aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/reass
AgeCommit message (Collapse)AuthorFilesLines
2024-10-07ip: add extended shallow reassemblyKlement Sekera4-578/+1023
This patch adds some fixes and improvements: Fixes bug where save_rewrite_length gets overwritten on reassembly handoff. Fixes bug where duplicate fragments could cause a reassembly context to be lost, because the race losing thread would remove bihash entry created by winning thread. Improves tracing by adding more events. Adds extended shallow reassembly. This is a toggleable option, which if turned on will cause reassembly to wait for both first and last fragments to calculate total IP payload length. Furthermore it'll store a local copy of first fragment and necessary data to retrieve it in vnet_buffer2. This allows downstream features to access full L3/L4 headers when dealing with fragments. Type: fix Change-Id: I81695070533410c5815291dbc65ea71c87e3ae05 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: fix feature logicKlement Sekera1-6/+8
This fixes ip6 feature logic, so error and handoff packets are no longer sent to next feature instead of being dropped/handed off. Type: fix Change-Id: If280de5345d9ed3b553dd3b3fa40274619d333ae Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: add ip6 shallow reassembly output featureKlement Sekera2-42/+172
Type: improvement Change-Id: I0cb4014f03abdd0e55d4bb7ff40ae293a6ed3562 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: fix ip4 shallow reassembly output feature handoffKlement Sekera1-42/+78
Use a new frame queue for output feature instead of passing frames to standard feature. Fixes bug where save_rewrite_length gets overwritten on reassembly handoff. Type: fix Change-Id: I6c6191aec5f1c89e1ca0510a08781e390d327bbf Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-03-15ip: reassembly - return correct valueKlement Sekera2-2/+2
If already enabled, return 0 to indicate success. Type: fix Change-Id: I4a182e14df9b05698ad93d596a97c46a020fd54b Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-03-12misc: remove GNU Indent directivesDamjan Marion2-45/+0
Type: refactor Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-03-05ip: force full reassembly before virtualMatthew Smith1-14/+5
Type: improvement The vnet buffer metadata for full IP reassembly and shallow virtual reassembly overlaps. If you have full reassembly and virtual reassembly enabled on the same interface and virtual reassembly happens to process packets first, full reassembly will stomp on the metadata populated by virtual reassembly. Virtual reassembly gets enabled implicitly when NAT feature nodes are enabled. Those NAT feature nodes rely on the virtual reassembly metadata being populated correctly in order to find L4 proto & ports. When NAT and IP full reassembly are both enabled on an interface, NAT can drop fragmented packets because the virtual reassembly metadata can be overwritten by full reassembly. Ensure that full reassembly runs before virtual reassembly. Add a runs_before dependency to ensure that ip4-full-reassembly-feature runs before ip4-sv-reassembly-feature. There was a duplicate VNET_FEATURE_INIT() for ip4-full-reassembly-feature. It seems to have been intended for enabling ip4-full-reassembly-custom as a feature node, but its contents are identical to the earlier VNET_FEATURE_INIT() for ip4-full-reassembly-feature. Removed the duplicate. Change-Id: Ie600b854d4ceb90a7cb736810140d410b8f72447 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2023-05-15ip: allow overriding fib index in reassFlorin Coras2-6/+10
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic28da52b9c8286f71e472ef6c3afc23d464f85b0
2022-10-12ip: migrate ip4 full reassembly to use vlib_buffer_enqueue_to_nextDamjan Marion1-155/+144
Type: improvement Change-Id: Ibf683c9ba8a2751e0b40920f6735cfe0a35a6e6d Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-12ip: simpler and faster ip4_full_reass_drop_allDamjan Marion1-41/+19
Type: improvement Change-Id: I4a75583ce718ba6466cd09ca8373fd43988ef62a Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-12misc: fix issues reported by clang-15Damjan Marion2-6/+0
Type: improvement Change-Id: I3fbbda0378b72843ecd39a7e8592dedc9757793a Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-05ip: reassembly - custom context instead of VRFMohammed Hawari2-40/+137
Change-Id: Id8d6ab96a710cdd207068cf19a6363bbcd584de4 Type: improvement Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2022-10-05ip: reassembly - custom context of ipv6Mohammed Hawari2-26/+129
Change-Id: Ia5ec7fc0c71e6a0ad1b43df24bb6b88e616d260d Type: improvement Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2022-09-14ip: show fib index in ip4 reassembly traceDamjan Marion1-28/+25
Type: improvement Change-Id: I371237803e2c3cb0e1b42b94f422867465e2bff6 Signed-off-by: Damjan Marion <dmarion@me.com>
2022-08-11ip: Use .api declared error countersNeale Ranns4-80/+53
Type: improvement Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I822ead1495edb96ee62e53dc5920aa6c565e3621
2022-06-14ip: reassembly - Add node level stats, fix customapp behaviorVijayabhaskar Katamreddy1-15/+70
Type: fix Added stats for success and failure cases Fixed Custom app behaviors for the error / drop cases Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: Id6e981c7be5c5b3cee5af2df505666d5558da470
2022-05-27ip: reassembly - Fixing buffer leaks, corruption in v6 reasmVijayabhaskar Katamreddy2-42/+117
Type: fix *Buffer leaks and corruptions during internal errors, either overriding or missing to add the buffer to the list Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I1ead1eca1cde10a36d60dbfcfe36ca6375690b03
2022-05-26ip: reassembly - pacing reassembly timeouts for v6Vijayabhaskar Katamreddy1-9/+35
Type: fix Pace the main thread activity for reassembly timeouts, to avoid barrier syncs Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: Iebe9a38d2a7a6471afa6621f12bb545668dc8384
2022-05-25docs: update spelling word list and fix typosDave Wallace1-5/+5
- update wordlist and fix typos so that 'make docs-spell' passes - sort spelling_wordlist.txt - update docs maintainers list Type: docs Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I38ac7850c604c323427d2bb6877ea98bd10bcc38
2022-05-23ip: reassembly - fixing stepping index in a better wayVijayabhaskar Katamreddy1-8/+8
Type: fix pool_is_free_index() check is performed only for the first element Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: Icadc715a9b54761ec69805a134a69a262137536d
2022-05-23ip: reassembly - adding custom reassembly nodeVijayabhaskar Katamreddy1-13/+75
Type: fix Custom node functionality is missing in v6, so bringing in similar to v4 functionality into ip6 as well Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I28b0be2fc55a00bfc0b456b1caaa1dcf5641a44e
2022-05-19 ip: reassembly - pacing reassembly timeoutsVijayabhaskar Katamreddy1-4/+29
Type: fix Pace the main thread activity for reassembly timeouts, to avoid barrier syncs Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: If8c62a05c7d28bfa6ac530c2cd5124834b4e8a70
2022-05-19ip: reassembly - increasing the nbuckets for reassVijayabhaskar Katamreddy1-0/+32
Type: fix Adding stats from debugging point of view Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I3118d3fd5d630fad80a42ab960e30459789123cf
2022-05-18ip: reassembly - increasing the nbuckets for reassVijayabhaskar Katamreddy2-2/+6
Type: fix as number of reass contexts increasing based on workers, increasing the number of nbuckets for bihash Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I83d061a709ecb8845ce745b18d03fdefc795787f
2022-05-13ip: reassembly - Fixing buffer leaks, corruptionVijayabhaskar Katamreddy1-50/+126
Type: fix *Buffer leaks and corruptions during internal errors, either overriding or missing to add the buffer to the list Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I6c2406cff53a741e800e2d05593696f3e9fd6ff5
2022-05-10ip: reassembly: add documentationKlement Sekera1-0/+221
Type: docs Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I23008cde47d8b7a531346eab02902e2ced18742a
2022-05-10ip: fix buffer leaks in reassemblyKlement Sekera2-29/+32
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I952ba7e042779855e29628d048da7edec1caaafd
2022-04-04vppinfra: make _vec_len() read-onlyDamjan Marion4-6/+8
Use of _vec_len() to set vector length breaks address sanitizer. Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead. Type: improvement Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-01-31ip: reassembly - add a way to disable for forusKlement Sekera4-30/+236
Add API to disable full reassembly of "forus" packets. Mark packets passing through ip[4|6]-local nodes with a new buffer flag and check for that flag in reassembly. Enable IP6 "forus" full reassembly by default to be consistent with existing IP4 setting. Type: improvement Change-Id: I7067792fcd4304182654237968e4c4d9293c6143 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2022-01-25ip: reassembly - fix missing ip6 owner thread initKlement Sekera1-0/+1
Initialize ip6 memory owner thread index in reassembly context to avoid unnecessary handovers. Type: fix Fixes: 630ab5846bceddf8d663e9f488a2dc0378949827 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2996caf1f82a0649c97d481b74dce24a96dce326
2021-12-20ip: SVR fix race conditionKlement Sekera2-2/+14
There could be a race condition where two fragments of one chain end up at the same time on different workers, one overwriting others hash entry. Add a check for that and restart processing on the unlucky worker who ends up being second from hash table POV. This will then result in a proper handover to worker now owning this reassembly. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
2021-12-14ip: reassembly: drop zero length fragmentsKlement Sekera2-0/+16
Zero length fragments are invalid and should be dropped. This patch adds that. Type: improvement Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-10ip: reassembly: handle atomic fragments correctlyKlement Sekera2-45/+93
If a fragment arrives with fragment offset = 0 and M = 0, it means that this is actually a complete packet and per RFC 8200, it should be treated independently from other fragments. This patch does that. Fragmentation header is stripped and fragment is forwarded irregardles of other existing reassemblies in case of full reassembly and treated the same way as regular packet in shallow virtual reassembly. Type: improvement Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-03ip: extension header parsing fails for fragment headerOle Troan2-60/+59
Refactor and improve boundary checking on IPv6 extension header handling. Limit parsing of IPv6 extension headers to a maximum of 4 headers and a depth of 256 bytes. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556 Signed-off-by: Ole Troan <ot@cisco.com>
2021-11-04ip: speed up reassembly code compilationKlement Sekera4-50/+36
Refactor code so that code is inlined in one place instead of in multiple to speed up compilation. Type: refactor Change-Id: I41357b89715b66ebdc8c0d5ccd69347a254fc266 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-11-04ip: reassembly: avoid reading truncated L4 headersKlement Sekera2-80/+149
Check if L4 headers are truncated and if so, set a flag for (future) consumers instead of reading/writing garbage data. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I0b656ec103a11c356b98a6f36cad98536a78d1dc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-08-17ip: reassembly cleanupKlement Sekera4-246/+139
Remove unused parameters and fix warnings. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2d0e7b84b56817999283ecb6be606159dcb26a28
2021-07-15misc: replace CLIB_PREFETCH with clib_prefetch_{load,store}Damjan Marion1-2/+2
Type: refactor Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14vlib: pass node runtime to vlib_buffer_enqueue_to_thread()Damjan Marion4-12/+8
Mechanical change for patch following this one... Type: improvement Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-04-01ip: extend show cmd of ip reassembly configurationAnton Nikolaev4-0/+16
Type: feature Add output of field maximum reassembly length with others ip reassembly configuration fields. This field can be configured via vpp API, but there was no output of this field in vpp cli. Output added for ipv4/ipv6 and full/shallow virtual nodes. Signed-off-by: Anton Nikolaev <anikolaev@netgate.com> Change-Id: Ibbd61aab26189d4a93d32e047d8f4e589fe9f8a5
2020-12-27ip: Use full reassembly for fragments in ip6-localNeale Ranns1-2/+0
Type: fix shallow was the default, but probably by accident as it depended on module load order. full assembly is the v4 behaviour. using proper types allows gdb to print enum names. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If157c5b83614c7adbd7a15a8227a68f8caf4e92c Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-12-16ip: fix possible missing trace indexesKlement Sekera4-0/+28
Add safeguards when tracing packets to avoid cases where clear trace was issue while buffers were held in reassembly. Type: fix Change-Id: I1bdd1e629e8bc08ce63913fd3c4b2327e47dec04 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-12-14misc: move to new pool_foreach macrosDamjan Marion4-16/+16
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-12-04ip: fixup memory leak in function ip4_full_reass_drop_allbarryxie1-0/+1
Type: fix The vector 'to_free' allocated on heap should be freed to avoid memory leak. Signed-off-by: barryxie <barryxie@tencent.com> Change-Id: I539498b50a7f3e346c83b869fb400868961c233f
2020-11-26ip: reassembly - fix handoff for custom nodeKlement Sekera2-21/+111
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If484725d48190246e4da09ceaed48a68a8a253f2
2020-07-28ip: svr: improve performance for non-fragmentsKlement Sekera1-0/+206
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia77ce41a8f1a032c5e027c4bb47347752cfda0a9
2020-06-10ip: reassembly: LRU algorithm should eliminate the longest unused nodeszhengdelun2-2/+2
Type: fix Signed-off-by: zhengdelun <xszhengdelun@gmail.com> Change-Id: I3f6240b4c0798f85960acc55a193a0cbf0c67ea4
2020-05-27ip: reassembly: use correct IP header offsetKlement Sekera1-2/+7
Type: fix Ticket: VPP-1883 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Icf50a645e114fa3b7bd974f8c82f5ceebfcedcd7
2020-04-29ip: use thread local vm instead of thread main for vlib_time_now callsTom Seidenberg2-2/+2
Type: fix Change-Id: I8d68e7c7392dcb748a2a84e72c7b1ca0c6c0eb07 Signed-off-by: Tom Seidenberg <tseidenb@cisco.com>
2020-04-27ip: reassembly: fix one possible use-after-freeGao Feng2-10/+11
When use the kv->v.memory_owner_thread_index as the index to get the reass in pool, maybe this element is freed by the owner thread because of timeout, too many fragments, and so on. So we should check if do_handoff with kv->v.memory_owner_thread_index before get the reass from pool. Type: fix Signed-off-by: Gao Feng <davidfgao@tencent.com> Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09