summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2020-08-12map: Prevent IPv4 prefix spoofing during IPv6 -> IPv4Jon Loeliger2-2/+279
Prevent malicious packets with spoofed embedded IPv4 addresses by limiting the IPv6 ingress packets to known MAP-T domains. Drop spoofed packets. Add several tests that ensure spoofing isn't allowed. Type: fix Fixes: fc7344f9be Change-Id: I80a5dd10d5fe7492e3a1b04de389d649a78065e2 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit 65866f03d96bd41b99b1c823ea6f38cd77fac58c)
2020-08-12session tcp: fix packet tracingFlorin Coras5-13/+15
Type: fix Change-Id: Ib823d016c64998779fb1d00b8aad3acb5e8340be Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 30928f87a3c9d98e288d1364d50c032e052e69ab)
2020-08-12sr: fix possible null-pointer dereferenceIgnas Bacius2-10/+27
Steps to reproduce VPP crash: 1. configure localsid End behavior 2. ping the localsid address Type: fix Signed-off-by: Ignas Bacius <ignas@noia.network> Change-Id: Id780e0875ec9cdb25252217990919fb3dddbf06a (cherry picked from commit bd5c49a1615e36260a86184d087b5b47a5e747be)
2020-08-12classify: pcap / packet trace debug CLI bugsDave Barach2-1/+5
"classify filter trace ... " and "classify filter pcap ..." are mutually exclusive. vnet_pcap_dispatch_trace_configure needs to check for set->table_indices == NULL. Type: fix Ticket: VPP-1827 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I43733364087ffb0a43de92e450955033431d559d (cherry picked from commit 196fce2b62c0d215722dd233aa8bf70a43aa0a66)
2020-08-12interface: Add missing ip4 udp->checksum = 0 prior to computing checksumSteven Luong1-1/+4
For ip4 tcp, ip6 tcp, and ip6 udp packet, we set checksum = 0 prior to computing the checksum. We missed ip4 udp case. This oversight requires all clients to set udp->checksum = 0 if ip4 udp checksum offload is needed. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ic608811e82099f3bec469e123671e9b281f38d76 (cherry picked from commit 03328ec8bb86b93fa70bb6b2a9b37c40e686a1f7)
2020-08-12map: api: fix tag overflow and leakBenoît Ganne2-4/+6
The 'tag' parameter is expected to be a NULL-terminated C-string in callees: - make sure it is null-terminated in both API and CLI cases - do not allocate & copy the string into a non-NULL-terminated vector in API case - fix leak in CLI case Type: fix Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 3b37125bdb0251181f90a429a4532b339711cf89)
2020-08-12session: fix node runtime in pre-input queue handlerFlorin Coras1-0/+1
Call session queue node with the right node runtime instead of the pre-input node runtime. Type: fix Change-Id: I43d20bed4930fc877b187ce7ecdce62034b393c5 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 2d8829cbb5f3d214fbc09bf4258573659e0c5e60)
2020-08-12vcl: always report EPOLLHUP/EPOLLRDHUP on closeFlorin Coras1-4/+0
Type: fix Change-Id: I3d24a7973c7113ffeb9109e89cda7fa960e73a5b Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit ddb90a063cb3fa797257d8a632cba8cf2a01a455)
2020-08-12nsim: enable output scheduling on main threadDave Wallace2-2/+29
Type: fix Change-Id: I5d47cb9bc7eb7f3c8485e3b42f0701e81d87ba2a Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit c0c4eec3bc309bcc656eade82f17754875f9ed7c)
2020-08-12classify: fix pcap filter set initFlorin Coras1-4/+2
Type: fix Change-Id: I6a48a6c14bfb84b3460e8211021bc9df6e915dba Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit cd681adab40f49d1305144b6bbbd5118e63a2805)
2020-08-12lb: fix that lb_add_del_vip and lb_add_del_as api doesn't work correctlyYulong Pei4-12/+18
Currently if user want to set ip4 address to the api, it must convert to ip6 format, e.g. user want to ip4 "90.1.2.1" but must convert to "::5A01:0201", it is not acceptable, this fix solved the issue. Ticket: FDIO-753 Type: fix Change-Id: I2ffa5a3d38400ee176cf601421074f71fc395f03 Signed-off-by: Yulong Pei <yulong.pei@intel.com> (cherry picked from commit db43bb6af78c33e47d29889b047cced4b11fe4d7)
2020-08-12sr: some fixes for SRv6 CLI/APIAhmed Abdelsalam2-4/+19
Return FIB table_id instead of vrf_index to clients Type: fix Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com> Change-Id: I76a97bad3ecd3ac8eb045efb1657eaa90c2a57b6 (cherry picked from commit 13e6fce7c5b3a16a6af0b27fc259ef3f65d8c861)
2020-08-12tcp: fix rxt delivered without sacksFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I69c245cb0e3f6d599a3270a485fa0a5845cde8eb (cherry picked from commit 56cef059ef44434efe26d523caec1bb0af9c1d3b)
2020-08-12vcl: add rx event on epoll ctl if neededFlorin Coras2-2/+18
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib6d0387076a4bb0b52e4cdfdcd62b6060b704fe6 (cherry picked from commit 6e3c1f8ec3faa8f0cad591fada32ad2f506ec0a0)
2020-08-12udp: fix ipv6 listen port registrationFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7f2233eb9bf3d81a697f76ba985083cf1040e2e9 (cherry picked from commit ff2fad1701d8274d602cc46f3f2323154d96dc9f)
2020-08-12vppinfra: fixing compilation issues in 32-bitVijayabhaskar Katamreddy1-2/+3
Fixing compilation issuues for 32-bit also setting init flag for shm based bihash Type: fix Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: Ic2072c5ba7fc77d061ca9f1b844a71f6e22e58b2 (cherry picked from commit f0bae64f6fd4c410c19f6ece688443f389932688)
2020-08-12build: Add missing version.h dependency in vnetChris Luke1-1/+1
Two modules in vnet include vpp/app/version.h but there is no explicit build dependency for this generated file. This leaves a race condition in the build system that the Coverity build has recently started triggering. Change-Id: I8e2bb32feeb16e1bdd8efb0d2633cfdba60f51aa Type: fix Signed-off-by: Chris Luke <chrisy@flirble.org> (cherry picked from commit c171d01cdb5183c8bf640951e94af6b1fd5e3efc)
2020-08-12tcp: fix tcp check tx offload issueSimon Zhang1-2/+6
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: I3b8755831d762abf51e1cbe1b57024f9297de9a4 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> (cherry picked from commit 79bfb9e09c7bf2072d34b2ed6159ba11815dab3a)
2020-08-12tls: enable async node on demandYu Ping1-3/+1
Type: fix Change-Id: Iab7c65614c94497e8ec5a96624be72c1a139e486 Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit d63b356bdf29fbb80f810d341dcaf8f5f92121c1)
2020-08-12ip6: during icmp to icmp6 translation truncate error messagesAlexander Chernavin1-2/+2
All translated ICMPv6 packets that exceed the minimal IPv6 MTU get truncated but according to RFC 4443 2.4 only ICMPv6 error messages (type < 128) need to be truncated. With this commit, truncate only ICMPv6 error messages. Type: fix Change-Id: Ic455352de2ff4ff6aa3421b46a2a54923f2d3f80 Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit 180210f99b74b97b127b7800bdc7bd243713cbf4)
2020-08-12tcp: handle ack advancement with no holes and renegingFlorin Coras2-2/+36
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9afba8dc9e087b8c436fe568531c02614a577a7c (cherry picked from commit c95eefb393d05167ce6e35e5617179f536de0bda)
2020-08-12dpdk: enforce max tx retriesBenoît Ganne1-0/+1
n_retry was never decremented and so never enforced. Type: fix Change-Id: I71d60a72c156286f7e5b82b1c77a723361317c69 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 207a1633094526697729f322269b937f841aaf47)
2020-08-12ct6: dst,src copy typoNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I266fa5dc637383fd8dac6592c9c266a1b70a73e9 (cherry picked from commit 629e268aa171a8bc03fb93fc995725b78ae64063)
2020-08-12tls: enable TLS OpenSSL plugin works in 3.0.0Yu Ping1-0/+5
Type: fix Change-Id: Id1602981fcc6efed1b0efe79a1fc8177457acdb5 Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit 1c6486f7b8a00a1358d5c8f4ea1d874073bbcd6c)
2020-08-12ip: avoid fib lookup for consecutive pkts having same source IPNitin Saxena1-5/+5
Type: fix Fixes: be2286b0 This patch does following: - If terminating frame has consecutive packets with same source IP, this patch avoids fib lookup for those packets in ip4-local node. This drops cycle count for ip4-local node on both ARM and x86. It being done by enabling dead code in else {} case of ip4_local_check_src_x2() and ip4_local_check_src() functions. - In case all packets in terminating frame have unique source IP (e.g: incrementing), ip4-local is costlier by 2 cycles (broadwell) Change-Id: I472ddc324716cec8bfe601568b8aeb7565f97ab3 Signed-off-by: Nitin Saxena <nsaxena@marvell.com> (cherry picked from commit 2d18d2ea9f0e3d6c47d365ec135af651b14e8165)
2020-08-12fib: leverage well-optimized clib_memcpyZhiyong Yang3-6/+6
Type: fix Change-Id: I684910837ca4d9c8a07262459158bbb0423a33af Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> (cherry picked from commit d3d7ef5ec828ec895c6f90090118782e497b9084)
2020-08-12session: remove io event dispatch dbg msgFlorin Coras1-4/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I166ab7b96444587a3252925d3a28505e0db52d74 (cherry picked from commit 87b0c892947006cbfa80fd2af15e8edb4029f327)
2020-08-12tcp: fix persist assertFlorin Coras1-4/+1
Type: fix Persist and retransmit can pop at the same time. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia9530645cc84c83a881a75d7b4627197dc50ed29 (cherry picked from commit a6696719cb9fcd8ab54a5007e91dac6aeffe4e70)
2020-08-12tcp: fix scoreboard assertFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3c70b331932708a1b773392e089aed9dba9b3b31 (cherry picked from commit edf1da94dc099c6e2ab1d455ce8652fada3cdb04)
2020-08-12tcp: fix last sacked with no holesFlorin Coras2-0/+46
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id12b0a9b8bc47aef8b393544e5b4c8228ed6a606 (cherry picked from commit 479f7fec6a876bf06f6007c03fd7b9fa3404df54)
2020-08-12vppinfra: retry socket connect on EAGAINFlorin Coras1-4/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I93577acf559a8fa639aab7ec3f7cdbe7df9a248d (cherry picked from commit 42ddf69ed0560cff70a2f3fafc732fc5a33255c0)
2020-08-12svm: fix eventfd signal write error checkFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I706c8642ca0877430a42cc0ca5bc61a45428fc98 (cherry picked from commit e4a08c1f3bf58670ff94382b2821518ad954a854)
2020-08-12vlib: fix coverity warning / real bugDave Barach1-1/+1
The path must be next-to-impossible to hit, because the code has been wrong for at least 5 years. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I23b8c4e1631827e7931f353c561c1e19c596c598 (cherry picked from commit 5c944eef7012e7c5b363399ed92966fb659196b7)
2020-08-12tls: Make tls CPS test run for a quite long timeYu Ping1-3/+7
Type: fix Change-Id: I8cfb48bd7f92689b296861dd368186408918061b Signed-off-by: Yu Ping <ping.yu@intel.com> (cherry picked from commit a9ed934745403461834b4361f06bd3865682f368)
2020-08-12tcp: fix duplicate sack whith renegingFlorin Coras2-17/+108
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6f7fb91e059996ff702eb9c36e3abaed237fe221 (cherry picked from commit 067f8f963d64b1cbc70f2b78ebd2c6d3791e7d22)
2020-08-12tcp: fix rate samples for old acksFlorin Coras1-2/+24
Type: fix Change-Id: Ieab35bbfba81faae61b1267d8661df5195877824 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 2f04cb9f142abef82cd379432cecdafef9e776db)
2020-08-12svm: broadcast on raw dequeues and full ringsFlorin Coras3-7/+28
Type: fix Change-Id: I0cac9001290e7ed4e2e318ae62c56e97ec75a3db Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit fea813ae3de5343a2bc91306fddf6dbd1832f93d)
2020-08-12vcl: hold errno when calling LDBGhanlin1-1/+5
Type: fix Call trace of LDBG: LDBG->clib_warning->_clib_error->dispatch_message->os_puts->writev However, writev will hijacked by LDP, and then execute following code: if ((errno = -ldp_init ())) return -1; Now, errno will be set. Because we always call LDBG just before return from ldp_accept4, listen, and etc. So errno will be overwritted after LDBG called. Signed-off-by: hanlin <hanlin_wang@163.com> Change-Id: I7a90f3a14772994f11f09650481411796e3f5630 (cherry picked from commit 9f3f18f99fd321cdcfc331e92b10b64f0ef590b3)
2020-08-12vcl: EPOLLOUT should be generated when epoll_ctl called with EPOLLOUThanlin1-0/+20
event Type: fix When we call epoll_ctl to add or mod fd with EPOLLOUT event, mostly to check if we can write. So we expect a EPOLLOUT event should be generated immediately unless tx queue is full. Signed-off-by: hanlin <hanlin_wang@163.com> Change-Id: Ie99986a44dbb07b6ff2fba6512171056f79e77bd (cherry picked from commit 475c9d7bcd0f2ceca77022eaef67ad9a84365609)
2020-08-12tcp: accept sack reneging as a cc eventFlorin Coras1-4/+4
Type: fix Change-Id: Iead1303ca3dec7593eb3ce54f291b82d94c821a4 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 1de7167e7a12a80cc5996959aeb1fbe4b2853ccb)
2020-08-12interface: Prevent bad inner-dot1q any exact-match configurationJon Loeliger2-3/+13
Someone much more knowledgeable than I wrote: For L3 IP forwarding, any VLAN tags on a packet must be exact match to a sub-interface which means both outer and inner VLAN tag IDs must be exact-matched to specific values defined of that sub-interface. Without exact match on a L3 sub-interface, VPP has no mechanism to know what VLAN tags to use for packet output, such as ARP request packets or IP packets, on that sub-interface. Thus, sub-interface with "inner-dot1q any" is not an exact match sub-interface by definition since no match is present on inner tag. While in the area, fix a memory leak that would ensue on poorly configured interfaces. Change-Id: I8d17a96dbca3e3724c297ecc935ca61764e6ce2e Type: fix Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit b22e1f06bbebc48ec72ce8effa529e69ffbb12ca)
2020-08-12build: use cmake build typesDamjan Marion1-8/+33
Type: make Change-Id: If822c85d6ff26982516ea1d597ca81aa84773b2b Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 2baa115da3b752cd7e44cc477f2c45bda22d444b)
2020-08-12gtpu: Track the dst FIB entry instead of RR sourcing thatMiklos Tirpak1-9/+9
RR sourcing the destination FIB entry limits the number of tunnels to 255 for a particular destination. This change removes this limit. Type: fix The patch is based on 1f50bf8fc57ebf78f9056185a342493be460a847 that introduced the FIB entry tracking but did not update the gtpu plugin. Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com> Change-Id: I8a4a87382a6eb5120e2bb65b9bc3c446bbfdbd3b (cherry picked from commit 75c72369186f6341a13374d2dd6e60ce3c7a88a6)
2020-08-12misc: don't os_exit(1) causing core on SIGINTChristian E. Hopps1-1/+5
It's not typical for a program to core when it receives a SIGINT, so keep this from happening. Type: fix Signed-off-by: Christian E. Hopps <chopps@chopps.org> Change-Id: I2c15985a57e6ea898ff05c4001e4b30b41154eba (cherry picked from commit 10a8bda37eed33ada1e7c6ece7bda1fe066ba541)
2020-08-12pg: don't leak open files in packet-generatorChristian E. Hopps2-0/+4
Fix pg code to close it's open file descriptors before zero'ing the pcap_main structure for re-use. Ticket: VPP-1780 Type: fix Signed-off-by: Christian E. Hopps <chopps@chopps.org> Change-Id: I32945c6476ae83b8d210ee67ac78db3e8f786f46 (cherry picked from commit 19871f25394fa9a4bfb55006092cbcc28b446c04)
2020-08-12vpp: fix .short_help for "ip virtual"Paul Vinciguerra1-1/+1
Type: fix "# <feature-name>: <subject> Change-Id: I8b6b6b8c70faec7cd95e1842259e907fb9587017 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit 0812aea046209dc990ec704258570f46d3fa74c8)
2020-08-12vxlan geneve gtpu: fix short helpPaul Vinciguerra5-5/+5
Type: fix Change-Id: Id53eb6ed15f270d747b9831a7b585cbafe515dd2 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit 5fb2278cb8badbbfe727acbdcaeda008a7fd2833)
2020-08-12ip: cleanup punt socket cli helpPaul Vinciguerra1-11/+20
Make the help string consistent with the cli parser. Type: fix Change-Id: I7140bd589c2a94dbf5af5cc633cb495457a6af22 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit 32c4d38f7ac6fe22abb0b4859f6075bb9b661773)
2020-08-12feature: add descriptive cli command output for 'set interface feature'Paul Vinciguerra1-7/+23
DBGvpp# set interface feature local0 arp-foo arc bad-arc set interface feature: Unknown arc name (bad-arc)... DBGvpp# set interface feature local0 arp-foo arc arp set interface feature: Feature (arp-foo) not registered to arc (arp)... See 'show features verbose' for valid feature/arc combinations. DBGvpp# set interface feature local0 arp-disabled arc arp Type: fix Change-Id: I036bb2a75dd2d40f6901e4fde3eb14925238e19b Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit a4e2e7cc95250220e0d892eb11dcc0adc9fd7e22)
2020-08-12feature: add [verbose] to show features helpPaul Vinciguerra1-1/+1
Type: fix Change-Id: Idf694477c18852e5541c28a493a56b302122e46c Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> (cherry picked from commit baa171041bc950f192c147f7b79a8add2299b74a)