aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2024-08-13tls: add basic tls record parsersFlorin Coras3-0/+532
Type: improvement Change-Id: Ia6a9f69b787950e3dbffd13ae577e499d6d2f55f Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-08-13session: problem in session_rules_details APISteven Luong1-0/+4
Backend needs to return protocol to indicate if the prefix is ip4 or ip6. Type: fix Change-Id: If827c2e8b2a58051298968fa4d69de71ce9c4fcc Signed-off-by: Steven Luong <sluong@cisco.com>
2024-08-06session: memory leak in show session rulesSteven Luong1-6/+9
Need to vec_free ns_id whenever we return in the function show_session_rules_command_fn in case memory was allocated to it. Type: fix Change-Id: Ifc38d3eb2756a8a128467dd40ad40fe3f0be8fc0 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-08-06session: session_lookup_local_endpoint returns the wrong valueSteven Luong1-1/+1
SESSION_INVALID_INDEX is u32. The function is supposed to return u64. The caller of the function tests the return value to see if it is SESSION_INVALID_HANDLE in ct_session_connect. If it is not, it thinks it is a valid handle and calls listen_session_get_from_handle which causes a crash. Type: fix Change-Id: I4ede6b2dfb95259f3a6071cfa3a77ce0d9cd9edd Signed-off-by: Steven Luong <sluong@cisco.com>
2024-08-01tcp: add establish timer pops to statsAritra Basu2-13/+19
Type: improvement Change-Id: Ibc1e391356cef415b992b65c00f3d365fc97386d Signed-off-by: Aritra Basu <aritrbas@cisco.com>
2024-07-31ip6: set buffer->error in ip6_input_checkOle Troan1-32/+34
When packets are dropped and this field is not set, then trace shows the packet being dropped by the null-node instead of the correct reason. Type: fix Change-Id: I3ed9186285d0db7fa6a1e5b739a28ee625968f30 Signed-off-by: Ole Troan <otroan@employees.org>
2024-07-29tcp: fix typo in show tcp config CLI commandAritra Basu1-2/+2
Type: fix Change-Id: I844539af3a283c8ec12498dbfd4857b8b533d7c1 Signed-off-by: Aritra Basu <aritrbas@cisco.com>
2024-07-27tcp: CLI command to print tcp_cfgAritra Basu1-0/+68
Type: improvement Change-Id: Ie8f6ddc96fd3f5d44827ace834f8f6baa330d37d Signed-off-by: Aritra Basu <aritrbas@cisco.com>
2024-07-26tcp: improve tcp listener CLIAritra Basu3-0/+18
Type: improvement Change-Id: I11dc43bdf65cecfa5c48ac734a4727b377023c80 Signed-off-by: Aritra Basu <aritrbas@cisco.com>
2024-07-24session: delete and add application namespace do not create the global ↵Steven Luong4-65/+56
session table When an application namespace is added, we call session_table_is_alloced to see if we need to allocate a new session table. That check returns true even if we removed the session table. The fix is when we delete an application's global session table, we need to invalidate fib_index_to_table_index. Fixed test_vcl test script to run two tests back to back. The 1st test deletes the application namespace at the end. The 2nd test adds the application namespace in the beginning. Type: fix Fixes: 67bae20b05cb46e5f6d19afeaf1f7a52a5309d59 Change-Id: I67f5cc1b726a07659597a9479df011717db08d0a Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-23ip: crash in ip4_sas_commonlenSteven Luong1-0/+2
ip4_sas_commonlen may be called with null a2 argument from ip4_neighbor_advertise -> ip4_sas_by_sw_if_index. If a1 or a2 is null, there is no common length, shortest mask between a1 and a2, return 0 instead of crashing. Type: fix Change-Id: I307509ee7dedafac76d8877a1ef76ab8bbafef59 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-19session: show session rules does not display ip6 entriesSteven Luong1-6/+33
1. Adding an ip6 rule entry session rule add proto tcp ee80::/10 0 ee80::/10 0 action 2 2. show session rules does not display the entry. show session rules tcp 3. However, show session rules for a specific entry shows the entry show session rules tcp ee80::/10 0 ee80::/10 0 Type: fix Change-Id: I65c881665d3698a2a9452a186ed657eee0bf13e0 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-19ipsec: fix integer overflowFan Zhang1-1/+1
Type: fix Coverity issue: 394440 Change-Id: I915a088145ee1317a7c8746b517f4af50323aa11 Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
2024-07-18pg: fix pcap packet type when writing pcap fileDave Wallace2-1/+16
- fixes incorrect pcap packet type for packet generator interfaces configured in ip mode. - corrects pcap file decode for pg output files - fixes scapy versions > 2.4.3 which now appear to use the packet type in the pcap file header which had been ignored in earlier versions Type: fix Change-Id: Idb1e3f8fbc7ca938fb5d2aaa72365e333c0ea2e9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-07-18vnet: print Success for API errno 0 instead of UNKNOWNKlement Sekera1-0/+4
Type: improvement Change-Id: I8c5bfc82c1db1213eb43072853f8500ce1d2ee92 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-07-17session: memory leak on rule tagSteven Luong1-0/+1
Type: fix Change-Id: If07a6a420d467e6305f166ed250f84befe9f983d Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-16session: memory leaks on rule tag hash tablesSteven Luong1-0/+3
Type: fix Change-Id: Id8542ad74389eca4cc7903cd455f556743a5e0cf Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-16tls: track app owner of transport sessionFlorin Coras2-1/+4
Allow other apps to own transport sessions for tls. Type: improvement Change-Id: Ida04cef1dc49acb7117cbed8657e26890bf43d2a Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-07-15session: crash in session_rule_add_del if session is not enableSteven Luong1-0/+7
Invoking the API session_rule_add_del to add a rule causes VPP to crash if session is not enable. Type: fix Change-Id: If8de83f1064bc60d20461e87889b7c3393ad2af1 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-15session: application namespace may reference a deleted vrf tableSteven Luong1-5/+68
lock the vrf table when adding an application namespace and unlock the vrf table when deleting an application namespace. Free the session table when no more application namespace uses it anymore to avoid memory leaks. Type: fix Change-Id: I10422c9a3b549bd4403962c925e29dd61a058eb0 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-12fib: fix covered_inherit_addMaxime Peim1-2/+6
When a FIB entry has multiple sources installed by covering inheritance, the first walk installs the covering source, which can be worse than the already used one (hence the source is not activated). If a covering path is added and a new fib cover walk is done, the deactivated source is compared to itself. This operation calls for a reactivation of the source which was not activated in the first place. Type: fix Change-Id: I2639401bed14eb5a2cb003664c04d6c1f9130de9 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-07-12ip6: fix icmp error on check failMaxime Peim1-83/+62
Avoid to do fixup either if TTL or MTU check fails. It rewrites the icmp header copied in case the ip6-icmp-error ran before. Type: fix Change-Id: If043d1cae35c41ebf70ba979883119604bee883d Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-07-12fib: improve ipv6 fib scalingBenoît Ganne4-406/+203
VPP IPv6 FIB relies on 2 bihash for all its VRFs: 1 for control plane and one for data plane. Because of that, control plane VRF walks time grows with the number of VRFs as it has to go through all the VRFs. In order to improve control plane performance with large number of VRFs, the control plane data structure is changed from a global bihash to a per-VRF hashtable, similarly to IPv4. Contrary to IPv4, there is only 1 hashtable per VRF and not 1 hashtable per prefix-length per VRF, which is a compromise between memory consumption and single VRF scaling. Type: improvement Change-Id: Ib738a44adb88e46c95c4c62c853ee1f1392c7187 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-07-12fib: make mfib optionalBenoît Ganne6-19/+131
In some cases we do not need multicast support. Making it optional helps scaling to high number of VRFs, by reducing the control plane operations and memory consumption. Type: improvement Change-Id: Ib34ed3fe2806e2f4624981da4e4a3c49c69f70be Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-07-12fib: log an error when destroying non-empty tablesBenoît Ganne4-12/+12
Destroying a non-empty fib table can lead to difficult to diagnose bugs, like dandling fib entries preventing entries to be inserting to the mtrie. Always log an error to help diagnose those issues. Type: improvement Change-Id: I2c771a80595035b440931b74cca4429af22161a2 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-07-10session: deleting an application namespace cleaning up the wrong applicationSteven Luong1-1/+1
We call application_namespace_cleanup to remove the application which has a reference to the application namespace when deleting an application namespace. When we find the matching application namespace, we queue the ns_index instead of app_index to look for the application. This may lead to a crash. Type: fix Change-Id: I89c7f8d1681b4c7c1bcb16641217230a26dbe582 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-07-09tls: refactor vft functionsn to allow for reuseFlorin Coras3-140/+152
Type: refactor Change-Id: I3d7ff64e2e54b113f8d4b26f2dbf5b9c67b80976 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-07-08session: add api to program rx io evtsFlorin Coras2-0/+17
Type: improvement Change-Id: I5a4a33604ecb8a29ef6932cc5826835d3bec7f23 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-07-08session: improve enable and disable handlingFlorin Coras7-16/+33
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3c79d16f6a19767d990e8a4683c296219b559ccd
2024-07-08session: handle multiple attempts to mark mq congestedFlorin Coras1-2/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iadc6ec58f5fc7fbff62e4fd31d509557b60395cb
2024-07-02session: session disable crash if not enableSteven Luong1-1/+2
If session is not enable, type in the CLI session disable cause VPP to crash. Type: fix Change-Id: Ib55b7430b7ce521a40025d58fa18b765f5129fd5 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-06-28session: memory leaks on various transports when session disable and enableSteven Luong2-3/+13
When toggling session disable and enable, memory leaks found on various transports. Don't create the timer wheels on enable when they are already creaded. Don't create the spin locks when they are already created. Add session enable disable test in session unit test. Type: fix Change-Id: I08988a96bbf2d67a67c743b50b63f5b1e27402a3 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-06-25dev: move bus code to bus/Damjan Marion3-2/+12
Type: refactor Change-Id: If3a195f1ea600bfd621717f333af1b1273ab0807 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-06-25session: memory leak in mma rule tableSteven Luong1-0/+3
When the rule table is allocated, the root node is allocated. But it cannot be deleted by the add_del API, or the table is useless. When the table is free, the root node is not free and there is memory leak. Let's add pool_flush when the rule table is free. Type: fix Change-Id: I58c3e040cd101c7db501d99a373ad78d85321b8f Signed-off-by: Steven Luong <sluong@cisco.com>
2024-06-25ipsec: enable ipv6 udp checksum offloadJeff Shaw1-0/+33
RFC6935 section 5 states that, by default, the UDP checksum must be computed when originating an IPv6 UDP packet. The default behavior may be overridden when conditions defined by RFC6936 are satisfied. However this implementation does not satisfy all the conditions so the checksum must be computed. After ESP encryption the packet is an IPv6 UDP packet so set the l3_hdr_offset and l4_hdr_offset values, and set the UDP_CKSUM offload flag in the buffer. Type: improvement Co-authored-by: Cian Ferriter <cian.ferriter@intel.com> Change-Id: I9f8c434c9fe9dbddd8890d5ae366984bfcf34067 Signed-off-by: Jeff Shaw <jeffrey.b.shaw@intel.com>
2024-06-24ip: mark IP_ADDRESS_DUMP as mp-safeVladislav Grishenko1-0/+2
Since main thread is the only one thread that can modify address hash, avoid barriers while IP_ADDRESS_DUMP api calls. Type: improvement Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I9c35400bdef9fb08e81d859c8f2e3bdaa5468f4b
2024-06-20ip6: fix ip6-michain trace functionMaxime Peim1-1/+1
Type: fix Change-Id: I3a5c04b14bf1156376e2acece69f8256d00f261a Signed-off-by: Maxime Peim <mpeim@cisco.com>
2024-06-19fib: fix ip drop path crashesDmitry Valter1-0/+4
Do not mark drop paths as imported to avoid crashes on invalid table lookup. ``` vpp[8478]: /build/Vpp2310/source/src/vnet/fib/fib_table.c:35 (fib_table_get) assertion `! pool_is_free (ip4_main.fibs, _e)' fails #9 0x00007ff21785da1d in _clib_error () from /lib/x86_64-linux-gnu/libvppinfra.so.23.10 #10 0x00007ff218087698 in fib_table_get (index=4294967295, proto=FIB_PROTOCOL_IP4) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:35 #11 0x00007ff218087a37 in fib_table_lookup_exact_match (fib_index=4294967295, prefix=0x7ff0eae0d354) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:100 #12 0x00007ff2180bc938 in fib_attached_export_import (fib_entry=0x7ff0eceac3e0, export_fib=4294967295) at /build/Vpp2310/source/src/vnet/fib/fib_attached_export.c:264 #13 0x00007ff218098ade in fib_entry_post_flag_update_actions (fib_entry=0x7ff0eceac3e0, old_flags=FIB_ENTRY_FLAG_NONE, new_fib_index=4294967295) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:624 #14 0x00007ff218098b90 in fib_entry_post_install_actions (fib_entry=0x7ff0eceac3e0, source=FIB_SOURCE_API, old_flags=FIB_ENTRY_FLAG_NONE) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:674 #15 0x00007ff218098cce in fib_entry_create (fib_index=1, prefix=0x7ff0d3244d80, source=FIB_SOURCE_API, flags=FIB_ENTRY_FLAG_NONE, paths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:712 #16 0x00007ff218088db4 in fib_table_entry_update (fib_index=1, prefix=0x7ff0d3244d80, source=FIB_SOURCE_API, flags=FIB_ENTRY_FLAG_NONE, paths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:799 #17 0x00007ff2180c026c in fib_api_route_add_del (is_add=1 '\001', is_multipath=0 '\000', fib_index=1, prefix=0x7ff0d3244d80, src=FIB_SOURCE_API, entry_flags=FIB_ENTRY_FLAG_NONE, rpaths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_api.c:485 #18 0x00007ff217d4b6dd in ip_route_add_del_t_handler (mp=0x7ff0eb08b998, stats_index=0x7ff0d3244dc8) at /build/Vpp2310/source/src/vnet/ip/ip_api.c:718 #19 0x00007ff217d4b986 in vl_api_ip_route_add_del_t_handler (mp=0x7ff0eb08b998) at /build/Vpp2310/source/src/vnet/ip/ip_api.c:789 ``` Type: fix Fixes: 4b08632748727486e7ebfdcf4d992743595bc500 Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Change-Id: I647899533771c35f44c9ecde517a30f111b36ad9
2024-06-17vnet: move format_vl_api_address_union() from vpp to vnetBenoît Ganne2-0/+16
format_vl_api_address_union() is used by vnet, creating a linkage dependency from vnet to vpp. Type: fix Change-Id: I298a90d521e51b7527ef140d66130062824e1d16 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-06-14tcp: make syn-rcvd timeout configurableFlorin Coras4-1/+9
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic89570315a5c3c00e0e89c5535929313916869eb
2024-06-13vnet: export header files to build the pluginsDau Do1-0/+2
Type: improvement Change-Id: I86e8616a134829a66a9c9bb4313bbf95f835e7c0 Signed-off-by: Dau Do <daudo@yahoo.com>
2024-06-12session: fix ho cleanup on forced resetFlorin Coras1-1/+2
Avoid double free if app forces reset while half-open is cleaning up. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2311fb763076aa8a263c193f5967793402eedb6a
2024-06-12session: fix ho cleanup on active and passive closeFlorin Coras1-2/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9e7011ff45f14e17fc0d0d63800184f404c29093
2024-06-12ipsec: move ah packet processing in the inline function ipsec_ah_packet_processvinay tripathi1-138/+157
This inline function is introduced to simplify code readability and consolidate AH packet processing in separate API. Type: improvement Change-Id: Id98074d00aba277fed714ea9995655c9e84ec83b Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com>
2024-06-12ipsec: Add option to configure the hand-off worker queue sizeDau Do6-26/+34
Type: improvement Change-Id: I252951d3ec01497c049ca0ffb7cb42aaf2efb965 Signed-off-by: Dau Do <daudo@yahoo.com>
2024-06-11dev: add port and queue counter clear operationMonendra Singh Kushwaha2-5/+18
Type: feature Change-Id: Ibd876c5251fc2f9d87816d235fff2de22be4b21c Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-06-10vlib: fix gdb_show_traces()Benoît Ganne1-32/+32
When using gdb_show_traces() in debug mode, don't assert if workers are not parked, as it is typically called from gdb. Type: fix Change-Id: Iabf175d96dc152da4d1abfbce9ccc9020d0b5d61 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-06-10dev: fix counter_start in counter clear routineMonendra Singh Kushwaha1-1/+1
This patch fixes counter_start value, as it should hold the cumulative counter value whenever counter clear routine is called. Type: fix Fixes: 38c619115b Change-Id: I50bf8ddcde419caf1170dfacdea03ff3d93a3327 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-06-04ipsec: fix missing udp port checkFan Zhang1-8/+7
Type: fix This patch fixes the missing UDP port check in IPsec NAT-T case. As of RFC3948 UDP encapped ESP traffic should have destination port ID of 4500, which was missing. The related tests are updated with this port ID, too. Change-Id: I73ecc6a93de8d0f4b642313b0f4d9c2f214a7790 Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
2024-06-03ip: add support for drop route through vpp CLIMohsin Kazmi2-1/+7
Type: improvement Change-Id: Ib822f36ff7b3ecda162fc99bf3892f912d0649f0 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>