For AES-CBC, the IV must be unpredictable (see NIST SP800-38a Appendix
C). Chaining IVs like is done by ipsecmb and native backends for the
VNET_CRYPTO_OP_FLAG_INIT_IV is fully predictable.
Encrypt a counter as part of the message, making the (predictable)
counter-generated IV unpredictable.
Fixes: VPP-2037
Type: fix
Change-Id: If4f192d62bf97dda553e7573331c75efa11822ae
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Some vhost-backend calculates the wrong checksum in
case of tcp/udp offload when driver resets tcp/udp
checksum field to '0'.
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I3c45df487f00d7e3d949b4efb32d7f7e01d1108b
While cherry-picking: Fix extras/scripts/check_commit_msg so it accepts '_' characters in
feature names.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibb380eecca76ed9c00ed14c167dfcf576f943db0
(cherry picked from commit 0f4e3c22ed5951e0a68e6b40fda1ac63ab5e3c3e)
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Copy only exactly the data provided by the user even when it is not a
4-bytes multiple.
Type: fix
Change-Id: I2ef987c37e58523a38b46b09227529db2c26aa55
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit c79a14f13a0db6f59123e0e6b0b71d4f24433b01)
In pppoe_cp_node.c, node->errors[error0] was accessed without
node->errors being initialized.
Found with AFL + ASAN.
Type: fix
Signed-off-by: TimotheeChauvin <timchauv@cisco.com>
Change-Id: Ide8a60021b2d47b5e2fce7062d8f12c7f4d225f7
(cherry picked from commit 2887159a1a5f5c501c2df59bf88e6faa38e9699f)
In case of vector, we must check length before trying to access element.
Also fix wrong DPDK plugin workaround.
Type: fix
Change-Id: I2ecef1c88ebef2362f48cab0d462699aa43cd4b9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 1bd6f61820c6c15534ebb04a4b070ba84bf08a9d)
For some reason clang does not support &((struct foo*)0)->field in
static assertion contrary to gcc.
Use offsetof() macro implementation provided by both compilers instead.
Type: fix
Change-Id: I3311cdd29c5861e45dc0ef92f2bbd66242ca73b8
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 5e60c17f49082b7731778e81b58177177a31b58f)
Previously there's a format_ip4_address in format_ip6...
This patch fixes this typo
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ice124db6594720ed35a992d069341f399c331e1d
(cherry picked from commit e30f9c5c6342a0f2430848ec4166b75596642964)
unformat_ip6_mask wasn't accounting for customized field names
when deciding if it managed to parse at least one field.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I26cab4c6828b510e277079628af5115ac43af3ff
(cherry picked from commit 126c88544103d3775252f741398111875f6a62d7)
Based on the comments in the struct, udp_encap_t_ is meant to span 2
cachelines. Due to the 64 bit alignment of dpo_id_t, the struct spanned
3 cachelines. This caused fetching ue_ip_proto to trigger an additional
cache miss. This patch rearranges the ordering of the struct fields
so that udp_encap_t_ only spans 2 cachelines as intended.
before:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$8 = 128
after:
(gdb) print (int)&((struct udp_encap_t_*)0)->cacheline1
$1 = 64
Type: fix
Signed-off-by: Vadym Martsynovskyy <vmartsyn@fb.com>
Change-Id: I066c08654d4a8ef3e2d3954e957d4c5d382b209f
(cherry picked from commit 42386fc974148f812ef3eb73ff09a603caa23565)
Prevent overflow if input network prefix is too small and crash on
packet #1 due to vector not being allocated/initialized.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I3494cc62ce889df48cc59cc9340b5dd70338c3a8
(cherry picked from commit f3d7bd9d4d652b1c4b687267acdb9fdb908a74bd)
If the id is invalid we cannot check whether we must free the message or
not, free it anyway.
Type: fix
Change-Id: Ie4426f601390d1e5e14c739f670e8c1e6e3aaf1e
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit ff13e46215ab96df988310b4a20eddefad92de99)
When recycling a graph node vnet_register_interface, it is missing an
explicit call to vlib_worker_thread_node_runtime_update(). However,
there is an implicit call to vlib_worker_thread_node_runtime_update()
via vnet_sw_interface_set_flags_helper() if it enables a new feature on
the interface for the first time. But that implicit call is not
guaranteed. For example, if an interface is created, deleted, and
created, then it may skip the implicit call to
vlib_worker_thread_node_runtime_update(). When that happens, the graph
nodes on thread 0 are not sync'ed to the worker threads. So the worker
thread's graph nodes are out of sync momentarily with the main thread's
graph nodes until some other event happens which calls for a sync is
needed. During this window, the worker thread's graph node is
vulnerable and may experience a crash.
When deleting a graph node, we never trigger a sync to the worker
thread. A patch was committed 3 years ago via
https://gerrit.fd.io/r/c/vpp/+/7523 to fix a show run crash. In
hindsight, the approach taken by 7523 is not orthogonal. While at it,
let's fix it right for both issues with a call to
vlib_worker_thread_node_runtime_update() in the appropriate place and
remove 7523.
Type: fix
Ticket: VPPSUPP-86
Fixes: gerrit 7523 / 19e9d954bd9eb4f04d48640d6540198e84ef65d7
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic9472bd2d3a212dbfeceb526506ed0400983a142
(cherry picked from commit 1eae8ecb7acc7d80d5c08e300295bec94bf78f0b)
Add dpo_pool_barrier_sync/release, use them to clean up
thread-unsafe pool expansion cases.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I09299124a25f8d541e3bb4b75375568990e9b911
(cherry picked from commit 26d890eb4b1ab19fea4d2d02bfc6dc89d2c1b771)
adj_alloc (...) is not thread safe when the adj pool or combined
counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I55710de6ecc083b7434e11798659cca9250c9131
(cherry picked from commit c2d2228e928b7c69dc88e9c3b7502966d0e32d8d)
load_balance_alloc_i(...) is not thread safe when the
load_balance_pool or combined counter vectors expand.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I7f295ed77350d1df0434d5ff461eedafe79131de
(cherry picked from commit 8341f76fd1cd4351961cd8161cfed2814fc55103)
Use %U and unformat_udp_port instead of %u for unformat() call for
u16 collector_port number in set_ipfix_exporter_command_fn() to
avoid corruption of other variables which can happen if unformat()
with %u is used with a 16-bit variable. This avoids crash due to
corrupted fib_index value.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: Id54273fcc458a7f9c5aa4025aa91711f160c1c1a
(cherry picked from commit 2dca180db989ea7afacdf4e70cc85e4408557382)
Change in snat_ipfix_header_create() to use thread-specific
vlib_main_t *vm pointer to avoid problems with different threads
accessing the same vlib_main_t data structure. This avoids
assertion failure when vlib_time_now() is called with a vm
corresponding to a different thread.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I2096c1debb5688d3b97e5ed9a0ea78d94053d8b7
(cherry picked from commit 5556813fb63d28240a17ccf18f947e60c4cbb263)
Type: fix
when the interpose is on an adj-fib and the cover is removed the adj
source will not install. this lead to no path list being found for the
interpose source and a crash. pick a drop path list in this case.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ied217da043926c913657080f5ffb151201225d23
(cherry picked from commit 1bf6df4ff9c83bac1fc329a4b5c4d7061f13720a)
