path: root/src/vnet/ipsec-gre
AgeCommit message (Collapse)AuthorFilesLines
2018-01-23VPPAPIGEN: vppapigen replacement in Python PLY.Ole Troan1-2/+2
This is a version of the VPP API generator in Python PLY. It supports the existing language, and has a plugin architecture for generators. Currently C and JSON are supported. Changes: - vl_api_version to option version = "major.minor.patch" - enum support - Added error checking and reporting - import support (removed the C pre-processor) - services (tying request/reply together) Version: option version = "1.0.0"; Enum: enum colours { RED, BLUE = 50, }; define foo { vl_api_colours_t colours; }; Services: service { rpc foo returns foo_reply; rpc foo_dump returns stream foo_details; rpc want_stats returns want_stats_reply events ip4_counters, ip6_counters; }; Future planned features: - unions - bool, text - array support (including length) - proto3 output plugin - Refactor C/C++ generator as a plugin - Refactor Java generator as a plugin Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf Signed-off-by: Ole Troan <ot@cisco.com>
2018-01-11api: remove transport specific code from handlersFlorin Coras1-10/+8
This does not update api client code. In other words, if the client assumes the transport is shmem based, this patch does not change that. Furthermore, code that checks queue size, for tail dropping, is not updated. Done for the following apis: Plugins - acl - gtpu - memif - nat - pppoe VNET - bfd - bier - tapv2 - vhost user - dhcp - flow - geneve - ip - punt - ipsec/ipsec-gre - l2 - l2tp - lisp-cp/one-cp - lisp-gpe - map - mpls - policer - session - span - udp - tap - vxlan/vxlan-gpe - interface VPP - api/api.c OAM - oam_api.c Stats - stats.c Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-09api: refactor vlibmemoryFlorin Coras1-2/+2
- separate client/server code for both memory and socket apis - separate memory api code from generic vlib api code - move unix_shared_memory_fifo to svm and rename to svm_fifo_t - overall declutter Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-24Add extern to *_main global variable declarations in header files.Dave Wallace1-1/+1
- Global variables declared in header files without the use of the 'extern' keword will result in multiple instances of the variable to be created by the compiler -- one for each different source file in which the the header file is included. This results in wasted memory allocated in the BSS segments as well as potentially introducing bugs in the application. Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-09vppapigen: support per-file (major,minor,patch) version stampsDave Barach1-0/+2
Add one of these statements to foo.api: vl_api_version 1.2.3 to generate a version tuple stanza in foo.api.h: /****** Version tuple *****/ vl_api_version_tuple(foo, 1, 2, 3) Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Ole Troan <ot@cisco.com>
2017-04-05GRE over IPv6Ciara Loftus1-12/+12
Refactors the GRE node to work with both IPv4 and IPv6 transports. Note that this changes the binary configuration API to support both address families; each address uses the same memory for either address type and a flag to indicate which is in use. The CLI and VAT syntax remains unchanged; the code detects whether an IPv4 or an IPv6 address was given. Configuration examples: IPv4 CLI: create gre tunnel src dst IPv6 CLI: create gre tunnel src 2620:124:9000::1 dst 2620:124:9000::2 IPv4 VAT: gre_add_del_tunnel src dst IPv6 VAT: gre_add_del_tunnel src 2620:124:9000::1 dst 2620:124:9000::2 Change-Id: Ica8ee775dc101047fb8cd41617ddc8fafc2741b0 Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall1-10/+24
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-27dpdk: rework cryptodev ipsec build and setupSergio Gonzalez Monroy1-7/+1
Build Cryptodev IPsec support by default when DPDK is enabled but only build hardware Cryptodev PMDs. To enable Cryptodev support, a new startup.conf option for dpdk has been introduced 'enable-cryptodev'. During VPP init, if Cryptodev support is not enabled or not enough cryptodev resources are available then default to OpenSSL ipsec implementation. Change-Id: I5aa7e0d5c2676bdb41d775ef40364536a081956d Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion9-0/+1652
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>
ght .dl { color: #e6db74 } /* Literal.String.Delimiter */ .highlight .sd { color: #e6db74 } /* Literal.String.Doc */ .highlight .s2 { color: #e6db74 } /* Literal.String.Double */ .highlight .se { color: #ae81ff } /* Literal.String.Escape */ .highlight .sh { color: #e6db74 } /* Literal.String.Heredoc */ .highlight .si { color: #e6db74 } /* Literal.String.Interpol */ .highlight .sx { color: #e6db74 } /* Literal.String.Other */ .highlight .sr { color: #e6db74 } /* Literal.String.Regex */ .highlight .s1 { color: #e6db74 } /* Literal.String.Single */ .highlight .ss { color: #e6db74 } /* Literal.String.Symbol */ .highlight .bp { color: #f8f8f2 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #a6e22e } /* Name.Function.Magic */ .highlight .vc { color: #f8f8f2 } /* Name.Variable.Class */ .highlight .vg { color: #f8f8f2 } /* Name.Variable.Global */ .highlight .vi { color: #f8f8f2 } /* Name.Variable.Instance */ .highlight .vm { color: #f8f8f2 } /* Name.Variable.Magic */ .highlight .il { color: #ae81ff } /* Literal.Number.Integer.Long */ } @media (prefers-color-scheme: light) { .highlight .hll { background-color: #ffffcc } .highlight .c { color: #888888 } /* Comment */ .highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */ .highlight .k { color: #008800; font-weight: bold } /* Keyword */ .highlight .ch { color: #888888 } /* Comment.Hashbang */ .highlight .cm { color: #888888 } /* Comment.Multiline */ .highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */ .highlight .cpf { color: #888888 } /* Comment.PreprocFile */ .highlight .c1 { color: #888888 } /* Comment.Single */ .highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */ .highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */ .highlight .ge { font-style: italic } /* Generic.Emph */ .highlight .gr { color: #aa0000 } /* Generic.Error */ .highlight .gh { color: #333333 } /* Generic.Heading */ .highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */ .highlight .go { color: #888888 } /* Generic.Output */ .highlight .gp { color: #555555 } /* Generic.Prompt */ .highlight .gs { font-weight: bold } /* Generic.Strong */ .highlight .gu { color: #666666 } /* Generic.Subheading */ .highlight .gt { color: #aa0000 } /* Generic.Traceback */ .highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */ .highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */ .highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */ .highlight .kp { color: #008800 } /* Keyword.Pseudo */ .highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */ .highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */ .highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */ .highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */ .highlight .na { color: #336699 } /* Name.Attribute */ .highlight .nb { color: #003388 } /* Name.Builtin */ .highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */ .highlight .no { color: #003366; font-weight: bold } /* Name.Constant */ .highlight .nd { color: #555555 } /* Name.Decorator */ .highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */ .highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */ .highlight .nl { color: #336699; font-style: italic } /* Name.Label */ .highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */ .highlight .py { color: #336699; font-weight: bold } /* Name.Property */ .highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */ .highlight .nv { color: #336699 } /* Name.Variable */ .highlight .ow { color: #008800 } /* Operator.Word */ .highlight .w { color: #bbbbbb } /* Text.Whitespace */ .highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */ .highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */ .highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */ .highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */ .highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */ .highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */ .highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */ .highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */ .highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */ .highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */ .highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */ .highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */ .highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */ .highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */ .highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */ .highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */ .highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */ .highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */ .highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */ .highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */ .highlight .vc { color: #336699 } /* Name.Variable.Class */ .highlight .vg { color: #dd7700 } /* Name.Variable.Global */ .highlight .vi { color: #3333bb } /* Name.Variable.Instance */ .highlight .vm { color: #336699 } /* Name.Variable.Magic */ .highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */ }
 * Copyright (c) 2016 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *     http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * See the License for the specific language governing permissions and
 * limitations under the License.

#include <vlib/vlib.h>
#include <vnet/vnet.h>
#include <vnet/pg/pg.h>
#include <vnet/ip/ip.h>

#include <vnet/udp/udp.h>
#include <vppinfra/hash.h>
#include <vppinfra/error.h>
#include <vppinfra/elog.h>

#include <vnet/udp/udp_packet.h>

#include <vlibmemory/api.h>
#include "../session/application_interface.h"

vlib_node_registration_t udp4_uri_input_node;

typedef struct
  u32 session;
  u32 disposition;
  u32 thread_index;
} udp4_uri_input_trace_t;

/* packet trace format function */
static u8 *
format_udp4_uri_input_trace (u8 * s, va_list * args)
  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
  udp4_uri_input_trace_t *t = va_arg (*args, udp4_uri_input_trace_t *);

  s = format (s, "UDP4_URI_INPUT: session %d, disposition %d, thread %d",
	      t->session, t->disposition, t->thread_index);
  return s;

typedef enum
} udp4_uri_input_next_t;

static char *udp4_uri_input_error_strings[] = {
#define _(sym,string) string,
#undef _

static uword
udp4_uri_input_node_fn (vlib_main_t * vm,
			vlib_node_runtime_t * node, vlib_frame_t * frame)
  u32 n_left_from, *from, *to_next;
  udp4_uri_input_next_t next_index;
  udp_uri_main_t *um = vnet_get_udp_main ();
  session_manager_main_t *smm = vnet_get_session_manager_main ();
  u32 my_thread_index = vm->cpu_index;
  u8 my_enqueue_epoch;
  u32 *session_indices_to_enqueue;
  static u32 serial_number;
  int i;

  my_enqueue_epoch = ++smm->current_enqueue_epoch[my_thread_index];

  from = vlib_frame_vector_args (frame);
  n_left_from = frame->n_vectors;
  next_index = node->cached_next_index;

  while (n_left_from > 0)
      u32 n_left_to_next;

      vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);

      while (n_left_from > 0 && n_left_to_next > 0)
	  u32 bi0;
	  vlib_buffer_t *b0;
	  u32 next0 = UDP4_URI_INPUT_NEXT_DROP;
	  udp_header_t *udp0;
	  ip4_header_t *ip0;
	  stream_session_t *s0;
	  svm_fifo_t *f0;
	  u16 udp_len0;
	  u8 *data0;

	  /* speculatively enqueue b0 to the current next frame */
	  bi0 = from[0];
	  to_next[0] = bi0;
	  from += 1;
	  to_next += 1;
	  n_left_from -= 1;
	  n_left_to_next -= 1;

	  b0 = vlib_get_buffer (vm, bi0);

	  /* udp_local hands us a pointer to the udp data */

	  data0 = vlib_buffer_get_current (b0);
	  udp0 = (udp_header_t *) (data0 - sizeof (*udp0));

	  /* $$$$ fixme: udp_local doesn't do ip options correctly anyhow */
	  ip0 = (ip4_header_t *) (((u8 *) udp0) - sizeof (*ip0));
	  s0 = 0;

	  /* lookup session */
	  s0 = stream_session_lookup4 (&ip0->dst_address, &ip0->src_address,
				       udp0->dst_port, udp0->src_port,
				       SESSION_TYPE_IP4_UDP, my_thread_index);

	  /* no listener */
	  if (PREDICT_FALSE (s0 == 0))
	      goto trace0;

	  f0 = s0->server_rx_fifo;

	  /* established hit */
	  if (PREDICT_TRUE (s0->session_state == SESSION_STATE_READY))
	      udp_len0 = clib_net_to_host_u16 (udp0->length);

	      if (PREDICT_FALSE (udp_len0 > svm_fifo_max_enqueue (f0)))
		  goto trace0;

	      svm_fifo_enqueue_nowait (f0, 0 /* pid */ ,
				       udp_len0 - sizeof (*udp0),
				       (u8 *) (udp0 + 1));

	      b0->error = node->errors[SESSION_ERROR_ENQUEUED];

	      /* We need to send an RX event on this fifo */
	      if (s0->enqueue_epoch != my_enqueue_epoch)
		  s0->enqueue_epoch = my_enqueue_epoch;

		  vec_add1 (smm->session_indices_to_enqueue_by_thread
			    s0 - smm->sessions[my_thread_index]);
	  /* listener hit */
	  else if (s0->session_state == SESSION_STATE_LISTENING)
	      udp_connection_t *us;
	      int rv;

	      error0 = SESSION_ERROR_NOT_READY;

	       * create udp transport session
	      pool_get (um->udp_sessions[my_thread_index], us);

	      us->mtu = 1024;	/* $$$$ policy */

	      us->c_lcl_ip4.as_u32 = ip0->dst_address.as_u32;
	      us->c_rmt_ip4.as_u32 = ip0->src_address.as_u32;
	      us->c_lcl_port = udp0->dst_port;
	      us->c_rmt_port = udp0->src_port;
	      us->c_proto = SESSION_TYPE_IP4_UDP;
	      us->c_c_index = us - um->udp_sessions[my_thread_index];

	       * create stream session and attach the udp session to it
	      rv = stream_session_accept (&us->connection, s0->session_index,
					  1 /*notify */ );
	      if (rv)
		error0 = rv;


	      error0 = SESSION_ERROR_NOT_READY;
	      goto trace0;

	  b0->error = node->errors[error0];

	  if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
			     && (b0->flags & VLIB_BUFFER_IS_TRACED)))
	      udp4_uri_input_trace_t *t =
		vlib_add_trace (vm, node, b0, sizeof (*t));

	      t->session = ~0;
	      if (s0)
		t->session = s0 - smm->sessions[my_thread_index];
	      t->disposition = error0;
	      t->thread_index = my_thread_index;

	  /* verify speculative enqueue, maybe switch current next frame */
	  vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
					   to_next, n_left_to_next,
					   bi0, next0);

      vlib_put_next_frame (vm, node, next_index, n_left_to_next);

  /* Send enqueue events */

  session_indices_to_enqueue =

  for (i = 0; i < vec_len (session_indices_to_enqueue); i++)
      session_fifo_event_t evt;
      unix_shared_memory_queue_t *q;
      stream_session_t *s0;
      application_t *server0;

      /* Get session */
      s0 = pool_elt_at_index (smm->sessions[my_thread_index],

      /* Get session's server */
      server0 = application_get (s0->app_index);

      /* Built-in server? Deliver the goods... */
      if (server0->cb_fns.builtin_server_rx_callback)
	  server0->cb_fns.builtin_server_rx_callback (s0);

      if (svm_fifo_set_event (s0->server_rx_fifo))
	  /* Fabricate event */
	  evt.fifo = s0->server_rx_fifo;
	  evt.event_type = FIFO_EVENT_SERVER_RX;
	  evt.event_id = serial_number++;

	  /* Add event to server's event queue */
	  q = server0->event_queue;

	  /* Don't block for lack of space */
	  if (PREDICT_TRUE (q->cursize < q->maxsize))
	      unix_shared_memory_queue_add (server0->event_queue,
					    (u8 *) & evt,
					    0 /* do wait for mutex */ );
	      vlib_node_increment_counter (vm, udp4_uri_input_node.index,
      /* *INDENT-OFF* */
      if (1)
	      .format = "evt-enqueue: id %d length %d",
	      .format_args = "i4i4",};
	    u32 data[2];
	  } *ed;
	  ed = ELOG_DATA (&vlib_global_main.elog_main, e);
	  ed->data[0] = evt.event_id;
	  ed->data[1] = svm_fifo_max_dequeue (s0->server_rx_fifo);
      /* *INDENT-ON* */


  vec_reset_length (session_indices_to_enqueue);

  smm->session_indices_to_enqueue_by_thread[my_thread_index] =

  return frame->n_vectors;

VLIB_REGISTER_NODE (udp4_uri_input_node) =
  .function = udp4_uri_input_node_fn,.name = "udp4-uri-input",.vector_size =
    sizeof (u32),.format_trace = format_udp4_uri_input_trace,.type =
    ARRAY_LEN (udp4_uri_input_error_strings),.error_strings =
    udp4_uri_input_error_strings,.n_next_nodes = UDP4_URI_INPUT_N_NEXT,
    /* edit / add dispositions here */
    .next_nodes =
  [UDP4_URI_INPUT_NEXT_DROP] = "error-drop",}

 * fd.io coding-style-patch-verification: ON
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End: