aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2019-11-07dpdk: ipsec gcm fixesChristian Hopps3-25/+14
- Fix AAD initialization. With use-esn the aad data consists of the SPI and the 64-bit sequence number in big-endian order. Fix the u32 swapped code. - Remove salt-reinitialization. The GCM code seems inspired by the GCM RFCs recommendations on IKE keydata and how to produce a salt value (create an extra 4 octets of keying material). This is not IKE code though and the SA already holds the configured salt value which this code is blowing away. Use the configured value instead. Type: fix Change-Id: I5e75518aa7c1d91037bb24b2a40fe4fc90bdfdb0 Signed-off-by: Christian Hopps <chopps@labn.net>
2019-11-07crypto: fix crypto perf unittest crashFan Zhang1-1/+33
Type: fix crypto perf test crashes for key size different than 16 bytes. This patch fixes the issue Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: Ic8a8ca83ca189c879815dc5d065b8c6f7826cd41
2019-11-07tcp: fix retransmit with no sacksFlorin Coras3-10/+18
Type: fix Change-Id: I6f7df0d358f57f7feadb9b7a3fcffb99558b2af8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-07api: fix dead client scan heap issueNathan Skrzypczak1-0/+4
Type: fix On multiworker setup when an app client dies, the vec_reset_length call fails the assert in clib_mem_is_heap_object. Same thing might happen for the clib_warnings Change-Id: I369f9d2dbe60407c84994a4e8d25f6df7848ca93 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07session: Add crypto contextNathan Skrzypczak3-7/+68
Type: feature Crypto contexts are a per protocol cache for storing crypto related connection data. They share a common interface with generic properties : cert, key, engine and session refcount. Change-Id: I8165e05afbcc6ecb3777b6abeab62c369d2fe9ed Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07hsa: Add ckpair & crypto engine in vpp_echoNathan Skrzypczak6-78/+80
Type: feature * vpp echo adds and dels a cert and key pair for each run * it passes the crypto engine to be used (openssl, picotls, vpp, mbedtls) Change-Id: Iaba1de2e6abb510e6c4edbe84b2324b2f4843f26 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07quic: Add support for ckpair & crypto engineNathan Skrzypczak2-20/+49
quic choice used ckpair is now the one passed to connect or listen via mq. The crypto engine is chosen with the value passed to connect or listen via mq: * If NONE(0) is provided, we default to quic_main. default_crypto_engine (picotls at init, can be changed via debug cli : quic set crypto api [crypto engine]) * If PICTOLS/VPP is provided, use this one * Other values return an error Type: feature Change-Id: Ifab893d6d03c83f202e6c7e7a9936f546a4b1530 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07session: ckpair store & crypto engine as mq paramsNathan Skrzypczak5-4/+12
Type: feature This patch adds the logic to pass to connect & listen msg in the mq the following parameters * ckpair index * crypto engine (for now only used in quic) Change-Id: I7213d8b581cb4532a9a6b18c4b3fe021287b7733 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07session: fix app attach on errorNathan Skrzypczak1-3/+2
Type: fix Change-Id: I57b3c76515544ba3655690b37e0dacb47734ba6d Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-07svm: fix byte accounting when allocating fifo headerFlorin Coras1-0/+1
Type: fix Change-Id: Ie50625271d257da814445ce13c2e6cd98986d523 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-07interface: shmemioerror while getting name_filter argAleksander Djuric3-5/+8
Type: fix Signed-off-by: Aleksander Djuric <aleksander.djuric@gmail.com> Change-Id: I5e0eb7024d208040d79e9d6db863f41e2ecf4ee6 Signed-off-by: Ole Troan <ot@cisco.com>
2019-11-06tcp: validate the IP address while checking TCP connectionSrikanth Akula1-9/+31
Type: feature Along with the port information, we need to validate the IP address details as well. This is very useful in the case port re-use scenario Signed-off-by: Srikanth Akula <srakula@cisco.com> Change-Id: I11e1ebcd3e56aae47ac235a89606a83c928aa6bb
2019-11-06docs: add spellcheck to 'make docs' sphinx docsPaul Vinciguerra1-1/+1
The CI gate will fail if there are typos in the docs. writing output... [ 21%] events/Summits/OpensourceSummit... writing output... [ 22%] events/Summits/UKNO/2017_04_30_... featuresbyrelease/vpp16.06.rst:34:Rasberry:vpp16.06 writing output... [100%] usecases/vppinazure Spelling checker messages written to /vpp/docs/_build/html/output.txt Warning, treated as error: Found 1 misspelled words Makefile:31: recipe for target 'html' failed make[1]: *** [html] Error 2 make[1]: Leaving directory '/vpp/docs' If you introduce a term that is not recognized, please add it to custom dictionary at docs/spelling_wordlist.txt. Type: feature Change-Id: Id49be4fbee617f544f1ab8e78e7de8a4df36448b Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-11-06dpdk: conditionally revert rte_vfio_dma_map patchDamjan Marion1-0/+5
DPDK have bug which will be fixed in 19.11. Type: fix Change-Id: I6c0058928e5991d61b3c5fcba706f35e6886b0f2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-11-06build: add yaml file linting to make checkstylePaul Vinciguerra11-28/+51
Type: feature fts and trex rely on yaml config files. Verify that they are valid, so comitters can catch errors early. Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-11-06quic: free qctx after udp cleanupNathan Skrzypczak1-22/+58
Type: fix As udp_session.opaque is qctx index, qctx free needs to happen after session cleanup. This patch also introduces * assert timer stop on ctx free * debug cli for listing quic ctx Change-Id: I3a58d226b094a0bbdf090b4f3eccbc2e11c6329b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-11-06tcp: IPv6 flow label supportTarun Gupta3-10/+36
Type:feature For cases when proxy is in use IPv6 flow label received in origin pkt needs to be added to ipv6 header of outgoing pkts from proxy to original destination and vice versa. Signed-off-by: Tarun Gupta <tarungup@cisco.com> Change-Id: I143f7e67237c0f865333078628a016b50ad5e630 Signed-off-by: Tarun Gupta <tarungup@cisco.com>
2019-11-05misc: Fix python scripts shebang lineRenato Botelho do Couto35-35/+35
Type: fix Since CentOS 8, RPM build script doesn't accept '#!/usr/bin/env python' as a valid shebang line. It requires scripts to explicitly chose between python2 or python3. Change all to use python3 as suggested by Paul Vinciguerra. Depends-On: https://gerrit.fd.io/r/23170 Signed-off-by: Renato Botelho do Couto <renato@netgate.com> Change-Id: Ie72af9f60fd0609e07f05b70f8d96e738b2754d1
2019-11-05docs: fix issues with src/scripts/fts.pyPaul Vinciguerra2-17/+22
- packaging issue - yaml deprecation - yaml formatting Type: fix Change-Id: Ia8808cbc83271a3067164f2db2418f071b35607a Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-11-05nat: NAT udp counter & unit test fixesFilip Varga5-20/+20
Ticket: VPP-1798 Type: fix Change-Id: I42f02d5824575720e95b9fc99cfa864252221a82 Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-11-05session tcp: refactor pacer timeFlorin Coras10-104/+81
Type: refactor Change-Id: Ic1c3e1f7987702cd88972acc34849dc1f585d5fe Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-05ip: Fragmentation fixesNeale Ranns6-117/+159
Type: fix if the packet is about to be fragmented, then don't call any of the actions that expect the rewrite to have been written. 1) don't double count packets thru the adjacency (original & fragments) 2) don't double decrement the TTL for fragments 3) return to ip4-midchain post ip-frag if that's where we started. 4) only run midchain/mcast fixups if not fragmenting (if no errors) Change-Id: Ib2866787a42713ee5871b87b597d8f74b901044b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-11-05tcp: correct validity check return valueRyujiro Shibuya1-0/+1
Type: fix Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Change-Id: Ib59bf664d8da20516d8f16d716c5e8698675da4b
2019-11-05nat: respect udp checksumFilip Varga6-170/+428
Type: fix Change-Id: I732be02d2e2b854eb589c3fa10f980ef2dbe8dfc Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-11-05ipsec: ipsec-input: check for too-short packetsBenoît Ganne1-12/+25
Make sure packet is big enough before processing it. Policy matching is done speculatively but is discarded if packet is too short. Type: fix Change-Id: I647db2c4e568b0d9bf2cfd5056e1b1c2e25132fe Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-11-04quic: enhance error reportingDave Wallace2-6/+24
Type: refactor Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I710d00e4a6c4356d0f00f7592bf14b55596ec6ae
2019-11-04quic: remove redundant function callsDave Wallace1-2/+0
- session_transport_delete_notify() is called before and inside quic_connection_delete() Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I5c79a3269e36c4aab5aa99fdfdac06c1334f0f6f
2019-11-04nat: revert respect udp checksumOle Troan6-428/+166
This reverts commit 0d75f783644a24b219ed79d9f9c17387783f67ca. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Iaf33301201897e6646eba2b4157e2a45f5fd30f2
2019-11-04ikev2: fix traffic selector matchFilip Tehlar1-2/+2
Type: fix Change-Id: I81ab3dcd03f397b3d275da6cfa094e048ad92f95 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-11-04nat: revert fix dual-loop tcp checksum botchOle Troan1-17/+9
This reverts commit 9654a37fac7fe2b425576eb0237b8d24ae44e1b1. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I93ed5a48303421de43f5494c11db2be9a3c8ce57
2019-11-04vlib: fix for vlib_node_add_next_with_slotChristian Hopps1-1/+10
- vlib_node_add_next_with_slot was not cleaning the old next node references to the given slot when replacing it with new next node. This mostly worked until one tried to set the slot to a previously (but not currently) used next node for that slot. Type: fix Signed-off-by: Christian Hopps <chopps@labn.net> Change-Id: I7ee607625da874e320158b80f12ddc16e377f8e9
2019-11-04mpls: number of mpls tunnel paths returns zeroIJsbrand Wijnands1-1/+1
The number of paths on the mpls tunnel returned through the bapi is always zero. Doing a ntohl on a uint32 and poking it into a uint8 causes the problem. Type: fix Signed-off-by: IJsbrand Wijnands <ice@cisco.com> Change-Id: I4135ad43a891e7818ca673c8067ef1f11cb34530
2019-11-04nat: fix dual-loop tcp checksum botchDave Barach1-9/+17
Type: fix Fixes: 22921 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I4fecce96d027c0ee1797d9d84cfab94b1ecdc02b
2019-11-04build: install generated api enum and type headersDave Barach2-0/+4
Otherwise, <api-name>.api_enum.h and <api-name>.api_types.h files are unavailable. If plugin B needs to send an API message to plugin A, it's out of luck. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I25fdb904b5cf57727d6196fa2c0c71be68f207ed Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-11-03session: fix show cli with closed sessionFlorin Coras1-1/+3
Type: fix Change-Id: Ifb6ead644c0273b84a5647f7923053f1db7c5a76 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-02session: reschedule asap when snd space constrainedFlorin Coras2-7/+28
Type: feature Improves fairness for sessions that are snd space or pacer constrained. Change-Id: Ida5f523090f1dcbfb17bf5116bc7917747ac8593 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-02vlib: enhance the "show cli" debug CLI commandDave Barach3-49/+210
Dump the entire CLI, mp-safe commands, non-mp-safe commands, commands which have been executed. Optionally, clear the hit counters. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ie38fc664b7deaabc35ca35be68db7e159272f551
2019-11-01vlib: Handle race in thread barrier processingAlexander Kabaev1-1/+1
When CLIB_DEBUG is enabled, vlib_foreach_main macro asserts that vlib_main it currently looks at is safely parked in barrier, by checkling that vlib_main->parked_at_barrier is not 0. Unfortunately, the check is racy - workers first increment the atomic counter to indicate that they have reached the barrier and _then_ set this_main->parked_at_barrier to 1. For the last worker to suspend this opens the race - main thread is free to execute and assert immediately after atomic counter has been incremented, before worker gets to write to own parked_at_barrier. Fix this by simply swapping the order of two operations. Type: fix Signed-off-by: Alexnader Kabaev <kan@FreeBSD.org> Change-Id: Iae47abd6ca0be1c5413f5ecaefabc64cd7eac2ed
2019-11-01dpdk: fix tso not properly check the 'enable-tcp-udp-checksum' option issueChenmin Sun2-16/+24
Type: fix Fix tso did not properly check the 'enable-tcp-udp-checksum' option issue Add description of 'tso' and 'enable-tcp-udp-checksum' in startup.conf Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Id659067a9fa9e1db6c3f8dc533a2e90351b86831
2019-11-01quic: fifo size is u32Dave Wallace3-18/+32
- Fix cli / config fifo size to only accept u32 size input. - Make cli / config fifo-size input type handling to be the same as vpp hoststack - Update external transfer tests to use new syntax with different fifo sizes for vpp_echo client/server and vpp. Type: fix Change-Id: Ia5ddb2b8d3d9908ab502352819eebeec8ac0971d Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-10-31dhcp: fix proxy dhcpv6 size checkBenoît Ganne1-2/+3
Type: fix Change-Id: Ibbb25bc530fdeaa3083c9b833a286a5d40e93c1e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-31vlib: only dump 1st buffer in chain by defaultBenoît Ganne5-6/+17
Several nodes include buffers in their traces, but only the 1st. When formatting the trace we must not try to iterate through all chained buffers. Default to display only the 1st buffer. Type: fix Change-Id: Ib3c668bbf4ab70ae68eba2ac402c7b7329825b70 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-31ipsec: fix esp trace seq number overflowBenoît Ganne2-4/+12
Do not copy invalid seq number if packet is too small. Type: fix Change-Id: I1e78f5920e9645521f57efccaf35bbf9ce0676a8 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-31quic: fix wrong error checkingDave Wallace1-6/+1
- Revert error checking to previous ASSERT Type: fix Fixes: 7c7fa9066 Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I6d915d88bf932c74f9b866aec3bd1531e0cb47f4
2019-10-31session: avoid double dispatch of new eventsFlorin Coras1-14/+17
Type: fix Avoid re-dispatching new events if they've just been added to the old events linked list. Change-Id: Ie5d0b799eae6cebb118d97204e5111eb194c0b8e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31session: fix dispatch event loggingFlorin Coras1-16/+27
Type: fix Change-Id: Icf3c73cd7eb7565ed6e1b0371da172b5408a9d36 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31quic: disable failing testFlorin Coras1-0/+1
Type: fix Disable test until fixed. Change-Id: I1f03630d126e61578c63a3536a0dd1a7b4da2b92 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31acl: add missing square brackets to vat_help option in acl apiJieqiang Wang1-2/+2
Add the missing right square brackets to remove ambiguity in vat_help option for acl_add_replace and macip_acl_add_replace api. Type: fix Change-Id: I2679d8ce163d23a0e513afdfdb87434cbb673c74 Signed-off-by: Jieqiang.Wang <Jieqiang.Wang@arm.com>
2019-10-31tcp: track lost rxt segments in byte trackerFlorin Coras2-0/+5
Type: feature Change-Id: I18dfac9c3d2f539edf20dba64cd2b7b541154144 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-30quic: fix quicly fifo size mismatchDave Wallace1-3/+13
- This fixes an intermittent failure of the test_quic_ext_transfer test due to quicly being configured with the wrong fifo size which was taken from the cli or startup.conf file. The fifo size from the application context is now used when creating the quicly context. - Emit an error message if the entire chunk of a stream is not enqueued in the svm fifo. Type: fix Change-Id: I03847ea7d4cd7a617b577697dfe3afa969850937 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>