| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
For AES-CBC, the IV must be unpredictable (see NIST SP800-38a Appendix
C). Chaining IVs like is done by ipsecmb and native backends for the
VNET_CRYPTO_OP_FLAG_INIT_IV is fully predictable.
Encrypt a counter as part of the message, making the (predictable)
counter-generated IV unpredictable.
Fixes: VPP-2037
Type: fix
Change-Id: If4f192d62bf97dda553e7573331c75efa11822ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2e2d76661fbb07dd8c6afa3583bb18e01b7a7fb6
(cherry picked from commit 3e2ec42a07ae51aed54e63d05e743a338c666e30)
|
|
Some vhost-backend calculates the wrong checksum in
case of tcp/udp offload when driver resets tcp/udp
checksum field to '0'.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I3c45df487f00d7e3d949b4efb32d7f7e01d1108b
|
|
Type: fix
Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
Change-Id: Ic8db52b41d7e5af3425099f008984e50afb3da74
|
|
Type: fix
Change-Id: Idb6f82e08b29e3805ed2133acb5fd7226148f672
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 9ae3c6a40f268741b87f94a5b75f1b5d1d2128e3)
|
|
Type: fix
Change-Id: I5f550bd6a03f47b829ef99803cb6b9ac86329450
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 39771adc1da61943978c18b58b35dedc9dddc4b0)
|
|
Type: fix
Change-Id: Iefe6b3a1a0a999d89ef9812fc14d31159043e60c
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 508dc51bd075f6bb16862265c0c43e8efb76349c)
|
|
Type: fix
Change-Id: Iab99bc1f6c309fae6eaa714b484274fe7072a4cb
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 17814d74dbbc85573adbf970644caa4b1ac9bbb4)
|
|
Type: fix
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id20f693a5acdee74ab534e9964418973537b977f
(cherry picked from commit c7fd24e30bb5ac68f3c82eafee9dc192289add7f)
|
|
Copy only exactly the data provided by the user even when it is not a
4-bytes multiple.
Type: fix
Change-Id: I2ef987c37e58523a38b46b09227529db2c26aa55
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit c79a14f13a0db6f59123e0e6b0b71d4f24433b01)
|
|
Previously there's a format_ip4_address in format_ip6...
This patch fixes this typo
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ice124db6594720ed35a992d069341f399c331e1d
(cherry picked from commit e30f9c5c6342a0f2430848ec4166b75596642964)
|
|
Type: fix
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I3ace7dfe3ddacb4f7fa7a974a2ffe2b3cf902ff9
(cherry picked from commit 9268b5823fa7a16195f638e5b1f9c54b430f2f3c)
|
|
Type: fix
Fixes: a84cb715f5a4366dd2f32de18ad92bec566924da
Change-Id: Id448d6ae9cfdd3122e8187121c509412835117c5
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit c6eae9c079defa4812270945d614c4598db262d8)
|
|
unformat_ip6_mask wasn't accounting for customized field names
when deciding if it managed to parse at least one field.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I26cab4c6828b510e277079628af5115ac43af3ff
(cherry picked from commit 126c88544103d3775252f741398111875f6a62d7)
|
|
Type: fix
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie358b731f8ecb1fcaebd6e79f5ce5c10802c2814
(cherry picked from commit cc1085647b2ae36e6c086d65b4e81b9f1cf9fc9a)
|
|
Based on the comments in the struct, udp_encap_t_ is meant to span 2
cachelines. Due to the 64 bit alignment of dpo_id_t, the struct spanned
3 cachelines. This caused fetching ue_ip_proto to trigger an additional
cache miss. This patch rearranges the ordering of the struct fields
so that udp_encap_t_ only spans 2 cachelines as intended.
before:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$8 = 128
after:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$1 = 64
Type: fix
Signed-off-by: Vadym Martsynovskyy <vmartsyn@fb.com>
Change-Id: I066c08654d4a8ef3e2d3954e957d4c5d382b209f
(cherry picked from commit 42386fc974148f812ef3eb73ff09a603caa23565)
|
|
Type: fix
Change-Id: I39341f201209931392f315ead5adfddd8b567caf
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit a84cb715f5a4366dd2f32de18ad92bec566924da)
|
|
Add dpo_pool_barrier_sync/release, use them to clean up
thread-unsafe pool expansion cases.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I09299124a25f8d541e3bb4b75375568990e9b911
(cherry picked from commit 26d890eb4b1ab19fea4d2d02bfc6dc89d2c1b771)
|
|
adj_alloc (...) is not thread safe when the adj pool or combined
counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I55710de6ecc083b7434e11798659cca9250c9131
(cherry picked from commit c2d2228e928b7c69dc88e9c3b7502966d0e32d8d)
|
|
load_balance_alloc_i(...) is not thread safe when the
load_balance_pool or combined counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I7f295ed77350d1df0434d5ff461eedafe79131de
(cherry picked from commit 8341f76fd1cd4351961cd8161cfed2814fc55103)
|
|
Use %U and unformat_udp_port instead of %u for unformat() call for
u16 collector_port number in set_ipfix_exporter_command_fn() to
avoid corruption of other variables which can happen if unformat()
with %u is used with a 16-bit variable. This avoids crash due to
corrupted fib_index value.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: Id54273fcc458a7f9c5aa4025aa91711f160c1c1a
(cherry picked from commit 2dca180db989ea7afacdf4e70cc85e4408557382)
|
|
Type: fix
Change-Id: I5601bdeb47d08118476ff7bd29435d2c1dba34b9
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit 04f4d91c9fe6c8d639e28edb5dd3df2c82f92428)
|
|
Type: fix
Change-Id: I8890aa5cc3c576fc9fb68735549dfab721714310
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit dcd4aa2110e274f9185e1e5b47ec22d66cc23136)
|
|
Type: fix
when the interpose is on an adj-fib and the cover is removed the adj
source will not install. this lead to no path list being found for the
interpose source and a crash. pick a drop path list in this case.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ied217da043926c913657080f5ffb151201225d23
(cherry picked from commit 1bf6df4ff9c83bac1fc329a4b5c4d7061f13720a)
|
|
Cleanup L2/L3 mode switch to not redirect to/from ethernet-input node
as it is no longer necessary.
L2 patch should use sw_if_index for device feature enable/disable.
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I0f24161d027b07c188fd1e05276146f94c075710
(cherry picked from commit f415a3b53a51b261d08cc3312c25f250d6bc1bd6)
|
|
Type: fix
Change-Id: Id6687780b9a740323bd2eef58447864e70dc0235
Signed-off-by: Ignas Bacius <ignas@noia.network>
(cherry picked from commit f3a522fb3f3a82e579fbdd3f4bb94e399ad95bb1)
|
|
Calling ethernet_set_flags() to switch interface to/from promiscuous
mode must use use hw_if_index instead of sw_if_index.
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I72da286b913893227e32193ee11fbbc56e04804d
(cherry picked from commit 5b960c60f61c937d0f862be8a7573922b616de75)
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I84ec1c91a3a7b2195aad58923fa6f17f551444cb
(cherry picked from commit f2fe353cc829f2074d63ebba9bb3b25e5ceb20af)
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I20daa023eed50f8b42e8dc2d17e47a54aa16ae31
(cherry picked from commit 13f64ce2272539d97b8c499e8e298a053fb3c9e2)
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I51660e4b02f449bd2db12a8cfd395c6c343d2dee
(cherry picked from commit c72950e811880c22e5b350c4b1cb5e31b0735b4d)
|
|
When use the kv->v.memory_owner_thread_index as the index to get the
reass in pool, maybe this element is freed by the owner thread because
of timeout, too many fragments, and so on.
So we should check if do_handoff with kv->v.memory_owner_thread_index
before get the reass from pool.
Type: fix
Signed-off-by: Gao Feng <davidfgao@tencent.com>
Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09
(cherry picked from commit 9165e0365cc21575fd3e4a98be59317a839553f4)
|
|
Type: fix
Use the up parameter in vnet_netlink_set_link_state(). It was
ignoring the parameter and always setting IFF_UP on an interface.
Change-Id: I0d44406d982afbdc43bc6b26d0f22c0bdd47abdc
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 81284163a293759bc5c2d6a124639c6796589d15)
|
|
Extending the fib_index_to_table_index could leave entries uninitialized,
pointing to the session tables at index 0. That session index exists by
default, but it is a IPv4 session table. That would break all IPv6 on
the unitilized fib indexes.
Type: fix
Change-Id: Ie3f0a87a7f829ceb39f75ec06658b0ad1d3813ae
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
(cherry picked from commit 30a28c187b0eb9216d5d7918712d98a4b7a5ba6a)
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I98f943c8862fa74fb576f9ec1fb9186289b1216b
(cherry picked from commit c17ff6ec3b69ef228047bf346e0b524c48d2c96e)
|
|
bts can be freed by the call to bt_fix_overlapped(). Save flags for
later use.
Type: fix
Change-Id: If8b48c96ce39e38f2ed7f4db2815122523eb2e05
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit a04adbf5368f9ec907508ff36d42fbd72d287120)
|
|
Type: fix
Change-Id: Ia5ae0e893a5358f61353d20f444d88d79953e482
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit b9753540d2a69bbab807653fc3d0c1b43ec4d6d5)
|
|
Type: fix
Change-Id: Ie60b07abe76ad166f048f5885accd7038d8153b2
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 7ce23f25bbc01d534ca294ce88ab0d709e3e03a7)
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iba37e528e968104c3ba9c8324438ba695ddddfd1
(cherry picked from commit da302e4fce1003a2fdd2ace7e1ae09987399092c)
|
|
Type: fix
Change-Id: I42c3e3514ba50d40e09ee688d083f3e78fa0713a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 101fc278c3b7009c42574a25b96c4fb7fcd15e39)
|
|
Type: fix
Change-Id: Ie7081d977dd0d3e7d09bc0d1b4d53863288e443b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 95eb01fdc65b692065ace6d76870d8cc9f3e2c84)
|
|
The vector is initialized to 1024 entries which is guaranteed to be
enough, but as its size can shrink between calls, make sure ASan is
aware of the expected size before using it.
Type: fix
Change-Id: I4bcc39867a886b3cb463854d2cda0b32155650e9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 77100efb37f7cb333f9ab55dc206bf1431e3ae50)
|
|
Type: fix
Avoids unwanted notifications.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifff27fb0d3644194e3bb3f91d7ed1fd02c6730cd
(cherry picked from commit 77ea42b31ae12f0aef829097225e353199360f30)
|
|
Type: fix
Signed-off-by: ShivaShankarK <shivaashankar1204@gmail.com>
Change-Id: Iee88a2101ce42d7f1cdb65df532c349d14829e4c
(cherry picked from commit 35acaac1843839f94e9bd40ad45a8d170a155f22)
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie0c5a86aedfa38fdcbb835aee7c9e91d59b222d6
(cherry picked from commit bc1a1a7347d689aa7043d4d7f15a7db657230216)
|
|
Type: fix
Signed-off-by: ShivaShankarK <shivaashankar1204@gmail.com>
Change-Id: I193023705003e664c50487fdfaa42b813604a078
(cherry picked from commit ae9c45938bdf6e180f83f02aed31113e60db20a9)
|
|
If vlib_buffer_clone (...) fails due to a buffer allocation error, update
*n_dispatched with the actual number of clones, not the requested
number of clones.
Punt_replicate(...) should not set *to_next[0] = bi0. The original
buffer is enqueued separately in punt_dispatch_node(...)
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I774ad8f8c1a0633de4cf8ae5530629201c229347
(cherry picked from commit 1adc7e78ad3eb7e800d0ce3ace56f53ab7aebffe)
|
|
Along with related static analysis warnings...
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2c6949c7a2250b8f76a63508c7c210daecfe0f91
(cherry picked from commit 3e07a4a1e843267892dc291a833d93bd70597011)
|
|
This prevents a crash with quic listeners, and enables the display
of udp fifo status.
Change-Id: Ib9f48818ee3e51a3fa43ad8ab175e8aa7750df8f
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
(cherry picked from commit 6eef40bce3f5ae2b06ba75d5b4cf32f168a801e4)
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3f34011ca61ded310d0411e7b50548982bd164ac
(cherry picked from commit 936197467aac08b7620c9cb0614817b90466968e)
|
|
Type: fix
The data populated into an ipsec_tunnel_protect_details message includes
an outbound SA and a list of inbound SAs for a tunnel interface. These
are populated with SA indices. The values used by an API client
to refer to an SA in other messages is the SA id rather than the index.
Use the SA id instead of the index.
Change-Id: Ifaad32801092a7f87bd0dcf19de418d36613f8dd
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 5cee0bca5d0f01d3f26e90dee79780382e843d04)
|
Benoît Ganne
Florin Coras
Steven Luong
Milan Lenco
Chenmin Sun
jiangxiaoming
Mohsin Kazmi
Dave Barach
Ryujiro Shibuya
Vadym Martsynovskyy
Elias Rudberg
Neale Ranns
John Lo
Ignas Bacius
Gao Feng
Matthew Smith
Andreas Schultz
ShivaShankarK
Aloys Augustin