summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-04-24span: crash in span_mirror [VPP-1254]Steven1-2/+7
It is possible for span-input to get call with sw_if_index which is greater than sm->interfaces and crashes in span_mirror () in the following line span_interface_t *si0 = vec_elt_at_index (sm->interfaces, sw_if_index0); For example, span-input mirrors a main interface as source, it may actually get call for traffic coming in from the subinterface and crashes. The fix is simply to check if sw_if_index >= vec_len (sm->interfaces) and punt if it is. Change-Id: I8312eb321d638518e14ba2326fffd1a7919646ca Signed-off-by: Steven <sluong@cisco.com>
2018-04-24memory leakKingwel Xie1-0/+3
obvious leak of parent_indices Change-Id: I572b33de1756c8062a87c754117d990622fe12fe Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2018-04-24mem-leak in stats handling (VPP-1250)Neale Ranns1-4/+18
Change-Id: I55f978c84a56bc089e5657c528195b6c84409364 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-24lacp: deleting the bond subinterface may cause lacp to lose the partner ↵Steven5-38/+10
[VPP-1251] Problem: When the bond subinterface is removed, it was observed that we lost the lacp partner. Show hardware shows rx counter goes up, but show interface does not for the slave interfaces. Cause: We reset the interface promiscuous mode when the bond subinterface is deleted. This causes dpdk not to accept any packet. Leave the interface in promiscuous mode fixes the problem. Other fixes: There are few places we use hw_if_index as if they are sw_if_index. But they don't necessarily have the same value. As soon as a subinterface is created, they start to diverge. The fix is to use the correct API for the hw_if_index and sw_if_index. Change-Id: I1e6b8bca0a4aae396d217a141271cbf968500c91 Signed-off-by: Steven <sluong@cisco.com>
2018-04-23lacp: partner may time us out if fast-rate is configured [VPP-1247]Steven5-8/+14
We should be sending LACP PDU every second if the partner has LACP_TIMEOUT flag set which means it will time us out in 3 seconds. Add interface name for lacp trace Change-Id: If7d816c062d03e80cc0dd7d10dba0b76ace0664a Signed-off-by: Steven <sluong@cisco.com>
2018-04-20acl-plugin: acl-as-a-service: VPP-1248: fix the error if exports.h included ↵Andrew Yourtchenko2-16/+12
in more than one C file Including the exports.h from multiple .c files belonging to a single plugin results in an error. Fix that by making all the exported function pointers static, so every place which includes the exports.h gets its own copy of function pointers. This will also require to call separately the acl_plugin_exports_init() per file to initialize them. Change-Id: Icb70695efa23579c46c716944838766cebc8573e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-18dpdk: resurrect removed code [VPP-1245]Steven1-0/+4
https://gerrit.fd.io/r/#/c/7701/ accidentally removed 3 lines of code in dpdk/device/init.c which were added by https://gerrit.fd.io/r/#/c/7826/ case VNET_DPDK_PMD_VHOST_ETHER: xd->port_type = VNET_DPDK_PORT_TYPE_VHOST_ETHER; break; Those lines were needed to recognize vhost-user interface which is created via vdev command in dpdk and display VhostEthernet. Without them, UnknownEthernet is displayed. Change-Id: I6d7ee6aecc6a415fbb7308595d515649475bcd5f Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit 684d08c7e5378af5310346e9219a79ef1d901084)
2018-04-18SCTP: coverity scan warningsMarco Varlese3-30/+39
This patch addresses 182346, 182347, 182353. Change-Id: I59c3d74bd3a2122b836c93e22ddb632fa032f7fe Signed-off-by: Marco Varlese <marco.varlese@suse.com> (cherry picked from commit 216c35b2c6e5b4a728675f5141241420841cda34)
2018-04-18SCTP: coverity warningsMarco Varlese1-5/+2
This patch addresses the warning 182994 Change-Id: I071f3cbdf9965c7b57d444f79430ee75c66c856e Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-04-18Fixes for 'make UNATTENDED=yes CC=clang CXX=clang verify'Neale Ranns51-180/+215
Change-Id: I994649761fe2e66e12ae0e49a84fb1d0a966ddfb Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 756cd9441752fc8f84104c9ee19099506ba89f85)
2018-04-17vhost: show vhost-user <interface> may crash [VPP-1242]Steven1-0/+7
show vhost-user <interface> may cause a crash if interface is semi-bogus. Semi-bogus means it is a known vpp interface which has a hw_if_index, but it is bogus because it is not a vhost-user interface. The fix is to add a check to reject non vhost-user interface for the command. Change-Id: I63f1e8bfbf46f5ec4c30f9fb3546982b63cd7cc5 Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit 583f158b44d9644855441280e09afbf85a4557df)
2018-04-17VPP-1243: fix reassembly CLIKlement Sekera1-5/+6
Change-Id: Ie20aaf0eb1a5a338a54f0de4d6da661431be5163 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-17acl-plugin: VPP-1241: fix the "show acl-plugin tables applied" outputAndrew Yourtchenko2-45/+20
It is a relatively rarely used low level command for code that didn't change, but due to infra changes it did not survive. Having it working may be very useful for corner-case debugging. So, fix it for working with the acl-as-a-service infra. Change-Id: I11b60e0c78591cc340b043ec240f0311ea1eb2f9 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-16CSIT-895 dpdk/ipsec: add locks on session data hash updatesRadu Nicolau2-33/+40
Change-Id: I6400b77de388c01e85209e5dc5f11ccafb79a459 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com> (cherry picked from commit 5aaea1186e4464c0bcbd165ead4b1782a35bb056)
2018-04-13bond: ping fails between l2 BD [VPP-1238]Steven4-15/+91
In dpdk based bonding, when the bond interface is configured for l2, it automatically sets the bond interface to promiscuous mode and sets rx redirect to ethernet-input. This allows traffic to be bridged to non compute node facing interface when it is received from the compute node interface. For native vpp bonding, we need to do similar things. When the bond interface is configured for l2, we set the slave interfaces to promiscuous mode and set rx redirect to ethernet-input because dpdk does not know anything about the bond interface. Likewise, when a new interface is enslaved, we also need to do the same thing if the bond interface has already been configured for l2. Change-Id: I7e168008e8a4221be74929b2a20e6db0ce8f3110 Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit 4f8863b21405d1ab3e067e978a60be72a343358b)
2018-04-13VOM: Add sub_interface in specific routing tableMohsin Kazmi2-0/+19
Change-Id: I3700fc1d140e30da783e41762670618f0298c7db Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 1e583111ebeb0333435cfad8af10ebe0e9842d4d)
2018-04-13NAT66: Do not translate if packet not aimed at outside interfaceJuraj Sloboda3-0/+55
Change-Id: Id5a2a90d81cc9cb87cb6fb89ac2f4ca3cbcb51e2 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com> (cherry picked from commit 9341e34b500ce7c68fc6857a24ee7b67cac121b1)
2018-04-13vom: Fix the itf stats replayMohsin Kazmi3-1/+39
Change-Id: Iedc6bbaa1c0a1c3c6e1b8ed6d67db28046a551f4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 58c711a196d9b178bfe6190964a7df92145cf949)
2018-04-13VOM: Get vhost-user type from nameMohsin Kazmi1-1/+2
Adopt nova naming convention for vhost-user interfaces. Change-Id: If70f0828106bf594eb11d4f0ed2898a35ec0af15 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 47cca9b0f2a406a4494e646c4c4cd37abb47053a)
2018-04-13acl-plugin: VPP-1239: acl-as-a-service does not match IPv6 packets, works ↵Andrew Yourtchenko2-4/+5
only in lookup context 0 In process of extracting the matching out of the ACL plugin internals, a couple of pieces setting the miscellaneout fields in the 5tuple structure did not make it, so they are initialized to zeroes. Move the assignments to the right place to make both traffic acls and acl-as-a-service working. Change-Id: I66a7540a13b05113b599f0541999a18fad60385d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-13bond: 1 packet/frame == bad performance [VPP-1236]Steven1-6/+8
While https://gerrit.fd.io/r/#/c/11316/ took care of 1 packet/frame for most of the bonding modes, it missed the broadcast mode. This patch is to fix the 1 packet/frame for the broadcast mode. Change-Id: Iac48a2977c7f702f341479cc712a6448090dbc60 Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit 22b5be06fae6f9a8b71c53fec548aabbdf69026b)
2018-04-11VPPAPIGEN: Consistent CRC32 on complete file.Ole Troan1-17/+25
Prior to this fix vppapigen would just do a crc32 on the Python representation of the file as a set of dictionaries. That of course was not a good idea. Change-Id: Ie454736ffec02fa4679ab27e684b1d6c6406a0f1 Signed-off-by: Ole Troan <ot@cisco.com> (cherry picked from commit 17225df81b6fbfedc49dbf1fccb6d68df5a44ce0)
2018-04-11DVR: save the rewrite length in packet meta-data for featuresv18.04-rc2Neale Ranns1-3/+9
Change-Id: I0efd03bdb84bc9ff2334d398bfdb82486228114a Signed-off-by: Neale Ranns <neale.ranns@cisco.com> (cherry picked from commit 7bf3f9f70e8395c13ed235cb48ec1787b07cf2d9)
2018-04-11L2: no-flood interface type in the Bridge-DomainNeale Ranns5-11/+42
Change-Id: I50ff0cacf88182f8e0be19840c50f4954de586e2 Signed-off-by: Neale Ranns <neale.ranns@cisco.com> (cherry picked from commit 87dad11c8717735479e57cf6c065c7a7963c3aa3)
2018-04-10Change l2-fwd node to allow possible feature before UU-FLOODJohn Lo1-6/+14
If l2-fwd node does not find an L2FIB entry for DMAC of packet, use input feature bitmap to find next node instead of always sending packet to l2-flood node to perform unknow unicast flood. It provides possibilty of using other feature to forward unknow unicast packet instead of flooding the BD. Change-Id: I56b277050537678c92bd548d96d87cadc8d2e287 Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 9a719298c3160b0c28aa7d74747ef206751c8cae)
2018-04-10acl-plugin: VPP-1230: fix the "undefined symbol" error for acl_main when ↵Andrew Yourtchenko3-9/+31
using the inline functions The acl_main struct, which is defined in the acl_plugin, is not visible when the ACL plugin inline code is being compiled within the context of other plugins. Fix that by using the global pointer variable, which exists in both the ACL plugin context and is set in the context of the external plugins using ACL plugin. Change-Id: Iaa74dd8cf36ff5442a06a25c5c968722116bddf8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-10acl-plugin: VPP-1231: add error checking to acl_plugin_set_acl_vec_for_contextAndrew Yourtchenko1-1/+26
The users of ACL lookup contexts might not check the data they supply, so do it on their behalf in this function, and return an error if an ACL does not exist or if they attempt to apply the same ACL twice. Change-Id: I89d871e60f267ce643f88574c83baf9cd0a2d7b3 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-10NAT44: don't add static mapping to resolution vector if failed (VPP-1225)Matus Fabian1-3/+27
Change-Id: I71660eb327124179ff200763c4743cc81dc6e1c6 Signed-off-by: Matus Fabian <matfabia@cisco.com> (cherry picked from commit f13a8787365300d757eca4624c8f8a6b7c49392b)
2018-04-09memif: bug fixesDamjan Marion2-22/+74
Change-Id: Id775efb2e85d850e510d00f1b48bb711a3342397 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-09IPIP: version.h is not neededNeale Ranns1-1/+0
Change-Id: I78a4176f98c2b4630a57ac5ddb7faf58ba0c4ee1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-07BIER coveroty fix for unintialised return value on errorNeale Ranns1-1/+1
Change-Id: I2b1d1035f810cb58356626cf081d46eb289265b4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-04Doc updates prior to branchChris Luke3-11/+23
Change-Id: Ibcffee7d20dbb79720199bcd82d2353f39d5544f Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-04-04memif: zero copy slaveDamjan Marion7-145/+677
Change-Id: I65306fb1f8e39221dd1d8c00737a7fb1c0129ba8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-04Detailed stats collection featureNeale Ranns12-41/+434
Use device-input and interface-output feautre arcs to collect unicast, multicast and broadcast states for RX and TX resp. Since these feature arcs are present only for 'physical' interfaces (i.e. not su-interfaces) counter collection is supported only on parent interface types. Change-Id: I915c235e336b0fc3a3c3de918f95dd674e4e0e4e Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-04NAT added FIB entries have a preference lower than API/CLINeale Ranns3-6/+12
Change-Id: Ia99490180683e8649784f7d9d18c509c3ca78438 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-04NAT44: prohibit multiple static mappings for a single local address (VPP-1224)Matus Fabian1-0/+11
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04NAT44: fix static mapping for DHCP addressed interface deleting (VPP-1223)Matus Fabian1-4/+92
Change-Id: Ifb4d23059b7989c32a52eaf0c25c275b35e83010 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04dpdk:fix checksum handling of l2 interfacesEyal Bari1-17/+19
dpdk-input was dropping packets with bad ip-checksum on l2 interfaces Change-Id: Ife5b52766bb71e878b1da6e94ae7b8a1e59fc478 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-04-03reassembly: bug fixesKlement Sekera3-17/+22
This change fixes a bug which would corrupt features infra by making feature infra resistant to double-removal. It also fixes 'out of memory' issue by properly initializing the bihash tables. Change-Id: I78ac03139234a9a0e0b48e7bdfac1c38a0069e82 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-03session: use fib index in ip local testFlorin Coras1-1/+1
Change-Id: I148cb40c8bea55dabe54fa6a662d46862e571640 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-30tapv2: Sporadic SIGABRT in ethernet_input [VPP-1183]Steven2-5/+6
virtio_free_rx_buffers uses the wrong slot in the vring to get the buffer index. It uses desc_next. It should be last_used_idx which is the slot number for the first valid descriptor. Change-Id: I6b62b794f06869fbffffce45430b8b2e37b1266c Signed-off-by: Steven <sluong@cisco.com>
2018-03-30acl-plugin: implement an optional session reclassification when ACL is ↵Andrew Yourtchenko4-10/+128
(re-)applied There were several discussions in which users would expect the sessions to be deleted if the new policy after the change does not permit them. There is no right or wrong answer to this question - it is a policy decision. This patch implements an idea to approach this. It uses a per-interface-per-direction counter to designate a "policy epoch" - a period of unchanging rulesets. The moment one removes or adds an ACL applied to an interface, this counter increments. The newly created connections inherit the current policy epoch in a given direction. Likewise, this counter increments if anyone updates an ACL applied to an interface. There is also a new (so far hidden) CLI "set acl-plugin reclassify-sessions [0|1]" (with default being 0) which allows to enable the checking of the existing sessions against the current policy epoch in a given direction. The session is not verified unless there is traffic hitting that session *in the direction of the policy creation* - if the epoch has changed, the session is deleted and within the same processing cycle is evaluated against the ACL rule base and recreated - thus, it should allow traffic-driven session state refresh without affecting the connectivity for the existing sessions. If the packet is coming in the direction opposite to which the session was initially created, the state adjustment is never done, because doing so generically is not really possible without diving too deep into the special cases, which may or may not work. Change-Id: I9e90426492d4bd474b5e89ea8dfb75a7c9de2646 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-03-30Updated sample startup.conf with supported plugin config options.Maciek Konstantynowicz1-10/+19
Change-Id: Id2884a4c2208b4382fce56019b11e4b7fdc4275b Signed-off-by: Maciek Konstantynowicz <mkonstan@cisco.com>
2018-03-30Add missing stdint.hChris Luke1-0/+1
Coverity has started whining about uint32_t missing in this .h Change-Id: I57992121c0593d6a0ada35917802d0300cf91259 Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-03-30lacp: faster convergence for slow-rate config optionSteven6-18/+29
Do fast-rate if we are not yet synchronized with the partner. Stop sending LACP updates as a flash in the worker thread. Just expire the timer and let the lacp_process handle sending LACP PDU. Change-Id: I8b36fe74e752e7f45bd4a8d70512c0341cc197a1 Signed-off-by: Steven <sluong@cisco.com>
2018-03-30bond: show trace causes a crash if the interface is deletedSteven3-13/+32
For the debug image, if the interface is removed and the trace was collected prior to the interface delete, show trace may cause a crash. This is because vnet_get_sw_interface_name and vnet_get_sup_hw_interface are not safe if the interface is deleted. The fix is to use format_vnet_sw_if_index_name if all we need is to get the interface name in the trace to display. It would show "DELETED" which is better than a crash. Change-Id: I912402d3e71592ece9f49d36c8a6b7af97f3b69e Signed-off-by: Steven <sluong@cisco.com>
2018-03-30dpdk: fix crash due to incorrect xd->flags value with slave's link togglingSteve Shin1-2/+5
xd->flags is set incorrectly when a slave link is down in bonded interface mode. This can result in VPP crash when data traffic flows to the interface. Change-Id: Ideb9f5231db1211e8452c52fde646d681310c951 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-03-29Coverity fixes (VPP-1204)Chris Luke6-13/+17
Minor bug fixes CID 183000: double close CID 180996: dead code CID 180995: NULL deref CID 181957: NULL deref CID 182676: NULL deref CID 182675: NULL deref Change-Id: Id35e391c95fafb8cd771984ee8a1a6e597056d37 Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-03-29ip6: fix ip6-local urpf checkingFlorin Coras1-4/+7
Use sw_if_index[VLIB_TX] if set as fib index when doing the urpf check. Change-Id: I5ec3e7f7a54c6782704d91e9a5614fd0f7f9e3de Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-29l2_input:optimize counter accessEyal Bari1-31/+16
only one counter update per frame (was updated per iteration) only access ethertype for casts (was always accessing ethertype) Change-Id: I3a3c3219ec63e975cf5bd8cf2d93103932a4aaa3 Signed-off-by: Eyal Bari <ebari@cisco.com>