1. Malloc may return not zero buffer, causing strncat buffer overflow
2. Malloc buffer not freed
Type: fix
Fixes: 31f1924346 ("misc: vppctl - remove the dependency on vppinfra")
Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I5aebaccf3d0f8b7e3617068267f62cc2aa39d827
Configure a vxlan tunnel using this CLI and then assign an ip address to
the vxlan tunnel cause VPP to crash immediately
create vxlan tunnel src x.x.x.x dst y.y.y.y vni 1000 decap-next node ethernet-input l3
set interface ip address vxlan_tunnel0 z.z.z.z/24
It looks like when l3 mode is configured, the code calls the wrong function
to register the interface
Type: fix
Fixes: 3e38422ab9
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ie1a08efc028f37fb528a7dfd7048ff6836bb8ddc
When a message is received, verify that it's sufficiently large to
accomodate any VLAs within message. To do that, we need a way to
calculate message size including any VLAs. This patch adds such
funcionality to vppapigen and necessary C code to use those to validate
message size on receipt. Drop messages which are malformed.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
Zero length fragments are invalid and should be dropped. This patch adds
that.
Type: improvement
Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866
Signed-off-by: Klement Sekera <ksekera@cisco.com>
arp proxy is not enabled correctly by ip4_neighbor_proxy_enable()
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I672b5d4a9652030b5604e9d39743c39cb93a2531
When the src-address to add match a route
without a valid output interface(such as default route 0.0.0.0/0),
fib_entry_get_resolving_interface() will return (u32)~0,
which will cause crash in ip4_neighbor_proxy_enable().
Type: fix
Signed-off-by: Mercury <mercury124185@gmail.com>
Change-Id: I5aee5676a2ff43ec06745ebed4dba2b9e5b98c4d
If a fragment arrives with fragment offset = 0 and M = 0, it means that
this is actually a complete packet and per RFC 8200, it should be
treated independently from other fragments. This patch does that.
Fragmentation header is stripped and fragment is forwarded irregardles
of other existing reassemblies in case of full reassembly and treated
the same way as regular packet in shallow virtual reassembly.
Type: improvement
Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Improve vppapigen to generate per-message #define indicating whether
said message is dynamically sized (due to VLA or string) or not. Use
these #defines in REPLY_MACROs to prevent improper usage. Fix existing
improper REPLY_MACRO* usage.
Type: improvement
Change-Id: Ia77aaf9f6cf3ed68ea21075a4cc8deda78a68651
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Reset memif_buffer_t flags in memif_buffer_alloc and
memif_rx_burst
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: If62ba510fad783afb9f7f58411562b6989fa1573
fib_sas6_get is called with NULL dst explicitly so add a NULL check to
avoid a NULL dereference.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
Type: fix
Fixes: f16e9a5507
If an attempt to submit an async crypto frame fails, the buffers that
were added to the frame are supposed to be dropped. This was not
happening and they are leaking, resulting in buffer exhaustion.
There are two issues:
1. The return value of esp_async_recycle_failed_submit() is used to
figure out how many buffers should be dropped. That function calls
vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting
the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always
returns 0. It is safe to remove the call to reset the frame because
esp_async_recycle_failed_submit() is called in 2 places and a call to
reset the frame is made immediately afterwards in both cases - so it
is currently unnecessary anyway.
2. An array and an index are passed to esp_async_recycle_failed_submit().
The index should indicate the position in the array where indices of the
buffers contained in the frame should be written. Across multiple calls,
the same index value (n_sync) is passed. This means each call may overwrite
the same entries in the array with the buffer indices in the frame rather
than appending them to the entries which were written earlier. Pass n_noop
as the index instead of n_sync.
Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
REPLY_MSG_ID_BASE is the standard way to define reply message id base,
so this refactor makes all the files use that. This is a preparation
patch for future safety add-ons which rely on REPLY_MACRO* parameters to
be preprocessor tokens identifying the message instead,
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibe3e056a3d9326d08af45bbcb25588b11e870141
Refactor and improve boundary checking on IPv6 extension header handling.
Limit parsing of IPv6 extension headers to a maximum of 4 headers and a
depth of 256 bytes.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556
Signed-off-by: Ole Troan <ot@cisco.com>
Type: fix
When registering a new FIB node type, no name was required on the API, and so no name was printed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
A bit ugly, but generates faster and less noisy code which
should be important for this particular use case.
Type: improvement
Change-Id: If2bba947dac33ffedb4236a5b3fb50fc783668e1
Signed-off-by: Damjan Marion <damarion@cisco.com>
Refactoring perf metric support to remove branching on bundle type in
the dispatch wrapper. This change includes caching the rdpmc index at
perfmon_start(), so that the mmap_page.index doesn't need to be looked
up each time. It also exclude the effects of mmap_page.index.
This patch prepares the path for bundles that support general, fixed and
metrics counters simulataneously.
Type: refactor
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I9c5b4917bd02fea960e546e8558452c4362eabc4
Adding a "VPP container testbench" (pair of Docker containers plus
helper scripts to test Linux and VPP interfaces). Will be part of a
larger set of labs/exercises/tutorials. Putting this baseline setup up
for review first to see if the community sees use/value in it. If so,
additional exercises using the testbench will be added gradually.
Type: improvement
Signed-off-by: Matthew Giassa <mgiassa@cisco.com>
Change-Id: I582310f7355419e907d575f640482ca49cbb282f
- VOM was deprecated in VPP 21.06, but the boost library
dependencies did not get cleaned up.
Type: make
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I0fb860a7a37676c1a1a0981c91f383882d9a820a
We should not install symlinks to local build directory.
Type: fix
Change-Id: I81e624dd5775ec9c5dd8c58f578ee51c5acfef73
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Originally cryptodev allocates mempools for seesion and session private
data during its initialization. Moreover the size of these mempools are
fixed resulting in limited session count (up to value specified in
CRYPTODEV_NB_SESSION macro).
This patch allows for session count to scale up by allocating new
mempools as they are needed during session creation.
Type: improvement
Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com>
Change-Id: I6ae240b474d3089d3ff50ca5bc7ff48f149983db
vl_api_c_string_to_api_string declared in api_types.h
and defined in api_shared.c. Remove from jsonformat
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I994c8c13b7246a857464c1f879432f73692c6d1f
Make sure segment is empty after writer lock acquired. Other workers
might add fifos in between empty test and writer lock acquire.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3400fdd14be98d9d8fb4e415d3a849be1d255241
Avoid constantly re-mapping a listener's first segment when all its
sessions are closed.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iea7033fb70f4cf9e4408d542b7c0ff2b0c5c2f92
