Type: fix
If no host interface name is passed to the CLI command which creates
an interface pair, NULL gets passed to lcp_itf_pair_create() and a
seg fault occurs. Check whether a host interface name was provided
and fail gracefully if none was given.
Change-Id: I82886f4c2ee710e206c751c34a74399112e9062c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
See if this fixes the coverity issues.
Now at 324a6ac9a9b285ff7a5a3e5b2071e3624b94f2db
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I2cd281ebaeda69e214e6dc93a84888298741d0ee
Signed-off-by: Ole Troan <ot@cisco.com>
Type: refactor
This patch refactors the offload flags in vlib_buffer_t.
There are two main reasons behind this refactoring.
First, offload flags are insufficient to represent outer
and inner headers offloads. Second, room for these flags
in first cacheline of vlib_buffer_t is also limited.
This patch introduces a generic offload flag in first
cacheline. And detailed offload flags in 2nd cacheline
of the structure for performance optimization.
Change-Id: Icc363a142fb9208ec7113ab5bbfc8230181f6004
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Type: feature
Support setting the MTU for a peer on an interface. The minimum value of
the path and interface MTU is used at forwarding time.
the path MTU is specified for a given peer, by address and table-ID.
In the forwarding plane the MTU is enfored either:
1 - if the peer is attached, then the MTU is set on the peer's
adjacency
2 - if the peer is not attached, it is remote, then a DPO is added to
the peer's FIB entry to perform the necessary fragmentation.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8b9ea6a07868b50e97e2561f18d9335407dea7ae
Ensure policer struct is cache aligned and fits in one cache line.
Give it a simpler name to reflect its job as the representation of
a policer.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: If1ae4931c818b86eee20306e503f4e5d6b84bd0d
Calling mem{cpy,move} with NULL pointers results in undefined behaviour.
This in turns is exploited by GCC. For example, the sequence:
memcpy (dst, src, n);
if (!src)
return;
src[0] = 0xcafe;
will be optimized as
memcpy (dst, src, n);
src[0] = 0xcafe;
IOW the test for NULL is gone.
vec_*() functions sometime call memcpy with NULL pointers and 0 length,
triggering this optimization. For example, the sequence:
vec_append(v1, v2);
len = vec_len(v2);
will crash if v2 is NULL, because the test for NULL pointer in vec_len()
has been optimized out.
This commit fixes occurrences of such undefined behaviour, and also
introduces a memcpy wrapper to catch those in debug mode.
Type: fix
Change-Id: I175e2dd726a883f97cf7de3b15f66d4b237ddefd
Signed-off-by: Benoît Ganne <bganne@cisco.com>
When strongSwan rekeys it sends create child sa request first and then
delete request for the old child sa (or vice versa depending on
configuration) as opposed to sending just a single create child sa with
rekey notify message.
Type: fix
Change-Id: I1fa55a607ca623cd3a6d887436207153c6f6bbf6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Add to the IP[46] punt policer handoff tests by binding the policer to
a particular worker and checking all packets are policed on that thread.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I7fab28659ccb65f13f841cec65a3f808281b3f90
Add a new api to allow a policer to be bound to
a specific worker thread for thread handoff.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I2623a6827843c3d93c0d7b4ad7c2e13611ec1696
Don't expect save_rewrite_length to be set correctly on RX path.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ieee40d119213f617c3d836181e5879f084b74548
Signed-off-by: Ole Troan <ot@cisco.com>
Type: improvement
negates the need to load the SA in the handoff node.
don't prefetch the packet data, it's not needed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I340472dc437f050cc1c3c11dfeb47ab09c609624
u32[0] is not enough unique for some platforms like azure
where several devices(not only network) can have almost
the same addresses and this can cause collisions.
Change hash to mhash type for vmbus devices with key
of whole 16 bytes of vmbus address.
Type: improvement
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Ic6c6a657ae29f45beddd0c69d8e785e702349460
Convert old logging style to new and remove unused tracepoints.
Remove code always conditionally not compiled.
Make comment style consistent.
Type: improvement
Change-Id: I13339f28539cf190fb92be2d5c8020b6249319c8
Signed-off-by: Brian Russell <brian@graphiant.com>
Make the policer action enum packed and use it in the policer code.
Use other policer enums where applicable.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I32f9735942af8bca3160b9ef8a75f605d9aba5fa
The policer code uses a naming convention of prefixing a lot of
its definitions with "SSE2" when in fact there is nothing SSE2
specific about them. This is confusing so remove the prefix.
Unfortunately it has to stay in the API definitions for backward
compatibility.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I59a7df9fd5ded2575f2e587b2768a025a213b07c
Fix memory leak coverity errors where free was not called
on error conditions. Or called twice.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I21cffa8b01e4f72f10501f202f6a762ae300a941
Signed-off-by: Ole Troan <ot@cisco.com>
If the multi-worker default VPP configuration is triggered by
setting VPP_WORKER_CONFIG="workers 2", some of the tests fail
for various reasons.
It's a substantial number, so this change marks all of the
testsets that have this issue, such that they can be addressed
later independently.
Type: test
Change-Id: I4f77196499edef3300afe7eabef9cbff91f794d3
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Use the common IP definitions of DSCP rather than duplicating in the
policer code.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Iff4bc789356edc290b9c31eca33e93cf5b6211bf
Add some tests which configure policer params, use the policer
test helper CLI to police pretend packets and then check the
policer stats.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ib2688b6f77d84a4bfd3c8185e44c59fa2300716a
Add a helper CLI to exercise a policer pre-configured by the test
harness. The test harness will check the stats afterwards.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I913dda4a9f8179c1c6b3061a68164bf1e698a392
Turns out that both the multi-core and single-core add / del tests run
for just under 5 seconds (aarch64, debug image). Increase the vapi =>
debug CLI timeout to avoid spurious failures.
Type: test
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia64bffa82a908172a21c34f3ae4402ad774af28a
support
Type: feature
attmpet 2. this includes changes in ah_encrypt that don't use
uninitialised memory when doing tunnel mode fixups.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3cb776f5c415c93b8a5ee22f22586fd0181110d
Avoid doing inter-thread reads without locks by doing a handoff before
destination address rewrite. Destination address is read from a session
which is possibly owned by a different thread. By splitting the work in
two parts with a handoff in the middle, we can do both in a thread safe
way.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1c50d188393a610f5564fa230c75771a8065f273
