aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2022-04-08stats: fix vector overrun in expend checkDmitry Valter1-2/+2
Do not access allocated elements beyond the end of the vector. They are allocated, but not yet valid both logically (they are at best NULLs) and according to ASAN. Type: fix Change-Id: Iaf43767d6d3bd4c24c7c5a0ba9b3410bbeeb0556 Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru>
2022-04-08vppinfra: introduce clib_perfmomDamjan Marion11-216/+530
Type: improvement Change-Id: I85a90774eb313020435c9bc2297c1bdf23d52efc Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-08vppinfra: clib_interrupt_get_next reading unallocated memoryPaul Atkins2-1/+82
The clib interrupt structure has a couple of fields at the start of the cacheline, and then in the next cacheline it has a bitmap, which is then followed by an atomic bitmap. The size of the bitmaps is based on the number of interrupts, and when the memory is allocated the number of interrupts needed is used to size the overall block of memory. The interrupts typically map to pool entries, so if we want to store 512 entries then we store them in indices 0..511. This would then take 8 6 4bit words, so each bitmap would be this size when the struct is allocated. It is possible to walk over the end of the allocated data with certain sizes, one of which is 512. The reason this happens with 512 is that the check to see when to exit the loop is returning when offset is greater than the value needed to fit all the values. In this case 512 >> 6 = 8. If there had only been 511 entries then the size would have been 511 >> 6 = 7, and so it would have fitted in the space. Therefore modify the check to also check that we are not looking into the memory beyond what we have allocated in the case where the number of interrupt is one of the boundary values like 512. Also add a similar check first time round the loop as it is possible we could have ate same problem there too. Add a new test file to verify the new code works. The old version of the code made this test fail when run with the address sanitizer. Without the sanitiser it tended to pass because the following memory was typically set to 0 even though it was uninitialised. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I2ec4afae43d296a5c30299bd7694c072ca76b9a4
2022-04-08vppinfra: add bright colors to format_tableDamjan Marion2-2/+20
Type: improvement Change-Id: I21de21af6dea9e39df5e912e20e56d878a40659f Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-08api: Do not assert of short message lengthsNeale Ranns1-1/+0
Type: improvement Short message lengths are correctly handled by the code, asserting makes unit tests that verify this behaviour (e.g. test_ip_punt_api_validation) fail/crash with a debug image. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ib3a377e5d49fde0eee252b92f0e58a8a0d0d83ec
2022-04-07tls http: run config fns after init onesFlorin Coras2-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia4d8aaafeb3629f421601edffefe9c61c3e69dba
2022-04-07tls: fix session pool realloc on acceptFlorin Coras1-0/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I68ada775810bb4a4f280962a979605b211562a52
2022-04-07devices: add cli support for checksum and gso disableMohsin Kazmi5-20/+29
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I33a29cf11998736347eca5016eee112619d847c1
2022-04-06vppinfra: add vec_new_heap()Damjan Marion2-5/+15
Type: improvement Change-Id: Iab3d65b6276829ad1e522e66380d1797e37579b8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-06devices: add cli support to disable qdisc bypassMohsin Kazmi5-12/+39
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ie5f2bdb8fb559680bab863a7c24a49360e005b58
2022-04-06stats: avoid linear search for empty entryDamjan Marion3-10/+16
Type: improvement Change-Id: Ie4cdc6d8906da3d1cd18a8f1d7076283546d3003 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-06interface: unregister node counters on interface deleteDamjan Marion3-7/+21
Type: fix Change-Id: I2562ae5833b542c29bcd5025a9a6756e5de95a42 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-06vppinfra: add MAX macros for clib typesDamjan Marion1-0/+18
Type: improvement Change-Id: I1bca733d2a35733275efa46ee0a23bf572365c74 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-06vlib: clear frame flags on freeStanislav Zaikin1-0/+2
Type: fix Change-Id: If4a7ac244832ef72d82c71b0277bc110b9500537 Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
2022-04-05wireguard: prevent segfault on non-adj packetsJon Loeliger2-0/+7
An unexpected packet that shows up on a Wireguard interace that happens not to have a forwarding peer will cause a segfault trying to index the vector of peers by adjacency. Rather than segfaulting, recognize a non-adjacent packet and drop it instead. This leaves open the question of what _should_ be happening to, say, IPv6 multicast packets. Signed-off-by: Jon Loeliger <jdl@netgate.com> Type: fix Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88 Change-Id: Ic0a29e6cf6fe812a4895ec11bedcca86c62e590b
2022-04-05dpdk: macros changes for dpdk 22.03Dastin Wilski4-60/+62
New dpdk version deprecates some macros used by VPP. This patch changes them to 22.03 version. Type: improvement Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: Ic362ed318dc1ad88bb682ef13fbd6159171fbaef
2022-04-05dpdk: compatibility layer for dpdk 22.03 bumpDastin Wilski2-26/+87
New version of dpdk changes some macros names. This patch ensures VPP will be compatible with older dpdk versions. Type: improvement Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: I3d9736278e70064610a1dcad5f2d2f6eb26e0d4b
2022-04-05dpdk: fix max frame sizeDamjan Marion2-11/+11
Type: fix Change-Id: I70f9ec2eb6c9c1494a4ecd56e06898f6162a0e0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-05nat: nat44 cli bug fixFilip Varga5-42/+38
Two similar CLI paths "nat44" and "nat44 add interface address" caused unexpected behavior. If "nat44 add interface address" command would fail the vlib cli processing function would call "nat44" handler. This would also clean any previously set errors from the first command and basically return same error returned by "nat44" handler for every failed command that starts with the same path string. Fixes nat44-ed and nat44-ei plugin. Change-Id: I1aac85c8ae2932da582a2b78243521d1bf8a0653 Ticket: VPP-2021 Type: fix Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-05vppinfra: refactor address sanitizerDamjan Marion25-247/+121
Type: refactor Change-Id: I5ca142ec1557d5b5c3806b43553ad9d3b5ea1112 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-05tap: fix the coverity warningMohsin Kazmi1-1/+1
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I609fb28e58286ff490d12384b03dd713830379b3
2022-04-05devices: remove redundant code af-packetMohsin Kazmi2-23/+3
Type: refactor Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Id485f525057163582dc7a83f7dab7a8b2e759270
2022-04-05devices: fix the received blocks countersMohsin Kazmi1-5/+4
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: If7d9c94dcdc32fa66763e18bd3be7d28b2d17946
2022-04-05crypto-openssl: use getrandom to reseed opensslBenoît Ganne1-13/+8
Type: improvement Change-Id: I84d594d8baaf18056580455f3b2790d0f31b7b0f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-05vppinfra: use AVX512 compare for equality testingBenoît Ganne1-45/+59
This commit only update is_equal flavours to use _mm512_cmpneq_epi64_mask() but clang-format decided to also reformat the whole block. Type: improvement Change-Id: I530cf91e8bceaf15022556f803b27de4f8583217 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-05devices: fix the coverity warnings for af-packet v3Mohsin Kazmi1-9/+14
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ie647fb280831af23925c4b5f659f1dade6d37eff
2022-04-04vppinfra: make _vec_len() read-onlyDamjan Marion119-299/+300
Use of _vec_len() to set vector length breaks address sanitizer. Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead. Type: improvement Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04udp: use pool safe reallocsFlorin Coras3-81/+8
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5bd0b300af07424d1ce4807fa0b17e375001f089
2022-04-04tcp: use safe realloc poolFlorin Coras1-3/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8ba93643236aaa50eeb4755b74821a8c4ca6179b
2022-04-04interface api: restore order of context valueVratko Polak1-1/+2
vl_api_sw_interface_tx_placement_get_t_handler is autoendian. So (contrary to most other uses) the context is in native order there. Thus, send_interface_tx_placement_details needs to convert back before using REPLY_MACRO_DETAILS5 macro. Type: fix Fixes: 0d05c0d214ffd326e531bea58f3c971bb9a58252 Change-Id: I00a3734cafa66d7d76c7edaea526a1eae0448ad9 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2022-04-04tls: set client ckpair only for non-test ckpFlorin Coras1-13/+15
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7287e40ad95dfe061fd8a7b0e99921d5540e030d
2022-04-04tls: null terminate openssl chiphersFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5d4e68730a75337a2e532e72f366b62d6973235e
2022-04-04vlib: remove unused fieldsDamjan Marion4-25/+0
Type: refactor Change-Id: I449fcea92a1c96dd7dd0bcad893060ad1c614351 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04vlib: improve exec path searchDamjan Marion4-9/+35
Fixes VPP invocation with relative path, i.e.: $ bin/vpp unix interactive Type: improvement Change-Id: I0278710bb472b92e31389b2d28955c3d33550230 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04session: use session layer rpc for evts sent to mainFlorin Coras1-5/+9
Fix race with connects for iperf3 udp test. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ief725b80047911e87ba24736dc0a60aa8bcdac50
2022-04-04vlib: fix memory leak in load_one_pluginDamjan Marion1-0/+2
Type: fix Fixes: 500ba9f Change-Id: I32872a084276d9b38ff07cdccccb746c0212777f Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04vppinfra: fix alloc and alignment in fifoDamjan Marion2-45/+56
Type: fix Change-Id: Ia9f715f6074c72ff581fba1740273cfebe48c0f1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-04devices: add multi-queue support for af-packetMohsin Kazmi6-270/+571
Type: feature Change-Id: I0f4e6517fcfa07ffb0aba89b159ac1337937a508 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2022-04-04interface: read only one line in show hardwareVratko Polak1-9/+16
Type: fix Change-Id: I442496585fc24b7458535ad1a1d8db525c258540 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2022-04-03svm: Close client shm fdroot1-0/+1
Type: fix Signed-off-by: Emmanuel Scaria <emmanuelscaria11@gmail.com> Change-Id: I41bb6e16735b77efa744b0368eed7dfa9583e960
2022-04-01vrrp: add stats support and update APIEmanuele Di Pascale8-18/+643
Add simple counter statistics to VRRP, based on a subset of those defined in RFC8347. Add an update API that allows in-place modification of an existing instance. The method returns a vrrp_index which can be used both for retrieving statistics and to modify non-key parameters. Also add a delete method which will take that vrrp_index as parameter. Type: improvement Signed-off-by: Emanuele Di Pascale <lele84@gmail.com> Change-Id: I2cd11467b4dbd9dfdb5aa748783144b4883dba57
2022-04-01dpdk: fix vlan creation on ixgbeAlexander Chernavin1-1/+0
Type: fix VLAN programming is currently enabled for IXGBE. However, that is only supported for IXGBE_VF. With this fix, disable VLAN programming for IXGBE. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I37b1d0733988c964d2b0f5a49328effacec1cb6f
2022-04-01dpdk: fix coverity issueFan Zhang1-13/+4
Type: fix This patch fixes the following DPDK plugin issue: CID 253333: Control flow issues (DEADCODE) The change also includes some cosmetic changes for error handling. Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: I830020bc3ae9a508f3a905f78333fa3ae25ce784
2022-04-01session: leverage new pool functions in safe reallocFlorin Coras3-54/+50
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2c264c31d2470b11b94d68411fa8266387319146
2022-04-01nat: VRF routing & FIB improvementsFilip Varga8-281/+727
This patch affects how destination fib is choosen during session creation. Default behavior of choosing fib based on output interfaces is kept. Configuration gives you the ability to change default behavior to direct or restrict traffic between different FIB tables. NAT specific VRF routing options: a) keeping communication in the same VRF b) option to add multiple destination VRFs c) option to control the resolution order of destination VRFs TX FIB resolution is based on looking up RX FIB entry in NATs VRF table and picking the first FIB that resolves destination address. Ticket: VPP-2009 Type: improvement Change-Id: If500c48d7ce3466533ad9581c0847870788fc4fb Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01nat: nat44-ed cleanup & fixesFilip Varga7-1303/+645
Set deprecated option on unsupported API calls. Cleaned up API calls with deprecated option. Removed in progress option from long term used API calls. Removed obsolete/unused nodes, functions, variables. Fixed set frame queue nelts function. Calling API would incorrectly not fail even though frame queue nelts can only be set before first call nat44_plugin_enable. Moved all formatting functions to _format.c file. Type: refactor Change-Id: I3ca16e0568f8d7eee3a27c3620ca36164833a7e4 Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01tls: enable host verification by hostnamesatna1-3/+40
Type: improvement Signed-off-by: satna <satbeervarma9596@gmail.com> Change-Id: I1b1db60fa1a0e47fce273bc07b01887813fd3c48
2022-03-31vppinfra: vectors with non-default heapDamjan Marion7-75/+213
Type: improvement Change-Id: Ic675ad4edbf27b7230fc2a77f00c90c46d6350c3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-31vlib: add support for workers syncFlorin Coras3-38/+66
Adds api that allows workers to synchronize through main thread. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1e75e2fb5144d397d19b13c4dfc7e937f11c044c
2022-03-31stats: use vlib_stats_validate in collectorDamjan Marion1-28/+5
Type: refactor Change-Id: Ib2bf9f11209eb310b289b3202b2beeccc3637df0 Signed-off-by: Damjan Marion <damarion@cisco.com>