| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Type: fix
From kernel 4.20, xdp support has been added in tun_sendmsg.
If sndbuf == INT_MAX, kernel executes xdp data path
for tun driver which assumes packets are ethernet frames.
This patch is avoiding the xdp data path in kernel by setting
the sendbuf value < INT_MAX.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ia4aa54b177b96d56a2d513d18d26ca01d5b88929
(cherry picked from commit 4834a66b7b3ef73e486c40ea9d8e36cc2e09c473)
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ifeae641ec0aa7de74e33e582234505bf6e28ca87
(cherry picked from commit add4a412d1f5271be21f99fe15a93cb73c38b833)
|
|
Type: fix
Change-Id: I4f91175444dec9800d651aa5a5e0472359de63d1
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit ec1d61efe6d01a1a687f39e57a601ac693833b07)
|
|
Cleanup L2/L3 mode switch to not redirect to/from ethernet-input node
as it is no longer necessary.
L2 patch should use sw_if_index for device feature enable/disable.
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I0f24161d027b07c188fd1e05276146f94c075710
(cherry picked from commit f415a3b53a51b261d08cc3312c25f250d6bc1bd6)
|
|
vppinfra source files MUST NOT #include <vlib/vlib.h>, <vnet/vnet.h>
or similar. Move mpcap_add_packet(...), mpcap_add_buffer(...) to a new
file: src/vnet/mpcap.h.
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Id517aef6fe49b618f853ce32940b91ba45a1e60d
(cherry picked from commit 2a41919e39d4672f76a654f30be9c2093cef4fad)
|
|
Request connected udp listener behavior by setting
VPPCOM_ATTR_SET_CONNECTED attribute with vppcom_session_attr
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iba95155c0f41cea8c6e1a4263946270d49c213ac
(cherry picked from commit 1e96617d952e2d5d8cc367a226702f8f825ed039)
|
|
Type: fix
Change-Id: Ic3fc488521636f7f7c9402a20db45fdb599adaae
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit be03b5c15598131355da91967d05321c15fa1f24)
|
|
Type: fix
the hash walk does not give the same guarantees as the bihash so
walk in a safe manner.
Change-Id: Idfe48c3a84ab3a341d887f7d196bc81ba34ae8b0
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 22391fa92b95ee0376eb372450d6315523c8a9ae)
|
|
Fix and optimize DMAC check in ethernet-input node to utilize NIC or
driver which support L3 DMAC-filtering mode so that DMAC check can be
bypassed safely for interfaces/sub-interfaces in L3 mode.
Checking of interface in L3-DMAC-filtering state to avoid DMAC check
require the following:
a) Fix interface driver init sequence for devices which supports L3
DMAC-filtering to indicate its capability and initialize interface
to L3 DMAC-filtering state.
b) Fix ethernet_set_flags() function and its associated callback
flags_change() functions registered by various drivers in interface
infra to provide proper L3 DMAC filtering status.
Maintain interface/sub-interface L3 config count so DMAC checks can be
bypassed if L3 forwarding is not setup on any main/sub-interfaces.
Type: fix
Ticket: VPP-1868
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I204d90459c13e9e486cfcba4e64e3d479bc9f2ae
(cherry picked from commit 4a302ee7c75f3d4fd1a73a9d1f6c34b3bde8d620)
|
|
Type: fix
adding routes should be MP safe. When new prefixes with differrent
prefix lengths are added, adjust the sorted list in an MP safe way.
Change-Id: Ib73a3c84d01eb86d17f8e79ea2bd2505dd9afb3d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
we can probably do better, but for now this is needed
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I07161f5ac07a70a0e6db6608ba31659d9bc2c9ed
|
|
Type: fix
when the interpose is on an adj-fib and the cover is removed the adj
source will not install. this lead to no path list being found for the
interpose source and a crash. pick a drop path list in this case.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ied217da043926c913657080f5ffb151201225d23
|
|
Type: improvement
a bihash per-interface used too much memory.
Change-Id: I447bb66c0907e1632fa5d886a3600e518663c39e
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 20aec3db441074ee5a861a40d6e02fad2f3dcb37)
|
|
Type: fix
Fixes: 487507f
Ticket: VPP-1879
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia9813ae09d14111dc8edac0fa6ab082e13ab6e2e
(cherry picked from commit 3b9540966f877ae67d374cab334c31bd6e3f8c8b)
|
|
In case there is no free space in first buffer for ICV and footer,
additional buffer will be added, but esp_encrypt will stay in single
buffer mode.
The issue happens for the following payload sizes:
- TCP packets with payload 1992
- ICMP packets with payload 2004
This fix moves the single/chained buffer ops selection to after
esp_add_footer_and_icv call.
Type: fix
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com>
Change-Id: Ic5ceba418f738933f96edb3e489ca2d149033b79
(cherry picked from commit fdca4dd1a1a817e65bf44e435261d893fc0c51d6)
|
|
Type: fix
Change-Id: Idf7c80b7d81f796bd0512bca4276bcfcf2af241a
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit fc74697ed3b45499027b272332af786e8e7917bb)
|
|
Type: fix
Signed-off-by: Ye donggang <yedg@wangsu.com>
Change-Id: Ia9f72ff2be455ecd4ff3d16e884c5a50f9df69fe
(cherry picked from commit dbd366b239c0506b0d9984e7481967e038f10a23)
|
|
Removing the comments around eid_type which seem to have been overlooked
by the original patch https://gerrit.fd.io/r/c/vpp/+/24663.
NOTE: This patch is a doc-only change. It does two things:
1. Remove comments around obsolete eid_type type
2. Update the comments to reflect the new vl_api_eid_t type
This is to ensure correct documentation is displayed to user/reader of
VPP docs in 20.05.
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I48e1993cf8869cb32e159d1956f3ec1e5943e33f
(cherry picked from commit 4ab5190eb4167ac4c06cd649ec8a860784ab1d41)
|
|
Swap byte order for fields of type vl_api_rx_mode_t.
Ticket: VPP-1871
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ia1745257b57209d41661d38067e0dd7618f9a9b9
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
(cherry picked from commit aefcd1a3579ec2c93f606b151d563d87ea211387)
|
|
Type: fix
Ticket: VPP-1874
Seems clang needs explicit casting to u64 of u64 and f64 multiplication
before truncating to u32
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib0d7a33d4c5e68577e401e854fc3e55e0723da93
(cherry picked from commit 17b5c3d6ab83a597e7c79613041f2fd7470825bd)
|
|
Calling ethernet_set_flags() to switch interface to/from promiscuous
mode must use use hw_if_index instead of sw_if_index.
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I72da286b913893227e32193ee11fbbc56e04804d
|
|
Type: fix
... it's not a feature anymore
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ifbcaf7d832aa76336feb0556d0dc7d2002f19c35
|
|
Type: fix
In quad loop, checksum will be calculated for all four packets,
if one packet needs checksum computation, without respecting their
respective flags. This patch fixes it.
Change-Id: I479b420ba0dcbd178ea4180bf05a0e55a6b13843
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
it is possible for a user to change the end node of a feature arc, but
this change should only apply to that 'instnace' of the arc, not all
arcs. for example, if a tunnel has its ipx-output end node changed to
adj-midchain-tx, this shouldn't affect all ipx-output arcs. obviously...
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I41daea7ba6907963e42140307d065c8bcfdcb585
|
|
Type: fix
Only add GSO and Checksum offload flags when gso is
enabled.
Change-Id: I58945a4ffbb9a0e6a8640fc01424c63feef16306
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: feature
the es4-encrypt and esp6-encrypt nodes need to be siblings so they both have the same edges for the DPO on which the tunnel mode SA stacks.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I2126589135a1df6c95ee14503dfde9ff406df60a
|
|
Type: fix
Change-Id: I14e323e7bb1db7a3d40668212535c07504374e59
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I84ec1c91a3a7b2195aad58923fa6f17f551444cb
|
|
Fix the issue that vppctl show ip4{6} neighbor [interface] command can't
show entries correctly, example: both ip4 and ip6 entries can be shown
with command:
vppctl show ip4 neighbor.
Type: fix
Signed-off-by: Michael Yu <michael.a.yu@nokia-sbell.com>
Change-Id: I229368b71cd285adce994c8290cc9d7e4c4f5aa6
Signed-off-by: Michael Yu <michael.a.yu@nokia-sbell.com>
|
|
Type: fix
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
Change-Id: I617fb365def22a28d48f75013dea38f8e1703a44
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I20daa023eed50f8b42e8dc2d17e47a54aa16ae31
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4ac923fda84feee8d2ad76d0c3e3a252f53008ed
|
|
Type: docs
Change-Id: I9b5e5137eb4c1e89f6e8d7a278cd11a0fd496471
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Fix coverity issues in crypto framework and cryptodev
engine.
Type: fix
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Ib261da0163c8182c803600db22c5a6dad5a19999
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I51660e4b02f449bd2db12a8cfd395c6c343d2dee
|
|
Type: feature
thus allowing NAT traversal,
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: style
Change-Id: Iccd2c205059abcdf121093ff03da603fe3dda1f7
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Add an IP_ROUTE_LOOKUP function that does either an exact match or
longest prefix match in a given fib table for a given prefix
returning the match if present.
Add API test.
Type: improvement
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-ID: I67ec5a61079f4acf1349a9c646185f91f5f11806
|
|
Type: feature
Change-Id: I37752af8496e0042a1da91124f3d94216b39ff11
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Binary API message handlers need to check sw_if_index
values.
Found in binary api fuzz testing.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I51e717e9260e58a4c36d4d95981fd001be594fed
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
|
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I70c63db91c3512fb724bba4762e3ca1e369ca421
|
|
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.
The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.
Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.
Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".
Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).
Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
|
|
Type: refactor
This patch refactor the existing flags and also add a new
flag for packet coalescing.
Change-Id: Ic826e4c81313f26d87c475cdf666b06cbed60a3a
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: I5e1f7c37d612f4666edf2262b457ae0e13f20791
Signed-off-by: Ruslan Babayev <ruslan@babayev.com>
|
|
Type: feature
Change-Id: I6f607f383dc77a71e8712124f7613b38b4ac065a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ibf468970b56fc6bf8d5fb6ba491dd3e727464fc0
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie4b2bca3b6b0ca6097152aab232991ca7935e442
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1585af9e4f4273f055aed824b133ddc8eddd1df7
|
Mohsin Kazmi
John Lo
Dave Barach
Florin Coras
Neale Ranns
PiotrX Kleski
yedg
Onong Tayeng
Jakub Grajciar
Filip Varga
Michael Yu
Zhiyong Yang
Paul Vinciguerra
Fan Zhang
Vratko Polak
Christian Hopps
Ruslan Babayev