summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-04-16IPSEC: ESP with ESN tests and fixesNeale Ranns2-4/+4
Change-Id: Ie42b26e6d5cdb7b23f370ea2933c65079e8d1089 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 49e7ef60cb38d9f539d70d7a1e85cea5d350a203)
2019-04-16tap: fix the crash [VPP-1645]Mohsin Kazmi1-0/+3
Crash will happen when someone will try to setup a tap interface in host namespace without providing the host side of tap interface custom name. This patch fixes the problem by using the default name in this case. Change-Id: Ic1eaea5abd01bc6c766d0e0fcacae29ab7a7ec45 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 2a6861ff7bc90c1518b68459210830052774d429)
2019-04-15IPSEC: crypto overflowNeale Ranns1-1/+1
decrypting too many bytes. Change-Id: I4663e70271d9734eda7f9a127967b9224c0e5efc Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 0a0c7eef787dbf29c8b018420cb9d244cbe8d2dd)
2019-04-14session: drop lock on segment allocation error VPP-1644Florin Coras1-12/+9
Change-Id: Ib346570daa3e40f4f53100a05e9355ce60d533a4 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit bbf923fb52e8a9062ef4d740288cf5547c4dbde4)
2019-04-14IPSEC-MB: Use random & non-repeating IV (VPP-1642)Neale Ranns3-7/+6
hard code IV and key lengths based on cipher. Init IV from random data, use AES instruction to rotate. Change-Id: I13a6507d12267b823c528660a903787baeba47a0 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 21ada3bd7e9bc5cca7c2c8399adcbaa044bf8103)
2019-04-10crypto: Intel IPSEC-MB engineNeale Ranns2-2/+13
A plugin to use Intel IPSec MB library as a VPP crypto engine This changes uses concepts from: https://gerrit.fd.io/r/#/c/17301/ hence that author's work is acknowledge below Change-Id: I2bf3beeb10f3c9706fa5efbdc9bc023e310f5a92 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-04-10ethernet: fix packet tracingBenoît Ganne1-1/+1
Node tracing condition was wrongly reversed by commit "5ecd5a5d15 Move pcap rx/tx trace code out of the dpdk plugin". This prevented packet tracing in ethernet-input node and also impacted performance in the no tracing case. Change-Id: I345a11191d027c6c4ec474a2901995338050680a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-10IPSEC: for each engine and algorithm testsNeale Ranns1-1/+1
refactor the IPSEC tests a bit so we can parameterise the setup. Change-Id: I777e5eb8f29ca1dce3dd273ebd05dae5846790af Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-10session: binary api app names as vectorsFlorin Coras1-2/+2
Change-Id: Iae358365de8ccbc0441b14f21ba6b365cbfec09a Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-10API: Fix shared memory only action handlers.Ole Troan6-195/+86
Some API action handlers called vl_msg_ai_send_shmem() directly. That breaks Unix domain socket API transport. A couple (bond / vhost) also tried to send a sw_interface_event directly, but did not send the message to all that had registred interest. That scheme never worked correctly. Refactored and improved the interface event code. Change-Id: Idb90edfd8703c6ae593b36b4eeb4d3ed7da5c808 Signed-off-by: Ole Troan <ot@cisco.com>
2019-04-10IPSEC: remove double byte swap of IP addressesNeale Ranns1-18/+10
Change-Id: I8c03c4aa90fb0056e11e0f234999c25d7839d759 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-10Make tcp/udp/icmp compute checksum safer for buffer-chain caseJohn Lo2-2/+2
Change-Id: I046e481a67fbeffdaa8504c8d77d232b986a61ee Signed-off-by: John Lo <loj@cisco.com>
2019-04-09session: fix session flagsFlorin Coras2-5/+2
Change-Id: I681169b82c661b7f0bf19f09d07d76ac1d3ed173 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-08fixing typosJim Thompson32-45/+45
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-04-08virtio: Fix the coverity warningsMohsin Kazmi1-6/+11
Change-Id: I7c6e4bf2abf08193e54a736510c07eeacd6aebe7 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-04-08IPSEC TEST: various hash alogrithmsNeale Ranns1-1/+1
Change-Id: I925aa5bf9472e81f98072d63df499b19e6ddf43d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-08host stack: update stale copyrightFlorin Coras28-28/+28
Change-Id: I33cd6e44d126c73c1f4c16b2041ea607b4d7f39f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-08minor spelling errors (both in comments)Jim Thompson2-2/+2
Change-Id: I9282a838738d0ba54255bef347abf4735be29820 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-04-07crypto: add support for AEAD and AES-GCMDamjan Marion12-150/+272
Change-Id: Iff6f81a49b9cff5522fbb4914d47472423eac5db Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-07http_server: add timer wheel for session cleanupFlorin Coras1-29/+141
Change-Id: I494a6a7f4818a224376ec9150cff3872a3aec659 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-07crypto: coverity issuesDamjan Marion1-1/+1
Change-Id: I9db1b74097c9df587b9265b14a969d347bcb731a Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-06Pipe: fix double count on TX (TX counting is done in interface-output)Neale Ranns1-11/+1
Change-Id: I550313a36ae02eb3faa2f1a5e3614f55275a00cf Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-05session: fix app name formattingFlorin Coras1-2/+2
Change-Id: Iea88ce5f6628e131e507ba45a3dbb2de7e6c1498 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-05fix pcap_trace cli output issueJack Xu1-2/+4
Change-Id: Ia2be56e198c960788430705b356170f8cc12c450 Signed-off-by: Jack Xu <jack.c.xu@ericsson.com>
2019-04-05IPSEC: punt reasons; SPI=0, no-tunnelNeale Ranns5-13/+155
Change-Id: If76992e283a27fa193a6865257ab3aa764066e48 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-05tcp: do not delete session on establish popFlorin Coras5-31/+59
Also: - force reset if wait close pops in fin-wait-1 with unsent data - adds more event logging. Change-Id: I4ddada046214fa71e17514cdec57b3026f84a283 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-04session: fix http server rpc to mainFlorin Coras1-8/+9
Change-Id: I3e3820da5a9de97070bceecd3ea53b5351654319 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-04tcp: properly validate acks between snd_nxt and una_maxFlorin Coras1-2/+4
Change-Id: I37af3cb5fe3fe8556acbf8350f88663dca9ca8a9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-04ipsec: trunc_size -> icv_sizeDamjan Marion9-15/+15
Change-Id: Idb661261c2191adda963a7815822fd7a27a9e7a0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-04crypto: pass multiple ops to handlerDamjan Marion1-6/+41
Change-Id: I438ef1f50d83560ecc608f898cfc61d7f51e1724 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-04tcp: shorten wait in fin-wait-1 with fin rcvdFlorin Coras3-9/+18
Change-Id: Ifddc32ab3da0e691ac3df74ff26e19f6fa00fef7 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-03lacp: passive mode support [VPP-1551]Steven Luong1-1/+28
By definition, passive mode means the node does not start sending lacp pdu until it first hears from the partner or remote. - Rename ptx machine's BEGIN state to NO_PERIODIC state. - Put periodic machine in NO_PERIDOIC state when the interface is enabled for lacp. ptx machine will transition out of NO_PERIODIC state when the local node hears from the remote or when the local node is configured for active mode. - Also add send and receive statistics for debugging. Change-Id: I747953b9595ed31328b2f4f3e7a8d15d01e04d7f Signed-off-by: Steven Luong <sluong@cisco.com>
2019-04-03IPSEC: correctly size per-thread dataNeale Ranns1-1/+1
Change-Id: Idfc05cd0e09b50a26eaf747b7c49f720b009159a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-03virtio: Add support for multiqueueMohsin Kazmi7-88/+493
Change-Id: Id71ffa77e977651f219ac09d1feef334851209e1 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-04-03IPSEC: show CLI improvementsNeale Ranns4-31/+208
Change-Id: I48a4b0a16f71cbab04dd0955d3ec4001074b57ed Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-03GBP: iVXLAN reflection checkNeale Ranns3-4/+26
packets should not egress on an iVXLAN tunnel if they arrived on one. Change-Id: I9adca30252364b4878f99e254aebc73b70a5d4d6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-03session: fix cli for sessions in created stateFlorin Coras1-1/+2
Change-Id: Ie154afdc20000b905ff71e39823154db4d23eea4 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-03session: do not enable pre-input node with 0 workersFlorin Coras1-0/+3
Change-Id: I5c9e27b664ff1a8a74a6c1388f98af63571db7a5 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-02session: remove session logic from io rx evt senderFlorin Coras1-6/+1
Change-Id: I54fff6986ea6455aff25e0cf1b83117860859e10 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-02session: use app cb function wrappersFlorin Coras6-20/+19
Change-Id: I77ad9eb4d4c7699397aa4be6a973ef37c60db4c5 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-02tcp: improve rcv process ack processingFlorin Coras6-69/+87
- Avoid doing cc in closing states. - Rest connections closed with unread data Change-Id: I97d46b0459f03ea5439eeb0f233b6c17d3e06dfd Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-02lisp: use crypto lib instead of openssl directlyFilip Tehlar1-25/+43
Change-Id: I9667ed16939dede55b24959045737742d1c7c449 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-04-02IPSEC: tunnel scaling - don't stack the inbould SANeale Ranns4-19/+15
Change-Id: I0b47590400aebea09aa1b27de753be638e1ba870 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-02IPSEC: remove pointless feature orderingNeale Ranns1-4/+2
Change-Id: Ic1b657794d23cb4d1664fc749ad2468339e376df Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-29SPAN: Add pending frame on current thread, not on mainIgor Mikhailov (imichail)1-6/+5
Previously, all frames were put for next node on the main thread, even if the execution was happening on a worker thread. Also, refactor to use API function vnet_get_main() Change-Id: Ibefb1b3871563a78aa30352a37b9216537e15bf7 Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
2019-03-29Minor bug fixesDave Barach1-7/+21
Drop the session reader lock across vlib_process_suspend(...) calls. Fix the debug CLI command. Change-Id: Ic0266dda1fdfa90971f2cb935248941317c01205 Signed-off-by: Dave Barach <dave@barachs.net>
2019-03-29IPSEC-GRE: fixes and API update to common types.Neale Ranns18-158/+139
Change-Id: Icdcbac7453baa837a9c0c4a2401dff4a6aa6cba0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-29Integrate first QUIC protocol implementationNathan Skrzypczak6-3/+31
Currently supports on single stream exposed through standard internal APIs Based on libquicly & picotls by h2o Change-Id: I7bc1ec0e399d1fb02bfd1da91aa7410076d08d14 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-03-29BVI: coverity error fixNeale Ranns1-1/+1
Change-Id: Idc1e1747035638777240b7ea9afcf675b22be7f1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-29ipsec: esp-decrypt reworkDamjan Marion4-210/+306
Change-Id: Icf83c876d0880d1872b84e0a3d34be654b76149f Signed-off-by: Damjan Marion <damarion@cisco.com>