Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
Change-Id: If11f00574322c35c1780c31d5f7b47d30e083e35
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Several Fixes:
1 - Anti-replay did not work with GCM becuase it overwrote the sequence
number in the ESP header. To fix i added the seq num to the per-packet
data so it is preserved
2 - The high sequence number was not byte swapped during ESP encrypt.
3 - openssl engine was the only one to return FAIL_DECRYPT for bad GCM
the others return BAD_HMAC. removed the former
4 - improved tracing to show the low and high seq numbers
5 - documented the anti-replay window checks
6 - fixed scapy patch for ESN support for GCM
7 - tests for anti-reply (w/ and w/o ESN) for each crypto algo
Change-Id: Id65d96b6d1d4dd821b2ab557e87468fff6d70e5b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type:fix
Change-Id: I528b7cfcb7a6aada94ee3649378e6fbe84d2e4e6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: style
Change-Id: I2a21076fffaeb5726be80356aaffc9fea3d95850
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Type: feature
Change-Id: Ic720d56a6f8901efde2a58519bc9aa553205a9a6
Signed-off-by: Gary Boon <gboon@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Multiple API message handlers call vnet_get_sup_hw_interface(...)
without checking the inbound sw_if_index. This can cause a
pool_elt_at_index ASSERT in a debug image, and major disorder in a
production image.
Given that a number of places are coded as follows, add an
"api_visible_or_null" variant of vnet_get_sup_hw_interface, which
returns NULL given an invalid sw_if_index, or a hidden sw interface:
- hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
+ hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index);
if (hw == NULL || memif_device_class.index != hw->dev_class_index)
return clib_error_return (0, "not a memif interface");
Rename two existing xxx_safe functions -> xxx_or_null to make it
obvious what they return.
Type: fix
Change-Id: I29996e8d0768fd9e0c5495bd91ff8bedcf2c5697
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
This code should handle the 3 following cases:
- Active close
quic_proto_on_close sets state to ACTIVE_CLOSING
send packets eventually returns an error, calling
quic_connection_closed which deletes the connection
- Passive close
quic_on_closed_by_peer -> set state to PASSIVE_CLOSING
"race" between app confirmation (calling quic_proto_on_close) and
quicly signalling that it's done (triggers call to
quic_connection_closed).
If quic_connection_closed is called first, it sets the state to
PASSIVE CLOSING QUIC CLOSED, then when quic_proto_on_close is called
it frees the connection.
If quic_proto_on_close is called first, it sets the state to PASSIVE
CLOSING APP CLOSED, then when quic_connection_closed is called it frees
the connection
- Error close (reset)
quic_connection_closed is called in state READY. This means a timeout
or protocol error happened. This calls session_transport_reset_notify,
the app should confirm the deletion and quic_proto_on_close will be
called to delete the connection.
Change-Id: I3acbf9b079ed2439bdbb447197c428c78915d8c0
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Type: feature
|
|
Type: fix
Fixes: 3b726197
Change-Id: Ib515f0995e5c837349ebcad5f63fbd1b2a197e13
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Type:refactor
Change-Id: Id796d0103e61e15c35a586d8cbd3d8916487b84d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Encoding the vpp node index into the vlib_error_t as a 10-bit quantity
limits us to 1K graph nodes. Unfortunately, a few nodes need 6 bit
per-node error codes. Only a very few nodes have so many counters.
It turns out that there are about 2K total error counters in the system,
which is (approximately) the maximum error heap index.
The current (index,code) encoding limits the number of interfaces to
around 250, since each interface has two associated graph nodes and we
have about 500 "normal, interior" graph node
This patch adds an error-index to node-index map, so we can store
error heap indices directly in the vlib_buffer_t.
Type: refactor
Change-Id: I28101cad3d8750819e27b8785fc0cf71ff54f79a
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ib69f9bd7970aeb2ee6a1c114d38dcb7f8698dc6d
Type: fix
Fixes: c754239
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: feature
Change-Id: I96e850fc15b79349abbb52d91c0314f255d635be
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
This gives the session layer a chance to to cleanup events.
Change-Id: I7499e94acf06340e2b19a1d91a4c61a63cd66c52
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Ie5befde2f23caffb033b3b9f35ac1535c1224925
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Some combinations of new qemu (2.11) and old dpdk (16.10) may
send VHOST_USER_SET_FEATURES at the end of the protocol exchange
which the vhost interface is already declared up and ready.
Unfortunately, the process of VHOST_USER_SET_FEATURES will cause
the interface to go down. Not sure if it is correct or needed.
Because there is no additional messages thereafter, the hardware
interface stays down.
The fix is to check the interface again at the end of processing
VHOST_USER_SET_FEATURES. If it is up and ready, we bring back
the hardware interface.
Type: fix
Change-Id: I490cd03820deacbd8b44d8f2cb38c26349dbe3b2
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
1. "numa-only" is optional and is disabled by default for lacp mode.
2. update lacp doc.
Type: fix
Change-Id: I6a3a8423ef31ad9980353a796957693cd6205d73
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Also adds connection flags.
Type: feature
Change-Id: I76f21eb88ab203076149b7c03dc31c22fc0f342e
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Update quicly to latest version that includes our upstreamed patch.
Change-Id: I0b26c72e49bce81daf4fb069b5818defd6cf25b9
Type: feature
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
|
|
Type: fix
Ticket: VPP-1721
Change-Id: I7a5d4f1440048ddc9f599ac11d06e5a7df20440e
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: I1e1c39452edd94712455d102a6faad58bc7f66ff
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Hash keys are not copied by the hash infrastructure, instead the pointer
is used directly. stat_segment_register_gauge() does not allocate a
private object for the key, causing issues when it is freed or reused.
Allocate a private object on insertion into the hashtable instead.
Type: fix
Fixes: 92e3082199d10add866894e86a9762d79a3536c4
Change-Id: Ifb6addfcaec81bdb7ea3512050ce55f06ef09a4c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Instead of all clients directly RR sourcing the entry they are tracking,
use a deidcated 'tracker' object. This tracker object is a entry
delegate and a child of the entry. The clients are then children of the
tracker.
The benefit of this aproach is that each time a new client tracks the
entry it doesn't RR source it. When an entry is sourced all its children
are updated. Thus, new clients tracking an entry is O(n^2). With the
tracker as indirection, the entry is sourced only once.
Type: feature
Change-Id: I5b80bdda6c02057152e5f721e580e786cd840a3b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type:feature
Change-Id: I67a52ee48963a66915e2ebd116626eb9c296a9a5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type:fix
Change-Id: I7b91ce9359f94131882ab430606586b1a6cf3e02
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
If numa-only is set, Only slaves on local numa node
transmit pkts if have at least one, otherwise the bond
interface works as usual.
CLI change:
create bond mode lacp [load-balance { l2 | l23 | l34 } {numa-only}]
[hw-addr <mac-address>] [id <if-id>]
The new member "u8 numa_only;" is also added to bond_create_if_args_t.
Type: feature
Change-Id: Icdccedafb0738d8c9d4a5acce909ce562428c071
Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
|
|
Type: feature
This is mostly used for quic in the case of a stream
creation (i.e. connect on an already established QUIC
session). We want do default parent_handle to INVALID
to be able to distinguish it from parent_handle = 0
Change-Id: Id5ac0b0155a3c44e51334231b711e4fd87a96a10
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Otherwise, vat plugins will be confused about the offset from &vat_main
of the vlib_main_t * pointer, leading to NULL pointer crashes.
Type: fix
Change-Id: I7298b7ce8c000217ed7fdd2e97a3cbf978464377
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Type: fix
Ticket: VPP-1649
Change-Id: Ia159d0f67d33719d05fa2dbd82f9c8c9b5d8f2a9
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Type: fix
Fixes: 41afb33
Change-Id: Iceb99ead32f1858a5b4f85911d7cb2b39cc9add5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
The OOM check must consider the end of alloced arena and
not the start when checking for overflow.
Type: fix
Change-Id: Ie83e653d0894199d2fa433a604a0fe0cee142338
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
|
|
Type: feature
When admin status is changed on an interface, add or delete the
routes for the IPv4 addresses configured on that interface.
This is already being done for IPv6 interface addresses.
Change-Id: Ib1e7dc49c499921dd287e075640243520ffa5589
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: feature
* Adds the concept of a "connectable listener" : a session that
can be both connected and accepted on.
* vppcom_session_is_connectable_listener (fd) that tells if the fd
is a connectable listener
* vppcom_session_listener (fd) that gives you the listener's fd
that accepted the session (if any)
* vppcom_session_n_accepted (fd) that gives the number
of sessions a listener accepted.
Change-Id: Id89d67d8339fb15a7cf7e00a9c5448175eca04fc
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: refactor
Change-Id: I885d9d2af1674f705339e3e96f87ff766965c9e5
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Because file vpe.api is in src/vpp/api/
and memclnt.api is in src/vlibmemory/.
Also removed api_types, as iteration can be done over output_dir_map.
Type: fix
Fixes: 9529feb4525dfd13e5636640083361256121d275
Ticket: VPP-1715
Change-Id: I021afeafdf98904d076953f0b09d1e3587fd3100
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
CLI allocates vectors consumed by tap_create_if(), whereas API pass
null-terminated C-strings allocated on API segment.
Do not try to be too clever here, and just allocate our own private
copies.
Type: fix
Fixes: 8d879e1a6bac47240a232893e914815f781fd4bf
Ticket: VPP-1724
Change-Id: I3ccdb8e0fcd4cb9be414af9f38cf6c33931a1db7
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
The fast path almost always has to deal with the real
pointers. Deriving the frame pointer from a frame_index requires a
load of the 32bit frame_index from memory, another 64bit load of the
heap base pointer and some calculations.
Lets store the full pointer instead and do a single 64bit load only.
This helps avoiding problems when the heap is grown and frames are
allocated below vm->heap_aligned_base.
Type: refactor
Change-Id: Ifa6e6e984aafe1e2755bff80f0a4dfcddee3623c
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Type: refactor
Change-Id: I01329385684f4a4f477cb046079b554ae3024ded
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: feature
Add new node in TCP stack where TCP 6 tuple lookup is not required.
In new node, packet metadata contains connection-index which can be used
to retrieve the TCP connection. The new node will be used by proxy.
Change-Id: I3aa0268946898912f4176d5c8c5903e06657479d
Signed-off-by: Vladimir Kropylev <vladimir.kropylev@enea.com>
|
|
Type: fix
This is needed for VCL patch in the case the Qsession
handle we connect to is 0. A better way to do this
would be to add a u16 header to the transport_opts,
as session_handles are :
<u16 unused><u16 thread_id><u32 session_index>
But this requires modifying all clients.
Change-Id: If171bcf982eba3bd705b586c9fd4a6c2ad0e114b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: make
Ticket: VPP-1715
Change-Id: I78497d679d9e793b47a06a0c5cb3b12d86b08489
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type:refactor
Change-Id: Ie4a89ae603cd365b28795c92daa08d5943e692ea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
Change-Id: I24159e0a848f552b4e27acfb5fe6f2cd91b50a19
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: I26a6af7f92316f7a8a5309047b3b3605b87ca327
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
elog string hashtable use strlen() to determine string length for
hashing, strings must be NULL-terminated for both inserts and lookups.
Type: fix
Fixes: 9c8ca8dd3197e40dfcb8bcecd95c10eeb56239ed
Change-Id: I0680d39a9b89411055fd6adc89c9f253adfae32c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change the sequence to first allocate session_manager and
then enable the session-nodes.
During “session enable”, sometimes an issue was seen when in some cases
POLLING node calls transport_update_time -> tcp_update_time -> tcp_set_time_now
which access tcp_main.wrk_ctx before tcp_main_enable allocates the wrk_ctx.
0 0x00007ffff73f7778 in tcp_set_time_now (wrk=<optimized out>)
at src/vnet/tcp/tcp.h:953
1 tcp_update_time (now=11.059735140000001, thread_index=<optimized out>)
at src/vnet/tcp/tcp.c:1192
2 0x00007ffff75a75de in transport_update_time (time_now=11.059735140000001, thread_index=thread_index@entry=1 '\001')
at src/vnet/session/transport.c:740
3 0x00007ffff75a0f4c in session_queue_node_fn (vm=0x7fff74913480, node=0x7fff75e7d5c0, frame=<optimized out>)
at src/vnet/session/session_node.c:873
Change-Id: Id2288dd05ba179af2ff22c58bac1331fc21a1c7d
Signed-off-by: Vladimir Kropylev <vladimir.kropylev@enea.com>
|
|
As the injected logger is already expected
to be used everywhere, this is a fix.
The few lines in vpp_serializer.py are not fixed,
but they are not encountered in CSIT testing.
Functions call_logger and return_logger
have single call site each (and confusing names, as they do not log),
so saved few lines by inlining them.
Type: fix
Change-Id: I7dd1e610ef6b885943708bf78bddedfbcf4daa1a
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Type: fix
Fixes: 1d6d9f021c5a169dedca55b46451ab54728e3ee8
Change-Id: I3912c8bb78d678170bdd86821d2ead3ae0396841
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: feature
Change-Id: I87cc1168466f267e8c4bbec318401982f4bdf03a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Fixes: 4b0b0d4
Change-Id: Ibd37c9099f9847ed23fa8357fd8e57ee516e52ab
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Cleaned up a few instances of side-bet elog_string hash table
usage. Elog_string handles that problem itself.
Add cli commands to vat to initialize, enable/disable, and save an
event log.
Event logging at the same time in both vpp and vat yields a pair
of event logs which can be merged by the "test_elog" tool.
Type: refactor
Change-Id: I8d6a72206f2309c967ea1630077fba31aef47f93
Signed-off-by: Dave Barach <dave@barachs.net>
|