Age | Commit message (Collapse) | Author | Files | Lines |
|
After the clib_socket_init syntax changed, the behavior of VCL
socket creation was broken. This patch introduces app_namespace_add_del_v4
to address the behavioral change.
Type: refactor
Change-Id: Ice016bdb372233fd3317f166d45625e086e9b4df
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: feature
- Added multiarch support for AMD Zen architectures
Change-Id: I65d3fe94b6cc622ebecbe1ac803efa674e87c87a
Signed-off-by: Sivaprasad Tummala <sivaprasad.tummala@amd.com>
|
|
Change-Id: Ie7ee71af7dbbc23de3f413423070ea87fb36ed8c
Type: fix
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I0469bb91107cf0acced3cd19820db8d3712701c0
Type: fix
Fixes: eaabe07
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: feature
- Added support for AMD EPYC processor family
Change-Id: I60da87cca429117c209d240e5a5f3b4d9f4981d8
Signed-off-by: Sivaprasad Tummala <sivaprasad.tummala@amd.com>
|
|
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: Ic170464d7c63f243e7e676567d41d800647ebec3
|
|
for testing purposes, disabled by default
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: Id616e2b3b21ae0f0b44e2b55ecefd501afacc7f2
|
|
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I45cef390c72f2102c8c3d94f49bed7d0e0e0d7b2
|
|
Change-Id: I0eeccfc5739276d58a81a6552a043c6c105fe67a
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I4f05a0435825cd23b8ad8a6f8f1397e60c522319
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Ie9661792ec68d4ea3c62ee9eb31b455d3b2b0a42
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- crypto code moved to vppinfra for better testing and reuse
- added 256-bit VAES support (Intel Client CPUs)
- added AES_GMAC functions
Change-Id: I960c8e14ca0a0126703e8f1589d86f32e2a98361
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Using pre-shared keys is usually a bad idea, one should use eg. IKEv2
instead, but one does not always have the choice.
For AES-CBC, the IV must be unpredictable (see NIST SP800-38a Appendix
C) whereas for AES-CTR or AES-GCM, the IV should never be reused with
the same key material (see NIST SP800-38a Appendix B and NIST SP800-38d
section 8).
If one uses pre-shared keys and VPP is restarted, the IV counter
restarts at 0 and the same IVs are generated with the same pre-shared
keys materials.
To fix those issues we follow the recommendation from NIST SP800-38a
and NIST SP800-38d:
- we use a PRNG (not cryptographically secured) to generate IVs to
avoid generating the same IV sequence between VPP restarts. The PRNG is
chosen so that there is a low chance of generating the same sequence
- for AES-CBC, the generated IV is encrypted as part of the message.
This makes the (predictable) PRNG-generated IV unpredictable as it is
encrypted with the secret key
- for AES-CTR and GCM, we use the IV as-is as predictable IVs are fine
Most of the changes in this patch are caused by the need to shoehorn an
additional state of 2 u64 for the PRNG in the 1st cacheline of the SA
object.
Type: improvement
Change-Id: I2af89c21ae4b2c4c33dd21aeffcfb79c13c9d84c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
RPM build errors:
error: Installed (but unpackaged) file(s) found:
/usr/bin/test_infra
Add NO_INSTALL tag in CMakeLists to avoid installing test binary.
Type: fix
Fixes: c3542e17b5df ("vppinfra: widen the scope of test_vector_funcs")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I359ba79af2e3cb32b47dda3bb8707a5d2fd8586b
|
|
Using clib_bitmap_vec_validate makes free bitmap vector
to be x64 times bigger (assuming x86_64) than necessary
when non-zero and possible oom due (u32)(0 - 1) math with
zero alloc.
Fix it with clib_bitmap_validate which takes bit size, not
index and ensure at least one bit is allocated.
Type: fix
Change-Id: I7e191f4e2fb3722a06bb800e1d075f7c7e2dcec9
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
|
|
In a case where one pounds on a single kvp in a KVP_AT_BUCKET_LEVEL
table, the code would sporadically return a transitional value (junk)
from a half-deleted kvp. At most, 64-bits worth of the kvp will be
written atomically, so using memset(...) to smear 0xFF's across a kvp
to free it left a lot to be desired.
Performance impact: very mild positive, thanks to FC for doing a
multi-thread host stack perf/scale test.
Added an ASSERT to catch attempts to add a (key,value) pair which
contains the magic "free kvp" value.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I6a1aa8a2c30bc70bec4b696ce7b17c2839927065
|
|
Type: refactor
Change-Id: I3d0c57b82e5bdb4575c1ca13e463685fd11b7f11
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Ibc40a02c8c45fc8d9409c9a86fea7aaf70d9c048
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Iac1b3a66176c9a38a161246159140f30a1c168da
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: test
Change-Id: Id96448ba3ab69a5b22dfc27812fc17194136b969
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Location changed and binary renamed to test_infra
Also it is built by default.
Type: improvement
Change-Id: I27cd97f274501ceb7a01213e2bc9676cea00f39c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Used on intel client CPUs which suppport VAES instruction set without
AVX512
Type: improvement
Change-Id: I5f816a1ea9f89a8d298d2c0f38d8d7c06f414ba0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I64ca5bd3a959190111f61c5311a908d242c10bad
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Fix the typo in the intrinsic name, which caused incorrect intrinsic to be used.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ib7fde14d12897e4d1bfb5a01f6d65025473e4f8e
|
|
Disabled by default..
Type: improvement
Change-Id: I36176c009e0873c048874ae38a7ea0a91449235c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Exploiting AVX-512 operations on avf_tx_prepare().
Type: improvement
Signed-off-by: Leyi Rong <leyi.rong@intel.com>
Change-Id: I01e0b4a2e2d440659b4298668a868d983f5091c3
|
|
Process 8 packets perf batch in vlib_buffer_free_inline() when
CLIB_HAVE_VEC512 is enabled.
Type: improvement
Signed-off-by: Leyi Rong <leyi.rong@intel.com>
Change-Id: I78b8a525bce25ee355c9bf0e0f651698a8c45bda
|
|
- allocates the memory trace spinlock independently from the main heap
- disable tracing on a per thread basis
- make sure we hold the memory trace spinlock when changing tracing
Type: fix
Change-Id: I7d84f22132abdc895343d447cd3a2c574786f58d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: If894b2b741d0d417a6fc458dda83ca1d8192385d
|
|
Pool's pool_put_will_expand() calls clib_bitmap_will_expand(),
so every put except ones that leads to free_bitmap reallocation
will get false positive results and vice versa.
Unfortunatelly there's no related test and existing bitmap
tests are failing silently with false positive result as well.
Fortunatelly neither clib_bitmap_will_expand() nor
pool_put_will_expand() are being used by current vpp codebase.
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Id5bb900cf6a1b1002d37670f5c415c74165b5421
|
|
When using memory traces it can take a long time to display all traces
bigger than 1k if there are lots of them, especially as we need to
resolve symbols.
It is better to display only the 1st 50 by default, unless verbose is
used.
Also fix the help string.
Type: improvement
Change-Id: I1e5e30209f10d2b05c561dbf856cb126e0cf513d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: Ida2d044bccf0bc8914b4fe7d383f827400fa6a52
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
The vector size must be increased before setting the element so that
AddressSanitizer can keep track of the accessible memory.
Type: fix
Change-Id: I7b13ce98ff29d98e643f399ec1ecb4681d3cec92
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Don't truncate with vec_set_len bytes before they can be used. When
built with ASAN, it these bytes are poisoned and trigger SIGSEGV when
read.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
Change-Id: I912dbbd83822b884f214b3ddcde02e3527848592
|
|
In clib_bitmap_set_region and clib_bitmap_set_multiple the index of
the last bit to set was off by 1. If this index was pointing to the
last bit of the bitmap, another uword would have been allocated,
even though it was unnecessary.
Moreover, in clib_bitmap_set_region, bits in the last word were not
properly set. Indeed, the n_bits_left value is wrong since n_bits
is not decreased by the number of already set bits.
Type: fix
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Change-Id: I8d7ef6f47abb9f1f64f38297da2c59509d74dd72
|
|
Type: improvement
Signed-off-by: aihua2013 <51931196@qq.com>
Change-Id: I22670f49abfb5d1fd728686fc7d65fb40ea6bda2
|
|
These functions do not need modifiable strings.
It helps with linker sections as well as C++ compatibility.
It is a good style to use const where approriate.
Type: refactor
Signed-off-by: void234@gmail.com
Change-Id: I8d1e922197b3594122296e8c1af57e0a8ec0bf3d
|
|
Type: fix
Signed-off-by: Liangxing Wang <liangxing.wang@arm.com>
Change-Id: I1f757abccd228b9e73f25c96754738c8e6bff259
|
|
serialize_get() -> serialize_write_not_inline(...) was losing track of
the current buffer index when it managed to empty the overflow vector
but had to turn around and use it again.
Test-case added to test_serialize.c.
This issue dates from 2010.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I024a03f7a50fd6df543ddbc7c45d85def4f1981d
|
|
Musl is stricter than glibc and has a warning that including fctnl.h and
poll.h should be prefered rather than their sys/ counterparts, which
breaks -Wall setups.
Type: fix
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Change-Id: Id101e999371951b0927cc8c4109f8f1536de1bc2
|
|
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Idbdfdf2d3fdbb64366f50d5a7458c4073a4f2746
|
|
Account for the potential of sysconf() returning -1 if it can not
get the page size and make it a fatal error.
Coverity: 277313
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I8cae6a35ec2f745c37f1fe6557e5fa66720b4628
|
|
Plugin checks just for AVX2 instruction set, while the v1.3 of IPsec
Multi-Buffer library checks for both AVX2 and BMI2 sets during init.
VirtualBox VM doesn't provide BMI2 by default to guest operating system.
Result is that VPP plugin decides to use AVX2 initialization and library
then doesn't do it. Since flush_job remains empty, the self-check fails
and with that the whole VPP crashes on start-up.
Type: fix
Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech>
Change-Id: I6b661f2b9bbe6dd03b499c55c38a9b814e6d718a
|
|
The current implmentation of the hash table is not thread-safe.
This design leads to a segfault when VPP handling a lot of tunnels for
Wireguard, where one thread modify the hash table and other threads
starting to lookup at the same time.
The fix add a local variable to store how many bits are used by a user
object.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: Iecf6b3ef9f308b61015c66277cc459a6d019c9c1
|
|
fixes coverity 282527
Type: fix
Fixes: fecb2524ab
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I9ac72c3802e66369a8f24c92451e33f22c058f24
|
|
Type: fix
fixes: 561ae5d
Change-Id: I0d98f5b43bc9ab5d31463b285177a11a10b864d2
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
This patch adds SCTP support in the CNat translation primitives.
It also exposes a clib_crc32c_with_init function allowing to set
the init value to start the crc32 with instead of 0.
Type: feature
Change-Id: I86add4cfcac08f2a5a34d1e1841122fafd349fe7
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: improvement
Change-Id: I3fbbda0378b72843ecd39a7e8592dedc9757793a
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
When checking for CLIB_SANITIZE_ADDR to enable specific behavior for
AddressSanitizer, we must have vppinfra/clib.h included as it is defined
there.
Type: fix
Change-Id: I9060c3c29c1289d28596c215a1d1709b2ea7c84e
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: Idf1fb054d5ff495d772d01a79cbc6cd1b409d377
Signed-off-by: Damjan Marion <damarion@cisco.com>
|