summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-11-02VCL: application proxy configurationDave Wallace3-99/+157
- Add support to configure VCL to set application proxy transport types and app_is_proxy flag via vcl config file or env vars. - Clean up debug output. - Rename session_scope -> app_scope. Change-Id: I6e35f3cdd84daf0112133af8f33acd0152f87ca3 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-02LISP: fix negative mapping timeout, VPP-1043Filip Tehlar1-1/+2
Change-Id: Ie57b81f8743f14182813558887d84d6667c81d43 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-11-02Add replicate DPO header to export list for VPPSBNeale Ranns1-0/+1
Change-Id: I0b437ac5fecc81c7762d9cad0f33e977fcf3aa27 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-02Add builtin http server option to return static replyFlorin Coras1-23/+97
Change-Id: I9f4d1c7ee7b460a93198930a5a935fa90177cdad Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-01session: fix proxy coverity warningsFlorin Coras1-1/+2
Change-Id: I8d233d2301fb0da0fe27fa36ba870484bb290b7b Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-01VPP-959: Support old version of CFFIOle Troan2-3/+17
Change-Id: I3d3e5dff5b22fca58a50da6a9d0aaf1182e736dd Signed-off-by: Ole Troan <ot@cisco.com>
2017-11-01vom: fix build with gcc7Damjan Marion1-0/+1
Change-Id: I0b5806dd1d8cb45f40354cfe6cae7f4e76309f92 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-11-01VOM fixes for 9090 - ships in the night commitsNeale Ranns4-43/+10
Change-Id: I4b03a4f86a7e0e47874715398ca9f8ff0f5386ee Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-11-01fix clib_mem_unaligned() invalid readGabriel Ganne1-17/+18
clib_mem_unaligned + zap64 casts its input as u64, computes a mask according to the input length, and returns the casted maked value. Therefore all the 8 Bytes of the u64 are systematically read, and the invalid ones are discarded. For example, for a 5-Bytes string, we will do an invalid read of size 3, even though those 3 Bytes are never used. This patch proposes to only read what we have at the cost of reading as a u64 in one call, but that way, we do not trigger an invalid read error. Change-Id: I3e0b31c4113d9c8e53aa5fa3d3d396ec80f06a27 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-11-01nat plugin - fix test logicGabriel Ganne1-1/+1
warning found by clang: warning: logical not is only applied to the left hand side of this bitwise operator [-Wlogical-not-parentheses] Change-Id: I964651a4444b11da145edc329da83675cd830f78 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-11-01session: add support for proxying appsFlorin Coras15-39/+353
To enable this, applications set the proxy flag in their attach requests and pass the transport protocols they want to act as proxies for as part of the attach options. When proxy is enabled, session rules that point incoming packets to the proxy app are addedd to the local and global session tables, if these scopes are accessible to the app. In particular, in case of the former, the rule accepts packets from all sources and all ports destined to the namespace's supporting interface address on any port. While in case of the latter, a generic any destination and any port rule is addedd. Change-Id: I791f8c1cc083350f02e26a2ac3bdbbfbfa19ece3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-01dpdk/ipsec: align memorySergio Gonzalez Monroy2-5/+7
Change-Id: I2feb3e07c3070e8a525c539dd2feffa0dd1bca21 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-11-01dpdk/ipsec: fix digest physical addressSergio Gonzalez Monroy3-7/+7
VPP-1034 Change-Id: I02b4db9e52446ab8578df1f011dd27f39de64c70 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-11-01VPP Object Model (VOM)Neale Ranns113-3/+21603
The VOM is a C++ library for use by clients/agents of VPP for programming state. It uses the binary APIs to do so. Various other common client side functions are also provided. Please see om.hpp for a more detailed description. Change-Id: Ib756bfe99817093815a9e26ccf464aa5583fc523 Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Co-authored-by: Mohsin Kazmi <sykazmi@cisco.com>
2017-10-31Fix "l2fib add" CLI to allow adding of filter MAC entriesJohn Lo1-25/+17
When adding a filter MAC entry, the default sw_if_index of -1 was incorrectly validated and rejected. Change-Id: Id7f122b6269ea7c299a4335b05b748afaf01383c Signed-off-by: John Lo <loj@cisco.com>
2017-10-31Fix set interface mac address API to be endian neutralJohn Lo4-16/+10
Store and pass MAC address as 6 byte u8 array instead of u64 to make MAC address handling in set interface MAC endian neutral. The previous API handler only works for little endian. Change-Id: Ie4ec33a840bc5122ab1f17e25977e58f3466253b Signed-off-by: John Lo <loj@cisco.com>
2017-10-31VPP PAPI: Error in unserializer for non-array compound types.Ole Troan1-0/+1
A bug in the decoder of messages when there was a non-array compound type. The typical result was an error message from the struct library: "error:unpack_from requires a buffer of at least 4 bytes" Change-Id: Ie30fec6fc39b9f4177b54fa4adc4fc69674f0e12 Signed-off-by: Ole Troan <ot@cisco.com>
2017-10-31LISP: add P-ITR/P-ETR/xTR API handlers, ONE-24Filip Tehlar13-72/+888
Change-Id: I25937cd7470c826d1e833e65530ae959c39139d8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-10-31l2fib: MAC: Fix uint64 to u8 byte arrayMohsin Kazmi7-70/+55
As per proposal on the mailing list, this patch fixes the represntation of MAC address in VPP API calls for · L2fib_add_del · L2_fib_table_details Change-Id: I31e17efd1a6314cded69666e693cb8fc33158d02 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2017-10-31Fix typo (double unlock)Dave Barach1-2/+1
Change-Id: If4a128186a732266eb27b6aa3caf6f1feff449bf Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-31physmem: register region with IOMMUDamjan Marion1-0/+57
VFIO file descriptor is extracted in a hackish way, as DPDK doesn't provide imethod to retrieve it. This fixes issue with DPDK drivers not working correctly when IOMMU is enabled and external buffer memory is used. Change-Id: I5eaa8e78741c50504d87d44e706b5997c8189554 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-31Refactor IP input checks for re-use at MPLS dispositionNeale Ranns5-277/+465
Change-Id: I7aafdecd6f370411138e6ab67b2ff72cda6e0666 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-31lb plugin tests - wipe flowtable after each unit testGabriel Ganne1-0/+38
Add new cli api: "test lb flowtable flush" which flushes everything. Call this new cli function after the end of each lb unit test. Change-Id: I71d04a7bfba398f7d4dd9cc3ed24bba786943663 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-30Minor copyedit fixes to ACL Hash doc.Jon Loeliger1-7/+6
Change-Id: I7fe34e99f566dd2e0a36a9ba38f894973989ca8a Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-10-30Add the bihash_vec8_8 variantDave Barach3-3/+435
This is an all-purpose octet-vector memory hash, intended as a thread-safe replacement for hash_create_mem / hash_create_string. All u8 * key vectors are memorized by the hash table. Change-Id: I22944daea8fda07dde8ba118a6529a6d382491f9 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-30Remove old Python vppctl scriptChris Luke2-136/+0
- The binary API method for executing commands was superceded by the unix-socket CLI approach used by the C vppctl utility. The API call it makes will soon be deprecated. - This Python vppctl script was still being copied to the install directory, and then later overwritten by the binary vppctl. Change-Id: I0a4b09b7c733049d0545b4c83b9ac5ac499a7300 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-10-30LISP: improve updating the dataplne when locators changeFilip Tehlar5-28/+74
Change-Id: Ifc0296834e25ddbdd0ad8283c061f309801b053c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-10-30jvpp: bugfix for deadlock in java future API (VPP-1037)Matej3-72/+160
- message sending method inside synchronization blocks causes deadlock between sending and receiving part - breaking atomicity of sending message and putting future with corresponding id to map needs additional handling by writer and receiver, regardless which part get access to sync block first will create new future and second one will complete it and remove from map, in case of dump calls where control ping reply is required as confirmation that all information were send, if ping reply is received before writer put future in map, reader will create regular control ping future instead and writer needs to made association between these two futures Change-Id: Id29a19be7a5319291a5e07cf931080610178f00c Signed-off-by: Matej <matej.perina@pantheon.tech>
2017-10-30vcl: fix compiling on newer systemsDamjan Marion1-0/+3
Build fails on ubuntu 17.10... Change-Id: I98dfffa3f8f5f9bca2ba97a856709714fbeec49c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-29devices: Add binary API for set interface <interface> rx-modeSteven5-18/+150
Also add vat test code to test the subject API. The format is sw_interface_set_rx_mode sw_if_index <index> [queue <id>] <polling|nterrupt|adaptive> Change-Id: Ib810d85d430077865bead8cc08a070f8ae478225 Signed-off-by: Steven <sluong@cisco.com>
2017-10-29session: fix coverity warningsFlorin Coras2-7/+12
Change-Id: Ib87eccb853cafceea5f5513f6bb51c2364449afa Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-28session: rules tablesFlorin Coras25-16/+2218
This introduces 5-tuple lookup tables that may be used to implement custom session layer actions at connection establishment time (session layer perspective). The rules table build mask-match-action lookup trees that for a given 5-tuple key return the action for the first longest match. If rules overlap, ordering is established by tuple longest match with the following descending priority: remote ip, local ip, remote port, local port. At this time, the only match action supported is to forward packets to the application identified by the action. Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-27Fix for vppctl and interactive commands (VPP-1038)Chris Luke1-3/+7
- Interactive commands like "ping" read extra input from the input stream. - In the case of "ping" it is simply a signal to cease the current operation. - "vppctl", in non-interactive mode, will issue a "quit" immediately after the requested command to queue up closing of the session. - This resulted in "ping" thinking a keypress was seen and returning control to the CLI; the "quit" command however is consumed by the keypress event handler and thus the session does not close. - This patch reworks vppctl slightly to only issue "quit" after the command has completed. In particular it uses the fact that VPP issues NUL bytes as a surrogate prompt between output of commands to signal acknowledgement that the command has completed; vppctl now flags that the quit should be issued after the next such acknowledgement. - Since input it still accepted, the user can still terminate the "ping" early, if desired. Change-Id: I7e3dbe767f32f8e364ccb5f81799759b311585df Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-10-27session: instantiate appns lookup table only onceFlorin Coras2-7/+11
Change-Id: I39d634b7691a524e5221c28997a737102298c281 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-27LDPRELOAD: Fix out-of-scope variable coverity errorSteven1-2/+1
>>> CID 178271: Memory - illegal accesses (RETURN_LOCAL) >>> Using "ep", which points to an out-of-scope variable "_ep". Change-Id: Icf21e602bc2718bfedd9480e9da41aff8693048e Signed-off-by: Steven <sluong@cisco.com>
2017-10-27acl-plugin: increase the amount of memory for classifier tables used by ↵Andrew Yourtchenko1-1/+1
MACIP ACLs The classifier tables upper bound of memory was just big enough to cause the unittests pass most of the time but not always. Increase the amount of space and run several hundred iterations of unittests to ensure they always pass. Change-Id: Ieb7876c6ebdde1f8c5273dbb9b090f12f2c38915 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-26VCL: refactor session close / disconnect.Dave Wallace1-66/+60
Change-Id: Ib0797faaa3f21c7577330bb8d0e801d43e01110e Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26VCL-LDPRELOAD: Fix more coverity warningsDave Wallace3-16/+22
vcom.c: CID 178227: Logically dead code in vcom.c vcom_socket.c: CID 178254: Dereference after null check CID 178250: Out-of-bounds access vppcom.c: CID 178252: Unused value Suppress vppcom_session_attr() debug output. Change-Id: I1d47bafb84fc0ad00c642392ae3cb6761fd3fb17 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26VCL-LDPRELOAD: Fix CID 178251 & CID 178253Dave Wallace2-32/+47
- CID 178251 Dereference after null check in vcom_socket.c - CID 178253 Logically dead code in vppcom.c Change-Id: I2a24cd53727fec76cf1a6d60f90414ff92567818 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26Consolidate short_help for classify table with memory-sizeHongjun Ni1-0/+1
When creating 32K classify sessions, VPP crashes. Default heap size is 2MB. Need to configure it when requiring large number sessions. Change-Id: I16678ee4a9e0ba61cbd2d3b38c43d10c59325968 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-10-26NAT: delete session API/CLI (VPP-1041)Matus Fabian4-0/+172
Administratively delete NAT44 session for specific inside/outside addresses and port pair. Change-Id: If5ab500ac3592c7153d6d8f2cc0297df7309fbc3 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-26acl-plugin: refactor the "show acl-plugin" CLI, use vlib_cli_output() vs. ↵Andrew Yourtchenko1-181/+194
format() The vppctl was getting upset with large chunks of info generated by repeated format() functions, so convert to use vlib_cli_output instead. Also, refactor the show functionality into smaller functions, separate from the input handling. Change-Id: I5d0db5ac45ce4c1b59cd41526b837412e06b1ce0 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-26session: swap appns secret to host byte orderFlorin Coras2-2/+2
Change-Id: I355433e0f07b328c441ed642705b31ca5157fabe Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-26fib test - fix undefined behavior warning found by clangGabriel Ganne3-3/+3
warning: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior [-Wvarargs] Change-Id: Ic9cfd61e38983bd67f30bf92f605e6c87d103ca5 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-26VCL: add session namespace support.Dave Wallace6-28/+175
Change-Id: I04f1b63e66260d99c0dd180b0295a55a9b750df7 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-26Allow IPsec interface to have SAs resetMatthew Smith6-1/+177
Make it easier to integrate with external IKE daemon. IPsec interfaces can have one or both SAs replaced after creation. This allows for the possibility of setting a new child SA on an interface when rekeying occurs. It also allows for the possibility of creating an interface ahead of time and updating the SA when parameters that are negotiated during IKE exchange become known. Change-Id: I0a31afdcc2bdff7098a924a51abbc58bdab2bd08 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-10-25VCL: Return data for recvfrom(MSG_PEEK)Steven1-11/+23
Implement recvfrom(MSG_PEEK) by returning data in the provided buffer without moving the read pointer Change-Id: Idc1b22632d78e8a499cce7d48c15e8bab0b0bf88 Signed-off-by: Steven <sluong@cisco.com>
2017-10-25lldp: protection code to check a valid interface indexSteve Shin1-2/+9
When lldp interface is set, it's better to check valid interface index. Change-Id: I0db0ab6483ad73d28c69893576aa9b719c3b087c Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-10-25VCL-LDPRELOAD: statically link VPP objects into libvcl_ldpreload.soDave Wallace3-16/+18
Change-Id: If8fb5484b64a5b1c04e34573490fedcf63feabc9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-25vlib: add support for multiple buffer poolsDamjan Marion11-38/+79
Change-Id: Icaf7d7ad47284aea7a56e8006b69f45874d64202 Signed-off-by: Damjan Marion <damarion@cisco.com>