Also rework the logic so the skipping of marked Ubuntu 22.04 occurs at framework level
Leave debian11 special cases as-is.
Type: fix
Change-Id: I481eb32cd1a0860935482e9f930ced409da653c9
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 9987d470a6a502dd64266204cb006f30d7245cdd)
IPFIX buffers are stored on a per worker thread basis. Currently, the
flush callbacks will flush only buffers stored for the main thread. And
buffers for worker threads will not be sent until their size reach the
path MTU configured for the exporter. So if traffic is constant, the
problem will unlikely to be visible. Buffers will be sent once they
reach the maximum size. However, if traffic stops at some point and
flush is triggered in order to make the plugin send all currently
buffered data, this will not happen. And collectors will not receive
that data. The plugin will keep the remaining data until traffic starts
again, the buffers reach the maximum size, and be sent.
With this fix, flush buffers for worker threads and for the main thread
when the flush callbacks are triggered.
This will allow to remove @tag_fixme_vpp_workers from the unit tests
that don't set timers. The tests that set timers will still be failing
for other multi-worker related problems.
Type: fix
Change-Id: I9a7d9cef8ddbec7ee68c79309e48e7bc0953d488
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
(cherry picked from commit 4c7305f124cfa9c649ec6c9231eaf608fe336f1b)
In esp_encrypt_inline(), if two or more consecutive packets are
associated with the same SA which has no crypto or integrity algorithms
set, only the first one gets dropped. Subsequent packets either get sent
(synchronous crypto) or cause a segv (asynchronous crypto).
The current SA's index and pool entry are cached before it can be
determined whether the packet should be dropped due to no algorithms
being set. The check for no algorithms is only performed when the cached
SA index is different than the SA index for the current packet. So
packets after the first one associated with the "none" alg SA aren't
handled properly.
This was broken by my previous commit ("ipsec: keep esp encrypt pointer
and index synced") which fixed a segv that occurred under a different
set of circumstances.
Check whether each packet should be dropped instead of only checking
when a new SA is encountered.
Update unit tests:
- Add a test for no algs on tunnel interface which enables
asynchronous crypto.
- Send more than one packet in the tests for no algs.
Type: fix
Fixes: dac9e566cd16fc375fff14280b37cb5135584fc6
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I69e951f22044051eb8557da187cb58f5535b54bf
(cherry picked from commit ff71939c30ae81241808da1843e82cf2dfa92344)
Added vl_api_lcp_itf_pair_add_del_v3_t_handler method, it can return
vif_index in reply. Also added vl_api_lcp_itf_pair_get_v2_t_handler
methods, this method is able to dump only one lcp pair or dump all
lcp pairs via stream_msg.
Type: improvement
Change-Id: I1d25344ee57f8fac8b857bb3a9a03116230b4d2c
Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
(cherry picked from commit 83ad79d69a09f504ba6ce3325fc165648eb55daa)
Type: improvement
The vnet buffer metadata for full IP reassembly and shallow virtual
reassembly overlaps. If you have full reassembly and virtual reassembly
enabled on the same interface and virtual reassembly happens to process
packets first, full reassembly will stomp on the metadata populated by
virtual reassembly.
Virtual reassembly gets enabled implicitly when NAT feature nodes
are enabled. Those NAT feature nodes rely on the virtual reassembly
metadata being populated correctly in order to find L4 proto & ports.
When NAT and IP full reassembly are both enabled on an interface, NAT
can drop fragmented packets because the virtual reassembly metadata
can be overwritten by full reassembly.
Ensure that full reassembly runs before virtual reassembly. Add a
runs_before dependency to ensure that ip4-full-reassembly-feature
runs before ip4-sv-reassembly-feature.
There was a duplicate VNET_FEATURE_INIT() for
ip4-full-reassembly-feature. It seems to have been intended for enabling
ip4-full-reassembly-custom as a feature node, but its contents are
identical to the earlier VNET_FEATURE_INIT() for
ip4-full-reassembly-feature. Removed the duplicate.
Change-Id: Ie600b854d4ceb90a7cb736810140d410b8f72447
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 205ed8f8845a8ea36f38ed29df158a5a07c2e2c3)
Make sure ctx is initialized before ho is marked as done.
Type: fix
Change-Id: If0525a9890a56e289e2ab006c669a9d64dc6505d
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 0ded4890beaa3aa1f36c61ff6125d19582b25391)
The improvement was removed in 40129,
causing 5-40% regressions in AVF tests.
There is a memory-speed trade-off,
this change prefers speed over memory efficiency.
Ideally, the choice should be configurable,
but that is not easy to achieve, considering
how early is vlib_buffer_main_init called.
Type: fix
Fixes: 038dad7ef29b0b724071edb5f8cc7a9845584454
Change-Id: I4746f3634abe6d233c9d092a372de05b3d1ae4b6
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
(cherry picked from commit 04fd51c03c428859bae949a8294ee0f9c062a44b)
Argument to vcl_epoll_ctl_add_unhandled_event is often the result of an
and between events and EPOLLET which is larger than u8
Type: fix
Change-Id: I8c98f557fa1db9f3eb79c90ecdd60ac9366d4d40
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit e81f27ffb2a698737eae607b111d0611d221222f)
Handle non-even n_elts for the larger array instead of reading past
the source buffer.
Type: fix
Fixes: f62ed3f9c1ec3e8db36f63d6a54f46b7bea43723
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: Ic1708a3f33fe71ca752345b5c77b6ae7a2d42bcd
77caeb1b193404e76beb27a1aa81321e8eb1cf1f has changed the behavior
in an incompatible way, breaking users (including CSIT).
The new behavior is more pythonic,
but the old behavior has to be supported
at least one release after publicly deprecating it.
Type: fix
Change-Id: I9dfdd2229065010216e49db80b14b856c545965c
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
Avoid situations when notifications are delayed for long enough for
transports to start closing/cleaning up.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id35b0099adb5242108154a5e19d5ee15e6ca0058
VPP requires GNU Make to build, on GNU systems (such as Debian), GNU
Make is installed as 'make', typically with a symlink from 'gmake'.
On other systems (such as FreeBSD), 'make' is a BSD Make derriviative
and GNU Make is installed a 'gmake'.
Use $(MAKE) variable for make calls from within Makefiles. This
variable is set to the path of the calling make program, i.e.,
/usr/local/bin/gmake on a bsd system.
This is the recommended way to call make from Makefiles in the GNU Make
documentation.
Type: improvement
Change-Id: Id9162a34a0f8358f22090718087918dae31c0fce
Signed-off-by: Tom Jones <thj@freebsd.org>
When unsetting VPP_PLATFORM in cmake, it unmasks the cached value
instead, misleading the platform selection logic in src/cmake/cpu.cmake
Type: fix
Fixes: 01fe7ab88e
Change-Id: I676cd0af9ba28150f8ac07724c03df8ef24b640f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Also re-enable external echo QUIC test.
Type: test
Change-Id: I3973409c31fd7c42b97ac3ceae1a5cbad6f1b2b6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Correctly wrap data indices in test_bihash.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: I740fa1cf9f8c382c12f01f607095c5995be6845f
Introduce a dump api for LLDP plugin
Type: improvement
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: If67dedd329cced59227187284646d147ef6ef92c
Don't access free'd memory in vec_prepend.
Don't allow prepend when v1 == v2 as it also causes a use-after-free.
Found via ASAN.
Type: fix
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: I21f8422c007d07d40d237e873b84c042be1fe8e8
Type: make
memif.h file is independent code which can be used outside of
VPP. Hence it uses its own cacheline size MACRO. This patch
sets the value of MEMIF_CACHELINE_SIZE in the cmake file for
memif plugin to VPP_CACHE_LINE_SIZE.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I8185e78897f4571f1a0430dd7e758816e127444c
VPP requires bash for all shell scripts. Align shebang lines in build
and test scripts to look up the location of bash rather than hard coding
'/bin/bash'.
Look up the location of bash for makefiles.
Type: improvement
Change-Id: I23b705d81d60389fa8af61c680cf0abd74f0ea24
Signed-off-by: Tom Jones <thj@freebsd.org>
Fixes compilation error with GCC 14
'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument
Type: fix
Change-Id: Ie328ecc711976547df2cffe17325b786bc7a8849
Signed-off-by: nucleo <alekcejk@googlemail.com>
When sanity test is not done, API files are not loaded until the
first test case is run. Hence, it is not possible to use enums, etc.
outside of a test class.
By preloading API files before running any tests, it prevents its
issue.
Type: fix
Change-Id: I8730150374e6c5f8d6933ec037811372ac2a8da0
Signed-off-by: Maxime Peim <mpeim@cisco.com>
curl sometimes uses 2 different source ports during the test.
Type: test
Change-Id: Ib27e9d22a9cc951f4729f4bd0ae99d80bf8d938b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Setting g+w permission for unix sockets didn't work. There were
two problems:
1. new flag local_only wasn't set for all AF_UNIX sockets;
2. fchmod is not a good choice for sockets.
fchmod was replaced with couple of umasks, and local_only with
socket type check.
Type: fix
Fixes: 085757bb4930511928daa97f972cdca021e7a813
Change-Id: I8dc0fceb110a36bfa234f552bbdf182e09e55e27
Signed-off-by: Georgy Borodin <bor1-go@yandex-team.ru>
Normally af_packet sets next0 = next_index on each cycle. It works for the most cases.
But if vlib_validate_buffer_enqueue_x1() changes the next_index (from NEXT_ETHERNET to NEXT_DROP for example)
then the following next0 will have the wrong value, and the correct packet will be dropped.
AF_PACKET_IF_MODE_IP handles this case, but AF_PACKET_IF_MODE_ETHERNET doesn't.
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ic742043e8b10a2abe56b314bb584277151a9c5eb
vapi generators were missing from the VPP_HOST_TOOLS_ONLY, which
prevents building an out-of-tree plugin with API files. We now
install them.
Type: improvement
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Change-Id: Ie613c8f64034e933124325242f2f8b3ac3955878
checkstyle.sh assumes clang-format-11 but allows it to be overridden.
Debian12 ships with a minimal version of clang-14, so set the correct
version for checkstyle.
Before:
$ make checkstyle
extras/scripts/checkstyle.sh: line 41: --version: command not found
make: *** [Makefile:720: checkstyle] Error 127
After:
$ make checkstyle
Debian clang-format version 14.0.6
*******************************************************************
* CHECKSTYLE SUCCESSFULLY COMPLETED
*******************************************************************
Type: make
Fixes: 712fc0308981c61444e593d6bcc2ad62102c726d
Change-Id: I0c58456477011397115810dab825865b5850d10d
Signed-off-by: pim@ipng.nl
* Refactor the existing prometheus exporter to function print_metric_v1()
* Add a 'v2' flag which instead uses metric names with labels, example:
nodes_clocks{node="ip4-lookup",index="0",thread="4"} 30198798628761
nodes_vectors{node="ip4-lookup",index="0",thread="4"} 298176625181
nodes_calls{node="ip4-lookup",index="0",thread="4"} 119789874274
nodes_suspends{node="ip4-lookup",index="0",thread="4"} 0
interfaces_rx_packets{interface="tap0",index="0",thread="1"} 79582338270
interfaces_rx_bytes{interface="tap0",index="0",thread="1"} 16265349667188
* For stat names that we don't know, print their v1 equivalent, which
keeps backwards compatibility.
Details in https://ipng.ch/s/articles/2023/04/09/vpp-stats.html
Type: improvement
Signed-off-by: pim@ipng.nl
Change-Id: I53ed3ede8cc7853eb46c354834d89eb788ece3b1
Type: improvement
This patch implements support to check the host interface offload
capabilities.
NOTE: this check is only done once when interface is being created.
Any changes to the cap of host interface after that will not reflect
changes to af_packet interface in VPP.
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ibc9953131f64f3fb3e601d34036b9f453913692a
Add clang-14 and libffi8 which ship with Debian Bookworm. The project
compiles cleanly with these versions.
Type: make
Change-Id: I17350aae30cec72987792d54d88231b3221b56b9
Signed-off-by: pim@ipng.nl
