13060 Commits

Author SHA1 Message Date
Florin Coras
fe95c23795 session: ignore app rx ntf if transport closed
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id56a101a6350903b00f7c96705fb86039e70e12c
(cherry picked from commit a0b8c8fdf3fc555fc2ed7792d67bf3fb4fb99b9f)
2023-10-11 20:05:48 +00:00
Dave Wallace
015a6f7f17 vppinfra: fix coverity issue CID 323952
Type: fix
Fixes: 08600ccfa

Change-Id: I53ba0d96507b55ab7cd735073d6c4cf20a3cc948
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
(cherry picked from commit 05cc62dd504bbb0fb230fcf3786ed7f4d5be2364)
v23.10-rc2
2023-10-11 03:13:11 +00:00
Florin Coras
471dc6b1e3 session: maintain old state on premature close
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2ea821e0499a3874c4579f5480ea86f30ebe615f
(cherry picked from commit 84c9ee3d696ef5c1162530a30ba591b806a7e175)
2023-10-10 23:49:41 +00:00
Florin Coras
1ec3a70f66 session: propagate delayed rx evts after connect/accept
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4a2e8f864df7269ec5a3c4fd4d8785a67b687d58
(cherry picked from commit 431b489c5a4f60a82781ace60d07471d003787af)
2023-10-09 23:39:49 +00:00
Florin Coras
9003233377 tls: propagate reads to app irrespective of state
Session input node handles rx notifications even if session not fully
accepted/connected

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6560c45db8f8e0b7f0dc3bdd0939f13ca2f43f15
(cherry picked from commit aa7b88120ad83a29a05522bed4e5aa71524b8aba)
2023-10-09 21:46:16 +00:00
Florin Coras
3c06859f9f session: handle accept and connect errors
If builtin apps refuse connections, they should be cleaned up.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I95ef22902ac3fe873e15e250aa5f03031c2dc0c4
(cherry picked from commit 9ffec14a2202e1268c4a2f189c39a90986090a25)
2023-10-09 21:42:49 +00:00
Florin Coras
4ba523740f tls: no read after app close
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I34f8ee2e36d07e8e55e21561528fc6b73feb852f
(cherry picked from commit 3843d0dd03a3ebbdb5d13b54e1b871a8ea72498c)
2023-10-09 21:41:12 +00:00
Florin Coras
05919da49d tls: report error if connected cannot be initialized
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I987ac6b461b473836917bce6ce0d4ac109cc8ddb
(cherry picked from commit a3d55df1e91a7df4ad4c0e1b639ba12a1ed04c79)
2023-10-09 21:40:38 +00:00
Damjan Marion
b53daca83f vppinfra: fix string termination in clib_file_get_resolved_basename
Type: fix
Fixes: 40f4810
Change-Id: Idf51462c8154663de23154f17a894b7245c9fbf0
Signed-off-by: Damjan Marion <damarion@cisco.com>
(cherry picked from commit 08600ccfa12f529d6ca7b852106227fc5f7addbf)
2023-10-09 21:38:26 +00:00
Florin Coras
15d0c7a3fb tls: limit openssl engine max read burst
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic7a8fd37d79fc9c09c8b1539d630f3b8983b8bb3
(cherry picked from commit c1b038001e1f18effb3c9ff5daa9e9cac1cd66e8)
2023-10-09 21:37:55 +00:00
Florin Coras
f9af6b32ef tls: init connection for prealloced app sessions
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Icd62dc110e3a73b24372f3a5162f8008b7edee9f
(cherry picked from commit a127d3c157cb6e7658451a877abbfe0dd16c982a)
2023-10-09 21:37:24 +00:00
Florin Coras
ee2e502736 tls: ignore tx events for not fully established sessions
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I401a116a1a46c0dc5d591115de5ff0eef2f6440b
2023-10-09 21:36:45 +00:00
Florin Coras
e7295fd974 tls: fix formatting of half open connections
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If96dc748a716a261edfcb1020210bd73058e382f
2023-10-02 19:33:49 +00:00
Andrew Yourtchenko
14df6fc1ea misc: Initial changes for stable/2310 branch
Type: docs
Change-Id: I82d323c6e4585772e5c9a9f5b5bbb77b65c1da85
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
v23.10-rc1
2023-09-20 16:56:20 +02:00
Naveen Joy
df17a1f068 tests: remove unsupported qemu feature
pretty=on|off has been removed from qemu and its presence
causes VM boot up issues.

Type: fix

Change-Id: I4a9f15dba5015e81fbd32278b1c74b2606c32c8f
Signed-off-by: Naveen Joy <najoy@cisco.com>
2023-09-20 01:55:47 +00:00
Ole Troan
a05f93a9e5 npt66: ensure feature is not configured multiple times
If the control agent enabled a binding on an interface multiple times,
we would add the node in the feature arc multiple times.

Type: fix
Change-Id: I2ca247db0a0211f5fa3974a18ca4fcae8485cb12
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-19 14:16:28 +00:00
Florin Coras
ae036d3b7d vcl: unset fifo evt before size check
For blocking sessions, if fifo event still active before size check it
could lead to vpp not generating an event because of race to check flag
in vpp and to eventually unset flag in vcl.

Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0e350b9ff92a4e08a9249345ae224589c09d305b
2023-09-18 10:22:35 -07:00
Dave Wallace
604c627dc3 vapi: fix coverity warnings
- CID-322713, CID-322712, CID-314881, CID-314880,
  CID-314878 COPY_INSTEAD_OF_MOVE

Type: fix

Change-Id: Idad6806fcd4e1a89a750dcc0584b5b1f0432bf3c
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-16 07:50:17 +00:00
Andrew Yourtchenko
74cbed1497 misc: VPP 23.06 Release Notes
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Id39d7d6a6340e65885ab0845b6fc9a2b81e4f565
(cherry picked from commit 493b8990d1185f818890560101e13e1b69f54b1d)
2023-09-16 04:54:53 +00:00
Gabriel Oginski
052b023488 vpp-swan: fix configuration of policies
This patch fixes configuration of priority, port and type of protocol
for inbound and outbound policies in policy-based IPsec of this plugin.

Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I01ddc2e13ebbe87380e66a525aac1b615f619604
2023-09-15 11:19:16 +02:00
Vladislav Grishenko
5b3e04c74f nat: fix nat44_ed set_session_limit crash
Setting session limit should return error for unknown fib.
Optimize max_translations_per_fib expanding and drop unnecessary
trailing fib entry.

Type: fix
Change-Id: Ie7d2b363ade48f53598faa617a49cce7b2db6400
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-13 16:56:19 +00:00
Florin Coras
e8a1dbf8da quic: fix quic sessions state updates
Session state cannot be updated after async notification event is
generated for app. Instead, make sure quic sessions that accept new
streams are switched to listening state only on accept.

Type: fix
Fixes: 0242d30

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9663ccadbea99d555ad49e871f7dff897239dc84
2023-09-13 16:35:51 +00:00
Andrew Yourtchenko
238cf3bd49 sr: mark sr_policies_v2_details message as production
As per discussion on the VPP community call,
since the message is used in CSIT tests and did
not see the changes in a while, mark as production
for the purposes of change process.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I4a79aafb1a9f37ac87faea7abea28cf01d1ffb4c
2023-09-13 16:06:53 +00:00
Andrew Yourtchenko
b116bf8f37 adl: stabilize the API
As discussed on the VPP call, since CSIT tests use these messages
and they have not been changedfor quite a while, bump the version
so these messages are considered as "production" from the change
process standpoint.

Type: improvement
Change-Id: I93a04b10b273d5904c0678fa0b85d47f9f683a9b
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2023-09-13 16:06:29 +00:00
Andrew Yourtchenko
9c7e033488 flow: mark API as production
As per discussion on the VPP call - since the APIs are used
in CSIT tests, mark them as production from the change process
perspective.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: I9164073425384e8aa281445a2852fee49b777e2f
2023-09-13 16:05:55 +00:00
Andrew Yourtchenko
f29d9f0604 wireguard: stabilize the API
As per discussion on VPP call - since the APIs are used in CSIT tests,
and there has not been changes in a while, mark them as stable from
the API change process PoV.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Ia644e1dfcd9d182cc6f10089fc44397a61e8aaf6
2023-09-13 16:05:14 +00:00
Andrew Yourtchenko
a998f80cd9 crypto-sw-scheduler: stabilize the API
As per discussion on the VPP call: since the CSIT tests use these
APIs and the APIs have not changed in quite a while, stabilize the API
from the change process point of view.

Type: improvement
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Change-Id: Id81999d03cce37764f6ed7d4f77ef5a71fe41ad1
2023-09-13 16:04:47 +00:00
Dave Wallace
4cae8f9bee hsa: fix coverity issue CID-313635
Type: fix

Change-Id: Ieb50ab548bb34bdbb44d973037ee452d48f412ea
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 15:51:17 +00:00
Dave Wallace
7f9b690b06 api: fix vlibmemory coverity warning CID-300152
Type: fix

Change-Id: Icdebc8629946e0e7c8dde3e45ee93ff9027e7c68
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 15:50:15 +00:00
Damjan Marion
7bf8f5e484 vppinfra: add ARM Neoverse-N2 support
Type: improvement

Change-Id: Ief77ae7338667ede290aece6933bb5ae2e76ffc6
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13 15:02:43 +00:00
Damjan Marion
3d2f718e6f build: fix clang-16 build
Change-Id: I882bef6f45fd276587fb93944ff4e21dc57dbca2
Type: fix
Fixes: 1c82cd4
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-13 13:41:36 +00:00
Damjan Marion
aa9177c751 idpf: make plugin default disabled until issues are fixed
Type: improvement
Change-Id: I2daa8fc338289555649135e7f0898e139807fdce
Signed-off-by: Damjan Marion <damjan.marion@gmail.com>
2023-09-13 13:40:29 +00:00
Vratko Polak
c142cd115b docs: mention how to build VPP outside git
Type: docs

Change-Id: Iceee9ef489f7f68049882651bb338311295ca12d
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-13 13:37:22 +00:00
Benoît Ganne
e462e543b2 build: add vpp_plugins include directory
Type: fix

Change-Id: Iacb04846c634231854f26348cc17cc729d6e0d87
Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-09-13 12:21:14 +00:00
Dave Wallace
73f23a806d vppinfra: fix coverity warning CID-313632
Type: fix

Change-Id: Idc036d5967495cc2522b2a30e3acd3ec4c0cd3ff
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 12:19:40 +00:00
Vratko Polak
fee945940c vlib: deuglify the offset finding loop in pci.c
Type: style
Fixes: 054229ebbdeb3f87d96c1abf93b511c86cd6ff0f

Change-Id: I7c3080db94566af249e5082d59a4e6373c616888
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-13 12:17:53 +00:00
Tianyu Li
4585bb121b perfmon: fix perf_user_access_enabled type
perf_user_access_enabled is defined as u8,
clib_sysfs_read format type is %u, this is for unsigned int,
change type from u8 to u32.

Type: fix
Fixes: 268d7be66b8b ("perfmon: enable perfmon plugin for Arm")

Signed-off-by: Tianyu Li <tianyu.li@arm.com>
Change-Id: I48ec00605e496d185370e77d894d7852d6d22124
2023-09-13 12:15:53 +00:00
Artem Glazychev
986ca97311 vppinfra: fix setns typo
Type: fix

Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ib8eb70336956bc2e8d0454f3c1f2c62ec98cb009
2023-09-13 12:15:17 +00:00
Dave Wallace
63335e4898 pci: fix coverity issue CID-322372
Type: fix

Change-Id: Iaf16bb720d76ea3ae04afb8123b7cac15771ef2b
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-09-13 12:14:18 +00:00
Xiaoming Jiang
7a72658665 ipsec: improve fast path policy searching performance
Type: improvement
Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com>
Change-Id: Ib8bb300f5b62648f6b634046415742bdf5365982
2023-09-12 12:42:56 +00:00
Vratko Polak
139aba2047 crypto: allow changing dispatch mode
This change aims to affect crypto_sw_scheduler behavior,
but all the edits end up in vnet/crypto.

Previous release CSIT tests were testing async crypto in polling mode.
After 9a9604b09f15691d7c4ddf29afd99a31e7e31eed introduced adaptive mode
for crypto dispatch, the CSIT performance got way worse.

Possibly, there is another VPP bug related to adaptive mode
(it should not lose as many packets as seen in CSIT),
but the next release is too close for trying to fix that.

This change (instead of fixing adaptive mode)
allows CSIT to continue testing polling mode (after explicit API call),
while keeping the adaptive mode as default behavior.

The deprecated crypto_set_async_dispatch always disable adaptive mode,
crypto_set_async_dispatch_v2 has parameter to enable or disable it.
The mode parameter is still used for the inital state of adaptive mode.

Type: feature

Change-Id: Ib98080eefb4be291207af543884f2c3837f92f59
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-12 12:42:11 +00:00
Vratko Polak
ceb64add2a crypto-sw-scheduler: improve function indentation
The checkstyle --fix command remains confused
around the def/foreach/undef usage in convert_async_crypto_id,
but at least the other functions now look correctly indented to me.

Type: style

Change-Id: Ic8f7b580267386b7a6b07d33d9ba7ae9787c0e0a
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2023-09-12 12:38:08 +00:00
Florin Coras
48cd559fb5 session: make sure rx evt flag is cleared for builtin rx
Type: fix

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I99631b1be6e19f0cefd1cefa82a51e6f8e9be2ac
2023-09-07 16:46:50 +00:00
Frédéric Perrin
a4157aec1c ipsec: clear L4-cksum flags when decap'ing packets
Type: fix

Signed-off-by: Frédéric Perrin <fred@fperrin.net>
Change-Id: I45191b7316c88038bcd57d62aeb07bb109cf4a4d
2023-09-07 08:07:51 +00:00
Piotr Bronowski
c143cc8967 dpdk-cryptodev: fix cache ring stats cli command
The logic for calcuating processed elements in the cache ring was broken.
In case tail and deq_tail equals and frame element pointed by the tile
is not NULL it means there is exactly one processed element in the ring.

Type: fix

Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Change-Id: I69c978334fc952049393214ccc9cc5245351f7f7
2023-09-07 08:05:54 +00:00
Damjan Marion
f0fc65a4b9 build: add option to specify native -march= flag with VPP_BUILD_NATIVE_ARCH
Type: improvement
Change-Id: I98eeba1ad2f9ed0531a7c615e0e70e535f24f813
Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-09-06 18:57:54 +00:00
Vladislav Grishenko
579a6fb89b nat: improve nat44-ed outside address distribution
Use client address hash to pick the first outside address
instead of just address high octet, becasue it may denegerate
into stable 10/172/192, depending on nat address count.

Fix outside address distribution test to acually test the
distribution, not the algo, so previous distribution will
fail with 65 nat addresses and 100 clients:

FAIL: Outside address distribution based on source address
Traceback (most recent call last):
  File ".../test/test_nat44_ed.py", line 2048, in test_outside_address_distribution
    msg="Bad outside address distribution")
AssertionError: 156.25 not less than 0.33 : Bad outside address distribution

Type: improvement
Change-Id: I604b1294422f20d211db5614c47559557a78a193
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06 16:44:15 +00:00
Mohsin Kazmi
a181eaa59b virtio: add support for tx-queue-size
Type: improvement

DBGvpp# set loggin class virtio level debug
DBGvpp# create int virtio 0000:00:03.0 tx-queue-size 1024

show virtio pci
```
  Virtqueue (TX) 1
    qsz 1024, last_used_idx 0, desc_next 0, desc_in_use 0
    avail.flags 0x1 avail.idx 0 used.flags 0x0 used.idx 0
```

show logging
```
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, default-size 256
2022/07/22 23:20:22:557 debug      virtio         0000:00:03.0: tx-queue: number 1, new size 1024
```

Change-Id: Ib1a3ebe742b3a6c9fe72bd1c5accfe07682cbdd1
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2023-09-06 12:13:45 +00:00
Ole Troan
56b8abc07f ip: punt add punt socket support for icmp6
Punt support for ICMP6 messages allows for an external IPv6 RA advertisement agent.

Type: feature
Change-Id: I0cc928b747ac1f8335ee9f7c42a3231424825dbc
Signed-off-by: Ole Troan <otroan@employees.org>
2023-09-06 10:48:18 +00:00
Vladislav Grishenko
e7c57c45aa api: fix mp-safe mark for some messages and add more
Several api messages were not mp-safe although marked as such
because non-zero base id was not taken into account, and therefore
some other (from zero base id) were falsely mp-safe instead.

Keep messages as mp-safe, as they falsely were before:
    10   get_first_msg_id                              0       1
    12   api_versions                                  0       1

Messages that are no longer mp-safe as they weren't marked:
    15   sockclnt_create                               0       1
    33   proxy_arp_intfc_dump                          0       1

Fix messages to be really mp-safe:
    809  bridge_domain_dump                            0       1
    920  ip_route_add_del                              0       1
    921  ip_route_add_del_v2                           0       1
    1362 get_node_graph                                0       1
    1671 create_vhost_user_if                          0       1
    1675 create_vhost_user_if_v2                       0       1

Additionally mark messages as mp-safe, seems they need no barrier:
    1360 show_threads                                  0       1
    1370 show_version                                  0       1
    1372 show_vpe_system_time                          0       1

Type: fix
Change-Id: Ie6c1e3aa89f26bf51bfbcb7e7c4d9fee885487b7
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
2023-09-06 08:34:33 +00:00