aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2021-01-21ip: Use correct enum type in ip_address_setNeale Ranns5-11/+12
Type: refactor Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ice2bc42838e6d5ba579f449c3f8b0feffebeb719
2021-01-21ip: use IPv6 flowlabel in flow hash computationAhmed Abdelsalam13-100/+115
extends ip6_compute_flow_hash() to include IPv6 flowlabel in flowhash computation Type: improvement Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com> Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1aaa20c9dac729c22b714eea1cdd6e9e4d1f75e
2021-01-21ipsec: Honour IPSec SA table-ID over APINeale Ranns2-11/+9
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ib08fe356e4dc710dd60a96736c48b27129f06786
2021-01-21ipsec: Tunnelled packets are locally generatedNeale Ranns1-0/+1
Type: fix this means we 1) don't decrement TTL and (for v6) can fragment. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I0f718da7dcaba834ad495ae9242a9a58c9e7c184
2021-01-21ip: set correct error in ip6-localBenoît Ganne1-3/+3
Type: fix Change-Id: Ib23f823e46494f80d9d857ddde88f4939bf2b3d1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-21vppinfra: add bihash with 32 byte keyMatthew Smith2-0/+108
Type: feature Add header to define bihash_32_8. Change-Id: Ia8a21a1e76cf0c05b8f8a2d1f5dbc0dc586d7801 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-01-21fib: fix includes for muslNathan Moos1-1/+1
Type: fix When building with musl, the type `uint` is not available unless you include <sys/types.h>. Signed-off-by: Nathan Moos <nmoos@cisco.com> Change-Id: I0003b0c373d9fd532b4135c43d78f36d6cd7afa4
2021-01-20acl: replace glibc internal __bswap_64 with clibNathan Moos1-1/+2
Type: fix In order to build VPP as a package for an embedded Yocto-based distribution, this patch replaces the use of the glibc internal __bswap_64 function with the VPP function clib_net_to_host_u64, which is provided by vppinfra. Change-Id: I3ecc8525861dc3441bce2b51aa4c80f9a62d3051 Signed-off-by: Nathan Moos <nmoos@cisco.com>
2021-01-20memif: fix vpp to go link up immediately on admin upEd Warnicke3-16/+23
Type: improvement Previously, memif would check every 3 seconds to see if an interface had gone admin up. Now it does as soon as admin up occurs. Signed-off-by: Ed Warnicke <hagbard@gmail.com> Change-Id: I808699cd5980fa162c34ac977f43d00ed6b67115 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2021-01-20vxlan: fix SEGV reported in VPP-1962Ed Warnicke1-5/+29
Type: fix Replace vnet_register_interface with ethernet_register_interface Fixes https://jira.fd.io/browse/VPP-1962 Signed-off-by: Ed Warnicke <hagbard@gmail.com> Change-Id: I5f578fc416605429fe1e2b510ad49eb754451d40 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2021-01-20vppinfra: add option to use libexecinfoNathan Moos1-1/+5
Type: feature The musl libc does not provide <execinfo.h> or an implementation of the functions provided. This patch enables the use of libexecinfo as an alternative, which can be used on systems with musl. Change-Id: I76b5744ddf731b66e16144025a6fdedf72925260 Signed-off-by: Nathan Moos <nmoos@cisco.com>
2021-01-20svm: add standard include for __WORDSIZENathan Moos1-0/+1
Type: fix In glibc, the __WORDSIZE macro is defined in a header included indirectly from svm_common.h. In musl, the __WORDSIZE macro is not indirectly included, so this patch directly includes <sys/user.h> to ensure the __WORDSIZE macro is available. Change-Id: If1b1fc97161b7a0b2e82351d4776c81c36a323cb Signed-off-by: Nathan Moos <nmoos@cisco.com>
2021-01-20vlib: fix build with muslNathan Moos2-0/+2
Type: fix When building with musl, some transitive includes from glibc are not present. This patch adds direct includes for the necessary types, and it also defines _GNU_SOURCE to ensure that the socket types are complete. Change-Id: Ic69c307b9515fec764c32906b5bc7f1fb34f2525 Signed-off-by: Nathan Moos <nmoos@cisco.com>
2021-01-20ikev2: use new counters data model & add more countersFilip Tehlar3-50/+169
Type: feature Ticket: VPP-1916 Change-Id: Ibe612d21f748a532d88b73b286dc4a1dd15d7420 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-20ip: add API to retrieve IPv6 link-layer addressBenoît Ganne2-35/+84
Type: feature Change-Id: I5739869490155b0b9674b4faf61882d97e66a4ed Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-20crypto: fixed vnet_crypto_is_set_handler()PiotrX Kleski1-1/+10
Type: fix vnet_crypto_is_set_handler() was checking if op handler is set by using alg instead of op id. This fix changes the check to use op ids from crypto_main's alg_data for provided alg. Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Change-Id: I5f0f00a889ddada44d9912af175ebad66677037a
2021-01-20build: add the missing leading underscore to FORTIFY_SOURCENeale Ranns1-2/+2
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I36f2d08681f90a3f8ea7598952d1e14c53f0187b
2021-01-20classify: Layout classify entry to group data-plane accessed fields onNeale Ranns3-102/+124
one cache line Type: refactor Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: I54128ba62f8dcc87c1845b33ed3637112d42a891
2021-01-19classify: crash on classify filter pcap del commandSteven Luong1-1/+2
If classify pcap filter was never configured, typing the delete command causes a crash. The reason is cm->classify_table_index_by_sw_if_index not yet allocated. The fix is to add a check before we access the vector. Type: fix Fixes: gerrit 28475 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ia33bd91fa82d8ffc4490d4069155980a6e233268
2021-01-19avf: fix l2_len for csum offloadMohammed Hawari1-4/+3
Use vlib_buffer_t::current_data instead of vnet_buffer_opaque_t::l2_hdr_offset to compute l2_len for checksum offload (l2_hdr_offset might be invalid if packet originates from an L3 interface) Change-Id: I2031ea6fd6a7af4b6e186751e119ebd6161641b5 Type: fix Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2021-01-18build: make rpath optionalNathan Moos1-1/+4
Type: feature This patch begins enabling support for building VPP as a package for a Yocto-based embedded Linux distribution. Yocto QA complains about executables and libraries with an rpath configured, as the paths may not be valid on the target system. Therefore, this patch adds a new CMake option named `VPP_SET_RPATH`, which is enabled by default but can be disabled by a Yocto-based build. Change-Id: I90e9c4ba07138032b0f76cb72a98e58470885d55 Signed-off-by: Nathan Moos <nmoos@cisco.com>
2021-01-18nat: deal with flows instead of sessionsKlement Sekera15-1963/+1865
This change introduces flow concept to endpoint-dependent NAT. Instead of having a session and a plethora of special cases in code for e.g. hairpinning, twice-nat and others, figure all this out and store it in flow logic. Every flow has a match and a rewrite part. This unifies all the NAT packet processing cases into one - match a flow and rewrite the packet based on that flow. It also provides a cure for hairpinning dilemma where one part of the flow is on one worker and another on a different one. These cases are also sped up by not requiring destination adress lookup every single time to be able to rewrite source nat as this is now part of flow rewrite logic. Type: improvement Change-Id: Ib60c992e16792ea4d4129bc10202ebb99a73b5be Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-01-18ipsec: Support MPLS over IPSec[46] interfaceNeale Ranns11-148/+280
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I89dc3815eabfee135cd5b3c910dea5e2e2ef1333
2021-01-18tls: make picotls engine able to initial connection as clientSimon Zhang2-16/+74
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: Idd14dc11e92e0851c64f83e280b52f12e32ae48d
2021-01-16tcp: remove bad assertIvan Shvedunov1-5/+2
Don't assume that half-open connections pending removal are always successful. Type: fix Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com> Change-Id: I955077a4ed2389b9ee38d97e27a7c7761c860a4a
2021-01-15vlib: fix counter_will_expand predictionMiklos Tirpak2-6/+18
vlib_validate_combined_counter_will_expand() was calling _vec_resize_will_expand() with wrong arguments, which resulted in false return value. Apart from the initial call, it never indicated a vector resize. The callers relying on this function did not perform a barrier sync because of the wrong prediction even if the vector got extended by a subsequent vlib_validate_combined_counter() call. The fix introduces a new, simplified macro that is easier to call. vec_resize_will_expand() accepts the same arguments as vec_resize(). Type: fix Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com> Change-Id: Ib2c2c8afd3e665e0e3d6ae62ff5cfa287acf670f
2021-01-14docs: Update FIB documentationNeale Ranns1-6/+17
Type: docs Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3dfde4520a48c945ca9707accabbe1735c1a8799
2021-01-14vxlan: Protect against tunnel config where source is not localNeale Ranns1-2/+11
Type: fix If a tunnel's source is not local then post encap VPP will attempt to receive (via ip4-local) that packet, things go wrong from there. The fix is when stacking the encap forwarding don't accept a receive DPO. This approach is taken, rather than rejecting bad tunnels, because the 'local-ness' of the tunnel's source can change and we can't reject tunnels that were once correctly configured but are no longer. the user will quickly discover their mistake as traffic won't pass. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I46198422e321606e8baba003112e978a526b4c2f
2021-01-13ikev2: remove assert conditionFilip Tehlar1-19/+36
Remove assert condition ensuring that a packet was punted with reason spi=0. We can't rely on data in punt_reason because it is defind in an union. This patch adds a new IKE node that handles punted IKE packets separately. Type: fix Change-Id: I2e1b44922e53e049bd8512fa5cb85cee6a2b8aa7 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-12crypto-openssl: chacha support in openssl versionRay Kinsella1-8/+8
Fix build errors related to chachapoly when the system openssl version is < 0x10100000. Type: fix Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I62283fcc44c952ddd4d6a9f621c18e8be1af8af1
2021-01-12ip: vtep fixes for alignment and cache update.Ray Kinsella1-2/+2
Minor fixes for Intel AVX-512 alignment, and cache update. Type: fix Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I9f9bebb4ecb3265ffc765affd1ed94d0ba979066
2021-01-12vcl: fix session_handle_to_vlsh_table update after session migratewanghanlin1-7/+48
Type: fix Signed-off-by: wanghanlin <wanghanlin@corp.netease.com> Change-Id: I6698749163b0ed38093d8439e94b18b6841dc6ce
2021-01-11dpdk: allow configure individual VMBUS devicesVladimir Ratnikov6-58/+253
now startup.conf supports confuguration for VMBUS devices as for PCI devices for whitelisting/blacklisting dpdk { dev fa5a6e7a-cf3a-4b98-9569-addb479b84bc } with sub-configuration as for PCI devices dpdk { blacklist fa5a6e7a-cf3a-4b98-9569-addb479b84bc } where fa5a6e7a-cf3a-4b98-9569-addb479b84bc - example of UUID struct vlib_vmbus_addr_t changed to union with UUID described fields Added device_config_index_by_vmbus_addr blacklist_by_vmbus_addr to enumerate available device configs hash_key is as_u32[0] field(last 4 bytes of UUID) Lost of precision against full UUID, but 2^32 is enough to handle all the devices available Added is_blacklisted check while creating vnet devices in order to supress creation of dev if it's blacklisted Type: feature Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: Id82611e54fed082190e488c7e5fbe14ecbe5b2ab
2021-01-11vcl: fix deadlock in rpcwanghanlin2-71/+134
Worker thread A send rpc to worker thread B with vls_table_lock when worker thread B try to lock vls_table_lock, so unlock it temporarily. Add worker_rpc_lock to synchronize rpc message among workers to prevent waiting for each other deadly. Add timeout for rpc response to prevent hanging when VPP exit/crash. Type: fix Signed-off-by: wanghanlin <wanghanlin@corp.netease.com> Change-Id: I675f1fe76673ede09107f6eeaaa0eda8bbfc6e61
2021-01-11acl: fix tag C-string overflowBenoît Ganne1-5/+14
tag is expected to be a null-terminated C-string Type: fix Change-Id: I633719068c37eac395cc30a6a314c00848e9cdca Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-11nat: refactor and split fo EI/ED features p.2Filip Varga8-351/+1216
Patch n. 2 aimed at moving EI features out of NAT44 plugin & split of EI/ED functions. Type: refactor Change-Id: Ida20c1c084449b146344b6c3d8442f49efb6f3fa Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-09session svm: fix fifo migrationFlorin Coras6-51/+66
Allocate and attach a new pair of private fifos in the right private slice when a session is cloned. This ensures that private fifos are not shared between workers. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib700d18104d2ca79aa8a07434cdcdcab0bef13a5
2021-01-08l2: Separating scan-delay and learn-limit into a separate API from ↵Jerome Tollet3-20/+136
want_l2_macs_events Type: feature Signed-off-by: Jerome Tollet <jtollet@cisco.com> Change-Id: I6de6dae7da4ec1001e2811975a9b67acfc1a148c
2021-01-08tests: move bond tests to src/vnet/bonding/testDave Wallace2-0/+373
- Refactor make test code to be co-located with the vpp feature source code. Type: test Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I056717261553f6449f5fcd3611b6ae3895a00ba6
2021-01-08vhost: Add event index for interrupt notification to driverSteven Luong10-198/+771
VPP only supports a poor man's approach for interrupt notification to the driver. It uses a simple binary flag for "interrupt needed" or "interrupt not needed". Most drivers support more sophisticated event index already. This feature is to add the long due missing feature and make it configurable, off by default. Type: feature Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I68dab7dd07045cafb49af97b7f70db9b8131ae03
2021-01-08ikev2: fix lookup in wrong ip tableFilip Tehlar1-4/+6
In responder mode we need to remember interface index from which IKE session was initiated. Otherwise when sending keep alive packets to the initiator, the default ip table is always used for lookup instead of the one associated with the interface. Type: fix Change-Id: Iade3fc3a490b7ae83c3f6e9014d1f4204e476ac1 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-07vcl session: switch to generic cert key apisFlorin Coras17-311/+310
Remove the deprecated tls apis. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia1e12bd813671146f0aca22e83d04c23ac13e595
2021-01-07ipip: Support MPLS over IPNeale Ranns3-5/+102
Type: feature Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ief1755131297afcaa14fe74fd8dd28c71a92fbe6
2021-01-07ipsec: Deprecated the old IPsec Tunnel interfaceNeale Ranns7-898/+4
Type: fix it's been 2 releases since it was marked deprecated. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0eba7ed607826ed0d00e7d2d8f9b27d09e8e9a6e
2021-01-06vcl: allow all workers to block on apiFlorin Coras2-32/+53
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id94cf2aeae8167868d5f96534224759c1ef6f837
2021-01-06svm: force fixed memfd mapping if va providedFlorin Coras1-3/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6a2cc596cf0b7f29d3ae1c05b1bb6b748b558175
2021-01-06api: fromjson/tojson generated code memory leakOle Troan1-1/+1
Found by coverity. Fix potential memory leakage in generated code. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: If492541b8b66e574f30ecdd0dd533099cbe068ad
2021-01-06acl: fix cli tag parsingBenoît Ganne1-1/+5
- tag is expected to be 64-bytes - when specifying tag on cli, a vector is allocated. Make sure it is freed Type: fix Change-Id: Id1741fe406819ca9f71edb081d4483f52cae547d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-06ipsec: Mark the interface create reply deprecatedNeale Ranns1-0/+1
Type: fix I should have done this wehn i marked the request as deprecated. The reply also needs to be marked deprecated so the API compliance script can remove it along with the request. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I8391257944b6cff7b32a01a479dd1dcab30cd33b
2021-01-06l2: add per bridge domain learn limitJerome Tollet7-60/+290
Type: feature Signed-off-by: Jerome Tollet <jtollet@cisco.com> Change-Id: I57ed6699050445d9c9aec98eff3aab56735aca54 Signed-off-by: Jerome Tollet <jtollet@cisco.com>