9367 Commits

Author SHA1 Message Date
Steven Luong
56eed87058 vmxnet3: gso fixes
outbound:
wrong header len computation
gso size and header length need to be set in the first segment of the
chain

inbound:
EOP may have zero length descriptor to terminate the chain
missing endian conversion for ethertype

Type: fix

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Iaa003c0e9af3ead4df6c6c0d5772a179d2ff15c4
(cherry picked from commit 007abe751f2ee86528d0ccc005a3da1c90850868)
2020-09-16 17:03:13 +00:00
Andrew Yourtchenko
a87deb77da vppapigen: crcchecker: report in-progress messages
in-progress messages do not give any API stability guarantees,
by design, to allow easy iteration. Provide an easy way
to know which messages are in-progress.

If as a user you see "in-progress" message that you want
to use in production, please contact the feature owner
and discuss the path to removing the "in-progress" status
before that.

Change-Id: I27729995e26a70af373e642b871dbb5cc5526959
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 8b0cd69d31a50e7f4a454d45e903c6cdaf23fbfe)
v20.09-rc2
2020-09-16 15:53:00 +00:00
Yulong Pei
4035daffd5 crypto: Crypto set handler API to support set all as CLI
Type: improvement

Signed-off-by: Yulong Pei <yulong.pei@intel.com>
Change-Id: I43556f8c76c7aae64d9c927e1fda3c1774d7e49d
(cherry picked from commit 8c91b2ae2b32d428ef35605707788fe064621cb3)
2020-09-16 15:13:56 +00:00
Damjan Marion
fb66fcf3fb avf: change promisc mode from the avf process node
Avoid situations where promisc mode is chaged while avf process
is suspended in the middle of adminq operation.

Type: fix
Change-Id: Ia1fc6551e83218b5938630ad3a15d4f3f0ceceff
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 160a2a9a8c5c4e054dcc0e8ebeb3de7654718582)
2020-09-16 12:45:49 +00:00
Damjan Marion
4b952f85bd avf: fix race between avf and cli/api process
device pool my grow during suspemd which will cause crash in avf process
after it exits from suspend.

Type: fix

Change-Id: I51fec90088c909cfbaaca6c245272a28c0827ca0
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 171d6aceb039a7f0b0d67c837ff74359dae01ae4)
2020-09-16 12:45:16 +00:00
Ole Troan
00f21fb2fe api: clean up use of deprecated flag
The syntax of the deprecated flag has evolved.
Clean up usage to be "option deprecated;".

Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: If2b639f275eb8db58b36c457f9245fe35a4d8cb1
(cherry picked from commit f916414b383afd37ec78509ee613df8878160406)
2020-09-16 12:22:27 +00:00
Andrew Yourtchenko
ec7e8d8598 vppapigen: crcchecker: report deprecated messages
Report if the messages were marked as deprecated,
but not yet deleted.

Useful for building the release notes and comparing
between the releases.

Also, put the dict_compare() call into the report(),
since latter always consumes the output of the former.

Change-Id: Iceab3e94ff66da931a4669b612026bd162dd5d1a
Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 62bd50de97cd90cc09559a09fe46f98211279a1e)
2020-09-16 11:24:38 +00:00
Damjan Marion
97109b1ad8 avf: add assert to ensure that adminq is used only from avf process
Type: improvement
Change-Id: Ib64c9b8207776986656e5a26c13a221edc6cc950
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 698eeb126d01427313949241b961c27347db8c72)
2020-09-16 11:14:42 +00:00
Neale Ranns
6efd393965 wireguard: Fix for tunnel encap
Type: fix

add UT for sneding handshale init and transport packets

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc
(cherry picked from commit d75a2d12c431fcffba2a2b4d59f18c9cec483ed9)
2020-09-16 11:03:59 +00:00
Onong Tayeng
21cbdc75f2 lisp: fix vat crash with one_add_del_local_eid api
VAT crashes when the one_add_del_local_eid api is invoked with mac
address as eid.

Type: fix

Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I29e246f6cad4b350fec52d54e94dbed586d488c4
(cherry picked from commit 5f473c0efc9e0ff068273520b058b8ac498dc597)
2020-09-16 10:33:48 +00:00
Onong Tayeng
a14f367e27 lisp: fix help msg of show eid-table command
The lisp|one show eid-table command's help msg does not display the
available options. This patch fixes that.

  show lisp eid-table [local|remote|eid <eid>]
  show one eid-table [local|remote|eid <eid>]

Type: fix

Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id39148db2ff291a7fe859830c1488b69ccd15c05
(cherry picked from commit b418c397dc8c870c6561ea1d7565067333db9df4)
2020-09-16 10:32:48 +00:00
Onong Tayeng
c669272949 lisp: fix spelling mistake in option name
In the vat help msg for one_add_del_l2_arp_entry the IP address option
is misspelled as "ip4 <ip4>" when it should have been "ip <ip4>".

Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id4058a3ddfdb78b840d7e5a3c330e67b393f5d3b
(cherry picked from commit 8c6ba2957c985a1670e9fca6bc869008e6722364)
2020-09-16 10:32:37 +00:00
Onong Tayeng
d5f713ce60 lisp: fix lisp|one_eid_table_dump's local|remote options in vat
The local|remote options to vat's lisp|one_eid_table_dump api command
does not print the eid details instead it produces the following error
messages:

    Filter error, unknown filter: 1
    Filter error, unknown filter: 2

Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I000c290b400dbf39bd883d57115923167092c9bd
(cherry picked from commit 2237cc8ce1e0eb7222a34bb30bdeb2f3f1df9a81)
2020-09-16 10:32:29 +00:00
Damjan Marion
2ee0098dee avf: fix race between avf process node and avf_delete_if(...)
It may happen that process node is suspended while it waits for response
from adminq and during that time CLI or API process can call
avf_delete_if. When avf process node resumes, it may happen that device
is not there anymeore.

This patch delegates interface deletion to process node, so CLI/API
process just sends signal instead of deleting device instance itself.

Type: fix

Change-Id: I7f12e12df3071650f6e60ad7eb5af23b7acfe335
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 66bb7dd64ee2377103e18b96f1e6bf6405de44b5)
2020-09-16 10:15:52 +00:00
Vladimir Isaev
95a77a2360 nat: Fix next feature for ED with multiple workers
Multiple (> 1) workers leads to handoff node being enabled.
This node pops next feature index to nat.arc_next to make sure
that packet will be pushed to the next feature in the arc.

But node nat44-ed-in2out-output also pops next feature and changes
arc_next. So actual next feature will be skipped in that case.

It leads to all nat44-ed-in2out packets being dropped if we have
multiple workers (handoff node enabled).

To resolve this a new node was added (nat-pre-in2out-output) to fill
arc_next in single worker case and multiple worker case is already
handled by handoff node.

Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I9dfba68f00164d2d5ab867224871811bef4411ed
(cherry picked from commit 8fb4d10dc208fb3f284fe79e838343797cb2d813)
2020-09-16 10:15:24 +00:00
Filip Varga
1f18c50174 nat: endian mismatch
Type: fix

Change-Id: Icf6ce0ddb5fe9d078503e9d9ff7e7b26423f53f8
Signed-off-by: Filip Varga <fivarga@cisco.com>
(cherry picked from commit 2fe25370ba0deed78c1240fa6788c5b5f14d6f97)
2020-09-16 10:15:15 +00:00
Nathan Skrzypczak
6c25154e95 quic: Clean quic_crypto_setup_cipher
Type: fix

Change-Id: I4c19636c2be8a577c6cba272708cb04bcc24785b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
(cherry picked from commit 8847749269ffd591c7fb6c290b4a311f186fb7c5)
2020-09-16 10:14:37 +00:00
Onong Tayeng
7bae4911bf lisp: fix crash with arp and packet trace on
With packet trace on, VPP crashes when an arp packet arrives. This patch
fixes the crash and also ensures that the packet trace displays the eid
info.

Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Iaad09a5e2b33e931ab9bd7bc3d4573b5ed5e4bfd
(cherry picked from commit a3960a8b74de5cef51db2c7575f8f2d71a013d0a)
2020-09-16 10:14:22 +00:00
Artem Glazychev
911d7563cb wireguard: fix handshake procedure
Type: fix

Change-Id: I96e8c5c9c792b1d9aefd39ce3e240d220827b7d1
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
(cherry picked from commit cf527882e2fe49eda108cd63af175431222beebe)
2020-09-16 09:45:13 +00:00
Neale Ranns
58db34c2ca wireguard: increase FIB source priority
Type: fix

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Icc1c458474d357c7d9b3b4df1897500de0c314a1
(cherry picked from commit a26b0d11e91e9abca6220e50f0240ab6ae09c6d3)
2020-09-16 09:43:21 +00:00
Neale Ranns
c71dad4a2d crypto: Crypto SW Scheduler Coverity Warnings
Type: fix

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I7f98d0c7847ecc40b90b78e5ae83f320575be310
(cherry picked from commit 69f77a3a3cca70876bd27c84b5ae932ca942d8de)
2020-09-15 14:40:10 +00:00
Damjan Marion
ddd8c0fe59 crypto-native: fix issues detected by coiverity
Type: fix
Change-Id: Id61aa407eeeb4d44cf47ed39283a0c79ed3abbee
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 139a6ae0dd460a6b8a5884e65cfd96f0c409f69e)
2020-09-15 11:25:25 +00:00
Yichen Wang
748bf82a50 build: fix the the build on centos/rhel 8
1. Remove uncessary runtime dependency;
2. Add missing build dependency;
3. Fix runtime dependency for api-python3 RPM;

Type: make

Change-Id: I2700f1a15112effba8d1527aca6467158f81f486
Signed-off-by: Yichen Wang <yicwang@cisco.com>
(cherry picked from commit 466872f0896139b34ef8ccf12f7fcc0093d7cb19)
2020-09-15 10:08:53 +00:00
Filip Tehlar
57b16c694c ikev2: fix copy-paste error when freeing memory
Type: fix

Change-Id: If44c807d188b3e88d819f4132d73e6a34402a525
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
(cherry picked from commit 999395cd6644a297c01dd6de033cf1ffb4e9951b)
2020-09-15 10:07:50 +00:00
Benoît Ganne
047eebfa97 build: fix build for Debian 9 and Debian 10
Type: fix

Change-Id: Ic07d0ae313b32e420ba93693cb75960a86f752a9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 3f0ae664faf33578515ffa1fd5287ad692f16c6f)
2020-09-15 08:40:06 +00:00
Florin Coras
89bdb836f9 vcl: always fill buffer or drain rx fifo
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibbe438aa6f2fe6d9f55c56ca6d3aec1a29b32cad
(cherry picked from commit 4a2c794c431c72364e241fa14327f03e35b886b7)
2020-09-15 08:39:26 +00:00
Neale Ranns
ec8a577ed9 wireguard: coverity fixes
Type: fix

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ib1eabbc87a573c660ac251602d631f167928259b
(cherry picked from commit 76770fd659420c23e43422d672a55e268f042129)
2020-09-15 08:39:03 +00:00
Benoît Ganne
a238082a8a vlib: fix call to vlib_get_node_by_name
Type: fix

Change-Id: I1b4f52e186165b04db5bd5f11058dc77b647bc94
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 268e3b647733807dbecf402fcebedceff4c85544)
2020-09-15 08:38:32 +00:00
Matthew Smith
649ba152cb l2: fix null deref in l2_to_bvi()
Type: fix

Static analysis identified a possible null pointer dereference. It
was introduced by a recent patch which expanded the DMAC comparison
on inbound packets on a BVI interface to include any secondary MAC
addresses which were added to an interface.

Check if the pointer is null before dereferencing.

Change-Id: Ic2afe2b062eda32977e05bf3f98d82c1fe64620c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 78681def21b931309a779dfc6a5cbc6ff8b1f814)
2020-09-15 08:38:11 +00:00
Benoît Ganne
c13aab8ca1 ikev2: fix memory leaks
- make sure everything is freed on cleanup
 - reuse already allocated vectors where possible

Type: fix

Change-Id: Ibd8da1edb37126522dc2d525596521d32dceb73a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 730cec8c0697627cc1fb6a34acd094c77ba07622)
2020-09-15 08:35:37 +00:00
Martin Millnert
cb94290d5f misc: selinux fixes (packet_socket r/w)
vpp-20.05 on up-to-date Centos 7.8 host with enforcing SELinux fails to
create a host-interface due to two missing SELinux-permissions:

vpp_t self:packet_socket { read write }

This simple patch adds these two permissions. Tested successfully on
local installation.

The steps to reproduce:

$ ip link add vpeer-host type veth peer name vpeer-vpp
vpp# create host-interface name vpeer-vpp
create host-interface: Permission denied (errno 13)
[...]
$ semodule -i vpp-packet-socket.pp
vpp# create host-interface name vpeer-vpp
host-vpeer-vpp

Type: fix
Ticket: VPP-1931
Change-Id: I2b3d92b27b9a9f26aa1c85af2946b15e83e27944
Signed-off-by: Martin Millnert <martin@millnert.se>
(cherry picked from commit 68849350c56b0258d21fc906b09df71a1951f694)
2020-09-15 08:35:15 +00:00
Aloys Augustin
6f1a86f187 quic: fix coverity warning
Change-Id: Ic31cde8564a0705710d91e0a7b90dcc6cf2f8db6
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2020-09-15 08:34:37 +00:00
Mohammed Hawari
758e6776a8 af_xdp: documents incompatibility with 1GB hugepages and high buffers-per-numa.
Type: docs
Change-Id: If8602d4b73cc1f04e42d19b8df60a05f67aa90c9
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
(cherry picked from commit 5d2091da2a96cb1092b0744cdee8bb481788a6dc)
2020-09-15 08:34:05 +00:00
Chenmin Sun
f1b7953449 dpdk: fix coverity defect #214232, #182930
Type: fix

Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ie328834159687cdb4314c37d36697f2fb9081fbd
(cherry picked from commit 504bcb7c29da6ab45656f54cda394cccb0d97dae)
2020-09-12 21:54:43 +00:00
Andrew Yourtchenko
f96ce156b5 misc: edit the MAINTAINERS entries for crypto plugins for common style
Change-Id: Ic40bf11210cf1c36420578281f5a42668bad9801
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit f8b319359cd2a24271dbe7cebfc8a4147ab89727)
2020-09-11 18:07:25 +00:00
Andrew Yourtchenko
fb6d768419 misc: Initial changes for stable/2009 branch
Change-Id: Ibb982c877427c8382a30ee561c23d878adc9c28d
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
v20.09-rc1
2020-09-09 21:54:44 +00:00
Nathan Skrzypczak
c4781a32df docs: Improve new plugin doc & add govpp API doc
Type: docs

Change-Id: I5f20ac0232c5cdc3cf64015185b0d0fc5c4a3100
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-09 20:44:08 +00:00
Nathan Skrzypczak
f681e9f736 docs: Update and improve indent install
Type: docs

Change-Id: I1a37450261e0bcedf90685243b14027f3cf23704
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-09 20:44:00 +00:00
Matthew Smith
adf2fe0def l2: check secondary macs on BVI interface
Type: fix

VRRP cannot be used on a BVI interface currently because packets sent
to the virtual mac address of the VR fail the destination mac check in
l2_to_bvi().

Apparently people want to use VRRP on BVI interfaces, so update the
check in l2_to_bvi() so that it will check any secondary mac addresses
which have been added to the ethernet interface if the destination mac
address does not match the primary mac address for the interface.

An equivalent check is already done in ethernet_input_inline() for L3
interfaces which are in promiscuous mode.

Change-Id: I7c5bf624dafda8744fea236c704e8e17e5f53b35
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-09-09 19:45:26 +00:00
Nathan Skrzypczak
97158289bc docs: Fix create memif cli
Type: docs

Change-Id: I91a954abf77335e1ddcbd1468633d9d7980bbac2
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-09 16:56:28 +00:00
Benoît Ganne
da5b4efbab svm: fix non-null-terminated string
Type: fix

Change-Id: Ia9cd71ce12584cd8ef90bfe357cf762dd7653f71
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-09-09 14:49:59 +00:00
Andrew Yourtchenko
d78a5bc03e misc: Merge 20.05.1, 19.08.3 RELEASE.md sections
also, remove a duplicate 17.01.1 section and wrong page tag for 20.09

Change-Id: Ia2cc77faa75cccab38972ad46517762cb7456466
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-09-09 13:36:01 +00:00
Artem Glazychev
edca1325cf wireguard: initial implementation of wireguard protocol
Type: feature

The main information about plugin you can see in README.md

vpp# wireguard ?
  wireguard create                         wireguard create listen-port <port> private-key <key> src <IP> [generate-key]
  wireguard delete                         wireguard delete <interface>
  wireguard peer add                       wireguard peer add <wg_int> public-key <pub_key_other>endpoint <ip4_dst> allowed-ip <prefix>dst-port [port_dst] persistent-keepalive [keepalive_interval]
  wireguard peer remove                    wireguard peer remove <index>

Change-Id: I85eb0bfc033ccfb2045696398d8a108b1c64b8d9
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Jim Thompson <jim@netgate.com>
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-09 11:57:48 +00:00
Fan Zhang
ef80ad6bff crypto: change cryptodev with new cryptodev API
Type: feature

This patch updateds cryptodev engine uses new DPDK Cryptodev
API planned to be upstreamed in DPDK 20.11.

Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrX.bronowski@intel.com>
Change-Id: I8dd1a8ac643f1e952deb787e466b76ea7aa5f420
2020-09-09 10:19:21 +00:00
Chenmin Sun
c4665093cd interface: support configuring RSS steering queues
This patch adds the RSS steering queues set interface, and it's
implementation in DPDK device:

/* Interface to set rss queues of the interface */
typedef clib_error_t *(vnet_interface_rss_queues_set_t)
  (struct vnet_main_t * vnm, struct vnet_hw_interface_t * hi,
   clib_bitmap_t *bitmap);

This patch also introduces a command line to set the RSS queues:
  set interface rss queues <interface> <list <queue-list>>
To display the rss queues, use "show hardware-interfaces"

Below is the example to configure rss queues for interface Gig0:
vpp# set interface rss queues Gig0 list 0,2,4-7
vpp# show hardware-interfaces brief
              Name                Idx   Link  Hardware
VirtualFunctionEthernet18/1/0      1    down  VirtualFunctionEthernet18/1/0
  Link speed: unknown
  RSS queues: 0 2 4 5 6 7
local0                             0    down  local0
  Link speed: unknown
vpp#

Users can also configure the rss queues on a dpdk interface in
startup.conf:
dpdk {
    dev 0000:18:01.0 {
        rss-queues 0,2,5-7
    }
}

Type: feature

Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I1835595a1c54016a84eabee9fd62ce137935385d
2020-09-09 10:12:06 +00:00
Rajesh Goel
765008670b stats: Fix stat_segment to set timeout directly
Type: fix

Signed-off-by: Rajesh Goel <rajegoel@cisco.com>
Change-Id: Ib37802f4270fe894a31e871c7fbb12b5a1cdf058
2020-09-09 06:47:15 +00:00
Ryujiro Shibuya
ddfd56265e tcp: fix the tcp unittest to work
Type: fix

Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: If5a8313262da828616db8b1d9ef831d42b11d952
2020-09-09 04:14:11 +00:00
Christian Hopps
f6cb044604 dpdk-ipsec: don't leak buffers on crypto alloc failure
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: I4dee2ea723631e1bd95b33a74b9431d984565aef
2020-09-08 17:12:22 +00:00
Christian Hopps
cd64f73951 dpdk: fix extended stat strings
- These were displaying blank, apparently dpdk extended stat strings
must be within the heap so they are identified as vectors by
format_c_identifier even though they are not.

Type: fix
Change-Id: I2b153b100203b9856ce3af6d5ecb2daae410fb5b
Signed-off-by: Christian Hopps <chopps@labn.net>
2020-09-08 16:58:29 +00:00
Christian Hopps
527746ff06 dpdk: fix interface counters to never go backward
Was seeing imissed counter become negative. Reuse the RX_ERROR code for all
three error counters to avoid the problem.

Type: fix
Change-Id: I99a69c8816326682745785ecd30e18a131ac2969
Signed-off-by: Christian Hopps <chopps@labn.net>
2020-09-08 16:55:52 +00:00