aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2025-01-23http_static: introduce max-body-size parameterSemir Sionek5-8/+187
Introduce the max-body-size parameter to put a limit on how big of a POST request can the static server take (and how big of a memory allocation that causes). Type: improvement Change-Id: I93cdeaf38dabe2850665e92bedbaa0545c375214 Signed-off-by: Semir Sionek <ssionek@cisco.com>
2025-01-23http: move header serialization to http transportMatus Fabian12-272/+289
Apps called http_serialize_headers, which creates plain text buffer, this is now hidden in http transport layer and apps pass headers in generic form, so they can be encoded based on http version. Type: improvement Change-Id: Ie4fa0516cd3406d60f956751c8ee7ab40e633fa4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-23sflow: Update build rulesPim van Pelt6-4/+32
1) we rely on Netlink PSAMPLE and USERSOCK make sure we have headers 2) sflow plugin is not available on FreeBSD, due to Netlink features 3) preprocessor flag SFLOW_USE_VAPI controls whether the sflow plugin will attempt to contact the linux-cp plugin using the binary VAPI. It has to be a preprocessor flag so it can suppress the "#include" statements that define that linux-cp api, because those include files will be missing if linux-cp is excluded from the build. The "excluded_plugins" list can be used with: make VPP_EXCLUDED_PLUGINS=linux-cp build build-release Type: fix Fixes: e40f8a90bb0c39986c198fca8ad9b0b3c1658401 Change-Id: If44929d285d27db7862910ecb4ec11ddd4591fd2 Signed-off-by: pim@ipng.nl
2025-01-22svm: improve ooo try collectFlorin Coras1-12/+5
Use modular arithmetic just like the other ooo functions. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie39bb928634fe0956339feafb41667ec9cafeee2
2025-01-22session: cleanup io event functionsFlorin Coras11-35/+38
Program session events using session handles instead of fifos. Type: improvement Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-22session svm: track session indices in private structFlorin Coras17-46/+77
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f
2025-01-22http: case-insensitive header table searchMatus Fabian5-45/+315
header names are case-insensitive, see RFC9110 section 5.1 Type: improvement Change-Id: Ic5ef5615397537ba48fc56b18c882fa838c54751 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-22crypto-native: add fixed tag and aad size opsDamjan Marion2-11/+55
Type: improvement Change-Id: I6bbb48c999859899e2f82c65cbfd015dc1ad584c Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-22snort: validate sw_if_index in attach/detach api handlersDave Wallace1-9/+22
- fixes crash in vpp-debug-verify-master-ubuntu2204-x86_64 CI job in test_snort_06_detach_if testcase - fix similar logic in attach handler - verify snort direction in attach api message - add tests verifying attribute validation in attach testcase Type: fix Fixes: 102575492c9199259aa5e468f21b46936d7a1ac4 Change-Id: I96fbeb0a7b84f2f238df15b20476ed4086251471 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2025-01-21http: target parsing improvementMatus Fabian11-498/+575
Make it http version neutral, since h2 and h3 use 3 pseudo-headers. Added scheme, target_authority_offset and target_authority_len to http_msg_data_t, target_form removed. Http transport now validate if correct form of request target is received, so now we are also able to receive requests with absolute-form target in server apps like http_static. As bonus, unformat is not longer used to parse IP addresses. Type: improvement Change-Id: I369f77e2639c43cc1244d91f883c526eb88af63e Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-21dpdk: enable VLAN offload configuration for the iavf PMD driverKai Ji1-0/+1
Sets the program_vlans = 1 flag, enabling the DPDK sub-interface function to configure VLAN offload settings on Intel iavf/i40e Ethernet devices from VPP. Type: improvement Change-Id: I030af0c93b13cf80772982b243861f9c303f7e09 Signed-off-by: Kai Ji <kai.ji@intel.com>
2025-01-21crypto: add async algo macros for ctr sha2Nithinsen Kaithakadan3-2/+41
Add async crypto algo macros for AES_CTR SHA256/384/512. Add support for these in dev octeon plugin. Type: feature Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com> Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
2025-01-21octeon: add direct mode changes in crypto datapathNithinsen Kaithakadan2-48/+269
This patch introduces support for direct mode crypto submission on CPT. For multi-segmented buffers, scatter-gather submission mode will be utilized. Type: feature Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com> Change-Id: Idb99e6c9ea49028e11d3bf530c9559719c988252
2025-01-21octeon: rework octeon crypto frameworkNithinsen Kaithakadan2-61/+60
Added changes in the pending queue structure to incorporate each packet into a single inflight request entry. Type: improvement Change-Id: I18729e01b5f73b128ae245a1a8f77a4f97065026 Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
2025-01-21octeon: fix for async crypto session initNithinsen Kaithakadan2-10/+16
This patch resolves segmentation fault that occurs during the initialization of an asynchronous crypto session when processing the first packet in the data path. And resolves compilation failures. Type: fix Change-Id: I60e4060c65741a445fe02f01b3c94f627534ecef Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
2025-01-21dpdk: bump to DPDK 24.11.1Vladimir Smirnov5-13/+37
Bump DPDK version to 24.11.1. Reason behind going for 24.11.1 is that 24.11 was affected by CVE-2024-11614 which was fixed in the point release. Type: feature Change-Id: Ic49a35fe7ac782679df39145e3adfd06f047b031 Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
2025-01-21crypto-openssl: fixed tag and aad lengths for chacha-polyDamjan Marion1-1/+7
Type: improvement Change-Id: I6162b45875566cc705917a51b3f06e1490607c8b Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-20tls: async event handling enhancementVarun Rapelly3-599/+345
This patch updates async processing logic by adding async event handlers separately for handshake, read and write events. Type: improvement Change-Id: I6366689fec7e29fa9850cb22e20ab3659bf5245a Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
2025-01-20build: fix compiler orderingFlorin Coras1-0/+6
All CI builds default to GCC instead of Clang Type: fix Fixes: ec68cec6c84e5dc9acaf7828c0118bb71fffc561 Change-Id: I63fce7feda743d05f17d0710fcf25b09674fdbfb Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-20vcl: segfault correction in vcl_session_connected_handlerAlexey Stratulat1-1/+1
Svace found a bug related to the fact that the vcl_segment_attach_session function is passed a pointer to a session, which is null, because of this, when using it, a segmentation error will occur inside the function. This issue was fixed. Type: fix Change-Id: Icc68ced80611bb709c9fa7868816f003373077d4 Signed-off-by: Alexey Stratulat <a.stratulat@ideco.ru>
2025-01-20sflow: initial checkinPim van Pelt16-0/+3562
This is an sFlow dataplane plugin that can sample 1-in-N packets from device-input, copying them to a FIFO queue and servicing that queue from a main process which formats them as Netlink PSAMPLEs, to be picked up by a popular sidecar agent called host-sflow. Type: feature Change-Id: Ic03456472e53309678f182dc8f74d3c81fb619e6 Signed-off-by: neil.mckee@inmon.com Signed-off-by: pim@ipng.nl
2025-01-20vlib: fail in runtime if workers > neltsVladimir Smirnov1-0/+5
Type: fix With a release build, if you configure more than 55 workers, vpp will start, but will corrupt memory as a lot of internal datastrctures are allocated with assumption that there will be not more than FRAME_QUEUE_MAX_NELTS threads. Add a warning if amount of configured workers more than MAX_NELTS. Anticipate that next commit would add a compile-time configurable variable and name it VPP_MAX_THREADS. Change-Id: I015f4f9aa5e8b828c7d90c90142d7a7c1ce68f97 Signed-off-by: Vladimir Smirnov <civil.over@gmail.com>
2025-01-20af_packet: worker thread call vlib_log coredumpfenglei1-3/+14
Type: fix -When deleting a veth pair interface in linux, vpp's call to af_packet_fd_error will cause it to hang because it's a worker thread. Change-Id: I3dc9018e7e492ccbdf0f59381f9bbbfd5c1c88a5 Signed-off-by: fenglei <1579628578@qq.com>
2025-01-17snort: support multiple instances per interfaceAgathiyan Bragadeesh5-153/+531
Implements load balancing between snort instances via flow hash. New CLI commands have been made to support these changes: snort attach instance <name1> [instance <name2> ... ] interface <ifname> [input|output|inout] snort attach all-instances interface <ifname> [input|output|inout] snort detach instance <name1> interface <ifname> snort detach all-instances interface <ifname> The output of "show snort interfaces" has an extra column to show the direction of each attachment: interface instances direction Ethernet0: snort1 inout snort2 inout snort3 inout Ethernet1: snort1 input snort3 output To maintain backwards compatibility for the snort api, the snort_interface_get api endpoint only returns one of the attached instances and the snort_interface_detach endpoint detaches all attached instances. Type: improvement Signed-off-by: Agathiyan Bragadeesh <agathiyan.bragadeesh2@arm.com> Change-Id: I6b7c26c203496d6a1dba244620907f28c04bb478
2025-01-17crypto-ipsecmb: fixed tag and aad lengths for chacha-polyDamjan Marion1-18/+73
Type: improvement Change-Id: I8c7e6c2734258bb6b4e8e404e2c9b119ee141dd1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-17linux-cp: add the drain backArtem Glazychev1-0/+10
Type: fix Change-Id: I60338a8c901cf5baf4974ce572f17e70116877df Signed-off-by: Artem Glazychev <glazychev@mts.ru>
2025-01-17crypto-openssl: add fixed tag and aad size opsDamjan Marion1-43/+69
Type: improvement Change-Id: Iea7202cd0a79d3bed85313b2b4a6e6469a701568 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-17crypto-ipsecmb: add fixed tag and aad size opsDamjan Marion1-148/+138
Type: improvement Change-Id: Id62308775eeeada0277c2303cf8c728db4dbfcdc Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-16http: fix sending error responses to rejected requests by server appsSemir Sionek1-7/+18
Plugins such as http_static sometimes reject requests without reading all of the body. http_static in that case sends an error response and closes the connection. But the error response cannot go out due to the connection state being HTTP_REQ_STATE_TRANSPORT_IO_MORE_DATA. With this change, we make http_app_tx_callback give a response like that special treatment, allowing it to go out. Type: fix Change-Id: I72ae74b869183f5d5921837f6ac9c52f0efc7598 Signed-off-by: Semir Sionek <ssionek@cisco.com>
2025-01-16linux-cp: fix segfault while receiving nl messagesArtem Glazychev1-11/+2
- check nl socket before receiving messages - we don't need extra callback after adding an lcp pair because we start draining messages (due to epoll) right after opening socket Type: fix Change-Id: I0ecb03b758f066662015fd6c6b9d3c48cb520c0d Signed-off-by: Artem Glazychev <glazychev@mts.ru>
2025-01-16crypto: combine sync and async algos and opsDamjan Marion16-810/+440
Type: improvement Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-16ipsec: make algo data constantDamjan Marion4-162/+193
Type: improvement Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-16arp: fix command resolve and config filed exist differfenglei1-1/+2
Type: fix Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462 Signed-off-by: fenglei <1579628578@qq.com>
2025-01-16ipsec: don't add crypto key if cipher is NONEDamjan Marion1-6/+10
Type: fix Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-15tcp: export sdl header file for out-of-tree pluginsFlorin Coras1-0/+1
Type: fix Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-15pg: fix tr to tracefenglei12-13/+13
Type: fix Change-Id: Icd1ea24ba104123673f864d9bfd0f4da83982b7d Signed-off-by: fenglei <1579628578@qq.com>
2025-01-15octeon: add compatibility checkMonendra Singh Kushwaha1-0/+9
This patch adds compatibility check for OCTEON model in plugin. Type: refactor Change-Id: Id583a2f42b8f66f7e045f6cf9176125680e9a16f Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2025-01-15octeon: update octeon roc versionMonendra Singh Kushwaha1-4/+5
Type: feature Change-Id: I9f3044aec29a611d4735001ff1943772b7035711 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2025-01-14http_static: read body only for POST requestsSemir Sionek1-2/+2
Type: improvement Change-Id: Id863f59d04d8e6f22c886e079367d06908b8b24b Signed-off-by: Semir Sionek <ssionek@cisco.com>
2025-01-13ip: fix local csum checkFlorin Coras1-5/+12
For packets with invalid checksums, in src local check, do not override errors on fast path and do not cache result. Type: fix Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-13crypto: remove AEAD opt typesDamjan Marion3-218/+185
Type: improvement Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-12octeon: fix octeon build issueMonendra Singh Kushwaha1-4/+3
This patch adapts new changes introduced in crypto framework as part of 6676d951. Type: fix fixes: 6676d951 Change-Id: I7bbe8d87250e072b2891c0eedee1e14642fab4bc Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2025-01-10crypto: key storage improvementsDamjan Marion9-49/+62
Type: improvement Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-10dev: assign tx queue to all threadsMonendra Singh Kushwaha1-5/+9
This patch assigns tx queue to all thread and enables tx queue sharing if needed. Type: fix Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com> Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520
2025-01-09build: expose VPP_PLATFORM to out-of-tree pluginsGuillaume Solignac3-21/+35
We move the VPP_PLATFORM logic from src/CMakeLists.txt to cmake/cpu.cmake so that out-of-tree plugins can leverage it as well. Type: improvement Signed-off-by: Guillaume Solignac <gsoligna@cisco.com> Change-Id: I767a75f45c07aed7db4034b18ab4b5c67fda06ee
2025-01-09sr: fix aarch64 build issueGuillaume Solignac1-0/+1
GCC complains about a maybe-unitialized variable Type: fix Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5 Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
2025-01-09hsa: proxying UDP in HTTP/1.1Matus Fabian9-149/+545
Type: feature Change-Id: Ic0ff9b9bfbad9fbc602fbcec0d8906cd21d63a2c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-08vlib: update input node counts based on stateMonendra Singh Kushwaha1-0/+7
Type: fix Change-Id: I09497ae8d6a685324f8c7d9e0b3208a3ec465f0e Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2025-01-08octeon: fix compilation for octeonMonendra Singh Kushwaha2-5/+4
This patch adapts new changes introduced in crypto framework as part of 0cf4eef7. Type: fix fixes: 0cf4eef7 Change-Id: I41a17c9b340f54014c9d2ae21546ec39ccef3f43 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2025-01-08build: add vpp-crypto-engines to debian/control.inVratko Polak1-0/+8
Crypto engines have been moved into a new component, but the component needs Debian packaging information. Type: fix Fixes: 0cf4eef73a4c1bd2831a4618af50939a2aab01c6 Change-Id: I041284f91be4cdb16d5a4771b518dd99571efa99 Signed-off-by: Vratko Polak <vrpolak@cisco.com>