| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Make it http version neutral, since h2 and h3 use 3 pseudo-headers.
Added scheme, target_authority_offset and target_authority_len
to http_msg_data_t, target_form removed.
Http transport now validate if correct form of request target
is received, so now we are also able to receive requests with
absolute-form target in server apps like http_static.
As bonus, unformat is not longer used to parse IP addresses.
Type: improvement
Change-Id: I369f77e2639c43cc1244d91f883c526eb88af63e
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Sets the program_vlans = 1 flag, enabling the DPDK sub-interface
function to configure VLAN offload settings on Intel iavf/i40e Ethernet
devices from VPP.
Type: improvement
Change-Id: I030af0c93b13cf80772982b243861f9c303f7e09
Signed-off-by: Kai Ji <kai.ji@intel.com>
|
|
Add async crypto algo macros for AES_CTR SHA256/384/512.
Add support for these in dev octeon plugin.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
|
|
This patch introduces support for direct mode crypto
submission on CPT. For multi-segmented buffers,
scatter-gather submission mode will be utilized.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: Idb99e6c9ea49028e11d3bf530c9559719c988252
|
|
Added changes in the pending queue structure to
incorporate each packet into a single inflight
request entry.
Type: improvement
Change-Id: I18729e01b5f73b128ae245a1a8f77a4f97065026
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
|
|
This patch resolves segmentation fault that occurs
during the initialization of an asynchronous crypto
session when processing the first packet in the
data path.
And resolves compilation failures.
Type: fix
Change-Id: I60e4060c65741a445fe02f01b3c94f627534ecef
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
|
|
Bump DPDK version to 24.11.1.
Reason behind going for 24.11.1 is that 24.11 was affected by
CVE-2024-11614 which was fixed in the point release.
Type: feature
Change-Id: Ic49a35fe7ac782679df39145e3adfd06f047b031
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
|
|
Type: improvement
Change-Id: I6162b45875566cc705917a51b3f06e1490607c8b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch updates async processing logic by adding async event
handlers separately for handshake, read and write events.
Type: improvement
Change-Id: I6366689fec7e29fa9850cb22e20ab3659bf5245a
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
|
|
All CI builds default to GCC instead of Clang
Type: fix
Fixes: ec68cec6c84e5dc9acaf7828c0118bb71fffc561
Change-Id: I63fce7feda743d05f17d0710fcf25b09674fdbfb
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Svace found a bug related to the fact that the
vcl_segment_attach_session function is passed
a pointer to a session, which is null, because of this,
when using it, a segmentation error will occur inside the function.
This issue was fixed.
Type: fix
Change-Id: Icc68ced80611bb709c9fa7868816f003373077d4
Signed-off-by: Alexey Stratulat <a.stratulat@ideco.ru>
|
|
This is an sFlow dataplane plugin that can sample
1-in-N packets from device-input, copying them to
a FIFO queue and servicing that queue from a main
process which formats them as Netlink PSAMPLEs,
to be picked up by a popular sidecar agent called
host-sflow.
Type: feature
Change-Id: Ic03456472e53309678f182dc8f74d3c81fb619e6
Signed-off-by: neil.mckee@inmon.com
Signed-off-by: pim@ipng.nl
|
|
Type: fix
With a release build, if you configure more than 55 workers, vpp
will start, but will corrupt memory as a lot of internal datastrctures
are allocated with assumption that there will be not more than
FRAME_QUEUE_MAX_NELTS threads.
Add a warning if amount of configured workers more than MAX_NELTS.
Anticipate that next commit would add a compile-time configurable
variable and name it VPP_MAX_THREADS.
Change-Id: I015f4f9aa5e8b828c7d90c90142d7a7c1ce68f97
Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
|
|
Type: fix
-When deleting a veth pair interface in linux, vpp's call to af_packet_fd_error will cause it to hang because it's a worker thread.
Change-Id: I3dc9018e7e492ccbdf0f59381f9bbbfd5c1c88a5
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Implements load balancing between snort instances via flow hash.
New CLI commands have been made to support these changes:
snort attach instance <name1>
[instance <name2> ... ] interface <ifname> [input|output|inout]
snort attach all-instances interface <ifname> [input|output|inout]
snort detach instance <name1> interface <ifname>
snort detach all-instances interface <ifname>
The output of "show snort interfaces" has an extra column to show the
direction of each attachment:
interface instances direction
Ethernet0: snort1 inout
snort2 inout
snort3 inout
Ethernet1: snort1 input
snort3 output
To maintain backwards compatibility for the snort api, the
snort_interface_get api endpoint only returns one of the attached
instances and the snort_interface_detach endpoint detaches all
attached instances.
Type: improvement
Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com>
Change-Id: I6b7c26c203496d6a1dba244620907f28c04bb478
|
|
Type: improvement
Change-Id: I8c7e6c2734258bb6b4e8e404e2c9b119ee141dd1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I60338a8c901cf5baf4974ce572f17e70116877df
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
|
|
Type: improvement
Change-Id: Iea7202cd0a79d3bed85313b2b4a6e6469a701568
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Id62308775eeeada0277c2303cf8c728db4dbfcdc
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Plugins such as http_static sometimes reject requests without reading
all of the body. http_static in that case sends an error response and
closes the connection. But the error response cannot go out due to the
connection state being HTTP_REQ_STATE_TRANSPORT_IO_MORE_DATA.
With this change, we make http_app_tx_callback give a response like
that special treatment, allowing it to go out.
Type: fix
Change-Id: I72ae74b869183f5d5921837f6ac9c52f0efc7598
Signed-off-by: Semir Sionek <ssionek@cisco.com>
|
|
- check nl socket before receiving messages
- we don't need extra callback after adding an lcp pair because we start draining messages (due to epoll) right after opening socket
Type: fix
Change-Id: I0ecb03b758f066662015fd6c6b9d3c48cb520c0d
Signed-off-by: Artem Glazychev <glazychev@mts.ru>
|
|
Type: improvement
Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Type: fix
Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Icd1ea24ba104123673f864d9bfd0f4da83982b7d
Signed-off-by: fenglei <1579628578@qq.com>
|
|
This patch adds compatibility check for OCTEON model in plugin.
Type: refactor
Change-Id: Id583a2f42b8f66f7e045f6cf9176125680e9a16f
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: feature
Change-Id: I9f3044aec29a611d4735001ff1943772b7035711
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: improvement
Change-Id: Id863f59d04d8e6f22c886e079367d06908b8b24b
Signed-off-by: Semir Sionek <ssionek@cisco.com>
|
|
For packets with invalid checksums, in src local check, do not override
errors on fast path and do not cache result.
Type: fix
Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch adapts new changes introduced in crypto framework
as part of 6676d951.
Type: fix
fixes: 6676d951
Change-Id: I7bbe8d87250e072b2891c0eedee1e14642fab4bc
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: improvement
Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch assigns tx queue to all thread and enables tx queue
sharing if needed.
Type: fix
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520
|
|
We move the VPP_PLATFORM logic from src/CMakeLists.txt to
cmake/cpu.cmake so that out-of-tree plugins can leverage it as well.
Type: improvement
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Change-Id: I767a75f45c07aed7db4034b18ab4b5c67fda06ee
|
|
GCC complains about a maybe-unitialized variable
Type: fix
Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
|
|
Type: feature
Change-Id: Ic0ff9b9bfbad9fbc602fbcec0d8906cd21d63a2c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Type: fix
Change-Id: I09497ae8d6a685324f8c7d9e0b3208a3ec465f0e
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
This patch adapts new changes introduced in crypto framework
as part of 0cf4eef7.
Type: fix
fixes: 0cf4eef7
Change-Id: I41a17c9b340f54014c9d2ae21546ec39ccef3f43
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Crypto engines have been moved into a new component,
but the component needs Debian packaging information.
Type: fix
Fixes: 0cf4eef73a4c1bd2831a4618af50939a2aab01c6
Change-Id: I041284f91be4cdb16d5a4771b518dd99571efa99
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Fast path match single compare (the last step of policy matching in spd fast path)
is only implemented for IPv4 addresses.
This change adds support to also do a single match on IPv6 addresses.
Type: fix
Change-Id: I5aeb6e1e9afccfd2b2082e26502c5b7e9a8b2d4c
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Vinayak Udandkar <vinayakx.udandkar@intel.com>
|
|
Type: fix
Change-Id: If634dac31fd54466428db0726ac441a1247985b8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: test
The sleep interval for this test is set to 0.1 seconds instead of
the default 2 seconds. This change is necessary because the test
verifies the expiration of old IPsec SAs
(self.fail("old IPsec SA not expired")) within a strict timeframe.
A longer sleep interval, such as 2 seconds, would significantly
delay the loop iterations, reducing the granularity of checks for
SA expiration and increasing the risk of false failures.
By setting the sleep interval to 0.1 seconds:
- The test can perform frequent checks for the status of IPsec SAs
- It reduces the likelihood of the test prematurely failing
Change-Id: I92ac3de0f33838620b51083d240043e62f37c490
Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
|
|
Allow vls to register cb functions with vcl pre/post mq sleep. These can
be used to drop/reacquire locks prior/after waiting on vcl mq events.
This then allows multi-thread, as opposed to multi-worker, applications
to share sessions between threads without deadlocking, e.g., multiple
threads trying to read/write/close non-blocking sessions. Caveat:
connects still need to be improved.
Type: improvement
Change-Id: I589aa9dfd0553b0fad54f02ed16c3cda9761a83d
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
The current VPP formating for floats tries to round number to the
closest value (depending on the number of requested digits), but fails
to do so when the last printed digit is 9 (because carries are hard...).
This commits fixes this by adding 0.5 * 10^n_fraction_digits
to the value and then ignoring digits past the printed ones.
Note that when the number is exactly midway, like 9.5, the value is
rounded up, as this seems to be the clib behavior as well.
Type: fix
Change-Id: I03ce04ea6a24b84eeffd548d3f7bd306c58ce36d
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Needed for an out-of-tree plugin under development
Type: improvement
Change-Id: Ie37f847607616d7f3f5de67550bef17f2afee17f
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Type: fix
Change-Id: I487ee4e69d8885f46d7a4af2c66a710da66108c5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Type: fix
Change-Id: I869e657744e9bba81994ad426731a08e5f1bcad7
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
New CLI to enable/disable auto-sdl (requires session enable rt-backend sdl)
auto-sdl <enable|disable> [threshold <n>] [remove-timeout <t>]
threshold is defined as the number of packets before the SDL entry is created to deny the source.
remove-timeout is defined as the duration to remove the SDL entry which was created earlier.
Type: feature
Change-Id: I513094a59663970beae33257006c652674643764
Signed-off-by: Steven Luong <sluong@cisco.com>
|
Matus Fabian
Kai Ji
Nithinsen Kaithakadan
Vladimir Smirnov
Damjan Marion
Varun Rapelly
Florin Coras
Alexey Stratulat
Pim van Pelt
fenglei
Agathiyan Bragadeesh
Artem Glazychev
Semir Sionek
Monendra Singh Kushwaha
Guillaume Solignac
Vratko Polak
Piotr Bronowski
Ivan Ivanets
Pierre Pfister
Dave Barach
Steven Luong