summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2024-02-09ikev2: accept rekey request for IKE SAAtzm Watanabe3-24/+265
RFC 7296 describes the way to rekey IKE SAs: to rekey an IKE SA, establish a new equivalent IKE SA with the peer to whom the old IKE SA is shared using a CREATE_CHILD_SA within the existing IKE SA. An IKE SA so created inherits all of the original IKE SA's Child SAs, and the new IKE SA is used for all control messages needed to maintain those Child SAs. Type: improvement Signed-off-by: Atzm Watanabe <atzmism@gmail.com> Change-Id: Icdf43b67c38bf183913a28a08a85236ba16343af
2024-01-31tls: set app closed flag in frameworkFlorin Coras1-2/+0
Set the flag in tls framework as opposed to tls engines. This is similar to passive close. Type: improvement Change-Id: I0c2a774b1ef9d7ec6ba74daf1678ea449815184f Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-01-31tls: convert ctx fields to connection flagsFlorin Coras3-13/+15
Type: refactor Change-Id: I527bbc1cf2e7b6d06fd0c88b7563fb59ed28bc40 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-01-30linux-cp: add add_del_v3 and get_v2 methodsAnton Nikolaev2-6/+108
Added vl_api_lcp_itf_pair_add_del_v3_t_handler method, it can return vif_index in reply. Also added vl_api_lcp_itf_pair_get_v2_t_handler methods, this method is able to dump only one lcp pair or dump all lcp pairs via stream_msg. Type: improvement Change-Id: I1d25344ee57f8fac8b857bb3a9a03116230b4d2c Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
2024-01-19build: disable plugins which require openssl if openssl is not availableDamjan Marion4-0/+21
Type: improvement Change-Id: I4591fcb31dd28d1771b3d6e5afdaa14f29efe6ef Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-01-19lldp: dump apiDenys Haryachyy3-9/+132
Introduce a dump api for LLDP plugin Type: improvement Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com> Change-Id: If67dedd329cced59227187284646d147ef6ef92c
2024-01-19memif: use VPP cacheline size for memif when compiling within VPPMohsin Kazmi1-0/+2
Type: make memif.h file is independent code which can be used outside of VPP. Hence it uses its own cacheline size MACRO. This patch sets the value of MEMIF_CACHELINE_SIZE in the cmake file for memif plugin to VPP_CACHE_LINE_SIZE. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I8185e78897f4571f1a0430dd7e758816e127444c
2024-01-17octeon: native driver for Marvell Octeon SoCDamjan Marion11-0/+2501
Type: feature Change-Id: I6898625c4e8854f777407dac3159e4c639a54860 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com> Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-01-17af_packet: set next0 for AF_PACKET_IF_MODE_ETHERNET modeArtem Glazychev1-0/+6
Normally af_packet sets next0 = next_index on each cycle. It works for the most cases. But if vlib_validate_buffer_enqueue_x1() changes the next_index (from NEXT_ETHERNET to NEXT_DROP for example) then the following next0 will have the wrong value, and the correct packet will be dropped. AF_PACKET_IF_MODE_IP handles this case, but AF_PACKET_IF_MODE_ETHERNET doesn't. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: Ic742043e8b10a2abe56b314bb584277151a9c5eb
2024-01-16dpdk: add ID for QAT 4xxx series VF supportKai Ji1-1/+2
Type: feature Enable use of 4th gen QAT series devices. Change-Id: I890c1f1d305ff9b996322c29e9510cfe89d88d97 Signed-off-by: Kai Ji <kai.ji@intel.com>
2024-01-16dpdk: fix log_debug message formatGeorgy Borodin1-1/+1
debug+asan build will fail on initialisation when log level==debug Type: fix Fixes: 549838c81bd0d995f2b8569955afc33132582c77 Change-Id: Ic64b376727d49f89790fb29bd03a0a2520625cdc Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
2024-01-15devices: add support to check host interface offload capabilitiesMohsin Kazmi2-6/+96
Type: improvement This patch implements support to check the host interface offload capabilities. NOTE: this check is only done once when interface is being created. Any changes to the cap of host interface after that will not reflect changes to af_packet interface in VPP. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ibc9953131f64f3fb3e601d34036b9f453913692a
2024-01-12crypto-native: add AES-CTRDamjan Marion4-18/+144
Type: feature Change-Id: Iab84226043d8042a99a507767b75e9d4a89cc5c6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-01-12vppinfra: native AES-CTR implementationDamjan Marion1-17/+14
Type: feature Change-Id: I7ef3277edaeb266fbd3c8c9355d4443002ed2311 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-01-12http: fix memory leakFilip Tehlar1-0/+1
Type: fix Change-Id: I36905132a42d23e719bf0e82eeafa48f60f4887a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2024-01-10linux-cp: fix route prefix constructionAlexander Skorichenko1-1/+1
Prevent comparison ops for uninitialized IPv6 prefix bytes. Type: fix Change-Id: I440fea7f0725769406ad348eb3402a98c593dc3c Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2024-01-10linux-cp: Fix looping netlink messagesPim van Pelt5-6/+45
Signal when consuming a batch of netlink messages, in order to inhibit lcp_sync from generating new netlink messages. This avoids link up/down state changess from triggering an infinite loop. Do this in the regular case of nl_route_process_msgs() and in the special case of re-synchronizing in lcp_nl_recv_dump_replies(). Type: fix Change-Id: I419d3f9aa350c119b3778b644c65165cb4cc1bef Signed-off-by: Pim van Pelt <pim@ipng.nl>
2024-01-10urpf: add interface dump to APIPim van Pelt2-0/+94
Add an urpf_interface_dump() API call, with optional sw_if_index. If either a mode or a table is specified in any given interface address family and direction, return it in a list, otherwise omit it. TESTED: create loopback interface instance 0 create loopback interface instance 1 create loopback interface instance 2 create loopback interface instance 3 ip6 table add 8298 set urpf ip4 rx loose loop1 set urpf ip6 tx off loop2 table 8298 API call urpf_interface_dump(sw_if_index=~1) returns: [ urpf_interface_details(_0=658, context=2, sw_if_index=2, is_rx=True, mode=<vl_api_urpf_mode_t.URPF_API_MODE_LOOSE: 1>, af=<vl_api_address_family_t.ADDRESS_IP4: 0>, table_id=0), urpf_interface_details(_0=658, context=2, sw_if_index=3, is_rx=False, mode=<vl_api_urpf_mode_t.URPF_API_MODE_OFF: 0>, af=<vl_api_address_family_t.ADDRESS_IP6: 1>, table_id=8298) ] Type: improvement Change-Id: I1ded5c445dc07dab73ea41b817b5827b72ca79d4 Signed-off-by: pim@ipng.nl
2024-01-09session: make app listener pool globalFlorin Coras1-2/+4
One less pointer chase when accepting sessions. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I20dbb21d15d4a703f76e3b12f04a6f5b5d2a3cd8
2024-01-02flowprobe: fix calling vlib_time_now() from worker threadsAlexander Chernavin1-3/+2
Currently, when flowprobe_export_send() calls vlib_time_now(), a pointer to the main thread's vlib_main_t is always passed (the one cached in flow_report_main). However, that code can also be executed from a worker thread. And passing a pointer to the main thread's vlib_main_t to vlib_time_now() from a worker thread may cause time synchronization issues. Also, running a debug binary will cause an assertion failure in vlib_time_now() in this case. With this fix, flowprobe_export_send() passes the pointer to the current thread's vlib_main_t to vlib_time_how(). This doesn't allow to remove @tag_fixme_vpp_workers from the unit tests yet as they will be failing for other multi-worker related problems. Type: fix Change-Id: Ia35e3a4176777b88cf8ca8af8af7c42c495cbc6a Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2024-01-02http: unify client/server state machinesFilip Tehlar3-329/+363
Type: improvement Change-Id: I57a816fbed8b681dec201edc8d5950a34a555a2b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-12-22quic: seed random generator during initFilip Tehlar1-0/+8
Quic does not seed random value, so if the plugin is loaded separately RAND_bytes will fail. Type: fix Change-Id: If600cbde1fef30afb6316fc1a355261b008c3191 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-12-20srv6-mobile: Implement SRv6 mobile API funcsTakeru Hayasaka13-92/+682
This merge request adds the feature to manipulate localsids and policies for SRv6 mobile via API. Type: feature Signed-off-by: Takeru Hayasaka <hayatake396@gmail.com> Change-Id: Ibb46bf71ae1d9d4591ce2c8ccf66f520887dad70
2023-12-15devices: add cli support to enable disable qdisc bypassMohsin Kazmi3-2/+114
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ic124f44e64bd60f41e750b4118be3e8d1d1eb70b
2023-12-15rdma: add rdma_create_v4 that handles flags properlyVratko Polak4-2/+136
The _v3 was not handling endianness on flags (e.g. mode). Marking _v3 as deprecated, but keeping it as there might be users who learned to preprocess their flag values. + Also, format PCI product_name as a vector, not a string. Type: fix Change-Id: I50c4b44f3570f02518dbd9a43239c1a37612d24a Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-12-14bpf_trace_filter: allow use whithout classifierMohammed Hawari1-2/+2
Change-Id: I7ac5693ca547fe7249e7b6297bade70a6052b169 Type: improvement Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2023-12-12cnat: undo fib_entry_contribute_forwardingNathan Skrzypczak2-3/+7
Type: fix Change-Id: I9df43a34328209c87177a534d08919dda0af6096 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2023-12-08dev: caps and rx/tx offload supportDamjan Marion1-1/+13
Type: improvement Change-Id: I7972f595444eacdb020f3fa2a60331c40766fc0b Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-08dpdk: never override devname if set via configPeter Morrow1-5/+6
Even if the device name is specified in the startup config it may be appended to if the device is a switch domain member. This leads to unexpected device naming if an explicit device name was requested. Type: fix Change-Id: Ib56b4ac41c17008db55dc69497721e3cb7d540c1 Signed-off-by: Peter Morrow <pdmorrow@gmail.com>
2023-12-07dpdk-cryptodev: fix crypto-dispatch node statsPiotr Bronowski2-11/+7
This patch introduces a fix for correcting a counter for the number of processed vectors in the crypto-dispatch node. Type: fix Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: Icaeb925a352a9ac766652f43c4e752f6727cdeb9
2023-12-07misc: fix tracedump `show graph` out-of-bufferDmitry Valter1-3/+3
Use the correct string type for vlib_get_node_by_name. Found by ASAN. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Change-Id: I679d27050487e013e3320a4c558d78fa60c5e98a
2023-12-05iavf: set max_pkt_size even for disabled queues to make i40e PF driver happyDamjan Marion1-1/+3
Type: improvement Change-Id: I3daf6c32888a15c7ef1f32e729c1e23765d14dc6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-04http: fix coverity warningFilip Tehlar1-1/+3
Type: fix Change-Id: I659a67293763a6035cfa64a4057ebf716fe93ab4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-12-04iavf: add missing cfg_change_validate callbackDamjan Marion2-1/+4
Type: fix Fixes: 47447f1f Change-Id: I438f5535bc48ca5397b8f5d3fbbd893ca6a511b4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-04iavf: workaround for case when PF driver sends zero for max_mtuDamjan Marion1-1/+13
Type: improvement Change-Id: Ie4b2b958a24cdde8c183b700d864fc6f5b0df08f Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-01iavf: limit maximum number of queues to 32Damjan Marion1-3/+5
First genaration of AVF APIs we currently use doesn't support more... Type: improvement Change-Id: I1ae27f322403a2b455fcad8b028fa2004b449789 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-22avf: put sentinel at correct placeVratko Polak2-6/+6
The previous fix was adding the sentinel before refilling rx, which gave the NIC time to overwrite it with a new descriptor. Ticket: VPP-2087 Type: fix Fixes: 8b4d474abd62c623502ad9a4a279a9b4535ca0c1 Change-Id: I32bde4a763a62fb66c5c3871d9f10af6066e2d47 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-11-20dpdk: fix description for mlx5_pci driverNobuhiro MIKI1-1/+1
This is because mlx5_pci is also compatible with another series of NICs such as ConnectX-5 and ConnectX-6. Type: fix Change-Id: I10f0468bbe36ab61c72fb3dc0aa898f8e2f9e88c Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
2023-11-16dhcp: api to enable client detect on interfaceOle Troan3-0/+39
DHCPv4 aka BOOTP is somewhat awkward. A DHCP client on an interface must receive DHCP packets to the broadcast address or to a unicast address. Apparently before it's been assigned to itself. Add this new API to allow external DHCP clients enable the DHCP client detect feature per interface. Type: improvement Change-Id: If55aac03f25a045496be483940e4f5e7e18885b9 Signed-off-by: Ole Troan <otroan@employees.org>
2023-11-14flowprobe: fix L3 header offset calculation for tx flowsAlexander Chernavin1-1/+1
The recent TX flows generation fix introduced "l3_hdr_offset" which represents the offset of the IP header in the buffer's data. The problem is that it is erroneously defined as a 16-bit unsigned integer. If the calculated offset is negative, "l3_hdr_offset" will get a value close to UINT16_MAX. And the code will search the IP header somewhere beyond the buffer's data. For example, this will occur in the case when an ICMP error is being sent in response to a received packet. With this fix, make "l3_hdr_offset" a signed integer. Type: fix Change-Id: I6f1283c7ba02656d0f592519b5863e68348c5583 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-13ena: Amazon Elastic Network Adapter (ENA) native driverDamjan Marion18-0/+4432
Type: feature Change-Id: Icd9de05f2cbac0e5a6dfb1f1414f21dc4b893104 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-13dev: add change_max_rx_frame_size capabilityDamjan Marion2-4/+5
Type: improvement Change-Id: I922e216818b78f2fe7689c21a1d27d74a0ae28b8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-12flowprobe: fix tx flows generated for rewritten trafficAlexander Chernavin1-5/+7
Currently, when IPFIX records generation is enabled for an interface in the TX direction, some rewritten traffic is being sent from that interface, and the Ethernet header's location has changed due to rewriting, generated TX flows will contain fields with wrong and zero values. For example, that can be observed when traffic is rewritten from a subinterface to a hardware interface (i.e. when tags are removed). A TX flow generated in this case will have wrong L2 fields because of an incorrectly located Ethernet header. And zero L3/L4 fields because the Ethernet type will match neither IP4 nor IP6. The same code is executed to generate flows for both input and output features. And the same mechanism is applied to identify the Ethernet header in the buffer's data. However, such general code usually works with the buffer's data conditionally based on the direction. For most input features, the buffer's current_data will likely point to the IP header. For most output features, the buffer's current_data will likely point to the Ethernet header. With this fix: - Keep relying on ethernet_buffer_get_header() to locate the Ethernet header for input features. And start using vlib_buffer_get_current() to locate the Ethernet header for output features. The function will account for the Ethernet header's position change in the buffer's data if there is rewriting. - After fixing Ethernet header determination in the buffer's data, L3/L4 fields will contain non-zero but still incorrect data. That is because IP header determination needs to be fixed too. It currently relies on the fact that the Ethernet header is always located at the beginning of the buffer's data and that l2_hdr_sz can be used as an IP header offset. However, this may not be the case after rewriting. So start calculating the actual offset of the IP header in the buffer's data. - Add a unit test to cover the case. Type: fix Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-10gtpu: support non-G-PDU packets and PDU SessionRune E. Jensen8-527/+2551
Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with the gtpu plugin. New features: - Basic support for the GTP-U Extension Header Flag. Packets with one extension can now be decapsulated. This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0). New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI). With this, encapsulated packets will have the PDU Session extension header, and the QFI set. - Ability to forward GTP-U packets that are not handled by the plugin directly. Only GTP-U packets with a message type of 255 (G-PDU) are handled directly. However, 3GPP TS 29.281 defines several other message types like echo and error indication. A new feature is added to optionally forward unknown or unsupported packets to a new IP address. This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown GTP-U header. This allows both echo and error indications from a 5G gNodeB to be handled by a different system outside VPP. - Simple way to get metrics for active tunnels and on tunnel close. In 5G session/tunnel lifetime is often short and created frequently. The normal API becomes too slow and inaccurate when too many tunnels are created and deleted every second. Improvements: - A clean ground structure to handle multiple message type in the future. The code path for G-PDU packets is optimized for performance, representing the typical case. Unsupported GTP-U packets enter a slow path that decodes the nature of the error. This presents a easy hook to handle other message types in the future. - Improved error reporting When using traces there is more details in the tunnel descriptions. - Updated the API with several enums. Fixes: - gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code. - vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels. Issues: - This PR does not enable full support of the 3GPP specification. In particular it only supports a single QoS/QFI flow for each tunnel. It ignores all incoming extension header flags. - API functions might change again when/if more support of the 3GPP TS 38.415 spec is added. Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on my API changes. Type: feature Signed-off-by: Rune E. Jensen <runeerle@wgtwo.com> Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625
2023-11-09iavf: interrupt mode supportDamjan Marion6-86/+211
Type: improvement Change-Id: Ie5fcaa706ab0995e0021cf1ee74b95c5a3b30283 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-07af_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flagArtem Glazychev1-1/+0
af_packet does not process data until the interface is UP. If after interface creation, but before it is UP, the host interfaces are flooded, then blocking case may occur - VPP interface will never be able to process the data. If the EDGE_TRIGGERED flag is set, the event will not arrive, because nothing new is happening anymore (probably because the queue is already full). Therefore, we need to use LEVEL_TRIGGERED (default value), which indicates that there is still unprocessed data (accumulated after interface creation, but before it was UP). Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: Ied459fd194149d09f226bcb0a5907b3e327b148a
2023-11-07flowprobe: fix clearing interface state on feature disablingAlexander Chernavin1-0/+3
As a result of recent fixes, all currently stored flows of an interface are deleted when the feature is being disabled for the interface. This includes stopping the timer and freeing the flow entries for further reuse. The problem is that meta information is not cleared in the flow entries being deleted. For example, packet delta count will keep its value. The next flow that gets one of these pool entries will already have a non-zero packet count. So the counting of packets will start from a non-zero value. And incorrect packet delta count will be exported for that flow. With this fix, clear meta information too when clearing interface state. Also, update the corresponding test to cover this case. Type: fix Change-Id: I9a73b3958adfd1676e66b0ed50f1478920671cca Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-06dpdk: correct the printing of Rx offloading flagsJieqiang Wang1-1/+1
DPDK added new Rx checksum flags[1] to handle cases like the virtual drivers. Current check of flags is not strict enough for flags like RTE_MBUF_F_RX_IP_CKSUM_NONE and will always be true no matter the checksum in packet is good or bad. Fix this issue by comparing the result of AND operation with the correspinding Rx checksum flags. Before this patch, packet trace prints the offload flags as below: Packet Offload Flags PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid PKT_RX_IP_CKSUM_NONE (0x0090) no IP cksum of RX pkt. PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid PKT_RX_L4_CKSUM_NONE (0x0108) no L4 cksum of RX pkt. After this patch, packet offload flags would be like: Packet Offload Flags PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid Type: fix [1] https://github.com/DPDK/dpdk/commit/5842289a546ceb0072bd7faccb93821e21848e07 Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I3182022d9ccd46b2fc55bb3edfbfac9062ed7c89
2023-11-03vppinfra: refactor interrupt codeDamjan Marion1-2/+2
Type: improvement Change-Id: Ie6987736faf7d8a641762e276775da8ee0c03ea4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-03dev: strip debig log function name prefix during compilationDamjan Marion2-24/+3
Type: improvement Change-Id: I9b9bb37a0895366b412f042b0e2da5bbdd477325 Signed-off-by: Damjan Marion <damarion@cisco.com>