summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2022-11-18tls: memory leak due to missing call to vnet_crypto_key_delSteven Luong1-1/+6
We add the crypto key to the vnet crypto library via vnet_crypto_key_add. However, when the session is disconnected, we don't call vnet_crypto_key_del and the memory is leaked in vnet_crypto library as well as in pico tls key store. It seems dispose crypto is the appropriate place to add vnet_crypto_key_del. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: If6d1266baf686fefe5bb81330ce60b35c8ff574e
2022-11-18ipsec: Failure at the start of the batch should not invalidate the rest of ↵Neale Ranns2-15/+25
the batch Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Icd1e43a5764496784c355c93066273435f16dd35
2022-11-15session: add transport main structureFlorin Coras1-39/+37
Leave tp_vfts vector out for now. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic20a1671be9424280d0645f48ef2131a694cd16f
2022-11-14crypto-ipsecmb: fix plugin crash in VirtualBoxMaros Ondrejicka2-1/+2
Plugin checks just for AVX2 instruction set, while the v1.3 of IPsec Multi-Buffer library checks for both AVX2 and BMI2 sets during init. VirtualBox VM doesn't provide BMI2 by default to guest operating system. Result is that VPP plugin decides to use AVX2 initialization and library then doesn't do it. Since flush_job remains empty, the self-check fails and with that the whole VPP crashes on start-up. Type: fix Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech> Change-Id: I6b661f2b9bbe6dd03b499c55c38a9b814e6d718a
2022-11-11http: use safe pool reallocFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I572017433a1ba0f8576522f02138928e303e10ab
2022-11-11srtp: use safe pool reallocsFlorin Coras1-2/+5
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I15fea1f90640ea54cafe3ea929e871ec6e86fc67
2022-11-11session: safe pools for cut-through sessionsFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6dd400285ae475974c416f9b94e8a5b4b6257ca1
2022-11-10session: reduce safe pool expand rateFlorin Coras1-2/+1
Make sure they only double in size. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I18d5508c7f32836deb3b25943e8e3af39d0dbc33
2022-11-10linux-cp: fix lcp_itf_pair_create()'s memory leakluoyaozu1-0/+3
need free args.error if args.rv < 0 Type: fix Signed-off-by: luoyaozu <luoyaozu@foxmail.com> Change-Id: I8ceebfc36f51798d8d1a8e4c41bec33d74344396
2022-11-10http: support client connectFilip Tehlar6-53/+981
Type: feature Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I0738c0aefb41ab6c0ff717cfccd1df75ddb481fa
2022-11-10nat: updating my maintainer email addressFilip Varga1-1/+1
Type: fix Signed-off-by: Filip Varga <filipvarga89@gmail.com> Change-Id: I1f5069df2dc743ecd1269e947dd375cb1b84970f
2022-11-09sr: fix added for configuring vlan sub interface as iif interface in ↵ChinmayaAgarwal1-8/+0
End.AD.Flow localsid Type: fix Signed-off-by: ChinmayaAgarwal <chinmaya.agarwal@hsc.com> Change-Id: Ifad23978b98c5e05d86f6254bfb65baa0b380436
2022-11-09acl: verify that src and dst have sane and same address familyAndrew Yourtchenko1-1/+5
API refactoring moved the address-family tag from rule level down to prefix level. This necessarily warrants the check that they are the same. Also, add a check that the address family is sane. Change-Id: Ia63b688cc9e7c9e9cc773e89708d9e9f99185fb7 Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2022-11-09ip: fix unformat_ip_address forcing version to IP4 for some IP6 addressesAndrew Yourtchenko2-18/+20
dd2f12ba made use of ip46_address_is_ip4() in order to determine whether the address is ipv4 or ipv6 within unformat_ip_address - however, its logic is correct only for some addresses. e.g. a valid IPv6 address of :: (unspecified) will result in "true" result. This is probably not an issue for most of the cases (the unspecified address is quite rare), however if the unformat_ip_address is used as part of the prefix parsing, the ::/0 is a fairly often utilized construct, which gets parsed as 0.0.0.0 Solution: return the old logic, but use a temporary variable to avoid overwriting the target memory on failure. Type: fix Fixes: dd2f12ba6ab952d9d66f4d9ba89ffde6309b1ff2. Change-Id: I272f740dfdf07036cec68516e153f0701a53233d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2022-11-08policer: improvement show policer cli.Huawei LI1-3/+3
cli show policer's help info is not consistent with it's arguments. Type: improvement Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I8332fe97ba343e98511db9ff1bb6afd6f3c657cd
2022-11-07prom: fix stats vector leakFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I620447c9aa8606a125063cdd724bfe74f8a870f6
2022-11-07nat: fix per-vrf session bookkeepingJing Peng3-34/+26
Each NAT44 ED session has a per_vrf_sessions_index referencing an element in the thread-local vector per_vrf_sessions_vec. However this index can be possibly invalidated by vec_del1() in per_vrf_sessions_cleanup(), before a session is registered. Such a stale index can cause an assertion failure in function per_vrf_sessions_is_expired() when we use it to locate the per_vrf_sessions object. A possible sequence to reproduce is: 1. Create two NAT44 ED sessions s1, s2 so that two per_vrf_sessions are created: index 0: between VRF pair 10 and 11 (expired=0, ses_count=1) index 1: between VRF pair 20 and 21 (expired=0, ses_count=1) For the sessions we have: s1->per_vrf_sessions_index == 0 s2->per_vrf_sessions_index == 1 2. Delete the first session via CLI, now the two per_vrf_sessions become: index 0: between VRF pair 10 and 11 (expired=0, ses_count=0) index 1: between VRF pair 20 and 21 (expired=0, ses_count=1) For the sessions we have: s2->per_vrf_sessions_index == 1 3. Delete the VRF 11: index 0: between VRF pair 10 and 11 (expired=1, ses_count=0) index 1: between VRF pair 20 and 21 (expired=0, ses_count=1) For the sessions we have: s2->per_vrf_sessions_index == 1 4. Create a new session s3 between VRF pair 20 and 21 so that the first per_vrf_sessions will be deleted: index 0: between VRF pair 20 and 21 (expired=0, ses_count=2) For the sessions we have: s2->per_vrf_sessions_index == 1 s3->per_vrf_sessions_index == 0 Here, note that the actual index of per_vrf_session is changed due to vec_del1(). The new session is added after the cleanup so it gets the correct index. But the index held by the existing session is not updated. 5. Trigger the fast path of the session s2. To achieve this, session s2 could be created in step 1 by ping -i20 -Iiface_in_vrf_10 1.1.1.1 and steps 2-4 should then be performed within the 20-second interval. This patch fixes this by changing per_vrf_sessions_vec to a pool so that indicies are kept intact. Type: fix Signed-off-by: Jing Peng <jing@meter.com> Change-Id: I4c08f9bfd50134bcb5f08e50ad61af2bddbcb645
2022-11-07nat: fix byte order error.Huawei LI1-6/+4
fix byte order error about the struct snat_address_t's member net. for example configurations: set interface ip table loop1 1 set interface ip addr loop1 10.10.10.2/24 nat44 add address 10.10.10.2 tenant-vrf 1 the snat address's net should be "as_u8 = {0xa, 0xa, 0xa, 0x0}", but now it's "as_u8 = {0x0, 0xa, 0xa, 0x2}" because of missing transition of byte order about the member net of snat_address_t. (gdb) p/x *snat_main->addresses $3 = {addr = {data = {0xa, 0xa, 0xa, 0x2}, data_u32 = 0x20a0a0a, as_u8 = {0xa, 0xa, 0xa, 0x2}, as_u16 = {0xa0a, 0x20a}, as_u32 = 0x20a0a0a}, net = {data = {0x0, 0xa, 0xa, 0x2}, data_u32 = 0x20a0a00, as_u8 = {0x0, 0xa, 0xa, 0x2}, as_u16 = {0xa00, 0x20a}, as_u32 = 0x20a0a00}, sw_if_index = 0x3, fib_index = 0x1,addr_len = 0x18} (gdb) Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I4f25f0639ae90a7f2e8715b44f825571283d994d
2022-11-06ip6-nd: set router flag on NA if appropriateMatthew Smith3-1/+19
Type: fix The router flag on a neighbor advertisement can be used by neighbors to detect that a router has changed to a host (RFC 4861 section 4.4). If a neighbor adds routes after receiving a router advertisement sent by VPP and subsequently receives a neighbor advertisement sent by VPP, it may remove any routes it added based on the RA if the NA does not have the router flag set. It appears that this is how windows behaves. When sending a neighbor advertisement, set the router flag if sending RAs is enabled on the interface. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I1f3e42bbd8ea1a4c116b1ce5a8273652d4cd763d
2022-11-05ip6-nd: initialize radv_info->send_radv to 1Dave Barach1-0/+3
Otherwise, the newly configured interface will never send RADV's. See below. In the typical case, suppress = 0 and is_no = 0, which propagates the current value of radv->send_radv: radv_info->send_radv = (suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv; No other bit of code will set send_radv, at least in straightforward ways. Type:fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: If9368155f7676460ca1f87729c2b3c453405d08d
2022-11-05hsa: echo client crash when it fails to connect to remoteSteven Luong1-1/+1
When echo client fails to connect to remote, it should quit. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I787423bdc61a58eea48bab7bd8b73137626c02b4
2022-11-04classify: fix crash when update nonexistent classify table.Huawei LI1-1/+3
vpp crash when update nonexistent classify table. Program received signal SIGABRT, Aborted. 0x00007fbf3b49b337 in raise () from /lib64/libc.so.6 (gdb) bt 0 0x00007fbf3b49b337 in raise () from /lib64/libc.so.6 1 0x00007fbf3b49ca28 in abort () from /lib64/libc.so.6 2 0x00000000004079db in os_panic () at /usr/src/debug/vpp-23.02/src/vpp/vnet/main.c:417 3 0x00007fbf3bb611c7 in debugger () at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:84 4 0x00007fbf3bb61529 in _clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fbf3d03af08 "%s:%d (%s) assertion `%s' fails") at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:143 5 0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152, skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000', current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780 6 0x00007fbf3c672bf4 in classify_table_command_fn (vm=0x7fbefb465740, input=0x7fbeed930ef0, cmd=0x7fbefc45ec18) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:1622 7 0x00007fbf3d52b527 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0, parent_command_index=1064) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:650 8 0x00007fbf3d52b2c3 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0, parent_command_index=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607 9 0x00007fbf3d52b9cb in vlib_cli_input (vm=0x7fbefb465740, input=0x7fbeed930ef0, function=0x7fbf3d597406 <unix_vlib_cli_output>, function_arg=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:753 10 0x00007fbf3d59cb0c in unix_cli_process_input (cm=0x7fbf3d61fe00 <unix_cli_main>, cli_file_index=0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2616 11 0x00007fbf3d59d25a in unix_cli_process (vm=0x7fbefb465740, rt=0x7fbf00f7bfc0, f=0x0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2745 12 0x00007fbf3d555a25 in vlib_process_bootstrap (_a=140458063833296) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1221 13 0x00007fbf3bb74204 in clib_calljmp () at /usr/src/debug/vpp-23.02/src/vppinfra/longjmp.S:123 14 0x00007fbef10028a0 in ?? () 15 0x00007fbf3d555b4e in vlib_process_startup (vm=0x7fbf3bb7d70f <clib_mem_size+24>, p=0x7fbef10028d0, f=0x7fbf00f06ae0) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1246 16 0x00007fbf3d592be6 in vec_max_bytes (v=0x8) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:161 17 0x00007fbf00f06af8 in ?? () 18 0x0000000000000004 in ?? () 19 0x00000000000000ff in ?? () 20 0x00007fbef1002980 in ?? () 21 0x00007fbf3d592dcb in _vec_set_len (v=<error reading variable: Cannot access memory at address 0xfffffffffffffff5>, len=<error reading variable: Cannot access memory at address 0xffffffffffffffed>, elt_sz=<error reading variable: Cannot access memory at address 0xffffffffffffffe5>) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:196 Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) f 5 0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152, skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000', current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780 780 t = pool_elt_at_index (cm->tables, *table_index); (gdb) p *table_index $1 = 8 (gdb) p cm->tables $2 = (vnet_classify_table_t *) 0x0 (gdb) Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I1c5f6168f0a7e1d1989ce07ec6c30c6fd9f0aaa9
2022-11-04nat: cleanup of deprecated featuresFilip Varga3-296/+0
Type: refactor 1) Removed deprecated API. - These specific APIs do not have repleacement because features that they controled aren't part of current NAT44-ED implementation anymore. 2) Removed unused typedef of port allocation funciton. - Missed left over removed. Change-Id: Ib3f763449065eda7cdcb2c6565a9cae51baf23d6 Signed-off-by: Filip Varga <filipvarga89@gmail.com>
2022-11-03tls: crash in mbedtls due to ctx is already freeSteven Luong1-1/+0
_clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fffb3a7e1b5 "%s:%d (%s) assertion `%s' fails") at src/vppinfra/error.c:143 mbedtls_ctx_get (ctx_index=0) at src/plugins/tlsmbedtls/tls_mbedtls.c:114 tls_ctx_get (ctx_handle=536870912) at src/vnet/tls/tls.c:310 tls_app_session_cleanup (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/tls/tls.c:624 app_worker_cleanup_notify (app_wrk=0x7fffbef95f80, s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/application_worker.c:445 session_cleanup_notify (s=0x7fffbf102040, ntf=SESSION_CLEANUP_SESSION) at src/vnet/session/session.c:262 session_free_w_fifos (s=0x7fffbf102040) at src/vnet/session/session.c:268 session_delete (s=0x7fffbf102040) at src/vnet/session/session.c:287 session_transport_delete_notify (tc=0x7fffbdf63c40) at src/vnet/session/session.c:1159 tcp_handle_cleanups (wrk=0x7fffbef46d40, now=133.30033046694487) at src/vnet/tcp/tcp.c:1298 tcp_update_time (now=133.30033046694487, thread_index=2 '\002') at src/vnet/tcp/tcp.c:1309 session_update_time_subscribers (smm=0x7ffff7f75ce0 <session_main>, now=133.30033046694487, thread_index=2) at src/vnet/session/session_node.c:1817 session_queue_node_fn (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, frame=0x0) at src/vnet/session/session_node.c:1934 dispatch_node (vm=0x7fffbdfad1c0, node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT, dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0, last_time_stamp=4722227957546624) at src/vlib/main.c:960 Putting a breakpoint in gdb, I found out ctx was free in mbedtls_app_close. Looking at app_close function in picotls and openssl, I don't see they free ctx and they don't crash when processing cleanup. I am inclined to think that mbedtls_ctx_free should not be called in mbedtls_app_close at src/plugins/tlsmbedtls/tls_mbedtls.c:92 at src/plugins/tlsmbedtls/tls_mbedtls.c:559 at src/vnet/tls/tls.c:360 thread_index=2) at src/vnet/tls/tls.c:762 conn_index=536870912, thread_index=2 '\002') at src/vnet/session/transport.c:332 at src/vnet/session/session.c:1608 elt=0x7fffbdfef3dc) at src/vnet/session/session_node.c:1672 node=0x7fffbe0b1340, frame=0x0) at src/vnet/session/session_node.c:1966 node=0x7fffbe0b1340, type=VLIB_NODE_TYPE_INPUT, dispatch_state=VLIB_NODE_STATE_POLLING, frame=0x0, last_time_stamp=4721919444027682) at src/vlib/main.c:960 Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ic5c13e659aee618c8accee42af9f40931b62f467
2022-11-03misc: fix failing TestNs/TestHttpTps test in hstfMaros Ondrejicka1-1/+6
Type: fix Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech> Change-Id: I03cbd05d6d887d2ce8e7b7d20522e04012c5fe7a
2022-11-03session: fix tx_fifo clear and incorrect bitmap invalidationDongya Zhang2-5/+12
The tx_fifo of session may not be set up yet, if app request to disconnect the session, svm_fifo_dequeue_drop_all will crash. In debug image, ho_session_alloc will do clib_bitmap_validate to prevent race condition, however the input is not correct which will make vpp crash. Type: fix Change-Id: Ia8bff325d238eacb671e6764ea2a4eecd3fca609 Signed-off-by: Dongya Zhang <fortitude.zhang@gmail.com>
2022-11-02sr: SRv6 Path Tracing Midpoint behaviourJulian Klaiber4-0/+196
Type: feature Signed-off-by: Julian Klaiber <julian@klaiber.me> Change-Id: I866a2d2e06013380309c98a54078c1b3f6ad76fc
2022-10-31quic: use safe pool reallocFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia03c3fe0ca669b319dec8decd503254d0a95e58b
2022-10-31tls: use safe pool reallocsFlorin Coras5-56/+14
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia2c771cbf826526d2d06b6da022509ab02917350
2022-10-28cnat: Fix unformat_cnat_snat_interface_map_typeMiguel Borges de Freitas1-1/+1
Fix initialization of the table u32 var which is leading to the incorrect unformat of interface map type Type: fix Signed-off-by: Miguel Borges de Freitas <miguel-r-freitas@alticelabs.com> Change-Id: I1e56acd0e4c735df755e85b172bb6623bf47a57b
2022-10-27vcl: register workers when reattaching to vppMaros Ondrejicka3-2/+51
Type: improvement Signed-off-by: Maros Ondrejicka <maros.ondrejicka@pantheon.tech> Change-Id: I82a286e2872338974c1930138c30db78103ae499
2022-10-26session: add session event log for session stateSteven Luong5-35/+68
To aid sesipon debug, add session event log in SM debug to track the session state. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I6909cf969cd5b6a3ea5a06d08ae32c2f1d48f686
2022-10-25virtio: use current_data as l2_hdr_offsetMohsin Kazmi1-4/+2
Type: fix virtio transmit node uses header offsets to set the appropriate metadata for packet with offloads. But l2_hdr_offset is not correctly set by previous node(s). This patch makes use of curren_data field as l2_hdr_offset. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Id2f41a7650be45c9cc1ebacc7bec298be79bf218
2022-10-25devices: fix the l2 hdr offset in af_packet transmit sideMohsin Kazmi1-4/+2
Type: fix af_packet transmit node uses header offsets to set the appropriate metadata for packet with offload. But l2_hdr_offset is not correctly set by previous node. This patch makes use of curren_data field as l2_hdr_offset. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I751a725af5c231a443eed22231a867eb7f3894e0
2022-10-25udp: use new wrk context for connectionsFlorin Coras2-18/+19
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9c4050f96c310f1e6eb2cae8d908c44968526c3c
2022-10-25udp: postpone cleanup of udp connectionsFlorin Coras2-2/+48
Avoid deleting connections in session layer io event handler. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I87b3e53f9039161688467d9716875583ad797c07
2022-10-25rdma: set correct CQE flagsJieqiang Wang1-6/+6
CQE flags located in bits 16-31 at offset 0x1c should be defined as actual numbers instead of indexes. Besides, L3 header type for IPv4 is 10(2 in decimal) and for IPv6 is 01(1 in decimal) according to CQE entry fields description of page 120 in Mellanox Programmer Reference Manual. (https://network.nvidia.com/files/doc-2020/ethernet-adapters-programming-manual.pdf) Fixing this issue will lead to correct CQE flags printing for rdma-input node when buffer trace is enabled. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I9b578ca5cbd8cd93a577aa83131e31c79f60430e
2022-10-25rdma: fix ipv4 checksum check in rdma-input nodeJieqiang Wang1-23/+40
- cqe_flags pointer should be incremented accordingly otherwise only the first element in cqe_flags will be updated - flag l3_ok should be set for match variable when verifying if packets are IPv4 packets with flag l3_ok set - mask/match variables should be converted to network byte order to match the endianness of cqe_flags - vector processing of checking cqe flags will set return value to 0xFFFF by mistake if packet numbers are not multiple of 16(VEC256) or 8(VEC128) Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I9fec09e449fdffbb0ace8e5a6ccfeb6869b5cac1
2022-10-25hash: add local variableGabriel Oginski1-2/+3
The current implmentation of the hash table is not thread-safe. This design leads to a segfault when VPP handling a lot of tunnels for Wireguard, where one thread modify the hash table and other threads starting to lookup at the same time. The fix add a local variable to store how many bits are used by a user object. Type: fix Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Change-Id: Iecf6b3ef9f308b61015c66277cc459a6d019c9c1
2022-10-24docs: update cnat docs to current vpp versionMiguel Borges de Freitas1-5/+13
The documentation for the cnat plugin is highly outdated specially on the snat section. Type: docs Signed-off-by: Miguel Borges de Freitas <miguel-r-freitas@alticelabs.com> Change-Id: I30b0c6295d3c812b636374753af3c37f29b0cc53
2022-10-24dpdk: add Intel QAT 200xx series supportVladimir Ratnikov1-1/+2
Type: feature Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I2fd1e321983ac5caa03aac8705dfc596985c35f7
2022-10-24vppinfra: fix incorrect sizeof() argument due to typoAndrew Yourtchenko1-1/+1
fixes coverity 282527 Type: fix Fixes: fecb2524ab Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I9ac72c3802e66369a8f24c92451e33f22c058f24
2022-10-24crypto: fix dead nn foreachDmitry Valter1-5/+5
Pass vec_foreach args in the right order Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: I90d3dfb70ee2dbd9a48ae9ecfd2c1526a74d0786
2022-10-24gso: remove vxlan header include file dependencySteven Luong1-2/+3
vxlan will be moved to a plugin. Remove vnet files from including vxlan header include files. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I4268110b4ed54f7ae3ffecd6db0e3025122fa59c
2022-10-21devices: add support for af-packet v2Mohsin Kazmi7-186/+645
Type: feature Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I2ccaf1d512dcb72e414be8c69cbb538ebbe0e933
2022-10-20crypto-sw-scheduler: fix queue iteratorVladimir Ratnikov1-0/+10
When there are several workers, iterator can and will skip head iterator and it will last until BARRIER_SYNC_TIMEOUT won't expire and will cause SIGABRT with `worker thread deadlock` Type: fix Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: Id4def4d5894e077ae27592367b141ecd822e86af Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2022-10-20udp: support for disabling tx csumFlorin Coras5-4/+62
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I84843eb3a0a66c64cd46536624633e0dae1c4681
2022-10-20session: add session debug cliSteven Luong4-54/+176
- add session debug cli to enable fine control of which event logs are enable/disable with below syntax session debug {show | group <list> level <n>} list may be entered with a dash, "0-4" or it may be entered with a comma, "0,1,4" - fix compilation errors when SESSION_EVT is enable - change SESSION_EVT_FREE_HANDLER to use DEC_SESSION_ED instead of DEC_SESSION_ETD because the transport may already be free when the handler is called Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iab2989e0a847bb59002ef16494eebcc1d112b2ae
2022-10-20virtio: fix the missing unlockMohsin Kazmi1-1/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I7003162ee72c39c44be1e7ff0d27f4416b3eca5a
2022-10-19crypto-ipsecmb: support previous ipsecmb versionsMarcel Cornu1-11/+125
Backward compatibility was broken when updating ipsecmb version to 1.3. Type: improvement Signed-off-by: marcel.d.cornu@intel.com Change-Id: I87a76859ec5e2ef6be0bc2af0960fa2494ce4297