aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2022-04-01nat: VRF routing & FIB improvementsFilip Varga8-281/+727
This patch affects how destination fib is choosen during session creation. Default behavior of choosing fib based on output interfaces is kept. Configuration gives you the ability to change default behavior to direct or restrict traffic between different FIB tables. NAT specific VRF routing options: a) keeping communication in the same VRF b) option to add multiple destination VRFs c) option to control the resolution order of destination VRFs TX FIB resolution is based on looking up RX FIB entry in NATs VRF table and picking the first FIB that resolves destination address. Ticket: VPP-2009 Type: improvement Change-Id: If500c48d7ce3466533ad9581c0847870788fc4fb Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01nat: nat44-ed cleanup & fixesFilip Varga7-1303/+645
Set deprecated option on unsupported API calls. Cleaned up API calls with deprecated option. Removed in progress option from long term used API calls. Removed obsolete/unused nodes, functions, variables. Fixed set frame queue nelts function. Calling API would incorrectly not fail even though frame queue nelts can only be set before first call nat44_plugin_enable. Moved all formatting functions to _format.c file. Type: refactor Change-Id: I3ca16e0568f8d7eee3a27c3620ca36164833a7e4 Signed-off-by: Filip Varga <fivarga@cisco.com>
2022-04-01tls: enable host verification by hostnamesatna1-3/+40
Type: improvement Signed-off-by: satna <satbeervarma9596@gmail.com> Change-Id: I1b1db60fa1a0e47fce273bc07b01887813fd3c48
2022-03-31vppinfra: vectors with non-default heapDamjan Marion7-75/+213
Type: improvement Change-Id: Ic675ad4edbf27b7230fc2a77f00c90c46d6350c3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-31vlib: add support for workers syncFlorin Coras3-38/+66
Adds api that allows workers to synchronize through main thread. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1e75e2fb5144d397d19b13c4dfc7e937f11c044c
2022-03-31stats: use vlib_stats_validate in collectorDamjan Marion1-28/+5
Type: refactor Change-Id: Ib2bf9f11209eb310b289b3202b2beeccc3637df0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-31stats: convert error counters to normal countersDamjan Marion13-271/+101
Change-Id: I9794da718805b40cc922e4f3cf316255398029a9 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>
2022-03-31session: fix coverity warningFlorin Coras1-0/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6ddb172d7b4f0ba06b0117d71853a22702a3466b
2022-03-31vcl: fix api detach if attach failedFlorin Coras2-1/+12
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idd1df83bb01951c2455b23c08e3cc1fcd9b91064
2022-03-31crypto: drop the frame if there is no handlerDastin Wilski1-0/+6
If async engines are disbaled and async is turned on vpp tries to enqueue frame with nonexisting handler which leads to segfault. This patch checks for handler and drops the frame in case it doesn't exist. Type: fix Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com> Change-Id: I67211867ee29dc41cc9f0733e8e0b3ea86677f85
2022-03-30tls: support to reinitialise ca_chain wo restartSaravanan Murugesan5-25/+64
Type: improvement Signed-off-by: Saravanan Murugesan <sarmurug@cisco.com> Change-Id: I90e90678ae6586019cc842f9d504d53991cfabe4
2022-03-30ip: Reference count the enabling the punt featureNeale Ranns2-4/+14
Type: fix otherwise punt features are applied multiple times to the same packet if enabled multiple times Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If0cbd9065275f68a10fd6d35e4f7a7c7508245e0
2022-03-30vppinfra: vector allocator reworkDamjan Marion25-981/+873
- support of in-place growth of vectors (if there is available space next to existing alloc) - drops the need for alloc_aligned_at_offset from memory allocator, which allows easier swap to different memory allocator and reduces malloc overhead - rework of pool and vec macros to inline functions to improve debuggability - fix alignment - in many cases macros were not using native alignment of the particular datatype. Explicitly setting alignment with XXX_aligned() versions of the macro is not needed anymore in > 99% of cases - fix ASAN usage - avoid use of vector of voids, this was root cause of several bugs found in vec_* and pool_* function where sizeof() was used on voids instead of real vector data type - introduce minimal alignment which is currently 8 bytes, vectors will be always aligned at least to that value (underlay allocator actually always provide 16-byte aligned allocs) Type: improvement Change-Id: I20f4b081bb13bbf7bc0ace85cc4e301787f12fdf Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-30udp: fix inner packet checksum calculation in udp-encapMauro Sardara6-64/+137
When computing the inner packet checksum, the code wrongly assumes that the IP version of the inner packet is the same of the outer one. On the contrary, it is perfectly possible to encapsulate v6 packets into v4 and viceversa, so we need to check the IP format of the inner header before calling vnet_calc_checksums_inline. Ticket: VPP-2020 Type: fix Signed-off-by: Mauro Sardara <msardara@cisco.com> Change-Id: Ia4515563c164f6dd5096832c831a48cb0a29b3ad Signed-off-by: Mauro Sardara <msardara@cisco.com>
2022-03-29hsa: refactor echo clientsFlorin Coras2-318/+319
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I30cc31c438d357d48576fba84e54809455960eaa
2022-03-29tls: Support for client certificate-key pairsarmurug1-0/+50
Type: improvement Signed-off-by: sarmurug <sarmurug@cisco.com> Change-Id: Ibbfe827b9c4c603a6fe7cc49970a46bd683194ce
2022-03-29vlib: fix unaligned runtime_dataDmitry Valter1-0/+2
Align runtime_data to 8 bytes to avoid alignment issues with any pointers in runtime_data located structures. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: I9cb1b73595e654a4b15c45f87b43fa6cfbcb6e51
2022-03-29dpdk: make log pipe non-blocking on both sidesDamjan Marion1-1/+2
Type: fix Change-Id: I857403b9d93ee4c17f2dd5ac8e6dafd66260a252 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-29linux-cp: fix tap interface attrs in case the sw pool realloc'dVladislav Grishenko1-18/+16
Creating tap interface / sub interface causes allocation of a new software interface with possible sw interface pool reallocation. In such case accessing L3 MTU and interface flags by obsolete sw pointer is UAF. Instead, keep desired tap interface MTU value before sw intreface creation and refetch sw pointer right before sw flags inheritance. Type: fix Fixes: b89c1ddcb3b4f9138ca3ebefb2115f896ff3e1bd Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: I21ea46d146d11060bb9bedc77377ab17ae9e22e8
2022-03-29vnet: set frame overhead at interface registrationMatthew Smith1-2/+2
Type: fix Fixes: 1cd0e5dd533f In vnet_eth_register_interface(), max frame size was being used where frame overhead was intended. Change-Id: I6e6de25e2d616caaf35730ab3d15235ec679ebdd Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2022-03-29crypto-openssl: fix seed calculationDamjan Marion1-1/+1
Type: fix Fixes: 91f17dc Change-Id: I860b6d5d5e9cf47d84fde0a2c92be43125038694 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-29linux-cp: handle ipv4 routes when link goes down on subifAlexander Chernavin1-17/+43
Type: improvement Currently, the plugin can monitor link state changes on hardware interfaces for which a linux-cp pair exists. When the link goes down on one of the hardware interfaces, the plugin processes IPv4 routes that resolve through that interface according to the configurations: del-static-on-link-down and del-dynamic-on-link-down. The problem is that link state changes are not signaled for subinterfaces and the code that handles IPv4 routes is not triggered. When the link on a hardware interface goes down, it implies that subinterfaces added to that interface also will have the link in the down state. With this change, when the link goes down on a hardware interface, iterate over subinterfaces added to the interface and apply the same logic of routes processing as for hardware interfaces. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I97337d2e328437c73f2d99a00737768778f197a1
2022-03-29linux-cp: add support for table flush if multiple interfacesAlexander Chernavin1-15/+39
Type: improvement lcp_router_table_flush() is used to remove routes from the given route table if they are resolved through the given interface with specified FIB source. Currently, if you need to remove routes from a route table that are resolved through one of the interfaces from a vector, the function has to be executed for every interface from the vector. Every execution walks the route table again. With this change, lcp_router_table_flush() accepts a vector of interfaces. Thus, the function can walk a single route table once and delete routes that resolve through one of the interfaces from the vector. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I6d99384064d279dea24bb4dc1790a1af943be41c
2022-03-29perfmon: fix order in cmakelists.txtRay Kinsella1-8/+8
Fix ordering in CMakeLists.txt Type: refactor Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I8e71e4fbc048a80c4b250c2a66cfd8a522bde5f4
2022-03-29perfmon: fix non-NULL terminated C-stringBenoît Ganne1-1/+1
format() expects a NULL-terminated C-string as format string. Type: fix Change-Id: Ib428cf2debbf98850eed512907175f8ae8ba3c04 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-03-28linux-cp: Fix API responsePim van Pelt1-5/+7
* Correct endianness issue * lip_namespace is a vector not a string * Provide null termination to avoid unpack() failures in the client Responses in the python API now look like: lcp_itf_pair_details(_0=328, context=3, phy_sw_if_index=1, host_sw_if_index=3, vif_index=19, host_if_name='ice0', host_if_type=<vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP: 0>, namespace='dataplane') lcp_itf_pair_details(_0=328, context=3, phy_sw_if_index=2, host_sw_if_index=4, vif_index=20, host_if_name='ice1', host_if_type=<vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP: 0>, namespace='dataplane') lcp_itf_pair_details(_0=328, context=3, phy_sw_if_index=5, host_sw_if_index=6, vif_index=21, host_if_name='ice0.1234', host_if_type=<vl_api_lcp_itf_host_type_t.LCP_API_ITF_HOST_TAP: 0>, namespace='dataplane') Type: fix Signed-off-by: Pim van Pelt <pim@ipng.nl> Change-Id: If4bf06a8b70977676ec7f5b1413cee6cc9d1714a
2022-03-28crypto-native: avoid overflow load on dataDamjan Marion1-1/+4
Type: improvement Change-Id: I5317afa02fa1525a7d8df595b56eb6546ccded57 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-28vlib: use pthread_attr_setstack() to set thread stackDamjan Marion1-12/+26
Type: improvement Change-Id: I4c7f2f63651df4362ce1e0e36d885fedf55595c6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-28vppinfra: avoid mem overflow in hash_memory()Damjan Marion3-209/+29
Change-Id: Ic81aafd5f378de06e5ea8cdd6a59e07ff1a7afca Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-28ip: add barrier sync, ip4_ply_pool expand caseVladislav Grishenko1-2/+14
ply_create() is not thread safe when the ip4_ply_pool expands. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Ie11cc8b1ba587d5e9239a60f4e288492da61368e
2022-03-27linux-cp: fix name formattingDmitry Valter1-1/+1
Format host interface name as vector rather than c-string. Otherwise non-null-terminated vector overrun triggers ASAN. Type: fix Fixes: 1705a6baefe205bb6792b547c7376eee3f328a71 Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: Ib204e57ee17c7ed3bfeb568dcdd834d7d7519102
2022-03-26session: simplify safe pool reallocFlorin Coras1-62/+42
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1c55c054fea6c6886d8287a9b6e264a308f89504
2022-03-25hsa: echo client connects as rpcFlorin Coras2-31/+36
Do connects in an session layer rpc instead of doing cli process sleeps. Performance with 4 workers goes from ~120k/180k first run/warmed up to ~135k/240k Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id184913e9898f8db099e29a605f3a9b1fc67be63
2022-03-25crypto-native: avoid mem overflow when loading IVDamjan Marion1-11/+13
Type: improvement Change-Id: I946d91e67c332ecac0b09d50980529b9d4e74f9c Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-25vppinfra: add vec128_t, vec256_t and vec512_t typesDamjan Marion1-19/+41
Convenient for type conversion Type: improvement Change-Id: I35a770e06e6318fb4249b70021ed6f6c93b07162 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-25l2: avoid overflow read of mac addressDamjan Marion1-23/+3
Type: improvement Change-Id: I99d2c69ede39b3ba5604e1811ce12209c47f5caf Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-25linux-cp: handle ipv4 routes when link goes downAlexander Chernavin5-0/+163
Type: improvement Currently, when the link goes down on an interface, routes that resolve through that interface and created with Nexthop API are removed by the kernel. However, IPv4 routes remain in the FIB because the kernel doesn't send any notifications about that. And for the plugin working with user-space applications that create routes in the kernel using Nexthop API there should be a mechanism to synchronize the FIB and the kernel in this case. With this change, add two new startup configuration options to the plugin to be able to control what should happen with static and dynamic routes managed by the plugin on link down: - del-static-on-link-down (disabled by default, delete routes created with the linux-cp static FIB source on link down), - del-dynamic-on-link-down (disabled by default, delete routes created with the linux-cp dynamic FIB source on link down). Then, monitor link state changes on interfaces for which a linux-cp pair exists. If the link goes down on one of the interfaces, process routes that resolve through that interface according to the new configurations. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I0fbaeeca3f3d1fcd22e8eebb08a0a4a3d0dfe5b8
2022-03-25build: print compiler versionDamjan Marion1-1/+1
Type: make Change-Id: I1bad5f84797a1bfeb41420f408540604d461f440 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-25fib: fix ip6-ll fib selection for non-ethernet interfacesVladislav Grishenko2-7/+37
Fixes case when packet to link-local address is received over gre/mpls or other non-ethernet interface and ip6-ll fib for it is undefined. If by a chance ip6-ll fib index is valid, packet will be passed to some ip6 fib with possibilities to be sent out over unrelated interface or be looped again into ip6-link-local dpo till oom and crash. Type: fix Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru> Change-Id: Ie985f0373ea45e2926db7fb0a1ff951eca0e38f6
2022-03-25devices: fix high vector rate per dispatchMohsin Kazmi3-13/+44
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ibd23648483b38696271154237e81081480bb16e0
2022-03-25session: reorganize local port allocationFlorin Coras1-29/+24
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5bbf8d584efdec57908c61f8626bcc81590401b3
2022-03-24bfd: use local error index when incrementing node countersPaul Atkins1-4/+4
When incrementing node counters with vlib_node_increment_counter the local error index should be passed in. vlib_node_increment_counter adds the local index to the nodes base index to get the counter to write to. If we pass in the global counter index, the offset gets added again in the fn, and we then potentially write into memory that is not part of the counter vector. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I43be33a51bcb52d520495d326b971c1d848d96b5
2022-03-24session: safe reallocs for transport endpoint poolFlorin Coras1-11/+25
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6c86d0691bd0594d8b2c05d83d004be1aa8c5e21
2022-03-24ip: The check for 'same packet' must include the FIB indexNeale Ranns1-2/+11
Type: fix otherwise if two packets arrive with the same source address but from different VRFs, then they are treated as the same and they use the same LB and thus share the same fate. but the lookup, when done, results in two different LBs, and hence the fate can be different. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Id6e16f7c577a561d9ddd7066339fa4385361d07f
2022-03-24ip6-nd: stop sending RA by defaultAlexander Chernavin1-3/+0
Type: improvement Currently, RA message sending is enabled by default - both periodic and in response to RS message. However, RFC 4861 section 6.2.1 says the following: Note that AdvSendAdvertisements MUST be FALSE by default so that a node will not accidentally start acting as a router unless it is explicitly configured by system management to send Router Advertisements. With this change, RA message sending is disabled by default and "test_ip6.TestIPv6.test_rs" updated appropriately. Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I2a8865199cb665c59268504aefe2976e5ee96dc2
2022-03-24mpls: Set the MTU field in the frag-needed ICMP when doing MPLS fragmentationNeale Ranns1-4/+3
Type: fix The reported MTU should include the MPLS label overhead Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I3df6d2e0b13f49701e187a766a157498dcaafbc0
2022-03-24crypto-native: fix index in VAES aes-cbc encryptBenoît Ganne1-3/+3
Type: fix Change-Id: Id7ae0d4c53cbca3785964f0bef92e9cd589d4ce9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-03-24build: set OS_ID_LIKE on to be OS_ID on Debian properAndrew Yourtchenko1-0/+5
OS_ID_LIKE from /etc/os-release is used to determine the type of packaging. On Debian it ends up being empty, so the "ninja package" does not work for out of tree plugin builds. Solution: if OS_ID_LIKE is not set, set it to OS_ID Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I077d4fdb509ea94b187d11391b1f49edb94c4e30 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2022-03-24dpdk: enable int mode for virtioPaul Atkins1-0/+1
The way of specifying which interface supports what has changed. Re-add support for adaptive mode in virtio. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I2f8ffa6311a4081b93fb08a7e92408b8bffbae64
2022-03-24fib: Fix crash when removing a covering prefixNeale Ranns3-10/+18
Type: fix When a covering entry is removed from the table, the covered entries first see it 'updated' and then 'removed'. the crash occurs because the covered prefixes share (simple pointer copy) the covereds hash table of path extensions. During the cervers deletion this hash table has been removed and the update of the covered crashes when recaluationg forwarding becuase it uses the free'd hash. Fix is to refetch the shared hash table (which is NULL) when the covered is updated. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Icefca9d7b21da975111d0e974d75f663fc0cc00c