7754 Commits

Author SHA1 Message Date
Steven Luong
df76172d8a unittest: Skip string test case for sizeof (src) > sizeof (dst)
coverity complains that the subject test may cause dst buffer overrun
problem and it is right. The problem is when __builtin_constant_p (n)
returns true, memcpy_s_inline skips all the errors checking and does the
copy blindly. Please see the code in memcpy_s_inline.

The fix is to skip the subject test when the aformentioned builtin function
returns true.

Type: fix

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I50de91cc0c853a134b3bcf3b0cd8d45d7668b092
(cherry picked from commit 2da39718f560478678caacccd198ee4c0c9673c3)
2020-08-13 08:12:25 +00:00
Filip Tehlar
f17be8ae96 crypto-openssl: fix coverity warnings
Type: fix

Change-Id: Ia42ff39a0a33f89901b8333a9e6ca82ca9805cc6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
(cherry picked from commit 41e831f5588fe5ebfd879f4e570e85e12770b360)
2020-08-12 23:37:19 +00:00
Simon Zhang
2d4628633a tcp: remove useless prediction
Type: fix

Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ie2dc2653baec92347eb2cbcd197a2e5ec6a80c79
(cherry picked from commit 487507f40f4e443ff1e683641206db80875f3477)
2020-08-12 23:33:50 +00:00
Neale Ranns
ea9d86e749 gbp: Coverity warnings for unitialized variables
Type: fix

Change-Id: If74ad528e68f45b00719295388e0e1399452ef93
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit e9a630a5248ee6e234c1bf1fdb2c29fc6239f60d)
2020-08-12 23:32:24 +00:00
Neale Ranns
d243b03eef fib: Uninitialised pad in the prefix (coverity warning)
Type: fix

Change-Id: Ia61d6fbf6e80977f83f1f6672e5e83b52ddeb0e5
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit ea96e92361b483962fd2a6b027cedc02f3bb6f93)
2020-08-12 23:27:46 +00:00
Neale Ranns
b96c1c4569 ipip: Unintialized return variable (coverity warning)
Type: fix

Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit d057625d499525625d60d2207665eaeb755e380e)
2020-08-12 23:23:28 +00:00
Neale Ranns
08653d9d6c ip: Unintialized variables in prefx setup (coverity warning)
Type: fix

Change-Id: I048c9ed423ca2993d2179cdce364ac98980311bb
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 39a233a0aa21c644c78ddd4ffa0ab3cdb1c10318)
2020-08-12 23:18:24 +00:00
Florin Coras
ee0c564c31 tcp: fix coverity warning in bt
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4153a9a377b8b1da1366a94ff791ad99617b7a6d
(cherry picked from commit 62a7fe28933b6310b9a4e3a0fab99949587576ac)
2020-08-12 23:15:37 +00:00
Florin Coras
f1f51770f3 lisp: fix coverity warnings
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie060b25b5e8c85d9b2037e300723a2b6023c65d1
(cherry picked from commit 6ce954f8e4446472689146024126ba42da182aa9)
2020-08-12 23:14:21 +00:00
Neale Ranns
e1341468e6 fib: adjacency midchain teardown (VPP-1841)
Type: fix

Change-Id: I57f8bfbce4feed9d2775875cb8b1b729a47900a4
Signed-off-by: Neale Ranns <nranns@cisco.com>
(cherry picked from commit 24064d02aa9810ebc64c16dc778a179bb0ef5483)
(cherry picked from commit 3ebebc3a2fe47f1222ba035e04ccd8caed0cf58f)
2020-08-12 23:11:03 +00:00
Alexander Chernavin
caa082a106 map: honor pre-resolve param in map-t
With this commit, forward the translated packet directly to the
specified next-hop if pre-resolve param is enabled in MAP-T.

Type: fix

Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
(cherry picked from commit f145c15631ba62e798395499f83a2f8a91ae83c7)
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-08-12 23:01:47 +00:00
Dave Barach
18d2d6bd4a misc: fix coverity warnings
Add an ALWAYS_ASSERT (...) macro, to (a) shut up coverity, and (b)
check the indicated condition in production images.

As in:
 p = hash_get(...);
 ALWAYS_ASSERT(p) /* was ASSERT(p) */
 elt = pool_elt_at_index(pool, p[0]);

This may not be the best way to handle a specific case, but failure to
check return values at all followed by e.g. a pointer dereference
isn't ok.

Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia97c641cefcfb7ea7d77ea5a55ed4afea0345acb
(cherry picked from commit 47d41ad62c5d6008e72d2e9c137cf8f49ca86353)
2020-08-12 15:59:46 +00:00
Yu Ping
84918d2554 tls: remove session lookup operation in TLS
Type: fix

Change-Id: I50329bda365d98f9f9d56a58187fb4fb2a4eb461
Signed-off-by: Yu Ping <ping.yu@intel.com>
(cherry picked from commit 985d9293a08dc3da016fbeeaa3f8fff10e1b504e)
2020-08-12 15:59:46 +00:00
Florin Coras
e0208837b5 vcl: fix ldp read on closing session
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I60be191866d20721951ad22f571a2a3275511e12
(cherry picked from commit 067f9544d52c95c0b60b0e8425fce1e295120180)
2020-08-12 15:59:46 +00:00
Chenmin Sun
0bd543b2a9 dpdk: fix flow(with mark action) deletion crash issue
Type: fix

this patch fixes mark flow deletion crash issue, see below

test flow add src-ip any proto udp src-port 111 dst-port 222 mark 100
test flow enable index 0 1/1
test flow disable index 0 1/1
test flow enable index 0 1/1
test flow disable index 0 1/1 -> [crash]

This is because the code resets a wrong vector in flow lookup entry
recycle logic. See function dpdk_flow_ops_fn().

Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I2b0a1e531931ab25541d672d88da18dc2289f1ce
(cherry picked from commit cd120f9bbb2101dfd7eca11d1a28e06ac5ace479)
2020-08-12 15:59:46 +00:00
Dave Barach
d904f803bd nsim: fix quad-loop packet trace
Type: fix

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I756170bd799d1f482186cbb4b5dff9373ae6e08f
(cherry picked from commit 3be33f17ecd14a12738a44f9c0e09cb3778b1345)
2020-08-12 15:59:46 +00:00
Florin Coras
1189a77578 vcl: clear accept msg flags
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idb513232e7b091c8f767726bfa1deb10a7e3b751
(cherry picked from commit e88845e4fea2c6b6743ff7790cc2247631d65189)
2020-08-12 15:59:46 +00:00
Benoît Ganne
af0bf322d7 api: do not truncate api dump file size
Type: fix

Change-Id: I5c81d2f55057f5fba780cb12154a3fb1aef79f20
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit aba4983ad48374a50cd93ba91f66be241f210279)
2020-08-12 15:59:46 +00:00
Florin Coras
e700b5e431 session: avoid scanning new io list under load
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idaa7cc26ad941be86daec4ed5920727237712f4a
(cherry picked from commit 16d974ec59776f0103ad62d0d04dc57989eef7ed)
2020-08-12 15:59:46 +00:00
Klement Sekera
5733ea661a vppinfra: remove unused variable from timing wheel
Type: fix

Change-Id: I77b03efcac04cc46550d03657464ab8de5d7da78
Signed-off-by: Klement Sekera <ksekera@cisco.com>
(cherry picked from commit 90d28846f963a86d760b4a6b83aed62b862f1c61)
2020-08-12 15:59:46 +00:00
Florin Coras
0c342eb6ee ip: fix ip-local errors
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie8bc5c9a03e858487cf565b4e9b520e6b496337a
(cherry picked from commit fa2a316663e622a2feeecf8ad7d32b242370a70a)
2020-08-12 15:59:46 +00:00
Jon Loeliger
954c0bb0cf vlib: Skip core 0 if workers are configured.
According to the description in the startup.conf, the assignment
of worker threads starts with the lcore following the main_lcore.
A non-zero skip_cores will correctly achieve this assignment.
However, prior to this patch when workers are assigned, the code
picks up and assigns core 0 even thought it shouldn't.
This patch determins if a non-zero number of workers are desired
and if so, marks CPU unavailable for a worker assignment.

Type: fix

Change-Id: I1fdf73a6f218dcbf146fda2efc90c553f7cd6d20
Signed-off-by: Jon Loeliger <jdl@netgate.com>
(cherry picked from commit 4a06846dd668d7f687e6770215c38e8feb5f1740)
2020-08-12 15:59:46 +00:00
Florin Coras
fe7690230a tcp: fix input error counters
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I87940d02813b66616f1944e41b16c8cc16f5dac0
(cherry picked from commit deb6f784edbaddd2e60e0d6ac9927f17c4214ad2)
2020-08-12 15:59:46 +00:00
Damjan Marion
062357dc6e ipsec: fix AES-GCM block size
Type: fix

Change-Id: I0c9640dab2c0eaba369bc8f3ff7ae56d8e97e170
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit f1ecb6555326f8a7d5bba6f56aa676f064675dc0)
2020-08-12 15:59:46 +00:00
Matthew Smith
82c4eac772 ip6: fix l4 checksum with hop-by-hop header
L4 checksums for IPv6 should be calculated using a pseudo header that
includes the source/destination addresses, payload length, and payload
protocol.

ip6_tcp_udp_icmp_compute_checksum() was using the payload length and
protocol from the IPv6 header. If there is a hop-by-hop header (or any
other extension header), the payload length used for the pseudo header
should only include the upper layer header and payload and not the
extension header bytes. Same deal with the protocol, the upper layer
next header value should be used instead of the extension header.

Type: fix
Fixes: cb9cadad57

Change-Id: Ifa2c9ad41c0fc4eea674f0671255b637c8e01f71
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 97677a26f7c857e7ee0acbdb2c13eef214aa70a8)
2020-08-12 15:59:46 +00:00
Benoît Ganne
9a91d62793 fib: fix non-NULL terminated vectors in cli output
Type: fix

Change-Id: Idbb3f29b13a5c84a8585c4299e51fdfc35f7e1ad
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 84382ae45c2cf694ef7faf4a87d60c1546869301)
2020-08-12 15:59:46 +00:00
Benoît Ganne
caeb90e9ce svm: use default SVM address in fifo unit tests
Using random addresses can confuse AddressSanitizer

Type: fix

Change-Id: I44368093f899672ac4d511cc5a01ed87c988e63a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit dc90c719bca27856101f758939dcfb0b67124775)
2020-08-12 15:59:46 +00:00
Florin Coras
cfae0f882e vcl: fix session closing error
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I94f1365569e98d43486d9528faafc6d7c3ad88f7
(cherry picked from commit 190dc1f6782eba4c49511636570eef678d1bac16)
2020-08-12 15:59:46 +00:00
Vladimir Isaev
779ca383b9 stats: fix state counter removal
Avoid using vec_del1() for directory vector to keep indexes valid all
the time.

There are state counters for each slave in LACP bond mode which can be
dynamically created and removed. Vector index is used to access these
counters. But also vec_del1() is used to remove counter from vector.
This function changes the index of the last element, so after this we
are unable to access ex-last element using old index.

As a result it is not possible to add-del-add two interfaces to the LACP
bond:

DBGvpp# create bond mode lacp
BondEthernet0
DBGvpp# create packet-generator interface pg1
DBGvpp# create packet-generator interface pg2
DBGvpp# bond add BondEthernet0 pg1
DBGvpp# bond add BondEthernet0 pg2
DBGvpp# bond del pg1
DBGvpp# bond del pg2
DBGvpp# bond add BondEthernet0 pg1
DBGvpp# bond add BondEthernet0 pg2
bond add: /if/lacp/1/3/partner-state is already register

Type: fix

Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I2c86e13905eefdef6233369cd4ab5c1b53d123bd
(cherry picked from commit 72e31bc2d9b910147c09e1c329713fccc873a018)
2020-08-12 15:59:46 +00:00
Matthew Smith
fd48e5542a dpdk: patch ixgbe driver to solve race condition
Type: fix

Some fiber ports that are managed by the ixgbe PMD have the
possibility to get into a state where link can never be brought up.

This patch should fix it and will be submitted to upstream DPDK.

Change-Id: Ia4d0df2e70d098b2151e513b96e8bd742151e8ce
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
(cherry picked from commit 0860b2e19365c092f10dd1ce639caaded0e87ded)
2020-08-12 15:59:46 +00:00
Steven Luong
80fab46b81 virtio: vhost gso is broken in some topology
Recent modification added a call to vnet_gso_header_offset_parser in the
beginning of vhost_user_handle_tx_offload. The former routine may set tcp or
udp->checksum to 0. While it is appropriate to set it to 0 for the GSO packet,
it is broken and causes checksum error if the aformentiooned routine is called
by a non-GSO packet. The fix is to not call vhost_user_handle_tx_offload
if the buffer does not indicate checksum offload is needed.

Type: fix

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I6e699d7a40b7887ff149cd8f77e8f0fa9374ef19
(cherry picked from commit 564e1672917e205d7ae79525bb937df18f8d764b)
2020-08-12 15:59:46 +00:00
Jon Loeliger
b953621405 map: Prevent IPv4 prefix spoofing during IPv6 -> IPv4
Prevent malicious packets with spoofed embedded IPv4 addresses
by limiting the IPv6 ingress packets to known MAP-T domains.
Drop spoofed packets.

Add several tests that ensure spoofing isn't allowed.

Type: fix
Fixes: fc7344f9be

Change-Id: I80a5dd10d5fe7492e3a1b04de389d649a78065e2
Signed-off-by: Jon Loeliger <jdl@netgate.com>
(cherry picked from commit 65866f03d96bd41b99b1c823ea6f38cd77fac58c)
2020-08-12 15:59:46 +00:00
Florin Coras
18b3c002bf session tcp: fix packet tracing
Type: fix

Change-Id: Ib823d016c64998779fb1d00b8aad3acb5e8340be
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 30928f87a3c9d98e288d1364d50c032e052e69ab)
2020-08-12 15:59:46 +00:00
Ignas Bacius
06c104f4e3 sr: fix possible null-pointer dereference
Steps to reproduce VPP crash:
1. configure localsid End behavior
2. ping the localsid address

Type: fix

Signed-off-by: Ignas Bacius <ignas@noia.network>
Change-Id: Id780e0875ec9cdb25252217990919fb3dddbf06a
(cherry picked from commit bd5c49a1615e36260a86184d087b5b47a5e747be)
2020-08-12 15:59:46 +00:00
Dave Barach
5c3aab4212 classify: pcap / packet trace debug CLI bugs
"classify filter trace ... " and "classify filter pcap ..." are
mutually exclusive.

vnet_pcap_dispatch_trace_configure needs to check for
set->table_indices == NULL.

Type: fix
Ticket: VPP-1827

Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I43733364087ffb0a43de92e450955033431d559d
(cherry picked from commit 196fce2b62c0d215722dd233aa8bf70a43aa0a66)
2020-08-12 15:59:46 +00:00
Steven Luong
b29ebcad59 interface: Add missing ip4 udp->checksum = 0 prior to computing checksum
For ip4 tcp, ip6 tcp, and ip6 udp packet, we set checksum = 0 prior to
computing the checksum. We missed ip4 udp case. This oversight requires all
clients to set udp->checksum = 0 if ip4 udp checksum offload is needed.

Type: fix

Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: Ic608811e82099f3bec469e123671e9b281f38d76
(cherry picked from commit 03328ec8bb86b93fa70bb6b2a9b37c40e686a1f7)
2020-08-12 15:59:46 +00:00
Benoît Ganne
7e8cd07b1f map: api: fix tag overflow and leak
The 'tag' parameter is expected to be a NULL-terminated C-string in
callees:
 - make sure it is null-terminated in both API and CLI cases
 - do not allocate & copy the string into a non-NULL-terminated vector
   in API case
 - fix leak in CLI case

Type: fix

Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600
Signed-off-by: Benoît Ganne <bganne@cisco.com>
(cherry picked from commit 3b37125bdb0251181f90a429a4532b339711cf89)
2020-08-12 15:59:46 +00:00
Florin Coras
4e422269f8 session: fix node runtime in pre-input queue handler
Call session queue node with the right node runtime instead of the
pre-input node runtime.

Type: fix

Change-Id: I43d20bed4930fc877b187ce7ecdce62034b393c5
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit 2d8829cbb5f3d214fbc09bf4258573659e0c5e60)
2020-08-12 15:59:46 +00:00
Florin Coras
c366be8647 vcl: always report EPOLLHUP/EPOLLRDHUP on close
Type: fix

Change-Id: I3d24a7973c7113ffeb9109e89cda7fa960e73a5b
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit ddb90a063cb3fa797257d8a632cba8cf2a01a455)
2020-08-12 15:59:46 +00:00
Dave Wallace
496eba6bfe nsim: enable output scheduling on main thread
Type: fix

Change-Id: I5d47cb9bc7eb7f3c8485e3b42f0701e81d87ba2a
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
(cherry picked from commit c0c4eec3bc309bcc656eade82f17754875f9ed7c)
2020-08-12 15:59:46 +00:00
Florin Coras
eee684dd8b classify: fix pcap filter set init
Type: fix

Change-Id: I6a48a6c14bfb84b3460e8211021bc9df6e915dba
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit cd681adab40f49d1305144b6bbbd5118e63a2805)
2020-08-12 15:59:46 +00:00
Yulong Pei
3311a17e40 lb: fix that lb_add_del_vip and lb_add_del_as api doesn't work correctly
Currently if user want to set ip4 address to the api, it must convert to ip6
format, e.g. user want to ip4 "90.1.2.1" but must convert to "::5A01:0201",
it is not acceptable, this fix solved the issue.

Ticket: FDIO-753
Type: fix

Change-Id: I2ffa5a3d38400ee176cf601421074f71fc395f03
Signed-off-by: Yulong Pei <yulong.pei@intel.com>
(cherry picked from commit db43bb6af78c33e47d29889b047cced4b11fe4d7)
2020-08-12 15:59:46 +00:00
Ahmed Abdelsalam
4362672562 sr: some fixes for SRv6 CLI/API
Return FIB table_id instead of vrf_index to clients

Type: fix
Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com>
Change-Id: I76a97bad3ecd3ac8eb045efb1657eaa90c2a57b6
(cherry picked from commit 13e6fce7c5b3a16a6af0b27fc259ef3f65d8c861)
2020-08-12 15:59:46 +00:00
Florin Coras
4d5da6c5ed tcp: fix rxt delivered without sacks
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I69c245cb0e3f6d599a3270a485fa0a5845cde8eb
(cherry picked from commit 56cef059ef44434efe26d523caec1bb0af9c1d3b)
2020-08-12 15:59:46 +00:00
Florin Coras
0347bf689b vcl: add rx event on epoll ctl if needed
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ib6d0387076a4bb0b52e4cdfdcd62b6060b704fe6
(cherry picked from commit 6e3c1f8ec3faa8f0cad591fada32ad2f506ec0a0)
2020-08-12 15:59:46 +00:00
Florin Coras
72c354dcd5 udp: fix ipv6 listen port registration
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I7f2233eb9bf3d81a697f76ba985083cf1040e2e9
(cherry picked from commit ff2fad1701d8274d602cc46f3f2323154d96dc9f)
2020-08-12 15:59:46 +00:00
Vijayabhaskar Katamreddy
5d3e47cdd8 vppinfra: fixing compilation issues in 32-bit
Fixing compilation issuues for 32-bit also setting init flag for shm based bihash

Type: fix
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
Change-Id: Ic2072c5ba7fc77d061ca9f1b844a71f6e22e58b2
(cherry picked from commit f0bae64f6fd4c410c19f6ece688443f389932688)
2020-08-12 15:59:46 +00:00
Chris Luke
5aedb02760 build: Add missing version.h dependency in vnet
Two modules in vnet include vpp/app/version.h but there is
no explicit build dependency for this generated file. This
leaves a race condition in the build system that the Coverity
build has recently started triggering.

Change-Id: I8e2bb32feeb16e1bdd8efb0d2633cfdba60f51aa
Type: fix
Signed-off-by: Chris Luke <chrisy@flirble.org>
(cherry picked from commit c171d01cdb5183c8bf640951e94af6b1fd5e3efc)
2020-08-12 15:59:46 +00:00
Simon Zhang
4fbd85cd89 tcp: fix tcp check tx offload issue
Type: fix

Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I3b8755831d762abf51e1cbe1b57024f9297de9a4
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
(cherry picked from commit 79bfb9e09c7bf2072d34b2ed6159ba11815dab3a)
2020-08-12 15:59:46 +00:00
Yu Ping
dfa1eeb158 tls: enable async node on demand
Type: fix

Change-Id: Iab7c65614c94497e8ec5a96624be72c1a139e486
Signed-off-by: Yu Ping <ping.yu@intel.com>
(cherry picked from commit d63b356bdf29fbb80f810d341dcaf8f5f92121c1)
2020-08-12 15:59:46 +00:00