Commit Graph

5831 Commits

Author SHA1 Message Date
Damjan Marion
34e823ff9d ip6-local: fix uninitialized variable error
Change-Id: I245a8cc8f237242efadcf10d47b76222a6497e89
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-19 10:58:10 +00:00
Neale Ranns
7752cb6f0d VOM: no assert on interface mac set
Change-Id: I0210b18dc37e1a425c75c95a2fb98c6a48d8ea7a
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-19 10:36:13 +00:00
Damjan Marion
cffbfc52b0 avf: fix feature arc
Change-Id: Ib7d8e8e2e4663daa1307e676c53f7ef8b91e60e6
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-19 10:08:08 +00:00
Florin Coras
df57ea0a3e tls: fix openssl/mbedtls use of app_wrk index
Change-Id: I7ccc948357d815a1bd4279a7079cf4db2949183c
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-18 20:43:29 -08:00
Florin Coras
a27a46eaeb session: move fifo allocation logic to app worker
Change-Id: I1662ec4b5503cb64a8a86a2441842311d959b3a6
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-18 19:06:39 -08:00
Neale Ranns
25cfb775e3 NAT: fix: multiple definition of nat64_cleaner_process_event_e
Change-Id: Idcff6108f4f965344afce9ff614018239819dc95
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-18 22:32:00 +00:00
Paul Vinciguerra
f4647ed885 Resolve vppapigen DeprecationWarning.
/vpp/src/tools/vppapigen/vppapigen:823: DeprecationWarning:
the imp module is deprecated in favour of importlib;
see the module's documentation for alternative uses

Change-Id: If7729778374e9193f6381c8bd2ed34c875db3f1e
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-02-18 21:56:06 +00:00
Florin Coras
222e1f4160 tcp: harden for high scale scenarios
- Better handle buffer starvation scenarios
- Handle case when both peers enter recovery due to packet loss.
- Fix passive open establish cleanup

Change-Id: I2f28baa2ff0383bb8f5f6d2452b49aa38ce69bce
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-18 20:43:33 +00:00
Neale Ranns
a333795d1c DHCP: trace flags copied from old to new not vice-versa
Change-Id: I6c13af7e97753da013cdd5b212302d008cbd616d
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-18 17:52:27 +00:00
Filip Varga
e69e423743 NAT: VPP-1552 code migration from old multiarch scheme
Change-Id: I88f3df8aaa521e7707ef3335acdbf1ab41e7ee28
Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-02-18 16:46:50 +00:00
Benoît Ganne
7dcb80a202 Explicit dual-loop in ip6-local
Makes ip6-local node dual-loop explicit. This is only a style change.

Change-Id: Ic8e7cecb3f51e98b8a069b501f5c338156934a6d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-18 16:38:12 +00:00
Neale Ranns
eba31ecebe IPSEC: move SA counters into the stats segment
1) stats are accessed via the stat segment which is more condusive to
   monitoring
2) stats are accurate in the presence of multiple threads. There's no
   guarantee that an SA is access from only one worker.

Change-Id: Id5e217ea253ddfc9480aaedb0d008dea031b1148
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-18 13:05:17 +00:00
Matus Fabian
684586786e NAT44: fix snat_get_worker_out2in_cb (VPP-1536)
Change-Id: I9c562f8e3407ca60a4412a162015fa505b7590b6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2019-02-18 01:56:18 -08:00
Florin Coras
830fe7370a tcp: fix handling of retransmitted syns
Change-Id: I88fdeb0ca56d3a5d9c0f36def13c6de8142f59f0
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-18 07:03:06 +00:00
Benoît Ganne
26a101976d Optimize ip6-local
Optimize IPv6 ip6-local node by rewriting the dual/single loop with
prefetch and simpler unrolling.
My local, unrepresentative tests for GRE4 termination over IPv6 show a
performance improvement of ~40% for ip6-local node alone and ~5%
globally.

Change-Id: I11e1e86d3838dd3c081aa6be5e25dae16ed6e2d8
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-15 20:22:13 +00:00
Nathan Skrzypczak
bb65ba10fd Fix connexion segfault in session api affecting tcp_echo
Change-Id: If6d45f7f6e6dab70eecd6ec7241126968a34ad6b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-02-15 15:38:10 +00:00
Kingwel Xie
3b3464eef5 dpdk-ipsec: store buffer index into crypto-op private
don't have to convert from mbuf to vlib_buffer then buffer index
save a few clock cycles in crypto-input

plus, a bit improvements of CLI
1. show more information, resource placement & qp stats
2. clear dpdk qp statistics

cleanup cli as sugguested by Sergio Gonzalez Monroy

Change-Id: Ic4fd65bfa9a6b05b344a9a40c554990dde072d19
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-15 14:58:33 +00:00
Andrew Yourtchenko
f620f665ad 19.01 Release Notes
Change-Id: I43fd3aac9039c6d551fac8607374a0ebfdc6f74a
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 67d9475ae3586e69356f939b36aefe8d6a6f0009)
2019-02-15 10:52:42 +00:00
Neale Ranns
58085f2f67 FIB: pass a copy the walk context
since it can realloc when new ctx are added. If
not we can get some nasty memory corruption.

Change-Id: I617709c3013acbcb8aee07dc147894f0de896555
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-15 08:14:42 +00:00
Klement Sekera
593635d4fa make test: make test-ext working again
Change-Id: Ib30d0c6b8794488119f258f7617fce494aa28f1f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-14 17:23:21 +00:00
Mohsin Kazmi
752f5b4302 deb-pkg: Add libvom package support
Change-Id: I370a5198ea5b768d8c505679662a19797bd2740d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-14 17:21:59 +00:00
Kingwel Xie
364b1cad18 ipsec: memory leak fixup
Change-Id: Ib2ad196bec1005d6678589d5b5c199b8a541c720
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-14 17:19:18 +00:00
Benoît Ganne
47727c02df Add -fno-common compile option
-fno-common makes sure we do not have multiple declarations of the same
global symbol across compilation units. It helps debug nasty linkage
bugs by guaranteeing that all reference to a global symbol use the same
underlying object.
It also helps avoiding benign mistakes such as declaring enum as global
objects instead of types in headers (hence the minor fixes scattered
across the source).

Change-Id: I55c16406dc54ff8a6860238b90ca990fa6b179f1
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-14 17:18:36 +00:00
Lollita Liu
8f6c1dda35 buffer: bug fix vlib_buffer_free_inline
buffer_pool_index, in case of buffer_pool_index change,
should free buffers in queue before setting buffer_pool_index again

Change-Id: I846ead947a7b2d940c8fc747976239d608597391
Signed-off-by: Lollita Liu <lollita.liu@ericsson.com>
2019-02-14 17:16:03 +00:00
Paul Vinciguerra
cec202c417 make install-ext-deps broken.
make install-ext-deps broken due to nasm site being offline for days.
curl: (7) Failed to connect to www.nasm.us port 443: Connection refused

curl: (7) Failed to connect to www.nasm.us port 80: Connection refused

Pointing url to mirror at Oregon State University for the time being.
https://ftp.osuosl.org/pub/blfs/conglomeration/nasm/$(nasm_tarball)

Change-Id: I6310337ae6946fbcd5fd653dcd3780ec7e97fe9a
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-02-14 16:57:18 +00:00
Damjan Marion
381735028c ip6: convert code to new multiarch
Change-Id: Idd09b5d0597336e4f2028113cae76c94fd1c5427
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-13 19:30:09 +01:00
Mohsin Kazmi
d3125833d5 vom: Add support for vtr in xconnect
Change-Id: Ib168a1d20c4609e4e64f472f75e9463161638e3e
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-13 04:52:36 -08:00
Neale Ranns
b4cfd55f25 IPSEC: restack SAs on backend change
Change-Id: I5852ca02d684fa9d59e1690efcaca06371c5faff
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-13 02:08:06 -08:00
Neale Ranns
6fef74ad30 VOM: neighbour API flags
Change-Id: Ia664cd4c77f1c5b4bc46c5e191bb57704b3ccc46
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-13 09:06:44 +00:00
Dave Barach
22ad815d65 fix assert failure
Change-Id: I9a2e8ea2bf334dd8dabf3d25abbcc91087a43882
Signed-off-by: Dave Barach <dbarach@cisco.com>
2019-02-12 14:55:11 +00:00
Kingwel Xie
72b3bce0b6 ipsec: cli bug fix
1. unformat_ip46_address must have ip-type specified
2. cannot unformat ip46_address_t with unformat_ip4_address

Change-Id: I5f1eecfe71a808302428afb39f910ebf0c7cef71
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-12 06:45:08 -05:00
Neale Ranns
7ba8fe2097 IPSEC-tun: The tunnel DB uses the network order SPI to save the byte swap in the DP
Change-Id: I78a1c39682d5afd356a3cfe70097fc682e8cb938
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-11 16:07:38 +00:00
Florin Coras
b4c1491f74 session: add config for evt qs segment size
Change-Id: I286d0d53a9ef2d6e28cd301eae25fc119d491f22
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-11 16:06:37 +00:00
Florin Coras
c1a4265b4b session: cleanup application interface
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-11 16:05:37 +00:00
Kingwel Xie
c69ac31208 ipsec: multi-arch, next-node-index cleanup
1. specify ipsec_xxx_node.c in MULTIARCH_SOURCES
2. cleanup foreach_ipsec_output_next & foreach_ipsec_input_next,
   as next-nodes are actually added by ipsec_register_xx_backend dynamically
   thus, ipsec4-input-feature will point to ah4/esp4-encrypt, instead of
   pointing to ah6/esp6-encrypt
3. remove an unused count and add counter IPSEC_INPUT_ERROR_RX_MATCH_PKTS
   in ipsec-input

Change-Id: Ifcf167812d2cc18187c2cea84b657a52b67e17d4
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-11 03:12:01 -08:00
Damjan Marion
8934a04596 buffers: fix typo
Change-Id: I4e836244409c98739a13092ee252542a2c5fe259
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-09 23:29:26 +01:00
Florin Coras
54a51fd586 tls: move test certificates to separate header file
Change-Id: I543cb78e268d7a4a7fba590d305351ec79f4e4da
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-09 16:17:32 +00:00
Florin Coras
c9940fc20b session: refactor listen logic
Make app-listener the handle for app listens. Consequently transport and
local listen sessions are now associated to the app-listener.

Change-Id: I9397a26d42cccb100970b6b4794c15bac2e11465
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-09 16:17:32 +00:00
Florin Coras
6164e97e0f tcp: fix fib_index for v6 ll packets
Change-Id: Ie69bdb9860d61f2c599c0c80b0ea80dfdfe178bd
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-07 22:28:53 +00:00
Neale Ranns
3c282c7af9 IPSEC: remove unused members of main struct
Change-Id: Ib55deb620f4f58cac07da7cb69418a3a30ff3136
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-07 19:13:50 +00:00
Neale Ranns
8d7c502002 IPSEC: no second lookup after tunnel encap
in the same maaner as with other tunnel tyeps we use
the FIB to cache and track the destination used to reach
the tunnel endpoint. Post encap we can then ship the packet
straight to this adjacency and thus elide the costly second
lookup.

- SA add and del function so they can be used both directly
  from the API and for tunnels.
- API change for the SA dump to use the SA type
- ipsec_key_t type for convenience (copying, [un]formating)
- no matching tunnel counters in ipsec-if-input

Change-Id: I9d144a59667f7bf96442f4ca66bef5c1d3c7f1ea
Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-07 19:13:32 +00:00
Benoît Ganne
3d0ef26a02 Fix parsing overflow in unformat_mac_address_t()
'%x' unformat specifier expects a pointer to a 4-byte object and will
overflow when using a pointer to a 1-byte object. Use '%X' instead which
allows to pass the size of the object alongside its pointer.

The bug was exposed with the following commands:
~# make run
DBGvpp# loop create
loop0
DBGvpp# set ip6 neigh loop0 3001::2 a🅰️a🅰️a:a
DBGvpp# show ip6 neigh
Time     Address  Flags  Link layer         Interface
35.7743  ::2      D      0a:0a:0a:0a:0a:0a  loop0
         ^^^
  wrong address: should be 3001::2
Note that the bug impact depends from the parsing order and memory
layout.

Change-Id: I29ba2eb53ba5a2daf4517215602d027508e2cb9f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-07 19:11:22 +00:00
Florin Coras
d4c49be5e2 tcp: fix reset sending in syn-sent
Change-Id: I468b1015bca5f95b162fb49e904aa4e4d38db75e
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-07 00:16:30 -08:00
Damjan Marion
5de3fec531 buffers: make buffer data size configurable from startup config
Example:

buffers {
	default data-size 1536
}

Change-Id: I5b4436850ca18025c9fdcfc7ed648c2c2732d660
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-06 18:00:17 +00:00
Damjan Marion
672ab69018 buffers: improve buffer init performance
Change-Id: Ib59a3c32af754a898ade17c42e60a88f48b797ff
Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-06 17:58:32 +00:00
Mohsin Kazmi
b74fe32d54 virtio: enable msix interrupt mode
Change-Id: Idd560f3afde1dd03bc3d6fbb2070096146865f50
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-06 17:27:44 +00:00
Mohsin Kazmi
80659b4624 virtio: Use new buffer optimization
Change-Id: Ifc98373371b967c49a75989eac415ddda1dcf15f
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-06 17:27:44 +00:00
Sergio Gonzalez Monroy
ef20f0eff7 dpdp-crypto: fix cryptodev segfault with dpdk 19.02
DPDK 19.02 adds two new fields to struct rte_cryptodev_qp_conf,
which the current code was not initializing properly.

Also session mempools are now required to have specific private data.
For that just use the new API to create symmetric session pools.

Change-Id: Ie732d4e10b908aeaea322717d6011113e3e7172c
Signed-off-by: Sergio Gonzalez Monroy <sgmonroy@gmail.com>
2019-02-06 17:25:29 +00:00
Florin Coras
1ee7830e9e transport: cleanup
- move transport specific types to transport_types
- add transport wrapper functions for interaction with transport
protocol vfts

Change-Id: I93f70d884585fc2f41c4a605e310c80e8a8972f2
Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-06 16:56:39 +00:00
Andrew Yourtchenko
696d760865 Update to doxygen documentation for release 19.01
Change-Id: Id19cefc24d391f0437a0355f5328505ec21aa58a
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 44f14358cfe37a750f4541e5919b0c7877b6d46e)
2019-02-06 04:16:11 +00:00