aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/reass
AgeCommit message (Collapse)AuthorFilesLines
2022-05-18ip: reassembly - increasing the nbuckets for reassVijayabhaskar Katamreddy2-2/+6
Type: fix as number of reass contexts increasing based on workers, increasing the number of nbuckets for bihash Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I83d061a709ecb8845ce745b18d03fdefc795787f
2022-05-13ip: reassembly - Fixing buffer leaks, corruptionVijayabhaskar Katamreddy1-50/+126
Type: fix *Buffer leaks and corruptions during internal errors, either overriding or missing to add the buffer to the list Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I6c2406cff53a741e800e2d05593696f3e9fd6ff5
2022-05-10ip: reassembly: add documentationKlement Sekera1-0/+221
Type: docs Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I23008cde47d8b7a531346eab02902e2ced18742a
2022-05-10ip: fix buffer leaks in reassemblyKlement Sekera2-29/+32
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I952ba7e042779855e29628d048da7edec1caaafd
2022-04-04vppinfra: make _vec_len() read-onlyDamjan Marion4-6/+8
Use of _vec_len() to set vector length breaks address sanitizer. Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead. Type: improvement Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-01-31ip: reassembly - add a way to disable for forusKlement Sekera4-30/+236
Add API to disable full reassembly of "forus" packets. Mark packets passing through ip[4|6]-local nodes with a new buffer flag and check for that flag in reassembly. Enable IP6 "forus" full reassembly by default to be consistent with existing IP4 setting. Type: improvement Change-Id: I7067792fcd4304182654237968e4c4d9293c6143 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2022-01-25ip: reassembly - fix missing ip6 owner thread initKlement Sekera1-0/+1
Initialize ip6 memory owner thread index in reassembly context to avoid unnecessary handovers. Type: fix Fixes: 630ab5846bceddf8d663e9f488a2dc0378949827 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2996caf1f82a0649c97d481b74dce24a96dce326
2021-12-20ip: SVR fix race conditionKlement Sekera2-2/+14
There could be a race condition where two fragments of one chain end up at the same time on different workers, one overwriting others hash entry. Add a check for that and restart processing on the unlucky worker who ends up being second from hash table POV. This will then result in a proper handover to worker now owning this reassembly. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
2021-12-14ip: reassembly: drop zero length fragmentsKlement Sekera2-0/+16
Zero length fragments are invalid and should be dropped. This patch adds that. Type: improvement Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-10ip: reassembly: handle atomic fragments correctlyKlement Sekera2-45/+93
If a fragment arrives with fragment offset = 0 and M = 0, it means that this is actually a complete packet and per RFC 8200, it should be treated independently from other fragments. This patch does that. Fragmentation header is stripped and fragment is forwarded irregardles of other existing reassemblies in case of full reassembly and treated the same way as regular packet in shallow virtual reassembly. Type: improvement Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-03ip: extension header parsing fails for fragment headerOle Troan2-60/+59
Refactor and improve boundary checking on IPv6 extension header handling. Limit parsing of IPv6 extension headers to a maximum of 4 headers and a depth of 256 bytes. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556 Signed-off-by: Ole Troan <ot@cisco.com>
2021-11-04ip: speed up reassembly code compilationKlement Sekera4-50/+36
Refactor code so that code is inlined in one place instead of in multiple to speed up compilation. Type: refactor Change-Id: I41357b89715b66ebdc8c0d5ccd69347a254fc266 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-11-04ip: reassembly: avoid reading truncated L4 headersKlement Sekera2-80/+149
Check if L4 headers are truncated and if so, set a flag for (future) consumers instead of reading/writing garbage data. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I0b656ec103a11c356b98a6f36cad98536a78d1dc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-08-17ip: reassembly cleanupKlement Sekera4-246/+139
Remove unused parameters and fix warnings. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2d0e7b84b56817999283ecb6be606159dcb26a28
2021-07-15misc: replace CLIB_PREFETCH with clib_prefetch_{load,store}Damjan Marion1-2/+2
Type: refactor Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14vlib: pass node runtime to vlib_buffer_enqueue_to_thread()Damjan Marion4-12/+8
Mechanical change for patch following this one... Type: improvement Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-04-01ip: extend show cmd of ip reassembly configurationAnton Nikolaev4-0/+16
Type: feature Add output of field maximum reassembly length with others ip reassembly configuration fields. This field can be configured via vpp API, but there was no output of this field in vpp cli. Output added for ipv4/ipv6 and full/shallow virtual nodes. Signed-off-by: Anton Nikolaev <anikolaev@netgate.com> Change-Id: Ibbd61aab26189d4a93d32e047d8f4e589fe9f8a5
2020-12-27ip: Use full reassembly for fragments in ip6-localNeale Ranns1-2/+0
Type: fix shallow was the default, but probably by accident as it depended on module load order. full assembly is the v4 behaviour. using proper types allows gdb to print enum names. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If157c5b83614c7adbd7a15a8227a68f8caf4e92c Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-12-16ip: fix possible missing trace indexesKlement Sekera4-0/+28
Add safeguards when tracing packets to avoid cases where clear trace was issue while buffers were held in reassembly. Type: fix Change-Id: I1bdd1e629e8bc08ce63913fd3c4b2327e47dec04 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-12-14misc: move to new pool_foreach macrosDamjan Marion4-16/+16
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-12-04ip: fixup memory leak in function ip4_full_reass_drop_allbarryxie1-0/+1
Type: fix The vector 'to_free' allocated on heap should be freed to avoid memory leak. Signed-off-by: barryxie <barryxie@tencent.com> Change-Id: I539498b50a7f3e346c83b869fb400868961c233f
2020-11-26ip: reassembly - fix handoff for custom nodeKlement Sekera2-21/+111
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If484725d48190246e4da09ceaed48a68a8a253f2
2020-07-28ip: svr: improve performance for non-fragmentsKlement Sekera1-0/+206
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia77ce41a8f1a032c5e027c4bb47347752cfda0a9
2020-06-10ip: reassembly: LRU algorithm should eliminate the longest unused nodeszhengdelun2-2/+2
Type: fix Signed-off-by: zhengdelun <xszhengdelun@gmail.com> Change-Id: I3f6240b4c0798f85960acc55a193a0cbf0c67ea4
2020-05-27ip: reassembly: use correct IP header offsetKlement Sekera1-2/+7
Type: fix Ticket: VPP-1883 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Icf50a645e114fa3b7bd974f8c82f5ceebfcedcd7
2020-04-29ip: use thread local vm instead of thread main for vlib_time_now callsTom Seidenberg2-2/+2
Type: fix Change-Id: I8d68e7c7392dcb748a2a84e72c7b1ca0c6c0eb07 Signed-off-by: Tom Seidenberg <tseidenb@cisco.com>
2020-04-27ip: reassembly: fix one possible use-after-freeGao Feng2-10/+11
When use the kv->v.memory_owner_thread_index as the index to get the reass in pool, maybe this element is freed by the owner thread because of timeout, too many fragments, and so on. So we should check if do_handoff with kv->v.memory_owner_thread_index before get the reass from pool. Type: fix Signed-off-by: Gao Feng <davidfgao@tencent.com> Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09
2020-04-24ip: reassembly: improve type safetyKlement Sekera4-30/+24
Type: refactor Change-Id: Ib2d4a11ffa0e1e56ca05705ba8cdf84e6cc66427 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-04-06ip: reassembly: don't set error if no errorKlement Sekera4-8/+12
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9d25129fbf1ea880121b281f41750155286fb489
2020-02-10ip: more detailed show reassembly commandsVladimir Ratnikov4-7/+33
Options like: expire_walk_interval_ms,max_reassemblies,timeout_ms can be configured via API, but it's impossible to check them using vppctl, but this can be a useful feature Type: feature Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: Iac8a96201a7a70b82e9852edc89b819c5d451a58
2020-01-15ip: align reass.save_rewrite_lengthv20.05-rc0Klement Sekera2-16/+0
By aligning vnet_buffer_opaque.ip.save_rewrite_length and vnet_buffer_opaque.ip.reass.save_rewrite_length we prevent shallow virtual reassembly code from overwrite save_rewrite_length, allowing other features down the pipe to rely on this value. A static assert is added to guard this alignment. Type: fix Fixes: f126e746fc01c75bc99329d10ce9127b26b23814 Change-Id: Ie7c7f3abc2a221bbcf2830c0f006a4368088b342 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-03nat: use SVRKlement Sekera3-48/+262
Remove NAT's implementation of shallow virtual reassembly with corresponding CLIs, APIs & tests. Replace with standalone shallow virtual reassembly provided by ipX-sv-reass* nodes. Type: refactor Change-Id: I7e6c7487a5a500d591f6871474a359e0993e59b6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-12-16vppinfra: bihash walk cb typedef and continue/stop controlsNeale Ranns4-4/+8
Type: feature Change-Id: I28f7a658be3f3beec9ea32635b60d1d3a10d9b06 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-13ip: SVR: fix wrong return valueKlement Sekera2-2/+2
Type: fix Change-Id: I9498b660bf2045bb6aac96d19bb9456a14b35847 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-28ip: reassembly fix sanity checksKlement Sekera2-5/+5
use correct value for sanity checks Type: fix Change-Id: If33db5ce3e4a26f7876c2a67832ca2947563e211 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-28ip: reassembly: fix use-after-freeBenoît Ganne2-5/+10
When processing the last buffer of a reassembled packet, the current buffer will be freed and must be reloaded using the updated index. Type: fix Change-Id: Ib39e29e60eb527b4cd4828a3aa37d82c8dddd709 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-11ip: reassembly: trace ip headers over worker handoffsKlement Sekera2-7/+66
This change adds tracing of IP headers when doing a handoff between worker threads. This eases debugging. Type: feature Change-Id: I2195b070a364cba13a658ec1cee5154fc4c3a8b0 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-09map: use ip6-full-reassembly instead of own codeKlement Sekera4-0/+70
Remove map's implementation of reassembly and use common ip6-full-reassembly functionality. This makes it easier to maintain by removing duplicate code/functionality. Type: refactor Change-Id: I430e888b704e28c100a9ce075d1460cb529e4676 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-07ip: remove dead code in ip6-svrKlement Sekera1-27/+0
Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: Ia714c2e46627864091d3f686dbced4cdd9c1a773 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-07ip: reassembly add missing gotoKlement Sekera1-0/+1
Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I256ef153b3b27a1f7ab7daa45015a2ec4bc84076 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-07ip: reassembly remove dead codeKlement Sekera1-8/+0
Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I79589f648f4c75762e5277fb94636a91fa36ccdd Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-30ip: svr: fix feature refcountsKlement Sekera2-14/+20
Reference counts need to be per-interface as opposed to global. This allows configuring the feature on more than one interface correctly. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I05534ac59fa86e67290737ec6c61df2c19acab48 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-26ip: fix use-after-free in reassemblyBenoît Ganne2-6/+8
- ip{4,6}_reass_finalize() frees the reassembly context: do not access it after the call. - traces access reassembly context: free it after and not before tracing. Type: fix Change-Id: Ia3aaea9c7b74932e249e013be04b9bd7298fd187 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-09-26ip: add shallow virtual reassembly functionalityKlement Sekera6-52/+2664
Type: feature Change-Id: Ibc8334e26c7e6f6120696c3e313b6e11d73dab99 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-25ip: respect buffer boundary when searching for ipv6 headersKlement Sekera1-4/+7
Type: fix Change-Id: I5a5461652f8115fa1270e20f748178fb5f5450f2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-25ip: refactor reassemblyKlement Sekera4-0/+3738
this is a preparation step for introducing other reassembly types Type: refactor Change-Id: I197e299dbd729b00eead31667913b8ceff915d63 Signed-off-by: Klement Sekera <ksekera@cisco.com>