Release 18.01.2: update jvpp version

Change-Id: I46229d50de4f8892551041be7fee2bba5581da63
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>

.gitreview

@@ -2,3 +2,4 @@
 host=gerrit.fd.io
 port=29418
 project=vpp
+defaultbranch=stable/1801

Makefile

@@ -522,7 +522,7 @@ ifeq ($(OS_ID)-$(OS_VERSION_ID),ubuntu-16.04)
 	@sudo -E apt-get update
 	@sudo -E apt-get $(CONFIRM) $(FORCE) install clang
 	$(call banner,"Building for PLATFORM=vpp using clang")
-	@make -C build-root CC=clang PLATFORM=vpp TAG=vpp_clang wipe-all install-packages
+	@make -C build-root CC=clang-3.8 PLATFORM=vpp TAG=vpp_clang wipe-all install-packages
 endif
 	$(call banner,"Building sample-plugin")
 	@make -C build-root PLATFORM=vpp TAG=vpp sample-plugin-install

build-data/platforms/vpp.mk

@@ -48,10 +48,13 @@ endif
 
 vpp_debug_TAG_CFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 \
 	-fstack-protector-all -fPIC -Werror
+vpp_debug_TAG_CXXFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 \
+	-fstack-protector-all -fPIC -Werror
 vpp_debug_TAG_LDFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 \
 	-fstack-protector-all -fPIC -Werror
 
 vpp_TAG_CFLAGS = -g -O2 -DFORTIFY_SOURCE=2 -fstack-protector -fPIC -Werror
+vpp_TAG_CXXFLAGS = -g -O2 -DFORTIFY_SOURCE=2 -fstack-protector -fPIC -Werror
 vpp_TAG_LDFLAGS = -g -O2 -DFORTIFY_SOURCE=2 -fstack-protector -fPIC -Werror
 
 vpp_clang_TAG_CFLAGS = -g -O2 -DFORTIFY_SOURCE=2 -fstack-protector -fPIC -Werror

build-root/Makefile

@@ -245,6 +245,8 @@ tag_var_with_added_space_fn = $(if $($(TAG)_TAG_$(1)),$($(TAG)_TAG_$(1)) )
 # TAG=debug for debugging
 debug_TAG_CFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 -march=$(MARCH) \
 		   -fstack-protector-all -fPIC
+debug_TAG_CXXFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 -march=$(MARCH) \
+		   -fstack-protector-all -fPIC
 debug_TAG_LDFLAGS = -g -O0 -DCLIB_DEBUG -DFORTIFY_SOURCE=2 -march=$(MARCH) \
 		   -fstack-protector-all -fPIC
 
@@ -537,6 +539,8 @@ configure_ldflags_fn = \
 CONFIGURE_ENV =								\
     $(if $(call configure_var_fn,CPPFLAGS),				\
 	 CPPFLAGS="$(CPPFLAGS) $(call configure_var_fn,CPPFLAGS)")	\
+    $(if $(call configure_var_fn,CXXFLAGS),				\
+	 CXXFLAGS="$(CXXFLAGS) $(call configure_var_fn,CXXFLAGS)")	\
     $(if $(call configure_var_fn,CFLAGS),				\
 	 CFLAGS="$(CFLAGS) $(call configure_var_fn,CFLAGS)")		\
     $(if $(call configure_var_fn,CCASFLAGS),				\

build-root/scripts/csit-test-branch

@@ -1,2 +1,2 @@
 #!/bin/sh
-echo oper-171218
+echo rls1801

doxygen/test_framework_doc.md

@@ -3,6 +3,7 @@ Test Framework Documentation    {#test_framework_doc}
 
 PyDoc generated documentation for the "make test" framework is available for the following releases
 
+- [Test framework documentation for VPP 18.01](https://docs.fd.io/vpp/18.01/vpp_make_test/html)
 - [Test framework documentation for VPP 17.10](https://docs.fd.io/vpp/17.10/vpp_make_test/html)
 - [Test framework documentation for VPP 17.04](https://docs.fd.io/vpp/17.04/vpp_make_test/html)
 - [Test framework documentation for VPP 17.01](https://docs.fd.io/vpp/17.01/vpp_make_test/html)

doxygen/user_doc.md

@@ -17,3 +17,5 @@ Several modules provide operational, dataplane-user focused documentation.
 - @subpage srv6_doc
 - @subpage srmpls_doc
 - @subpage nat64_doc
+- @subpage vcl_ldpreload_doc
+- @subpage kp_plugin_doc

dpdk/dpdk-17.11_patches/0001-assign-QAT-cryptodev-to-correct-NUMA-node.patch

@@ -0,0 +1,29 @@
+From 6ca86563a48da5ffcc50a0f1ce7ac1b1af94ad88 Mon Sep 17 00:00:00 2001
+From: Lee Roberts <lee.roberts@hpe.com>
+Date: Fri, 23 Mar 2018 09:54:33 -0600
+Subject: [PATCH] assign QAT cryptodev to correct NUMA node
+
+rte_cryptodev_pmd_init_params should use NUMA node of the QAT device
+for its socket_id rather than the socket_id of the initializing process.
+
+Signed-off-by: Lee Roberts <lee.roberts@hpe.com>
+---
+ drivers/crypto/qat/rte_qat_cryptodev.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/crypto/qat/rte_qat_cryptodev.c b/drivers/crypto/qat/rte_qat_cryptodev.c
+index 4f8e4bf..6197820 100644
+--- a/drivers/crypto/qat/rte_qat_cryptodev.c
++++ b/drivers/crypto/qat/rte_qat_cryptodev.c
+@@ -159,7 +159,7 @@ static int crypto_qat_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,
+ {
+ 	struct rte_cryptodev_pmd_init_params init_params = {
+ 		.name = "",
+-		.socket_id = rte_socket_id(),
++		.socket_id = pci_dev->device.numa_node,
+ 		.private_data_size = sizeof(struct qat_pmd_private),
+ 		.max_nb_sessions = RTE_QAT_PMD_MAX_NB_SESSIONS
+ 	};
+-- 
+1.9.1
+

extras/libmemif/src/libmemif.h

@@ -15,7 +15,9 @@
  *------------------------------------------------------------------
  */
 
-/** @file */
+/** @file
+ *  @defgroup libmemif
+ */
 
 #ifndef _LIBMEMIF_H_
 #define _LIBMEMIF_H_
@@ -78,7 +80,7 @@ typedef enum
 
 /**
  * @defgroup MEMIF_FD_EVENT Types of events that need to be watched for specific fd.
- *
+ * @ingroup libmemif
  * @{
  */
 
@@ -99,6 +101,7 @@ typedef enum
 typedef void *memif_conn_handle_t;
 /**
  * @defgroup CALLBACKS Callback functions definitions
+ * @ingroup libmemif
  *
  * @{
  */
@@ -135,6 +138,7 @@ typedef int (memif_interrupt_t) (memif_conn_handle_t conn, void *private_ctx,
 
 /**
  * @defgroup ARGS_N_BUFS Connection arguments and buffers
+ * @ingroup libmemif
  *
  * @{
  */
@@ -193,6 +197,7 @@ typedef struct
 
 /**
  * @defgroup MEMIF_DETAILS Memif details structs
+ * @ingroup libmemif
  *
  * @{
  */
@@ -256,6 +261,7 @@ typedef struct
 
 /**
  * @defgroup API_CALLS Api calls
+ * @ingroup libmemif
  *
  * @{
  */

extras/libmemif/src/main.c

@@ -1398,11 +1398,13 @@ memif_buffer_alloc (memif_conn_handle_t conn, uint16_t qid,
   uint16_t mask = (1 << mq->log2_ring_size) - 1;
   uint16_t head = ring->head;
   uint16_t tail = ring->tail;
+  uint16_t ring_size;
   uint16_t s0, s1, ns;
   *count_out = 0;
   int i, err = MEMIF_ERR_SUCCESS;	/* 0 */
 
-  ns = (1 << mq->log2_ring_size) - head + tail;
+  ring_size = (1 << mq->log2_ring_size);
+  ns = ring_size - head + tail;
 
   /* calculate number of chain buffers */
   if (size > ring->desc[0].buffer_length)

extras/libmemif/src/socket.c

@@ -519,6 +519,7 @@ memif_msg_receive_add_ring (memif_connection_t * c, memif_msg_t * msg, int fd)
       mq =
 	(memif_queue_t *) realloc (c->rx_queues,
 				   sizeof (memif_queue_t) * (ar->index + 1));
+	memset(mq, 0, sizeof (memif_queue_t) * (ar->index + 1));
       if (mq == NULL)
 	return memif_syscall_error_handler (errno);
       c->rx_queues = mq;
@@ -538,6 +539,7 @@ memif_msg_receive_add_ring (memif_connection_t * c, memif_msg_t * msg, int fd)
       mq =
 	(memif_queue_t *) realloc (c->tx_queues,
 				   sizeof (memif_queue_t) * (ar->index + 1));
+	memset(mq, 0, sizeof (memif_queue_t) * (ar->index + 1));
       if (mq == NULL)
 	return memif_syscall_error_handler (errno);
       c->tx_queues = mq;

extras/scripts/list_api_changes.py

@@ -0,0 +1,15 @@
+#!/usr/bin/env python
+import os, fnmatch, subprocess
+starttag = 'v18.01-rc0'
+endtag = 'v18.01-rc2'
+apifiles = []
+for root, dirnames, filenames in os.walk('.'):
+    for filename in fnmatch.filter(filenames, '*.api'):
+        apifiles.append(os.path.join(root, filename))
+for f in apifiles:
+    commits = subprocess.check_output(['git', 'log',
+                                       '--oneline', starttag + '..' + endtag,
+                                       f])
+    if commits:
+        print f
+        print commits

extras/vcl-ldpreload/README.md

@@ -1,4 +1,4 @@
-# vcl-ldpreload a LD_PRELOAD library that uses the VPP Communications Library (VCL).
+# vcl-ldpreload: a LD_PRELOAD library that uses the VPP Communications Library (VCL).  {#vcl_ldpreload_doc}
 
 User can LD_PRELOAD any application that uses POSIX socket API.
 

src/configure.ac

@@ -1,4 +1,4 @@
-AC_INIT([vpp], [18.01], [vpp-dev@fd.io])
+AC_INIT([vpp], [18.01.2], [vpp-dev@fd.io])
 LT_INIT
 AC_CONFIG_AUX_DIR([.])
 AM_INIT_AUTOMAKE([subdir-objects])
@@ -227,6 +227,7 @@ PLUGIN_ENABLED(l2e)
 ###############################################################################
 # Dependency checks
 ###############################################################################
+AC_CHECK_FUNC([memfd_create], [AC_DEFINE([HAVE_MEMFD_CREATE], [1], [Define if memfd exists])])
 
 AM_COND_IF([ENABLE_DPDK_SHARED],
 [

src/plugins/dpdk/ipsec/esp_encrypt.c

@@ -158,6 +158,7 @@ dpdk_esp_encrypt_node_fn (vlib_main_t * vm,
 	  u32 iv_size;
 	  u16 orig_sz;
 	  u8 trunc_size;
+	  u16 rewrite_len;
 	  struct rte_mbuf *mb0 = 0;
 	  struct rte_crypto_op *op;
 	  u16 res_idx;
@@ -267,6 +268,7 @@ dpdk_esp_encrypt_node_fn (vlib_main_t * vm,
 
 	  if (sa0->is_tunnel)
 	    {
+	      rewrite_len = 0;
 	      if (!is_ipv6 && !sa0->is_tunnel_ip6)	/* ip4inip4 */
 		{
 		  /* in tunnel mode send it back to FIB */
@@ -344,7 +346,7 @@ dpdk_esp_encrypt_node_fn (vlib_main_t * vm,
 	  else			/* transport mode */
 	    {
 	      priv->next = DPDK_CRYPTO_INPUT_NEXT_INTERFACE_OUTPUT;
-	      u16 rewrite_len = vnet_buffer (b0)->ip.save_rewrite_length;
+	      rewrite_len = vnet_buffer (b0)->ip.save_rewrite_length;
 	      u16 adv = sizeof (esp_header_t) + iv_size;
 	      vlib_buffer_advance (b0, -adv - rewrite_len);
 	      u8 *src = ((u8 *) ih0) - rewrite_len;
@@ -393,11 +395,13 @@ dpdk_esp_encrypt_node_fn (vlib_main_t * vm,
 	  if (is_ipv6)
 	    {
 	      u16 len = b0->current_length - sizeof (ip6_header_t);
-	      oh6_0->ip6.payload_length = clib_host_to_net_u16 (len);
+	      oh6_0->ip6.payload_length =
+		clib_host_to_net_u16 (len - rewrite_len);
 	    }
 	  else
 	    {
-	      oh0->ip4.length = clib_host_to_net_u16 (b0->current_length);
+	      oh0->ip4.length =
+		clib_host_to_net_u16 (b0->current_length - rewrite_len);
 	      oh0->ip4.checksum = ip4_header_checksum (&oh0->ip4);
 	    }
 

src/plugins/gtpu/gtpu.c

@@ -97,14 +97,6 @@ format_gtpu_name (u8 * s, va_list * args)
   return format (s, "gtpu_tunnel%d", dev_instance);
 }
 
-static uword
-dummy_interface_tx (vlib_main_t * vm,
-		    vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
-  clib_warning ("you shouldn't be here, leaking buffers...");
-  return frame->n_vectors;
-}
-
 static clib_error_t *
 gtpu_interface_admin_up_down (vnet_main_t * vnm, u32 hw_if_index, u32 flags)
 {
@@ -120,7 +112,6 @@ VNET_DEVICE_CLASS (gtpu_device_class,static) = {
   .name = "GTPU",
   .format_device_name = format_gtpu_name,
   .format_tx_trace = format_gtpu_encap_trace,
-  .tx_function = dummy_interface_tx,
   .admin_up_down_function = gtpu_interface_admin_up_down,
 };
 /* *INDENT-ON* */
@@ -294,25 +285,6 @@ gtpu_decap_next_is_valid (gtpu_main_t * gtm, u32 is_ip6, u32 decap_next_index)
   return decap_next_index < r->n_next_nodes;
 }
 
-static void
-hash_set_key_copy (uword ** h, void *key, uword v)
-{
-  size_t ksz = hash_header (*h)->user;
-  void *copy = clib_mem_alloc (ksz);
-  clib_memcpy (copy, key, ksz);
-  hash_set_mem (*h, copy, v);
-}
-
-static void
-hash_unset_key_free (uword ** h, void *key)
-{
-  hash_pair_t *hp = hash_get_pair_mem (*h, key);
-  ASSERT (hp);
-  key = uword_to_pointer (hp->key, void *);
-  hash_unset_mem (*h, key);
-  clib_mem_free (key);
-}
-
 static uword
 vtep_addr_ref (ip46_address_t * ip)
 {
@@ -323,7 +295,7 @@ vtep_addr_ref (ip46_address_t * ip)
     return ++(*vtep);
   ip46_address_is_ip4 (ip) ?
     hash_set (gtpu_main.vtep4, ip->ip4.as_u32, 1) :
-    hash_set_key_copy (&gtpu_main.vtep6, &ip->ip6, 1);
+    hash_set_mem_alloc (&gtpu_main.vtep6, &ip->ip6, 1);
   return 1;
 }
 
@@ -338,7 +310,7 @@ vtep_addr_unref (ip46_address_t * ip)
     return *vtep;
   ip46_address_is_ip4 (ip) ?
     hash_unset (gtpu_main.vtep4, ip->ip4.as_u32) :
-    hash_unset_key_free (&gtpu_main.vtep6, &ip->ip6);
+    hash_unset_mem_free (&gtpu_main.vtep6, &ip->ip6);
   return 0;
 }
 
@@ -370,7 +342,7 @@ mcast_shared_add (ip46_address_t * dst, fib_node_index_t mfei, adj_index_t ai)
     .mfib_entry_index = mfei,
   };
 
-  hash_set_key_copy (&gtpu_main.mcast_shared, dst, new_ep.as_u64);
+  hash_set_mem_alloc (&gtpu_main.mcast_shared, dst, new_ep.as_u64);
 }
 
 static inline void
@@ -381,7 +353,7 @@ mcast_shared_remove (ip46_address_t * dst)
   adj_unlock (ep.mcast_adj_index);
   mfib_table_entry_delete_index (ep.mfib_entry_index, MFIB_SOURCE_GTPU);
 
-  hash_unset_key_free (&gtpu_main.mcast_shared, dst);
+  hash_unset_mem_free (&gtpu_main.mcast_shared, dst);
 }
 
 static inline fib_protocol_t
@@ -442,8 +414,8 @@ int vnet_gtpu_add_del_tunnel
 
       /* copy the key */
       if (is_ip6)
-	hash_set_key_copy (&gtm->gtpu6_tunnel_by_key, &key6,
-			   t - gtm->tunnels);
+	hash_set_mem_alloc (&gtm->gtpu6_tunnel_by_key, &key6,
+			    t - gtm->tunnels);
       else
 	hash_set (gtm->gtpu4_tunnel_by_key, key4.as_u64, t - gtm->tunnels);
 
@@ -481,6 +453,11 @@ int vnet_gtpu_add_del_tunnel
 	  hi = vnet_get_hw_interface (vnm, hw_if_index);
 	}
 
+      /* Set gtpu tunnel output node */
+      u32 encap_index = !is_ip6 ?
+	gtpu4_encap_node.index : gtpu6_encap_node.index;
+      vnet_set_interface_output_node (vnm, hw_if_index, encap_index);
+
       t->hw_if_index = hw_if_index;
       t->sw_if_index = sw_if_index = hi->sw_if_index;
 
@@ -500,8 +477,6 @@ int vnet_gtpu_add_del_tunnel
 
       fib_node_init (&t->node, gtm->fib_node_type);
       fib_prefix_t tun_dst_pfx;
-      u32 encap_index = !is_ip6 ?
-	gtpu4_encap_node.index : gtpu6_encap_node.index;
       vnet_flood_class_t flood_class = VNET_FLOOD_CLASS_TUNNEL_NORMAL;
 
       fib_prefix_from_ip46_addr (&t->dst, &tun_dst_pfx);
@@ -592,9 +567,6 @@ int vnet_gtpu_add_del_tunnel
 	  flood_class = VNET_FLOOD_CLASS_TUNNEL_MASTER;
 	}
 
-      /* Set gtpu tunnel output node */
-      hi->output_node_index = encap_index;
-
       vnet_get_sw_interface (vnet_get_main (), sw_if_index)->flood_class =
 	flood_class;
     }
@@ -621,7 +593,7 @@ int vnet_gtpu_add_del_tunnel
       if (!is_ip6)
 	hash_unset (gtm->gtpu4_tunnel_by_key, key4.as_u64);
       else
-	hash_unset_key_free (&gtm->gtpu6_tunnel_by_key, &key6);
+	hash_unset_mem_free (&gtm->gtpu6_tunnel_by_key, &key6);
 
       if (!ip46_address_is_multicast (&t->dst))
 	{

src/plugins/ixge/ixge.c

@@ -1462,14 +1462,10 @@ ixge_rx_queue_no_wrap (ixge_main_t * xm,
 	  to_add -= 2;
 
 #if 0
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, bi0));
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, bi1));
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, fi0));
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, fi1));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (bi0));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (bi1));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (fi0));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (fi1));
 #endif
 
 	  b0 = vlib_get_buffer (vm, bi0);
@@ -1680,10 +1676,8 @@ ixge_rx_queue_no_wrap (ixge_main_t * xm,
 	  to_add -= 1;
 
 #if 0
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, bi0));
-	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED ==
-		  vlib_buffer_is_known (vm, fi0));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (bi0));
+	  ASSERT (VLIB_BUFFER_KNOWN_ALLOCATED == vlib_buffer_is_known (fi0));
 #endif
 
 	  b0 = vlib_get_buffer (vm, bi0);

src/plugins/kubeproxy/kp_plugin_doc.md

@@ -1,4 +1,4 @@
-# Kube-proxy plugin for VPP
+# Kube-proxy plugin for VPP    {#kp_plugin_doc}
 
 ## Overview
 

src/plugins/l2e/l2e.c

@@ -136,12 +136,12 @@ l2_emulation_cli (vlib_main_t * vm,
 }
 
 /*?
- * Configure l2 emualtion.
+ * Configure l2 emulation.
  *  When the interface is in L2 mode, configure the extraction of L3
  *  packets out of the L2 path and into the L3 path.
  *
  * @cliexpar
- * @cliexstart{set interface l2 input l2-emulation <interface-name> [disable]
+ * @cliexstart{set interface l2 input l2-emulation <interface-name> [disable]}
  * @cliexend
  ?*/
 /* *INDENT-OFF* */
@@ -179,7 +179,7 @@ l2_emulation_show (vlib_main_t * vm,
  *  packets out of the L2 path and into the L3 path.
  *
  * @cliexpar
- * @cliexstart{show interface l2 l2-emulation
+ * @cliexstart{show interface l2 l2-emulation}
  * @cliexend
  ?*/
 /* *INDENT-OFF* */

src/plugins/memif/cli.c

@@ -194,14 +194,13 @@ format_memif_if_mode (u8 * s, va_list * args)
 static u8 *
 format_memif_queue (u8 * s, va_list * args)
 {
-  memif_if_t *mif = va_arg (*args, memif_if_t *);
   memif_queue_t *mq = va_arg (*args, memif_queue_t *);
   uword i = va_arg (*args, uword);
   u32 indent = format_get_indent (s);
 
   s = format (s, "%U%s ring %u:\n",
 	      format_white_space, indent,
-	      (mif->flags & MEMIF_IF_FLAG_IS_SLAVE) ?
+	      (mq->type == MEMIF_RING_S2M) ?
 	      "slave-to-master" : "master-to-slave", i);
   s = format (s, "%Uregion %u offset %u ring-size %u int-fd %d\n",
 	      format_white_space, indent + 4,
@@ -327,14 +326,14 @@ memif_show_command_fn (vlib_main_t * vm, unformat_input_t * input,
       vec_foreach_index (i, mif->tx_queues)
       {
 	mq = vec_elt_at_index (mif->tx_queues, i);
-	vlib_cli_output (vm, "  %U", format_memif_queue, mif, mq, i);
+	vlib_cli_output (vm, "  %U", format_memif_queue, mq, i);
 	if (show_descr)
 	  vlib_cli_output (vm, "  %U", format_memif_descriptor, mif, mq);
       }
       vec_foreach_index (i, mif->rx_queues)
       {
 	mq = vec_elt_at_index (mif->rx_queues, i);
-	vlib_cli_output (vm, "  %U", format_memif_queue, mif, mq, i);
+	vlib_cli_output (vm, "  %U", format_memif_queue, mq, i);
 	if (show_descr)
 	  vlib_cli_output (vm, "  %U", format_memif_descriptor, mif, mq);
       }

src/plugins/memif/memif.c

@@ -338,6 +338,7 @@ memif_init_regions_and_queues (memif_if_t * mif)
     mq->region = 0;
     mq->offset = (void *) mq->ring - (void *) mif->regions[mq->region].shm;
     mq->last_head = 0;
+    mq->type = MEMIF_RING_S2M;
   }
 
   ASSERT (mif->rx_queues == 0);
@@ -354,6 +355,7 @@ memif_init_regions_and_queues (memif_if_t * mif)
     mq->region = 0;
     mq->offset = (void *) mq->ring - (void *) mif->regions[mq->region].shm;
     mq->last_head = 0;
+    mq->type = MEMIF_RING_M2S;
   }
 
   return 0;
@@ -483,12 +485,15 @@ memif_delete_if (vlib_main_t * vm, memif_if_t * mif)
   memif_disconnect (mif, err);
   clib_error_free (err);
 
-  /* remove the interface */
-  if (mif->mode == MEMIF_INTERFACE_MODE_IP)
-    vnet_delete_hw_interface (vnm, mif->hw_if_index);
-  else
-    ethernet_delete_interface (vnm, mif->hw_if_index);
-  mif->hw_if_index = ~0;
+  if (mif->hw_if_index != ~0)
+    {
+      /* remove the interface */
+      if (mif->mode == MEMIF_INTERFACE_MODE_IP)
+	vnet_delete_hw_interface (vnm, mif->hw_if_index);
+      else
+	ethernet_delete_interface (vnm, mif->hw_if_index);
+      mif->hw_if_index = ~0;
+    }
 
   /* free interface data structures */
   clib_spinlock_free (&mif->lockp);

src/plugins/memif/node.c

@@ -140,6 +140,9 @@ memif_copy_buffer_from_rx_ring (vlib_main_t * vm, memif_if_t * mif,
 	  prev_bi = *bi;
 	  *bi = nm->rx_buffers[thread_index][last_buf];
 	  b = vlib_get_buffer (vm, *bi);
+	  /* Clear the error first to ensure following node forget setting it */
+	  /* It will cause null-node error counter increasement instead of potential crash */
+	  b->error = 0x0;
 	  _vec_len (nm->rx_buffers[thread_index]) = last_buf;
 	  (*n_free_bufs)--;
 	  if (PREDICT_FALSE (*n_free_bufs == 0))
@@ -266,6 +269,7 @@ memif_device_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
     }
 
   head = ring->head;
+  mq->last_head = ring->tail;
   if (head == mq->last_head)
     return 0;
 
@@ -309,6 +313,10 @@ memif_device_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 						     &first_bi1, &bi1,
 						     &num_slots);
 
+	  if (PREDICT_FALSE (!first_bi0 || !first_bi1))
+	    {
+	      goto _invalid_pkt01;
+	    }
 	  /* enqueue buffer */
 	  to_next[0] = first_bi0;
 	  to_next[1] = first_bi1;
@@ -376,6 +384,66 @@ memif_device_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 	  /* next packet */
 	  n_rx_packets += 2;
 	  n_rx_bytes += b0_total + b1_total;
+
+	  continue;
+	_invalid_pkt01:
+	  if (!first_bi0 && !first_bi1)
+	    {
+	      continue;
+	    }
+	  if (first_bi1)
+	    {
+	      first_bi0 = first_bi1;
+	      first_b0 = first_b1;
+	      bi0 = bi1;
+	      b0_total = b1_total;
+	    }
+
+	  if (mode == MEMIF_INTERFACE_MODE_IP)
+	    {
+	      next0 = memif_next_from_ip_hdr (node, first_b0);
+	    }
+	  else if (mode == MEMIF_INTERFACE_MODE_ETHERNET)
+	    {
+	      if (PREDICT_FALSE (mif->per_interface_next_index != ~0))
+		next0 = mif->per_interface_next_index;
+	      else
+		/* redirect if feature path
+		 * enabled */
+		vnet_feature_start_device_input_x1 (mif->sw_if_index, &next0,
+						    first_b0);
+	    }
+
+	  /* trace */
+	  VLIB_BUFFER_TRACE_TRAJECTORY_INIT (first_b0);
+
+	  if (PREDICT_FALSE (n_trace > 0))
+	    {
+	      if (PREDICT_TRUE (first_b0 != 0))
+		{
+		  memif_input_trace_t *tr;
+		  vlib_trace_buffer (vm, node, next0, first_b0,
+				     /* follow_chain */ 0);
+		  vlib_set_trace_count (vm, node, --n_trace);
+		  tr = vlib_add_trace (vm, node, first_b0, sizeof (*tr));
+		  tr->next_index = next0;
+		  tr->hw_if_index = mif->hw_if_index;
+		  tr->ring = qid;
+		}
+	    }
+
+	  /* enqueue buffer */
+	  to_next[0] = first_bi0;
+	  to_next += 1;
+	  n_left_to_next--;
+
+	  /* enqueue */
+	  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+					   n_left_to_next, first_bi0, next0);
+
+	  /* next packet */
+	  n_rx_packets++;
+	  n_rx_bytes += b0_total;
 	}
       while (num_slots && n_left_to_next)
 	{
@@ -387,6 +455,10 @@ memif_device_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 						     &n_free_bufs, &first_b0,
 						     &first_bi0, &bi0,
 						     &num_slots);
+	  if (PREDICT_FALSE (!first_bi0))
+	    {
+	      goto _invalid_pkt0;
+	    }
 
 	  if (mode == MEMIF_INTERFACE_MODE_IP)
 	    {
@@ -433,11 +505,17 @@ memif_device_input_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
 	  /* next packet */
 	  n_rx_packets++;
 	  n_rx_bytes += b0_total;
+	  continue;
+	_invalid_pkt0:
+	  ;
+	}
+      if (PREDICT_TRUE (n_rx_packets != 0))
+	{
+	  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
 	}
-      vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
   CLIB_MEMORY_STORE_BARRIER ();
-  ring->tail = head;
+  ring->tail = mq->last_head;
 
   vlib_increment_combined_counter (vnm->interface_main.combined_sw_if_counters
 				   + VNET_INTERFACE_COUNTER_RX, thread_index,

src/plugins/memif/private.h

@@ -105,6 +105,9 @@ typedef struct
   int int_fd;
   uword int_clib_file_index;
   u64 int_count;
+
+  /* queue type */
+  memif_ring_type_t type;
 } memif_queue_t;
 
 #define foreach_memif_if_flag \

src/plugins/memif/socket.c

@@ -351,11 +351,16 @@ memif_msg_receive_add_ring (memif_if_t * mif, memif_msg_t * msg, int fd)
       mif->run.num_m2s_rings = vec_len (mif->tx_queues);
     }
 
+  // clear previous cache data if interface reconncected
+  memset (mq, 0, sizeof (memif_queue_t));
   mq->int_fd = fd;
   mq->int_clib_file_index = ~0;
   mq->log2_ring_size = ar->log2_ring_size;
   mq->region = ar->region;
   mq->offset = ar->offset;
+  mq->type =
+    (ar->flags & MEMIF_MSG_ADD_RING_FLAG_S2M) ? MEMIF_RING_S2M :
+    MEMIF_RING_M2S;
 
   return 0;
 }

src/plugins/nat/nat.h

@@ -641,4 +641,16 @@ nat_send_all_to_node(vlib_main_t *vm, u32 *bi_vector,
   }
 }
 
+always_inline void
+user_session_increment(snat_main_t *sm, snat_user_t *u, u8 is_static)
+{
+  if (u->nsessions + u->nstaticsessions < sm->max_translations_per_user)
+    {
+      if (is_static)
+	u->nstaticsessions++;
+      else
+	u->nsessions++;
+    }
+}
+
 #endif /* __included_snat_h__ */

src/plugins/nat/nat64.c

@@ -202,7 +202,7 @@ nat64_get_worker_out2in (ip4_header_t * ip)
   /* worker by outside port  (TCP/UDP) */
   port = clib_net_to_host_u16 (port);
   if (port > 1024)
-    return (u32) ((port - 1024) / sm->port_per_thread);
+    return nm->sm->first_worker_index + ((port - 1024) / sm->port_per_thread);
 
   return vlib_get_thread_index ();
 }
@@ -232,6 +232,8 @@ nat64_init (vlib_main_t * vm)
   nm->tcp_est_timeout = SNAT_TCP_ESTABLISHED_TIMEOUT;
   nm->tcp_incoming_syn_timeout = SNAT_TCP_INCOMING_SYN;
 
+  nm->total_enabled_count = 0;
+
   /* Set up the interface address add/del callback */
   cb4.function = nat64_ip4_add_del_interface_address_cb;
   cb4.function_opaque = 0;
@@ -430,6 +432,12 @@ nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
 	interface->flags |= NAT_INTERFACE_FLAG_IS_INSIDE;
       else
 	interface->flags |= NAT_INTERFACE_FLAG_IS_OUTSIDE;
+
+      nm->total_enabled_count++;
+      vlib_process_signal_event (nm->sm->vlib_main,
+				 nm->nat64_expire_walk_node_index,
+				 NAT64_CLEANER_RESCHEDULE, 0);
+
     }
   else
     {
@@ -443,6 +451,8 @@ nat64_add_del_interface (u32 sw_if_index, u8 is_inside, u8 is_add)
 	  ~NAT_INTERFACE_FLAG_IS_OUTSIDE;
       else
 	pool_put (nm->interfaces, interface);
+
+      nm->total_enabled_count--;
     }
 
   if (!is_inside)
@@ -497,13 +507,17 @@ nat64_alloc_out_addr_and_port (u32 fib_index, snat_protocol_t proto,
   snat_main_t *sm = nm->sm;
   snat_session_key_t k;
   u32 ai;
+  u32 worker_index = 0;
   int rv;
 
   k.protocol = proto;
 
+  if (sm->num_workers > 1)
+    worker_index = thread_index - sm->first_worker_index;
+
   rv =
     sm->alloc_addr_and_port (nm->addr_pool, fib_index, thread_index, &k, &ai,
-			     sm->port_per_thread, thread_index);
+			     sm->port_per_thread, worker_index);
 
   if (!rv)
     {
@@ -1160,6 +1174,8 @@ VLIB_REGISTER_NODE (nat64_expire_worker_walk_node, static) = {
 };
 /* *INDENT-ON* */
 
+static vlib_node_registration_t nat64_expire_walk_node;
+
 /**
  * @brief Centralized process to drive per worker expire walk.
  */
@@ -1167,8 +1183,12 @@ static uword
 nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 		      vlib_frame_t * f)
 {
+  nat64_main_t *nm = &nat64_main;
   vlib_main_t **worker_vms = 0, *worker_vm;
   int i;
+  uword event_type, *event_data = 0;
+
+  nm->nat64_expire_walk_node_index = nat64_expire_walk_node.index;
 
   if (vec_len (vlib_mains) == 0)
     vec_add1 (worker_vms, vm);
@@ -1184,8 +1204,28 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
 
   while (1)
     {
-      vlib_process_wait_for_event_or_clock (vm, 10.0);
-      vlib_process_get_events (vm, NULL);
+      if (nm->total_enabled_count)
+	{
+	  vlib_process_wait_for_event_or_clock (vm, 10.0);
+	  event_type = vlib_process_get_events (vm, &event_data);
+	}
+      else
+	{
+	  vlib_process_wait_for_event (vm);
+	  event_type = vlib_process_get_events (vm, &event_data);
+	}
+
+      switch (event_type)
+	{
+	case ~0:
+	  break;
+	case NAT64_CLEANER_RESCHEDULE:
+	  break;
+	default:
+	  clib_warning ("unknown event %u", event_type);
+	  break;
+	}
+
       for (i = 0; i < vec_len (worker_vms); i++)
 	{
 	  worker_vm = worker_vms[i];
@@ -1197,8 +1237,6 @@ nat64_expire_walk_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
   return 0;
 }
 
-static vlib_node_registration_t nat64_expire_walk_node;
-
 /* *INDENT-OFF* */
 VLIB_REGISTER_NODE (nat64_expire_walk_node, static) = {
     .function = nat64_expire_walk_fn,

src/plugins/nat/nat64.h

@@ -39,6 +39,11 @@ typedef enum
 #undef _
 } nat64_tcp_ses_state_t;
 
+enum
+{
+  NAT64_CLEANER_RESCHEDULE = 1,
+} nat64_cleaner_process_event_e;
+
 typedef struct
 {
   ip6_address_t prefix;
@@ -99,6 +104,11 @@ typedef struct
   u32 tcp_est_timeout;
   u32 tcp_incoming_syn_timeout;
 
+  /* Total count of interfaces enabled */
+  u32 total_enabled_count;
+  /* The process node which orcherstrates the cleanup */
+  u32 nat64_expire_walk_node_index;
+
   ip4_main_t *ip4_main;
   snat_main_t *sm;
 } nat64_main_t;