aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
9 dayssession: improve chained buffer enqueueFlorin Coras1-50/+58
Type: improvement Change-Id: I86497255cd2a73e37ae9be61dcce3a27199c552f Signed-off-by: Florin Coras <fcoras@cisco.com>
9 daystcp: improve exception checks for established connectionsFlorin Coras1-18/+39
Separate exception state checks, e.g., no connection or closed, from segment validation. Segments with no ack, rst, syn flag should not be received in established node. Still, leave the check in for now. Type: improvement Change-Id: I7ceb01d7133f3a571e18721b6e51ff79f533f8cb Signed-off-by: Florin Coras <fcoras@cisco.com>
10 daysipsec: better pack outbound SA runtime dataDamjan Marion1-5/+5
Type: improvement Change-Id: I9a0437dcfaf5e6930bb7fa057866ea36e7ca328f Signed-off-by: Damjan Marion <damarion@cisco.com>
10 daysipsec: keep inbound seq as u64Damjan Marion5-50/+46
Type: improvement Change-Id: I03f0b6137db6780f2c2935df90e98acf4bd471f9 Signed-off-by: Damjan Marion <damarion@cisco.com>
10 daysipsec: combine huge and normal anti-replay-window handlingDamjan Marion5-244/+120
Type: improvement Change-Id: Idfbaf56e3b56e77c8deaca9d3e41f7a78d8c4e0b Signed-off-by: Damjan Marion <damarion@cisco.com>
10 daysipsec: embed anti-replay bitmap in the runtime dataDamjan Marion3-65/+50
Type: improvement Change-Id: I753917c6d7e30b8d5e3291b85a7532a455ebc2bb Signed-off-by: Damjan Marion <damarion@cisco.com>
10 daysipsec: store anti_replay_window_size in runtime dataDamjan Marion4-55/+31
Type: improvement Change-Id: I0626af365855ad5301419e72e9430a47a5d0e5d7 Signed-off-by: Damjan Marion <damarion@cisco.com>
10 daysvppinfra: add few uword_bitmap_* functionsDamjan Marion1-0/+35
Change-Id: I592668a385489d0eaccd9e7693121ff25090e353 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
10 dayssession: make sure we cannot pass wrong IO event typeBenoît Ganne1-23/+36
GCC 11 complains about potential cast from u32 to session_t. Type: fix Change-Id: Id777e339c40e0ea3c3c8b2b0800acf7cd7a4ced3 Signed-off-by: Benoît Ganne <bganne@cisco.com>
11 daystcp: rename worker ctx to just wrkFlorin Coras7-28/+21
Align with session layer (also less typing in gdb ..) Type: refactor Change-Id: I1455a1aa3e3bad7b53fe638a678774b88b9969b9 Signed-off-by: Florin Coras <fcoras@cisco.com>
11 dayssession: move io inlines to header fileFlorin Coras2-334/+325
Make sure compiler can optimize out constants. Type: improvement Change-Id: I3982d4b2cf1e0e08e31a0836fd64fab82564a7d6 Signed-off-by: Florin Coras <fcoras@cisco.com>
11 daysvrrp: force sleeps between timer eventsMatthew Smith1-1/+13
Adding a virtual MAC to some NICs can take a significant amount of time. If a lot of VRs enter the master state around the same time, the process node can stay active for a very long time processing all of the transitions. Try to force a 10 us sleep between processing events to ensure that the process node does not prevent API messages and RPCs from being handled for an extended period. Type: improvement Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I400a7d395b4c0fec371f70d359e9d184ae79645e
12 dayshttp: modularization in preparation for h2 and h3Matus Fabian6-2143/+2733
Prepare code to handle multiple http versions and move http/1 specific code into http1.c Type: improvement Change-Id: I1f2c958dadb7721b305c65b2da7c2943695ad740 Signed-off-by: Matus Fabian <matfabia@cisco.com>
12 dayshsa: http client parallel sessionsAdrian Villin1-144/+304
- client is now able to use multiple workers to send requests (sometimes it uses multiple sessions on a single worker) Type: feature Change-Id: I2d83d47a9768011b3d8d05ed320852606841e4b8 Signed-off-by: Adrian Villin <avillin@cisco.com>
13 daysbuild: replace __FUNCTION__ with C11 __func__Damjan Marion10-27/+25
Type: improvement Change-Id: I6cf7aaf42e8c0738d5b677fa66c99f071c1526bb Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-07session: do not match listeners when looking for lcl portFlorin Coras3-5/+73
Also optimize lookup to avoid session rules table matching. Type: fix Change-Id: I5b62c870edd9f7486e7de1417816fffa30d03a3e Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-06qos: fix qos record cliFilip Tehlar1-1/+1
Type: fix Change-Id: Ic3d4bbb4df8be6ef109f0af17744b35abc240ba2 Signed-off-by: Filip Tehlar <filip.tehlar@gmail.com>
2025-02-05http: confirm postponed connection closeMatus Fabian1-1/+4
Type: fix Change-Id: I43a221ac2be9bbea885116c12d1991cf4477fae8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-02-05l2: fix segment faultfenglei1-1/+4
if feature_bitmap is zero, it will make feat_bitmap_get_next_node_index function generate segment fault Type: fix Change-Id: I6a9c0b29d927e600537e9e43ad696d09c091f9b1 Signed-off-by: fenglei <1579628578@qq.com>
2025-02-05cnat: fix interface map type unformatBenoît Ganne1-2/+3
C enum is not guaranteed to be 8-bit (and in general it is not, it's 32-bits by default in GCC for example). Type: fix Change-Id: I6a10f85991ae1903fb9f4aeebfcfdf5315200903 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2025-02-03http: buf_fifo_get_segs minor fixMatus Fabian1-1/+1
validate segs vector to (_n_segs - 1) Type: fix Change-Id: I721cc438e4c9610760a1f40b6355834bbd389b20 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-02-03crypto: remove barrier on key addSemir Sionek3-52/+49
Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com> Change-Id: I9eab8a3c2580711c8635f7ba8bca3b27316aa665
2025-02-03ipsec: fix ipsec_sa_v5_detailsMaxime Peim1-2/+6
Re-add the anti-replay window size in the SA dump API and add tests. Type: fix Change-Id: Iacecdf5df796a0a6353491f8160c878751c6039b Signed-off-by: Maxime Peim <mpeim@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com>
2025-02-03ipsec: export ipsec_funcs headerMaxime Peim1-0/+1
Type: fix Change-Id: I78904edd5f38e22821af779e15ab1c0da2294ce8 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2025-01-31http: http_app_tx_callback check if conn closedMatus Fabian1-0/+7
Type: fix Change-Id: Ic7b9819226742b0f1153ec2794ae80556c49dad2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-31ipsec: store outbound seq as u64Damjan Marion7-67/+35
Type: improvement Change-Id: Id7717de00558ab90dbd312a58becd58d008397ea Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-30vpp_config: leave kernel.shmmax alone by defaultBenoît Ganne1-1/+3
Linux default settings are enough, and modifying them can break other applications. Type: improvement Change-Id: I773b730802bae78b0f33ca3ff31d9ee2ffa82f89 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2025-01-30hsa: http connect proxy fixMatus Fabian1-1/+2
Type: fix Change-Id: I4fb493c98ed6d59d10fad0e5ef73b6f80f6b232e Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-30ipsec: add SA inbound and outbound runtime dataDamjan Marion17-677/+916
Type: improvement Change-Id: I0f949b67fb5b65fa1a79ffb7777d654693f0de6a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-29http: conn state consistency with other transportsFlorin Coras1-6/+6
Maintain transport state formatting consistency, i.e., upper case states. If we revisit, we should revisit all transports. Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I143e13aa5e8525bb276db9b4ec0e0baa153d1b44
2025-01-29sflow: replace VAPI with DLAPIPim van Pelt9-345/+75
Remove the requirement to coordinate between linux-cp and sflow at build time via cmake. Also, remove 350 lines of awkward thread-forking VAPI code. Replace it with a dynamically retrieved function from the linux-cp plugin, called lcp_itf_pair_get_vif_index_by_phy(). Remove build inhibit based on Netlink headers, and only inhibit the build for FreeBSD. This plugin can now run regardless of Linux CP being built or loaded, and then return VPP ifIndex numbers instead. Also, fix a flaky test where non-ephemeral source ports throw off packet captures. Type: improvement Change-Id: I5486742fa0e343e382630a22672a05fe3dcf7836 Signed-off-by: neil.mckee@inmon.com Signed-off-by: pim@ipng.nl
2025-01-28vpp_config: leave vm.max_map_count alone by defaultDave Barach1-2/+7
Do not set vm.max_map_count to 3096 by default. That value is an order of magnitude smaller than current distro defaults, and causes seemingly "random" severe application failures; known to occur when running Brave, Firefox, and VirtualBox to name but a few. Type: fix Change-Id: Ibe7518d92c3be9a4704972c9d504777776f924dc Signed-off-by: Dave Barach <dave@barachs.net>
2025-01-27armada: fix DSA packet grouping issue on rxDamjan Marion1-0/+1
Type: fix Change-Id: I9a56267f6e016827971744c932aa5da36c92c8f0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-24session: make local port allocator fib awareFlorin Coras4-30/+36
Allocate ports per fib. Type: improvement Change-Id: I9e1f113602485bfb09f71092eee58b9a433daa6a Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-23vcl: fix sigchld handler recursionFlorin Coras1-9/+18
Observed with hst redis test and ubuntu 24.04 Type: fix Change-Id: I22b28af5ca26498250c31edeb3db224a2e12e19d Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-23session: validate new app worker on update reqestFlorin Coras1-0/+2
Type: fix Change-Id: Id9cec0c802024c1df0ac06a0f8833379a782e9de Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-23http_static: introduce max-body-size parameterSemir Sionek5-8/+187
Introduce the max-body-size parameter to put a limit on how big of a POST request can the static server take (and how big of a memory allocation that causes). Type: improvement Change-Id: I93cdeaf38dabe2850665e92bedbaa0545c375214 Signed-off-by: Semir Sionek <ssionek@cisco.com>
2025-01-23http: move header serialization to http transportMatus Fabian12-272/+289
Apps called http_serialize_headers, which creates plain text buffer, this is now hidden in http transport layer and apps pass headers in generic form, so they can be encoded based on http version. Type: improvement Change-Id: Ie4fa0516cd3406d60f956751c8ee7ab40e633fa4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-23sflow: Update build rulesPim van Pelt6-4/+32
1) we rely on Netlink PSAMPLE and USERSOCK make sure we have headers 2) sflow plugin is not available on FreeBSD, due to Netlink features 3) preprocessor flag SFLOW_USE_VAPI controls whether the sflow plugin will attempt to contact the linux-cp plugin using the binary VAPI. It has to be a preprocessor flag so it can suppress the "#include" statements that define that linux-cp api, because those include files will be missing if linux-cp is excluded from the build. The "excluded_plugins" list can be used with: make VPP_EXCLUDED_PLUGINS=linux-cp build build-release Type: fix Fixes: e40f8a90bb0c39986c198fca8ad9b0b3c1658401 Change-Id: If44929d285d27db7862910ecb4ec11ddd4591fd2 Signed-off-by: pim@ipng.nl
2025-01-22svm: improve ooo try collectFlorin Coras1-12/+5
Use modular arithmetic just like the other ooo functions. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie39bb928634fe0956339feafb41667ec9cafeee2
2025-01-22session: cleanup io event functionsFlorin Coras11-35/+38
Program session events using session handles instead of fifos. Type: improvement Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-22session svm: track session indices in private structFlorin Coras17-46/+77
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f
2025-01-22http: case-insensitive header table searchMatus Fabian5-45/+315
header names are case-insensitive, see RFC9110 section 5.1 Type: improvement Change-Id: Ic5ef5615397537ba48fc56b18c882fa838c54751 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-22crypto-native: add fixed tag and aad size opsDamjan Marion2-11/+55
Type: improvement Change-Id: I6bbb48c999859899e2f82c65cbfd015dc1ad584c Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-22snort: validate sw_if_index in attach/detach api handlersDave Wallace1-9/+22
- fixes crash in vpp-debug-verify-master-ubuntu2204-x86_64 CI job in test_snort_06_detach_if testcase - fix similar logic in attach handler - verify snort direction in attach api message - add tests verifying attribute validation in attach testcase Type: fix Fixes: 102575492c9199259aa5e468f21b46936d7a1ac4 Change-Id: I96fbeb0a7b84f2f238df15b20476ed4086251471 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2025-01-21http: target parsing improvementMatus Fabian11-498/+575
Make it http version neutral, since h2 and h3 use 3 pseudo-headers. Added scheme, target_authority_offset and target_authority_len to http_msg_data_t, target_form removed. Http transport now validate if correct form of request target is received, so now we are also able to receive requests with absolute-form target in server apps like http_static. As bonus, unformat is not longer used to parse IP addresses. Type: improvement Change-Id: I369f77e2639c43cc1244d91f883c526eb88af63e Signed-off-by: Matus Fabian <matfabia@cisco.com>
2025-01-21dpdk: enable VLAN offload configuration for the iavf PMD driverKai Ji1-0/+1
Sets the program_vlans = 1 flag, enabling the DPDK sub-interface function to configure VLAN offload settings on Intel iavf/i40e Ethernet devices from VPP. Type: improvement Change-Id: I030af0c93b13cf80772982b243861f9c303f7e09 Signed-off-by: Kai Ji <kai.ji@intel.com>
2025-01-21crypto: add async algo macros for ctr sha2Nithinsen Kaithakadan3-2/+41
Add async crypto algo macros for AES_CTR SHA256/384/512. Add support for these in dev octeon plugin. Type: feature Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com> Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
2025-01-21octeon: add direct mode changes in crypto datapathNithinsen Kaithakadan2-48/+269
This patch introduces support for direct mode crypto submission on CPT. For multi-segmented buffers, scatter-gather submission mode will be utilized. Type: feature Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com> Change-Id: Idb99e6c9ea49028e11d3bf530c9559719c988252
2025-01-21octeon: rework octeon crypto frameworkNithinsen Kaithakadan2-61/+60
Added changes in the pending queue structure to incorporate each packet into a single inflight request entry. Type: improvement Change-Id: I18729e01b5f73b128ae245a1a8f77a4f97065026 Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>