander Chernavin3-79/+353
Type: feature With this change, packets that are larger than a single buffer can fit will be able to be sent and received over a Wireguard tunnel. Also, cover this with tests. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ifaf7325676d728580097bc389b51a9be39e44d88
2023-06-02api: nat44_ed - Mark old message versions as deprecatedOndrej Fabry1-0/+10
List of changed messages: - nat44_add_del_static_mapping - nat44_user_session_dump - nat44_user_session_details - nat44_user_session_v2_dump - nat44_user_session_v2_details This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I317ae93a0e763c3759a8c24fd550e1c97f6f4987
2023-06-01crypto: make crypto-dispatch node working in adaptive modeXiaoming Jiang3-16/+3
This patch can make crypto dispatch node adaptively switching between pooling and interrupt mode, and improve vpp overall performance. Type: improvement Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I845ed1d29ba9f3c507ea95a337f6dca7f8d6e24e
2023-05-30misc: fix tracedump APIMaxime Peim1-1/+2
In some cases, in the trace dump v2 dump function, we iterate over the client cache even though this one could be empty. Type: fix Change-Id: Ice5cefa25bb93dabe86fe565347cdc32faa674ac Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-05-26linux-cp: update adjs for subifs too when mac changesAlexander Chernavin1-4/+21
The plugin creates and manages adjacencies for the physical interface in each interface pair (they are part of the x-connect feature). When a link update notification is received from the host system, MAC address of the corresponding physical interface is updated (as needed) as well as previously created adjacencies for it (because a new rewrite string needs to be generated). Subinterfaces inherit MAC address from the parent interface. When MAC address of the parent interface changes, it also implies MAC address change for its subinterfaces. The problem is that this is currently not considered in the plugin. After MAC address update on the parent interface, packets sent from subinterfaces might have wrong source MAC address. For example, IPv6 Neighbor Solicitation messages will be sent with the wrong (previous) MAC address and neighbor discovery will fail. With this fix, when the plugin updates adjacencies for a physical interface, it will also update adjacencies for the subinterfaces with existing interface pair. Type: fix Change-Id: Ia5f617197e33cb79b9b025c02c2c126c31a551ec Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-05-23misc: fix tracedump API to match CLI behaviorMaxime Peim3-4/+227
When dumping packets from multiple threads using the API, first all packets from thread 0 are dumped then all ones from thread 1, etc Until we reach the limit specified by the API call, so we could never get packets trace from threads with higher ids. However, the tracedump CLI dump a maximum number of packets from all threads, which we can expect from the API to do. We also add a trace_clear_cache API so the client gets an answer when he only wants to clear its packet cache. Type: improvement Change-Id: I0d4df8f6210a298ac3f22cd651eb4d8f445e1034 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-05-23bufmon: ptd should be alloced in main threadXiaoming Jiang1-1/+2
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I7f8c975fae5d71ce1226a8e19761fc75134e61e2
2023-05-20hsa: add an option to configure ns in http cliFilip Tehlar1-1/+16
Type: feature Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ia81f1d8e706dbce9e57319d993bff595e6ba6f03
2023-05-19fib: fix load-balance and replicate dpos buckets overflowBenoît Ganne1-44/+79
load-balance and replicate dpos both store their number of buckets as u16, which can overflow if too many paths are configured. For load-balance it can happens quite quickly because of weights normalization. Type: fix Change-Id: I0c78c39fc3d40626dfc58b49e7d99d71f9852b50 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-05-19dpdk: fix compatibility with DPDK < 21.11Andrew Ying2-2/+1
Signed-off-by: Andrew Ying <hi@andrewying.com> Type: fix Change-Id: I3c428c90146387ad9ce291c7f646d74f06952b40
2023-05-19tls: flag no app session on handshake failureFlorin Coras1-1/+1
If openssl tls server handshake fails, track the fact that the context does not have an app session. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5f493059a3610067b59caffbbe441ce9e0868252
2023-05-19dpdk: fix format device name using wrong indexDaniel Ding1-10/+10
When I setup vpp by netvsc driver, occurs the following crash: (format_dpdk_device_name) assertion `(i) < vec_len (dm->devices)' fails vnet[100166]: #6 0x00007f434d651f6a _clib_error + 0x2da vnet[100166]: #7 0x00007f430b4bef64 format_dpdk_device_name + 0xf4 vnet[100166]: #8 0x00007f434d6555f3 do_percent + 0xee3 vnet[100166]: #9 0x00007f434d654359 va_format + 0xb9 vnet[100166]: #10 0x00007f434d7ac16e vlib_log + 0x3ce vnet[100166]: #11 0x00007f430b49ebe3 dpdk_device_start + 0x193 vnet[100166]: #12 0x00007f430b4aa233 dpdk_interface_admin_up_down + 0x163 vnet[100166]: #13 0x00007f434d988fc8 vnet_sw_interface_set_flags_helper + 0x378 vnet[100166]: #14 0x00007f434d989338 vnet_sw_interface_set_flags + 0x48 This patch fix it by device_index as a index for devices vec, and not dpdk port_id. Type: fix Change-Id: I84c46616d06117c9ae3b2c7d0473050f1b8ded5f Signed-off-by: Daniel Ding <danieldin95@163.com>
2023-05-19hsa: make http cli client thread safeFilip Tehlar1-6/+29
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I9e6fd29c0e09406e48215f06977b2d4678650669
2023-05-16hsa: detach app on unsuccessful listenFilip Tehlar1-0/+12
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Idba74f880a251dbeec2205ee41e16b40d4799b06
2023-05-16ip_session_redirect: add session redirect pluginBenoît Ganne9-0/+1044
This feature enables the use of the classifier and ip-in-out-acl nodes to redirect matching sessions via arbitrary fib paths instead of relying on additional VRFs. Type: feature Change-Id: Ia59d35481c2555aec96c806b62bf29671abb295a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-05-16dpdk: fix format rx/tx burst function name failedXiaoming Jiang1-8/+9
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I9971e69135e0652a36e4b4754774a43ea1d92e8b
2023-05-16memif: fix coverity warningsMarvin Liu3-8/+7
Type: fix Signed-off-by: Marvin Liu <yong.liu@intel.com> Change-Id: Ie3f390be16df81f6824344034377f9a6f4fa9f92
2023-05-16misc: make format_hexdump length u32Benoît Ganne1-3/+2
format_hexdump currently requires the length parameter to be uword (64-bits) hence all callers must make sure to cast the length to uword. Use u32 instead to benefit from C automatic integer promotion: any length smaller or equal to u32 will be promoted to int fitting in u32). Only callers using a length of u64 needs to downcast. It also makes it similar to other variants. Type: fix Change-Id: I09b52fdde3970cec0be4150a29126ff63106c75b Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-05-15hsi: interop with ip reassemblyFlorin Coras1-19/+46
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8d3a1939870601297ecccf4cda6767510c2abfa5
2023-05-15dpdk: Be wary of the return value from rte_eth_dev_socket_idSteven Luong1-1/+7
Prior to dpdk-22.11, VPP can count on rte_eth_dev_socket_id to return numa node 0 if the device didn't set it. Ever since below patch is committed in dpdk https://patchwork.dpdk.org/project/dpdk/patch/20220929120512.480-1-olivier.matz@6wind.com/#152498 the aforementioned assumption is no longer true. If the device didn't set the numa node, VPP gets -1 from the aforementioned API call. This causes VPP to crash. This fix is to set the numa node to 0 if the API returns -1, or SOCKET_ID_ANY Type: fix Change-Id: I2fde2870e5a3eb98473fe8d119fef594bfba9a8d Signed-off-by: Steven Luong <sluong@cisco.com>
2023-05-12gre: move to a pluginChuhao Tang12-1/+3207
Move GRE folder under vnet to the plugin folder, and modify some of path of the #inlude<header> to the new path. Add a plugin.c file to register a plugin. JIRA: VPP-2044 Type: improvement Change-Id: I7f64cecd97538a7492e56a41558dab58281a9fa5 Signed-off-by: Chuhao Tang <nicotang@cisco.com>
2023-04-27api: Mark old message versions as deprecatedOndrej Fabry1-0/+4
This change is part of VPP API cleanup initiative. Type: refactor Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I9f0f786b50aa77383b16e0f844c85f236f7aa8d0
2023-04-25crypto-sw-scheduler: fix interrupt modeAlexander Skorichenko1-0/+10
Type: fix Currently sw_scheduler runs interchangeably over queues of one selected type either ENCRYPT or DECRYPT. Then switches the type for the next run. This works fine in polling mode as missed frames get processed on the next run. In interrupt mode if all of the workers miss a frame on the first run the interrupt flag is lowered so the frame remains pending in queues waiting for another crypto event to raise the interrupt. With this fix force sw_scheduler in interrupt mode check the second half of the queues if the first pass returned no results. This guarantees a pending frame gets into processing before interrupt is reset. Change-Id: I7e91d125702336eba72c6a3abaeabcae010d396a Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2023-04-25perfmon: fix perfmon start type argumentMaxime Peim1-5/+3
When trying to start perfmon with a bundle that has a unique type while specifying that type as argument, the command fails (e.g. perfmon start bundle branch-mispred type node). This error occurs because the returned value of unformat_perfmon_active_type is actually a perfmon_bundle_type_t, but it was treated as a perfmon_bundle_type_flag_t by a test in the CLI function. However, this test is useless and thus can just be removed. Type: fix Signed-off-by: Maxime Peim <mpeim@cisco.com> Change-Id: I5d8b9815871621e8ee7b935586f4cedbc0e7a53d
2023-04-25memif: support dma optionMarvin Liu8-20/+925
Introduce async model into memif by utilizing new DMA API. Original process is broken down to submission stage and completion stage. As multiple submissions may in flight simultaneously, per thread data is no longer safe, now replace thread data into each dma data structure. As slave side already support zero copy mode, DMA option is only added in master side. Type: feature Signed-off-by: Marvin Liu <yong.liu@intel.com> Change-Id: I084f253866f5127cdc73b9a08c8ce73b091488f3