summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2024-02-19dev: fix type for uint32 arg valueMonendra Singh Kushwaha1-1/+1
Type: fix Change-Id: Ib09d6a0dfc95d82ecfd2ff123be9004cb038d0d4 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-02-19crypto-openssl: refactor openssl API usageLijian Zhang2-44/+205
For the openssl crypto engine based cipher encrypt/decrypt and HMAC IPSec use cases, the openssl API calls of doing ctx init and key expansion are moved to initialization stage. In current implementation , the ctx is initialized with "key" and "iv" in EVP_EncryptInit_ex (ctx, 0, 0, key->data, op->iv) in data plane, while the ctx can be initialized with 'key' and 'iv' separately, which means there could be two API calls: 1. EVP_EncryptInit_ex (ctx, 0, 0, key->data, 0) 2. EVP_EncryptInit_ex (ctx, 0, 0, 0, op->iv) As the 'key' for certain IPSec SA is fixed and known, so call #1 can be placed in IPSec SA initialization stage. While call #2 should be kept in data plane for each packet, as the "iv" is random for each packet. Type: feature Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> Change-Id: Ided4462c1d4a38addc3078b03d618209e040a07a
2024-02-19wireguard: notify key changes to crypto engineLijian Zhang3-0/+18
This is a prerequisite patch for the following openssl API optimization patch, which tries to offload openssl ctx init and key expansion work to the initialization stage. Wireguard adds crypto keys via vnet_crypto_key_add (), and whenever it modifies the keys, the underneath openssl crypto engine shoud be informed of the changes to update the openssl ctx. Type: feature Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> Change-Id: I3e8f033f3f77eebcecfbd06e8e3bbbfdc95a50e2
2024-02-19ipsec: check each packet for no algs in esp-encryptMatthew Smith1-10/+13
In esp_encrypt_inline(), if two or more consecutive packets are associated with the same SA which has no crypto or integrity algorithms set, only the first one gets dropped. Subsequent packets either get sent (synchronous crypto) or cause a segv (asynchronous crypto). The current SA's index and pool entry are cached before it can be determined whether the packet should be dropped due to no algorithms being set. The check for no algorithms is only performed when the cached SA index is different than the SA index for the current packet. So packets after the first one associated with the "none" alg SA aren't handled properly. This was broken by my previous commit ("ipsec: keep esp encrypt pointer and index synced") which fixed a segv that occurred under a different set of circumstances. Check whether each packet should be dropped instead of only checking when a new SA is encountered. Update unit tests: - Add a test for no algs on tunnel interface which enables asynchronous crypto. - Send more than one packet in the tests for no algs. Type: fix Fixes: dac9e566cd16fc375fff14280b37cb5135584fc6 Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I69e951f22044051eb8557da187cb58f5535b54bf
2024-02-18udp: use transport port refcnt on acceptFlorin Coras3-2/+11
Use udp transport refcnt instead of local port refcnt when accepting new connections. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibc34677b1138682497f98e96b6fddb5b96094ff9
2024-02-18svm: Only include sys/user on LinuxTom Jones1-0/+2
Type: improvement Change-Id: Idb318eb386617013015c43153bf0bd92fa28b9b6 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vnet: Add required header for pthread_npTom Jones1-0/+3
Type: improvement Change-Id: Ia9295b79340a18de6eb5fe80877dcf4ce97b35eb Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vppinfra: Place hugepage MMAP call behind linux specific ifdefTom Jones1-0/+6
Type: improvement Change-Id: I3a48ec4fd4a4063b6e3792b87def7bb796fc947c Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vnet: Use platform specific netlink headers on FreeBSDTom Jones1-0/+5
Type: improvement Change-Id: Ifbd84a45edc82c79ac2850dd70ecdd2f9f1289ae Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vnet: Disable tuntap build on not LinuxTom Jones1-0/+2
tuntap requires porting on FreeBSD, only build on Linux for now. Type: improvement Change-Id: I448c462b31f3bc06f291a95d0ff5df9d6f8f24b8 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vlib: Only init vfio on LinuxTom Jones1-0/+2
Type: improvement Change-Id: Id1c72928324b85bc67860e600722bf8baeff45b2 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vpp: Add required socket headers on FreeBSDTom Jones1-0/+5
Type: improvement Change-Id: I948e447082233187d9ca794ca56a62fad4592e13 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vppinfra: Provide FreeBSD implementation of clib_mem functionsTom Jones2-0/+476
Working from the implementation in linux/mem.c add FreeBSD specific functionality. This duplicates parts of the Linux implementation and a depuplication job could be run in the future. Stub out some parts of the API for now, they are either use unavailable features on FreeBSD or require further implementation than this initial implementation. Type: improvement Change-Id: I1e443e32304d19776a9a4d5e34adfa16ec919427 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18build: Add FreeBSD as a supported platform for cmakeTom Jones1-5/+11
Allow FreeBSD as a platform in the main CMakeLists file. This requires a correct target for the compiler and an explicit name in the system check. The included subdirs require further changes to build, but the compiler needs to find them before it can complain. Type: improvement Change-Id: Ic56fe68290519ef5d3ed61082e7fb0ba0528a3fc Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vnet: Provide platform specific if_tap headersTom Jones2-0/+8
Type: improvement Change-Id: Ia5cec0afc7f929491e495bb337493e64f752d75f Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vnet: Only build tap on LinuxTom Jones1-0/+2
tap requires some porting on FreeBSD, while we wait for those changes only build tap on Linux. Type: improvement Change-Id: I4361bf43764fdb046c2138d4a2ee5d7efa31bd5a Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-18vpp: Add platform specific headers for socket and inetTom Jones2-0/+10
Type: improvement Change-Id: Idcedc14089a49483d83c28a82ecb79d1b856f225 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-17tcp: retransmit fins in last-ackFlorin Coras2-2/+2
Fix instances where timers are reset after programming fin. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib80e3a401d585f388a97c7f2bb62e68ee774d50d
2024-02-16udp: unregister ports on all cleanupsFlorin Coras1-4/+3
UDP transport port refcount is incremented even if port is shared. So decrement it, by unregistering, whener udp connections are cleaned up. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id0a2c60c5faf4dea8b2cd9ded0334934ad9e918c
2024-02-16vppapitrace: Fixed trace dump API result issue.Denys Haryachyy1-2/+2
Set last thread id and last packet position in TRACE_DUMP_REPLY. To enable collection of traces from multiple workers using iterator. Type: fix Change-Id: I69872af4f6981d50cd050fa3d16de2a3c0d6b496 Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2024-02-15tls: mark ho done atomically after ctx initFlorin Coras1-1/+2
Make sure ctx is initialized before ho is marked as done. Type: fix Change-Id: If0525a9890a56e289e2ab006c669a9d64dc6505d Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-02-15session: postpone ct cleanup if rx evt pendingFlorin Coras1-3/+4
Type: fix Change-Id: I8cfaa62abd38d5356263b0ffd428638d1a027617 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-02-14tls: fix compilation errorNiyaz Murshed1-1/+2
After changes done in https://gerrit.fd.io/r/c/vpp/+/40281 , mbedtls plugin is failing to build if enabled. Discussion https://lists.fd.io/g/vpp-dev/topic/104344802#24060 Type: fix Signed-off-by: Niyaz Murshed <niyaz.murshed@arm.com> Change-Id: Iee58b69301ac64f058bca0a7f7a0dedd2def4b35
2024-02-14ikev2: dump state and profile name in CLI and APIDenys Haryachyy5-2/+255
Type: improvement Change-Id: Ide4b45da99e3a67376281f6438997f3148be08e5 Signed-off-by: Denys Haryachyy <garyachy@gmail.com>
2024-02-13vcl: fix epollet test for unhandled evtsFlorin Coras1-1/+1
Argument to vcl_epoll_ctl_add_unhandled_event is often the result of an and between events and EPOLLET which is larger than u8 Type: fix Change-Id: I8c98f557fa1db9f3eb79c90ecdd60ac9366d4d40 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-02-13svm: Add FreeBSD specific signal handling pathTom Jones1-0/+5
FreeBSD's siginfo_t doesn't have the ptr value used on linux to encode a token. Fow now recover the code from siginfo_t and leave the opaque value as 0. Type: improvement Change-Id: Ic6ef96f018b326b99d68534a4488cfc49fdf16e1 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Put clib_perf* behind Linux checks and provide stubs for FreeBSDTom Jones2-0/+38
As a placeholder stub out clib_perf functions on FreeBSD, the interface for performance counters on FreeBSD is different and will require its own implementation. Type: improvement Change-Id: I61511ebe5ee1fd6fe93d3179c7843c811f47a846 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Add netlink header on FreeBSDTom Jones1-1/+3
FreeBSD has support netlink since 13.2, but keeps its header in a slightly different place. Correctly include netlink/netlink.h for FreeBSD. Type: improvement Change-Id: Iec78ca72db74ea7f9c874e7039c7d17b6321f9dc Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Protect Linux specific features behind CLIB_LINUXTom Jones1-2/+4
Place Linux specific features behind CLIB_LINUX. The previous #ifdef calls would still pass even if CLIB_LINUX is set to 0 in clib.h, instead use #if. Type: improvement Change-Id: Ibe4424eee4bc0065f54764b017b9a56a3e854380 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13svm: Include stdint on FreeBSDTom Jones1-0/+3
On FreeBSD we need to include stdint.h to get __WORDSIZE. Type: improvement Change-Id: I784aa0856fd8298f33016b7ccedecfa3672d5429 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Make program counter printing more portableTom Jones1-0/+8
Finding the program counter in the ucontext struct is platform and architecture specific, place the Linux checks inside an #ifdef and add a look up for the FreeBSD amd64 specific naming. Type: improvement Change-Id: I42fcef5f20227c23d84acee336e37c4870146bb4 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vnet: Don't use __unused for struct paddingTom Jones1-1/+1
__unused is a clang keyword, this struct member will trip the build when using clang. Instead call the unused padding 'pad' which should be clear to the purpose if not the usage. Type: improvement Change-Id: I0abae34841651be1ef6b7d94864f0dc8185f0733 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Add a stubbed out test_perf function for FreeBSDTom Jones1-0/+6
Type: improvement Change-Id: If136e0854dbaecfa62fc009ca2b0b94e8d9a56f2 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: MAP_HUGETLB isn't available on FreeBSDTom Jones1-0/+2
Don't use the MAP_HUGETLB mmap flag on FreeBSD as it isn't available on the platform. Type: improvement Change-Id: Ie2046601c693f9ef12cf8113d6dbd87c322f1cf0 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Only prealloc hugepages on LinuxTom Jones1-0/+2
FreeBSD doesn't support sysfs or preallocating hugepages directly. In lieu of refactoring clib_sysfs calls place this one behind an #ifdef linux. Type: improvement Change-Id: I4079ca70175e4cec44d913db2b0407a3ca6306c9 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Don't build perfmon on FreeBSDTom Jones1-3/+4
FreeBSD has platform specific APIs for interfacing with performance counters. Until we bring in FreeBSD support, don't build perfmon on platforms which aren't linux. Type: improvement Change-Id: Iabc418922c0d2e851c6098508761135f53433ae8 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-13vppinfra: Place SIGPWR behind a linux defineTom Jones1-0/+2
The SIGPWR signal is specific to Linux, place it behind a Linux flag to help the build on FreeBSD. Type: improvement Change-Id: Ie36c2ceb201afff98e92bbe64595c3953b11c457 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-02-12fib: contention with DP on deleting a routeSteven Luong1-0/+1
Add vlib_worker_wait_one_loop prior to invoking dpo_reset upon uninstalling a fib entry to avoid contention with DP. Type: fix Change-Id: If2a6c4cb9b5629dd61e506ab9f9c3e6aef121b45 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-02-12af_packet : fix crash on interface creationhsandid1-4/+6
Type: fix Attempting to create a host-interface with an invalid af_packet name causes a crash, as we attempt to read the contents of a null ptr. Change-Id: Ia31ae21684c2b66baa1ceaadf29e19fae33c4ed4 Signed-off-by: hsandid <halsandi@cisco.com>
2024-02-12buffers: bring back cache occupancy improvementVratko Polak1-0/+4
The improvement was removed in 40129, causing 5-40% regressions in AVF tests. There is a memory-speed trade-off, this change prefers speed over memory efficiency. Ideally, the choice should be configurable, but that is not easy to achieve, considering how early is vlib_buffer_main_init called. Type: fix Fixes: 038dad7ef29b0b724071edb5f8cc7a9845584454 Change-Id: I4746f3634abe6d233c9d092a372de05b3d1ae4b6 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2024-02-12ip_session_redirect: export symbolsBenoît Ganne2-2/+5
Add/del functions can be used from external modules. Type: improvement Change-Id: I267bcfacd58970bcacae13744d8acc690b87d2fc Signed-off-by: Benoît Ganne <bganne@cisco.com>
2024-02-09ikev2: accept rekey request for IKE SAAtzm Watanabe3-24/+265
RFC 7296 describes the way to rekey IKE SAs: to rekey an IKE SA, establish a new equivalent IKE SA with the peer to whom the old IKE SA is shared using a CREATE_CHILD_SA within the existing IKE SA. An IKE SA so created inherits all of the original IKE SA's Child SAs, and the new IKE SA is used for all control messages needed to maintain those Child SAs. Type: improvement Signed-off-by: Atzm Watanabe <atzmism@gmail.com> Change-Id: Icdf43b67c38bf183913a28a08a85236ba16343af
2024-02-07udp: add cli to dump transport portsFlorin Coras1-0/+92
show udp transport ports Dumps list of ports registered by udp transport, as opposed to udp local, and their refcount. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If3cbe51a7176cb89fa38b524defffbbd76af8f58
2024-02-02session: guard session lookup table allocsFlorin Coras2-0/+37
Session lookup tables could be allocated from workers, e.g., connects are done from first worker. Make sure consumers are not affected by stopping workers. Type: fix Change-Id: I63b53c58b41ce91b08f50a2325c69c9f9fd25ed3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-02-02vlib: flush rpcs on worker syncFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I89624254649089e497d119eb6cee2cecf3dc11f3
2024-02-02vlib api: move wrkr rpc flushing to vlibFlorin Coras5-21/+18
Move vlib worker rpc flushing to main worker from memclnt api into vlib. RPCs are no longer delivered via binary api queues Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5b8761a57d1f4a1f2220e860cfb2e6b980f46f6d
2024-01-31tls: set app closed flag in frameworkFlorin Coras2-2/+1
Set the flag in tls framework as opposed to tls engines. This is similar to passive close. Type: improvement Change-Id: I0c2a774b1ef9d7ec6ba74daf1678ea449815184f Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-01-31tls: convert ctx fields to connection flagsFlorin Coras5-36/+40
Type: refactor Change-Id: I527bbc1cf2e7b6d06fd0c88b7563fb59ed28bc40 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-01-30linux-cp: add add_del_v3 and get_v2 methodsAnton Nikolaev2-6/+108
Added vl_api_lcp_itf_pair_add_del_v3_t_handler method, it can return vif_index in reply. Also added vl_api_lcp_itf_pair_get_v2_t_handler methods, this method is able to dump only one lcp pair or dump all lcp pairs via stream_msg. Type: improvement Change-Id: I1d25344ee57f8fac8b857bb3a9a03116230b4d2c Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
2024-01-29api: provide api definition over apiOle Troan10-29/+968
This patch allows a client to bootstrap itself by downloading the JSON API definitions over the API itself. This patch enables it for Python (probably need a dynamic language). Call VPPApiClient with the new bootstrapapi=True parameter. Example (Python): from vpp_papi import VPPApiClient vpp = VPPApiClient(bootstrapapi=True) rv = vpp.connect("foobar") assert rv == 0 print(f'SHOW VERSION: {vpp.api.show_version()}') vpp.disconnect() Type: feature Change-Id: Id903fdccc82b2e22aa1994331d2c150253f2ccae Signed-off-by: Ole Troan <otroan@employees.org>