Age | Commit message (Collapse) | Author | Files | Lines |
|
Fix coverity issues in crypto framework and cryptodev
engine.
Type: fix
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Ib261da0163c8182c803600db22c5a6dad5a19999
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I51660e4b02f449bd2db12a8cfd395c6c343d2dee
|
|
Type: feature
thus allowing NAT traversal,
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: style
Change-Id: Iccd2c205059abcdf121093ff03da603fe3dda1f7
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Add an IP_ROUTE_LOOKUP function that does either an exact match or
longest prefix match in a given fib table for a given prefix
returning the match if present.
Add API test.
Type: improvement
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-ID: I67ec5a61079f4acf1349a9c646185f91f5f11806
|
|
Type: feature
Change-Id: I37752af8496e0042a1da91124f3d94216b39ff11
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Binary API message handlers need to check sw_if_index
values.
Found in binary api fuzz testing.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I51e717e9260e58a4c36d4d95981fd001be594fed
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
|
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I70c63db91c3512fb724bba4762e3ca1e369ca421
|
|
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.
The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.
Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.
Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".
Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).
Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
|
|
Type: refactor
This patch refactor the existing flags and also add a new
flag for packet coalescing.
Change-Id: Ic826e4c81313f26d87c475cdf666b06cbed60a3a
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: I5e1f7c37d612f4666edf2262b457ae0e13f20791
Signed-off-by: Ruslan Babayev <ruslan@babayev.com>
|
|
Type: feature
Change-Id: I6f607f383dc77a71e8712124f7613b38b4ac065a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ibf468970b56fc6bf8d5fb6ba491dd3e727464fc0
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie4b2bca3b6b0ca6097152aab232991ca7935e442
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1585af9e4f4273f055aed824b133ddc8eddd1df7
|
|
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I96509c274895b917c3e220204d7959d9270de30d
|
|
This patch adds the l2tpv3oip type flow support
Have tested on E810 with Intel iAVF driver
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Icb5114b5f70dd7a63f681e7c6ac802fade8b8cf1
|
|
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com>
Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com>
Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
|
|
Type: improvement
tap_delete_if() returns early if the interface type is not
VIRTIO_IF_TYPE_TAP. Allow VIRTIO_IF_TYPE_TUN also and take
appropriate action for those interfaces.
Change-Id: I196b6d6f3f5e1543a14d6be76fd879d44c9794fd
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: fix
Change-Id: I8d68e7c7392dcb748a2a84e72c7b1ca0c6c0eb07
Signed-off-by: Tom Seidenberg <tseidenb@cisco.com>
|
|
GCC-10 increases string truncations warnings. Refactor string copies
confusing it.
Type: refactor
Change-Id: I9720a0539059de00ab212ff2fc73055f04f5af1d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: Ib09c7cebb6978b3adc09ac36cb32f7947b143e51
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Unspecified c enums start at 0.
Unspecified api enums start at 1.
Type: fix
Change-Id: I431c11302c0ad897a968134ce90496af3db7bb86
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Calling vlib_time_now (&vlib_global_main) from a worker thread is a bad
mistake. ASSERT (vm->thread_index == __os_thread_index) will catch it.
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I55af6de84e06143f8f43adc62103b77267a7a441
|
|
This patch enables the RSS configuration through vnet/flow interface
With this RSS feature, users can config the RSS functions for specific flows
Currently, it supports:
default, toeplitz and symmetric_toeplitz rss function, and
ipv4-tcp/ipv4-udp/ipv6-tcp/ipv6-ucp flow types
Users can use the following options to combine with above flow
types for more specific hash input set selection:
l3-src-only, l3-dst-only, l4-src-only, l4-dst-only
Command line:
test flow add dst-ip any proto udp rss function default rss types ipv4-tcp use l3-dst-only
test flow add dst-ip any proto udp rss function toeplitz rss types ipv4-udp use l4-src-only
test flow add dst-ip any proto udp rss function symmetric_toeplitz rss types ipv6-udp use l3-src-only and l3-dst-only
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I213efc76dc8af37f2f63605884f353e05b0f5d2a
|
|
This matches vhost queues to linux netdev queues and avoids random
packet shuffling across vhost queues on rx.
Change-Id: I9901689d361e440fb0b91c9fbaf8124ce525b316
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: fix
Change-Id: I0f12c19b79df19b692f18ac13d6c32341853b764
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Add vpp specific properties to ip addresses for use in the api.
.vapi_af -- returns [ADDRESS_IP4, ADDRESS_IP6]
.vapi_af_name -- returns the string ['ip4', 'ip6']
Update tests to demonstrate usage.
Type: feature
Change-Id: I43447a1522769d99f89debdc714c51700068d771
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ib7f73a0b6de188982a09040f7739dc46be3cb1de
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
facilitates use of papi beyond the tests.
Type: improvement
Change-Id: I3d502d9130b81a7fb65ee69bb06fe55802b28a27
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4dbbf8456d0ed2350459fcdc0664bbae024072fc
|
|
virtio 1.1 defines a number of new features. Packed ring is among the most
notable and important one. It combines used, available, and descripptor rings
into one.
This patch provides experimental support for packed ring. To avoid
regression, when packed ring is configured for the interface, it is branched
to a separate RX and TX driver. Non packed ring should continue to perform
as it was before.
Packed ring is tested using qemu4.2 and ubuntu focal fossa (kernel 5.4.0-12)
on the guess VM which supports packed ring.
To configure VPP with packed ring, just add the optional keyword "packed"
when creating the vhost interface. To bring up the guest VM with packed ring,
add "packed=on" in the qemu launch command.
To facilitate troubleshooting, also added "verbose" option in
show vhost desc CLI to include displaying the indirect descriptors.
Known qemu reconnect issue -
If VPP is restarted, guest VMs also need to be restarted. The problem
is kernel virtio-net-pci keeps track of the previous available and used
indices. For virtio 1.0, these indices are in shared memory and qemu can
easily copy them to pass to the backend for reconnect. For virio 1.1, these
indices are no longer in shared memory. Qemu needs a new mechanism to retrieve
them and it is not currently implemented. So when the protocol reconnects,
qemu does not have the correct available and used indices to pass to the
backend. As a result, after the reconnect, virtio-net-pci is reading the TX
ring from the wrong position in the ring, not the same position which the
backend is writing. Similar problem exists also in the RX.
Type: feature
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I5afc50b0bafab5a1de7a6dd10f399db3fafd144c
|
|
Merge two memcpy into one by swapping src and dst address in
l2fwd_trace_t.
Type: improvement
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Change-Id: I71c5ecad0b453a434b1cb292ef03d88a760255c8
|
|
When use the kv->v.memory_owner_thread_index as the index to get the
reass in pool, maybe this element is freed by the owner thread because
of timeout, too many fragments, and so on.
So we should check if do_handoff with kv->v.memory_owner_thread_index
before get the reass from pool.
Type: fix
Signed-off-by: Gao Feng <davidfgao@tencent.com>
Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09
|
|
Type: fix
Use the up parameter in vnet_netlink_set_link_state(). It was
ignoring the parameter and always setting IFF_UP on an interface.
Change-Id: I0d44406d982afbdc43bc6b26d0f22c0bdd47abdc
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I02d60134d6069764da75dc6d206b376a0d46998e
|
|
Type: improvement
Can be used to force app to close a connection on which it still waits
for data.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7c3a8245cbbc23728e4408feb63a659a11f718ed
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I50df248afb3f6b46c49e6695b3f124cfd584f016
|
|
Type: refactor
Change-Id: Ib2d4a11ffa0e1e56ca05705ba8cdf84e6cc66427
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
interface
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0b7c189006e30a357cd6be4f3c9c61fded4157cb
|
|
When checksum is enable for IPv6, it erroneously set the flag
VNET_BUFFER_F_OFFLOAD_IP_CKSUM. That flag is meant for ip4 packets only.
Type: fix
Ticket: VPP-1857
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Id03b2937bfa34e2a9b50a36aafe0700bad7fb95e
(cherry picked from commit f78294d8468f156e066e7e69aab3a1b285810c3a)
|
|
add bypass/discard functionality to ipsec4-input-feature node
Type: feature
Signed-off-by: ShivaShankarK <shivaashankar1204@gmail.com>
Change-Id: I152a5dfee0296109cccabe349a330dbbe395cc6c
|
|
Extending the fib_index_to_table_index could leave entries uninitialized,
pointing to the session tables at index 0. That session index exists by
default, but it is a IPv4 session table. That would break all IPv6 on
the unitilized fib indexes.
Type: fix
Change-Id: Ie3f0a87a7f829ceb39f75ec06658b0ad1d3813ae
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
|
|
Type: feature
- replace functions for prefixes attached to interfaces
- add ip_interface.[ch] to consoldate the functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9c0c39c09dbf80ea1aadefee02c9bd16f094b6ad
|
|
Type: feature
DB replace is implemented with a mark and sweep algorithm (just the the
FIB)
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I54ab06e11552219e2a18e1b4a87d531321cf3829
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I98f943c8862fa74fb576f9ec1fb9186289b1216b
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I8c9f5330879fb8f51792b4476d5f0c873dbe4d7a
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie212a43c435cfa7f8fac65d1620258913611c527
|