IPsec writes trailing data at the end of the buffer without checking
if there is enough space. If the packet length equals buffer size this
leads to rewiting of the next buffer header in the pool.
Type: fix
Change-Id: Iceb27bb724c7243863a4b532aad0808051b7d74c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Type: refactor
Use pending tx buffer vector to postpone dispatching of all buffers,
i.e., either generated as a result of tx events or custom tx event.
Change-Id: Ic5894c4653c338cfb04555d20857f954b245ee83
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 8a754f1a55fb16a4d42efd5c606e5a07b4afffe9)
Type: fix
all other uses of the fib_entry_get_preifx in the code base don't pass
the prefix into recursive functions.
Change-Id: Ic1c56acd406a733b215ee2fd98b6bed58b490a4f
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 320dfcf2aa8f4617b51a2bb15f3d0f93ee62d4dc)
Set vm->check_frame_queues after actually enqueuing a frame. Under
obscure circumstances, the code managed to set check_frame_queues so
far in advance that 100 dispatch cycles could elapse before the frame
enqueue succeeded. That resulted in permanent lack of queue service.
Type: fix
Ticket: VPP-1734
Fixes: 18191
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: If2d398202b4ba2b96581d25e8142daef3f74c9e5
(cherry picked from commit 320998a8126766c0db92d9c7652f765f9565a7b5)
When creating rdma interface without specifying a name, we need to
generate one instead of NULL.
Type: fix
Change-Id: If41870691dec47e8e673d48ac4b4ddffd2385a03
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit a50892e1504401e243076f08d9077675eb0b030e)
- Fix AAD initialization. With use-esn the aad data consists of the SPI
and the 64-bit sequence number in big-endian order. Fix the u32 swapped
code.
- Remove salt-reinitialization. The GCM code seems inspired by the GCM
RFCs recommendations on IKE keydata and how to produce a salt
value (create an extra 4 octets of keying material). This is not IKE
code though and the SA already holds the configured salt value which
this code is blowing away. Use the configured value instead.
Type: fix
Change-Id: I5e75518aa7c1d91037bb24b2a40fe4fc90bdfdb0
Signed-off-by: Christian Hopps <chopps@labn.net>
(cherry picked from commit d58419f19b33560d224471bc16674a525427308e)
Type: fix
crypto perf test crashes for key size different than 16 bytes.
This patch fixes the issue
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Ic8a8ca83ca189c879815dc5d065b8c6f7826cd41
(cherry picked from commit bc2e640db7533394a3de7bdffd78fadf2a2ffd9f)
The 42693521f6046997133c8f63bcfc9d615d96f69d added the timeout
to the child process join + print the name of the offending
child process.
Upon testing the issue furher, appeared the offenders were
always the same - punt tests. The processes running them
were stuck trying to acquire lock, even if all
the user-accessible execution has finished. Some searching
revealed that one needs to tread carefully when dealing
with Thread and Multiprocessing at the same time.
punt tests used threads but did not call thread.join. Somehow
it worked in some cases but not the others. This fix makes
the threads exit cleanly - which also makes the timeouts
waiting for the process to join disappear.
Type: test
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I05d99bb48a9987544bbfe45118755c09d7867aa0
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
(cherry picked from commit 3f8c87132d63c14f1ba90d7db6cf2a2aba0f8cb9)
Log the random seed used when running tests and provide means to re-use
it in a later run.
Type: feature
Change-Id: I18d2a36ee802b901d4cca5577df41cec07f09cc0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 45a95dd782b91e9ae5665b5f95be4b6d7f99b879)
In parallel test, the single process is spawning
a bunch of child processes running the tests,
and communicates to them. When the child process
signals that it has finished, the parent calls
child.join(). Sometimes this join never returns.
The result is a lot of defunct python processes,
and the test run just hangs.
I have seen this failure intermittently a fair bit
in a busy containerized environment, and by chance,
consistently reproduced it on a Thinkpad X280
with 8G of RAM and Ubuntu 19.04, which allowed
to diagnose it.
Type: test
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: If0a3110fc2d23e73d77c310d61c3ea90a2b53610
(cherry picked from commit 42693521f6046997133c8f63bcfc9d615d96f69d)
Make sure packet is big enough before processing it.
Policy matching is done speculatively but is discarded if packet is too
short.
Type: fix
Change-Id: I647db2c4e568b0d9bf2cfd5056e1b1c2e25132fe
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit f7f49640bbb4339d71f8b713b04b8f401d5fc270)
- vlib_node_add_next_with_slot was not cleaning the old next node
references to the given slot when replacing it with new next node. This mostly
worked until one tried to set the slot to a previously (but not currently) used
next node for that slot.
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: I7ee607625da874e320158b80f12ddc16e377f8e9
(cherry picked from commit 2e8b0618b12d317f2a4632e69a0663dcd8dde472)
The number of paths on the mpls tunnel returned through the bapi is
always zero. Doing a ntohl on a uint32 and poking it into a uint8 causes the problem.
Type: fix
Signed-off-by: IJsbrand Wijnands <ice@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I4135ad43a891e7818ca673c8067ef1f11cb34530
(cherry picked from commit bf103d99e651f3b221361f6d964ae84870fd7a6b)
Type: feature
Improves fairness for sessions that are snd space or pacer constrained.
Change-Id: Ida5f523090f1dcbfb17bf5116bc7917747ac8593
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit dd97a48d9fac91c7f16a31aa661dd6c968c3b760)
When CLIB_DEBUG is enabled, vlib_foreach_main macro asserts that
vlib_main it currently looks at is safely parked in barrier, by
checkling that vlib_main->parked_at_barrier is not 0.
Unfortunately, the check is racy - workers first increment the
atomic counter to indicate that they have reached the barrier
and _then_ set this_main->parked_at_barrier to 1. For the last
worker to suspend this opens the race - main thread is free
to execute and assert immediately after atomic counter has been
incremented, before worker gets to write to own parked_at_barrier.
Fix this by simply swapping the order of two operations.
Type: fix
Signed-off-by: Alexnader Kabaev <kan@FreeBSD.org>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Iae47abd6ca0be1c5413f5ecaefabc64cd7eac2ed
(cherry picked from commit feda545105106d673fdca61028331c86eeb1f408)
Type: feature
Add infra that allows transpors to enqueue pending buffers without the
need to build and manage their own pending frames. An important benefit
is the fact that buffer wire/tx ordering is ensured by session layer.
Change-Id: I764fd1693d610b321a1d0c84b648a314f14583db
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 2a7ea2ee92d6dc4800ee21323d3324a9e8449dcf)
Dump the entire CLI, mp-safe commands, non-mp-safe commands, commands
which have been executed. Optionally, clear the hit counters.
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ie38fc664b7deaabc35ca35be68db7e159272f551
(cherry picked from commit a1f5a956e5b2cfeb591dcdfb34d23ebed84d0bca)
Type: fix
Avoid re-dispatching new events if they've just been added to the old
events linked list.
Change-Id: Ie5d0b799eae6cebb118d97204e5111eb194c0b8e
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 45b7973dddc9f1b50d7f20cc1abe150b2ad9931f)
Type: refactor
As a result, transport-deleted is the only session state that has no
transport data structure.
Change-Id: I2da2bc4bbb141d8a7b52faae66a4733de8f8513b
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 3b5e222f8a4d0ccd4ec4eace2551491f13de85d9)
When processing the last buffer of a reassembled packet, the current
buffer will be freed and must be reloaded using the updated index.
Type: fix
Change-Id: Ib39e29e60eb527b4cd4828a3aa37d82c8dddd709
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit cf7803d2e864fb71f14943a544ac309d3d0510cb)
Type: test
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I0264451632c1ce780b38a2c15a7e34350fc6d521
(cherry picked from commit 2456433df46ae99dfbcec6260d14e592b5823c83)
When VPP work with dpdk-plugin, linux_vfio_main_t->container_fd is always -1
since it never have chance to run open("/dev/vfio/vfio") to get the fd.
But this lead to a potential issue of VPP, that is, when start VPP without
uio-driver field setup in /etc/vpp/startup.conf, VPP will run to automatical
select uio driver in vlib_pci_bind_to_uio() and the function depend on
iommu_group value to decide to work on vfio or vfio-noiommu mode.
Since in vlib_pci_get_device_info() have the condition container_fd != -1,
so the iommu_group value will be always -1 at this scenario, this caused
that VPP mistake to run with vfio-noiommu driver on intel_iommu=on state.
Actually in order to get iommu_group and iommu_group/name value, no need to
depend on linux_vfio_main_t->container_fd value, so the fix remove the
condition lvm->container_fd != -1, then it can get the correct iommu_group
value.
Type: fix
Change-Id: I3f162fc4971b9a2b8717205f8f3b52e30c5e5b69
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
(cherry picked from commit 45495480c8165090722389b08075df06ccfcd7ef)
This reverts commit 80276a7101f23ddd7207983f48f85422daf2cb7f.
The commit in master was found to be wrong, was reverted, and replaced by 16572355c9069e2e8e4836dc6bd6a65feed2d390
This reverts the corresponding commit in stable/1908, to replace with the correct fix.
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Idc27c0d81edf2263e523088f7ee7b66655db20f1
Support create/delete interface with marvell PP2 API
Type: feature
Signed-off-by: Jianlin Lv <Jianlin.Lv@arm.com>
Change-Id: I2a81024e0fcf2f389d39a5498167a752f8f807e5
Type: fix
Fix tso did not properly check the 'enable-tcp-udp-checksum' option issue
Add description of 'tso' and 'enable-tcp-udp-checksum' in startup.conf
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Id659067a9fa9e1db6c3f8dc533a2e90351b86831
(cherry picked from commit 5bec5f7860dafcef6aefd50b74de15d08910c6f4)
Several nodes include buffers in their traces, but only the 1st. When
formatting the trace we must not try to iterate through all chained
buffers.
Default to display only the 1st buffer.
Type: fix
Change-Id: Ib3c668bbf4ab70ae68eba2ac402c7b7329825b70
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 4354317bf3592d81fcafd94e33b320c3e49f45d3)
