aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2020-04-30ipsec: Add/Del SA not MP safeNeale Ranns1-7/+0
Type: fix some crytto engines store key data indexed by SA index. Creating new SAs means this store reallocs with packets inflight; bad stuff ensues. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ia23c3a59e2d05fb006bdbd9922d01ee192e22853
2020-04-30l2: l2_patch_main should not be staticVratko Polak1-1/+5
Without understanding what is going on, a pattern from l2_fwd.c is applied to l2_patch.c file. Type: fix Fixes: d770cfc96257f9bd9e0c96c8ebe50e4531dc1bc5 Ticket: VPP-1799 Change-Id: Ia97d448f9d1846549f57ea69044ae15fa39bb942 Signed-off-by: Vratko Polak <vrpolak@cisco.com> (cherry picked from commit 3be9351e5e5c54f76544836044c6e81df8a0b899)
2020-04-29vlib: add ASSERT to vlib_time_now(...)Dave Barach2-2/+3
Calling vlib_time_now (&vlib_global_main) from a worker thread is a bad mistake. ASSERT (vm->thread_index == __os_thread_index) will catch it. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I55af6de84e06143f8f43adc62103b77267a7a441 (cherry picked from commit 77d98382824ca211fb55fcf842931930ccfb3baa)
2020-04-13dhcp: fix unicast pkts, clean up state machineDave Barach6-276/+440
Nominally a bug-fix cherry-pick, but completely manual. Closer to a full feature backport minus binary api changes. Send dhcp unicast packets to ip4-lookup. Otherwise, these packets won't reach a dhcp server on a different subnet. Do an immediate client scan after processing wakeup events. Calculate the next process wakeup time by scanning all clients. Increase maximum (idle, no-clients-configured) timeout to 1000 seconds. Reduce log spew. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I3d10cd4c353298ed0b19e7e30887dc1d8d07b19e (cherry picked from commit c54162981cdd41d65ed283df36955007552ddffe)
2020-04-13l2: handle complete clone fail in l2_floodDave Barach1-2/+8
vlib_buffer_clone(...) may not manage to produce any buffer clones at all. vlib_buffer_clone_256 should not smash the original buffer reference count if no clones are produced. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I14d9d53637a220485c7a0036cfc75a4149b264ea (cherry picked from commit 95e19253320ab07748787f4c8a7620704563f6b8)
2020-04-10misc: check return values from vlib_buffer_copy(...)Dave Barach7-1/+25
vlib_buffer_copy(...) returns NULL if the system is temporarily out of buffers. This is NOT correct. Please don't be this person: c0 = vlib_buffer_copy (vm, p0); ci0 = vlib_get_buffer_index (vm, c0); Type: fix Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit c25ef58965871ea5d2b40904df9506803f69e47e) Change-Id: I6cd4f289c4fadc3f36c3203b53546e9a788ef99b
2020-04-05virtio: vhost checksum problem for ipv6Steven Luong1-3/+3
When checksum is enable for IPv6, it erroneously set the flag VNET_BUFFER_F_OFFLOAD_IP_CKSUM. That flag is meant for ip4 packets only. Type: fix Ticket: VPP-1857 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Id03b2937bfa34e2a9b50a36aafe0700bad7fb95e
2020-04-01api: ipsec: add missing IS_INBOUND flagChristian Hopps2-0/+6
External IKE daemons need to be able to flag an SA as inbound (just as the included ike plugin does). This commit adds this flag to the API. This change is backward bug-compatible as not setting the flag (old clients) continues to mean all SAs are created as outbound and fib nodes are created for them. The addition of this flag inhibits this forwarding node creation as well as properly flagging the SA as inbound. Ticket: VPP-1845 Type: fix Signed-off-by: Christian Hopps <chopps@labn.net> Change-Id: Ifa6fd664587380aa53e95d0e4eb2e1a4b1df7909
2020-04-01misc: fix ip6_neighbor_cmdDave Barach1-10/+0
The option parsing loop had "break" statements included in each 'if (unformat (line_input, "this-option ...") option_values=xxx;' statement. Result: the code would silently ignore all but the first option. Probably broken forever, not easy to spot because the code looks OK even though it's badly broken. Manual cherrypick: the function name has changed, the code has moved to a different file, and the MAINTAINERS file entry doesn't exist in 19.08. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit 7249b90ab21c20138907e692dcb6032aea9e2f0f) Change-Id: Ie06bb083645302848a19ecc9ad2934927de01f62
2020-03-27virtio: fix link up/down flagMohsin Kazmi1-3/+9
Type: fix "set int state <interface> down" puts the virtio device link down. It will not put the link in "UP" state, when "set int state <interface up>" will be used again to change the interface admin up. This patch fixes it. To test: create tap set int state tap0 up set int state tap0 down sh hardware sh int set int state tap0 up sh int sh hardware Change-Id: I3c0e31539f8a2a1e40220e7fb57eedecf408f067 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 529f0e97b6064039c500adce0d54b738954b2ffa)
2020-03-27virtio: fix the out of order descriptors in txMohsin Kazmi4-8/+103
Type: fix Some vhost-backends give used descriptors back in out-of-order. This patch fixes the native virtio to handle out-of-order descriptors. Change-Id: I74ba03a2111dc601be4396c0fa800c33db5554b4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 7f6d145accc6e63b150ab4efc282f19cbe996b57)
2020-03-09mpls: adjust mpls-frag size to account for mpls headerJohn Lo1-1/+1
Type: fix Signed-off-by: John Lo <loj@cisco.com> Change-Id: I0b3042317c58c5a4d64d82b16f62e70f0461e578
2020-03-04tap: misc fixesMohsin Kazmi2-20/+21
Ticket: VPPSUPP-58 1) Previously, host mtu can't be set if tap interface is in namespace. 2) generate the host mac address, if it is not provided. 3) fix the parameters for tap_create_v2 in vat. 4) fix the pretty print of parameters for tap_create_v2 in custom dump. Type: fix Change-Id: I18898af90dbd37d773a40b6535dd9c03c9984679 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-02-13classify: fix "show classify filter" debug CLIDave Barach1-3/+1
Null pointer bug, memory leak. D'oh! Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic2865757ed9cbb7f48d23c7c30b64299eb5f6674 (cherry picked from commit 104112f2d412a4576b5e0d3bbb20665d2b5bd615)
2020-02-12classify: "classify filter ..." debug CLI cleanupDave Barach1-7/+8
The pcap trace filter initial table index lives in cm->filter_set_by_sw_if_index [0], which corresponds to the "local0" interface. Debug cli makes sure that folks don't accidentally specify the "local0" interface. At least it does now... Fix the "vlib format.c code coverage" test in test/test_vlib.py. Type: fix Change-Id: I35320bc2c8f0c6f1f8c12e3529d1938548185151 Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit 29c6132108be68feb11c8d9bfaaf674cba86ee33)
2020-02-12classify: vpp packet tracer supportDave Barach1-32/+119
Configure n-tuple classifier filters which apply to the vpp packet tracer. Update the documentation to reflect the new feature. Add a test vector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Iefa911716c670fc12e4825b937b62044433fec36 (cherry picked from commit 87d24db65facb89ca524c951b8379ca2ec4dbc7a)
2020-02-06vlib: autogenerate <node> before <last-in-arc> constraintsDave Barach4-1/+25
If an arc declaration includes '.last_in_arc = "some-node"', assume that folks mean it and add explicit ordering constraints. Fix the "arp" arc declaration which claimed that the arc ends at arp-disabled, but the arc really ends at error-drop. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ie2de1fb30091671cbc7c62770903a2e05987f141 (cherry picked from commit 5f9f3c8de8d5d9f83a437661a98e5cc2453705f9)
2020-02-06session: extra checks in session validationSrikanth Akula3-15/+29
Type: fix Adding few extra checks while doign session validationwq! Signed-off-by: Srikanth Akula <srakula@cisco.com> Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4d18b5ad97d1802ce38a07aeb56b5f35939c1187 (cherry picked from commit e140d5d0255b80f8dda945daf7202b5698d81d9b)
2020-02-06virtio: feature arc have higher priority than redirectDamjan Marion1-3/+4
Type: fix Fixes: 8389fb9 Change-Id: Ie159eb444b28b36a7af86049b80fba4e49be93cb Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 06c194d91b6d2d888ed2b0c5cf0df1cdbc7c53a4)
2020-02-06tcp: improve lost rxt heuristicFlorin Coras3-34/+55
Type: feature - retransmit first unacked segment if newer retransmitted packets are acked - avoid spurious retransmits if recovery ends with sacked bytes Change-Id: Ic1b56d22e025822edb7609afb136e47440ea6032 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit b3dce89a768aaffa2a830ba6579cd3d9c8cd967a)
2020-02-06session: re-set tx fifo event if out of buffersFlorin Coras1-1/+2
Type: fix Change-Id: I7416e827fbc5c63d082273656441c81dd6246d8a Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit aa43914df656bbd7340b8dbd68f23f8fe0aabfd5)
2020-02-06lacp: add actor steady state check prior to skip processing lacp pduSteven Luong2-48/+43
In a rare event, we may be skipping processing lacp pdu's when the it is not in steady state. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I4e4f81dfd4e95433879ee66cdf6edb8d8afbe9b0
2020-01-29fib: refresh adj pointer after fib_walk_sync due to possible reallocSteven Luong2-0/+20
fib_walk_sync may call adj_alloc which may cause adj_pool to expand. When that happens, any previous frame which still use the old adj pointer needs to refresh. Failure to do so may access or update to the old adj memory unintentionally and crash mysteriously. Type: fix Ticket: VPPSUPP-54 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ia7c6cb03c1ed9ddbbfb12dd42c8abc7f5b3f210c
2020-01-29devices: vhost: fix data offset on inputBenoît Ganne1-11/+1
Regardless of whether the virtio_net_hdr is sent as a separate descriptors or in the same descriptor as the data, we always want to skip the header length - maybe moving to the next descriptor along the way. Type: fix Change-Id: Iaa70aeb310e589639b20f8c7029aaa8d3ce5d307 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 5ecc1e4d433a34845c7bfd761dc990413e6c321b)
2020-01-29bfd: reset peer discriminator on timeoutKlement Sekera1-0/+13
More RFC compliance. Ticket: VPP-1816 BFD: peer discriminator not reset on timeout Type: fix Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-28bonding: Add GSO supportSteven Luong2-2/+21
Add GSO support, configurable from the CLI. Type: feature Ticket: VPP-1820 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I65885a071b24c74437e6cfe5eff237b01bc1744b
2020-01-28bonding: process lacp when bond is admin downMatthew Smith1-1/+0
Ticket: VPP-1821 Type: fix Fixes: 6dfd3785e4 When a bond interface is administratively down but the slaves are up, process inbound LACP packets received over the slaves. This was the old behavior with bond interfaces in LACP mode and was altered unintentionally by another change. Restore the old behavior. Change-Id: I61b0b700211dea4859b6ee447ab83b33197d9d11 Signed-off-by: Matthew Smith <mgsmith@netgate.com> (cherry picked from commit 854eb6e3ff87ace211a45a8053424d8432bd5755)
2020-01-28fib: Reload the adj after possible realloc (VPP-1822)Neale Ranns1-0/+1
Type: fix Fixes: 418b225931634f6d113d2971cb9550837d69929d Change-Id: Ia5f4ea24188c4f3de87e06a7fd07b40bcb47cfc1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-22fib: Adjacency realloc during rewrite update walk (VPP-1822)Neale Ranns1-4/+4
Type: fix Change-Id: I0e826284c50713d322ee7943d87fd3363cfbdfbc Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-20fib: FIB crash removing labelled route (VPP-1818)Neale Ranns1-7/+12
Type: fix The crash occured trying to retreive a NULL path list to walk the path extensions. A walk shoul not be required, because there should be no extensins, since all paths are removed. The problem is that when the paths were added, they were not sorted, hence neither were the extensions and when they were updated, duplicate extensions were added, and hence a path removal did not remove them all. Fix is to make sure paths are sorted. Change-Id: I069d937de8e7bc8aae3d92f588db4daff727d863 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-08l2: fix MAC learn counter update on adding MAC entryJohn Lo1-1/+1
Type: fix Signed-off-by: John Lo <loj@cisco.com> Change-Id: I711432f589ee4a4527cf795526d3b4031999f71d (cherry picked from commit b2e73b1dcb8e9eb3bf74a96fff20a9b27f7e6d73)
2020-01-04bonding: drop traffic on backup interface for active-backup modeSteven Luong1-1/+12
For active-backup mode, we transmit on one and only one interface. However, we might still receive traffic on the backup interface. We should drop them and strictly process incoming traffic on only the active interface. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Idb6b798b30033e84044b151c616be3c157329731 (cherry picked from commit 6dfd3785e4d65418f4330a73bf837912c37b8ec2)
2020-01-02gso: fix the number of buffers required for segmentationMohsin Kazmi1-1/+2
Ticket: VPPSUPP-51 Type: fix Change-Id: I34d4237eb0644705ce0f523fdd0d6b70308e8bcd Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-01-01fib: Adjacency walk fix for IPv6Neale Ranns1-1/+1
Type: fix Change-Id: Id3a1950e49d5eb1883af06a14df97e98f55162a8 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit e7ee300923d23b6a6eab42676c8dcce85da89bed)
2019-12-21vxlan: reuse inner packet flow hash for tunnel outer header load balanceShawn Ji3-0/+22
Type: fix Several tunnels encapsulation use udp as outer header and udp src port is set by inner header flow hash, such as gtpu, geneve, vxlan, vxlan-gbd Since flow hash of inner header is already been calculated, keeping it to vnet_buffere[b]->ip.flow_hash should save load-balance node work to select ECMP uplinks. Change-Id: I0e4e2b27178f4fcc5785e221d6d1f3e8747d0d59 Signed-off-by: Shawn Ji <xiaji@tethrnet.com> (cherry picked from commit 623b4f85e6ee4611ae15bb3103fe30725ca977ed)
2019-12-05vxlan: fix vxlan hw offload issueChenmin Sun1-1/+3
Type: fix Since Vxlan hw offload jumps the ethernet-input node, so needs to adjust the data offset accordingly In original code, the current_data is 0 when arriving vxlan-flow-input node(due to no graph node before it, except the dpdk-input), so this code block cannot find the correct vxlan header: enum { payload_offset = sizeof (ip4_vxlan_header_t) }; vlib_buffer_advance (b0, payload_offset); see code in src/vnet/vxlan/decap.c, function vxlan4_flow_input_node This patch fixes this issue Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Iab4af7a7dc3b69a117a4c9ea1c59662669a6438c (cherry picked from commit 1ec9fdbf29aedcdd4040feb635971c3f87a1cfdf)
2019-12-03tcp: fix ip check in lookup validationFlorin Coras1-11/+17
Type: fix Change-Id: Ia18632c8fe22bdcfdf3cb48a4234f8703a7ac1d7 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 07df79150f15291af9793397d6182a4168c6bfc5)
2019-12-02ip: IP address and prefix types (moved from LISP)Neale Ranns18-460/+502
Type: refactor Change-Id: I2c6b59013bfd21136a2955442c779685f951932b Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit ea93e48cf6e918937422638cb574964b88a146b6)
2019-12-02classify: debug cli %v not %sDave Barach1-2/+2
Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I294f0b773375f6dce020b771db0726ceb5d812cc (cherry picked from commit 3268a64d3c9e60d69b3b12d6c6bf1987394275d2)
2019-12-01virtio: fix use-after-freeBenoît Ganne1-1/+1
Type: fix Change-Id: Ic67d9da65d937f56ecf994a5504c6351624b32ff Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 8f011830b2e01dfdbf8449b3145a4dd806b5515f)
2019-11-28tcp: close session on retransmit failureFlorin Coras1-0/+1
Type: fix Since the connection is closed, also mark the session as closed. Change-Id: Ica3849c3ff12fa7a65ba64e563a60d6c94f5ceca Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 52be67435eb4615b899950b42b8ff72d258fbcb3)
2019-11-28interface: send proper link/admin status in eventAlexander Chernavin1-4/+5
Type: fix Change-Id: I7cba9f911abe1ae82d8381a48f65e81b615ede76 Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit aa27dcb84cb312277370b77370a69b2a3596c4c5)
2019-11-28crypto: not use vec api with opt_data[VNET_CRYPTO_N_OP_IDS]Lijian Zhang3-3/+4
opt_data is defined as a array, while in some code, e.g., function vnet_crypto_get_op_type, it's used as vec. vec api is not applicable to static arraies. src/vnet/crypto/crypto.h:234:70: error: address of array 'cm->opt_data' will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion] vnet_crypto_op_data_t *od = ({ do { if ((0 > 0) && ! ((id) < ((cm->opt_data) ? (((vec_header_t *) (cm->opt_data) - 1)->len) : 0))) Type: fix Change-Id: I0b6754406e4216ca975bc1da4b5d4ce293a9bb45 Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> (cherry picked from commit b15d796dbf1da6a229df4e10a3a2bdd700f0354e)
2019-11-28tcp: validate the IP address while checking TCP connectionSrikanth Akula1-9/+31
Type: feature Along with the port information, we need to validate the IP address details as well. This is very useful in the case port re-use scenario Signed-off-by: Srikanth Akula <srakula@cisco.com> Change-Id: I11e1ebcd3e56aae47ac235a89606a83c928aa6bb (cherry picked from commit cf4c2102d9dc3ccc939cca1137b24a75341f1b0c)
2019-11-28session tcp: refactor pacer timeFlorin Coras9-104/+74
Type: refactor Change-Id: Ic1c3e1f7987702cd88972acc34849dc1f585d5fe Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit a8e71c8981f039588a7ca94e6ab66b4ebac784a5)
2019-11-19ipsec: fix trailing data overflowFilip Tehlar1-23/+21
IPsec writes trailing data at the end of the buffer without checking if there is enough space. If the packet length equals buffer size this leads to rewiting of the next buffer header in the pool. Type: fix Change-Id: Iceb27bb724c7243863a4b532aad0808051b7d74c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-11-19crypto: do not crash if no crypto engine loadedBenoît Ganne1-1/+1
Do not overflow ops_handlers vector. Type: fix Change-Id: I8d5e7fb8125a7bd87ecfe6f4f1390fb9f43dad8f Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 6545df7913b53d71415c7c9643cb824c2ffbaaa7)
2019-11-18session: unify buffer tx dispatchingFlorin Coras1-26/+11
Type: refactor Use pending tx buffer vector to postpone dispatching of all buffers, i.e., either generated as a result of tx events or custom tx event. Change-Id: Ic5894c4653c338cfb04555d20857f954b245ee83 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 8a754f1a55fb16a4d42efd5c606e5a07b4afffe9)
2019-11-18fib: Copy the prefix before use in case the underlying entry reallocs.Neale Ranns3-6/+19
Type: fix all other uses of the fib_entry_get_preifx in the code base don't pass the prefix into recursive functions. Change-Id: Ic1c56acd406a733b215ee2fd98b6bed58b490a4f Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 320dfcf2aa8f4617b51a2bb15f3d0f93ee62d4dc)
2019-11-18bonding: fix non-null terminated vectorBenoît Ganne1-2/+2
Type: fix Change-Id: Iea7d73a304236b525b95bdad3bfdb41e711f8cdb Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit a03c7d5b9280e1cd5d89cb7cc15bd05b56062c95)