summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2023-12-04http: fix coverity warningFilip Tehlar1-1/+3
Type: fix Change-Id: I659a67293763a6035cfa64a4057ebf716fe93ab4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-12-04iavf: add missing cfg_change_validate callbackDamjan Marion2-1/+4
Type: fix Fixes: 47447f1f Change-Id: I438f5535bc48ca5397b8f5d3fbbd893ca6a511b4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-04iavf: workaround for case when PF driver sends zero for max_mtuDamjan Marion1-1/+13
Type: improvement Change-Id: Ie4b2b958a24cdde8c183b700d864fc6f5b0df08f Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-04dev: mark API handlers as thread safeDamjan Marion1-2/+3
Type: improvement Change-Id: I2acab04ddb6a46a637ed17c683fb37ed7bce3df6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-12-02session: no segment handle on worker delFlorin Coras1-2/+2
Coverity report. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3ce06634b30688d2a9581b50d462092daa8b4cac
2023-12-01vcl: remove perror ldp callFlorin Coras1-1/+0
Reported by coverity Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idae1bceb1eeb6dfe0394eed39ced9d09342d201f
2023-12-01ipsec: should use praddr_ instead of pladdr_Dengfeng Liu1-1/+1
Type: fix Change-Id: I982ef624226807d7c263e3ff83c108f7d31f61f1 Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
2023-12-01iavf: limit maximum number of queues to 32Damjan Marion1-3/+5
First genaration of AVF APIs we currently use doesn't support more... Type: improvement Change-Id: I1ae27f322403a2b455fcad8b028fa2004b449789 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-30dev: use the endian reply macroVratko Polak1-34/+34
Checkstyle also forces the new indentation. Type: fix Fixes: ddf6cec37027547ff7cc61e15bb8080664d41514 Change-Id: Ife96928d6ca30ba94e1c423d557d6ed9d68eca2b Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-11-29session: no reply on app del worker with sapiFlorin Coras1-0/+4
With socket api, applications should not expect reply after worker del msg. VCL in particular closes the socket after it enqueues the message. Found by ASAN. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1be02a0cde6b96a96edb709f3fe30bbc01ff2d24
2023-11-29vcl: fix init of ldp workersFlorin Coras1-4/+2
LDP workers is used as vector but was initialized as a pool. There was no side effect but ASAN does not properly unpoison memory and this triggers false used-after-poison crashes. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie769dad0e86ab970de9929800d0a4131f846e70e
2023-11-29tcp: fix rxt send of new data assertFlorin Coras1-2/+1
We might have less than 1 mss when attempting write but more after write, as application could be actively enqueuing more data. Relax assert. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I54a83c4460f8e022a88758f0ebd7828df711dbb9
2023-11-29pci: fix MSI-X vector length checkDamjan Marion1-1/+1
Type: fix Fixes: 38c6191 Change-Id: I7760947986dc56236f2494fb1c8c238321489ef6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-28tcp: allow unsent segments less than mss in recoveryFlorin Coras1-3/+7
During recovery, send unsent data even if less than mss available as application is not guaranteed to provide more. This should speed up recovery when all data in flight was lost. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7a3c73a0d04d93d51a5910d85450c173c3ad8e93
2023-11-28tcp: add counter for accepted connectionsFlorin Coras2-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2925134cfcfa36c14b3b69efa892b9b96fce2e6f
2023-11-28session: fix asan failureGeorgy Borodin1-2/+5
fix asan failure when params number is less then 3: functions that are set as format_half_open pointer values have different number of arguments Type: fix Fixes: de9a849a18514f0b09bb5f57a73f6a57ee425c76 Change-Id: I6b6e1adf4ffc0c1ec847613f00fe269af640d42b Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
2023-11-27fib: fix fib_path_create() with drop targetsAlexander Skorichenko1-1/+2
Properly set type path->fp_type = FIB_PATH_TYPE_SPECIAL for paths with (path->fp_cfg_flags & FIB_PATH_CFG_FLAG_DROP) Type: fix Change-Id: Id61dbcda781d872b878e6a6410c05b840795ed46 Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2023-11-27bfd: fix buffer leak when cannot send periodic packetsAlexander Chernavin1-1/+1
When a periodic BFD packet cannot be sent because the interface is disabled, the allocated buffer needs to be freed. This currently will occur for IPv4 sessions. However, buffers will leak for IPv6 sessions as in this case, bfd_transport_control_frame() and bfd_transport_udp6() will not indicate failure. With this fix, stop always returning success in bfd_transport_udp6() and start returning the actual return value. Type: fix Change-Id: I5fa4d9206e32cccae3053ef24966d80e2022fc81 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-27tcp: allow multiple rxt rescues during recoveryFlorin Coras1-2/+2
Type: improvement Change-Id: Ia8d7cd6ff9b1449d986d514d9556cbf803deb670 Signed-off-by: Florin Coras <fcoras@cisco.com>
2023-11-25dev: initial set of APIsDamjan Marion11-24/+338
Type: improvement Change-Id: I9ecbf705d460a1744f36c7005b08097dc58d9522 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-24dev: fix null dereference of arg listDamjan Marion2-5/+7
Type: fix Fixes: 69768d9 Change-Id: Iafd3a55634583f2799a81c477ccbf5e53b6f29d0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-22avf: put sentinel at correct placeVratko Polak2-6/+6
The previous fix was adding the sentinel before refilling rx, which gave the NIC time to overwrite it with a new descriptor. Ticket: VPP-2087 Type: fix Fixes: 8b4d474abd62c623502ad9a4a279a9b4535ca0c1 Change-Id: I32bde4a763a62fb66c5c3871d9f10af6066e2d47 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-11-22session: per app wrk client ct segment handleFlorin Coras3-19/+22
Make sure ct client segment handles do not collide if multi worker application establishes cut-through sessions to only one server segment manager. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I905379f9ed73c64d57a826a3e97d53dab3a87517
2023-11-21virtio: fix cli parsing for tx-queue-sizeVratko Polak1-1/+1
The previous change made CSIT virtio tests fail, but those tests are not part of trending. Ticket: VPP-2088 Type: fix Fixes: a181eaa59bb2ff2784376918e95bbf92e5340db1 Change-Id: If0439a030c051894e07007da9cf0a2e4dc1434c3 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-11-20session: add session lookup cli for statsFlorin Coras3-0/+142
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I96bff47206ef64ea7369ae92e1b9ff1f74dfd71b
2023-11-20dpdk: fix description for mlx5_pci driverNobuhiro MIKI1-1/+1
This is because mlx5_pci is also compatible with another series of NICs such as ConnectX-5 and ConnectX-6. Type: fix Change-Id: I10f0468bbe36ab61c72fb3dc0aa898f8e2f9e88c Signed-off-by: Nobuhiro MIKI <nmiki@yahoo-corp.jp>
2023-11-17session: always clear rx evt flag on ntfFlorin Coras1-3/+5
Apps may drain fifos prior to handling of accept notification, e.g., vcl session relying on epoll lt mode. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7d105d35a6bf33c419f4f137a5132e6a5d294fe7
2023-11-17ipsec: keep esp encrypt pointer and index syncedMatthew Smith1-1/+1
Type: fix In esp_encrypt_inline(), an index and pointer to the last processed SA are stored. If the next packet uses the same SA, we defer on updating counters until a different SA is encountered. The pointer was being retrieved, then the SA was checked to see if the packet should be dropped due to no crypto/integ algs, then the index was updated. If the check failed, we would skip further processing and now the pointer refers to a different SA than the index. When you have a batch of packets that are encrypted using an SA followed by a packet which is dropped for no algs and then more packets to be encrypted using the original SA, the packets that arrive after the one that was dropped end up being processed using a pointer that refers to the wrong SA data. This can result in a segv. Update the current_sa_index at the same time that the sa0 pointer is updated. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I65f1511a37475b4f737f5e1b51749c0a30e88806
2023-11-16dev: startup.conf handling improvementsDamjan Marion1-11/+20
Type: improvement Change-Id: I74fb01061b4949d68ec39d0b7d08e6df8dc44b98 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-16dev: device and port specific argsDamjan Marion11-7/+404
Type: improvement Change-Id: I26124a50d8e05d6f01a2e6dbc4bc8183fb5a09c4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-16dhcp: api to enable client detect on interfaceOle Troan3-0/+39
DHCPv4 aka BOOTP is somewhat awkward. A DHCP client on an interface must receive DHCP packets to the broadcast address or to a unicast address. Apparently before it's been assigned to itself. Add this new API to allow external DHCP clients enable the DHCP client detect feature per interface. Type: improvement Change-Id: If55aac03f25a045496be483940e4f5e7e18885b9 Signed-off-by: Ole Troan <otroan@employees.org>
2023-11-14flowprobe: fix L3 header offset calculation for tx flowsAlexander Chernavin1-1/+1
The recent TX flows generation fix introduced "l3_hdr_offset" which represents the offset of the IP header in the buffer's data. The problem is that it is erroneously defined as a 16-bit unsigned integer. If the calculated offset is negative, "l3_hdr_offset" will get a value close to UINT16_MAX. And the code will search the IP header somewhere beyond the buffer's data. For example, this will occur in the case when an ICMP error is being sent in response to a received packet. With this fix, make "l3_hdr_offset" a signed integer. Type: fix Change-Id: I6f1283c7ba02656d0f592519b5863e68348c5583 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-14vppinfra: respect indent in format_tableDamjan Marion1-2/+3
Change-Id: Ib7e5cb5adfe81e5cc6243125d91f5179608a7733 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-14vppinfra: add unformat_{single,double}_quoted_string functionDamjan Marion2-0/+44
Change-Id: I8ee90be1b772074c1130b98c71b3be48c973b2e2 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-13ena: Amazon Elastic Network Adapter (ENA) native driverDamjan Marion20-1/+4434
Type: feature Change-Id: Icd9de05f2cbac0e5a6dfb1f1414f21dc4b893104 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-13dev: add change_max_rx_frame_size capabilityDamjan Marion9-30/+55
Type: improvement Change-Id: I922e216818b78f2fe7689c21a1d27d74a0ae28b8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-12flowprobe: fix tx flows generated for rewritten trafficAlexander Chernavin1-5/+7
Currently, when IPFIX records generation is enabled for an interface in the TX direction, some rewritten traffic is being sent from that interface, and the Ethernet header's location has changed due to rewriting, generated TX flows will contain fields with wrong and zero values. For example, that can be observed when traffic is rewritten from a subinterface to a hardware interface (i.e. when tags are removed). A TX flow generated in this case will have wrong L2 fields because of an incorrectly located Ethernet header. And zero L3/L4 fields because the Ethernet type will match neither IP4 nor IP6. The same code is executed to generate flows for both input and output features. And the same mechanism is applied to identify the Ethernet header in the buffer's data. However, such general code usually works with the buffer's data conditionally based on the direction. For most input features, the buffer's current_data will likely point to the IP header. For most output features, the buffer's current_data will likely point to the Ethernet header. With this fix: - Keep relying on ethernet_buffer_get_header() to locate the Ethernet header for input features. And start using vlib_buffer_get_current() to locate the Ethernet header for output features. The function will account for the Ethernet header's position change in the buffer's data if there is rewriting. - After fixing Ethernet header determination in the buffer's data, L3/L4 fields will contain non-zero but still incorrect data. That is because IP header determination needs to be fixed too. It currently relies on the fact that the Ethernet header is always located at the beginning of the buffer's data and that l2_hdr_sz can be used as an IP header offset. However, this may not be the case after rewriting. So start calculating the actual offset of the IP header in the buffer's data. - Add a unit test to cover the case. Type: fix Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-10tls: fix forced ho cleanupFlorin Coras1-3/+13
Do not force cleanup of tcp half-open connection if tcp's cleanup notification to tls is pending. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7bccbe8429a4aab10df1c89b66138b967e04ac19
2023-11-10gtpu: support non-G-PDU packets and PDU SessionRune E. Jensen8-527/+2551
Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with the gtpu plugin. New features: - Basic support for the GTP-U Extension Header Flag. Packets with one extension can now be decapsulated. This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0). New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI). With this, encapsulated packets will have the PDU Session extension header, and the QFI set. - Ability to forward GTP-U packets that are not handled by the plugin directly. Only GTP-U packets with a message type of 255 (G-PDU) are handled directly. However, 3GPP TS 29.281 defines several other message types like echo and error indication. A new feature is added to optionally forward unknown or unsupported packets to a new IP address. This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown GTP-U header. This allows both echo and error indications from a 5G gNodeB to be handled by a different system outside VPP. - Simple way to get metrics for active tunnels and on tunnel close. In 5G session/tunnel lifetime is often short and created frequently. The normal API becomes too slow and inaccurate when too many tunnels are created and deleted every second. Improvements: - A clean ground structure to handle multiple message type in the future. The code path for G-PDU packets is optimized for performance, representing the typical case. Unsupported GTP-U packets enter a slow path that decodes the nature of the error. This presents a easy hook to handle other message types in the future. - Improved error reporting When using traces there is more details in the tunnel descriptions. - Updated the API with several enums. Fixes: - gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code. - vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels. Issues: - This PR does not enable full support of the 3GPP specification. In particular it only supports a single QoS/QFI flow for each tunnel. It ignores all incoming extension header flags. - API functions might change again when/if more support of the 3GPP TS 38.415 spec is added. Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on my API changes. Type: feature Signed-off-by: Rune E. Jensen <runeerle@wgtwo.com> Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625
2023-11-09iavf: interrupt mode supportDamjan Marion7-86/+241
Type: improvement Change-Id: Ie5fcaa706ab0995e0021cf1ee74b95c5a3b30283 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-09tls: fix handling of client and server init errorsFlorin Coras1-11/+9
- notify app on failed connect - avoid cleanup of ctx before transport cleanup to be able to handle pending rx notifications. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
2023-11-09ipsec: IPsec fix constant propagationMaxime Peim1-2/+3
In some anti-replay, some functions weren't using the boolean telling if the window was huge or not. Hence, limiting the constant propagation at compilation. Type: fix Change-Id: Ie5f2dda38339bb32113c6f7b2b82c82135fc92a8 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-11-08tls: avoid reads after tcp transport removedFlorin Coras1-4/+18
Make sure underlying transport connection is not removed on rescheduled read event. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f
2023-11-08dev: remove unused codeDamjan Marion3-37/+0
Change-Id: If380e4ab6ca30243137fd31fbe51845c0414721a Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-08dev: interrupt mode supportDamjan Marion10-154/+306
Type: improvement Change-Id: I4a0578598182339bcf76e6b01da76b590a06f773 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-07af_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flagArtem Glazychev1-1/+0
af_packet does not process data until the interface is UP. If after interface creation, but before it is UP, the host interfaces are flooded, then blocking case may occur - VPP interface will never be able to process the data. If the EDGE_TRIGGERED flag is set, the event will not arrive, because nothing new is happening anymore (probably because the queue is already full). Therefore, we need to use LEVEL_TRIGGERED (default value), which indicates that there is still unprocessed data (accumulated after interface creation, but before it was UP). Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: Ied459fd194149d09f226bcb0a5907b3e327b148a
2023-11-07flowprobe: fix clearing interface state on feature disablingAlexander Chernavin1-0/+3
As a result of recent fixes, all currently stored flows of an interface are deleted when the feature is being disabled for the interface. This includes stopping the timer and freeing the flow entries for further reuse. The problem is that meta information is not cleared in the flow entries being deleted. For example, packet delta count will keep its value. The next flow that gets one of these pool entries will already have a non-zero packet count. So the counting of packets will start from a non-zero value. And incorrect packet delta count will be exported for that flow. With this fix, clear meta information too when clearing interface state. Also, update the corresponding test to cover this case. Type: fix Change-Id: I9a73b3958adfd1676e66b0ed50f1478920671cca Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-07build: disable bogus warnings for GCC 12Jieqiang Wang1-0/+8
The array bounds and string overread check on GCC 12 report a dozen of false positives that result in VPP build failures on ubuntu 22.04. Work around this build issue by unconditionally disabling these two warnings if C compiler is GCC 12 or newer version. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I999e847bb625ebdf3ef5f11b11598c553f306670
2023-11-07misc: silence -Wmaybe-uninitialized warningsJieqiang Wang4-4/+4
GCC 12 complains about such errors while the code itself looks good. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I021719fdbf7d9bd93a12eac76aeac8cbca13a810
2023-11-06vppinfra: fix ASAN issue in vec_foreach_pointer and pool_foreach_pointerDamjan Marion2-5/+6
Change-Id: If9381ae7283488b352a3c22f85732cd56ac6bfd9 Type: fix Fixes: 9937359, 91ff0e9 Signed-off-by: Damjan Marion <damarion@cisco.com>