aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2020-05-06crypto: fix coverity issuesFan Zhang1-20/+1
Fix coverity issues in crypto framework and cryptodev engine. Type: fix Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: Ib261da0163c8182c803600db22c5a6dad5a19999
2020-05-06misc: fix coverity warningsDave Barach1-1/+1
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I51660e4b02f449bd2db12a8cfd395c6c343d2dee
2020-05-05ipsec: User can choose the UDP source portNeale Ranns9-24/+110
Type: feature thus allowing NAT traversal, Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-05-05session: improve .api comments slightlyVratko Polak1-3/+3
Type: style Change-Id: Iccd2c205059abcdf121093ff03da603fe3dda1f7 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2020-05-05api: ip: add IP_ROUTE_LOOKUP APIChristian Hopps2-0/+83
Add an IP_ROUTE_LOOKUP function that does either an exact match or longest prefix match in a given fib table for a given prefix returning the match if present. Add API test. Type: improvement Signed-off-by: Christian Hopps <chopps@labn.net> Change-ID: I67ec5a61079f4acf1349a9c646185f91f5f11806
2020-05-05gso: add support for IP-IPMohsin Kazmi7-138/+266
Type: feature Change-Id: I37752af8496e0042a1da91124f3d94216b39ff11 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-05-04ethernet: add sanity checks to p2p_ethernet_add/delDave Barach2-0/+41
Binary API message handlers need to check sw_if_index values. Found in binary api fuzz testing. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I51e717e9260e58a4c36d4d95981fd001be594fed Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-05-04session: add option to preallocate fifo headersFlorin Coras5-34/+56
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
2020-05-04fib: midchain adjacency optimisationsNeale Ranns25-605/+822
Type: improvement - inline some common encap fixup functions into the midchain rewrite node so we don't incur the cost of the virtual function call - change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header - add adj-midchain-tx to multiarch sources - don't run adj-midchain-tx as a feature, instead put this node as the adj's next and at the end of the feature arc. - cache the feature arc config index (to save the cache miss going to fetch it) - don't check if features are enabled when taking the arc (since we know they are) the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc) for IPSec: - don't run esp_encrypt as a feature, instead when required insert this node into the adj's next and into the end of the feature arc. this implies that encrypt is always 'the last feature' run, which is symmetric with decrypt always being the first. - esp_encrpyt for tunnels has adj-midchain-tx as next node Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-05-04tcp: fix max tx sack blocks upper boundFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I70c63db91c3512fb724bba4762e3ca1e369ca421
2020-05-04misc: binary api fuzz test fixesDave Barach7-9/+10
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API messages, e.g. by xoring random data into them before processing. We specifically exempt client connection messages, and inband debug CLI messages. We step over msg_id, client index, client context, and sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn anything. The goal is to reduce the number of crashes caused to zero. We're fairly close with this patch. Add vl_msg_api_max_length(void *mp), which returns the maximum plausible length for a binary API message. Use it to hardern vl_api_from_api_to_new_vec(...) which takes an additional argument - message pointer - so it can verify that astr->length is sane. If it's not sane, return a u8 *vector of the form "insane astr->length nnnn\0". Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...) and vl_api_dhcp6_pd_send_client_message_t_handler(...). Add a fairly effective binary API fuzz hook to the unittest plugin, and modify the "make test" framework.py to pass "api-fuzz { on|off }" to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
2020-05-04tap: refactor existing flagsMohsin Kazmi4-17/+30
Type: refactor This patch refactor the existing flags and also add a new flag for packet coalescing. Change-Id: Ic826e4c81313f26d87c475cdf666b06cbed60a3a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-05-02ip-neighbor: honor walk callback return valueRuslan Babayev1-2/+4
Type: fix Change-Id: I5e1f7c37d612f4666edf2262b457ae0e13f20791 Signed-off-by: Ruslan Babayev <ruslan@babayev.com>
2020-05-01tap: implement sw_interface_tap_v2_dump filtering by sw_if_indexPaul Vinciguerra3-13/+12
Type: feature Change-Id: I6f607f383dc77a71e8712124f7613b38b4ac065a Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-30l2: fix coverity warnings in l2_fwd.cDave Barach1-9/+9
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ibf468970b56fc6bf8d5fb6ba491dd3e727464fc0
2020-04-30tcp: fix v6 ll lookup fibFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie4b2bca3b6b0ca6097152aab232991ca7935e442
2020-04-30session: cleanup listener segment manager on wrk freeFlorin Coras3-10/+18
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1585af9e4f4273f055aed824b133ddc8eddd1df7
2020-04-30ip-neighbor: Add flush APINeale Ranns4-0/+71
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I96509c274895b917c3e220204d7959d9270de30d
2020-04-30flow: add l2tpv3oip flowChenmin Sun2-2/+24
This patch adds the l2tpv3oip type flow support Have tested on E810 with Intel iAVF driver Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Icb5114b5f70dd7a63f681e7c6ac802fade8b8cf1
2020-04-30crypto: introduce async crypto infraFan Zhang14-740/+2890
Type: feature Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com> Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com> Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
2020-04-30tap: allow deletion of tun interfaceMatthew Smith1-2/+5
Type: improvement tap_delete_if() returns early if the interface type is not VIRTIO_IF_TYPE_TAP. Allow VIRTIO_IF_TYPE_TUN also and take appropriate action for those interfaces. Change-Id: I196b6d6f3f5e1543a14d6be76fd879d44c9794fd Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-04-29ip: use thread local vm instead of thread main for vlib_time_now callsTom Seidenberg2-2/+2
Type: fix Change-Id: I8d68e7c7392dcb748a2a84e72c7b1ca0c6c0eb07 Signed-off-by: Tom Seidenberg <tseidenb@cisco.com>
2020-04-29devices: vhost: simplify string copies for GCC-10Benoît Ganne1-10/+5
GCC-10 increases string truncations warnings. Refactor string copies confusing it. Type: refactor Change-Id: I9720a0539059de00ab212ff2fc73055f04f5af1d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-04-29tap: fix missing "num-rx-queues" from cli helpMohsin Kazmi1-6/+6
Type: fix Change-Id: Ib09c7cebb6978b3adc09ac36cb32f7947b143e51 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-04-29interface: fix interface_types.api enumsPaul Vinciguerra1-9/+8
Unspecified c enums start at 0. Unspecified api enums start at 1. Type: fix Change-Id: I431c11302c0ad897a968134ce90496af3db7bb86 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-28vlib: add ASSERT to vlib_time_now(...)Dave Barach2-2/+3
Calling vlib_time_now (&vlib_global_main) from a worker thread is a bad mistake. ASSERT (vm->thread_index == __os_thread_index) will catch it. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I55af6de84e06143f8f43adc62103b77267a7a441
2020-04-28flow: add RSS supportChenmin Sun2-2/+110
This patch enables the RSS configuration through vnet/flow interface With this RSS feature, users can config the RSS functions for specific flows Currently, it supports: default, toeplitz and symmetric_toeplitz rss function, and ipv4-tcp/ipv4-udp/ipv6-tcp/ipv6-ucp flow types Users can use the following options to combine with above flow types for more specific hash input set selection: l3-src-only, l3-dst-only, l4-src-only, l4-dst-only Command line: test flow add dst-ip any proto udp rss function default rss types ipv4-tcp use l3-dst-only test flow add dst-ip any proto udp rss function toeplitz rss types ipv4-udp use l4-src-only test flow add dst-ip any proto udp rss function symmetric_toeplitz rss types ipv6-udp use l3-src-only and l3-dst-only Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I213efc76dc8af37f2f63605884f353e05b0f5d2a
2020-04-28tap: use one tap fd per rx queueAloys Augustin3-35/+64
This matches vhost queues to linux netdev queues and avoids random packet shuffling across vhost queues on rx. Change-Id: I9901689d361e440fb0b91c9fbaf8124ce525b316 Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2020-04-28ipsec: fix buffer allocFilip Tehlar1-1/+7
Type: fix Change-Id: I0f12c19b79df19b692f18ac13d6c32341853b764 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-04-28tests: implement ipaddress convenience methodsPaul Vinciguerra1-8/+8
Add vpp specific properties to ip addresses for use in the api. .vapi_af -- returns [ADDRESS_IP4, ADDRESS_IP6] .vapi_af_name -- returns the string ['ip4', 'ip6'] Update tests to demonstrate usage. Type: feature Change-Id: I43447a1522769d99f89debdc714c51700068d771 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-28lisp: API cleanupJakub Grajciar12-924/+651
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: Ib7f73a0b6de188982a09040f7739dc46be3cb1de Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-04-28tests: move defaults from defaultmapping to .api filesPaul Vinciguerra8-24/+24
facilitates use of papi beyond the tests. Type: improvement Change-Id: I3d502d9130b81a7fb65ee69bb06fe55802b28a27 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-04-28tcp: remove sack reneging verbose loggingFlorin Coras1-2/+0
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4dbbf8456d0ed2350459fcdc0664bbae024072fc
2020-04-27virtio: support virtio 1.1 packed ring in vhostSteven Luong8-156/+1604
virtio 1.1 defines a number of new features. Packed ring is among the most notable and important one. It combines used, available, and descripptor rings into one. This patch provides experimental support for packed ring. To avoid regression, when packed ring is configured for the interface, it is branched to a separate RX and TX driver. Non packed ring should continue to perform as it was before. Packed ring is tested using qemu4.2 and ubuntu focal fossa (kernel 5.4.0-12) on the guess VM which supports packed ring. To configure VPP with packed ring, just add the optional keyword "packed" when creating the vhost interface. To bring up the guest VM with packed ring, add "packed=on" in the qemu launch command. To facilitate troubleshooting, also added "verbose" option in show vhost desc CLI to include displaying the indirect descriptors. Known qemu reconnect issue - If VPP is restarted, guest VMs also need to be restarted. The problem is kernel virtio-net-pci keeps track of the previous available and used indices. For virtio 1.0, these indices are in shared memory and qemu can easily copy them to pass to the backend for reconnect. For virio 1.1, these indices are no longer in shared memory. Qemu needs a new mechanism to retrieve them and it is not currently implemented. So when the protocol reconnects, qemu does not have the correct available and used indices to pass to the backend. As a result, after the reconnect, virtio-net-pci is reading the TX ring from the wrong position in the ring, not the same position which the backend is writing. Similar problem exists also in the RX. Type: feature Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I5afc50b0bafab5a1de7a6dd10f399db3fafd144c
2020-04-27l2: merge two clib_memcpy_fast into oneZhiyong Yang1-11/+16
Merge two memcpy into one by swapping src and dst address in l2fwd_trace_t. Type: improvement Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> Change-Id: I71c5ecad0b453a434b1cb292ef03d88a760255c8
2020-04-27ip: reassembly: fix one possible use-after-freeGao Feng2-10/+11
When use the kv->v.memory_owner_thread_index as the index to get the reass in pool, maybe this element is freed by the owner thread because of timeout, too many fragments, and so on. So we should check if do_handoff with kv->v.memory_owner_thread_index before get the reass from pool. Type: fix Signed-off-by: Gao Feng <davidfgao@tencent.com> Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09
2020-04-27devices: allow link state down with netlinkMatthew Smith1-1/+1
Type: fix Use the up parameter in vnet_netlink_set_link_state(). It was ignoring the parameter and always setting IFF_UP on an interface. Change-Id: I0d44406d982afbdc43bc6b26d0f22c0bdd47abdc Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-04-25tls: improve cli state reportingFlorin Coras1-3/+12
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I02d60134d6069764da75dc6d206b376a0d46998e
2020-04-25session vcl: propagate transport cleanup notificationsFlorin Coras4-6/+15
Type: improvement Can be used to force app to close a connection on which it still waits for data. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7c3a8245cbbc23728e4408feb63a659a11f718ed
2020-04-24nat: make usage of vnet_buffer2 transparentKlement Sekera1-0/+6
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I50df248afb3f6b46c49e6695b3f124cfd584f016
2020-04-24ip: reassembly: improve type safetyKlement Sekera4-30/+24
Type: refactor Change-Id: Ib2d4a11ffa0e1e56ca05705ba8cdf84e6cc66427 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-04-24ip: Setting the Link-Local address from the API enables IPv6 on theNeale Ranns5-15/+20
interface Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0b7c189006e30a357cd6be4f3c9c61fded4157cb
2020-04-24virtio: vhost checksum problem for ipv6Steven Luong1-3/+3
When checksum is enable for IPv6, it erroneously set the flag VNET_BUFFER_F_OFFLOAD_IP_CKSUM. That flag is meant for ip4 packets only. Type: fix Ticket: VPP-1857 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Id03b2937bfa34e2a9b50a36aafe0700bad7fb95e (cherry picked from commit f78294d8468f156e066e7e69aab3a1b285810c3a)
2020-04-24ipsec: add input node bypass/discard functionalityShivaShankarK3-164/+263
add bypass/discard functionality to ipsec4-input-feature node Type: feature Signed-off-by: ShivaShankarK <shivaashankar1204@gmail.com> Change-Id: I152a5dfee0296109cccabe349a330dbbe395cc6c
2020-04-23session: fix session_table_get_or_allocAndreas Schultz1-8/+11
Extending the fib_index_to_table_index could leave entries uninitialized, pointing to the session tables at index 0. That session index exists by default, but it is a IPv4 session table. That would break all IPv6 on the unitilized fib indexes. Type: fix Change-Id: Ie3f0a87a7f829ceb39f75ec06658b0ad1d3813ae Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
2020-04-23ip: Replace Sematics for Interface IP addressesNeale Ranns13-295/+626
Type: feature - replace functions for prefixes attached to interfaces - add ip_interface.[ch] to consoldate the functions Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9c0c39c09dbf80ea1aadefee02c9bd16f094b6ad
2020-04-23ip-neighbor: Replace feature for the ip-neighbor data-baseNeale Ranns6-15/+145
Type: feature DB replace is implemented with a mark and sweep algorithm (just the the FIB) Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I54ab06e11552219e2a18e1b4a87d531321cf3829
2020-04-22tcp: avoid bt sample access after possible pool reallocFlorin Coras1-6/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I98f943c8862fa74fb576f9ec1fb9186289b1216b
2020-04-22ip: fix format functions for u8 address_familyNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I8c9f5330879fb8f51792b4476d5f0c873dbe4d7a
2020-04-22lisp: switch to new timer wheel codeFlorin Coras3-15/+11
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie212a43c435cfa7f8fac65d1620258913611c527