aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2023-02-08avf dpdk: fix incorrect handling of IPv6 src address in flowTing Xu2-3/+4
In current flow creating process in native avf and dpdk-plugins, when parsing the input arguments, it does not copy IPv6 src address correctly, so that IPv6 src address will not be configured in any flow rule, and any packet with the same address will not be matched. Type: fix Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: Ic957c57e3e1488b74e6281f4ed1df7fd491af35c
2023-02-08avf: fix incorrect flag for flow directorTing Xu1-2/+1
When parsing flow action type in avf, there is an incorrect flag for flow director, which makes flow director rule created unexpectedly. Type: fix Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: Id9fed5db8ccacd5cc6c2f4833183364d763188c1
2023-02-08avf: fix checksum offload configurationTing Xu2-3/+1
Fix some configurations of avf checksum offload to get the correct udp and tcp checksum. Change Tx checksum offload capability since avf supports ipv4, tcp and udp offload all. Remove the operation to swap bit of checksum. Type: fix Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: I55a916cc9ee6bef5b2074b5b6bb5f517fc2c178d
2023-02-08avf: fix bit calculation function fls_u32Ting Xu1-1/+1
In avf the function fls_u32 is used to calculate the power of 2. Fix the expression of this function. Type: fix Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: I27160de8588a5efb3f24306597a5a240deb3ab74
2023-02-06vppinfra: refactor clib_socket_init, add linux netns supportDamjan Marion5-139/+80
Type: improvement Change-Id: Ida2d044bccf0bc8914b4fe7d383f827400fa6a52 Signed-off-by: Damjan Marion <dmarion@me.com>
2023-02-03nat: fix accidental o2i deletion/reuseDmitry Valter1-0/+6
Nat session is allocated before the port allocation. During port allocation candidate address+port are set to o2i 6-tuple and tested against the flow hash. If insertion fails, the port is busy and rejected. When all N attempts are unsuccessful, "out-of-ports" error is recorded and the session is to be deleted. During session deletion o2i and i2o tuples are deleted from the flow hash. In case of "out-of-ports" i2o tuple is not valid, however o2i is and it refers to **some other** session that's known to be allocated. By backing match tuple up session should be invalidated well enough not to collide with any valid one. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: Id30be6f26ecce7a5a63135fb971bb65ce318af82
2023-02-02tls: openssl: fix SSL_read partial read scenarioOfer Heifetz1-8/+10
When application performs SSL_read from the app rx-fifo, it can pre-allocate multiple segments, but there is an issue if the OpenSSL manages to partially fill in the first segment, in this case, since data is assumed to be copied over by OpenSSL to the pre-allocated segments(s), vpp uses svm_fifo_enqueue_nocopy API which performs zero copy by passing the pre-allocated segment to SSL_read. If the decrypted data size is smaller than the pre-allocated fifo segment buffer size, application will fetch buffers including zero in the area not filled in by SSL_read. Type: fix Signed-off-by: Ofer Heifetz <oferh@marvell.com> Change-Id: I941a89b17d567d86e5bd2c35785f1df043c33f38
2023-02-02linux-cp: fix auto-sub-intStanislav Zaikin2-1/+5
lcp_itf_pair_pool could grew during sub-interface creation. Type: fix Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com> Change-Id: Ideafe392f9bb2b418ce9d6faa4f08dfe26f4a273
2023-02-02af_xdp: fix default xdp program unload failYulong Pei1-20/+45
Change to get ad->linux_ifindex in af_xdp_create_if() instead of in af_xdp_load_program(), previous if did not load custom XDP program, ad->linux_ifindex will be none, but bpf_xdp_detach() need it, so default xdp program will be not unloaded when delete af_xdp interface. Type: fix Signed-off-by: Yulong Pei <yulong.pei@intel.com> Change-Id: Id8a640204e8d29152f03349a0b58104b275635aa
2023-02-01memif: improve error reportingDamjan Marion4-122/+62
Type: improvement Change-Id: I12b120d988347cced3df82810e86dc2fd5cfca80 Signed-off-by: Damjan Marion <dmarion@me.com>
2023-02-01wireguard: update ESTABLISHED flagArtem Glazychev1-5/+3
We cannot confidently say that if we have received and processed the handshake_initiation message, then the connection has been established. Because we also send a response. The fact that the connection is established can only be considered if a keepalive packet was received. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I61731916071990f28cdebcd1d0e4d302fa1dee15
2023-01-26dns: keep AddressSanitizer happyBenoît Ganne2-16/+23
Type: fix Change-Id: I0ae4071ee317f38daa882fec17087a55afe75d1d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-01-26dpdk: add intf tag to dev{} subinputNathan Skrzypczak2-0/+6
This patch allows to pass a tag when specifying the dpdk `dev { }` interface configuration. It allows a control plane generating a vpp.conf file to retreive the resulting mapping between dpdk interfaces & sw_if_indices in VPP without having to change the interface name exposed to the user. Type: feature Change-Id: I55907417de0083b82d4a127172816cec3459acf3 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2023-01-26wireguard: sending the first handshakeArtem Glazychev3-10/+13
After creating a peer, we send a handshake request. But it's not quite right to call wg_send_keepalive() directly. According to documentation, handshake initiation is sent after (REKEY_TIMEOUT + jitter) ms. Since it's the first one - we don't need to take REKEY_TIMEOUT into account, but we still have jitter. It also makes no sense to immediately send keepalives, because the connection is not created yet. Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I61707e4be79be65abc3396b5f1dbd48ecbf7ba60
2023-01-24af_xdp: fix xdp socket create failChen Yahui1-2/+18
In libbpf code, xsk_socket__create will call xsk_link_lookup to get the xdp_sock bpf prog. But xsk_link_lookup can't get any bpf prog. This will cause Libbpf not to insert the fd into xsks_map and return ERROR. The solution to this problem is to insert fd into xsks_map ourselves instead of libbpf. Type: fix Change-Id: Ic5d279c6ddc02d67371262d6106a5b53b70e7913 Signed-off-by: Chen Yahui <goodluckwillcomesoon@gmail.com>
2023-01-23vppapigen: enable codegen for stream message typesStanislav Zaikin2-7/+7
Enable codegen for C type from 'rpc A returns B stream C' notation Type: improvement Change-Id: I05cfce71c385d414d7b177a080009628bc8c8fad Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
2023-01-20vppinfra: clib_bitmap fixMaxime Peim1-28/+139
In clib_bitmap_set_region and clib_bitmap_set_multiple the index of the last bit to set was off by 1. If this index was pointing to the last bit of the bitmap, another uword would have been allocated, even though it was unnecessary. Moreover, in clib_bitmap_set_region, bits in the last word were not properly set. Indeed, the n_bits_left value is wrong since n_bits is not decreased by the number of already set bits. Type: fix Signed-off-by: Maxime Peim <mpeim@cisco.com> Change-Id: I8d7ef6f47abb9f1f64f38297da2c59509d74dd72
2023-01-19vxlan: convert vxlan to a pluginSteven Luong16-5/+4236
per https://jira.fd.io/browse/VPP-2058 Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ica0828de218d25ada2d0d1491e373c3b78179ac1
2023-01-18af_packet: add the missing header-len for packets with checksum offloadMohsin Kazmi1-0/+4
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ifb790c25b38b2b1865cda7d95891bddd4195c601
2023-01-18lb: add source ip based sticky load balancingNobuhiro MIKI7-34/+674
This patch adds source ip based sticky session, which is already implemented in many hardware LBs and software LBs. Note that sticky sessions may be reset if the hash is recalculated as ASs are added or deleted. Since this feature is unrelated to the other existing options, the lb_add_del_vip API version has been upgraded to v2 and a new option "src_ip_sticky" has been added. Type: feature Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp> Change-Id: I3eb3680a28defbc701f28c873933ec2fb54544ab
2023-01-18pppoe: fix memcpy out of bounds with gcc-11 on armTianyu Li1-1/+1
In function ‘memcpy’, inlined from ‘clib_memcpy_fast’ at /home/vpp/src/vppinfra/string.h:86:10, inlined from ‘memcpy_s_inline’ at /home/vpp/src/vppinfra/string.h:157:7, inlined from ‘vnet_pppoe_add_del_session’ at /home/vpp/src/plugins/pppoe/pppoe.c:356:7: error: ‘__builtin_memcpy’ offset [0, 5] is out of the bounds [0, 0] [-Werror=array-bounds] 34 | return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Cc1: all warnings being treated as errors Hardware address is zero length vector for PPP, use vec_len instead. Type: fix Fixes: 62f9cdd82c52 ("Add PPPoE Plugin") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: If9fb409cfbbac77c15559d103987f0130bf30255
2023-01-17acl: CLI allow replace, allow deletionPim van Pelt1-8/+66
Allow the CLI caller to specify an optional [index <idx>] index, which will remove the ACL at that index. This mimicks the API behavior, Add a 'delete acl-plugin acl index <idx>' to mimick the API acl_del call, which will refuse to delete a non-existent index, as well as an index that is referenced by an interface. Type: improvement Signed-off-by: pim@ipng.nl Change-Id: I5f240f7a4e3bca14e8122917e8a5186d80094de2
2023-01-16wireguard: add local variableGabriel Oginski1-17/+53
The current implementation of wireguard use dereference value from pointer, but between get and dereference the value from pointer can be occur change in pool memory, which means that this pointer can be invalid. Since current implementation doesn't handle with invalid pointers, segfault can occur. The fix add a local variable to keep index of peer from pool and also handle with null pointers from get pointer from pool. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Ic161ab08266e584493338c682d827ea1fd754b98
2023-01-13af_xdp: update af_xdp driver plugin to depend on libxdpYulong Pei3-26/+41
AF_XDP support is deprecated in libbpf since v0.7.0 [1], the libxdp library now provides the functionality which once was in libbpf, this commit updates af_xdp plugin to depend on libxdp, libbpf still remains a dependency even if libxdp is present, as it need use libbpf APIs for program loading. libxdp is distributed within xdp-tool [2], xdp-tools package also include libbpf in it as dependency, so here installed libxdp v1.2.9 and libbpf v0.8.0, both from xdp-tool-1.2.9 package. More information about libxdp compatibility can be found in the libxdp README [3]. In libbpf v0.8.0, The bpf_prog_load function was deprecated and changed to bpf_object__open_file and bpf_object__next_program and bpf_object__load, The bpf_get_link_xdp_id and bpf_set_link_xdp_fd functions were deprecated and changed to bpf_xdp_attach and bpf_xdp_detach, The bpf_object__unload function was deprecated and changed to bpf_object__close. [1] https://github.com/libbpf/libbpf/commit/277846bc6c15 [2] https://github.com/xdp-project/xdp-tools/releases/tag/v1.2.9 [3] https://github.com/xdp-project/xdp-tools/blob/master/lib/libxdp/README.org Type: improvement Change-Id: Ifbf6e3aa38bc6e0b77561f26311fd11c15ddb47e Signed-off-by: Yulong Pei <yulong.pei@intel.com>
2023-01-12abf: exclude networks with deny rulesJosh Dorsey2-6/+10
Type: improvement Signed-off-by: Josh Dorsey <jdorsey@netgate.com> Change-Id: Iee43ca9278922fc7396764b88cff1a87bcb28349
2023-01-11pci: add option to force uio bindingBenoît Ganne5-8/+23
Type: improvement Change-Id: Ifea4badd58f7e2b5e792d7506f6747851a08587f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-01-11linux-cp: Fix endianness in lcp responsePim van Pelt1-1/+1
Creation of LCP will return garbled host_sw_if_index of the newly created TAP interface. Example PAPI code: ``` lcp_add = vpp.api.lcp_itf_pair_add_del_v2(is_add=True, sw_if_index=17, host_if_type=VppEnum.vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP, host_if_name="loop0", netns="dataplane") print(lcp_add) lcp_ret = vpp.api.lcp_itf_pair_get() print(lcp_ret) ``` Before, the returned host_sw_if_index has the wrong endianness: VPP version is 23.02-rc0~212-gf06a518f8 lcp_itf_pair_add_del_v2_reply(_0=103, context=2, retval=0, host_sw_if_index=301989888) (lcp_itf_pair_get_reply(_0=105, context=3, retval=0, cursor=4294967295),[lcp_itf_pair_details(_0=106, context=3, phy_sw_if_index=17, host_sw_if_index=18, vif_index=594, host_if_name='loop0', host_if_type=<vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP: 0>, netns='dataplane')]) After, it is correctly showing idx 18: VPP version is 23.02-rc0~212-gf06a518f8 lcp_itf_pair_add_del_v2_reply(_0=103, context=2, retval=0, host_sw_if_index=18) (lcp_itf_pair_get_reply(_0=105, context=3, retval=0, cursor=4294967295), [lcp_itf_pair_details(_0=106, context=3, phy_sw_if_index=17, host_sw_if_index=18, vif_index=595, host_if_name='loop0', host_if_type=<vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP: 0>, netns='dataplane')]) Type: fix Signed-off-by: pim@ipng.nl Change-Id: I9085bac0c4a9ad64356c67f9b85f4910131e349e
2023-01-11nat: do not use nat session object after deletionBenoît Ganne2-0/+10
Type: fix Change-Id: Ifc709b6e7217a893d13aee6d3019e699637366ef Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-01-10build: do not link with libssl if not neededBenoît Ganne4-4/+4
In most cases we only need OpenSSL libcrypto (crypto primitives) but not libssl (tls). Type: improvement Change-Id: I9dce27d23d65bf46aea2d0f8aaf417240701efcc Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-01-10vrrp: fix update virtual addr make mistakegaochx1-2/+2
When use update api delete a virtual address, no matter which IP want to delete, always delete the last one. Type: fix Signed-off-by: GaoChX <chiso.gao@gmail.com> Change-Id: Ia67c06dd53a442740794e1884d1a4aaa06965398
2022-12-23hsa: fix echo client workers initializationBenoît Ganne1-5/+4
We were creating an additional worker not backed by any VPP threads, leading off-by-1 access in the session main workers vector. Also uses vec_elt_at_index() when accessing session main workers vector elements to catch those errors more easily. Type: fix Change-Id: I6059116b7b64ae6b26ad83c1fcf55df8522868ad Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-12-22misc: fix crash using tracedump plugin with socket API clientsArthur de Kerhor1-6/+9
Type: fix Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com> Change-Id: I208724a515c9a38c4032f101bdf73aa87b1c13be
2022-12-21dpdk: link DPDK with MLX4/MLX5 libraries againVladimir Ratnikov1-1/+3
Previously it was linked and worker properly. While rdma build was simplified, link was lost so all encrypted data won't pass via Mellanox interfaces(ipsec, ipip, ssh etc) and NetVSC taps won't created the right way. Errors: mlx5_common: Verbs device not found: 21a5:00:02.0 mlx5_common: Failed to initialize device context. EAL: Requested device 21a5:00:02.0 cannot be used Tested on Azure. Same errors appears on physical machine with Mellanox connect adapter Type: fix Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: Ib68976282e0ed91c016a7318db6b5eddf5510c47
2022-12-21af_packet: move to pluginMohsin Kazmi11-0/+3582
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I3ec857adb3a9e8a778072a202a4d23f4101e83b2
2022-12-21quic: fix quic plugin with openssl 3.xDave Wallace2-0/+14
- load openssl legacy providers during quic init when building with openssl 3.0 or greater - re-enable quic 'make test' testcases on ubuntu-22.04 Type: fix Change-Id: Icfd429b6bc1bddf9f9937baa44cc47cd535ac5f2 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-12-19nat: fix incorrect using about sw_if_index in nat44-ed static mapping v2 api.Huawei LI1-1/+1
Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I2a96ab0dafe4db796704341c325c43a6960be312
2022-12-19nat: fix memory leak and refactor nat44-ed db init/free.Huawei LI1-22/+31
fix memory leak and refactor nat44-ed db init/free through. how to reproduce memory leak: input "set nat44 session limit 50000 vrf 1" repeatedly. Program received signal SIGABRT, Aborted. 0x00007ff4b3cc5337 in raise () from /lib64/libc.so.6 (gdb) bt 0 0x00007ff4b3cc5337 in raise () from /lib64/libc.so.6 1 0x00007ff4b3cc6a28 in abort () from /lib64/libc.so.6 2 0x00000000004079db in os_panic () at /usr/src/debug/vpp-23.02/src/vpp/vnet/main.c:417 3 0x00007ff4b43e784f in os_out_of_memory () at /usr/src/debug/vpp-23.02/src/vppinfra/unix-misc.c:221 4 0x00007ff4b43a71aa in clib_mem_heap_alloc_inline (heap=0x0, size=27263040, align=64, os_out_of_memory_on_failure=1) at /usr/src/debug/vpp-23.02/src/vppinfra/mem_dlmalloc.c:613 5 0x00007ff4b43a7256 in clib_mem_alloc_aligned (size=27263040, align=64) at /usr/src/debug/vpp-23.02/src/vppinfra/mem_dlmalloc.c:635 6 0x00007ff4b522fafa in alloc_aligned_16_8 (h=0x7ff46a7815b8 <snat_main+408>, nbytes=27262976) at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:59 7 0x00007ff4b522fd12 in clib_bihash_instantiate_16_8 (h=0x7ff46a7815b8 <snat_main+408>) at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:163 8 0x00007ff4b5230037 in clib_bihash_init2_16_8 (a=0x7ff465f36870) at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:245 9 0x00007ff4b52300ac in clib_bihash_init_16_8 (h=0x7ff46a7815b8 <snat_main+408>, name=0x7ff46a754871 "ed-flow-hash", nbuckets=262144, memory_size=0) at /usr/src/debug/vpp-23.02/src/vppinfra/bihash_template.c:260 10 0x00007ff46a7013e8 in reinit_ed_flow_hash () at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3264 11 0x00007ff46a7014fd in nat44_ed_sessions_clear () at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3299 12 0x00007ff46a701044 in nat44_update_session_limit (session_limit=70000, vrf_id=1) at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed.c:3225 13 0x00007ff46a73d3d1 in nat44_set_session_limit_command_fn (vm=0x7ff473c8f740, input=0x7ff465f36ef0, cmd=0x7ff474c5ce48) at /usr/src/debug/vpp-23.02/src/plugins/nat/nat44-ed/nat44_ed_cli.c:1638 14 0x00007ff4b5d56527 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740, cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=97) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:650 15 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740, cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=98) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607 16 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740, cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=21) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607 17 0x00007ff4b5d562c3 in vlib_cli_dispatch_sub_commands (vm=0x7ff473c8f740, cm=0x4273f0 <vlib_global_main+48>, input=0x7ff465f36ef0, parent_command_index=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607 18 0x00007ff4b5d569cb in vlib_cli_input (vm=0x7ff473c8f740, input=0x7ff465f36ef0, function=0x7ff4b5dc2406 <unix_vlib_cli_output>, function_arg=0) ---Type <return> to continue, or q <return> to quit--- at /usr/src/debug/vpp-23.02/src/vlib/cli.c:753 19 0x00007ff4b5dc7b0c in unix_cli_process_input (cm=0x7ff4b5e4ae00 <unix_cli_main>, cli_file_index=0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2616 20 0x00007ff4b5dc825a in unix_cli_process (vm=0x7ff473c8f740, rt=0x7ff4797a5280, f=0x0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2745 21 0x00007ff4b5d80a25 in vlib_process_bootstrap (_a=140687718901968) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1221 22 0x00007ff4b439e298 in clib_calljmp () at /usr/src/debug/vpp-23.02/src/vppinfra/longjmp.S:123 23 0x00007ff4698268a0 in ?? () 24 0x00007ff4b5d80b4e in vlib_process_startup (vm=0x7ff4b43a77a3 <clib_mem_size+24>, p=0x7ff4698268d0, f=0x7ff474b1e580) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1246 25 0x00007ff4b5dbdbe6 in vec_max_bytes (v=0x8) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:161 26 0x00007ff474b1e598 in ?? () 27 0x0000000000000004 in ?? () 28 0x00000000000000ff in ?? () 29 0x00007ff469826980 in ?? () 30 0x00007ff4b5dbddcb in _vec_set_len ( v=<error reading variable: Cannot access memory at address 0xfffffffffffffff5>, len=<error reading variable: Cannot access memory at address 0xffffffffffffffed>, elt_sz=<error reading variable: Cannot access memory at address 0xffffffffffffffe5>) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:196 Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I52a7d229c95e4ab30f7f2cfe574440aa37bed6a2
2022-12-15nat: disable nat44-ed/ei features on interface deletionVladislav Grishenko2-0/+98
After deleting a sw interface with nat44 features, the next created sw interface will get the same sw_index reused and therefore will erroneously have the same nat features enabled. Type: fix Change-Id: I1d84f842ab7ab2a757668ae1a111efe67e1e924d Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2022-12-14vcl: enable gso for 'sendmsg' in LDP mode.Dou Chao1-0/+1
Some upon apps(e.g. Nginx-quic) package it's several protocol buffers into a struct msg which is a combination of gso_buffer and gso_size. but if HostStack regardless the gso_size to the buffer and split the buffer with default mss, that cause peer client failed on parsing the package. Type: improvement Signed-off-by: Dou Chao <chao.dou@intel.com> Change-Id: I805eb642be826038ba96d1b85dad8ec0c0f6c459 Signed-off-by: Dou Chao <chao.dou@intel.com>
2022-12-12linux-cp: set severity of noisy message to debugMatthew Smith1-1/+1
Type: improvement The log buffer and event buffer get lots of messages written like "Processed 2 messages" by linux-nl when its enabled. This can crowd out more important messages and should only actually be stored if debug messages are desired. Change from logging with NL_INFO() to NL_DBG(). Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I9055432f7ef35d3e0ad59dce307d2b3c6284002f
2022-12-09nat: fixed return values of enable/disable callFilip Varga3-13/+17
NAT44 enable/disable return status was used instead of appropriate VNET_API_ERROR_ code. Type: fix Signed-off-by: Filip Varga <filipvarga89@gmail.com> Change-Id: If944866bf3061afdc91284c0ad475135e529bdc4
2022-12-09http_static: clean up http redirect generationDave Barach1-1/+56
Don't redirect to "favicon.ico/index.html" if you can't find "favicon.ico". If asked to serve up a nonexistent path, see if the path ends with a known suffix: ".jpg, .html, .ico" etc. If it does, flunk the request on the spot: "Error 404 Not Found." Do not issue a redirect. This change will not break the obvious corner case: if the browser asks for "its_a_dir.mp3/index.html" - and the file exists - the server will produce it. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I91aad90be05b98ba2b40e240d13d71816aed4526
2022-12-08http_static: derive mime type from file extensionsDave Barach4-8/+132
Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0f087477e257f5119d7d6182d19f8796773a1f19
2022-12-07http_static: misc bug fixesDave Barach2-1/+3
The request vector generated by hss_ts_rx_callback() must be NULL terminated. The hss_main_t use_ptr_thresh member must be a u64 since unformat_memory_size() expects it. Otherwise, the adjacent u8 enable_url_handlers may have an accident. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2cc08e3cbd31b225fb03799283c055515add13bf
2022-12-06http_static: fix http(s) redirectsDave Barach4-15/+37
Add an http redirect template to generate correct-looking "301 Moved Permanently" replies. Supply a default value of 1<<31 for the use_ptr_thresh config parameter. Expose hss_session_get() so friend plugins which register GET / POST handlers with the http_static server can add data to the session fifos. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ie1452eaf61c6f67311fbab092bc1fe03050bf94f
2022-12-02session: move connects to first workerFlorin Coras2-14/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I035e3fdbb52eca010ad7b2c20ca2930cb1645978
2022-12-02quic: update to quicly v0.1.4Dave Wallace4-24/+36
Type: improvement Change-Id: I707399b8ba617a659476bfd7d793f04a1283e694 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-12-02vhost: convert vhost device driver to a pluginSteven Luong12-0/+6999
convert vhost device driver to a plugin as described in https://jira.fd.io/browse/VPP-2065 Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ibfe2f351bcaed36a04b136d082ae414145dd37b5
2022-12-02avf: support generic flowTing Xu8-52/+638
Support generic flow in native avf. Enable necessary RSS hash function for generic flow. Extend some structures and functions from for FDIR only to for both RSS and FDIR flows. Modify virtual channel message to align with ice kernel driver. Add functions to parse generic flow patterns. The parsing results will be delivered to the kernel driver and create corresponding flow rules. Type: feature Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: I82ce102a21993f1bae8a8bf23e491d5e1c261f61
2022-12-01wireguard: add atomic mutexGabriel Oginski3-2/+19
The initiate handshake process can be called a numbers times for each peers, then the main VPP thread called by Wireguard starting to allocate memory. This behaviour can lead to out of memory when VPP has a lot of Wireguard tunnels concurrently. This fix add mutex to send only once handshake initiate at time for each peers. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: I13b4b2d47021753926d42a38ccadb36a411c5b79