aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-12-09ipsec: make sure pad_bytes does not exceed pad data sizeBenoît Ganne1-1/+5
This helps GCC understand the memcpy will not overflow pad_data. GCC-6 (default on Debian 9) in particular got confused. Type: fix Change-Id: I176eb01531b9d5c7ebec40f015e510b2d56e77c4 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-12-08ip: coverity fixjohny1-8/+6
Delete Null-checking "p0" in function ip6_tcp_udp_icmp_bad_length, because it's not necessary. Type: fix Signed-off-by: johny <jan.cavojsky@pantheon.tech> Change-Id: I2bf43a60c1c1d76e42581df27f2285c9e9563093
2019-12-06gso: fix the tap/virtio driver for header offsetMohsin Kazmi2-2/+49
Type: fix Change-Id: Ied34466907fa8ad44f997c600dbf481be4d22027 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-12-06session: close for reset replies independent of stateFlorin Coras1-2/+2
Type: fix Change-Id: I8b8875f1dc9203dfbb443ac43df8250cbb0b1edc Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-12-06tcp: fix tail rescue with sacksFlorin Coras1-5/+7
Type: fix Change-Id: Iad73f47cef3d29c4b0b7d1f58f2f2b14ba4b1d38 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-12-05classify: vpp packet tracer supportDave Barach1-32/+119
Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36
2019-12-05ip: fix cancel termination after receive malformed ip6 packetjohny2-5/+68
This fix is for cancel termination of vpp after receive malformed packet type of ip6.To avoid termination of vpp are checked if are missing data in packet. This occours, when payload length in ip6 header packet is more than real count of data in packet. When this error occours, packet is ignore. Type: fix Ticket: VPP-1693, VPP-1694 Change-Id: I9d9ecea7b75c8702cb31aa8051c8d4d7ce19659d Signed-off-by: johny <jan.cavojsky@pantheon.tech>
2019-12-05srv6-mobileTetsuya Murakami3-18/+258
Type: feature Plug-in for IPv6 Segment Routing Mobile Support the plug-in function in SR Policy. Support GTP4.D plug-in as SR Policy plug-in. Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: I306160b7203921d879940193868944158867c482
2019-12-05classify: Fix 2 coverity errorsJon Loeliger1-0/+8
Validate two tainted scalars, filter_sw_if_index, that came from an API message. Type: fix Change-Id: I3ac8a09f91f380185e36babeaa6330691f7cb24b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-12-05vxlan: fix vxlan hw offload issueChenmin Sun1-1/+3
Type: fix Since Vxlan hw offload jumps the ethernet-input node, so needs to adjust the data offset accordingly In original code, the current_data is 0 when arriving vxlan-flow-input node(due to no graph node before it, except the dpdk-input), so this code block cannot find the correct vxlan header: enum { payload_offset = sizeof (ip4_vxlan_header_t) }; vlib_buffer_advance (b0, payload_offset); see code in src/vnet/vxlan/decap.c, function vxlan4_flow_input_node This patch fixes this issue Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Iab4af7a7dc3b69a117a4c9ea1c59662669a6438c
2019-12-05session: fix session_main_get_worker_if_validNathan Skrzypczak1-1/+1
Type: fix Change-Id: Ie024792015f3c9c52102c9be03da63c79f3456af Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-12-05gso: add protocol header parserMohsin Kazmi6-90/+149
Type: feature Change-Id: I7c6be2b96d19f82be237f6159944f3164ea512d0 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-12-04fib: Decouple source from priority and behaviourNeale Ranns25-378/+752
Type: feature the fib_source_t enum alone no longer defines the priority and behaviour, instead each source must be allocated these attributes. This allows the creation of other sources by the plugins (and soon over the API). Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I890ee820fbc16079ee417ea1fbc163192806e853
2019-12-04gre: Multi-point interfacesNeale Ranns14-119/+916
Type: feature Change-Id: I0129ad6ace44a50a8a3b26db8e445cd06b2b49e8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-04gso: remove the interface countMohsin Kazmi9-51/+14
Type: refactor Change-Id: I51405b9d09fb6fb03d08569369fdd4e11c647908 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-12-04ip6: Fix improper MCAST adj test in IPv6 router solicitationJon Loeliger1-1/+1
Type: fix Fixes: cb9cadad578297ffd78fa8a33670bdf1ab669e7e Change-Id: Id6de9780da41db5d762fe042f533cfaf21ed7b73 Reported-by: Rajith PR <rajith@rtbrick.com> Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-12-04ip: populate ip_reassembly_get_reply correctlyMatthew Smith1-3/+4
Type: fix Fixes: de34c35fc The API handler for requests to retrieve IP reassembly settings was modified to support shallow virtual reassembly. It retrieves settings into local variables now instead of directly into the reply message. The fields in the reply message were not being populated using those variables. So the reply message was being sent with all 0's, except in the is_ip6 field. Also, the max_reassembly length field in the reply message was not being populated. Change-Id: I80b071340fdc190c3a0b1f7294a03f14b6e00ecc Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-12-03fib: constify the adjacency in the rewrite nodesNeale Ranns9-17/+19
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3aad20b35d89fc541fdf185096d71ca12b09a6e2
2019-12-03ipip: Tunnel flags controlling copying data to/from payload/encapNeale Ranns17-40/+414
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9467f11775936754406892b8e9e275f989ac9b30
2019-12-03fib feature: Code mechanics to decouple dependency of feature on adjNeale Ranns4-10/+42
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I1d8b88fe1eefc850865297b4f025b97e6373a6bd
2019-12-03classify: API cleanupJakub Grajciar2-54/+94
Use consistent API types. Type: fix Change-Id: Ib5b1efa76f0a9cecc0bc146f8f8a47c2442fc1db Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-03ipsec: Changes to make ipsec encoder/decoders reusable by the pluginsPrashant Maheshwari7-255/+368
Type: fix Signed-off-by: Prashant Maheshwari <pmahesh2@cisco.com> Change-Id: I81b937fc8cfec36f8fb5de711ffbb02f23f3664e Signed-off-by: Prashant Maheshwari <pmahesh2@cisco.com>
2019-12-02bonding: add/del secondary mac address callbackMatthew Smith2-0/+77
Type: feature Add a callback to the bond device class which allows a secondary mac address to be added/deleted. The desired operation is performed on all the hardware interfaces which belong to the bond interface. This allows virtual MAC addresses to be used on bond interfaces without requiring the hardware interfaces to have promiscuous mode enabled. When a hardware interface is added or removed from a bond, if there are any secondary MAC addresses configured on the bond, they are added or removed from the hardware interface. Change-Id: If9488078b4d7869ecc56ef6853f3cc9891211860 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-11-29session: no cleanup notification for forced deletesFlorin Coras1-1/+2
Type: refactor Change-Id: Ib36cc3f1173d093e9050f9fecda343df2aa3dc1f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-29classify: debug cli %v not %sDave Barach1-2/+2
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I294f0b773375f6dce020b771db0726ceb5d812cc
2019-11-27ip: init l3_hdr_offset when pushing an ip4 headerFlorin Coras1-6/+4
Type: fix Change-Id: I87503b9a981724b1f3ff1c45a4a5f7a43024ca76 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-27misc: add address sanitizer heap instrumentationBenoît Ganne2-8/+4
Introduce AddressSanitizer support: https://github.com/google/sanitizers/ This starts with heap instrumentation. vlib_buffer, bihash and stack instrumentation should follow. Type: feature Change-Id: I7f20e235b2f79db72efd0e756f22c75f717a9884 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-11-26fib: Fix crash on cover update to non activated adj sourceNeale Ranns1-7/+11
if the adj source is not active then there is no existing cover during a cover update Type: fix Ticket: VPP-1803 Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie912f1c99345de4fb012bdcd97b443098d4a7351
2019-11-26quic: Refactor for crypto contextsNathan Skrzypczak3-3/+3
Type: refactor Change-Id: I5ec7079d34826edd7a3048ae1d44037386f5d3ff Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-26flow: fix several crash issuesChenmin Sun1-0/+6
Type: fix This patch fixes crash issues(marked in brackets) in the below test cases test flow enable index 0 1/1 -> [crash] test flow disable index 0 1/1 -> [crash] test flow add src-ip 192.168.8.8 proto udp redirect-to-queue 8 test flow enable index 0 1/1 test flow disable index 0 1/1 - [crash] test flow add src-ip 192.168.8.8 proto udp redirect-to-queue 8 test flow enable index 0 1/1 test flow enable index 0 1/2 test flow del index 0 -> [crash] Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I84bc6faa3d93a2cab4c82e8a876a8b1067257b62
2019-11-26fib: reduce save_rewrite_length to u8Klement Sekera6-12/+24
This is a preparation step for migrating NAT to use SVR (shallow virtual reassembly) to conserve space in vnet_buffer. Since max rewrite length is currently pre-data size (128), u8 is sufficient to hold that value. Type: refactor Change-Id: I5374bb396e178245b870cb0bbf1370d2a54230bc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-11-26fib: Another realloc burnNeale Ranns1-5/+13
Type: fix harmless this time since it only affects the debug statement, but it still crashes an ASAN image. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie02e7fe3014b98b9f8c83447f59017a380ab3948
2019-11-26misc: add gdb helpers for vlib buffersBenoît Ganne1-0/+27
Type: feature Change-Id: I7e619040857310fffd33c355f6c491a55f7a4a02 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-11-26ethernet: all dmac checks include secondary addrsMatthew Smith1-19/+106
Type: feature In ethernet_input_inline(), when verifying that the destination mac address on a received packet matches the mac address of the interface where the packet was received, check the secondary addresses on the interface if the primary address does not match. This was done previously for eth_input_single_int(). Change-Id: I45716184dd789d83852271f9c79cedf5f6cbf75b Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-11-26fib: Table ReplaceNeale Ranns21-219/+666
Type: feature from the API doc, a table replace is: " The use-case is that, for some unspecified reason, the control plane has a very different set of entries it wants in the table than VPP currently has. The CP would thus like to 'replace' VPP's current table only by specifying what the new set of entries shall be, i.e. it is not going to delete anything that already eixts. the CP delcartes the start of this procedure with this begin_replace API Call, and when it has populated all the entries it wants, it calls the below end_replace API. From this point on it is of coursce free to add and delete entries as usual. The underlying mechanism by which VPP implements this replace is purposefully left unspecified. " In the FIB, the algorithm is implemented using mark and sweep. Algorithm goes: 1) replace_begin: this marks all the entries in that table as 'stale' 2) download all the entries that should be in this table - this clears the stale flag on those entries 3) signal the table converged: ip_table_replace_end - this removes all entries that are still stale this procedure can be used when an agent first connects to VPP, as an alternative to dump and diff state reconciliation. Change-Id: I168edec10cf7670866076b129ebfe6149ea8222e Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-11-25tap: fix coverity warning 205875Andrew Yourtchenko1-1/+6
check the return result from fcntl, and if error, behave the same way the expansion of _IOCTL macro does. Type: fix Change-Id: I6d537d1bdedae64470612aef64b46e07387fe84b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-11-25tcp: honor cc pacing rate when resetting pacerFlorin Coras1-2/+3
Type: fix Change-Id: I36558b67d38266def9dfe45777d9757a33ce2569 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-25tcp: invalidate expired timer handles before dispatchingFlorin Coras3-25/+29
Type: fix Change-Id: Icc8cd05cb9c1844a9f8b0399797ad554f4ccf1a1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-25vlib: autogenerate <node> before <last-in-arc> constraintsDave Barach4-1/+25
If an arc declaration includes '.last_in_arc = "some-node"', assume that folks mean it and add explicit ordering constraints. Fix the "arp" arc declaration which claimed that the arc ends at arp-disabled, but the arc really ends at error-drop. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ie2de1fb30091671cbc7c62770903a2e05987f141
2019-11-22papi: support default for type alias decaying to basetypeOle Troan1-1/+1
Add PAPI support for VppTypeAlias decaying to BaseType. E.g vl_api_interface_index_t sw_if_index [default=0xffffffff] Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I2061392157c9c11fbb0ff9e5406ea65489b017e9
2019-11-22ipsec: fix trailing data overflowFilip Tehlar1-23/+21
IPsec writes trailing data at the end of the buffer without checking if there is enough space. If the packet length equals buffer size this leads to rewiting of the next buffer header in the pool. Type: fix Change-Id: Iceb27bb724c7243863a4b532aad0808051b7d74c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-11-21tcp: add no csum offload config optionFlorin Coras3-25/+20
Type: feature Change-Id: I77b3ee74229f3c85e99f74bf9000cb5aedbc1760 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-20session tcp: support pacer idle timeoutsFlorin Coras8-110/+87
Type: feature To avoid excessive bursts, pacer must be provided with an estimated rtt for the connection. That's used to compute an idle timeout, i.e., time after which the bucket is reset to 1 mtu due to inactivity. For now, idle timeout is computed as 5% of the rtt. Change-Id: Ia0b752fe7b4ad0ce97b477fb886b0133a2321541 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-20classify: per-interface rx/tx pcap capture filtersDave Barach2-3/+22
Finish the feature, and fix a couple of doc bugs Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2c62745fda137776204c8fc4fca0e7e288051573
2019-11-20ipsec: Honour the renumber argument when selecting show instnaceNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: If41f154c354772f5b32cfd35ea231b8f59c2c0c5
2019-11-20flow: Add GTP supportChenmin Sun2-18/+254
Type: feature Adding: VNET_FLOW_TYPE_IP4_GTPC VNET_FLOW_TYPE_IP4_GTPU VNET_FLOW_TYPE_IP4_GTPU_IP4 VNET_FLOW_TYPE_IP4_GTPU_IP6 VNET_FLOW_TYPE_IP6_GTPC VNET_FLOW_TYPE_IP6_GTPU VNET_FLOW_TYPE_IP6_GTPU_IP4 VNET_FLOW_TYPE_IP6_GTPU_IP6 in this patch Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I4ad53895b5ac0771432bb039b8c79e48e3c19f25
2019-11-20tap: multiqueue supportDamjan Marion5-161/+261
Type: feature Change-Id: I7dcc8c6911d02729b3bda1b3a21a211c82c3b949 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-11-20virtio: fix use-after-freeBenoît Ganne1-1/+1
Type: fix Change-Id: Ic67d9da65d937f56ecf994a5504c6351624b32ff Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-11-20session tcp: add opaque data to show cliFlorin Coras2-2/+5
Type: feature Change-Id: Iac8d4ed4997c4fce802589585e6a9424957152ca Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-20session: fix transport proto unformatFlorin Coras1-4/+33
Type: fix Change-Id: I38a5cbd53b278c21142bac4ee1bbe5dc8bcaaac9 Signed-off-by: Florin Coras <fcoras@cisco.com>