| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
When a session is found expired, the next node of in2out fast path
should be in2out slow path instead of out2in slow path.
Type: fix
Signed-off-by: Jing Peng <jing@meter.com>
Change-Id: If1dd920502089c25b33bea5434823b0496a44499
|
|
Type: improvement
Change-Id: I7f52222706200c31a731fadfb84513549ccb532d
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Type: improvement
Roaming functionality allows the peer address to change. The main thread
was being called to update a peer's address if necessary after
processing a received packet. Check in the worker whether this is
necessary before incurring the overhead of the RPC to the main thread.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I02184b92dc658e0f57dd39993a3b2f9944187b45
|
|
The ability to modify the vlan setting must be checked prior to using
VIRTCHNL_OP_DISABLE_VLAN_STRIPPING_V2 both for inner and outer vlan
stripping
Change-Id: Iffe306c34b81a6077ad6ba5deb3f5b61b5475897
Type: fix
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
|
|
Originally initialization cryptodev device(s) calls double request
to enabled async mode and increased ref count twice for async mode.
Due to this cannot be change any assigned async handlers to other
async crypto engine.
The fixes reduce double request to enable async mode in initialization
cryptodev device(s) and VPP can be change assigned async handlers
to other crypto engine after disabled all async feature, for example:
ipsec, wireguard.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: If22e682c3c10de781d05c2e09b5420f75be151c3
|
|
test output before fix:
DBGvpp# vrrp proto start sw_if_index 1 vr_id 1
vrrp proto: unknown input `sw_if_index 1 vr_id 1'
DBGvpp# vrrp vr track-if add sw_if_index 1 vr_id 1 track-index 1
priority 30
vrrp vr track-if: Please specify an interface
Type: fix
Signed-off-by: luoyaozu <luoyaozu@foxmail.com>
Change-Id: Ib8ba67e920b23008d9246318ec8f8f17bf0bea95
|
|
client_pathname is usually smaller than pc->caddr.sun_path. snprint()
ensures we stop at the NULL character or sizeof(sun_path) whichever
comes 1st. It also guarantees NULL character termination.
Type: fix
Change-Id: I9fc2a706beab931d50d32d03f7fafca7c6c2fb0b
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
cmake MATCHES directive with the empty regex "" always match, including
non-empty strings.
Type: fix
Fixes: 534dfc1f18db74f4a2c78d62fe6893daba56dc86
Change-Id: If085b29da15a6d7fc680cebb823183fd3c7eea68
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
zero-initialize the variables
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I51c3856865eab037f646a0d184e82ecb3b5b3216
|
|
Store mss and sw_if_index to udp_connection_t and display them via
show sessipn verbose 2
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I32928f3f4195b178873dc1bada702e035d99c464
|
|
Zero-initialize a variable.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Iccf2eb4bf26755d6cd93fc70df3c5481d69ce7eb
|
|
Zero-initialize the variable
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I4ee127ac3e2a3beffa11bbc96db1f3254b3f7c5d
|
|
Initialize the session index in case of error to ~0,
so is defined in case trace needs to copy it.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Iddf6df42c09d2abc11e5821944eb4f41692e6e3e
|
|
It may contain garbage in debug builds resulting in wrong
gho detected flags and offsets.
Type: fix
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: Ia79633262185016f527e7dc6c67334cda6f055f2
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I0a58c0f54d8be31a0a78bef00152fb2cc193840e
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I8d84dc8b7f5c5e863c32838cfafc3d366e2a7e00
|
|
Mark arp packet as locally originated when probing/replying and don't apply any
arp-term logic against it.
Type: fix
Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
Change-Id: I305ff5cac8cac456decf92f21b961aa4ce286079
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic81702bffb5b3189db48efe1ab3b237fa2bf75f2
|
|
The unformat type for "%d" should be u32 or int, otherwise the 'did' in
high stack address will be overflow to zero by the 'qid' which is in the
low stack address.
Like input "dev wq3.2" will return "did=0, qid=2".
Type: fix
Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
Change-Id: I0fe1d5b03e2c47e0a7925193e2c2f1ccc31d3e90
|
|
When there is a bad descriptor, it may in the beginning, in the middle,
or at the end of the batch if the batch has more than 3 descriptors.
When processing a bad descriptor is encountered in the batch, we need to
rollback n_buffers in memif_process_desc(), or the statement in the same
function
memif_add_copy_op (ptd, mb0 + src_off, bytes_to_copy,
dst_off, n_buffers - 1);
is wrong because it picks up the wrong buffer_vec_index of the bad
descriptor while parsing a good descriptor immediately following the
bad descriptor. n_buffers was incremented in the beginning of
while (n_left) loop.
The other problem is we should count the number of bad packets and
reduce ptd->n_packets to get the correct number of packets for subsequent
processing in device_input.
The last fix is to check if n_buffers == 0 in device_input and skip
doing any descriptor copy. This case can happen when all the descriptors
are bad in the batch.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I28ed1d87236b045657006755747b5750a9a733be
|
|
Ensure that the ethernet_input_inline_dmac_check which directly derefererences ei,
is called only if ei is set.
Type: fix
Change-Id: I2d3bce63ee457825a5d375a6102225f3abf67703
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Add another missing null check.
Type: fix
Change-Id: Iec4de548810efe369a6e61b8787131230506cff6
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Fix integer overflow.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I72de6f88be064f188204d0f6d3167a3a8d7de58d
|
|
Following the discussion during the review
of b46a4e69e5db18ef792415439d04a0ab22c59386,
remove the redundant ei0. This resulted in realization
that in order for this code to do anything useful,
the ei must be always non-zero, so rewrite the logical
condition for it. Also, make it a conjunction which seems simpler
to understand.
Type: improvement
Change-Id: Ibd7b2a63e4aeaf97eb1a98af8e69aed2ff7dd577
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Using the error name makes it less explicit in the packet trace than
the error description when a packet is dropped. Example of the trace
when the TTL is <=1:
01:03:17:015278: drop
ip4-input: time_expired
We should have "ip4 ttl <= 1" instead of "time_expired"
Type: fix
Change-Id: Ic9decf10d609cc938e39d0f449359e41c406267e
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
|
|
Using "ip neighbor <ip-addr> <mac-addr> static count <count>" to add
static ARP entries will output wrong mac addresses due to lack of
big/little endian conversion. Fix this error by converting mac address
from big endian to little endian before doing the self-increment.
Before patched:
vpp# ip neighbor rdma-0 198.18.1.1 01:aa:bb:cc:dd:e0 static count 5
vpp# show ip neighbor
Time IP Flags Ethernet Interface
4.4400 198.18.1.5 S 05:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.4 S 04:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.3 S 03:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.2 S 02:aa:bb:cc:dd:e0 rdma-0
4.4399 198.18.1.1 S 01:aa:bb:cc:dd:e0 rdma-0
After patched:
vpp# ip neighbor rdma-0 198.18.1.1 01:aa:bb:cc:dd:e0 static count 5
vpp# show ip neighbor
Time IP Flags Ethernet Interface
4.4528 198.18.1.5 S 01:aa:bb:cc:dd:e4 rdma-0
4.4528 198.18.1.4 S 01:aa:bb:cc:dd:e3 rdma-0
4.4528 198.18.1.3 S 01:aa:bb:cc:dd:e2 rdma-0
4.4527 198.18.1.2 S 01:aa:bb:cc:dd:e1 rdma-0
4.4527 198.18.1.1 S 01:aa:bb:cc:dd:e0 rdma-0
Type: fix
Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
Change-Id: Iec1e00e381e4aba96639f831e7e42e070be3f278
|
|
Add an assert to express the constraint to coverity without
incurring the overhead in release builds.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I2c22f8b2565c645d95c9c0be37381060e151420f
|
|
Add an ASSERT so coverity is aware of the assumption taken,
without incurring any penalty in release build.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I3e7e1e77059492315409efbed47657f9e56d167c
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Check that the pointer is non-null before dereferencing it.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I611a1042d08bbe455dd09a4fa5711fe86c440240
|
|
In case of a bad packet, the bihash kv is not initialized before being
copied in the trace. Make sure it is initialized to 0.
Type: fix
Change-Id: I22fcfe99f3586d0fa128493059547a56557b8fb5
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Initialize the host_sw_if_index to ~0 so in the error cases
the variable is set to something predictable.
Type: fix
Change-Id: Ic55e4f0cbfa286e85dfb54b89b5321af18a439a1
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Zero-initialize the temporary struct, else a->map.adj_index is being used unset.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ia02636ea1e911250d6aa5e413de48e1e09863880
|
|
- this warning causes build errors with gcc on ubuntu 22.04
Type: make
Change-Id: Id8f6ab44b2315ce8a4564ea924d799ecb6f57fdf
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
This patch introduces DMA infrastructure into vlib. This is well known
that large amount of memory movements will drain core resource. Nowadays
more and more hardware accelerators were designed out for freeing core
from this burden. Meanwhile some restrictions still remained when
utilizing hardware accelerators, e.g. cross numa throughput will have a
significant drop compared to same node. Normally the number of hardware
accelerator instances will less than cores number, not to mention that
applications number will even beyond the number of cores. Some hardware
may support share virtual address with cores, while others are not.
Here we introduce new DMA infrastructure which can fulfill the
requirements of vpp applications like session and memif and in the
meantime dealing with hardware limitations.
Here is some design backgrounds:
Backend is the abstract of resource which allocated from DMA device
and can do some basic operations like configuration, DMA copy and
result query.
Config is the abstract of application DMA requirement. Application
need to request an unique config index from DMA infrastructure. This
unique config index is associated with backend resource. Two options
cpu fallback and barrier before last can be specified in config.
DMA transfer will be performed by CPU when backend is busy if cpu
fallback option is enabled. DMA transfer callback will be in order
if barrier before last option is enabled.
We constructs all the stuffs that DMA transfer request needed into
DMA batch. It contains the pattern of DMA descriptors and function
pointers for submission and callback. One DMA transfer request need
multiple times batch update and one time batch submission.
DMA backends will assigned to config's workers threads equally. Lock
will be used for thread-safety if same backends assigned to multiple
threads. Backend node will check all the pending requests in worker
thread and do callback with the pointer of DMA batch if transfer
completed. Application can utilize cookie in DMA batch for selves
usage.
DMA architecture:
+----------+ +----------+ +----------+ +----------+
| Config1 | | Config2 | | Config1 | | Config2 |
+----------+ +----------+ +----------+ +----------+
|| || || ||
+-------------------------+ +-------------------------+
| DMA polling thread A | | DMA polling thread B |
+-------------------------+ +-------------------------+
|| ||
+----------+ +----------+
| Backend1 | | Backend2 |
+----------+ +----------+
Type: feature
Signed-off-by: Marvin Liu <yong.liu@intel.com>
Change-Id: I1725e0c26687985aac29618c9abe4f5e0de08ebf
|
|
The ipv6 header length should not be counted in the ipv6 payload length.
This is similar to https://gerrit.fd.io/r/c/vpp/+/36945.
Type: fix
Change-Id: I22de0ff828175829102a85288513ee3f55709108
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: improvement
When trying to use a version string in a downstream build that appends a
timestamp to the standard version string, compiling fails because the
version string is too long for the version and version_required fields
in vlib_plugin_registration_t. Increase the size of those arrays from 32
to 64 chars.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I3632139e5ae7110aa4769359f380ad29522ad4ed
|
|
Zero-initialize the temporary struct, else coverity complains about a bunch of uninitialized fields.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I45dc42134f06917a7459d615804f978a175bec0f
|
|
Type: improvement
VPP crashes when a linux-cp tap is added to a bridge on the host system
because rtnl_neigh_get_dst() returns NULL for the neighbor message that
is sent by the kernel.
Check for NULL before trying to use the address from a neighbor in a
netlink message.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I8a683d815a09620df9c0cc76e18df39828428e2c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Add the error checks in parsing, aimed to avoid parser walking past the end of packet in case the data
is garbage.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I9541b555a18baf63cb8081bcd7a4c2750f2ed012
|
|
flags is u64, makes sure we do not overflow when shifting.
Type: fix
Change-Id: Ieea34187c0b568dc4d24c9415b9cff36907a5a87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Zero-initialize the temporary struct.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I8d73feae427a17470c47d1551ba7078213b589fc
|
|
Day1 latent integer overflow.
vnet_classify_add_del defines new_hash as u32 - so replace a u64 type with u32
in split_and_rehash as well.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I51384a2db1caa4099b4d2ac25cd185bd108da037
|
|
rather than using obfuscated macro hacery, simplify
the per-protocol data management by directly using
an array of NAT protocol types.
Type: refactor
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: I6fe987556ac9f402f8d490da0740e2b91440304c
|
|
format returns a vector which must be free or memory is leaked.
From show memory
3716528 66716 0x7fffbfeb0db0 _vec_resize_internal + 0xe6
_vec_add + 0x164
do_percent + 0xb82
va_format + 0xb9
format + 0x156
vlib_register_errors + 0x76c
setup_tx_node + 0x5c
vnet_register_interface + 0xca6
vnet_eth_register_interface + 0xdd
memif_create_if + 0x975
memif_create_command_fn + 0x461
vlib_cli_dispatch_sub_commands + 0xec8
(gdb) list *(vlib_register_errors + 0x76c)
0x7ffff6e8280c is in vlib_register_errors (/home/sluong/vpp/vpp/src/vlib/error.c:224).
219
220 vec_validate (nm->node_by_error, n->error_heap_index + n_errors - 1);
221
222 for (u32 i = 0; i < n_errors; i++)
223 {
224 t.format = (char *) format (0, "%v %s: %%d", n->name, cd[i].name);
225 vm->error_elog_event_types[n->error_heap_index + i] = t;
226 nm->node_by_error[n->error_heap_index + i] = n->index;
227 }
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I2983f081b7e2c1b2d18d66afe45282933efbe127
|
|
Type: improvement
If an SA protecting an IPv6 tunnel interface has UDP encapsulation
enabled, the code in esp_encrypt_inline() inserts a UDP header but does
not set the next protocol or the UDP payload length, so the peer that
receives the packet drops it. Set the next protocol field and the UDP
payload length correctly.
The port(s) for UDP encapsulation of IPsec was not registered for IPv6.
Add this registration for IPv6 SAs when UDP encapsulation is enabled.
Add punt handling for IPv6 IKE on NAT-T port.
Add registration of linux-cp for the new punt reason.
Add unit tests of IPv6 ESP w/ UDP encapsulation on tun protect
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: Ibb28e423ab8c7bcea2c1964782a788a0f4da5268
|
|
Free up the vapi context in case of failure.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I4f64e8718014d714f1b82877e69d2354b5fa44fb
|
|
Crypto backend errors should not be using the same error as missing
keypair.
Type: fix
Change-Id: I78c2b3df3f08a354463b7824349b08627f2b023c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
IPv6 payload length should not include the size of the IPv6 header.
Type: fix
Change-Id: Iedcd17d0af8d72d9b5f8f9b605da7c99e151bc9d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Fix a copy-n-paste issue that left clib_bitmap_set()'s return
type documentation incorrect. Chnage it to indicate that
the function returns a new pointer for the bitmap that could
be different due to a possible reallocation.
Type: docs
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: Ia193c4673c0e4d1760e91cd7f80ebe1868a3c9b5
|
|
Previously, each address maintained an array of 32-bit
reference counts for each of 65K possible ports for each
of 4 NAT protocols. Totalling 1MB per address. Wow.
A close read of the code shows that an "is used" check
precedes each attempted reference count increment.
That means the refcount never actually gets above 1.
That in turn means algorithmically, a bit vector is
sufficient. And one need not be allocated for more
than the highest validated port referenced.
These changes introduce a dynamically sized bit vector
replacing the reference counts, for a maximum of 32K
if all 4 protocols use port 65535. In fact, protocol
OTHER is never used, so at most 24K will be used, and
none of it will be "statically" allocated per address.
Type: fix
Fixes: 85bee7548bc5a360851d92807dae6d4159b68314
Change-Id: I7fd70050e7bf4871692a862231f8f38cf0158132
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
Jing Peng
Damjan Marion
Matthew Smith
Mohammed Hawari
Gabriel Oginski
luoyaozu
Benoît Ganne
Andrew Yourtchenko
Steven Luong
Vladislav Grishenko
Mohsin Kazmi
Stanislav Zaikin
Florin Coras
Haiyue Wang
Arthur de Kerhor
Jieqiang Wang
Dave Wallace
Marvin Liu
Aloys Augustin
Jon Loeliger