Age | Commit message (Collapse) | Author | Files | Lines |
|
Add an SELinux profile such that VPP can run under SELinux on RPM based
platforms. The SELinux Policy is currently only implemented for RPM
packages, specifically, Fedora, CentOS and RHEL. Doxygen User
Documentation has been included (selinux_doc.md). Once some discussion
on file locations has completed (see vpp-devlist), updates to the Debug
CLI documentation will also need to be updated.
Additional changes:
Patch Set 2:
- Rework selinux_doc.md such that each line is only 80 characters
instead of each sentence on a line. Made additonal minor chnages
to the text.
- Update vHost Debug CLI documentation to reflex new socket location.
Cleaned up some text from when I originally wrote it, to better
reflex proper use.
- Update exec Debug CLI documentation to be more inline with suggested
helptext, added text regarding recommended script file location.
- For Debian builds, create the /var/log/vpp/ directory. I don't use
Debian very much, so please pay extra attention to
build-data/platforms.mk and build-root/deb/debian/.gitignore.
- Per discussion on VPP call, changed the default log location to
/var/log/vpp/vpp.log.
- Changed the socket location for vHost in AutoConfig to
/var/run/vpp/.
Patch Set 3:
- Update selinux_doc.md based on comments.
Change-Id: I400520dc33f1ca51012d09ef8fe5a7b7b96c631e
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
enable/disable option
Change-Id: I47dd6f9637f0214971e3191852d84aa92d64b8c0
Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
|
|
the format statement can return NULL before the pager has pages.
Change-Id: Ibabfd107e64fc9ab0eb142c28c155506f0d25828
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
To facilitate in-tree plugin API testing, via the "binary-api..."
debug CLI command.
Change-Id: If7ee88a6a0dbc8e8f4555cb41e259db24e378a64
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Use this macro to arrange init function ordering between friend
plugins. Fails in the usual manner if the plugin doesn't exist, or if
the init function symbol is AWOL.
clib_error_t *
thisplug_init (vlib_main_t *vm)
{
clib_error_t *error = 0;
if ((error = vlib_plugin_init_function ("otherplug.so", otherplug_init)))
return error;
<etc>
return error;
}
VLIB_INIT_FUNCTION(thisplug_init);
Change-Id: Ideecaf46bc0b1546e85096e54be8ddef87946565
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- In the bug report, Docker was sometimes giving shells
a 0,0 terminal size. The minimum-term-size logic meant
that VPP assumed the terminal had 1 row. The pager
functioned, but of course overwrote the one line with its
own prompt.
- Instead of a minimum size, always use a default size when
the either terminal dimension is 0.
Change-Id: Iee5a465f0e4cbb618ef2222b40a52994aefa54bf
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: Ie49ee865b197e8fe7bba170c115a4ccbf1013e5f
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
It's way too easy to imagine leaving a mutex or a spin-lock held in
the /vpe-api shared-memory segment, or elsewhere. Set a volatile
variable and check it in a safe place...
Change-Id: I9d91c38cffeb921143c272162d055c9c24a6c312
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
In this specific corner-case setup, ioctl (0, TIOCGWINSZ) returns
window height = 0 and width = 0. Rather than declaring the terminal to
be non-interactive, set the window size parameters to 80 x 24.
Change-Id: If66f5f0883f1940518ec1c6e26228c9bb6f32852
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Short version: Make vppctl behave as expected when run
from scripts, or without a controlling terminal, and
especially when using it with VPP commands on its
command line ("non-interactively").
In particular, prevent the welcome banner and VPP CLI
prompt from being sent by VPP when being used in these
ways.
vppctl
------
- Improve vppctl's detection of non-interactive sessions.
- Pass non-interactiveness in the terminal type telnet option
as a value distinct from "dumb" (which means non-ANSI capable.)
- Make tty setup handling more robust.
- Only send non-interactive command once we've sent the
terminal type, to ensure correct event sequence; we need
the VPP cli session to be in line-by-line mode.
- Ignore stdin when it looks something like /dev/null.
- Skip NUL bytes received from VPP.
VPP CLI
-------
- Detect "non-interactive" terminal types and set session
parameters accordingly.
- Add an "interactive" flag that controls whether the welcome
banner and CLI prompt are sent.
- Detect if telnet options processing switched us into line
mode and act accordingly for the rest of the current input
buffer. This was causing the command string to be echoed
by the CLI editor code.
- For non-interactive sessions, send a NUL byte after the
input buffer has been processed. This is because vppctl
depends on seeing traffic before it will try to close the
session; a command with no output would cause it to hang.
NUL bytes are ignored by all decent terminals, but we have
vppctl strip them out anyway.
- Prevent certain commands from running in non-interactive
sessions since they manipulate interactive-related features.
- For interactive sessions, quench the prompt that prints on
VPP shutdown.
- Detect and handle socket errors in the CLI; sessions were
leaking.
- Pevent SIGPIPE from ever being raised; handle EPIPE instead.
We don't need VPP to die just because a socket closed just
before we try to write to it!
- Add a command to dump a list of current CLI sessions; mostly
this was to detect session leakage, but it may have some
general utility.
Change-Id: Ia147da013317180882c1d967b18eefb8519a55fb
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
When one starts VPP, types a command, presses up rather than enter,
then types a new command, unix_cli_line_process_one() segfaults.
This is due to cf->cursor not being reset upon pressing up if the
history is empty.
Change-Id: Ie503f20a9cb551e735abb8b0f4feb8c0006d2b61
Signed-off-by: Yoann Desmouceaux <ydesmouc@cisco.com>
|
|
177117: fstat() returns -1 on error; the code is
checking for any positive value instead
175142: final return could never be reached; simple
refactoring
175235,175236: Warning suppressed with an explicit
cast to (void)
174817: Final return couldn't be reached; is
is_in_order is 0 then 'rv' is already returned
above
172095,172093: If is_is_set does not get set to 1,
then return 0 has already been invoked
174405: Re-kill this (nothing sets rv)
171136: Looks like a cmd line flag to set test_bytes
was missing; added it, and refactored the
argc/argv processing to avoid two other
potential segv's
176813: Add range checking for term width/height.
First stab at a reasonable range is 1-512
for both.
175350: Fix implicit casting in shift operation
174272: Not a c+p error; try using a coverity
annotation to ignore it
174273,175320: Annotated FORWARD_NULL
Change-Id: I58d0f860fc2209f59f8d1b6b344d631b8d429ace
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: Ie18580e05ec12291e7026f21ad874e088a712c8e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This will allow us to use this code in client libraries without vlib.
Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I25238debb7081b4467aec4620dfdef33fbef3295
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
This patch adds supprot support for multiple numa-aware physmem regions.
Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ibaa61b624eb6683b1be6901a7b29f5f73aad27b2
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
non-root users should use /run/user/$PID/...
Change-Id: I1ca136df7a339eff193ed9c9a396d6965b192d0e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
New startup config command:
unix {
runtime-dir /run/vpp
}
Also, adds recursive mkdir funtion for use in deifferent places
like cli-config socket path and dpdk hugepage directory path.
Change-Id: I1446ceab9c220c25804e73a743a3ebb383450124
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I45845b952aa42a854e1c2c396b85f905de987020
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Currently, buffer index is calculated as a offset to the physmem
region shifted by log2_cacheline size.
When DPDK is used we "hack" physmem data with information taken from
dpdk mempool. This makes physmem code not usable with DPDK.
This change makes buffer memory start and size independent of physmem
basically allowing physmem to be used when DPDK plugin is loaded.
Change-Id: Ieb399d398f147583b9baab467152a352d58c9c31
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change https://gerrit.fd.io/r/#/c/7230/ added a Unix domain
CLI socket in the default startup.conf; however unless you
had previously run VPP with the DPDK plugin enabled the
directory that it is created in. /run/vpp, would not exist
and startup would fail. This directory is typically hosted
in a tmpfs ramdisk and is thus ephemeral.
This patch adds a function that attempts to mkdir VPP_RUN_DIR
and uses it in both the DPDK plugin and the CLI code if the
CLI socket is to be created in that directory.
Change-Id: Ibbf925819099dce2b5eb0fa238b9edca1036d6fd
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: I36bb47faea55a6fea7af7ee58d87d8f6dd28f93d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Also allow group write as default for CLI socket connections.
Change-Id: I6af1f277f70581358cd9241bf0f5cb0752fe250f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Icf9bd4abda058fb380f1a25d5fe3917ffb38b1c4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ia78e69e5e8ed18020314aef321b94ac37037799b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I9eca5f9d1c1ae62d5ba5fb36f2f97434dbaf334e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Hitting tab:
- in the middle of a uniquely defined subcommand will expand the subcommand
- in the middle of a non-uniquely defined (or empty) subcommand will display
all possible subcommands, and possibly expand to the lowest common prefix
Change-Id: Ib858eefdb0353cd2c3aad472799d15cd537455a0
Signed-off-by: Yoann Desmouceaux <ydesmouc@cisco.com>
|
|
Off by default. Enable via cmdline "... vlib { elog-post-mortem-dump }
..."
Change-Id: I2056b9de9b37475f2bfeeb5404da838f1b42645a
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I82c663bc0866c6c68ba354104b0bb059387f4b9d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This happens mainly if plugin contains unresolved symbol.
Such situation typically leads on crash a bit later so it is better
to exit immediatelly and display meaningful error message.
Change-Id: I4abd9a9089a4863400bf609e8d3fd7cebab92913
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
epoll was supposed to not sleep when timeout
is less than 1ms, but a typo made it not sleep
any time the requested timeout is lower than
1000 seconds (in practice, never...).
This patch replaces "1e3" with "1e-3", which
represents 1ms.
Change-Id: I731851b27a6bf6ab8e41586e017e94b962b09bf3
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
(cherry picked from commit ec06222ae189fe8d84b63410130fff04bf446573)
|
|
This patch deprecates stack-based thread identification,
Also removes requirement that thread stacks are adjacent.
Finally, possibly annoying for some folks, it renames
all occurences of cpu_index and cpu_number with thread
index. Using word "cpu" is misleading here as thread can
be migrated ti different CPU, and also it is not related
to linux cpu index.
Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I88b322a5d602f3d6d3310e971479180a89430e0e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Use setrlimit to set the core size limit if the argument is passed to
vpp.
Change-Id: Ie76c082b2af81337310fcb1925af915a42067f15
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Removed a fair number of "BUG" message handlers, due to conflicts with
actual message handlers in api_format.c. Vpp itself had no business
receiving certain messages, up to the point where we started building
in relevant code from vpp_api_test.
Eliminated all but one duplicate registration complaint. That one
needs attention from the vxlan team since the duplicated handlers have
diverged.
Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
API traces contain absolute message numbers. Loading plugins in
directory (vs. alphabetical) order makes trace replay fragile.
Change-Id: I46b3a3b6a9843a383d42269fca0cf5a789486eaf
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
In the CLI parsing, below is a common pattern:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
}
unformat_free (line_input);
The 'else' returns if an unknown string is encountered. There a memory
leak because the 'unformat_free(line_input)' is not called. There is a
large number of instances of this pattern.
Replaced the previous pattern with:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
{
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
goto done:
}
}
/* ...Remaining code... */
done:
unformat_free (line_input);
return error;
}
In multiple files, 'unformat_free (line_input);' was never called, so
there was a memory leak whether an invalid string was entered or not.
Also, there were multiple instance where:
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
used 'input' as the last parameter instead of 'line_input'. The result
is that output did not contain the substring in error, instead just an
empty string. Fixed all of those as well.
There are a lot of file, and very mind numbing work, so tried to keep
it to a pattern to avoid mistakes.
Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Iafb071c684a43e21925e3a43019cd86372347898
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
This patch replaces requirement for vlib_plugin_register function
in the plugin so file and introduces new macro:
VLIB_PLUGIN_REGISTER () = {
.version = "version string",
.version_required = "requred version",
.default_disabled = 1,
.early_init = "early_init_function_name",
};
Plugin will nor be loaded if .default_disabled is set to 1
unless explicitely enabled in startup.conf.
If .verstion_required is set, plugin will not be loaded if there
is version mismatch between plugin and vpp. This can be bypassed
by setting "skip-version-check" for specific plugin.
If .early-init string is present, plugin loader will try to resolve
this specific symbol in the plugin namespace and make a function call.
Following startup.conf configuration is added:
plugins {
path /path/to/plugin/directory
plugin ila_plugin.so { enable skip-version-check }
plugin acl_plugin.so { disable }
}
Change-Id: I706c691dd34d94ffe9e02b59831af8859a95f061
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I81f33f5153d5afac94b66b5a8cb91da77463af79
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I8e2e8f94a884ab2f9909d0c83ba00edd38cdab77
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ic2fbbd8227d5d0c033e5d7b5f43b859a4889d2f3
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Iedbee427d838794c4b26db5bd07b8d27aad9fcd8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|