aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2021-06-11session: half-open free only on main threadFlorin Coras1-4/+3
TCP and (D)TLS clean up half-opens on main without a lock/barrier so cleanup initiated from first worker, e.g., cut-throughs, can corrupt the session pool. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2e5162831c0e201b22454f17fe55bfac44b85fa9 (cherry picked from commit 6bd54caf46aaa68dddbae6161688d428ce60550b)
2021-06-09fib: make sure dpo is valid even when path pool expandsBenoît Ganne1-8/+22
The path pool can expand during in fib_path_attached_next_hop_get_adj() when calling adj_nbr_add_or_lock(). If dpo points to a path->fp_dpo, its reference becomes stale. Use a temporary copy instead. Type: fix Change-Id: Ie966cb5f3f7b416425964dca12f1f586bfc2010c Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit e9d7b0982d7bd189097260b6581abff472da251a)
2021-06-09fib: make sure adj is valid during walkBenoît Ganne1-0/+3
The adj can be deleted during fib_walk_sync(), make sure it can happen only after clearing the SYNC_WALK_ACTIVE flag. Type: fix Change-Id: I68be00e9602e2783d9dced71c51547c38b7e8a00 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 9f10edbb46dc1937ed99469a581723cb1ac1ff45)
2021-06-09ipsec: fix crypto ops in esp decryptBenoît Ganne1-2/+7
When both chained and non-chained buffers are processed in the same vector, make sure the non-chained buffers are processed as non-chained crypto ops. Type: fix Change-Id: I19fc02c25a0d5e2e8a1342e2b88bbae3fe92862f Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit e631ece4aa32b33651ed458200ab551ffb8fbb47)
2021-06-03session: avoid ct connects loopFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I99af136ecab9be1f9e00de6d197b8f1c74ab4b20 (cherry picked from commit 821b5002bf5cd18e1ec7750ff1b6fb379b241869)
2021-06-03session: lcl transport info on acceptFlorin Coras2-0/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia46b0b8afed30f84b244c06f0457303f9e8832cd (cherry picked from commit 67c90a32b7ad0c5a38c483ce849cc7a231e7ba54)
2021-06-01interface: fix vnet_sw_interface_update_unnumberedDave Barach1-6/+13
Unless a software interface is actually unnumbered, do not set ip[46]_main.lookup_main.if_address_pool_index_by_sw_if_index [sw_if_index] to ~0 Fixes this scenario: loop create set int state loop0 up create sub-interface loop0 1 set interface ip addr loop0.1 192.168.1.1/24 delete sub-interface loop0.1 set int ip addr loop0 192.168.1.1/24 Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I46141d862fa57d70b93d7bb0c105403708165264 (cherry picked from commit 64d20e76b9108c9158b2b538cd2312d740f48103)
2021-05-26fib: During the mfib lookup set the unicast FIB index in the packet so that ↵Neale Ranns1-26/+28
a uRPF check on a for-us packet is done in the correct VRF Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Iafa6efea0d96962aa9136dccefc148a961f74476
2021-05-25srtp: basic implementation based on libsrtp2Florin Coras2-2/+3
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic5e99938a5f130e83de6d590d2f89252d055bceb
2021-05-25interface: show if tx queue is sharedDamjan Marion1-4/+6
Type: improvement Change-Id: Idb48f835730db6c652c4b0e6ef310c7f36599a72 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-21session: improve main thread connects rpcFlorin Coras2-18/+26
Avoid grabbing the worker barrier if there's no work to be done. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ice3de5df41cd1752aba3419ad2e2dd82f30e9bfb
2021-05-21bfd: use vnet cryptoKlement Sekera3-104/+43
Type: improvement Change-Id: I873a99c1258a97ed5ed195b9756e8302f865e7f0 Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-05-21ipsec: Default the IPSec interface MTU to 9000Neale Ranns1-0/+1
Type: fix The same value is used for other tunnel types. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I6593001918993d65f127cc9f716c95e932239842
2021-05-20gre: Walk IPv6 adjacencies during restackMatthew Smith1-2/+4
Type: fix If a GRE tunnel is created and the peer is not resolved yet and an IPv6 route is added which points to the tunnel, packets matching the route will be dropped. When the tunnel peer is resolved, adjacencies on the tunnel interface should be restacked and packets matching the route can be encapsulated and sent.. There is a loop that is intended to do this for both IPv4 and IPv6. The call to walk adjacencies is invoked in a "return" statement though. So the loop is exited and the function returns before IPv6 adjacencies are walked. Remove the return so the loop finishes. Change-Id: Ia4f695681713020209ea490ae4142857cea49c41 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-05-20tls svm: prealloc tcp fifo chunks before ssl writeFlorin Coras1-1/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7c47b55ec6f0c83f2d13e0e737d0559a32f7c837
2021-05-20session: fix transport half-open cleanup callFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I47d241a8f2f9e9d0761d14dcddd3327c3b28932c
2021-05-19session: cleanup event llist usageFlorin Coras3-41/+27
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I750c856ac81d951e8c0e62c710e0f35a0c80d6f9
2021-05-19session: fix session queue node access on disableFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie4e3623e7e00456437fac5fb8f9c9083f1aa2a2e
2021-05-19interface: shared tx queue supportDamjan Marion2-4/+7
Type: improvement Change-Id: I6bb7b6d6bd63b044952ab981be5b0673144c9834 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-18tls: fix dtls with no workersFlorin Coras4-10/+22
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iecc33fda7f28c037289775ffe0525a50f89a2b8c
2021-05-18session: poll main thread if pending connectsFlorin Coras3-48/+76
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie8a15c50531f3ccd5f91dbc0779e4d9c0d146844
2021-05-18session: only handle old ctrl events per dispatchFlorin Coras1-6/+12
Avoids dispatching ctrl events generated while handling the current pending list. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibeaf901ba4cf58a68fbd88e5ec3c23f6c2f6f145
2021-05-18session: move tx-buffers to tx ctxFlorin Coras2-16/+14
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I10ec410fb7f3acb47128dda23510162dc13b20d0
2021-05-17virtio: add the checks for descriptors chain lenMohsin Kazmi1-0/+23
Type: fix virtio uses indirect descriptors for chain buffers. indirect descriptor chain is mapped on a vlib_buffer_t. Single descriptor is 16 bytes and vlib_buffer_t has 2048 bytes space. So maximum long chain can have 128 (=2048/16) indirect descriptors. This patch adds check to make sure descriptors chain len should not exceed 128. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I060cfb7709568f42c9b5634527172690ce66a1a3
2021-05-16session: rpc for connects to mainFlorin Coras3-5/+88
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifa47e1500e5cfb3c717f87b1d21131b9531c9005
2021-05-15session: fix coverity warningFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I24484a5192d7e683507ed640f75fb37914c0efb0
2021-05-14tcp: remove ho lockFlorin Coras3-13/+0
Half-open sessions are allocated by main thread and cleaned up on main with timers. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I37f000920a45908b62b5501ae9d54a88a9e4c609
2021-05-14vlib: pass node runtime to vlib_buffer_enqueue_to_thread()Damjan Marion7-16/+12
Mechanical change for patch following this one... Type: improvement Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14interface: fix converity in update_runtime_dataMohammed Hawari1-1/+1
Change-Id: I59eb41516b5e052109428ae70660ed49126c25bb Type: fix Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2021-05-14interface: update tx queue runtime if vector size changesDamjan Marion1-1/+5
Fixes issue which causes crash in case when VPP only runs with main thread. Type: fix Change-Id: Ia0ca973bb7e7ff81f15b37764ae248e2502bdcec Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14session: switch ct to vc and track half-opensFlorin Coras5-77/+220
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7f9c4b9b6e523ab549087ad21724f34f08fca793
2021-05-14tls: switch dtls to vc and track half-opensFlorin Coras4-14/+132
Also adds support for half-open support transport migration. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id04c194138956336f93246bbed0332a7030c67e2
2021-05-13interface: fix tx queue runtime updateDamjan Marion1-0/+2
Type: fix Change-Id: I5ce7e57ae277de26af602fe786048bf21b8612f8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-13tests: move test source to vpp/testDave Wallace22-10139/+0
- Generate copyright year and version instead of using hard-coded data Type: refactor Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I6058f5025323b3aa483f5df4a2c4371e27b5914e
2021-05-12flow: fix vxlan vni convert bugChenmin Sun1-2/+2
This patch fixes a vxlan vni field conversion bug in flow api layer Type: fix Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I37b2ffb54792f48b390ff42da577db2c4869d253
2021-05-12tls: switch to vc service and track half-open sessionsFlorin Coras7-19/+78
Half-open tls sessions are now tracked by the app worker and are cleaned up only when tcp cleans up its half-open session, i.e., independent of when the established tls context is allocated. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If5d594d7095192dd527daf4ea1358ffeccdfcc7a
2021-05-12session: return connect session handle to appFlorin Coras6-32/+36
App transports not supported for now. Will have to be updated individually. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I75cb6c4e1c5af008af72858a9ee573016812abd4
2021-05-12session: support half-close connectionliuyacan9-5/+139
Some app(e.g. Envoy) may call shutdown() instead of close() when draining connection. Type: improvement Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I9543b9ca3caa87b10b134fd1fc4019124e41e4d2
2021-05-11ip: ensure ttl doesn't decrease to 0 when puntingAloys Augustin1-0/+2
Change-Id: I248ef12fd34ea2a1c383fbcc530a8ffeb31ba92b Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-05-11interface: tx queue infraDamjan Marion10-50/+485
Type: improvement Change-Id: I415b2f980de10ca3154d2c8677c24792453eccd0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-10misc: fix crash in lawful intercept CLIhemant_mnkcg1-6/+6
Type: fix Signed-off-by: hemant_mnkcg <hemant@mnkcg.com> Change-Id: I097815617053dac09de7ad3092b3d3071770114f
2021-05-10session: use half-open sessions for vc establishmentFlorin Coras9-119/+126
Use half-open sessions to track virtual circuit connection establishment. These sesssions can only be allocated and freed by the thread that allocates half-open connections (main). Consequently, they can only be freed on half-open cleanup notifications from transports. Goal is to simplify state tracking within the session layer but it's also a first step towards allowing builtin apps to track and cleanup outstanding connects. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8a535906d13eb7f8966deb82333839de80f8049f
2021-05-10gso: fix the gro coalesced chain lenMohsin Kazmi1-1/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I86b940384a6898d4cb04f3decf30996c94b43d07
2021-05-08vhost: low performance in interrupt mode in some casesSteven Luong1-35/+19
When vhost and another interface, say tap, are configured for interrupt mode, performance number may be very low from vhost. Further analysis discovers that when vhost posts an interrupt to the RX infra, there is a 10 msec delay in waking up its input routine. The delay is due to vhost posts the interrupt from the main thread which tries to wake up the worker thread. The fix is for vhost to move the posting interrupt call to the corresponding input worker thread by calling vnet_hw_if_set_rx_queue_file_index() to set it up. While at it, streamline the function vhost_user_kickfd_read_ready() since it will be called from the worker thread. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I9beedcd33e1558c8335da4ee7fadc51c29ee4589
2021-05-07session: connects seg manager is always firstFlorin Coras4-79/+23
By convention, connects segment manager will be first. Therefore it will be the one with the first segment wherein lies the app's message queue. Saves us the trouble of allocating it on first connect, if app started by listening, and we no longer need to track if it's assignable to a listener or if it can be removed. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iba9a8ffaab618eeb41ec2144dcfee62d006dc7a2
2021-05-06vlib: rename vl_counter_t to vlib_error_desc_tOle Troan1-1/+1
Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I368b0410db2d633d3c52199c840e24d21952c1b4
2021-05-06memif: add severity to countersOle Troan2-4/+4
Also rename counters in stat segment to make them more filesystem friendly. Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I8a3f3ec318931f5475fcb181f8b4a079a1fa4b9c Signed-off-by: Ole Troan <ot@cisco.com>
2021-05-06vlib: fix the offload flags sizeMohsin Kazmi11-33/+35
Type: fix Change-Id: I433fe3799975fe3ba00fa30226f6e8dae34e88fc Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-05vlib: move offload flags to 1st cacheline in vlib_buffer_tMohsin Kazmi8-19/+18
Type: improvement Some tests i.e. ipsec see performance regression when offload flags are moved to 2nd cacheline. This patch moves them back to 1st cacheline. Change-Id: I6ead45ff6d2c467b0d248f409e27c2ba31758741 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-05misc: ipfix process node wait time adjustmentMatthew Smith2-3/+15
Type: fix The ipfix process node has a hardcoded 5s sleep between sending packets. The interval between template packets is configurable, but the timing of packets being sent does not match configuration because of the time being hardcoded. E.g. - With template interval set to 3s, a packet will be sent every 5s. With template interval set to 8s, a packet will be sent every 10s. Honor the configuration by reducing the wait time to less than 5s if a template will need to be sent less than 5s from the current time. Change-Id: I8c11f7bc502ce5b20b6e82a7e7a135a8805a2bad Signed-off-by: Matthew Smith <mgsmith@netgate.com>