| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Day1 latent integer overflow.
vnet_classify_add_del defines new_hash as u32 - so replace a u64 type with u32
in split_and_rehash as well.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I51384a2db1caa4099b4d2ac25cd185bd108da037
|
|
classify hash used to be stored as u64 in buffer metadata, use 32 bits
instead:
- on almost all our supported arch (x86 and arm64) we use crc32c
intrinsics to compute the final hash: we really get a 32-bits hash
- the hash itself is used to compute a 32-bits bucket index by masking
upper bits: we always discard the higher 32-bits
- this allows to increase the l2 classify buffer metadata padding such
as it does not overlap with the ip fib_index metadata anymore. This
overlap is an issue when using the 'set metadata' action in the ip
ACL node which updates both fields
Type: fix
Change-Id: I5d35bdae97b96c3cae534e859b63950fb500ff50
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: I85c73cb940d81d0b249eda0d57de135bcd798418
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Use of _vec_len() to set vector length breaks address sanitizer.
Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead.
Type: improvement
Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Add the possibility to create masks and matches without l2 header in the
CLI when creating tables and entries. This is useful for tables working
on l3 and l4 only.
Type: improvement
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I7da9e47d810c0b4a0938e2cb3bc31aa69ace3649
|
|
Type: improvement
Change-Id: Iac01d7830b53819ace8f199554be10ab89ecdb97
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type:improvement
Change-Id: I9f9f16eabf64203db11cd4338948d76ca5e0ef12
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I176f08c74eb58a78f7fbdb48fd4592e6ddf74d34
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Print header for each table.
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I54ca04d6000a98afb4ad3d2f24caae3349548f23
|
|
l4 match parsing should not try to consume the whole input, otherwise
it breaks cli such as:
'classify session ... match l4 dst_port 22 action set-ip4-fib-id 2'
Type: fix
Change-Id: I81a1b5779811f7df8286a371f85fafe09c947b87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
This fix the classify filter if we attach several different filters.
This also fix some issues with l3 and l4 parsing.
Type: fix
Change-Id: I9dc6c55049a3bbc0110d1097b40d9da27633626b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
one cache line
Type: refactor
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Change-Id: I54128ba62f8dcc87c1845b33ed3637112d42a891
|
|
If classify pcap filter was never configured, typing the delete
command causes a crash. The reason is
cm->classify_table_index_by_sw_if_index not yet allocated.
The fix is to add a check before we access the vector.
Type: fix
Fixes: gerrit 28475
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ia33bd91fa82d8ffc4490d4069155980a6e233268
|
|
Add lookup/get/set API calls to manage both PCAP and Trace
filtering Classifier tables.
The "lookup" call may be used to identify a Classifier table
within a chain of tables taht matches a particular mask vector.
For efficiency, this call should be used to determine to which
table a match vector should be added.
The "get" calls return the first table within a chain (either
a PCAP or the Trace) set of tables. The "set" call may be
used to add a new table to one such chain. If the "sort_masks"
flag is set, the tables within the chain are ordered such that
the most-specific mask is first, and the least-specific mask
is last. A call that "sets" a chain to ~0 will delete and free
all the tables with a chain.
The PCAP filters are per-interface, with "local0", (that is,
sw_if_index == 0) holding the system-wide PCAP filter.
The Classifier used a reference-counted "set" for each PCAP
or trace filter that it stored. The ref counts were not used,
and the vector of tables was only used temporarily to establish
a sorted order for tables based on masks. None of that
complexity was actually warranted, and where it was used,
the same could be achieved more simply.
Type: refactor
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: Icc56116cca91b91c631ca0628e814fb53f3677d2
|
|
Type: refactor
Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
When a 'del' is used to delete a classify table, only the
mask is needed to locate the table. Any match vector is
unneeded. The tests failed to notice this, but if the
test is run by hand in vppctl, it issues a parse error.
Fix the test so that it doesn't supply irrelevant data.
Fix the CLI processing to read always complete newline
terminated line of input instead. This allows unneeded
CLI parameters to be ignored. It also necessitated
fixing a trace test which had then erroneously split
a single CLI command over multiple lines.
While in the area, fix a latent bug on table matching
where a test for compatible mask vector sizes were
not matching impedance properly (byte vs ux32x4).
Type: fix
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: I1177ab1dd417f3d11f30eecbaa2b0fb1015c3ab5
|
|
- Assert a valid set prior to first use.
- Sort tables by mask prior to selecting first table
- Use actual table indices and not loop index when linking tables
Type: fix
Change-Id: I9c61c8b7fe97c38faed8f2fc1792d7232799f580
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
- it is confusing from end consumer perspective that some thing
is somewhere called heap and somewhere mspace
- this is base for additional work where heap pointer is not the same
thing like mspace
Type: improvement
Change-Id: I644d5a0de17690d65d164d8cec3c5654571629ef
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
unformat_ip6_mask wasn't accounting for customized field names
when deciding if it managed to parse at least one field.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I26cab4c6828b510e277079628af5115ac43af3ff
|
|
Identified and removed executable bit from source files in the tree.
find . -perm 755 -name *.[ch] -exec chmod a-x {} \;
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I00710d59fcc46ce5be5233109af4c8077daff74b
|
|
Null pointer bug, memory leak. D'oh!
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ic2865757ed9cbb7f48d23c7c30b64299eb5f6674
|
|
The mheap allocator has been turned off for several releases. This
commit removes the cmake config parameter, parallel support for
dlmalloc and mheap, and the mheap allocator itself.
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I104f88a1f06e47e90e5f7fb3e11cd1ca66467903
|
|
"classify filter trace ... " and "classify filter pcap ..." are
mutually exclusive.
vnet_pcap_dispatch_trace_configure needs to check for
set->table_indices == NULL.
Type: fix
Ticket: VPP-1827
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I43733364087ffb0a43de92e450955033431d559d
|
|
Type: fix
Change-Id: I6a48a6c14bfb84b3460e8211021bc9df6e915dba
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
The pcap trace filter initial table index lives in
cm->filter_set_by_sw_if_index [0], which corresponds to the "local0"
interface. Debug cli makes sure that folks don't accidentally specify
the "local0" interface. At least it does now...
Fix the "vlib format.c code coverage" test in test/test_vlib.py.
Type: fix
Change-Id: I35320bc2c8f0c6f1f8c12e3529d1938548185151
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Forbid too long match to be configured.
Type: fix
Change-Id: Icfced0f86821d5febd6a3c81e1315bd9737498c0
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Configure n-tuple classifier filters which apply to the vpp packet
tracer.
Update the documentation to reflect the new feature.
Add a test vector.
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Iefa911716c670fc12e4825b937b62044433fec36
|
|
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I294f0b773375f6dce020b771db0726ceb5d812cc
|
|
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I79b216d2499df143f53977e5b70382f6f887e0bc
|
|
See .../src/vnet/classify/trace_classify.h for the business end
of the scheme.
It would be best to hash pkts, prefetch buckets, and do the primary
table lookups two at a time. The inline as given works, but perf
tuning will be required. "At least it works..."
Add "classify filter" debug cli, for example:
classify filter mask l3 ip4 src dst \
match l3 ip4 dst 192.168.2.10 src 192.168.1.10
Add "pcap rx | tx trace ... filter" to use the current classify filter chain
Patch includes sphinx documentation and doxygen tags.
Next step: device-driver integration
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I05b1358a769f61e6d32470e0c87058f640486b26
|
|
Spinlock performance improved when implemented with compare_and_exchange
instead of test_and_set. All instances of test_and_set locks were refactored
to use clib_spinlock_t when possible. Some locks e.g. ssvm synchronize
between processes rather than threads, so they cannot directly use
clib_spinlock_t.
Type: refactor
Change-Id: Ia16b5d4cd49209b2b57b8df6c94615c28b11bb60
Signed-off-by: Jason Zhang <jason.zhang2@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
All instances of test_and_set locks used the following sequence
to release the locks:
CLIB_MEMORY_BARRIER ();
p->lock = 0; // p is a generic struct with a TAS lock
Use clib_atomic_release to generate more efficient assembly code.
Type: refactor
Change-Id: Idca3a38b1cf43578108bdd1afe83b6ebc17a4c68
Signed-off-by: Jason Zhang <jason.zhang2@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
Modified test-and-set spin locks to call CLIB_PAUSE () when spinning
for code consistency. Decreases the memory bandwidth consumed.
Type: fix
Change-Id: I1cca4f87f44f23f257c7a35466cd2e7767072f51
Signed-off-by: Jason Zhang <jason.zhang2@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
|
|
when try_resplit
Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
Change-Id: I3ebbe7d2d11453700503df7f3be549781d8b73a7
|
|
Classifier data structures assume the contiguous chunk of memory
within the heap. Default heap flags for dlmalloc allow for heap growth.
When that happens, the memory becomes discontiguous. This results
in symptoms that are more cryptic than necessary.
Disabling the expand makes the session allocation behavior
of the classifier the same for dlmalloc as for the legacy allocator.
Change-Id: I2f725b5f78a31a8eaa5f5a20dfdd7e1129662f6a
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I6f877be6b3a1ef7100607560d430400bb824b6ba
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
|
|
Change-Id: Id4f37f5d4a03160572954a416efa1ef9b3d79ad1
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
This is first part of addition of atomic macros with only macros for
__sync builtins.
- Based on earlier patch by Damjan (https://gerrit.fd.io/r/#/c/10729/)
Additionally
- clib_atomic_release macro added and used in the absence
of any memory barrier.
- clib_atomic_bool_cmp_and_swap added
Change-Id: Ie4e48c1e184a652018d1d0d87c4be80ddd180a3b
Original-patch-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Sirshak Das <sirshak.das@arm.com>
Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com>
Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com>
Reviewed-by: Steve Capper <steve.capper@arm.com>
|
|
Configure w/ --enable-dlmalloc, see .../build-data/platforms/vpp.mk
src/vppinfra/dlmalloc.[ch] are slightly modified versions of the
well-known Doug Lea malloc. Main advantage: dlmalloc mspaces have no
inherent size limit.
Change-Id: I19b3f43f3c65bcfb82c1a265a97922d01912446e
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound
classifier-based ACL would be needed. There was an existing incomplete
code for outbound ACLs, it looked almost exact copy of input ACLs, minus
the various enhancements, trying to sync that code seemed error-prone
and cumbersome to maintain in the longer run.
This change refactors the input+output ACLs processing into a unified
routine (thus any changes will have effect on both), and also adds
the API to set the output interface ACL, with the same format
and semantics as the existing input one (except working on output
ACL of course).
WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields
in the vnet_buffer_opaque_t, since the code is using l2_classify.*
The net_buffer (p0)->ip.save_rewrite_length is rescued into
l2_classify.pad.l2_len, and used to rewind the header in case of
drop, so that ipX_drop prints something sensible.
Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Signed-off-by: khemendra kumar <khemendra.kumar13@gmail.com>
Change-Id: I0d94ef604d34da6981e7c2d2b4da5ec3ec5fb19a
|
|
There's nothing ip6-sr specific about it.
Change-Id: I9e3710162bd81b535c46599c988557abf5a5003b
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
This allows to use the classifier to steer source routing packets instead
of using the "sr steer" command.
This way we can steer on anything instead of only the dst ip address.
test:
* add add_node_next function to the VppPapiProvider class.
* add simple test scenario using the classifier to steer packets with
dest ip addr == a7::/8 to the source routing insert node.
* use new interface indexes (3,4) instead of (0,1) to prevent a cleanup
conflict with the other tests which attach a specific fib to the
interface.
The test creates interfaces sepsrated from the other tests to prevent a
conflict in the cleaning of the ip6 fib index 1 which causes vpp not to
be able to find a default route on this table.
Change-Id: Ibacb30fab3ce53f0dfe848ca6a8cdf0d111d8336
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
When creating 32K classify sessions, VPP crashes.
Default heap size is 2MB.
Need to configure it when requiring large number sessions.
Change-Id: I16678ee4a9e0ba61cbd2d3b38c43d10c59325968
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
|
|
part 2;
- this adds the code to create an IP and MPLS table via the API.
- but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass.
Change-Id: Id124d884ade6cb7da947225200e3bb193454c555
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Icffd2862eadbe9ddfb3ee34f3cb19c9324b3d9b4
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Iae04c57bba87ab3665388eadd0805f75171636a5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Port the linear-scan bucket fix from bihash_template.c.
Change-Id: Id8b2d1fe402401f098270ce6121c2f44f2f24c49
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
This patch deprecates stack-based thread identification,
Also removes requirement that thread stacks are adjacent.
Finally, possibly annoying for some folks, it renames
all occurences of cpu_index and cpu_number with thread
index. Using word "cpu" is misleading here as thread can
be migrated ti different CPU, and also it is not related
to linux cpu index.
Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
Andrew Yourtchenko
Benoît Ganne
Damjan Marion
Arthur de Kerhor
Nathan Skrzypczak
Dave Barach
Neale Ranns
Steven Luong
Jon Loeliger
Ray Kinsella
Florin Coras
jaszha03
dongjuan
jackiechen1985
Sirshak Das
khemendra kumar
Gabriel Ganne
Hongjun Ni
Neale Ranns