build: update octeon-roc checksum to updated version

- caused by regeneration of source tarball after the marvel repo moved to a new account Type: fix Change-Id: I44616408d673c8d208ff73ea29d9f5cc12778cef Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
tests: disable failing tests on Ubuntu 22.04
2024-07-30 15:11:47 -04:00 · 2024-07-10 01:16:38 +00:00 · 2024-04-18 15:29:03 +00:00 · 2024-04-08 22:44:18 +00:00 · 2024-03-12 07:53:34 +00:00 · 2024-03-11 20:18:42 +00:00
21 changed files with 846 additions and 56 deletions
--- a/.gitreview
+++ b/.gitreview
@ -2,3 +2,4 @@
 host=gerrit.fd.io
 port=29418
 project=vpp
+defaultbranch=stable/2402
--- a/build/external/packages/octeon-roc.mk
+++ b/build/external/packages/octeon-roc.mk
@ -4,7 +4,7 @@

 octeon-roc_version             := 0.2
 octeon-roc_tarball             := octeon-roc-v$(octeon-roc_version).tar.gz
-octeon-roc_tarball_md5sum      := a72bb3b27fd3bbaf58aadd99514620e1
+octeon-roc_tarball_md5sum      := 3e122beb30d57d6f70ea5ee106465b3b

 octeon-roc_tarball_strip_dirs  := 1
 octeon-roc_url                 := https://github.com/MarvellEmbeddedProcessors/marvell-vpp/archive/refs/tags/$(octeon-roc_tarball)
--- a/docs/aboutvpp/releasenotes/index.rst
+++ b/docs/aboutvpp/releasenotes/index.rst
@ -6,6 +6,7 @@ Release notes
 .. toctree::
    :maxdepth: 2

+    v24.02
    v23.10
    v23.06
    v23.02
--- a/docs/aboutvpp/releasenotes/v24.02.rst
+++ b/docs/aboutvpp/releasenotes/v24.02.rst
--- a/extras/scripts/crcchecker.py
+++ b/extras/scripts/crcchecker.py
@ -82,13 +82,15 @@ def filelist_from_git_ls():

 def is_uncommitted_changes():
    """Returns true if there are uncommitted changes in the repo"""
-    git_status = "git status --porcelain -uno"
-    returncode = run(git_status.split(), stdout=PIPE, stderr=PIPE)
-    if returncode.returncode != 0:
-        sys.exit(returncode.returncode)
+    # Don't run this check in the Jenkins CI
+    if os.getenv("FDIOTOOLS_IMAGE") is None:
+        git_status = "git status --porcelain -uno"
+        returncode = run(git_status.split(), stdout=PIPE, stderr=PIPE)
+        if returncode.returncode != 0:
+            sys.exit(returncode.returncode)

-    if returncode.stdout:
-        return True
+        if returncode.stdout:
+            return True
    return False


--- a/src/plugins/flowprobe/node.c
+++ b/src/plugins/flowprobe/node.c
@ -105,6 +105,9 @@ vlib_node_registration_t flowprobe_input_l2_node;
 vlib_node_registration_t flowprobe_output_ip4_node;
 vlib_node_registration_t flowprobe_output_ip6_node;
 vlib_node_registration_t flowprobe_output_l2_node;
+vlib_node_registration_t flowprobe_flush_ip4_node;
+vlib_node_registration_t flowprobe_flush_ip6_node;
+vlib_node_registration_t flowprobe_flush_l2_node;

 /* No counters at the moment */
 #define foreach_flowprobe_error			\
@ -945,18 +948,57 @@ flush_record (flowprobe_variant_t which)
 void
 flowprobe_flush_callback_ip4 (void)
 {
+  vlib_main_t *worker_vm;
+  u32 i;
+
+  /* Flush for each worker thread */
+  for (i = 1; i < vlib_get_n_threads (); i++)
+    {
+      worker_vm = vlib_get_main_by_index (i);
+      if (worker_vm)
+	vlib_node_set_interrupt_pending (worker_vm,
+					 flowprobe_flush_ip4_node.index);
+    }
+
+  /* Flush for the main thread */
  flush_record (FLOW_VARIANT_IP4);
 }

 void
 flowprobe_flush_callback_ip6 (void)
 {
+  vlib_main_t *worker_vm;
+  u32 i;
+
+  /* Flush for each worker thread */
+  for (i = 1; i < vlib_get_n_threads (); i++)
+    {
+      worker_vm = vlib_get_main_by_index (i);
+      if (worker_vm)
+	vlib_node_set_interrupt_pending (worker_vm,
+					 flowprobe_flush_ip6_node.index);
+    }
+
+  /* Flush for the main thread */
  flush_record (FLOW_VARIANT_IP6);
 }

 void
 flowprobe_flush_callback_l2 (void)
 {
+  vlib_main_t *worker_vm;
+  u32 i;
+
+  /* Flush for each worker thread */
+  for (i = 1; i < vlib_get_n_threads (); i++)
+    {
+      worker_vm = vlib_get_main_by_index (i);
+      if (worker_vm)
+	vlib_node_set_interrupt_pending (worker_vm,
+					 flowprobe_flush_l2_node.index);
+    }
+
+  /* Flush for the main thread */
  flush_record (FLOW_VARIANT_L2);
  flush_record (FLOW_VARIANT_L2_IP4);
  flush_record (FLOW_VARIANT_L2_IP6);
@ -1062,6 +1104,32 @@ flowprobe_walker_process (vlib_main_t * vm,
  return 0;
 }

+static uword
+flowprobe_flush_ip4 (vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
+{
+  flush_record (FLOW_VARIANT_IP4);
+
+  return 0;
+}
+
+static uword
+flowprobe_flush_ip6 (vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
+{
+  flush_record (FLOW_VARIANT_IP6);
+
+  return 0;
+}
+
+static uword
+flowprobe_flush_l2 (vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
+{
+  flush_record (FLOW_VARIANT_L2);
+  flush_record (FLOW_VARIANT_L2_IP4);
+  flush_record (FLOW_VARIANT_L2_IP6);
+
+  return 0;
+}
+
 /* *INDENT-OFF* */
 VLIB_REGISTER_NODE (flowprobe_input_ip4_node) = {
  .function = flowprobe_input_ip4_node_fn,
@ -1135,6 +1203,24 @@ VLIB_REGISTER_NODE (flowprobe_walker_node) = {
  .type = VLIB_NODE_TYPE_INPUT,
  .state = VLIB_NODE_STATE_INTERRUPT,
 };
+VLIB_REGISTER_NODE (flowprobe_flush_ip4_node) = {
+  .function = flowprobe_flush_ip4,
+  .name = "flowprobe-flush-ip4",
+  .type = VLIB_NODE_TYPE_INPUT,
+  .state = VLIB_NODE_STATE_INTERRUPT,
+};
+VLIB_REGISTER_NODE (flowprobe_flush_ip6_node) = {
+  .function = flowprobe_flush_ip6,
+  .name = "flowprobe-flush-ip6",
+  .type = VLIB_NODE_TYPE_INPUT,
+  .state = VLIB_NODE_STATE_INTERRUPT,
+};
+VLIB_REGISTER_NODE (flowprobe_flush_l2_node) = {
+  .function = flowprobe_flush_l2,
+  .name = "flowprobe-flush-l2",
+  .type = VLIB_NODE_TYPE_INPUT,
+  .state = VLIB_NODE_STATE_INTERRUPT,
+};
 /* *INDENT-ON* */

 /*
--- a/src/plugins/linux-cp/lcp.api
+++ b/src/plugins/linux-cp/lcp.api
@ -103,6 +103,27 @@ define lcp_itf_pair_add_del_v2_reply
  i32 retval;
  vl_api_interface_index_t host_sw_if_index;
 };
+autoendian define lcp_itf_pair_add_del_v3
+{
+  option in_progress;
+
+  u32 client_index;
+  u32 context;
+  bool is_add;
+  vl_api_interface_index_t sw_if_index;
+  string host_if_name[16];		/* IFNAMSIZ */
+  vl_api_lcp_itf_host_type_t host_if_type;
+  string netns[32];			/* LCP_NS_LEN */
+};
+define lcp_itf_pair_add_del_v3_reply
+{
+  option in_progress;
+
+  u32 context;
+  i32 retval;
+  u32 vif_index;
+  vl_api_interface_index_t host_sw_if_index;
+};

 /** \brief Dump Linux Control Plane interface pair data
    @param client_index - opaque cookie to identify the sender
@ -121,6 +142,19 @@ autoendian define lcp_itf_pair_get_reply
  i32 retval;
  u32 cursor;
 };
+autoendian define lcp_itf_pair_get_v2
+{
+  u32 client_index;
+  u32 context;
+  u32 cursor;
+  vl_api_interface_index_t sw_if_index;
+};
+autoendian define lcp_itf_pair_get_v2_reply
+{
+  u32 context;
+  i32 retval;
+  u32 cursor;
+};

 /** \brief Linux Control Plane interface pair dump response
    @param context - sender context which was passed in the request
@ -148,6 +182,11 @@ service {
    stream lcp_itf_pair_details;
 };

+service {
+  rpc lcp_itf_pair_get_v2 returns lcp_itf_pair_get_v2_reply
+    stream lcp_itf_pair_details;
+};
+
 /** \brief Replace end/begin
 */
 autoreply define lcp_itf_pair_replace_begin
--- a/src/plugins/linux-cp/lcp_api.c
+++ b/src/plugins/linux-cp/lcp_api.c
@ -45,7 +45,7 @@ static int
 vl_api_lcp_itf_pair_add (u32 phy_sw_if_index, lip_host_type_t lip_host_type,
 			 u8 *mp_host_if_name, size_t sizeof_host_if_name,
 			 u8 *mp_namespace, size_t sizeof_mp_namespace,
-			 u32 *host_sw_if_index_p)
+			 u32 *host_sw_if_index_p, u32 *vif_index_p)
 {
  u8 *host_if_name, *netns;
  int host_len, netns_len, rv;
@ -64,6 +64,13 @@ vl_api_lcp_itf_pair_add (u32 phy_sw_if_index, lip_host_type_t lip_host_type,
  rv = lcp_itf_pair_create (phy_sw_if_index, host_if_name, lip_host_type,
 			    netns, host_sw_if_index_p);

+  if (!rv && (vif_index_p != NULL))
+    {
+      lcp_itf_pair_t *pair =
+	lcp_itf_pair_get (lcp_itf_pair_find_by_phy (phy_sw_if_index));
+      *vif_index_p = pair->lip_vif_index;
+    }
+
  vec_free (host_if_name);
  vec_free (netns);

@ -86,7 +93,7 @@ vl_api_lcp_itf_pair_add_del_t_handler (vl_api_lcp_itf_pair_add_del_t *mp)
    {
      rv = vl_api_lcp_itf_pair_add (
 	phy_sw_if_index, lip_host_type, mp->host_if_name,
-	sizeof (mp->host_if_name), mp->netns, sizeof (mp->netns), NULL);
+	sizeof (mp->host_if_name), mp->netns, sizeof (mp->netns), NULL, NULL);
    }
  else
    {
@ -111,10 +118,10 @@ vl_api_lcp_itf_pair_add_del_v2_t_handler (vl_api_lcp_itf_pair_add_del_v2_t *mp)
  lip_host_type = api_decode_host_type (mp->host_if_type);
  if (mp->is_add)
    {
-      rv = vl_api_lcp_itf_pair_add (phy_sw_if_index, lip_host_type,
-				    mp->host_if_name,
-				    sizeof (mp->host_if_name), mp->netns,
-				    sizeof (mp->netns), &host_sw_if_index);
+      rv = vl_api_lcp_itf_pair_add (
+	phy_sw_if_index, lip_host_type, mp->host_if_name,
+	sizeof (mp->host_if_name), mp->netns, sizeof (mp->netns),
+	&host_sw_if_index, NULL);
    }
  else
    {
@ -126,6 +133,37 @@ vl_api_lcp_itf_pair_add_del_v2_t_handler (vl_api_lcp_itf_pair_add_del_v2_t *mp)
 		    { rmp->host_sw_if_index = host_sw_if_index; });
 }

+static void
+vl_api_lcp_itf_pair_add_del_v3_t_handler (vl_api_lcp_itf_pair_add_del_v3_t *mp)
+{
+  u32 phy_sw_if_index, host_sw_if_index = ~0, vif_index = ~0;
+  vl_api_lcp_itf_pair_add_del_v3_reply_t *rmp;
+  lip_host_type_t lip_host_type;
+  int rv;
+
+  VALIDATE_SW_IF_INDEX_END (mp);
+
+  phy_sw_if_index = mp->sw_if_index;
+  lip_host_type = api_decode_host_type (mp->host_if_type);
+  if (mp->is_add)
+    {
+      rv = vl_api_lcp_itf_pair_add (
+	phy_sw_if_index, lip_host_type, mp->host_if_name,
+	sizeof (mp->host_if_name), mp->netns, sizeof (mp->netns),
+	&host_sw_if_index, &vif_index);
+    }
+  else
+    {
+      rv = lcp_itf_pair_delete (phy_sw_if_index);
+    }
+
+  BAD_SW_IF_INDEX_LABEL;
+  REPLY_MACRO2_END (VL_API_LCP_ITF_PAIR_ADD_DEL_V3_REPLY, ({
+		      rmp->host_sw_if_index = host_sw_if_index;
+		      rmp->vif_index = vif_index;
+		    }));
+}
+
 static void
 send_lcp_itf_pair_details (index_t lipi, vl_api_registration_t *rp,
 			   u32 context)
@ -161,6 +199,31 @@ vl_api_lcp_itf_pair_get_t_handler (vl_api_lcp_itf_pair_get_t *mp)
    ({ send_lcp_itf_pair_details (cursor, rp, mp->context); }));
 }

+static void
+vl_api_lcp_itf_pair_get_v2_t_handler (vl_api_lcp_itf_pair_get_v2_t *mp)
+{
+  vl_api_lcp_itf_pair_get_v2_reply_t *rmp;
+  i32 rv = 0;
+
+  if (mp->sw_if_index == ~0)
+    {
+      REPLY_AND_DETAILS_MACRO_END (
+	VL_API_LCP_ITF_PAIR_GET_REPLY, lcp_itf_pair_pool,
+	({ send_lcp_itf_pair_details (cursor, rp, mp->context); }));
+    }
+  else
+    {
+      VALIDATE_SW_IF_INDEX_END (mp);
+      send_lcp_itf_pair_details (
+	lcp_itf_pair_find_by_phy (mp->sw_if_index),
+	vl_api_client_index_to_registration (mp->client_index), mp->context);
+
+      BAD_SW_IF_INDEX_LABEL;
+      REPLY_MACRO2_END (VL_API_LCP_ITF_PAIR_GET_V2_REPLY,
+			({ rmp->cursor = ~0; }));
+    }
+}
+
 static void
 vl_api_lcp_default_ns_set_t_handler (vl_api_lcp_default_ns_set_t *mp)
 {
--- a/src/vcl/vppcom.c
+++ b/src/vcl/vppcom.c
@ -2830,7 +2830,7 @@ vppcom_epoll_create (void)

 static void
 vcl_epoll_ctl_add_unhandled_event (vcl_worker_t *wrk, vcl_session_t *s,
-				   u8 is_epollet, session_evt_type_t evt)
+				   u32 is_epollet, session_evt_type_t evt)
 {
  if (!is_epollet)
    {
--- a/src/vlib/buffer.c
+++ b/src/vlib/buffer.c
@ -473,6 +473,10 @@ vlib_buffer_alloc_size (uword ext_hdr_size, uword data_size)
  uword alloc_size = ext_hdr_size + sizeof (vlib_buffer_t) + data_size;
  alloc_size = round_pow2 (alloc_size, VLIB_BUFFER_ALIGN);

+  /* in case when we have even number of 'cachelines', we add one more for
+   * better cache occupancy */
+  alloc_size |= VLIB_BUFFER_ALIGN;
+
  return alloc_size;
 }

--- a/src/vnet/ip/reass/ip4_full_reass.c
+++ b/src/vnet/ip/reass/ip4_full_reass.c
@ -1424,11 +1424,11 @@ VLIB_REGISTER_NODE (ip4_full_reass_node_feature) = {
 };

 VNET_FEATURE_INIT (ip4_full_reass_feature, static) = {
-    .arc_name = "ip4-unicast",
-    .node_name = "ip4-full-reassembly-feature",
-    .runs_before = VNET_FEATURES ("ip4-lookup",
-                                  "ipsec4-input-feature"),
-    .runs_after = 0,
+  .arc_name = "ip4-unicast",
+  .node_name = "ip4-full-reassembly-feature",
+  .runs_before = VNET_FEATURES ("ip4-lookup", "ipsec4-input-feature",
+				"ip4-sv-reassembly-feature"),
+  .runs_after = 0,
 };

 VLIB_NODE_FN (ip4_full_reass_node_custom) (vlib_main_t * vm,
@ -1453,15 +1453,6 @@ VLIB_REGISTER_NODE (ip4_full_reass_node_custom) = {
        },
 };

-VNET_FEATURE_INIT (ip4_full_reass_custom, static) = {
-    .arc_name = "ip4-unicast",
-    .node_name = "ip4-full-reassembly-feature",
-    .runs_before = VNET_FEATURES ("ip4-lookup",
-                                  "ipsec4-input-feature"),
-    .runs_after = 0,
-};
-
-
 #ifndef CLIB_MARCH_VARIANT
 uword
 ip4_full_reass_custom_register_next_node (uword node_index)
--- a/src/vnet/ipsec/esp_encrypt.c
+++ b/src/vnet/ipsec/esp_encrypt.c
@ -607,6 +607,7 @@ esp_encrypt_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
  u32 current_sa_bytes = 0, spi = 0;
  u8 esp_align = 4, iv_sz = 0, icv_sz = 0;
  ipsec_sa_t *sa0 = 0;
+  u8 sa_drop_no_crypto = 0;
  vlib_buffer_t *lb;
  vnet_crypto_op_t **crypto_ops = &ptd->crypto_ops;
  vnet_crypto_op_t **integ_ops = &ptd->integ_ops;
@ -692,16 +693,10 @@ esp_encrypt_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
 	  sa0 = ipsec_sa_get (sa_index0);
 	  current_sa_index = sa_index0;

-	  if (PREDICT_FALSE ((sa0->crypto_alg == IPSEC_CRYPTO_ALG_NONE &&
-			      sa0->integ_alg == IPSEC_INTEG_ALG_NONE) &&
-			     !ipsec_sa_is_set_NO_ALGO_NO_DROP (sa0)))
-	    {
-	      err = ESP_ENCRYPT_ERROR_NO_ENCRYPTION;
-	      esp_encrypt_set_next_index (b[0], node, thread_index, err,
-					  n_noop, noop_nexts, drop_next,
-					  sa_index0);
-	      goto trace;
-	    }
+	  sa_drop_no_crypto = ((sa0->crypto_alg == IPSEC_CRYPTO_ALG_NONE &&
+				sa0->integ_alg == IPSEC_INTEG_ALG_NONE) &&
+			       !ipsec_sa_is_set_NO_ALGO_NO_DROP (sa0));
+
 	  vlib_prefetch_combined_counter (&ipsec_sa_counters, thread_index,
 					  current_sa_index);

@ -715,6 +710,14 @@ esp_encrypt_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
 	  is_async = im->async_mode | ipsec_sa_is_set_IS_ASYNC (sa0);
 	}

+      if (PREDICT_FALSE (sa_drop_no_crypto != 0))
+	{
+	  err = ESP_ENCRYPT_ERROR_NO_ENCRYPTION;
+	  esp_encrypt_set_next_index (b[0], node, thread_index, err, n_noop,
+				      noop_nexts, drop_next, sa_index0);
+	  goto trace;
+	}
+
      if (PREDICT_FALSE ((u16) ~0 == sa0->thread_index))
 	{
 	  /* this is the first packet to use this SA, claim the SA
--- a/src/vnet/session/application_local.c
+++ b/src/vnet/session/application_local.c
@ -1132,10 +1132,10 @@ ct_handle_cleanups (void *args)
      clib_fifo_sub2 (wrk->pending_cleanups, req);
      ct = ct_connection_get (req->ct_index, thread_index);
      s = session_get (ct->c_s_index, ct->c_thread_index);
-      if (!svm_fifo_has_event (s->tx_fifo))
-	ct_session_postponed_cleanup (ct);
-      else
+      if (svm_fifo_has_event (s->tx_fifo) || (s->flags & SESSION_F_RX_EVT))
 	clib_fifo_add1 (wrk->pending_cleanups, *req);
+      else
+	ct_session_postponed_cleanup (ct);
      n_to_handle -= 1;
    }

@ -1411,6 +1411,7 @@ ct_session_tx (session_t * s)
  peer_s = session_get (peer_ct->c_s_index, peer_ct->c_thread_index);
  if (peer_s->session_state >= SESSION_STATE_TRANSPORT_CLOSING)
    return 0;
+  peer_s->flags |= SESSION_F_RX_EVT;
  return session_enqueue_notify (peer_s);
 }

--- a/src/vnet/srv6/sr_api.c
+++ b/src/vnet/srv6/sr_api.c
@ -163,7 +163,7 @@ vl_api_sr_policy_add_v2_t_handler (vl_api_sr_policy_add_v2_t *mp)
 		   mp->type, ntohl (mp->fib_table), mp->is_encap, 0, NULL);
  vec_free (segments);

-  REPLY_MACRO (VL_API_SR_POLICY_ADD_REPLY);
+  REPLY_MACRO (VL_API_SR_POLICY_ADD_V2_REPLY);
 }

 static void
--- a/src/vnet/tls/tls.c
+++ b/src/vnet/tls/tls.c
@ -594,12 +594,13 @@ tls_session_connected_cb (u32 tls_app_index, u32 ho_ctx_index,
  u32 ctx_handle;

  ho_ctx = tls_ctx_half_open_get (ho_ctx_index);
-  ho_ctx->flags |= TLS_CONN_F_HO_DONE;

  ctx_handle = tls_ctx_alloc (ho_ctx->tls_ctx_engine);
  ctx = tls_ctx_get (ctx_handle);
  clib_memcpy_fast (ctx, ho_ctx, sizeof (*ctx));
+
  /* Half-open freed on tcp half-open cleanup notification */
+  __atomic_fetch_or (&ho_ctx->flags, TLS_CONN_F_HO_DONE, __ATOMIC_RELEASE);

  ctx->c_thread_index = vlib_get_thread_index ();
  ctx->tls_ctx_handle = ctx_handle;
--- a/test/asf/asfframework.py
+++ b/test/asf/asfframework.py
@ -316,6 +316,12 @@ class VppAsfTestCase(CPUInterface, unittest.TestCase):
            if "DVPP_ENABLE_SANITIZE_ADDR=ON" in vpp_extra_cmake_args:
                cls = unittest.skip("Skipping @tag_fixme_asan tests")(cls)

+    @classmethod
+    def skip_fixme_ubuntu2204(cls):
+        """if @tag_fixme_ubuntu2204 & is Ubuntu22.04 - mark for skip"""
+        if cls.has_tag(TestCaseTag.FIXME_UBUNTU2204) and is_distro_ubuntu2204 == True:
+            cls = unittest.skip("Skipping @tag_fixme_ubuntu2204 tests")(cls)
+
    @classmethod
    def instance(cls):
        """Return the instance of this testcase"""
@ -1361,6 +1367,13 @@ class VppTestResult(unittest.TestResult):
                test_title = colorize(f"FIXME with ASAN: {test_title}", RED)
                test.skip_fixme_asan()

+            if (
+                test.has_tag(TestCaseTag.FIXME_UBUNTU2204)
+                and is_distro_ubuntu2204 == True
+            ):
+                test_title = colorize(f"FIXME with Ubuntu 22.04: {test_title}", RED)
+                test.skip_fixme_ubuntu2204()
+
            if hasattr(test, "vpp_worker_count"):
                if test.vpp_worker_count == 0:
                    test_title += " [main thread only]"
--- a/test/test_flowprobe.py
+++ b/test/test_flowprobe.py
@ -183,9 +183,7 @@ class MethodHolder(VppTestCase):
        variables and configure VPP.
        """
        super(MethodHolder, cls).setUpClass()
-        if (is_distro_ubuntu2204 == True or is_distro_debian11 == True) and not hasattr(
-            cls, "vpp"
-        ):
+        if (is_distro_debian11 == True) and not hasattr(cls, "vpp"):
            return
        try:
            # Create pg interfaces
@ -1228,7 +1226,6 @@ class DatapathTestsHolder(object):
        self.logger.info("FFP_TEST_FINISH_0002")


-@tag_fixme_vpp_workers
 class DatapathTx(MethodHolder, DatapathTestsHolder):
    """Collect info on Ethernet, IP4 and IP6 datapath (TX) (no timers)"""

@ -1309,7 +1306,6 @@ class DatapathTx(MethodHolder, DatapathTestsHolder):
        ipfix.remove_vpp_config()


-@tag_fixme_vpp_workers
 class DatapathRx(MethodHolder, DatapathTestsHolder):
    """Collect info on Ethernet, IP4 and IP6 datapath (RX) (no timers)"""

--- a/test/test_ikev2.py
+++ b/test/test_ikev2.py
@ -1872,6 +1872,7 @@ class TestResponderBehindNAT(TemplateResponder, Ikev2Params):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorNATT(TemplateInitiator, Ikev2Params):
    """test ikev2 initiator - NAT traversal (intitiator behind NAT)"""

@ -1904,6 +1905,7 @@ class TestInitiatorNATT(TemplateInitiator, Ikev2Params):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorPsk(TemplateInitiator, Ikev2Params):
    """test ikev2 initiator - pre shared key auth"""

@ -1935,6 +1937,7 @@ class TestInitiatorPsk(TemplateInitiator, Ikev2Params):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorRequestWindowSize(TestInitiatorPsk):
    """test initiator - request window size (1)"""

@ -1983,6 +1986,7 @@ class TestInitiatorRequestWindowSize(TestInitiatorPsk):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorRekey(TestInitiatorPsk):
    """test ikev2 initiator - rekey"""

@ -2027,6 +2031,7 @@ class TestInitiatorRekey(TestInitiatorPsk):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorDelSAFromResponder(TemplateInitiator, Ikev2Params):
    """test ikev2 initiator - delete IKE SA from responder"""

@ -2197,9 +2202,7 @@ class TestResponderVrf(TestResponderPsk, Ikev2Params):

        globals()["ikev2"] = _ikev2
        super(IkePeer, cls).setUpClass()
-        if (is_distro_ubuntu2204 == True or is_distro_debian11 == True) and not hasattr(
-            cls, "vpp"
-        ):
+        if (is_distro_debian11 == True) and not hasattr(cls, "vpp"):
            return
        cls.create_pg_interfaces(range(1))
        cls.vapi.cli("ip table add 1")
@ -2310,6 +2313,7 @@ class Test_IKE_AES_GCM_16_256(TemplateResponder, Ikev2Params):


@tag_fixme_vpp_workers
+@tag_fixme_ubuntu2204
 class TestInitiatorKeepaliveMsg(TestInitiatorPsk):
    """
    Test for keep alive messages
--- a/test/test_ipsec_tun_if_esp.py
+++ b/test/test_ipsec_tun_if_esp.py
@ -1231,13 +1231,35 @@ class TestIpsec4TunIfEspNoAlgo(TemplateIpsec4TunProtect, TemplateIpsec, IpsecTun
        self.config_sa_tra(p)
        self.config_protect(p)

-        tx = self.gen_pkts(self.pg1, src=self.pg1.remote_ip4, dst=p.remote_tun_if_host)
+        tx = self.gen_pkts(
+            self.pg1, src=self.pg1.remote_ip4, dst=p.remote_tun_if_host, count=127
+        )
        self.send_and_assert_no_replies(self.pg1, tx)

        self.unconfig_protect(p)
        self.unconfig_sa(p)
        self.unconfig_network(p)

+    def test_tun_44_async(self):
+        """IPSec SA with NULL algos using async crypto"""
+        p = self.ipv4_params
+
+        self.vapi.ipsec_set_async_mode(async_enable=True)
+        self.config_network(p)
+        self.config_sa_tra(p)
+        self.config_protect(p)
+
+        tx = self.gen_pkts(
+            self.pg1, src=self.pg1.remote_ip4, dst=p.remote_tun_if_host, count=127
+        )
+        self.send_and_assert_no_replies(self.pg1, tx)
+
+        self.unconfig_protect(p)
+        self.unconfig_sa(p)
+        self.unconfig_network(p)
+
+        self.vapi.ipsec_set_async_mode(async_enable=False)
+

@tag_fixme_vpp_workers
 class TestIpsec6MultiTunIfEsp(TemplateIpsec6TunProtect, TemplateIpsec, IpsecTun6):
--- a/test/test_nat44_ed.py
+++ b/test/test_nat44_ed.py
@ -162,8 +162,6 @@ class TestNAT44ED(VppTestCase):
    @classmethod
    def setUpClass(cls):
        super().setUpClass()
-        if is_distro_ubuntu2204 == True and not hasattr(cls, "vpp"):
-            return

        cls.create_pg_interfaces(range(12))
        cls.interfaces = list(cls.pg_interfaces[:4])
--- a/test/test_nat64.py
+++ b/test/test_nat64.py
@ -55,8 +55,6 @@ class TestNAT64(VppTestCase):
    def setUpClass(cls):
        super(TestNAT64, cls).setUpClass()

-        if is_distro_ubuntu2204 == True and not hasattr(cls, "vpp"):
-            return
        cls.tcp_port_in = 6303
        cls.tcp_port_out = 6303
        cls.udp_port_in = 6304
Author	SHA1	Message	Date
Dave Wallace	a144e75fed	build: update octeon-roc checksum to updated version - caused by regeneration of source tarball after the marvel repo moved to a new account Type: fix Change-Id: I44616408d673c8d208ff73ea29d9f5cc12778cef Signed-off-by: Dave Wallace <dwallacelf@gmail.com>	2024-07-30 15:11:47 -04:00
Andrew Yourtchenko	7ad2c8b3e0	tests: disable failing tests on Ubuntu 22.04 Also rework the logic so the skipping of marked Ubuntu 22.04 occurs at framework level Leave debian11 special cases as-is. Type: fix Change-Id: I481eb32cd1a0860935482e9f930ced409da653c9 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 9987d470a6a502dd64266204cb006f30d7245cdd)	2024-07-10 01:16:38 +00:00
Vratko Polak	80e9503819	sr: use correct reply to sr_policy_add_v2 Type: fix Fixes: c4c205b091934d96a173f4c0d75ef7e888298ac7 Change-Id: I110729601a9f19451297883b781ec56e2b31465b Signed-off-by: Vratko Polak <vrpolak@cisco.com> (cherry picked from commit 4332082093c267818899476d563c73298a491014)	2024-04-18 15:29:03 +00:00
Dave Wallace	dd59e1b432	misc: in crcchecker.py, don't check for uncommitted changes in CI Type: fix Change-Id: I63260a953e54518b3084b62fccdb4af81315b229 Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit 3a0d7d2c95e8b8087c20b99fed5bcf62fac027d9)	2024-04-08 22:44:18 +00:00
Alexander Chernavin	500ac05961	flowprobe: fix flush callbacks when multiple workers IPFIX buffers are stored on a per worker thread basis. Currently, the flush callbacks will flush only buffers stored for the main thread. And buffers for worker threads will not be sent until their size reach the path MTU configured for the exporter. So if traffic is constant, the problem will unlikely to be visible. Buffers will be sent once they reach the maximum size. However, if traffic stops at some point and flush is triggered in order to make the plugin send all currently buffered data, this will not happen. And collectors will not receive that data. The plugin will keep the remaining data until traffic starts again, the buffers reach the maximum size, and be sent. With this fix, flush buffers for worker threads and for the main thread when the flush callbacks are triggered. This will allow to remove @tag_fixme_vpp_workers from the unit tests that don't set timers. The tests that set timers will still be failing for other multi-worker related problems. Type: fix Change-Id: I9a7d9cef8ddbec7ee68c79309e48e7bc0953d488 Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit 4c7305f124cfa9c649ec6c9231eaf608fe336f1b)	2024-03-12 07:53:34 +00:00
Matthew Smith	a541cfd31d	ipsec: check each packet for no algs in esp-encrypt In esp_encrypt_inline(), if two or more consecutive packets are associated with the same SA which has no crypto or integrity algorithms set, only the first one gets dropped. Subsequent packets either get sent (synchronous crypto) or cause a segv (asynchronous crypto). The current SA's index and pool entry are cached before it can be determined whether the packet should be dropped due to no algorithms being set. The check for no algorithms is only performed when the cached SA index is different than the SA index for the current packet. So packets after the first one associated with the "none" alg SA aren't handled properly. This was broken by my previous commit ("ipsec: keep esp encrypt pointer and index synced") which fixed a segv that occurred under a different set of circumstances. Check whether each packet should be dropped instead of only checking when a new SA is encountered. Update unit tests: - Add a test for no algs on tunnel interface which enables asynchronous crypto. - Send more than one packet in the tests for no algs. Type: fix Fixes: dac9e566cd16fc375fff14280b37cb5135584fc6 Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I69e951f22044051eb8557da187cb58f5535b54bf (cherry picked from commit ff71939c30ae81241808da1843e82cf2dfa92344)	2024-03-11 20:18:42 +00:00
Anton Nikolaev	1200c799d0	linux-cp: add add_del_v3 and get_v2 methods Added vl_api_lcp_itf_pair_add_del_v3_t_handler method, it can return vif_index in reply. Also added vl_api_lcp_itf_pair_get_v2_t_handler methods, this method is able to dump only one lcp pair or dump all lcp pairs via stream_msg. Type: improvement Change-Id: I1d25344ee57f8fac8b857bb3a9a03116230b4d2c Signed-off-by: Anton Nikolaev <anikolaev@netgate.com> (cherry picked from commit 83ad79d69a09f504ba6ce3325fc165648eb55daa)	2024-03-11 20:18:24 +00:00
Matthew Smith	4991354309	ip: force full reassembly before virtual Type: improvement The vnet buffer metadata for full IP reassembly and shallow virtual reassembly overlaps. If you have full reassembly and virtual reassembly enabled on the same interface and virtual reassembly happens to process packets first, full reassembly will stomp on the metadata populated by virtual reassembly. Virtual reassembly gets enabled implicitly when NAT feature nodes are enabled. Those NAT feature nodes rely on the virtual reassembly metadata being populated correctly in order to find L4 proto & ports. When NAT and IP full reassembly are both enabled on an interface, NAT can drop fragmented packets because the virtual reassembly metadata can be overwritten by full reassembly. Ensure that full reassembly runs before virtual reassembly. Add a runs_before dependency to ensure that ip4-full-reassembly-feature runs before ip4-sv-reassembly-feature. There was a duplicate VNET_FEATURE_INIT() for ip4-full-reassembly-feature. It seems to have been intended for enabling ip4-full-reassembly-custom as a feature node, but its contents are identical to the earlier VNET_FEATURE_INIT() for ip4-full-reassembly-feature. Removed the duplicate. Change-Id: Ie600b854d4ceb90a7cb736810140d410b8f72447 Signed-off-by: Matthew Smith <mgsmith@netgate.com> (cherry picked from commit 205ed8f8845a8ea36f38ed29df158a5a07c2e2c3)	2024-03-08 12:27:12 +01:00
Florin Coras	e4ec1584ec	tls: mark ho done atomically after ctx init Make sure ctx is initialized before ho is marked as done. Type: fix Change-Id: If0525a9890a56e289e2ab006c669a9d64dc6505d Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 0ded4890beaa3aa1f36c61ff6125d19582b25391)	2024-03-01 14:29:29 +00:00
Florin Coras	7453b5dfe8	session: postpone ct cleanup if rx evt pending Type: fix Change-Id: I8cfaa62abd38d5356263b0ffd428638d1a027617 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 3efcbaf3b1119b4312ae1f3a1c59dea2d746bec4)	2024-03-01 14:29:11 +00:00
Andrew Yourtchenko	455960759b	misc: VPP 24.02 Release Notes Type: docs Change-Id: I4209b4edf387f2d7b88ecc338cca3b4901210ed2 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>	2024-02-28 11:12:31 +00:00
Vratko Polak	ccfc24f745	buffers: bring back cache occupancy improvement The improvement was removed in 40129, causing 5-40% regressions in AVF tests. There is a memory-speed trade-off, this change prefers speed over memory efficiency. Ideally, the choice should be configurable, but that is not easy to achieve, considering how early is vlib_buffer_main_init called. Type: fix Fixes: 038dad7ef29b0b724071edb5f8cc7a9845584454 Change-Id: I4746f3634abe6d233c9d092a372de05b3d1ae4b6 Signed-off-by: Vratko Polak <vrpolak@cisco.com> (cherry picked from commit 04fd51c03c428859bae949a8294ee0f9c062a44b)	2024-02-19 12:22:20 +00:00
Florin Coras	8cbf84dce0	vcl: fix epollet test for unhandled evts Argument to vcl_epoll_ctl_add_unhandled_event is often the result of an and between events and EPOLLET which is larger than u8 Type: fix Change-Id: I8c98f557fa1db9f3eb79c90ecdd60ac9366d4d40 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit e81f27ffb2a698737eae607b111d0611d221222f)	2024-02-13 17:20:10 +00:00
Andrew Yourtchenko	3a56e86a73	misc: Initial changes for stable/2402 branch Type: docs Change-Id: I820bbb54597a8f640ed6b854d20d0b572c5f255b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>	2024-01-24 12:41:23 +00:00