13085 Commits

Author SHA1 Message Date
Andrew Yourtchenko
f29d9f0604 wireguard: stabilize the API
As per discussion on VPP call - since the APIs are used in CSIT tests,
and there has not been changes in a while, mark them as stable from
the API change process PoV.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ia644e1dfcd9d182cc6f10089fc44397a61e8aaf6
2023-09-13 16:05:14 +00:00
Andrew Yourtchenko
a998f80cd9 crypto-sw-scheduler: stabilize the API
As per discussion on the VPP call: since the CSIT tests use these
APIs and the APIs have not changed in quite a while, stabilize the API
from the change process point of view.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Id81999d03cce37764f6ed7d4f77ef5a71fe41ad1
2023-09-13 16:04:47 +00:00
Dave Wallace
4cae8f9bee hsa: fix coverity issue CID-313635
Type: fix

Change-Id: Ieb50ab548bb34bdbb44d973037ee452d48f412ea
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 15:51:17 +00:00
Dave Wallace
7f9b690b06 api: fix vlibmemory coverity warning CID-300152
Type: fix

Change-Id: Icdebc8629946e0e7c8dde3e45ee93ff9027e7c68
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 15:50:15 +00:00
Damjan Marion
7bf8f5e484 vppinfra: add ARM Neoverse-N2 support
Type: improvement

Change-Id: Ief77ae7338667ede290aece6933bb5ae2e76ffc6
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13 15:02:43 +00:00
Damjan Marion
3d2f718e6f build: fix clang-16 build
Change-Id: I882bef6f45fd276587fb93944ff4e21dc57dbca2
Type: fix
Fixes: 1c82cd4
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13 13:41:36 +00:00
Damjan Marion
aa9177c751 idpf: make plugin default disabled until issues are fixed
Type: improvement
Change-Id: I2daa8fc338289555649135e7f0898e139807fdce
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2023-09-13 13:40:29 +00:00
Vratko Polak
c142cd115b docs: mention how to build VPP outside git
Type: docs

Change-Id: Iceee9ef489f7f68049882651bb338311295ca12d
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-13 13:37:22 +00:00
Benoît Ganne
e462e543b2 build: add vpp_plugins include directory
Type: fix

Change-Id: Iacb04846c634231854f26348cc17cc729d6e0d87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-09-13 12:21:14 +00:00
Dave Wallace
73f23a806d vppinfra: fix coverity warning CID-313632
Type: fix

Change-Id: Idc036d5967495cc2522b2a30e3acd3ec4c0cd3ff
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 12:19:40 +00:00
Vratko Polak
fee945940c vlib: deuglify the offset finding loop in pci.c
Type: style
Fixes: 054229ebbdeb3f87d96c1abf93b511c86cd6ff0f

Change-Id: I7c3080db94566af249e5082d59a4e6373c616888
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-13 12:17:53 +00:00
Tianyu Li
4585bb121b perfmon: fix perf_user_access_enabled type
perf_user_access_enabled is defined as u8,
clib_sysfs_read format type is %u, this is for unsigned int,
change type from u8 to u32.

Type: fix
Fixes: 268d7be66b8b ("perfmon: enable perfmon plugin for Arm")

Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I48ec00605e496d185370e77d894d7852d6d22124
2023-09-13 12:15:53 +00:00
Artem Glazychev
986ca97311 vppinfra: fix setns typo
Type: fix

Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ib8eb70336956bc2e8d0454f3c1f2c62ec98cb009
2023-09-13 12:15:17 +00:00
Dave Wallace
63335e4898 pci: fix coverity issue CID-322372
Type: fix

Change-Id: Iaf16bb720d76ea3ae04afb8123b7cac15771ef2b
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 12:14:18 +00:00
Xiaoming Jiang
7a72658665 ipsec: improve fast path policy searching performance
Type: improvement
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Ib8bb300f5b62648f6b634046415742bdf5365982
2023-09-12 12:42:56 +00:00
Vratko Polak
139aba2047 crypto: allow changing dispatch mode
This change aims to affect crypto_sw_scheduler behavior,
but all the edits end up in vnet/crypto.

Previous release CSIT tests were testing async crypto in polling mode.
After 9a9604b09f15691d7c4ddf29afd99a31e7e31eed introduced adaptive mode
for crypto dispatch, the CSIT performance got way worse.

Possibly, there is another VPP bug related to adaptive mode
(it should not lose as many packets as seen in CSIT),
but the next release is too close for trying to fix that.

This change (instead of fixing adaptive mode)
allows CSIT to continue testing polling mode (after explicit API call),
while keeping the adaptive mode as default behavior.

The deprecated crypto_set_async_dispatch always disable adaptive mode,
crypto_set_async_dispatch_v2 has parameter to enable or disable it.
The mode parameter is still used for the inital state of adaptive mode.

Type: feature

Change-Id: Ib98080eefb4be291207af543884f2c3837f92f59
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-12 12:42:11 +00:00
Vratko Polak
ceb64add2a crypto-sw-scheduler: improve function indentation
The checkstyle --fix command remains confused
around the def/foreach/undef usage in convert_async_crypto_id,
but at least the other functions now look correctly indented to me.

Type: style

Change-Id: Ic8f7b580267386b7a6b07d33d9ba7ae9787c0e0a
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-12 12:38:08 +00:00
Florin Coras
48cd559fb5 session: make sure rx evt flag is cleared for builtin rx
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I99631b1be6e19f0cefd1cefa82a51e6f8e9be2ac
2023-09-07 16:46:50 +00:00
Frédéric Perrin
a4157aec1c ipsec: clear L4-cksum flags when decap'ing packets
Type: fix

Signed-off-by: Frédéric Perrin <fred@fperrin.net>
Change-Id: I45191b7316c88038bcd57d62aeb07bb109cf4a4d
2023-09-07 08:07:51 +00:00
Piotr Bronowski
c143cc8967 dpdk-cryptodev: fix cache ring stats cli command
The logic for calcuating processed elements in the cache ring was broken.
In case tail and deq_tail equals and frame element pointed by the tile
is not NULL it means there is exactly one processed element in the ring.

Type: fix

Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: I69c978334fc952049393214ccc9cc5245351f7f7
2023-09-07 08:05:54 +00:00
Damjan Marion
f0fc65a4b9 build: add option to specify native -march= flag with VPP_BUILD_NATIVE_ARCH
Type: improvement
Change-Id: I98eeba1ad2f9ed0531a7c615e0e70e535f24f813
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-06 18:57:54 +00:00
Vladislav Grishenko
579a6fb89b nat: improve nat44-ed outside address distribution
Use client address hash to pick the first outside address
instead of just address high octet, becasue it may denegerate
into stable 10/172/192, depending on nat address count.

Fix outside address distribution test to acually test the
distribution, not the algo, so previous distribution will
fail with 65 nat addresses and 100 clients:

FAIL: Outside address distribution based on source address
Traceback (most recent call last):
  File ".../test/test_nat44_ed.py", line 2048, in test_outside_address_distribution
    msg="Bad outside address distribution")
AssertionError: 156.25 not less than 0.33 : Bad outside address distribution

Type: improvement
Change-Id: I604b1294422f20d211db5614c47559557a78a193
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06 16:44:15 +00:00
Mohsin Kazmi
a181eaa59b virtio: add support for tx-queue-size
Type: improvement

DBGvpp# set loggin class virtio level debug
DBGvpp# create int virtio 0000:00:03.0 tx-queue-size 1024

show virtio pci
```
  Virtqueue (TX) 1
    qsz 1024, last_used_idx 0, desc_next 0, desc_in_use 0
    avail.flags 0x1 avail.idx 0 used.flags 0x0 used.idx 0
```

show logging
```
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, default-size 256
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, new size 1024
```

Change-Id: Ib1a3ebe742b3a6c9fe72bd1c5accfe07682cbdd1
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2023-09-06 12:13:45 +00:00
Ole Troan
56b8abc07f ip: punt add punt socket support for icmp6
Punt support for ICMP6 messages allows for an external IPv6 RA advertisement agent.

Type: feature
Change-Id: I0cc928b747ac1f8335ee9f7c42a3231424825dbc
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-06 10:48:18 +00:00
Vladislav Grishenko
e7c57c45aa api: fix mp-safe mark for some messages and add more
Several api messages were not mp-safe although marked as such
because non-zero base id was not taken into account, and therefore
some other (from zero base id) were falsely mp-safe instead.

Keep messages as mp-safe, as they falsely were before:
    10   get_first_msg_id                              0       1
    12   api_versions                                  0       1

Messages that are no longer mp-safe as they weren't marked:
    15   sockclnt_create                               0       1
    33   proxy_arp_intfc_dump                          0       1

Fix messages to be really mp-safe:
    809  bridge_domain_dump                            0       1
    920  ip_route_add_del                              0       1
    921  ip_route_add_del_v2                           0       1
    1362 get_node_graph                                0       1
    1671 create_vhost_user_if                          0       1
    1675 create_vhost_user_if_v2                       0       1

Additionally mark messages as mp-safe, seems they need no barrier:
    1360 show_threads                                  0       1
    1370 show_version                                  0       1
    1372 show_vpe_system_time                          0       1

Type: fix
Change-Id: Ie6c1e3aa89f26bf51bfbcb7e7c4d9fee885487b7
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06 08:34:33 +00:00
Sylvain Cadilhac
db8c285081 vapi: fix verification for reply message
Type: fix
Byte swapping should be done before verifying message otherwise the message length will be wrongly computed.

Change-Id: I90b2f60bd33e5362e0edd5ee425f6a6f07886f1e
Signed-off-by: Sylvain Cadilhac <sylvain.cadilhac@freepro.com>
2023-09-06 08:23:55 +00:00
Filip Tehlar
109f3ce4eb hs-test: point gdb to vpp source files
Type: test

Change-Id: Ie5867737e5d49fd45cc15b690af3493263fb2f6f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-09-05 15:55:55 +00:00
Filip Tehlar
3b770881b9 hs-test: verbose output on single test run
Type: test

Change-Id: I12ae7db36a6f7f9758fd195088877dfcd5606f84
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-09-05 15:58:28 +02:00
Ole Troan
9587d39993 npt66: make plugin default disabled
Plugin is still in experimental state. No reason why it needs
to be default enabled.

Type: fix
Change-Id: Ibf1810215d4c8079a068bfc60aa7dd49306ee4e4
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-05 08:47:08 +02:00
Filip Tehlar
4b3598e39a hs-test: log external apps
Type: test

Change-Id: Id2b0d408bd46f20b81422506f9db4eb655feddac
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-09-04 20:56:14 +00:00
Filip Tehlar
a6b1a7d809 hs-test: fix gdb attach
Type: test

Change-Id: Ic48ca7a3aab47df50d4e38e6123c90140c944172
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-09-04 20:55:56 +00:00
Florin Coras
931a32876a udp: buffer packets for connections in accepting state
Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6e313000bccce749b813f20a52432154bfd494ed
2023-09-04 18:33:41 +00:00
Ole Troan
8af78b8e36 arping: api to return responder mac address
The new arping_acd call includes the responders mac address in the reply.
Enabling a client doing address conflict detection to identify if it
is itself that is replying or that it is another host uses the IP
address.

Type: feature
Change-Id: Ia4bab2af1086f06ed71ba42e2e07368d4e330a27
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-04 17:05:48 +00:00
Ole Troan
34850e0187 npt66: checksum applied to src address instead of dst address on rx
Applied the checksum delta to the source address instead of the destination address
in the RX direction.

Cleaned up tests a little.

Type: fix
Change-Id: I871f3448365587e5319dfbca6ea356935321ff9b
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-04 15:14:46 +00:00
Maxime Peim
77812045e7 tracenode: filtering feature
In order to be able to filter on encapsulated packet, a new node
has been added to the ip4/6-unicast arcs.

Type: feature
Change-Id: I1e8ee05bc6d0fce20cadd8319c81bab260c17d21
Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-09-04 07:57:44 +00:00
Florin Coras
2ceb818f8e session: fix allocation of proxy fifos
Fifos need to be synchronously allocated once a transport like tcp
accepts a session. Since events are now delivered asynchronously,
proxy apps must explicitly register a cb function that manages
fifo allocation prior to being notified of connect event.

Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7df973b7014e53e0766ea2bdc61e9871160bc18b
2023-09-04 00:08:40 +00:00
Maxime Peim
23d13c071e map: test fix feature disabling
Upon test teardown, MAP features were not disabled, potentially
leading packets to be treated by the wrong node.

Type: test
Change-Id: I0c1c614318d1308f825c5cc0bf95688e92f6d00a
Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-09-01 08:43:23 +00:00
Florin Coras
da652cc466 vcl: set min threshold for tx ntf
Make sure there's at least 3% space in the tx fifo before notifying vcl
of a tx event. The threshold is somewhat arbibrary but for a 4M fifo, it
now means that ~120kB of space should be available.

Should help minimize the amount of tx notifications generated by
session layer when apps are faster.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I11dd0931dca8f989000a2481f1f495bd267589c4
2023-09-01 02:31:42 +00:00
Andrew Yourtchenko
f234b0d462 fateshare: a plugin for managing child processes
For the reasons of modularity and security, it is useful
to have various functionality split into processes different from VPP.
However, this approach presents the challenges of managing those processes,
and is markedly different from simply running everything within VPP process.

This plugin is an experiment in having the VPP itself start off a monitor
process which in turn starts the child processes, and restarts them if they
quit.

If the VPP process ceases to exist, the monitor process terminates all
the descendant processes and quits itself.

This allows to preserve the "single entity to manage" approach of
simply running a barebones VPP.

An example of running it:

export DPDK_CONFIG=""
export DISABLED_PLUGINS=dpdk
export EXTRA_VPP_CONFIG="fateshare { monitor ./build-root/install-vpp_debug-native/vpp/bin/vpp_fateshare_monitor command ./test1 }"
make run

Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I66221fd7403f220d9652fe76958ca499cfd070a7
Type: feature
2023-08-31 09:50:00 +00:00
Florin Coras
1765f014bc session: fix compilation when SESSION_DEBUG is on
Wrap SESSION_EVT in do loop to avoid complaints about if statement
having no arguments which can happen if debugging for groups is not
enabled.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I35af179b806ed47a1e20816a19291c31fdb7566a
2023-08-31 01:05:15 +00:00
Pim van Pelt
8d61c59c3f mpls: add mpls_interface_dump
Add an API call mpls_interface_dump() which returns a list of mpls_interface_details:
- If no sw_if_index is given, all MPLS enabled sw_if_index are returned.
- If a particular sw_if_index is given, and it doesn't exist, an empty list is returned.
- If a sw_if_index exists and has MPLS enabled, a list of that one sw_if_index is returned.

Tested:
- Create 3 loopback interfaces
- Call for ~0 and for sw_if_index 0..5 all return empty lists
- set int mpls loop0 enable
- set int mpls loop1 enable
- Call for ~0 returns 2, and the call for sw_if_index=1 and =2 (the loopbacks) returns
  each a list of one sw_if_index 1 resp 2, the other values of sw_if_index return empty list
- set int mpls loop0 disable
- Call for ~0 returns 1, and the call for sw_if_index=2 (loop1) returns both a list of one
  sw_if_index=2, the other values of sw_if_index return empty list
- set int mpls loop1 disable
- Call for ~0 and for sw_if_index 0..5 all return empty lists

Example Python3 API program:
```
api_response = vpp.api.mpls_interface_dump()
print(f"Response is {api_response}")

for i in [ 0, 1, 2, 3, 4, 5 ]:
  api_response = vpp.api.mpls_interface_dump(sw_if_index=i)
  print(f"Response[{i}] = {api_response}")
```

Type: improvement
Change-Id: If87f7d7f8972d99260e859757dbcb251c6fa54a8
Signed-off-by: Pim van Pelt <pim@ipng.nl>
2023-08-29 12:42:13 +00:00
Florin Coras
7e43005d4d perftool: fix delsvec use of _vec_len
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iab80e009d8717f759edb8133beaa55ed05e57bd5
2023-08-26 13:14:46 -07:00
Wei Li
d7c94ce18e nat: nat44-ed bug fix
fix lb static mapping
"nat44_ed_sm_o2i_add" laddr and lport

Type: fix

Signed-off-by: Wei Li <realbaseball2008@gmail.com>
Change-Id: I249a00919e8154d92cbce03f6db196c13612948f
2023-08-26 13:46:26 +00:00
Wei Li
942e78aa98 nat: nat44-ed cli bug fix
lport and eport in Cli "nat44 add load-balancing static mapping" should hton()

Type: fix

Signed-off-by: Wei Li <realbaseball2008@gmail.com>
Change-Id: I2eadb7e341efb70cc406e10b3b189e5ebff09ff4
2023-08-26 13:45:55 +00:00
Benoît Ganne
19c22a42c2 cnat: fix cnat_endpoint_encode
Type: fix

Change-Id: I4ab713811626c097c7927228f3819b7785bbb951
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-08-25 15:32:03 +02:00
Ole Troan
6ee3aa41c3 npt66: network prefix translation for ipv6
This is the initial commit of a NPTv6 (RFC6296) implementation for VPP.
It's restricted to a single internal to external binding and runs
as an output/input feature on the egress interface.

Type: feature
Change-Id: I0e3497af97f1ebd99377b84dbf599ecea935ca24
Signed-off-by: Ole Troan <otroan@employees.org>
2023-08-25 09:15:32 +02:00
spencercoder
ecb62d2e5d build: support linuxmint OS
Support compiling in Linux Mint OS

Type: improvement

Change-Id: I08721227352b00127fe0acac67269775997fd974
Signed-off-by: spencercoder <xiexiaosong@ruijie.com.cn>
2023-08-22 15:44:10 +00:00
Piotr Bronowski
feda2ff640 dpdk-cryptodev: fix coverity issues
This patch addresses coverity issues CID 322716 and CID 322717.

Type: fix
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: I59d6f40c1af8e829d8cb3c042a52e144aeaf1e6b
2023-08-22 15:42:49 +00:00
Vratko Polak
6d4b3fd19c l2: fix prefetch
This is a clone of Gerrit 35419.
(It is abandoned and I am not the owner so I cannot reopen.)

Ticket: CSIT-1816
Type: fix
Fixes: 5e0ea09d96010e99a7ce0d2f3370f0de50c46c83

Change-Id: I2265cf38a9ce3155460a1025821c2749afca0add
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-08-22 11:52:22 +00:00
Julian Klaiber
e3ce81e56a sr: SRv6 Path Tracing midpoint processing performance improvement
Moved the kernel call for the timestamp outside of the inner loop to improve the batch proccessing, and minimizing the kernel calls.

Type: improvement

Change-Id: I0245c223fc8a178724bb8c5df2b98083be046c26
Signed-off-by: Julian Klaiber <julian@klaiber.me>
2023-08-21 13:03:07 +00:00