summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2023-10-09tls: no read after app closeFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I34f8ee2e36d07e8e55e21561528fc6b73feb852f (cherry picked from commit 3843d0dd03a3ebbdb5d13b54e1b871a8ea72498c)
2023-10-09tls: report error if connected cannot be initializedFlorin Coras1-4/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I987ac6b461b473836917bce6ce0d4ac109cc8ddb (cherry picked from commit a3d55df1e91a7df4ad4c0e1b639ba12a1ed04c79)
2023-10-09vppinfra: fix string termination in clib_file_get_resolved_basenameDamjan Marion1-0/+2
Type: fix Fixes: 40f4810 Change-Id: Idf51462c8154663de23154f17a894b7245c9fbf0 Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 08600ccfa12f529d6ca7b852106227fc5f7addbf)
2023-10-09tls: limit openssl engine max read burstFlorin Coras2-4/+6
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic7a8fd37d79fc9c09c8b1539d630f3b8983b8bb3 (cherry picked from commit c1b038001e1f18effb3c9ff5daa9e9cac1cd66e8)
2023-10-09tls: init connection for prealloced app sessionsFlorin Coras1-0/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Icd62dc110e3a73b24372f3a5162f8008b7edee9f (cherry picked from commit a127d3c157cb6e7658451a877abbfe0dd16c982a)
2023-10-09tls: ignore tx events for not fully established sessionsFlorin Coras1-6/+9
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I401a116a1a46c0dc5d591115de5ff0eef2f6440b
2023-10-02tls: fix formatting of half open connectionsFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If96dc748a716a261edfcb1020210bd73058e382f
2023-09-19npt66: ensure feature is not configured multiple timesOle Troan2-12/+23
If the control agent enabled a binding on an interface multiple times, we would add the node in the feature arc multiple times. Type: fix Change-Id: I2ca247db0a0211f5fa3974a18ca4fcae8485cb12 Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-18vcl: unset fifo evt before size checkFlorin Coras1-6/+8
For blocking sessions, if fifo event still active before size check it could lead to vpp not generating an event because of race to check flag in vpp and to eventually unset flag in vcl. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0e350b9ff92a4e08a9249345ae224589c09d305b
2023-09-16vapi: fix coverity warningsDave Wallace1-12/+13
- CID-322713, CID-322712, CID-314881, CID-314880, CID-314878 COPY_INSTEAD_OF_MOVE Type: fix Change-Id: Idad6806fcd4e1a89a750dcc0584b5b1f0432bf3c Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13nat: fix nat44_ed set_session_limit crashVladislav Grishenko1-8/+4
Setting session limit should return error for unknown fib. Optimize max_translations_per_fib expanding and drop unnecessary trailing fib entry. Type: fix Change-Id: Ie7d2b363ade48f53598faa617a49cce7b2db6400 Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-13quic: fix quic sessions state updatesFlorin Coras1-11/+5
Session state cannot be updated after async notification event is generated for app. Instead, make sure quic sessions that accept new streams are switched to listening state only on accept. Type: fix Fixes: 0242d30 Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9663ccadbea99d555ad49e871f7dff897239dc84
2023-09-13sr: mark sr_policies_v2_details message as productionAndrew Yourtchenko1-1/+0
As per discussion on the VPP community call, since the message is used in CSIT tests and did not see the changes in a while, mark as production for the purposes of change process. Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I4a79aafb1a9f37ac87faea7abea28cf01d1ffb4c
2023-09-13adl: stabilize the APIAndrew Yourtchenko1-1/+1
As discussed on the VPP call, since CSIT tests use these messages and they have not been changedfor quite a while, bump the version so these messages are considered as "production" from the change process standpoint. Type: improvement Change-Id: I93a04b10b273d5904c0678fa0b85d47f9f683a9b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2023-09-13flow: mark API as productionAndrew Yourtchenko1-1/+1
As per discussion on the VPP call - since the APIs are used in CSIT tests, mark them as production from the change process perspective. Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I9164073425384e8aa281445a2852fee49b777e2f
2023-09-13wireguard: stabilize the APIAndrew Yourtchenko1-1/+1
As per discussion on VPP call - since the APIs are used in CSIT tests, and there has not been changes in a while, mark them as stable from the API change process PoV. Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: Ia644e1dfcd9d182cc6f10089fc44397a61e8aaf6
2023-09-13crypto-sw-scheduler: stabilize the APIAndrew Yourtchenko1-1/+1
As per discussion on the VPP call: since the CSIT tests use these APIs and the APIs have not changed in quite a while, stabilize the API from the change process point of view. Type: improvement Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: Id81999d03cce37764f6ed7d4f77ef5a71fe41ad1
2023-09-13hsa: fix coverity issue CID-313635Dave Wallace2-2/+8
Type: fix Change-Id: Ieb50ab548bb34bdbb44d973037ee452d48f412ea Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13api: fix vlibmemory coverity warning CID-300152Dave Wallace1-0/+4
Type: fix Change-Id: Icdebc8629946e0e7c8dde3e45ee93ff9027e7c68 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13vppinfra: add ARM Neoverse-N2 supportDamjan Marion3-94/+131
Type: improvement Change-Id: Ief77ae7338667ede290aece6933bb5ae2e76ffc6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13build: fix clang-16 buildDamjan Marion1-1/+3
Change-Id: I882bef6f45fd276587fb93944ff4e21dc57dbca2 Type: fix Fixes: 1c82cd4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13idpf: make plugin default disabled until issues are fixedDamjan Marion1-0/+1
Type: improvement Change-Id: I2daa8fc338289555649135e7f0898e139807fdce Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2023-09-13build: add vpp_plugins include directoryBenoît Ganne1-0/+1
Type: fix Change-Id: Iacb04846c634231854f26348cc17cc729d6e0d87 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-09-13vppinfra: fix coverity warning CID-313632Dave Wallace1-2/+0
Type: fix Change-Id: Idc036d5967495cc2522b2a30e3acd3ec4c0cd3ff Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13vlib: deuglify the offset finding loop in pci.cVratko Polak1-5/+2
Type: style Fixes: 054229ebbdeb3f87d96c1abf93b511c86cd6ff0f Change-Id: I7c3080db94566af249e5082d59a4e6373c616888 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-13perfmon: fix perf_user_access_enabled typeTianyu Li1-1/+1
perf_user_access_enabled is defined as u8, clib_sysfs_read format type is %u, this is for unsigned int, change type from u8 to u32. Type: fix Fixes: 268d7be66b8b ("perfmon: enable perfmon plugin for Arm") Signed-off-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I48ec00605e496d185370e77d894d7852d6d22124
2023-09-13vppinfra: fix setns typoArtem Glazychev1-1/+1
Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: Ib8eb70336956bc2e8d0454f3c1f2c62ec98cb009
2023-09-13pci: fix coverity issue CID-322372Dave Wallace1-1/+1
Type: fix Change-Id: Iaf16bb720d76ea3ae04afb8123b7cac15771ef2b Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-12ipsec: improve fast path policy searching performanceXiaoming Jiang2-35/+59
Type: improvement Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Ib8bb300f5b62648f6b634046415742bdf5365982
2023-09-12crypto: allow changing dispatch modeVratko Polak4-2/+51
This change aims to affect crypto_sw_scheduler behavior, but all the edits end up in vnet/crypto. Previous release CSIT tests were testing async crypto in polling mode. After 9a9604b09f15691d7c4ddf29afd99a31e7e31eed introduced adaptive mode for crypto dispatch, the CSIT performance got way worse. Possibly, there is another VPP bug related to adaptive mode (it should not lose as many packets as seen in CSIT), but the next release is too close for trying to fix that. This change (instead of fixing adaptive mode) allows CSIT to continue testing polling mode (after explicit API call), while keeping the adaptive mode as default behavior. The deprecated crypto_set_async_dispatch always disable adaptive mode, crypto_set_async_dispatch_v2 has parameter to enable or disable it. The mode parameter is still used for the inital state of adaptive mode. Type: feature Change-Id: Ib98080eefb4be291207af543884f2c3837f92f59 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-12crypto-sw-scheduler: improve function indentationVratko Polak1-159/+156
The checkstyle --fix command remains confused around the def/foreach/undef usage in convert_async_crypto_id, but at least the other functions now look correctly indented to me. Type: style Change-Id: Ic8f7b580267386b7a6b07d33d9ba7ae9787c0e0a Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-07session: make sure rx evt flag is cleared for builtin rxFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I99631b1be6e19f0cefd1cefa82a51e6f8e9be2ac
2023-09-07ipsec: clear L4-cksum flags when decap'ing packetsFrédéric Perrin2-1/+5
Type: fix Signed-off-by: Frédéric Perrin <fred@fperrin.net> Change-Id: I45191b7316c88038bcd57d62aeb07bb109cf4a4d
2023-09-07dpdk-cryptodev: fix cache ring stats cli commandPiotr Bronowski1-14/+12
The logic for calcuating processed elements in the cache ring was broken. In case tail and deq_tail equals and frame element pointed by the tile is not NULL it means there is exactly one processed element in the ring. Type: fix Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I69c978334fc952049393214ccc9cc5245351f7f7
2023-09-06build: add option to specify native -march= flag with VPP_BUILD_NATIVE_ARCHDamjan Marion1-8/+8
Type: improvement Change-Id: I98eeba1ad2f9ed0531a7c615e0e70e535f24f813 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-06nat: improve nat44-ed outside address distributionVladislav Grishenko1-1/+3
Use client address hash to pick the first outside address instead of just address high octet, becasue it may denegerate into stable 10/172/192, depending on nat address count. Fix outside address distribution test to acually test the distribution, not the algo, so previous distribution will fail with 65 nat addresses and 100 clients: FAIL: Outside address distribution based on source address Traceback (most recent call last): File ".../test/test_nat44_ed.py", line 2048, in test_outside_address_distribution msg="Bad outside address distribution") AssertionError: 156.25 not less than 0.33 : Bad outside address distribution Type: improvement Change-Id: I604b1294422f20d211db5614c47559557a78a193 Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06virtio: add support for tx-queue-sizeMohsin Kazmi5-10/+27
Type: improvement DBGvpp# set loggin class virtio level debug DBGvpp# create int virtio 0000:00:03.0 tx-queue-size 1024 show virtio pci ``` Virtqueue (TX) 1 qsz 1024, last_used_idx 0, desc_next 0, desc_in_use 0 avail.flags 0x1 avail.idx 0 used.flags 0x0 used.idx 0 ``` show logging ``` 2022/07/22 23:20:22:557 debug virtio 0000:00:03.0: tx-queue: number 1, default-size 256 2022/07/22 23:20:22:557 debug virtio 0000:00:03.0: tx-queue: number 1, new size 1024 ``` Change-Id: Ib1a3ebe742b3a6c9fe72bd1c5accfe07682cbdd1 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2023-09-06ip: punt add punt socket support for icmp6Ole Troan3-31/+77
Punt support for ICMP6 messages allows for an external IPv6 RA advertisement agent. Type: feature Change-Id: I0cc928b747ac1f8335ee9f7c42a3231424825dbc Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-06api: fix mp-safe mark for some messages and add moreVladislav Grishenko6-14/+35
Several api messages were not mp-safe although marked as such because non-zero base id was not taken into account, and therefore some other (from zero base id) were falsely mp-safe instead. Keep messages as mp-safe, as they falsely were before: 10 get_first_msg_id 0 1 12 api_versions 0 1 Messages that are no longer mp-safe as they weren't marked: 15 sockclnt_create 0 1 33 proxy_arp_intfc_dump 0 1 Fix messages to be really mp-safe: 809 bridge_domain_dump 0 1 920 ip_route_add_del 0 1 921 ip_route_add_del_v2 0 1 1362 get_node_graph 0 1 1671 create_vhost_user_if 0 1 1675 create_vhost_user_if_v2 0 1 Additionally mark messages as mp-safe, seems they need no barrier: 1360 show_threads 0 1 1370 show_version 0 1 1372 show_vpe_system_time 0 1 Type: fix Change-Id: Ie6c1e3aa89f26bf51bfbcb7e7c4d9fee885487b7 Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06vapi: fix verification for reply messageSylvain Cadilhac1-1/+1
Type: fix Byte swapping should be done before verifying message otherwise the message length will be wrongly computed. Change-Id: I90b2f60bd33e5362e0edd5ee425f6a6f07886f1e Signed-off-by: Sylvain Cadilhac <sylvain.cadilhac@freepro.com>
2023-09-05npt66: make plugin default disabledOle Troan1-0/+1
Plugin is still in experimental state. No reason why it needs to be default enabled. Type: fix Change-Id: Ibf1810215d4c8079a068bfc60aa7dd49306ee4e4 Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-04udp: buffer packets for connections in accepting stateFlorin Coras1-1/+2
Type: fix Fixes: 0242d30 Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6e313000bccce749b813f20a52432154bfd494ed
2023-09-04arping: api to return responder mac addressOle Troan3-0/+68
The new arping_acd call includes the responders mac address in the reply. Enabling a client doing address conflict detection to identify if it is itself that is replying or that it is another host uses the IP address. Type: feature Change-Id: Ia4bab2af1086f06ed71ba42e2e07368d4e330a27 Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-04npt66: checksum applied to src address instead of dst address on rxOle Troan1-3/+1
Applied the checksum delta to the source address instead of the destination address in the RX direction. Cleaned up tests a little. Type: fix Change-Id: I871f3448365587e5319dfbca6ea356935321ff9b Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-04tracenode: filtering featureMaxime Peim10-0/+606
In order to be able to filter on encapsulated packet, a new node has been added to the ip4/6-unicast arcs. Type: feature Change-Id: I1e8ee05bc6d0fce20cadd8319c81bab260c17d21 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-09-04session: fix allocation of proxy fifosFlorin Coras9-21/+50
Fifos need to be synchronously allocated once a transport like tcp accepts a session. Since events are now delivered asynchronously, proxy apps must explicitly register a cb function that manages fifo allocation prior to being notified of connect event. Type: fix Fixes: 0242d30 Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7df973b7014e53e0766ea2bdc61e9871160bc18b
2023-09-01vcl: set min threshold for tx ntfFlorin Coras1-1/+5
Make sure there's at least 3% space in the tx fifo before notifying vcl of a tx event. The threshold is somewhat arbibrary but for a 4M fifo, it now means that ~120kB of space should be available. Should help minimize the amount of tx notifications generated by session layer when apps are faster. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I11dd0931dca8f989000a2481f1f495bd267589c4
2023-08-31fateshare: a plugin for managing child processesAndrew Yourtchenko4-0/+621
For the reasons of modularity and security, it is useful to have various functionality split into processes different from VPP. However, this approach presents the challenges of managing those processes, and is markedly different from simply running everything within VPP process. This plugin is an experiment in having the VPP itself start off a monitor process which in turn starts the child processes, and restarts them if they quit. If the VPP process ceases to exist, the monitor process terminates all the descendant processes and quits itself. This allows to preserve the "single entity to manage" approach of simply running a barebones VPP. An example of running it: export DPDK_CONFIG="" export DISABLED_PLUGINS=dpdk export EXTRA_VPP_CONFIG="fateshare { monitor ./build-root/install-vpp_debug-native/vpp/bin/vpp_fateshare_monitor command ./test1 }" make run Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I66221fd7403f220d9652fe76958ca499cfd070a7 Type: feature
2023-08-31session: fix compilation when SESSION_DEBUG is onFlorin Coras1-3/+7
Wrap SESSION_EVT in do loop to avoid complaints about if statement having no arguments which can happen if debugging for groups is not enabled. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I35af179b806ed47a1e20816a19291c31fdb7566a
2023-08-29mpls: add mpls_interface_dumpPim van Pelt2-0/+68
Add an API call mpls_interface_dump() which returns a list of mpls_interface_details: - If no sw_if_index is given, all MPLS enabled sw_if_index are returned. - If a particular sw_if_index is given, and it doesn't exist, an empty list is returned. - If a sw_if_index exists and has MPLS enabled, a list of that one sw_if_index is returned. Tested: - Create 3 loopback interfaces - Call for ~0 and for sw_if_index 0..5 all return empty lists - set int mpls loop0 enable - set int mpls loop1 enable - Call for ~0 returns 2, and the call for sw_if_index=1 and =2 (the loopbacks) returns each a list of one sw_if_index 1 resp 2, the other values of sw_if_index return empty list - set int mpls loop0 disable - Call for ~0 returns 1, and the call for sw_if_index=2 (loop1) returns both a list of one sw_if_index=2, the other values of sw_if_index return empty list - set int mpls loop1 disable - Call for ~0 and for sw_if_index 0..5 all return empty lists Example Python3 API program: ``` api_response = vpp.api.mpls_interface_dump() print(f"Response is {api_response}") for i in [ 0, 1, 2, 3, 4, 5 ]: api_response = vpp.api.mpls_interface_dump(sw_if_index=i) print(f"Response[{i}] = {api_response}") ``` Type: improvement Change-Id: If87f7d7f8972d99260e859757dbcb251c6fa54a8 Signed-off-by: Pim van Pelt <pim@ipng.nl>