9980 Commits

Author SHA1 Message Date
Neale Ranns
4a58e49cfe ipsec: Support MPLS over IPSec[46] interface
Type: feature

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I89dc3815eabfee135cd5b3c910dea5e2e2ef1333
2021-01-18 08:35:52 +00:00
Simon Zhang
20399f8f3a tls: make picotls engine able to initial connection as client
Type: fix

Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Idd14dc11e92e0851c64f83e280b52f12e32ae48d
2021-01-18 02:07:37 +00:00
Ivan Shvedunov
4beb1c6643 tcp: remove bad assert
Don't assume that half-open connections pending removal are always
successful.

Type: fix
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Change-Id: I955077a4ed2389b9ee38d97e27a7c7761c860a4a
2021-01-16 03:46:36 +03:00
Dave Wallace
35ef865678 build: add missing openssl-devel package for centos-8 vpp-ext-deps
- In a new centos-8 installation, vpp-ext-deps fails on missing
  ssl.h header file after 'make install-deps'.

Type: fix

Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I521d817dd1f1e21aff427d98b9832ea7c7b89339
2021-01-15 17:31:47 +00:00
Neale Ranns
8c0474a77e misc: checkstyle ignore .patch files in trailing whitespace check
Type: fix

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9226e94e59a35648ad2945ebfdf928dc80ad635c
2021-01-15 15:24:38 +00:00
Miklos Tirpak
e700df8eb4 vlib: fix counter_will_expand prediction
vlib_validate_combined_counter_will_expand() was calling
_vec_resize_will_expand() with wrong arguments, which resulted in false
return value. Apart from the initial call, it never indicated a vector
resize.

The callers relying on this function did not perform a barrier sync
because of the wrong prediction even if the vector got extended by
a subsequent vlib_validate_combined_counter() call.

The fix introduces a new, simplified macro that is easier to call.
vec_resize_will_expand() accepts the same arguments as vec_resize().

Type: fix
Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com>
Change-Id: Ib2c2c8afd3e665e0e3d6ae62ff5cfa287acf670f
2021-01-15 09:46:23 +00:00
Dave Wallace
d7b9af4add bash: move jjb sandbox bash functions to ci-management repo
Type: refactor

Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I9b4ce818036509c0afcb204664efcc49625179ef
2021-01-14 15:03:07 -05:00
Neale Ranns
dfd3954c04 docs: Update FIB documentation
Type: docs

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I3dfde4520a48c945ca9707accabbe1735c1a8799
2021-01-14 19:55:55 +00:00
Neale Ranns
1b5ca985dc vxlan: Protect against tunnel config where source is not local
Type: fix

If a tunnel's source is not local then post encap VPP will attempt to
receive (via ip4-local) that packet, things go wrong from there.
The fix is when stacking the encap forwarding don't accept a receive
DPO. This approach is taken, rather than rejecting bad tunnels, because
the 'local-ness' of the tunnel's source can change and we can't reject
tunnels that were once correctly configured but are no longer.
the user will quickly discover their mistake as traffic won't pass.

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I46198422e321606e8baba003112e978a526b4c2f
2021-01-14 11:43:41 +00:00
Filip Tehlar
887f1aa725 ikev2: remove assert condition
Remove assert condition ensuring that a packet was punted with reason
spi=0. We can't rely on data in punt_reason because it is defind in an
union. This patch adds a new IKE node that handles punted IKE packets
separately.

Type: fix

Change-Id: I2e1b44922e53e049bd8512fa5cb85cee6a2b8aa7
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-13 16:31:49 +00:00
Ray Kinsella
bf93c6e9bf crypto-openssl: chacha support in openssl version
Fix build errors related to chachapoly when the
system openssl version is < 0x10100000.

Type: fix

Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I62283fcc44c952ddd4d6a9f621c18e8be1af8af1
2021-01-12 13:10:21 +00:00
Ray Kinsella
480600662c ip: vtep fixes for alignment and cache update.
Minor fixes for Intel AVX-512 alignment, and cache update.

Type: fix

Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I9f9bebb4ecb3265ffc765affd1ed94d0ba979066
2021-01-12 13:10:09 +00:00
wanghanlin
e8f848a56e vcl: fix session_handle_to_vlsh_table update after session migrate
Type: fix

Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: I6698749163b0ed38093d8439e94b18b6841dc6ce
2021-01-12 11:36:26 +08:00
Pim van Pelt
b6f367e3a1 build: Add deps for ubuntu 20.10
Type: make

Ubuntu Groovy Gorilla (20.10) has bumped its FFI library.
Move from v6 to v8.

Signed-off-by: Pim van Pelt <pim@ipng.nl>
Change-Id: I32bc2905ad9ed6918446020accee2a4c2ca9d4b5
2021-01-11 20:42:13 +00:00
Vladimir Ratnikov
9822729742 dpdk: allow configure individual VMBUS devices
now startup.conf supports confuguration for VMBUS
devices as for PCI devices for whitelisting/blacklisting

dpdk { dev fa5a6e7a-cf3a-4b98-9569-addb479b84bc }
 with sub-configuration as for PCI devices
dpdk { blacklist fa5a6e7a-cf3a-4b98-9569-addb479b84bc }
 where fa5a6e7a-cf3a-4b98-9569-addb479b84bc - example of UUID

struct vlib_vmbus_addr_t changed to union with UUID described
 fields

Added device_config_index_by_vmbus_addr
      blacklist_by_vmbus_addr
to enumerate available device configs

hash_key is as_u32[0] field(last 4 bytes of UUID)
Lost of precision against full UUID, but 2^32 is enough
to handle all the devices available

Added is_blacklisted check while creating vnet devices in
order to supress creation of dev if it's blacklisted

Type: feature

Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Id82611e54fed082190e488c7e5fbe14ecbe5b2ab
2021-01-11 20:40:23 +00:00
wanghanlin
dcacdc4fd9 vcl: fix deadlock in rpc
Worker thread A send rpc to worker thread B with vls_table_lock when
worker thread B try to lock vls_table_lock, so unlock it temporarily.
Add worker_rpc_lock to synchronize rpc message among workers to prevent
waiting for each other deadly.
Add timeout for rpc response to prevent hanging when VPP exit/crash.

Type: fix

Signed-off-by: wanghanlin <wanghanlin@corp.netease.com>
Change-Id: I675f1fe76673ede09107f6eeaaa0eda8bbfc6e61
2021-01-11 19:50:47 +00:00
Benoît Ganne
56177e64b6 acl: fix tag C-string overflow
tag is expected to be a null-terminated C-string

Type: fix

Change-Id: I633719068c37eac395cc30a6a314c00848e9cdca
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-11 12:42:16 +00:00
Filip Varga
68d7c546fa nat: refactor and split fo EI/ED features p.2
Patch n. 2 aimed at moving EI features out of
NAT44 plugin & split of EI/ED functions.

Type: refactor

Change-Id: Ida20c1c084449b146344b6c3d8442f49efb6f3fa
Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-11 09:26:28 +00:00
Florin Coras
0bc78d8036 session svm: fix fifo migration
Allocate and attach a new pair of private fifos in the right private
slice when a session is cloned. This ensures that private fifos are not
shared between workers.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib700d18104d2ca79aa8a07434cdcdcab0bef13a5
2021-01-09 18:50:08 -08:00
Jerome Tollet
b716e3836c l2: fix tests for learn_limit
Type: fix

Signed-off-by: Jerome Tollet <jtollet@cisco.com>
Change-Id: I7cbbea2205ca7249ba19020b25c8657b42e09562
2021-01-09 09:46:05 +00:00
Jerome Tollet
0f8d100354 l2: Separating scan-delay and learn-limit into a separate API from want_l2_macs_events
Type: feature

Signed-off-by: Jerome Tollet <jtollet@cisco.com>
Change-Id: I6de6dae7da4ec1001e2811975a9b67acfc1a148c
2021-01-08 21:46:37 +00:00
Dave Wallace
23f41d789c tests: move bond tests to src/vnet/bonding/test
- Refactor make test code to be co-located with
  the vpp feature source code.

Type: test

Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I056717261553f6449f5fcd3611b6ae3895a00ba6
2021-01-08 18:14:40 +00:00
Jerome Tollet
00c3f457d2 l2: fix l2 bd_learnlimit
Type: fix

Signed-off-by: Jerome Tollet <jtollet@cisco.com>
Change-Id: I86bc9a461660f3f71e06f88ab65004ec3d763b88
2021-01-08 17:30:23 +00:00
Neale Ranns
02da92670b tests: Use soft links for the test file staging
Type: fix

with hard links this sequence doesn't work
 echo "GARBAGE" >> test/vpp_ipsec.py
 git checkout test/vpp_ipsec.py

also blow away the staging diretory with 'test-wipe' just to be thorough

Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ic38d7ec514102759f2eafead59c7f56c5b39f33d
2021-01-08 16:18:51 +00:00
Steven Luong
27ba5008a1 vhost: Add event index for interrupt notification to driver
VPP only supports a poor man's approach for interrupt notification to the
driver. It uses a simple binary flag for "interrupt needed" or "interrupt
not needed". Most drivers support more sophisticated event index already.
This feature is to add the long due missing feature and make it configurable,
off by default.

Type: feature

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I68dab7dd07045cafb49af97b7f70db9b8131ae03
2021-01-08 13:10:58 +00:00
Filip Tehlar
ed4b38e868 ikev2: fix lookup in wrong ip table
In responder mode we need to remember interface index from which IKE
session was initiated. Otherwise when sending keep alive packets to the
initiator, the default ip table is always used for lookup instead of the
one associated with the interface.

Type: fix

Change-Id: Iade3fc3a490b7ae83c3f6e9014d1f4204e476ac1
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-01-08 13:05:32 +00:00
Florin Coras
a5a9efd4d1 vcl session: switch to generic cert key apis
Remove the deprecated tls apis.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ia1e12bd813671146f0aca22e83d04c23ac13e595
2021-01-07 16:55:02 +00:00
Neale Ranns
e294de6f87 ipip: Support MPLS over IP
Type: feature

Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ief1755131297afcaa14fe74fd8dd28c71a92fbe6
2021-01-07 15:48:43 +00:00
Neale Ranns
a9e2774f55 ipsec: Deprecated the old IPsec Tunnel interface
Type: fix

it's been 2 releases since it was marked deprecated.

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0eba7ed607826ed0d00e7d2d8f9b27d09e8e9a6e
2021-01-07 09:15:13 +00:00
Florin Coras
3b6c84c841 vcl: allow all workers to block on api
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id94cf2aeae8167868d5f96534224759c1ef6f837
2021-01-06 19:00:37 +00:00
Florin Coras
4da0ea98c2 svm: force fixed memfd mapping if va provided
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6a2cc596cf0b7f29d3ae1c05b1bb6b748b558175
2021-01-06 19:00:37 +00:00
Ole Troan
86cff9cdaa api: fromjson/tojson generated code memory leak
Found by coverity. Fix potential memory leakage in generated code.

Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: If492541b8b66e574f30ecdd0dd533099cbe068ad
2021-01-06 17:05:40 +00:00
Benoît Ganne
803c1623c2 acl: fix cli tag parsing
- tag is expected to be 64-bytes
 - when specifying tag on cli, a vector is allocated. Make sure it is
   freed

Type: fix

Change-Id: Id1741fe406819ca9f71edb081d4483f52cae547d
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-06 16:36:03 +00:00
Neale Ranns
95f59f3808 ipsec: Mark the interface create reply deprecated
Type: fix

I should have done this wehn i marked the request as deprecated. The
reply also needs to be marked deprecated so the API compliance script
can remove it along with the request.

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I8391257944b6cff7b32a01a479dd1dcab30cd33b
2021-01-06 08:10:25 +00:00
Jerome Tollet
5f93e3b7f8 l2: add per bridge domain learn limit
Type: feature

Signed-off-by: Jerome Tollet <jtollet@cisco.com>
Change-Id: I57ed6699050445d9c9aec98eff3aab56735aca54
Signed-off-by: Jerome Tollet <jtollet@cisco.com>
2021-01-06 04:17:09 +00:00
Dave Barach
1b576e0aa0 ebuild: follow symbolic links in find_newer_filtered_fn
Otherwise, changes in source code symbolically-linked into the
workspace will not be considered when deciding whether to invoke
e.g. Ninja.

This change is strongly preferable to asking people to remove
.mu_build_build_timestamp to force a Ninja run.

Deals reasonably gracefully with symbolic link loops, at least in
trivial cases: "find: File system loop detected"

Type: improvement

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I6666c84861de5e8b8aebcb94158f53526aded089
2021-01-05 17:08:54 +00:00
Mohsin Kazmi
e2e9fe5c5f tap: fix the buffering index for gro
Type: fix

Fixes: 587f9130424fd451e4ba823240d02f655fb197d1

Change-Id: Ia1739fad6a36fa658aece157d7adea8bbaa751d2
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-01-05 16:03:04 +00:00
Filip Varga
a210798c40 nat: refactor and split fo EI/ED features
This patch is aimed at moving EI features out of NAT44
plugin & split of EI/ED functions.

Type: refactor

Change-Id: I63cf70a264ed2512708fe92665d64f04690783d0
Signed-off-by: Filip Varga <fivarga@cisco.com>
2021-01-05 14:09:39 +00:00
Paul Vinciguerra
641c6be821 teib: fix typo in cli
Type: fix

Change-Id: I84388bd8b68e8c48a4f44d7ecf7aadec2408b717
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2021-01-05 08:27:27 +00:00
yedg
4dd43087d0 ipsec: ipsec cli nexthop error
Type: fix
Signed-off-by: yedonggang <yedg@wangsu.com>
Change-Id: Icc3681b591e6deb93c3ff1fda5f9471fa3c96cc6
2021-01-05 08:27:01 +00:00
Florin Coras
17672aa49d svm: fifo segment sptr for fifo hdr free list
With this there are no more pointers in data structures allocated on
fifo segments.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibe584b7b6809fa360a105974655a91674db69ab6
2020-12-30 16:45:54 +00:00
Florin Coras
9a45bd84d9 session: remove fifo segment va allocator
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7b2fd896dfa6df46916f46327975b95561809f00
2020-12-29 21:43:49 +00:00
Florin Coras
14f066e951 svm vcl: allow random offsets for fifo segments in apps
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1658a9c19d8eae4c9a42c0a111d4ad343b8eb8a4
2020-12-29 21:04:39 +00:00
Florin Coras
b462418890 svm: allow mq attachments at random offsets
Type: feature

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic373cd2c11272da539eb4b0db27227f36f2f9688
2020-12-29 12:11:07 -08:00
Florin Coras
04943b4c42 session: convert evt q segment to fifo segment
Type: refactor

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I63a44e11322f6fe27255820524e022f6d710b083
2020-12-28 19:40:03 +00:00
Florin Coras
1f952d386d svm: move active fifo list to private slice
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7672d0715348d30c0aa718e21ed86c96402c6d69
2020-12-28 19:40:03 +00:00
Paul Vinciguerra
5481ad4eb7 vlib: add missing file template descriptions
Add descriptions to clib_file_t template structures so that
sockets can be identified via the 'show unix file' cli command.

Type: fix

Change-Id: Ibf82d55aa6c7b1126bd252b76d0dc8b7076f5046
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-12-28 09:45:41 +00:00
Neale Ranns
f6472e0f7b ip: Use full reassembly for fragments in ip6-local
Type: fix

shallow was the default, but probably by accident as it depended on
module load order.
full assembly is the v4 behaviour.

using proper types allows gdb to print enum names.

Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: If157c5b83614c7adbd7a15a8227a68f8caf4e92c
Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-12-27 10:34:10 +00:00
Florin Coras
af588825ba svm: change fifo pointers to offsets
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I113a630d6db4741f54e508f7e0ed77be139df0e4
2020-12-26 16:58:10 +00:00
Steven Luong
2c1084a69b virtio: Extend vhost multi-queues support beyond 8 queue pairs
Current vhost multi-queues support has a hard limit of 8 queue pairs
due to static vring array. This limit was raised in qemu. VPP should
support more than 8 queue pairs also.

Change static vring allocation to dynamic. When the interface is
created, we allocate 8 queue pairs to begin with. We also keep track
of how many queue pairs that the interface actually uses.
We reply VHOST_USER_GET_QUEUE_NUM with 128 as our maximum number of
support queue pair. When qemu starts initializing queue pair greater
than 8, we expand the vrings as needed on demand.

Type: improvement

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I4a02d987d52d1bbe601b00e71f650fe6ebfcc0d7
2020-12-25 11:45:09 +00:00