| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
in more than one C file
Including the exports.h from multiple .c files belonging to a single plugin results in an error.
Fix that by making all the exported function pointers static, so every place
which includes the exports.h gets its own copy of function pointers.
This will also require to call separately the acl_plugin_exports_init() per file
to initialize them.
Change-Id: Icb70695efa23579c46c716944838766cebc8573e
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
https://gerrit.fd.io/r/#/c/7701/ accidentally removed 3 lines of code in
dpdk/device/init.c which were added by https://gerrit.fd.io/r/#/c/7826/
case VNET_DPDK_PMD_VHOST_ETHER:
xd->port_type = VNET_DPDK_PORT_TYPE_VHOST_ETHER;
break;
Those lines were needed to recognize vhost-user interface which is created
via vdev command in dpdk and display VhostEthernet. Without them,
UnknownEthernet is displayed.
Change-Id: I6d7ee6aecc6a415fbb7308595d515649475bcd5f
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 684d08c7e5378af5310346e9219a79ef1d901084)
|
|
This patch addresses 182346, 182347, 182353.
Change-Id: I59c3d74bd3a2122b836c93e22ddb632fa032f7fe
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
(cherry picked from commit 216c35b2c6e5b4a728675f5141241420841cda34)
|
|
This patch addresses the warning 182994
Change-Id: I071f3cbdf9965c7b57d444f79430ee75c66c856e
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: I994649761fe2e66e12ae0e49a84fb1d0a966ddfb
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 756cd9441752fc8f84104c9ee19099506ba89f85)
|
|
show vhost-user <interface> may cause a crash if interface is semi-bogus.
Semi-bogus means it is a known vpp interface which has a hw_if_index, but
it is bogus because it is not a vhost-user interface.
The fix is to add a check to reject non vhost-user interface for the
command.
Change-Id: I63f1e8bfbf46f5ec4c30f9fb3546982b63cd7cc5
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 583f158b44d9644855441280e09afbf85a4557df)
|
|
Change-Id: Ie20aaf0eb1a5a338a54f0de4d6da661431be5163
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
It is a relatively rarely used low level command for code that didn't change,
but due to infra changes it did not survive. Having it working may be very
useful for corner-case debugging. So, fix it for working with
the acl-as-a-service infra.
Change-Id: I11b60e0c78591cc340b043ec240f0311ea1eb2f9
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I6400b77de388c01e85209e5dc5f11ccafb79a459
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
(cherry picked from commit 5aaea1186e4464c0bcbd165ead4b1782a35bb056)
|
|
In dpdk based bonding, when the bond interface is configured for l2,
it automatically sets the bond interface to promiscuous mode and sets rx
redirect to ethernet-input. This allows traffic to be bridged to
non compute node facing interface when it is received from the compute
node interface.
For native vpp bonding, we need to do similar things. When the bond interface
is configured for l2, we set the slave interfaces to promiscuous mode
and set rx redirect to ethernet-input because dpdk does not know anything
about the bond interface. Likewise, when a new interface is enslaved, we also
need to do the same thing if the bond interface has already been configured
for l2.
Change-Id: I7e168008e8a4221be74929b2a20e6db0ce8f3110
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 4f8863b21405d1ab3e067e978a60be72a343358b)
|
|
Change-Id: I3700fc1d140e30da783e41762670618f0298c7db
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit 1e583111ebeb0333435cfad8af10ebe0e9842d4d)
|
|
Change-Id: Id5a2a90d81cc9cb87cb6fb89ac2f4ca3cbcb51e2
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
(cherry picked from commit 9341e34b500ce7c68fc6857a24ee7b67cac121b1)
|
|
Change-Id: Iedc6bbaa1c0a1c3c6e1b8ed6d67db28046a551f4
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit 58c711a196d9b178bfe6190964a7df92145cf949)
|
|
Adopt nova naming convention for vhost-user interfaces.
Change-Id: If70f0828106bf594eb11d4f0ed2898a35ec0af15
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
(cherry picked from commit 47cca9b0f2a406a4494e646c4c4cd37abb47053a)
|
|
only in lookup context 0
In process of extracting the matching out of the ACL plugin internals,
a couple of pieces setting the miscellaneout fields in the 5tuple structure
did not make it, so they are initialized to zeroes. Move the assignments
to the right place to make both traffic acls and acl-as-a-service working.
Change-Id: I66a7540a13b05113b599f0541999a18fad60385d
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
While https://gerrit.fd.io/r/#/c/11316/ took care of 1 packet/frame for
most of the bonding modes, it missed the broadcast mode. This patch is
to fix the 1 packet/frame for the broadcast mode.
Change-Id: Iac48a2977c7f702f341479cc712a6448090dbc60
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 22b5be06fae6f9a8b71c53fec548aabbdf69026b)
|
|
Prior to this fix vppapigen would just do a crc32 on the Python representation
of the file as a set of dictionaries. That of course was not a good idea.
Change-Id: Ie454736ffec02fa4679ab27e684b1d6c6406a0f1
Signed-off-by: Ole Troan <ot@cisco.com>
(cherry picked from commit 17225df81b6fbfedc49dbf1fccb6d68df5a44ce0)
|
|
Change-Id: I0efd03bdb84bc9ff2334d398bfdb82486228114a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
(cherry picked from commit 7bf3f9f70e8395c13ed235cb48ec1787b07cf2d9)
|
|
Change-Id: I50ff0cacf88182f8e0be19840c50f4954de586e2
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
(cherry picked from commit 87dad11c8717735479e57cf6c065c7a7963c3aa3)
|
|
If l2-fwd node does not find an L2FIB entry for DMAC of packet,
use input feature bitmap to find next node instead of always
sending packet to l2-flood node to perform unknow unicast flood.
It provides possibilty of using other feature to forward unknow
unicast packet instead of flooding the BD.
Change-Id: I56b277050537678c92bd548d96d87cadc8d2e287
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit 9a719298c3160b0c28aa7d74747ef206751c8cae)
|
|
using the inline functions
The acl_main struct, which is defined in the acl_plugin, is not visible when
the ACL plugin inline code is being compiled within the context of other plugins.
Fix that by using the global pointer variable, which exists in both the ACL plugin
context and is set in the context of the external plugins using ACL plugin.
Change-Id: Iaa74dd8cf36ff5442a06a25c5c968722116bddf8
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
The users of ACL lookup contexts might not check the data they supply,
so do it on their behalf in this function, and return an error if
an ACL does not exist or if they attempt to apply the same ACL twice.
Change-Id: I89d871e60f267ce643f88574c83baf9cd0a2d7b3
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I71660eb327124179ff200763c4743cc81dc6e1c6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
(cherry picked from commit f13a8787365300d757eca4624c8f8a6b7c49392b)
|
|
Change-Id: Id775efb2e85d850e510d00f1b48bb711a3342397
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I78a4176f98c2b4630a57ac5ddb7faf58ba0c4ee1
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I2b1d1035f810cb58356626cf081d46eb289265b4
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ibcffee7d20dbb79720199bcd82d2353f39d5544f
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: I65306fb1f8e39221dd1d8c00737a7fb1c0129ba8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Use device-input and interface-output feautre arcs to collect unicast, multicast
and broadcast states for RX and TX resp. Since these feature arcs are present only
for 'physical' interfaces (i.e. not su-interfaces) counter collection is supported
only on parent interface types.
Change-Id: I915c235e336b0fc3a3c3de918f95dd674e4e0e4e
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: Ia99490180683e8649784f7d9d18c509c3ca78438
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ifb4d23059b7989c32a52eaf0c25c275b35e83010
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
dpdk-input was dropping packets with bad ip-checksum on l2 interfaces
Change-Id: Ife5b52766bb71e878b1da6e94ae7b8a1e59fc478
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
This change fixes a bug which would corrupt features infra by making
feature infra resistant to double-removal. It also fixes 'out of memory'
issue by properly initializing the bihash tables.
Change-Id: I78ac03139234a9a0e0b48e7bdfac1c38a0069e82
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I148cb40c8bea55dabe54fa6a662d46862e571640
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
virtio_free_rx_buffers uses the wrong slot in the vring to get
the buffer index. It uses desc_next. It should be last_used_idx
which is the slot number for the first valid descriptor.
Change-Id: I6b62b794f06869fbffffce45430b8b2e37b1266c
Signed-off-by: Steven <sluong@cisco.com>
|
|
(re-)applied
There were several discussions in which users would expect the sessions to be deleted
if the new policy after the change does not permit them.
There is no right or wrong answer to this question - it is a policy decision.
This patch implements an idea to approach this. It uses a per-interface-per-direction counter to designate
a "policy epoch" - a period of unchanging rulesets. The moment one removes or adds an ACL applied to
an interface, this counter increments.
The newly created connections inherit the current policy epoch in a given direction.
Likewise, this counter increments if anyone updates an ACL applied to an interface.
There is also a new (so far hidden) CLI "set acl-plugin reclassify-sessions [0|1]"
(with default being 0) which allows to enable the checking of the existing sessions
against the current policy epoch in a given direction.
The session is not verified unless there is traffic hitting that session
*in the direction of the policy creation* - if the epoch has changed,
the session is deleted and within the same processing cycle is evaluated
against the ACL rule base and recreated - thus, it should allow traffic-driven
session state refresh without affecting the connectivity for the existing sessions.
If the packet is coming in the direction opposite to which the session was initially
created, the state adjustment is never done, because doing so generically
is not really possible without diving too deep into the special cases,
which may or may not work.
Change-Id: I9e90426492d4bd474b5e89ea8dfb75a7c9de2646
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Id2884a4c2208b4382fce56019b11e4b7fdc4275b
Signed-off-by: Maciek Konstantynowicz <mkonstan@cisco.com>
|
|
Coverity has started whining about uint32_t missing in this .h
Change-Id: I57992121c0593d6a0ada35917802d0300cf91259
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Do fast-rate if we are not yet synchronized with the partner.
Stop sending LACP updates as a flash in the worker thread. Just expire the
timer and let the lacp_process handle sending LACP PDU.
Change-Id: I8b36fe74e752e7f45bd4a8d70512c0341cc197a1
Signed-off-by: Steven <sluong@cisco.com>
|
|
For the debug image, if the interface is removed and the trace was
collected prior to the interface delete, show trace may cause a crash.
This is because vnet_get_sw_interface_name and vnet_get_sup_hw_interface
are not safe if the interface is deleted.
The fix is to use format_vnet_sw_if_index_name if all we need is to
get the interface name in the trace to display. It would show "DELETED"
which is better than a crash.
Change-Id: I912402d3e71592ece9f49d36c8a6b7af97f3b69e
Signed-off-by: Steven <sluong@cisco.com>
|
|
xd->flags is set incorrectly when a slave link is down in bonded interface mode.
This can result in VPP crash when data traffic flows to the interface.
Change-Id: Ideb9f5231db1211e8452c52fde646d681310c951
Signed-off-by: Steve Shin <jonshin@cisco.com>
|
|
Minor bug fixes
CID 183000: double close
CID 180996: dead code
CID 180995: NULL deref
CID 181957: NULL deref
CID 182676: NULL deref
CID 182675: NULL deref
Change-Id: Id35e391c95fafb8cd771984ee8a1a6e597056d37
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Use sw_if_index[VLIB_TX] if set as fib index when doing the urpf check.
Change-Id: I5ec3e7f7a54c6782704d91e9a5614fd0f7f9e3de
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
only one counter update per frame (was updated per iteration)
only access ethertype for casts (was always accessing ethertype)
Change-Id: I3a3c3219ec63e975cf5bd8cf2d93103932a4aaa3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I373cc252df3621d44879b8eca70aed17d7752a2a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Causes subtle misbehavior elsewhere
Change-Id: I3a0ade26e8e03b8c5dc8e722f6a01fb99ec7a1e0
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I5695d51dd4f6daff472877fe1cce3ddcb924b187
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
rename "enslave interface <slave> to <BondEthernetx>" to
"bond add <BondEthernetx> <slave>
"detach interface <slave>" to
"bond del <slave>"
Change-Id: I1bf8f017517b1f8a823127c7efedd3766e45cd5b
Signed-off-by: Steven <sluong@cisco.com>
|
|
Following TCP fixes from Florin (11430), this patch follows the same
approach to indicate a fib (not just using the default one).
Change-Id: Ib883aa0e9a1c6157acfea69c44426ba07d6c932a
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
Andrew Yourtchenko
Steven
Marco Varlese
Neale Ranns
Klement Sekera
Radu Nicolau
Mohsin Kazmi
Juraj Sloboda
Ole Troan
Neale Ranns
John Lo
Matus Fabian
Damjan Marion
Chris Luke
Eyal Bari
Florin Coras
Maciek Konstantynowicz
Steve Shin
Dave Barach