Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
Previously multiple sw crypto scheduler queues per core design
caused unaverage frame processing rate for each async op ID –
the lower the op ID is the highly likely they are processed first.
For example, when a RX core is feeding both encryption and
decryption jobs of the same crypto algorithm to the queues at a
high rate, in the mean time the crypto cores have no enough
cycles to process all: the jobs in the decryption queue are less
likely being processed, causing packet drop.
To improve the situation this patch makes every core only owning
a two queues, one for encrypt operations and one for decrypt.
The queue is changed either after checking each core
or after founding a frame to process.
All crypto jobs with different algorithm are pushed to
thoses queues and are treated evenly.
In addition, the crypto async infra now uses unified dequeue handler,
one per engine. Only the active engine will be registered its
dequeue handler in crypto main.
Signed-off-by: DariuszX Kazimierski <dariuszx.kazimierski@intel.com>
Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Jakub Wysocki <jakubx.wysocki@intel.com>
Change-Id: I517ee8e31633980de5e0dd4b05e1d5db5dea760e
|
|
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8734c72cf15533d6614fbeb53b95c824dbd251a9
|
|
Type: refactor
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I92496501360ee073795206bde87f4731a5ce074c
|
|
the receive dpo added by tcp src-address cli do not have a valid sw_if_index ,
ip4_local_check_src() and tcp_input_lookup_buffer() will set ~0 to vnet_buffer(b)->sw_if_index[VLIB_RX],
which will cause crash in tcp46_reset_inline,
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: Ie01c31f3575e14187c6380ebcfff96fcb6098cde
|
|
Type: improvement
Change-Id: Ib39478a2e6991d721c4ba3ea61c97bfb07238016
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
fix ipv4 key uninitialized in local_endpoints_table,
which will cause transport_endpoint_cleanup() failed
to lookup the endpoint and can not delete it,
as for ipv6, clib_memcpy_fast() will change all bytes of lcl_addr
and there maybe no need to initalize,
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I56676493a393b1d64eaa438224e256094ca75d2f
|
|
Simplifies allocation of fifos as fifo segment and segment manager
indices can be set at alloc time.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibd357b3ff0279d8deefcdcb17010b4068007ccb7
|
|
Avoid scenarios where a worker allocates a segment but while it drops
the segment manager writer lock and acquires the reader lock another
worker uses the segment and frees it.
Type: fix
Thanks to wanghanlin@corp.netease.com for the report.
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0a88d738c51b33fd07c34916f125c98806861a06
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I0432dd0209f9c7702a8497161e21e178ee243bb1
|
|
Type: fix
Presently a local label associated with an attached or connected prefix will link to the glean. This is a problem since it will never use the adj-fibs that are installed for that attached prefix. Instead link the local label to a lookup in the table in which the attached link is bound.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Iad49fb6168b9ba47216a9a52bd262363b49c3c43
|
|
RPCs are not associated to sessions.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6b7870a3ebc2e8f32a6c1b10e2552d9e074c7eb3
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5d669fcba609bcdb35103f57c45e0a270213d84a
|
|
There could be a race condition where two fragments of one chain end up
at the same time on different workers, one overwriting others hash
entry. Add a check for that and restart processing on the unlucky worker
who ends up being second from hash table POV. This will then result in a
proper handover to worker now owning this reassembly.
Type: fix
Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
|
|
Type: fix
IPv6 link-local FIB entries are never needed for attached export.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I08aad78e754d89ad54d07a211fb7a0d7fbc7a0fe
|
|
ip6_get_link_local_address() may return NULL if the local interface
is not (or not yet) configured
Type: fix
Signed-off-by: Frédéric Perrin <fred@fperrin.net>
Change-Id: I42bf2081582c4a36fa4e32145ca2f0ff73488110
|
|
Detect mq congestion and handle it by queueing messages in a fifo and
postponing handling via rpcs. App workers with congested mqs cannot
accept nor connect additional sessions.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I401d971a1a53896758b88fc60f158cbc31e0c7cb
|
|
Type: improvement
Change-Id: I337ec63d0868f665329d68eadf1744e080b73a0d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
This adds an interface CLI 'monitor
interface <interface>' that periodically
reports rx/tx pps & bandwidth for a
given interface.
Type: feature
Change-Id: Ia9d59b3443913520a52b38d7bda012190be6f167
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Configure a vxlan tunnel using this CLI and then assign an ip address to
the vxlan tunnel cause VPP to crash immediately
create vxlan tunnel src x.x.x.x dst y.y.y.y vni 1000 decap-next node ethernet-input l3
set interface ip address vxlan_tunnel0 z.z.z.z/24
It looks like when l3 mode is configured, the code calls the wrong function
to register the interface
Type: fix
Fixes: 3e38422ab905d26ab1625c74268e30c94327ea54
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ie1a08efc028f37fb528a7dfd7048ff6836bb8ddc
|
|
When a message is received, verify that it's sufficiently large to
accomodate any VLAs within message. To do that, we need a way to
calculate message size including any VLAs. This patch adds such
funcionality to vppapigen and necessary C code to use those to validate
message size on receipt. Drop messages which are malformed.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
|
|
Zero length fragments are invalid and should be dropped. This patch adds
that.
Type: improvement
Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
arp proxy is not enabled correctly by ip4_neighbor_proxy_enable()
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I672b5d4a9652030b5604e9d39743c39cb93a2531
|
|
When the src-address to add match a route
without a valid output interface(such as default route 0.0.0.0/0),
fib_entry_get_resolving_interface() will return (u32)~0,
which will cause crash in ip4_neighbor_proxy_enable().
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I5aee5676a2ff43ec06745ebed4dba2b9e5b98c4d
|
|
If a fragment arrives with fragment offset = 0 and M = 0, it means that
this is actually a complete packet and per RFC 8200, it should be
treated independently from other fragments. This patch does that.
Fragmentation header is stripped and fragment is forwarded irregardles
of other existing reassemblies in case of full reassembly and treated
the same way as regular packet in shallow virtual reassembly.
Type: improvement
Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Improve vppapigen to generate per-message #define indicating whether
said message is dynamically sized (due to VLA or string) or not. Use
these #defines in REPLY_MACROs to prevent improper usage. Fix existing
improper REPLY_MACRO* usage.
Type: improvement
Change-Id: Ia77aaf9f6cf3ed68ea21075a4cc8deda78a68651
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ied4fe0f2b35eeca4e3e82fa21346de7f243aa52a
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I42b5a5a07aae6708a20ed424c8f26ddbe91278fb
|
|
fib_sas6_get is called with NULL dst explicitly so add a NULL check to
avoid a NULL dereference.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
|
|
Type: fix
Fixes: f16e9a5507
If an attempt to submit an async crypto frame fails, the buffers that
were added to the frame are supposed to be dropped. This was not
happening and they are leaking, resulting in buffer exhaustion.
There are two issues:
1. The return value of esp_async_recycle_failed_submit() is used to
figure out how many buffers should be dropped. That function calls
vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting
the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always
returns 0. It is safe to remove the call to reset the frame because
esp_async_recycle_failed_submit() is called in 2 places and a call to
reset the frame is made immediately afterwards in both cases - so it
is currently unnecessary anyway.
2. An array and an index are passed to esp_async_recycle_failed_submit().
The index should indicate the position in the array where indices of the
buffers contained in the frame should be written. Across multiple calls,
the same index value (n_sync) is passed. This means each call may overwrite
the same entries in the array with the buffer indices in the frame rather
than appending them to the entries which were written earlier. Pass n_noop
as the index instead of n_sync.
Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: feature
Change-Id: I231f782b3c56dc2b10321e4569ac7acdad1c11da
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Refactor and improve boundary checking on IPv6 extension header handling.
Limit parsing of IPv6 extension headers to a maximum of 4 headers and a
depth of 256 bytes.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: fix
When registering a new FIB node type, no name was required on the API, and so no name was printed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
|
|
Type: improvement
Change-Id: I7c341dc4a99898dd1f865ac2ebd99de9898bb0bd
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Make sure segment is empty after writer lock acquired. Other workers
might add fifos in between empty test and writer lock acquire.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3400fdd14be98d9d8fb4e415d3a849be1d255241
|
|
Avoid constantly re-mapping a listener's first segment when all its
sessions are closed.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iea7033fb70f4cf9e4408d542b7c0ff2b0c5c2f92
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3e633f017c68e8c5446e45b577048138a387daf6
|
|
Acceping sessions might be rejected so the notification might not make
sense.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3ababdce7c2cec62941d9722a9c06fa48ec547db
|
|
The code to check the exp is set after the call to pool_get()
is marked as unreachable in coverity. This is becasue if it
fails in pool_get then the it panics. Remove the unreachable code.
Type: fix
Signed-off-by: Paul Atkins <patkins@graphiant.com>
Change-Id: Iabb51b6b6788b6c12ef37c28dde2118c798de831
|
|
Type: fix
Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: Iab857b056639f7e513f87a6095bea081b7d8349c
|
|
Type: fix
This fixes the GSO size calculation in af_packet
which didn't include the ethernet size.
This is not ideal, as we default to the host
side mtu to check whether a packet is GSO or not
and to set the GSO size. But there doesn't seem
to be more info passed with the packets.
Change-Id: I9769e1dd21d5989b4cf67295352b5535454f88d1
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
- Always check session ownership
- Improve test for main thread rpc
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5fa60f7f5de199af0966987f9ce9a4cc8180cf98
|
|
- Disconnect ct peer only after tx events have been drained
- Make sure session/connection is in healty state before rx/tx
notifications
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic6e684410a98530cc95a9c6c54c05a19c17c11d9
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifcb631ed2913e5f4fc318238de9100286a7990d2
|
|
L2 prefetches the vlib_buffer_t and then immediately writes to l2 split
horizon group. Changing to the prefetch to a prefetchw.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: If3b7996978ee80f99c55904692c7b3c905f537ce
|
|
This patch ensures that fifo segment has at least the size that was
requested during allocation.
Type: improvement
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: Iea8a885ac290183e25e5c8f9163bba226c5efa15
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie2ed2554578d6a2c671c552dc2bdc081f9754eed
|
|
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Change-Id: I2f30a4f04fd9a8635ce2d259b5fd5b0c85cee8c3
|
|
Fixing the mutliarch versions of vxlan, geneve and friends. Ensures that
main struct is correctly sized for all multiarch permutations.
Type: fix
Fixes: 290526e3c
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I7c4c435763a5dcb0c3b429cd4f361d373d480c03
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I10af028b5e57b36b8015b02240f1e4e9a42d0898
|
|
On interface delete we were not removing
the lock taken by a previous ip_table_bind()
call thus preventing the VRFs to be removed.
Type: fix
Change-Id: I11abbb51a09b45cd3390b23d5d601d029c5ea485
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|