summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2021-11-09session: reset if ct close with dataFlorin Coras1-1/+15
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9540948b8b5476af7558d741cbf15ee838d4e01b
2021-11-09session: postpone ct cleanupsFlorin Coras1-18/+105
Add infra to postpone cleanups while tx events are not delivered. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7611ac2442116f71a229569a7e274eb58eb84546
2021-11-08tcp: refactor reset nodeFlorin Coras1-49/+71
Use vectorized buffer translate function and refactor tracing. Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5a014cea1a753eb10a564ac316c1727a18f884ff
2021-11-07l2: fix array-bounds error for prefetch on ArmTianyu Li1-1/+2
make build-release CC=gcc-10 vpp/src/vppinfra/cache.h:73:31: error: array subscript 80 is outside array bounds of ‘l2_in_out_feat_arc_main_t[1]’ [-Werror=array-bounds] __builtin_prefetch (_addr + (n) *CLIB_CACHE_PREFETCH_BYTES, _CLIB_PREFETCH (3, size, type); vpp/src/vnet/l2/l2_in_out_feat_arc.c:260:3: note: in expansion of macro ‘CLIB_PREFETCH’ CLIB_PREFETCH (next_node_indices, 2 * CLIB_CACHE_LINE_BYTES, LOAD); 2 * CLIB_CACHE_LINE_BYTES is 256 bytes on Arm, the offset is out of range of fam->feat_next_node_index[1], which is 128 bytes, use sizeof array instead. Type: fix Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: Ib7e06fcb643b2e863985ba89efcc274076752133
2021-11-06tcp: fix reset with packet ack numberFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I35c1fc75df065398821cc275e853a3caa9db94c2
2021-11-06vppinfra: move clib_count_equal_* codeDamjan Marion2-0/+2
Type: refactor Change-Id: Ib9e8abdbf745ad6563fc79c9ebb6b2ea65917d08 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-06tcp: in place tcp header for buffer resetsFlorin Coras1-2/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2a5de36175bca1181ffd4a1865d41f0a1f6bc035
2021-11-05devices: remove dead code in pipeDamjan Marion1-2/+1
Type: refactor Change-Id: If4a0484afebe53d53d79ab5cb72299e6298cfee7 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-05ip: remove dead codeDamjan Marion1-3/+0
Type: refactor Change-Id: Ia8e8834b635025d07e1028b1d5779b21c4e05e58 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-05virtio: fix the initializationMohsin Kazmi1-1/+1
Type: fix Fixes: d96b28ac0917 ("virtio: improve input node performance") vlib_buffer_t is defined on stack to be used for input feature arc lookup once per frame call for performance reasons. The definition is missing the initialization to avoid the assignment of garbage value. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ie7930186bbd8240c44d257808ebd31e06e854b29
2021-11-04ip: speed up reassembly code compilationKlement Sekera4-50/+36
Refactor code so that code is inlined in one place instead of in multiple to speed up compilation. Type: refactor Change-Id: I41357b89715b66ebdc8c0d5ccd69347a254fc266 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-11-04ip: reassembly: avoid reading truncated L4 headersKlement Sekera3-81/+151
Check if L4 headers are truncated and if so, set a flag for (future) consumers instead of reading/writing garbage data. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I0b656ec103a11c356b98a6f36cad98536a78d1dc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-11-03tcp: make buffer reset function publicFlorin Coras2-32/+28
Also does a bit of code cleanup. Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifbff1e03a2e1fdca98925fdd3db7eb230ff24a37
2021-11-03ipsec: Support the single IPSec interface dumpNeale Ranns1-0/+5
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I93c819cdd802f0980a981d1fc5561d65b35d3382
2021-11-02ip: fix coverity warningKlement Sekera1-1/+1
Remove unnecessary NULL check of t0, which causes coverity to scream. t0 is always initilised to *something* by doing pool_elt_at_index(). Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I7cf21767c43a24923e490ad40622743c17142fe2
2021-11-02fib: allow vnet rewrite max size to be smaller the pre_dataBenoît Ganne2-3/+5
There is no reason to enforce vnet rewrite size to be equal to pre_data. Moreover, since vnet rewrite size is now saved as u8, this limits pre_data to 192 bytes. Type: fix Fixes: 7dbf9a1a4fff5c3b20ad972289e49e3f88e82f2d Change-Id: I3f848aa905ea4a794f3b4aa62c929a481261a3f1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-11-02build: remove unnecessary executable bitsRay Kinsella2-0/+0
Run 'find src -executable -type f', remove unnecessary executable bits from the source tree. Type: refactor Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I070e22c8fb2ef8712bc3ea620727ee5ab3d9a9fb
2021-11-02interface: avoid dependency on crc32 for eth handoffFlorin Coras3-21/+32
Make sure the infra works on platforms without crc32, like risc-v Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5f267497bb4e73a91a5320822ca42388f1f8b037
2021-11-02ip: fix build without vector unitDamjan Marion1-0/+13
Change-Id: I102f84d6d72a7f17e62fb8c16a1d4a3234753476 Type: fix Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-02classify: fix build on systems without crc32f and vector unitDamjan Marion1-2/+6
Change-Id: I4229239ed6b81c10362faa1aa9f658c3fccfd31b Type: fix Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-02l2: fix outside array bounds errorsDamjan Marion2-2/+2
Reported by gcc-11... Type: fix Change-Id: Ia00001a6334722a6ae9cc771e6861c1f709df286 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-02tcp: fix uninitializad valueDamjan Marion1-1/+1
May not be valid error but gcc-11 complains. Type: fix Change-Id: I207b8b4966c5eadd534495e29c873663249a377f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-11-02hash: check if crc32c is availableDamjan Marion1-0/+4
Type: fix Change-Id: I2f87ed4b151ecd5034b69d6f060626be6fd74e85 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-31ipsec: silence gcc-11 parentheses warningDamjan Marion1-1/+1
Type: fix This reverts commit 5ecda99d673298e5bf3c906e9bf6682fdcb57d83. Change-Id: I393c7d8a6b32aa4f178d6b6dac025038bbf10fe6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-31interface: handoff refactor and optimizationsFlorin Coras3-62/+171
- move existing ethernet hash functions to hash infra (no l4 awareness) - refactor code to use hash infra and add apis to request l4 aware hashing functions - hashing functions per interface - code cleanup Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia9f44db98d83f0f027aeb37718585a2e10ffd2c6
2021-10-30build: add missing fib headers in packagesBenoît Ganne1-0/+3
Type: fix Fixes: d6953332db225d5355f50348ef3b09f0525d5282 Change-Id: Ib85fee40e71ebe5bc2b84c62e37298b5e390d520 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-29policer: fix coverity warning/NULL dereferenceKlement Sekera1-2/+10
Add a NULL check in case of hash lookup failure to make coverity happy. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I3cfa5960458d3618f1277ba442b4ca5ca15064ea
2021-10-29devices: default mode eth in the apiNathan Skrzypczak2-2/+4
Type: fix https://gerrit.fd.io/r/c/vpp/+/34027 added support for l3 mode, but as the eth_mode constant was set to 1 we did default to l3 mode in the api. This reverts to the original logic. Change-Id: If8b90b300d3868de5233dfa1f33ec975853cba11 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-28interface: refactor interface output node in different processing levelsMohsin Kazmi1-13/+9
Type: refactor Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I4f29e6118630146876b7f58f1afe6b6733401047
2021-10-28ip: improve csum fold on x86_64Damjan Marion1-1/+15
New code seems to be 1.5 clocks faster. old: mov eax,edi shr rdi,0x20 add rdi,rax movzx edx,di shr rdi,0x10 add rdx,rdi movzx eax,dx shr rdx,0x10 add rax,rdx mov rdx,rax shr rdx,0x10 add eax,edx new: mov rax,rdi shr rax,0x20 add eax,edi mov edi,0x10 shrx edi,eax,edi adc ax,di adc ax,0x0 Type: improvement Change-Id: I3c565812c67ff4c3db197a9d4137a6c131b5b66c Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-28tap: handle null namespace and bridge correctlyMatthew Smith1-2/+4
Type: fix In tap_create_if(), if args->host_namespace or args->host_bridge are null because no values were set for those, the virtio_if_t entry in virtio_main.interfaces ends up getting populated with values of "(nil)" in net_ns or host_bridge, respectively. Check whether args->host_namespace and args->host_bridge are null before trying to set the corresponding fields on virtio_if_t. Change-Id: I8e1e66a6d7b246e7c66fece406d116ffb1312c64 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-10-27devices: fix coverity warning/don't leak fdKlement Sekera1-1/+2
Move socket creation past code which returns from function to avoid leaking the socket in case of an early error return. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9e18bd32022441c17ca920d1c2458b058b76c3c0
2021-10-27tcp: fix use of invalid local sw_if_indexFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id58ac44d45fb8b8a0d803f02e0242ec6f4b3db05
2021-10-26crypto: add barrier in crypto key addGabriel Oginski1-0/+12
Originally the pool of keys can be expand and cache with pointer for key can be invalid. For example in Wireguard during handshake process this pool can be expand and pointer for these keys in cache can be invalid for workers or can has incorrect value (poison memory). The fixes add barrier if the pool needs be to expand to ensure that cache in function will be valid and avoid situation when cache has invalid pointer for these keys. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Ida8f300213dfebb91ecaf1937fb08de81c20ba7b
2021-10-25tcp: fix: TCP timewait port reuse rfc complianceMichal Kalderon2-4/+84
This patch provides a fix for early-kill of timewait sockets that is based on rfc's 1122, 6191. The following commits provided a solution for port re-use. However, they are not fully compliant with rfc 1122 4.2.2.13 ( Closing a connection ) and rfc 6191 (Reducing the TIME-WAIT State Using TCP Timestamps) commit b092b77cf238ba ("tcp: Enable TCP timewait port use") introduced a significant improvement by enabling TCP timewait port re-use. commit ee1cb469b2dd ("tcp: fix port reuse with multiple listeners") fixed usage of the wrong value for connection_index when searching for a listener, by storing the state in tcp.flags. Implementation details: When a SYN is received during time-wait state, the code checks whether all the requirements for accepting the SYN packet are met. If they aren't, the SYN can't be accepted and the packet is dropped, otherwise, connection is deleted and a new connection with same port is opened. Type: fix Signed-off-by: Ofer Heifetz <oferh@marvell.com> Signed-off-by: Yuval Caduri <cyuval@marvell.com> Signed-off-by: Michal Kalderon <mkalderon@marvell.com> Change-Id: I38a33c6e321c760d45ebec9154399e1c90dd0250
2021-10-25bier: Disposition paths don't set the next-hopNeale Ranns1-14/+9
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I3c4152219e5307ac0fe773e16d597f0e4b9a7d4c
2021-10-23arp: fix for source address selectionEd Warnicke1-1/+1
Type: fix Ticket: VPP-1970 Ticket: VPP-1992 Fixes: 9e17887db97bb9f6507270f9fa9923c10816e0df https://gerrit.fd.io/r/c/vpp/+/33495/7 introduced a bug where ND responses are inproperly dropped. This fixes that bug. Signed-off-by: Ed Warnicke <hagbard@gmail.com> Change-Id: Iec4b07646332ced292e2211408c4f7af3088ac28 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2021-10-22devices: add support for l3 af_packet interfaceMohsin Kazmi5-37/+106
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ia6b9d4ac55be2216887bfdb99be4021f6a96f166
2021-10-22ipsec: add api test fileFilip Tehlar2-0/+598
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ib3fe4f306f23541a01246b74ad0f1a7074fa03bb
2021-10-22fib: Don't back walk from a path-list when a child fist attaches.Neale Ranns1-11/+7
Type: fix If the walk is triggered when the child is added, then that child is visited in the walk. However, since it is just attahcing to the path-list it may not, or indeed cannot, have all the context it needs to successfully handle the walk. In the case of MPLS tunnel, it does not have the path extensions ready, and cannot since the path extensions need to resolve on the path-list. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I027af8cf2f522d2f6e37931bea60c767f0cb667d
2021-10-21fib: respect mfib entry flags on create with pathsPaul Atkins10-27/+37
When an mfib entry was created with both paths and entry_flags then the entry flags were being ignored. If there are no paths then the flags were passed into mfib_table_entry_update, but in the case where the entry didn't exist and there were paths and flags, the entry was created within mfib_table_entry_paths_update() which used a default of MFIB_ENTRY_FLAG_NONE. Pass the flags through into the mfib_table_entry_paths_update fn. All existing callers other than the create case will now pass in MFIB_ENTRY_FLAG_NONE. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I256375ba2fa863a62a88474ce1ea6bf2accdd456
2021-10-21ip: Add ip46-local node for local swif[rx]Nathan Skrzypczak5-44/+132
Type: improvement This adds a new ip[46]-receive node, sibling of ip[46]-local. Its goal is to set vnet_buffer (b)->ip.rx_sw_if_index to the sw_if_index of the local interface. In dependant nodes further down the line (e.g. hoststack) we then set sw_if_idx[rx] to this value. So that we know which local interface did receive the packet. The TCP issue this fixes is that : On accepts, we were setting tc->sw_if_index to the source sw_if_index. We should use the dest sw_if_index, so that packets coming back on this connection have the right source sw_if_index. And also setting it in the tx-ed packet. Change-Id: I569ed673e15c21e71f365c3ad45439b05bd14a9f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-21l2: add api test fileFilip Tehlar2-0/+1419
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ie79a2deac03c04c0697e482a649ff151142126ed
2021-10-21ip6: set local flag on outbound echo replyMatthew Smith1-0/+4
Type: fix When VPP generates an ICMP echo reply in response to an incoming echo request to a local address, set VNET_BUFFER_F_LOCALLY_ORIGINATED on the buffer. It will prevent ip6-rewrite from decrementing the hop limit. Outbound IPv4 echo replies also get this flag set. Change-Id: Iaa229294eb158edb58cf1bf1b7a90da281321406 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-10-21session: add api test fileFilip Tehlar2-0/+364
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I6b89c4158d10d4928c8418312180dbeba7d70ab2
2021-10-20ip6: fix IPv6 address calculation error using "ip route add" CLIJieqiang Wang3-20/+61
Using VPP CLI "ip route add" to add static IPv6 entries outputs wrong results. Fix this error by correctly calculating IPv6 addresses with different increased ranges and grouping ip4/ip6 prefix calculation functionality into two functions. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: If954876301ca2095f9331799a086f75db936f246
2021-10-20gso: add support for gso perf unittestMohsin Kazmi2-0/+13
Type: test Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I5d44a6ea24e4aa0842024a0961f1fb22c6e6419a
2021-10-19bfd: fix bfd_key_id updateAlexander Skorichenko1-4/+8
Type: fix Currently, auth activation CLI command "bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>" allows to change both key-ids to new values at once. But if only bfd-key-id should be corrected, e.g. as a result of mistyping, we can't do that in a single operation, and have to deactivate auth first and then reactivate it with a correctly entered pair of ids. Currently, backend's bfd_auth_activate() function returns immediately, with no action, if it finds that submitted conf-key-id matches the current record. No check on bfd-key-id value is made. With this fix, bfd_auth_activate() checks if session's bfd-key-id has to be changed to a new value, and if so, it updates and logs appropriately. Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2021-10-19bfd: fix desired_min_tx_nsec updateAlexander Skorichenko1-0/+2
Type: fix Currently, the change in desired_min_tx value initiated locally doesn't result in actual update of the transmission interval. bfd_session_t structure has two fields for each of protocol's local time parameters desired_min_tx, required_min_rx In a case of a parameter update, "config_" prefixed fields store new values sent to remote bs.config_desired_min_tx_nsec, bs.config_required_min_rx_nsec Those prefixed "effective_", keep old values, still in charge, until new ones are being negotiated between peers: bs.effective_desired_min_tx_nsec, bs.effective_required_min_rx_nsec Currently, upon termination of the Poll Sequence (negotiation) only bfd_set_effective_required_min_rx() is called to update effective RX value. TX value remains unchanged. With this fix, add a call to bfd_set_effective_desired_min_tx() to set new, acknowledged TX value in effect. Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com> Change-Id: I80b6746533839c9572598f1ad9dabb33e621a525
2021-10-18api: remove legacy pd msg handlersKlement Sekera2-2/+0
While looking at a coverity warning it was discovered that it's caused by return value modified by pd msg handlers. As these are legacy, it's a good time to remove them and also fix the warning this way. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic72ab8b2b7a2e55188d1c31cfd18a74b7cf82c43