13891 Commits

Author SHA1 Message Date
Nithinsen Kaithakadan
6937c0b2df octeon: add crypto framework
Configure crypto device.
Add crypto support in control plane and data plane.
Control plane
 - Handle vnet crypto key add and delete
 - Register crypto async enqueue and dequeue handlers
Data plane
 - Add encryption and decryption support for
    - AES-GCM
    - AES-CBC hmac sha1/256/384/512
    - AES-CTR sha1
    - 3DES-CBC md5 sha1/256/384/512

Type: feature

Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Change-Id: Ia9e16c61ed84800a59e0c932a4ba6aa1423c1ec8
2024-10-17 11:53:39 +00:00
Abdel Baig
17a918133b bfd: add support for multihop
Type: feature

Change-Id: If23f9cc9317e7528f3c8d66303457206843a12c5
Signed-off-by: Abdel Baig <abdbaig@cisco.com>
2024-10-15 15:46:01 -04:00
Adrian Villin
514098ee82 hs-test: various improvements
- fixed timed out/panicked tests not copying logs to CI archives
- fixed log formatting
- renamed SuiteTimeout to TestTimeout
- fixed ginkgo node leak on test timeout -> added AssertChannelClosed
- updated docs

Type: test

Change-Id: Ia71d765bd61576230a4cfd26d4b14fd1be1692c7
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-15 16:49:40 +00:00
Florin Coras
6771af7328 hsa: switch proxy to using first worker connects
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I04821236ba8ab02525bd99a1ed4572dfcf5e5131
2024-10-15 00:25:35 -04:00
Matus Fabian
15106becc5 http: Content-Length value parsing improvement
Type: improvement

Change-Id: Ida8ca43b5fed41fc0b13a2dde97e7e35c55283c9
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-14 19:26:45 +00:00
Damjan Marion
1db9079ccb vppinfra: fix page stats for large heaps
Type: fix
Fixes: 6bfd076
Change-Id: I8da83a8a755e5893da627c0555039c62975a5e84
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2024-10-14 18:26:08 +00:00
Matus Fabian
6885d5f9eb hs-test: http_static wrk tests
Type: test

Change-Id: I87cddb88f2a62e79d66832827134ddaa95740839
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-14 17:05:49 +00:00
Matus Fabian
5c8ddd54c1 http: timer pool assert crash fix
Two iterations over expiret timers:
1) ivalidate timer handle and mark the connection as having a pending
   timer
2) send RPCs to workers

Type: fix

Change-Id: Iadc031c4e6d6f7bbd851d0421e6e0ea2d2b5e70f
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-14 17:03:12 +00:00
Matus Fabian
b6ac2d7a7a http: track half-open sessions
It might happen that app detach during connecting period and worker
is not valid anymore when http_ts_connected_callback is called.

Type: improvement

Change-Id: I95f094e8bc0352728a61e3fe74ab0745859e2457
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-14 16:55:09 +00:00
Stanislav Zaikin
4d9abd6cdd ip: fix ip_local_reassembly_get handler
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I6431557d01756174005df26350c28299f83fcee0
2024-10-14 12:45:38 +00:00
Alexander Skorichenko
a7e01a83be snort: add timestamps to packets
Type: improvement

Change-Id: I810679c8a73c4d1b3fc2cc2300ded46a30d68e8f
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2024-10-11 14:06:15 +00:00
Adrian Villin
2acdf1e629 hs-test: added dry run mode
- DRYRUN=true will set up most containers. Some need to be started
  manually (curl, nginx...). The framework will create a vpp-config
  file with interface configs that will get executed on VPP startup.
- set Ginkgo to use -v instead of -vv when running a single test
- s.Log() now supports formatting
- added 'useEnvVars' parameter to container.Exec

Type: test

Change-Id: Id1da7947a1448ee4b74b86cc4f243442256a5ba8
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-10 15:50:15 +00:00
Ole Troan
77ca487742 dpdk: xstats as symlinks
Type: improvement
Change-Id: I0df26e5a4d486b694ec90ba27b485a75bf264b20
Signed-off-by: Ole Troan <otroan@employees.org>
2024-10-09 16:59:53 +00:00
Adrian Villin
f151640bb1 hs-test: support running multiple specific tests
- make test TEST=[test1],[test2] runs those two tests in random order

Type: test

Change-Id: I1a1af7c99ef7867ca94cec4175605f428dcd58fd
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-09 11:03:35 +02:00
Damjan Marion
96a56244a5 vppinfra: devicetree improvements
Type: improvement
Change-Id: If20ae74658702399f626b1af7bd3519e05a5d422
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-10-09 08:39:33 +00:00
Damjan Marion
cda500bddc dev: add helper functions
Type: improvement
Change-Id: I7c9e882b1cdf141b34e84dbfed46b392624d1f62
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-10-08 23:33:02 +00:00
Damjan Marion
623147bfda armada: fix tx queue init
Type: fix
Fixes: 4e51841
Change-Id: Ife3cb43f54cc0700c469f89b0a5af0ff44143807
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-10-08 23:53:45 +02:00
Mohsin Kazmi
ad6aacc44a pg: fix the coverity warning
Type: fix

Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ida88c304f110b05051211ce243fd04ce811a9d4d
2024-10-08 10:06:47 +00:00
Florin Coras
4856f33fa8 http_static: fix first and add segment size
Allow segments bigger than 4GB

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I510f7cff75883fdbd6c0c22efff9a14e26c755f4
2024-10-07 23:24:59 +00:00
Steven Luong
8d09a70ee8 hsa: cannot delete/unlisten default uri
Although it is rare that one wants to remove the default uri listener,
we should still support it.

The problem is that we strip the null character on unformatting the input.
We should not add a null character on formatting the default uri.

Type: fix

Change-Id: I08520dbd2a2448639ce023f9fd75555bc620e7ee
Signed-off-by: Steven Luong <sluong@cisco.com>
2024-10-07 12:09:57 -07:00
Matus Fabian
a3efc38e15 hs-test: force test failure when vpp core present
Type: test

Change-Id: I874ee185a51dda9b620f3b783e466b8e88600d18
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-07 17:27:26 +00:00
Klement Sekera
860916617d ip: add extended shallow reassembly
This patch adds some fixes and improvements:

Fixes bug where save_rewrite_length gets overwritten on reassembly
handoff.

Fixes bug where duplicate fragments could cause a reassembly context
to be lost, because the race losing thread would remove bihash entry
created by winning thread.

Improves tracing by adding more events.

Adds extended shallow reassembly. This is a toggleable option, which if
turned on will cause reassembly to wait for both first and last
fragments to calculate total IP payload length. Furthermore it'll store
a local copy of first fragment and necessary data to retrieve it in
vnet_buffer2. This allows downstream features to access full L3/L4
headers when dealing with fragments.

Type: fix
Change-Id: I81695070533410c5815291dbc65ea71c87e3ae05
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07 16:39:42 +02:00
Klement Sekera
db7be85352 ip: fix feature logic
This fixes ip6 feature logic, so error and handoff packets are no longer
sent to next feature instead of being dropped/handed off.

Type: fix
Change-Id: If280de5345d9ed3b553dd3b3fa40274619d333ae
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07 12:56:00 +00:00
Klement Sekera
6f3d9e2cb8 ip: add ip6 shallow reassembly output feature
Type: improvement
Change-Id: I0cb4014f03abdd0e55d4bb7ff40ae293a6ed3562
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07 12:29:02 +00:00
Klement Sekera
22c7420dfb vapi: don't store dict in length field
Rather validate the format and use proper Field call.

Type: fix
Fixes: d7a32ebd9948ff37c15d8b6e0e5d9cf243026239
Change-Id: I78ac1e62911d613dc0d7a9bd6e8784fbe7f0a797
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07 11:40:48 +00:00
Klement Sekera
911c0fb23a ip: fix ip4 shallow reassembly output feature handoff
Use a new frame queue for output feature instead of passing frames
to standard feature.

Fixes bug where save_rewrite_length gets overwritten on reassembly
handoff.

Type: fix
Change-Id: I6c6191aec5f1c89e1ca0510a08781e390d327bbf
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07 10:57:24 +00:00
Mohsin Kazmi
0b1bd9df33 pg: add support to delete pg interface
Type: improvement

Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I3102fded415c644673fb79a0fdb7a7448ce20f26
2024-10-07 08:39:23 +00:00
Florin Coras
28955ceb8b session vcl: add support for vcl transport attributes
Session layer can push transport attributes to vcl sessions which are
stored as vector for session lifetime.

Store original_dst_ip and port when available in vcl session attribute
vector.

Type: feature

Change-Id: Iab6c65ddcfed220fc919f564cd19083561812faf
Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-04 17:59:01 +00:00
Florin Coras
89969288d3 hs-test: fix core_pattern volume mounts
If system is configured to use something like apport, avoid mounting.

Type: fix

Change-Id: I6af900bd334acba974c9c4ae30c3b2ce26d1f49b
Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-04 05:40:15 +00:00
Florin Coras
08894464dd session: use proper name for ct transport
Type: refactor

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iebf5155a429c77143df9eb44f504fea28cddaf98
2024-10-03 13:54:05 -07:00
Matus Fabian
fa5defdc2d hs-test: prom consecutive connections test
Type: test
Change-Id: Ide4571dd8ac9bcb64fcd5ba408b6d1f99d34185f
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-03 19:25:21 +00:00
Adrian Villin
46ab0b22bb hs-test: added nginx multi-thread tests
- added Dockerfile.envoy
- removed nginx vcl.conf file as it's created by
  the framework now

Type: test

Change-Id: I5f2be015c864c8d2aa938a22b1abece64989999b
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-03 19:23:49 +00:00
Florin Coras
fae41c6783 session: allow session input rpcs
Type: improvement

Change-Id: Ib8e9f9fb6dfc553cc9e344544961832fecbea8c1
Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-03 08:02:59 +00:00
Adrian Villin
7bae9b0e82 hs-test: use nginx 1.26.2 for NginxHttp3Test
- test is no longer marked as extended
- no building required -> removed nginx build scripts

Type: test

Change-Id: I1814b1e4b7e514f81797efa3b5c1e818d2fe4cda
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-03 04:56:10 +00:00
Steven Luong
2c52f5e888 session: incomprehensible error message for adding sdl and rule-table entry
1. When the backend engine is not enable, adding an entry returns
a confusing error message.

DBGvpp# session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
unknown input `add  191.1.1.30/32 action 1 ta...'
DBGvpp#

2. When the sdl or rule-table entry is already present, adding the duplicate
entry returns a confusing error message.

DBGvpp# session sdl add  8.8.8.1/32 action 0
session sdl add  8.8.8.1/32 action 0
DBGvpp# session sdl add  8.8.8.1/32 action 0
session sdl add  8.8.8.1/32 action 0
session: session is already enable. Must disable first
DBGvpp#

The problem is because there are multiple cli commands start with "session".
When the command is failed with the best match chain, it passes the
command to the other parser chains which start with the keyword "session".
The other cli chain also fails to parse the command. The error message
that the previous parser chain returned may be overwritten by
the newest error message.

The fix is to not return an error in sdl and rule-table parser command chain.

Type: fix

Change-Id: If0165324a763f47ec98ab79a41c3ee9b10057454
Signed-off-by: Steven Luong <sluong@cisco.com>
2024-10-02 09:41:53 -07:00
Dave Wallace
056b7d0587 build: fix dpdk mellanox driver build setting
- dpdk mellanox driver setting requires rdma-core.mk is included
  before dpdk.mk makefile.  Include check for rdma-core_version
  variable definition in dpdk.mk to prevent a re-occurance of this
  issue.

Type: fix
Fixes: 70522a1dc

Change-Id: I297cbd734ac7abe970eac7fb317d06b7acfc5a40
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-10-01 18:07:22 +00:00
Ivan Ivanets
b2b87e4819 tests: fix wireguard test case failures
Type: test

There are random failures in the wireguard test cases that are not related to concurrency issues.
The root cause is a retry of the handshake initiation after (REKEY_TIMEOUT + JITTER) ms, where JITTER is a random value between 0 and 333 ms.

Solution: Add a filter parameter for the `send_and_expect` method of the vpptestcase.
This filter allows for excluding unexpected handshake initiation packets when the responder sends two packets (with `message_type = 1` and `message_type = 2`),while only a single packet (with `message_type = 2`) is expected.

Change-Id: I62816931fc1b85e2202f3d36eb6c2a23714644d5
Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
2024-10-01 16:57:44 +00:00
Matus Fabian
38e94c3461 http: http_state_wait_server_reply fix
We enqueue 2 segments to app, first is masg (http_msg_t) and second
as much as possible of the raw data, so it must be:
max_enq - sizeof (msg)

Type: fix

Change-Id: Ib7ece7e0ad1aac99d687d49149f1bccea599b10f
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-09-30 13:54:37 +02:00
Adrian Villin
5a4c7a9ce4 hs-test: replaced gofmt with goimports
- goimports properly formats imports

Type: test

Change-Id: I78c162dd552fd3ee3d59955d7ea215af30601425
Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-09-28 02:11:59 +00:00
Steven Luong
6f173171b1 session: fix SDL to use remote instead local
The language is
local == VPP local interface
remote == sender prefix to VPP node
SDL acts on remote prefix.

Type: fix

Change-Id: I82917c6ef801fc67430dfdd15c5630cb7a6347e0
Signed-off-by: Steven Luong <sluong@cisco.com>
2024-09-28 01:51:31 +00:00
Steven Luong
6b3b6072e0 hsa: Add multiple listeners support
It is desirable that http cli server can support multiple listeners.
This is needed for supporting both ip4 and ip6 at the same time.

Added the optional keyword listener add | del to the
http cli server command.

Example usage:  start ip4 default uri and then add ip6 uri
http cli server
http cli server uri http://2001::2/80 listener add

Type: improvement

Change-Id: I884a4cd64ff676f9759a062b6d607a1742f610f3
Signed-off-by: Steven Luong <sluong@cisco.com>
2024-09-28 01:49:53 +00:00
Alexander Skorichenko
e3ad5aa68a snort: API functions for plugin
Also, made disconnect-instance and delete-instance functions
available via cli.

Type: feature

Change-Id: I7939d27867959cb871b1cc7205b94410b53906fd
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2024-09-27 12:30:16 +00:00
Florin Coras
d0e8bd75f6 tls: cleanup engine hs cb and improve ctx formatting
Handshake completion is now tracked via a ctx flag so we no longer need
ctx_handshake_is_over.

Also, as we no longer prealloc application sessions, improve ctx state
formatting.

Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If48588ecde13e56fb99d1a46238bda53ed4eae1b
2024-09-26 20:44:34 +00:00
Damjan Marion
2193fd0649 dev: dev process node scheduling improvements
Type: improvement
Change-Id: If39e4d2b46820d5c0465fcc40d255fa95d137d38
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-26 08:40:28 +00:00
Damjan Marion
dfa77dc606 vlib: process node scheduler rework
This commit allow use od cooperative multitasking with multiple
descheduling reasons (i.e. event wait and suspend) inside the same
process node. In previus code remote node will wake up process node
by sending event evein if process node is waiting in
vlib_process_ssupend().

This change also allowed new vlib_process_yield() API which deschedules
current process and it puts it into the end of queue.

Change-Id: I846e5a99b4ea1809eb80895f6ffe0ef0b2fd21ae
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-26 08:33:47 +00:00
Alok Mishra
d8022139eb octeon: fix pause flow control for lbk/sdp devices
Pause frame flow control is not supported for LBK (Loopback) and
SDP (System DPI Packet Interface Unit) devices.
This patch skips the pause flow configuration for these devices.

Type: fix
Fixes: 53239b4

Signed-off-by: Alok Mishra <almishra@marvell.com>
Change-Id: I3096fcef9df4ad59d64bfabb83f91f13813128a8
2024-09-26 08:20:22 +00:00
Damjan Marion
ea4a5499ae vppinfra: add CLIB_SWAP()
Type: improvement
Change-Id: I1911a9d6a0ca8e1d24ce7b95281886392081ffc6
Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-25 20:05:45 +00:00
Florin Coras
4089d7cf1b session: set dgram mss when not constrained by transport
Type: fix

Change-Id: I12ddcd56f2fecb504180cdc044a3b3c3d1db7e3c
Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-09-25 15:46:31 +00:00
Radislav Chugunov
f9b2e27b1d build: add missing fib_walk.h to VNET_HEADERS
Type: fix

Change-Id: Ie64ce16ea512b855a1b886eceb94c0e6ba33df05
Signed-off-by: Radislav Chugunov <chgnrdv@gmail.com>
2024-09-25 13:37:07 +00:00
Hyong Youb Kim
1a088b6bc9 dpdk: add new device ID for Cisco VIC VF
VIC now supports standard SR-IOV, as opposed to VM-FEX SR-IOV. It uses
a new device ID 0x02b7 for VF. Add it to the supported list.

Type: improvement
Change-Id: Ifc91c66f5e75dd005aa9d8a47700896a941abab5
Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
2024-09-25 13:36:27 +00:00