aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2019-07-15ipsec: rewind missing from dual loopNeale Ranns1-4/+9
Type: fix Fixes: a6bee0a1 Change-Id: I1959e28b82825d7928d471d3dfa827ea4cdd74b7 Signed-off-by: Giles Heron <giheron@cisco.com> Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-15interface: fix issue that pcap rx/tx trace not available when there are ↵Wei CHEN2-8/+10
worker threads Type: fix Change-Id: Ie9a3a78b45b53344a0a5d7e2027c0e0354a49ebe Signed-off-by: Wei CHEN <weichen@astri.org>
2019-07-15session: allow transports to generate closed notificationsFlorin Coras6-27/+44
In contrast to the closing notification, whereby a transport informs the session layer that is beginning the closing procedure, this allows transports to notify the session layer of the fact that the transport is "fully" closed, i.e., it expects no more data. Also: - adds app closed state for sessions - changes tcp to have it notify when an active close has finished Type: feature Change-Id: I13c738006c03f85015e05ab82843a33a69382aaf Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-14api: add DSCP definitions to ip_types.apiPaul Vinciguerra1-0/+46
- also adds ecn definitions. Type: feature Change-Id: Id98d9ae57289425fcfed367f426442173ef4e882 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-13vppinfra: add doubly linked listFlorin Coras4-0/+609
Type: feature Change-Id: I21511c1abea703da67f1a491e73342496275c498 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-12nsim: cross-connect mode crash at interface output nodeJohn Lo2-6/+6
Type: fix Change-Id: If99c1d8a7ec97a726430a927eab0d3b57222af1f Signed-off-by: John Lo <loj@cisco.com>
2019-07-12quic: fix show session verboseAloys Augustin3-33/+28
Proprely display quic connections in show session verbose, and add a small fix for UDPC listeners and UDP sessions formatting. Change-Id: I33f83e77bf357347623d87ad23c483aba60a9bb2 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: feature
2019-07-12tls quic: reduce default segment sizesAloys Augustin2-3/+3
This reduces the memory required by tls and quic, allowing to run them (and their tests) in more constrained environments by default. Change-Id: I954081c725fb4f5f173db1f8e76922d957c5b0a2 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: fix
2019-07-12session: add thread index to all formattersAloys Augustin7-4/+15
Add a thread_index argument to half-open and listener session formatters because QUIC can have listeners and half-open sessions in any thread. Change-Id: I1de60e35ece4c68ba8cfdd6b63f211bc620d687b Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: feature
2019-07-12vcl: fix namespace debug printBenoît Ganne1-2/+1
vcm->cfg.namespace_id is a vector and not a null-terminated C-string. Type: fix Fixes: 8af2054b78 Change-Id: I9324712f053066790a30fed617c9cac673f0fbd7 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-12svm: handles heap dlmalloc allocation failureBenoît Ganne1-0/+6
Type: fix Fixes: 6a5adc3695 Change-Id: I21091fc2938cababeb28bacf7c5e457a05ab6272 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-12vcl: fix tsock 0-ing in test clientBenoît Ganne1-2/+3
Type: fix Fixes: d48e9763bfc39106eca954a28223b72261bf1aeb Change-Id: I9af222f4083a82592058fd42950db1c97caf647e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-12ipsec: drop outbound ESP when no crypto alg setMatthew Smith4-5/+162
Type: fix If a tunnel interface has the crypto alg set on the outbound SA to IPSEC_CRYPTO_ALG_NONE and packets are sent out that interface, the attempt to write an ESP trailer on the packet occurs at the wrong offset and the vnet buffer opaque data is corrupted, which can result in a SEGV when a subsequent node attempts to use that data. When an outbound SA is set on a tunnel interface which has no crypto alg set, add a node to the ip{4,6}-output feature arcs which drops all packets leaving that interface instead of adding the node which would try to encrypt the packets. Change-Id: Ie0ac8d8fdc8a035ab8bb83b72b6a94161bebaa48 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-07-12ip: Trace the packet from the punt nodeNeale Ranns1-7/+14
Type: feature Change-Id: I01f1cc53efc93b0a7bb588ea6db89a53c971a3f5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12nat: added handoff trace index for easier trace matchFilip Varga1-2/+4
Type: feature Change-Id: Id818f86164acabcb732e9a65d0e284d68e747a7b Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-07-12ipsec: Reference count the SAsNeale Ranns10-167/+158
- this remove the need to iterate through all state when deleting an SA - and ensures that if the SA is deleted by the client is remains for use in any state until that state is also removed. Type: feature Change-Id: I438cb67588cb65c701e49a7a9518f88641925419 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12nat: fix net44 lb static APIBenoît Ganne1-1/+1
tag should be added at the end of the reply message instead of overwriting the original data. Type: fix Fixed: dd1e3e780c Change-Id: I4b31cf3a4a41b49ea9039a9398114dbf49a53e57 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-12papi: fix vpp_format from change in vl_api_prefix_tPaul Vinciguerra2-12/+10
cherry picking fix for bug introduced by https://gerrit.fd.io/r/#/c/20011/ - also fixes unit tests. Type: fix Fixes: ab05508e1eb96749b68de8ccd2f6f88ff3e64fad Change-Id: I8287385f094911ea70de4751a716a7e0e6521b64 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-12ip ipsec: Remove IPSec SPI-0 punt reasonNeale Ranns5-31/+31
Type: fix There's no call for an SPI-0 punt reason with UDP encap, since it's only with UDP encap that the ambiguity between IKE or IPSEC occurs (and SPI=0 determines IKE). Enhance the punt API to dum ponly the reason requested, so a client can use this as a get-ID API Change-Id: I5c6d72b03885e88c489117677e72f1ef5da90dfc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12docs: how to enable coredump with systemdBenoît Ganne1-0/+5
Type: docs Change-Id: I1f657389fec716cc6cdc942803e65f861ffea5f5 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-12syslog: fix syslog structured data formattingBenoît Ganne1-1/+1
syslog structured data are stored as vectors not null-terminated C-strings. Use '%v' instead of '%s'. Type: fix Fixes: b4515b4be4 Change-Id: Iba224f271c832daca90d4bbccfef45d0f563fe60 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-11vppinfra: bihash add-but-do-not-overwrite semanticsDave Barach1-0/+7
If is_add=2, fail w/ return value -2 if the key exists instead of overwriting the (key,value) pair. Type: feature Change-Id: I00a3c194a381c68090369c31d6c6f9870cfe0a62 Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-11ip: Punt node does not free iovecsNeale Ranns3-11/+22
Type: fix Fixes: f7a55ad74c Change-Id: Ic3474e746887f880a8f6246bebc399715bac8e80 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11ipsec: Revert "IPSEC: remove byte swap operations in DP during SPD classify"Neale Ranns5-27/+26
Type: fix Fixes: 231c4696872cb344f28648949603840136c0795d This reverts commit 231c4696872cb344f28648949603840136c0795d. Change-Id: I136344555983dd10a31dbc000ee40e2de2c91291 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11ipsec: Revert "IPSEC: remove double byte swap of IP addresses"Neale Ranns1-10/+18
This reverts commit 9b208ced585d3b4620d6fde586cd047fe2027ecf. Type: fix Fixes: 9b208ced585d3b4620d6fde586cd047fe2027ecf Change-Id: I94a17039b4727bff0877423da5ba6cfceb188b17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11gbp: An Endpoint can change sclassNeale Ranns3-17/+38
Type: feature Change-Id: I9d3a73a6a6048fa0189f7fa6306a638279977fcd Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11avf: add more link speedsDamjan Marion2-1/+7
Type: feature Change-Id: I6f94f7ef5ffbd938457c9356a5a11f3d1afeb0a2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-07-11quic: Fix quic_echo event flagsNathan Skrzypczak1-9/+9
Type: fix Change-Id: Ibaa272b57f36b092897a99a65ca28f9d4caf29a7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-10tcp: improve rate estimateFlorin Coras3-19/+35
Type:feature - sample rtt estimation - report acked+sacked - report last lost bytes - use snd_una == snd_nxt to detect 0 bytes in flight Change-Id: I83181261fdb375c7e33d24b7a82343561e6a905f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-10ip: fix show ip neigh vector read overflowBenoît Ganne3-38/+30
Both format_ethernet_arp_ip4_entry() and format_ip6_neighbor_ip6_entry() used %s to format flags which is a vector and not a null-terminated C-string. Introduce format_ip_neighbor_flags() instead. Type: fix Fixes: 102ec52bc4 Change-Id: I0c9349fefbeb76471933de358acceb50512a21aa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-10vlib: Replace timer in CLI with an event processChris Luke1-16/+140
The CLI code, when it accepts a socket connection, ran a timer for each session that would ensure the CLI session was started should the TELNET negotiation stage fail to complete. It has since transpired that this is unsafe; the timer is capable of firing in critical sections, during a spinlock, and since we peform non-trivial things in the handler it can cause a deadlock. This was reported recently in VPP-1711 but a search of history suggests this may also be (one of) the causes in VPP-1413. This change replaces that method with an event-driven process. The process is created when the first socket connection is accepted. When new connections are created the process is sent an event to register the new session in a list. That event process has a loop that evaluates the list of oustanding sessions and if a deadline expires, their session is started if it has not been already, and then removed from the list. If we have pending sessions then the loop waits on a timer or an event; if there are no sessions it waits on events only. Type: fix Ticket: VPP-1711 Change-Id: I8c6093b7d0fc1bea0eb790032ed282a0ca169194 Signed-off-by: Chris Luke <chrisy@flirble.org> Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-10misc: fix buffer issue in geneve_inputZhiyong Yang1-10/+8
Type: fix Change-Id: I32000cd42b0ab2ce54a159c6727823fd0d113fe4 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-07-10quic: Improve timing interface for quic_echoNathan Skrzypczak1-100/+202
Type: feature Change-Id: I7a99b72276878625017c73dff8402f3e7fa7c33f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-10fib: fib_entry_flags_update takes a vector of pathsNeale Ranns1-5/+1
Type: fix Fixes: 097fa66b Change-Id: I690e31433b64f11399c08b4a0318762916c2c2f0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-09acl: perform the ACL-as-a-service user registrations in global heapAndrew Yourtchenko2-10/+14
Some users tend to call registration routine long before they need that service - which triggers an immediate initialization of the ACL heap, which is rather big. This commit defers this process by keeping the registrations in the global heap. Change-Id: I5825871bd836851942b55184b6ee2657c7a9cc33 Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-07-09session: notify app of session and transport cleanupFlorin Coras5-3/+39
Type:feature Change-Id: Ic9515c0b11ca6f75503f47ec6b2c58d240afb144 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-09quic: echo thread can handle multiple sessionsNathan Skrzypczak2-129/+278
Type: feature Change-Id: Ibb60d5b46aafe109a81a8604712a917f6e246eaf Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-09udp: UDPC handle open failNathan Skrzypczak1-6/+9
Type: fix Change-Id: Ib8fb4957f4da9e464e2575c45c8ff3828db89872 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-09gbp: Ownership of dynamically created vxlan-gbp tunnels managed via gbp_itfNeale Ranns20-396/+694
Type: fix This solves the ownership of vxlan-gbp tunnels. When the last reference of these goes away they need to be deleted. Currently there are two owners; gbp_itf via gef_itf and the lock held by the gbp_endpoint_location_t. The problem is that the loc removes its reference whilst the fwd still holds the gbp_itf, and things go wrong. This change moves the lifecycle management of the vxlan-gbp tunnel to the gbp_itf. When the last lock of the gbp_itf goes, so does the tunnel. now both the EP's loc and fwd can hold a lock on the gbp_itf and it's only removed when required. The other change is the management of the 'user' of the gbp_itf. Since each user can enable and disable different features, it's the job of the gbp_itf to apply the combined set. determining a unique 'uesr' from the caller was near impossible, so I moved that to the gbp_itf, and return the allocated user, hence the 'handle' that encodes both user and interface. The hash table maps from sw_if_index to pool index. Change-Id: I4c7bf4c0e5dcf33d1c545f262365e69151febcf4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-09tcp: remove warning for multi-seg scnario.Simon Zhang1-1/+0
Type: fix Change-Id: I64e2082bd8ac5b0be21e10407dc29ba4c3f4cab3 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2019-07-09vat: unload unused vat pluginsDave Barach22-314/+100
If the corresponding vpp plugin is absent, return a non-zero clib_error_t * from vat_plugin_register ("xxx plugin not loaded"). The vat plugin calls dlclose on the vat plugin, and it disappears. Depending on the plugin configuration, this can reduce the vpp virtual size by several gigabytes. Added a VAT_PLUGIN(<plugin-name>) macro to vat_helper_macros, clean up boilerplate vat_plugin_register() implementations. Fixed a number of non-standard vat_plugin_register methods. Type: refactor Change-Id: Iac908e5af7d5497c78d6aa9c3c51cdae08374045 Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-09fib: fix urpf_itfs vector overflowBenoît Ganne1-45/+16
When removing duplicates in urpf_itfs vector we search for the 1st next different entry in the vector, but the loop test is in the wrong order: (urpf->furpf_itfs[i] == urpf->furpf_itfs[j] && j < vec_len(urpf->furpf_itfs)) We must check for overflow before checking equality. Type: fix Fixes: 3ee44040c66cbe47ff292ac7fb0badccbe2afe6d Change-Id: I63729aff12057d5abce6c24ec24339cd9cd79494 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-09tcp: track last lost bytes in sack sbFlorin Coras2-3/+10
Type:feature Change-Id: I687809ebcc759cec8cb1d5c3b2b7e6bc995a7985 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-09quic: fix passive disconnect handling & refactorNathan Skrzypczak3-541/+740
Type: refactor Change-Id: Ie54a77252e9f58a90f9e1f9595b9ede354952f70 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-09papi: update VPPEnumType for python3Paul Vinciguerra1-1/+4
Python3 uses __bool__ instead of __nonzero__ Type: fix Depends-on: https://gerrit.fd.io/r/#/c/20484/ Change-Id: I7dd13d0508ab18d6c50c235f4186006799e92b45 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-09vppinfra: allocate bihash virtual space on demandDave Barach8-11/+223
Reduces the vpp image virtual size by multiple gigabytes Add a "show bihash" command which displays configured and current virtual space in use by bihash tables. Modify the .py test framework to call "show bihash" on test tear-down Type: refactor Change-Id: Ifc1b7e2c43d29bbef645f6802fa29ff8ef09940c Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-08vcl: add worker unregister apiFlorin Coras2-0/+12
Type:feature Change-Id: Ie73644aed94e58d5dce822de5000183e414401df Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-08vcl: cleanup listener accept fifoFlorin Coras1-0/+14
Type: fix Change-Id: Ic470d429f4bf1924185f720d66efe06f4727bcbd Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-08map gbp papi: match endianess of f64Paul Vinciguerra6-11/+92
clib_net_to_host_f64, clib_host_to_net_f64 are now implemented as '=', https://gerrit.fd.io/r/#/c/20406/ set papi to match. - all f64 api references are now wrapped with clib_net_to_host_f64 or clib_host_to_net_f64. IEEE f64 endianess is not defined. If clib_net_to_host_f64 and clib_host_to_net_f64 are later defined in VPP as big-endian, it is a single character change in the papi vpp_serializer. Note: This breaks the api in a manner that would not be detected by the flag day initiative. The scope is small. This only impacts map.api, which applied the u64 transformation, while the gbp api uses '='. The implementation of "=" raises issues for the papi socket implementation if used between systems of differing endianess. See Vratko's comments. - Added get_f64_endian_value() to api to allow client to verify endianess of f64's. Type: fix Depends-on: https://gerrit.fd.io/r/#/c/20484/ Change-Id: I00fc64a6557ba0190398df211aa0ea5c7eb101df Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-08ip: retain local interface address adjacencyMatthew Smith1-6/+24
Type: feature ip4_local_check_src() was overwriting vnet buffer opaque data on the adjacency for packets with "local" (dpo-receive) destination addresses. Retain the dpo receive index in vnet_buffer()->adj_index[VLIB_TX]. This can allow a graph node to distinguish the interface where the destination address is configured from the interface where the packet was received. This can be useful in correctly handling packets that have been sent to an address configured on a loopback interface. Change-Id: I52a942e85b5302b338a2d0404a37c5ea1a99e89f Signed-off-by: Matthew Smith <mgsmith@netgate.com>