Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
Change-Id: I7972f595444eacdb020f3fa2a60331c40766fc0b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch prevents the sw interfaces format
function to fail when the interface was deleted.
It also prints the swifindex alongside the 'DELETED'
keyword.
Printing deleted swifindex should not happen, but it is still
helpful to have these safeguards for troubleshooting in the case
invariants get corrupted (e.g. fib entry refcounts, ...)
Type: improvement
Change-Id: I66711049db2eebe0ad17e37c3a260ac81d1e5134
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
The hit_count does not implement the corresponding processing logic, and here the missing is fixed
Type: fix
Fixes: missing
Change-Id: I04a8e11d6b48c2a15c371cbeb2467fa89a9d82bb
Signed-off-by: yanlong <dyl_wlc@163.com>
|
|
Type: improvement
Change-Id: I2acab04ddb6a46a637ed17c683fb37ed7bce3df6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Coverity report.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3ce06634b30688d2a9581b50d462092daa8b4cac
|
|
Type: fix
Change-Id: I982ef624226807d7c263e3ff83c108f7d31f61f1
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
|
|
Checkstyle also forces the new indentation.
Type: fix
Fixes: ddf6cec37027547ff7cc61e15bb8080664d41514
Change-Id: Ife96928d6ca30ba94e1c423d557d6ed9d68eca2b
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
With socket api, applications should not expect reply after worker del
msg. VCL in particular closes the socket after it enqueues the message.
Found by ASAN.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1be02a0cde6b96a96edb709f3fe30bbc01ff2d24
|
|
We might have less than 1 mss when attempting write but more after
write, as application could be actively enqueuing more data. Relax
assert.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I54a83c4460f8e022a88758f0ebd7828df711dbb9
|
|
Type: fix
Fixes: 38c6191
Change-Id: I7760947986dc56236f2494fb1c8c238321489ef6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
During recovery, send unsent data even if less than mss available as
application is not guaranteed to provide more.
This should speed up recovery when all data in flight was lost.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7a3c73a0d04d93d51a5910d85450c173c3ad8e93
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2925134cfcfa36c14b3b69efa892b9b96fce2e6f
|
|
fix asan failure when params number is less then 3:
functions that are set as format_half_open pointer values have
different number of arguments
Type: fix
Fixes: de9a849a18514f0b09bb5f57a73f6a57ee425c76
Change-Id: I6b6e1adf4ffc0c1ec847613f00fe269af640d42b
Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
|
|
Properly set type
path->fp_type = FIB_PATH_TYPE_SPECIAL
for paths with (path->fp_cfg_flags & FIB_PATH_CFG_FLAG_DROP)
Type: fix
Change-Id: Id61dbcda781d872b878e6a6410c05b840795ed46
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
|
|
When a periodic BFD packet cannot be sent because the interface is
disabled, the allocated buffer needs to be freed. This currently will
occur for IPv4 sessions. However, buffers will leak for IPv6 sessions as
in this case, bfd_transport_control_frame() and bfd_transport_udp6()
will not indicate failure.
With this fix, stop always returning success in bfd_transport_udp6() and
start returning the actual return value.
Type: fix
Change-Id: I5fa4d9206e32cccae3053ef24966d80e2022fc81
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: improvement
Change-Id: Ia8d7cd6ff9b1449d986d514d9556cbf803deb670
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I9ecbf705d460a1744f36c7005b08097dc58d9522
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Fixes: 69768d9
Change-Id: Iafd3a55634583f2799a81c477ccbf5e53b6f29d0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Make sure ct client segment handles do not collide if multi worker
application establishes cut-through sessions to only one server segment
manager.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I905379f9ed73c64d57a826a3e97d53dab3a87517
|
|
The previous change made CSIT virtio tests fail,
but those tests are not part of trending.
Ticket: VPP-2088
Type: fix
Fixes: a181eaa59bb2ff2784376918e95bbf92e5340db1
Change-Id: If0439a030c051894e07007da9cf0a2e4dc1434c3
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I96bff47206ef64ea7369ae92e1b9ff1f74dfd71b
|
|
Apps may drain fifos prior to handling of accept notification, e.g.,
vcl session relying on epoll lt mode.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7d105d35a6bf33c419f4f137a5132e6a5d294fe7
|
|
Type: fix
In esp_encrypt_inline(), an index and pointer to the last processed SA
are stored. If the next packet uses the same SA, we defer on updating
counters until a different SA is encountered.
The pointer was being retrieved, then the SA was checked to see if the
packet should be dropped due to no crypto/integ algs, then the index was
updated. If the check failed, we would skip further processing and now
the pointer refers to a different SA than the index. When you have a
batch of packets that are encrypted using an SA followed by a packet
which is dropped for no algs and then more packets to be encrypted using
the original SA, the packets that arrive after the one that was dropped
end up being processed using a pointer that refers to the wrong SA data.
This can result in a segv.
Update the current_sa_index at the same time that the sa0 pointer is
updated.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I65f1511a37475b4f737f5e1b51749c0a30e88806
|
|
Type: improvement
Change-Id: I74fb01061b4949d68ec39d0b7d08e6df8dc44b98
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I26124a50d8e05d6f01a2e6dbc4bc8183fb5a09c4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I922e216818b78f2fe7689c21a1d27d74a0ae28b8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Do not force cleanup of tcp half-open connection if tcp's cleanup
notification to tls is pending.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7bccbe8429a4aab10df1c89b66138b967e04ac19
|
|
- notify app on failed connect
- avoid cleanup of ctx before transport cleanup to be able to handle
pending rx notifications.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
|
|
In some anti-replay, some functions weren't using the boolean
telling if the window was huge or not. Hence, limiting the constant
propagation at compilation.
Type: fix
Change-Id: Ie5f2dda38339bb32113c6f7b2b82c82135fc92a8
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Make sure underlying transport connection is not removed on rescheduled
read event.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f
|
|
Change-Id: If380e4ab6ca30243137fd31fbe51845c0414721a
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I4a0578598182339bcf76e6b01da76b590a06f773
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
GCC 12 complains about such errors while the code itself looks good.
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: I021719fdbf7d9bd93a12eac76aeac8cbca13a810
|
|
Type: fix
Change-Id: I0de1c51455b0d3958c75ab5626a318ac656adbe7
Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
|
|
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I16b48460b3fcd82bbb89c375402cb2455414d8bb
|
|
Type: improvement
Change-Id: Ie6987736faf7d8a641762e276775da8ee0c03ea4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I9b9bb37a0895366b412f042b0e2da5bbdd477325
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Do not add ip header as that's added by tcp output and fix checksum.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9439acf5c66184af0350b1d4d7406b3feb2e79a1
|
|
Type: feature
Change-Id: I20c56e0d3103624407f18365c2bc1273dea5c199
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4001f39afde8c33b60c15f74034bcce013fbbf70
|
|
As long as ack and segment are legitimate accept ooo data as we
transition to established.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I85cdc65d70cb8ae689a9ce9bbe4f86228b1ac533
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I231b319d4d7aa3e17cc8cfe8aaa4762995a5b2c4
|
|
This fix differentiates UDP and UDP-encapsulated ESP packets processing.
While UDP-encapsulated ESP traffic is processed as IPsec traffic, UDP as
other plain-text protocols is NOT dispatched against SPD policies.
Key logic is taken from RFC 3948, and is based on the fact
that the checksum of UDP packet encapsulating ESP packet must be zero.
Type: fix
Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com>
Change-Id: Ib1b4d240eea8e89f2daf17ec833905f26cdb31bd
|
|
ipsec_esp_packet_process
This inline function is introduced to simplify code readability and allows to splitting of
UDP and ESP processing in the next step.
Type: improvement
Change-Id: Ida4d6abbed141ac74d4d285900777778eb8a5a1d
Signed-off-by: Vinay Tripathi <vinayx.tripathi@intel.com>
|
|
Type: improvement
Since RFC4303 does not specify the anti-replay window size, VPP should
support multiple window size. It is done through a clib_bitmap.
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: I3dfe30efd20018e345418bef298ec7cec19b1cfc
|
|
Type: fix
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Icdff3528fcaf863b400b9aca6c30d284bc17d5f0
|
|
Type: improvement
Change-Id: I2427e1a93e89e9a7ac884b84352b96cf523ae11e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
If an interface address is added, the glean adjacency for it's covering
prefix is updated with that address. In the case of multiple addresses
within the same prefix being added, the most recently added one will end
up being used as the sender protocol address for ARP requests.
Similar behavior occurs when an interface address is deleted. The glean
adjacency is updated to some appropriate entry under it's covering
prefix. If there were multiple interface addresses configured, we may
update the address on the adjacency even though the address currently in
use is not the one being deleted.
Add a new value PROVIDES_GLEAN to fib_entry_src_flag_t. The flag
identifies whether a source interface entry is being used as the address
for the glean adjacency for the covering prefix.
Update logic so that the glean is only updated on adding an interface
address if there is not already a sibling entry in use which has the
flag set. Also, only update the glean on deleting an interface address
if the address being deleted has the flag set.
Also update unit test which validates expected behavior in the case
where multiple addresses within a prefix are configured on an interface.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I7d918b8dd703735b20ec76e0a60af6d7e571b766
|
|
Check if crypto ops vector is matching actual ops instead if blindly
dereferencing it.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: Ib88ab44137d9360ee96228e72349a62b2fa7a7e0
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie01d7e8d6eddf3ba88f2cd6eb8369c8ec8179cb4
|