Introduce a GitHub Action to auto close PRs submitted via GitHub
Will add a helpful comment to point folks towards gerrit.
Type: feature
Signed-off-by: Ed Warnicke <hagbard@gmail.com>
Change-Id: I3c4a2590d4e38edd1061e65e800cfdb124c43866
Immediate benefit is ability to use hugepage backed memory.
Type: improvement
Change-Id: Ibcae961aa09ea92d3e931a40bedbc6346a4b2039
Signed-off-by: Damjan Marion <damarion@cisco.com>
When dNAT-ing to a VIP, it can happen
that the return session conflicts with
another forward session than the one
we own.
This patchs adds a rsession_flags
CNAT_SESSION_RETRY_SNAT that makes cnat_session_create
search for a free src port to use for the
resulting return session.
It also makes forward & return session
share their fate in the session scanner.
Type: fix
Change-Id: Id0edf59abf8e5bc0c0d8941ba289c4563c77dee0
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
Type: fix
Calling vnet_hw_if_register_tx_queue should
be done with the worker barrier held, as
virtio-pre-input might be grabbing a queue
while a memif connect event is triggered.
Change-Id: Ie1272cdfd2477faf7a4e10f30778279872f04916
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
There is no need to verify the checksum for packets that have the IP
checksum offload flag set. This uses the same logic as
ip4_ttl_and_checksum_check.
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: I177b07212a992362a4c965c074dcecf1e504c593
Checking for existence of source address on interface prevents creating
session before assigning address to said interface. Removing this check
allows more flexibility when configuring BFD feature.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: Ia57960e29b5dbdb758a7a64193c28f21482f229e
On the forst vector alloc values are stored into header.
Later, when vector grows values from header are used istead of provided
ones.
In the debug image code will assert if same values are not provided.
Type: improvement
Change-Id: I8fdcfa495e9c1df0f6392c90f634e8c74b73b328
Signed-off-by: Damjan Marion <damarion@cisco.com>
Add missing translation of ICMP inner IP layer.
Change responsible test so that it actually tests something.
Type: fix
Fixes: 4881cb4c6f
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: Id3a6f12a7308d81b1cdf9815f857221fab2f24d9
For some unknown reason sometimes calling exec() ends up on weak
exec() defined in src/vat/api_format.c which return -1 instead of using
one few lines above.
Another proof that use of weak symbols is bad idea.
Luckily this can be easily workarounded.
Type: fix
Change-Id: Ic84e8525bff75c1b8186c233cd524aac4d95c8b5
Signed-off-by: Damjan Marion <damarion@cisco.com>
Update persist timer if data sent during snd_wnd < snd_mss was acked.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I5c75ff8ddc0e49750b2088237d32afa4eda99e7f
In order to support the requirement of RSS and packet steering of new
protocols, such as GTPU PDU-type and QFI, for 5G UPF, a generic pattern
is introduced in vnet flow. The generic flow pattern is based on DDP
(Dynamic Device Personalization) function and Parser Library module in
DPDK. Using generic flow pattern, we do not need to create new packet
and field type and offset in API parser for every new protocols. We can
create flows for any protocol immediately as long as supported by DDP.
The generic flow can be used to support 5G related protocols in
different scenarios.
The input of this generic pattern are two binary strings for spec and
mask. Spec is the binary presentation of the target packet type, and
mask is used to mark the target fields.
In this patch DPDK plugins is enabled for POC. Next step we will enable
generic flow in native IAVF, which is the main target.
Here is an example. If we want to create a flow for GTPU QFI,
spec is:
00000000000100000000000208004500003C00000000001100000101010102020202000
008680028000034FF001C00000000000000850100010045000014000000000000000001
01010102020202
mask is:
00000000000000000000000000000000000000000000000000000000000000000000000
000000000000000000000000000000000000000007F0000000000000000000000000000
00000000000000
A naming API POC is created via VAPI to help create the rule with
the target packet format similar to Scapy. It is based on a function
module called PacketForge. In this way, the user no need to create
binary string spec and mask by themselves.
Type: feature
Signed-off-by: Ting Xu <ting.xu@intel.com>
Change-Id: Id3444f95c158bdcdfeeee19d795cd9ecbeeec07c
The index i was incremented in the wrong place, and the check on the
presence of a next buffer in the chain was actually done for the
next desc_status rather than the current one.
Type: fix
Signed-off-by: Mauro Sardara <msardara@cisco.com>
Change-Id: I74a64a34fea497900b7969cd96e1aeeb570a1bba
Rename vec_capacity to vec_mem_size as it returned the size of the
underlying memory allocation not the number of bytes that can be used
for vector elements.
Add new vec_max_elts macro that returns number of elements that can fit
into generic vector.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2e53a2bfa6e56a89af62d6ddc073ead58b8c49bb
Type: improvement
Add a patch to the DPDK 21.11 build to enable the PCI device ID for the
I226-V.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I82ff4b70e6b6e0ba0803519943190a564e85d2ac
With DPDK plugin, VPP does the DMA page map in IOMMU, only when
DPDK supported ethernet devices are present. As a result, Mellanox NIC
and QAT combo doesn't work. As part of this fix, DPDK supported
crypto device check is added to do the DMA page map.
Type: fix
Signed-off-by: mgovind <govindarajan.mohandoss@arm.com>
Change-Id: I02de4588c5b021e0c9c62612137f28ed8784bea6
Fixes a minor issue that causes printing an error message when there is no error.
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I59f5c6af7c5aeae3e812b4cf0c75a47894bb8bbd
Type: improvement
This patch improves the per dpdk-input loop number of packets
received from the port. The change mimics how packets rx happened
before VPP 22.02/DPDK 21.11: instead of trying to rx huge number
of packets (256) in one go, rx more times with up to 32 packets
max each time.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: I804dce6d9121ab21b02e53dd0328dc52ac49d80f
Thanks to Ben McKeegan <ben@netservers.co.uk> for the report.
Type: fix
Change-Id: I8170dda572c326b6b1823fd330dbd5e961fdad74
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Type: improvement
When `make install-ext-deps` is called, it creates a debian changelog
file and use `git describe` to fill project version. On downstream
consumers it's possible to have different tags that makes it to end up
using an invalid version on changelog and breaking the installation
process.
Restrict tags to be considered by git-describe to match 'v[0-9]*'
pattern to get it fixed.
Signed-off-by: Renato Botelho do Couto <renato@netgate.com>
Change-Id: Ieabd7b42ac33735ec4d484bed9039ff20c9872f2
The tlsmbedtls plugin should only be built if mbedtls libraries are
present.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I24364177d24ea744f24f808f492be08adff3690b
This fixes a crash caused by client closing socket before adding worker.
During detach vpp tries to delete worker based on invalid worker index.
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I3242bcbb116ef5fd1d4c449f5bcf907e4e2f8f30
Several test cases re-use the same test class name,
which leads to test error when do parrallel test with TEST_JOBS=16,
change the test class names to unique values.
Type: fix
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: Iefc01d40a25ebd60533baf3a2dc98a537437e8e9
Type: fix
The l2unfragmentable size is not included in the calculation of 'max', the maximum amount of data that can be added to a fragment, therefore the fragments created are too big.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Id1e949ad98203b6f8ea2f55322ef6fa3d507e2a6
The same test for v22.02 was already merged: https://gerrit.fd.io/r/c/vpp/+/35390
Type: improvement
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: I214f6fb5b63d97ca4afe3b10fd2d3e3410b5a6e4
Deadly combination is clib_{set,long}jmp + lazy linking + tail call compiler
optimization. On the first call to clib_setjmp, dynamic linker executes loader
code which then calls clib_setjmp, so stored stack position contains dynamic
loader data. Tail call optimization simply jumps back to the calling
code when clib_longjump is called and that results in wrong return
address used from the stack.
Change-Id: Ia7d8dbd5b2c425cdd0449374aa07ab6b684a330e
Type: fix
Signed-off-by: Damjan Marion <damarion@cisco.com>
As per IPSec RFC4301 [1], any non-matching packets should be dropped by
default. This is handled correctly in ipsec_output.c, however in
ipsec_input.c non-matching packets are allowed to pass as per a matched
BYPASS rule.
For full details, see:
https://lists.fd.io/g/vpp-dev/topic/ipsec_input_output_default/84943480
It appears the ipsec6_input_node only matches PROTECT policies. Until
this is extended to handle BYPASS + DISCARD, we may wish to not drop
by default here, since all IPv6 traffic not matching a PROTECT policy
will be dropped.
[1]: https://datatracker.ietf.org/doc/html/rfc4301
Type: fix
Signed-off-by: Zachary Leaf <zachary.leaf@arm.com>
Change-Id: Iddbfd008dbe082486d1928f6a10ffbd83d859a20
While setting an ACL, a user can specify the adjacency to follow after
the input ACL node. Thus, we may skip a lookup and enter directly a
local node (ex: ip4_local). To prevent the local source check from
failing, we need to specify the fib index. And, we have to do it just
before exiting the input ACL node because the l2_classify object
is overlapping with the fib_index in the vnet_buffer_opaque_t struct.
We could have added a padding to avoid this overlap but there is no
place for that in the structure.
Type: fix
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Change-Id: I383c36e4aec08d181f966f28565aefed950d2a74
Type: feature
This patch bumps ipsecmb library version from 1.1 to 1.2
Signed-off-by: Marcel Cornu <marcel.d.cornu@intel.com>
Change-Id: I181e43c711fe530296c037d59b53fe3c5f2719ea
