2 * Copyright (c) 2016 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 * @brief Local TCP/IP stack punt infrastructure.
20 * Provides a set of VPP nodes together with the relevant APIs and CLI
21 * commands in order to adjust and dispatch packets from the VPP data plane
22 * to the local TCP/IP stack
25 #include <vnet/ip/ip.h>
26 #include <vlib/vlib.h>
27 #include <vnet/pg/pg.h>
28 #include <vnet/udp/udp.h>
29 #include <vnet/tcp/tcp.h>
30 #include <vnet/ip/punt.h>
31 #include <vlib/unix/unix.h>
35 #include <sys/socket.h>
39 punt_main_t punt_main;
42 vnet_punt_get_server_pathname (void)
44 punt_main_t *pm = &punt_main;
49 punt_client_l4_db_add (ip_address_family_t af, u16 port, u32 index)
51 punt_main_t *pm = &punt_main;
53 pm->db.clients_by_l4_port = hash_set (pm->db.clients_by_l4_port,
54 punt_client_l4_mk_key (af, port),
59 punt_client_l4_db_remove (ip_address_family_t af, u16 port)
61 punt_main_t *pm = &punt_main;
65 key = punt_client_l4_mk_key (af, port);
66 p = hash_get (pm->db.clients_by_l4_port, key);
71 hash_unset (pm->db.clients_by_l4_port, key);
77 punt_client_ip_proto_db_add (ip_address_family_t af,
78 ip_protocol_t proto, u32 index)
80 punt_main_t *pm = &punt_main;
82 pm->db.clients_by_ip_proto = hash_set (pm->db.clients_by_ip_proto,
83 punt_client_ip_proto_mk_key (af,
89 punt_client_ip_proto_db_remove (ip_address_family_t af, ip_protocol_t proto)
91 punt_main_t *pm = &punt_main;
95 key = punt_client_ip_proto_mk_key (af, proto);
96 p = hash_get (pm->db.clients_by_ip_proto, key);
101 hash_unset (pm->db.clients_by_ip_proto, key);
107 punt_client_exception_db_add (vlib_punt_reason_t reason, u32 pci)
109 punt_main_t *pm = &punt_main;
111 vec_validate_init_empty (pm->db.clients_by_exception, reason, ~0);
113 pm->db.clients_by_exception[reason] = pci;
117 punt_client_exception_db_remove (vlib_punt_reason_t reason)
119 punt_main_t *pm = &punt_main;
122 if (punt_client_exception_get (reason))
124 pci = pm->db.clients_by_exception[reason];
125 pm->db.clients_by_exception[reason] = ~0;
131 static clib_error_t *
132 punt_socket_read_ready (clib_file_t * uf)
134 vlib_main_t *vm = vlib_get_main ();
135 punt_main_t *pm = &punt_main;
137 /** Schedule the rx node */
138 vlib_node_set_interrupt_pending (vm, punt_socket_rx_node.index);
139 vec_add1 (pm->ready_fds, uf->file_descriptor);
144 static clib_error_t *
145 punt_socket_register_l4 (vlib_main_t * vm,
146 ip_address_family_t af,
147 u8 protocol, u16 port, char *client_pathname)
149 punt_main_t *pm = &punt_main;
152 /* For now we only support UDP punt */
153 if (protocol != IP_PROTOCOL_UDP)
154 return clib_error_return (0,
155 "only UDP protocol (%d) is supported, got %d",
156 IP_PROTOCOL_UDP, protocol);
158 if (port == (u16) ~ 0)
159 return clib_error_return (0, "UDP port number required");
161 c = punt_client_l4_get (af, port);
165 pool_get_zero (pm->punt_client_pool, c);
166 punt_client_l4_db_add (af, port, c - pm->punt_client_pool);
169 memcpy (c->caddr.sun_path, client_pathname, sizeof (c->caddr.sun_path));
170 c->caddr.sun_family = AF_UNIX;
171 c->reg.type = PUNT_TYPE_L4;
172 c->reg.punt.l4.port = port;
173 c->reg.punt.l4.protocol = protocol;
174 c->reg.punt.l4.af = af;
176 u32 node_index = (af == AF_IP4 ?
177 udp4_punt_socket_node.index :
178 udp6_punt_socket_node.index);
180 udp_register_dst_port (vm, port, node_index, af == AF_IP4);
185 static clib_error_t *
186 punt_socket_register_ip_proto (vlib_main_t * vm,
187 ip_address_family_t af,
188 ip_protocol_t proto, char *client_pathname)
190 punt_main_t *pm = &punt_main;
193 c = punt_client_ip_proto_get (af, proto);
197 pool_get_zero (pm->punt_client_pool, c);
198 punt_client_ip_proto_db_add (af, proto, c - pm->punt_client_pool);
201 memcpy (c->caddr.sun_path, client_pathname, sizeof (c->caddr.sun_path));
202 c->caddr.sun_family = AF_UNIX;
203 c->reg.type = PUNT_TYPE_IP_PROTO;
204 c->reg.punt.ip_proto.protocol = proto;
205 c->reg.punt.ip_proto.af = af;
208 ip4_register_protocol (proto, ip4_proto_punt_socket_node.index);
210 ip6_register_protocol (proto, ip6_proto_punt_socket_node.index);
215 static clib_error_t *
216 punt_socket_register_exception (vlib_main_t * vm,
217 vlib_punt_reason_t reason,
218 char *client_pathname)
220 punt_main_t *pm = &punt_main;
223 pc = punt_client_exception_get (reason);
227 pool_get_zero (pm->punt_client_pool, pc);
228 punt_client_exception_db_add (reason, pc - pm->punt_client_pool);
231 memcpy (pc->caddr.sun_path, client_pathname, sizeof (pc->caddr.sun_path));
232 pc->caddr.sun_family = AF_UNIX;
233 pc->reg.type = PUNT_TYPE_EXCEPTION;
234 pc->reg.punt.exception.reason = reason;
236 vlib_punt_register (pm->hdl,
237 pc->reg.punt.exception.reason, "exception-punt-socket");
242 static clib_error_t *
243 punt_socket_unregister_l4 (ip_address_family_t af,
244 ip_protocol_t protocol, u16 port)
248 udp_unregister_dst_port (vlib_get_main (), port, af == AF_IP4);
250 pci = punt_client_l4_db_remove (af, port);
253 pool_put_index (punt_main.punt_client_pool, pci);
258 static clib_error_t *
259 punt_socket_unregister_ip_proto (ip_address_family_t af, ip_protocol_t proto)
264 ip4_unregister_protocol (proto);
266 ip6_unregister_protocol (proto);
268 pci = punt_client_ip_proto_db_remove (af, proto);
271 pool_put_index (punt_main.punt_client_pool, pci);
276 static clib_error_t *
277 punt_socket_unregister_exception (vlib_punt_reason_t reason)
281 pci = punt_client_exception_db_remove (reason);
284 pool_put_index (punt_main.punt_client_pool, pci);
290 vnet_punt_socket_add (vlib_main_t * vm, u32 header_version,
291 const punt_reg_t * pr, char *client_pathname)
293 punt_main_t *pm = &punt_main;
295 if (!pm->is_configured)
296 return clib_error_return (0, "socket is not configured");
298 if (header_version != PUNT_PACKETDESC_VERSION)
299 return clib_error_return (0, "Invalid packet descriptor version");
301 if (strncmp (client_pathname, vnet_punt_get_server_pathname (),
303 return clib_error_return (0,
304 "Punt socket: Invalid client path: %s",
307 /* Register client */
311 return (punt_socket_register_l4 (vm,
313 pr->punt.l4.protocol,
314 pr->punt.l4.port, client_pathname));
315 case PUNT_TYPE_IP_PROTO:
316 return (punt_socket_register_ip_proto (vm,
317 pr->punt.ip_proto.af,
318 pr->punt.ip_proto.protocol,
320 case PUNT_TYPE_EXCEPTION:
321 return (punt_socket_register_exception (vm,
322 pr->punt.exception.reason,
330 vnet_punt_socket_del (vlib_main_t * vm, const punt_reg_t * pr)
332 punt_main_t *pm = &punt_main;
334 if (!pm->is_configured)
335 return clib_error_return (0, "socket is not configured");
340 return (punt_socket_unregister_l4 (pr->punt.l4.af,
341 pr->punt.l4.protocol,
343 case PUNT_TYPE_IP_PROTO:
344 return (punt_socket_unregister_ip_proto (pr->punt.ip_proto.af,
345 pr->punt.ip_proto.protocol));
346 case PUNT_TYPE_EXCEPTION:
347 return (punt_socket_unregister_exception (pr->punt.exception.reason));
354 * @brief Request IP L4 traffic punt to the local TCP/IP stack.
357 * - UDP is the only protocol supported in the current implementation
359 * @param vm vlib_main_t corresponding to the current thread
360 * @param af IP address family.
361 * @param protocol 8-bits L4 protocol value
364 * @param port 16-bits L4 (TCP/IP) port number when applicable (UDP only)
366 * @returns 0 on success, non-zero value otherwise
368 static clib_error_t *
369 punt_l4_add_del (vlib_main_t * vm,
370 ip_address_family_t af,
371 ip_protocol_t protocol, u16 port, bool is_add)
373 /* For now we only support TCP and UDP punt */
374 if (protocol != IP_PROTOCOL_UDP && protocol != IP_PROTOCOL_TCP)
375 return clib_error_return (0,
376 "only UDP (%d) and TCP (%d) protocols are supported, got %d",
377 IP_PROTOCOL_UDP, IP_PROTOCOL_TCP, protocol);
379 if (port == (u16) ~ 0)
381 if (protocol == IP_PROTOCOL_UDP)
382 udp_punt_unknown (vm, af == AF_IP4, is_add);
383 else if (protocol == IP_PROTOCOL_TCP)
384 tcp_punt_unknown (vm, af == AF_IP4, is_add);
391 if (protocol == IP_PROTOCOL_TCP)
392 return clib_error_return (0, "punt TCP ports is not supported yet");
394 udp_register_dst_port (vm, port, udp4_punt_node.index, af == AF_IP4);
400 if (protocol == IP_PROTOCOL_TCP)
401 return clib_error_return (0, "punt TCP ports is not supported yet");
403 udp_unregister_dst_port (vm, port, af == AF_IP4);
410 vnet_punt_add_del (vlib_main_t * vm, const punt_reg_t * pr, bool is_add)
415 return (punt_l4_add_del (vm, pr->punt.l4.af, pr->punt.l4.protocol,
416 pr->punt.l4.port, is_add));
417 case PUNT_TYPE_EXCEPTION:
418 case PUNT_TYPE_IP_PROTO:
422 return (clib_error_return (0, "Unsupported punt type: %d", pr->type));
425 static clib_error_t *
426 punt_cli (vlib_main_t * vm,
427 unformat_input_t * input__, vlib_cli_command_t * cmd)
429 unformat_input_t line_input, *input = &line_input;
430 clib_error_t *error = NULL;
438 .protocol = IP_PROTOCOL_UDP,
441 .type = PUNT_TYPE_L4,
446 if (!unformat_user (input__, unformat_line_input, input))
449 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
451 if (unformat (input, "del"))
453 else if (unformat (input, "ipv4"))
454 pr.punt.l4.af = AF_IP4;
455 else if (unformat (input, "ipv6"))
456 pr.punt.l4.af = AF_IP6;
457 else if (unformat (input, "ip6"))
458 pr.punt.l4.af = AF_IP6;
459 else if (unformat (input, "%d", &port))
460 pr.punt.l4.port = port;
461 else if (unformat (input, "all"))
462 pr.punt.l4.port = ~0;
463 else if (unformat (input, "udp"))
464 pr.punt.l4.protocol = IP_PROTOCOL_UDP;
465 else if (unformat (input, "tcp"))
466 pr.punt.l4.protocol = IP_PROTOCOL_TCP;
469 error = clib_error_return (0, "parse error: '%U'",
470 format_unformat_error, input);
475 /* punt both IPv6 and IPv4 when used in CLI */
476 error = vnet_punt_add_del (vm, &pr, is_add);
479 clib_error_report (error);
483 unformat_free (input);
488 * The set of '<em>set punt</em>' commands allows specific IP traffic to
489 * be punted to the host TCP/IP stack
492 * - UDP is the only protocol supported in the current implementation
493 * - All TCP traffic is currently punted to the host by default
497 * Example of how to request NTP traffic to be punted
498 * @cliexcmd{set punt udp 125}
500 * Example of how to request all 'unknown' UDP traffic to be punted
501 * @cliexcmd{set punt udp all}
503 * Example of how to stop all 'unknown' UDP traffic to be punted
504 * @cliexcmd{set punt udp del all}
508 VLIB_CLI_COMMAND (punt_command, static) = {
510 .short_help = "set punt [IPV4|ip6|ipv6] [UDP|tcp] [del] [ALL|<port-num>]",
511 .function = punt_cli,
515 static clib_error_t *
516 punt_socket_register_cmd (vlib_main_t * vm,
517 unformat_input_t * input__,
518 vlib_cli_command_t * cmd)
520 unformat_input_t line_input, *input = &line_input;
522 clib_error_t *error = NULL;
529 .protocol = IP_PROTOCOL_UDP,
532 .type = PUNT_TYPE_L4,
536 if (!unformat_user (input__, unformat_line_input, input))
539 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
541 if (unformat (input, "ipv4"))
542 pr.punt.l4.af = AF_IP4;
543 else if (unformat (input, "ipv6"))
544 pr.punt.l4.af = AF_IP6;
545 else if (unformat (input, "udp"))
546 pr.punt.l4.protocol = IP_PROTOCOL_UDP;
547 else if (unformat (input, "tcp"))
548 pr.punt.l4.protocol = IP_PROTOCOL_TCP;
549 else if (unformat (input, "%d", &pr.punt.l4.port))
551 else if (unformat (input, "all"))
552 pr.punt.l4.port = ~0;
553 else if (unformat (input, "socket %s", &socket_name))
557 error = clib_error_return (0, "parse error: '%U'",
558 format_unformat_error, input);
564 error = clib_error_return (0, "socket name not specified");
566 error = vnet_punt_socket_add (vm, 1, &pr, (char *) socket_name);
569 unformat_free (input);
576 * @cliexcmd{punt socket register socket punt_l4_foo.sock}
580 VLIB_CLI_COMMAND (punt_socket_register_command, static) =
582 .path = "punt socket register",
583 .function = punt_socket_register_cmd,
584 .short_help = "punt socket register [IPV4|ipv6] [UDP|tcp] [ALL|<port-num>] socket <socket>",
589 static clib_error_t *
590 punt_socket_deregister_cmd (vlib_main_t * vm,
591 unformat_input_t * input__,
592 vlib_cli_command_t * cmd)
594 unformat_input_t line_input, *input = &line_input;
595 clib_error_t *error = NULL;
602 .protocol = IP_PROTOCOL_UDP,
605 .type = PUNT_TYPE_L4,
609 if (!unformat_user (input__, unformat_line_input, input))
612 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
614 if (unformat (input, "ipv4"))
615 pr.punt.l4.af = AF_IP4;
616 else if (unformat (input, "ipv6"))
617 pr.punt.l4.af = AF_IP6;
618 else if (unformat (input, "udp"))
619 pr.punt.l4.protocol = IP_PROTOCOL_UDP;
620 else if (unformat (input, "tcp"))
621 pr.punt.l4.protocol = IP_PROTOCOL_TCP;
622 else if (unformat (input, "%d", &pr.punt.l4.port))
624 else if (unformat (input, "all"))
625 pr.punt.l4.port = ~0;
628 error = clib_error_return (0, "parse error: '%U'",
629 format_unformat_error, input);
634 error = vnet_punt_socket_del (vm, &pr);
636 unformat_free (input);
643 * @cliexcmd{punt socket register}
646 VLIB_CLI_COMMAND (punt_socket_deregister_command, static) =
648 .path = "punt socket deregister",
649 .function = punt_socket_deregister_cmd,
650 .short_help = "punt socket deregister [IPV4|ipv6] [UDP|tcp] [ALL|<port-num>]",
656 punt_client_walk (punt_type_t pt, punt_client_walk_cb_t cb, void *ctx)
658 punt_main_t *pm = &punt_main;
667 hash_foreach(key, pci, pm->db.clients_by_l4_port,
669 cb (pool_elt_at_index(pm->punt_client_pool, pci), ctx);
674 case PUNT_TYPE_IP_PROTO:
679 hash_foreach(key, pci, pm->db.clients_by_ip_proto,
681 cb (pool_elt_at_index(pm->punt_client_pool, pci), ctx);
686 case PUNT_TYPE_EXCEPTION:
690 vec_foreach (pci, pm->db.clients_by_exception)
693 cb (pool_elt_at_index (pm->punt_client_pool, *pci), ctx);
702 format_punt_client (u8 * s, va_list * args)
704 punt_client_t *pc = va_arg (*args, punt_client_t *);
706 s = format (s, " punt ");
708 switch (pc->reg.type)
711 s = format (s, "%U %U port %d",
712 format_ip_address_family, pc->reg.punt.l4.af,
713 format_ip_protocol, pc->reg.punt.l4.protocol,
714 pc->reg.punt.l4.port);
716 case PUNT_TYPE_IP_PROTO:
717 s = format (s, "%U %U",
718 format_ip_address_family, pc->reg.punt.ip_proto.af,
719 format_ip_protocol, pc->reg.punt.ip_proto.protocol);
721 case PUNT_TYPE_EXCEPTION:
722 s = format (s, " %U", format_vlib_punt_reason,
723 pc->reg.punt.exception.reason);
727 s = format (s, " to socket %s \n", pc->caddr.sun_path);
733 punt_client_show_one (const punt_client_t * pc, void *ctx)
735 vlib_cli_output (ctx, "%U", format_punt_client, pc);
737 return (WALK_CONTINUE);
740 static clib_error_t *
741 punt_socket_show_cmd (vlib_main_t * vm,
742 unformat_input_t * input__, vlib_cli_command_t * cmd)
744 unformat_input_t line_input, *input = &line_input;
745 clib_error_t *error = NULL;
750 if (!unformat_user (input__, unformat_line_input, input))
753 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
755 if (unformat (input, "exception"))
756 pt = PUNT_TYPE_EXCEPTION;
757 else if (unformat (input, "l4"))
759 else if (unformat (input, "ip"))
760 pt = PUNT_TYPE_IP_PROTO;
763 error = clib_error_return (0, "parse error: '%U'",
764 format_unformat_error, input);
769 punt_client_walk (pt, punt_client_show_one, vm);
772 unformat_free (input);
779 * @cliexcmd{show punt socket ipv4}
782 VLIB_CLI_COMMAND (show_punt_socket_registration_command, static) =
784 .path = "show punt socket registrations",
785 .function = punt_socket_show_cmd,
786 .short_help = "show punt socket registrations [l4|exception]",
792 ip_punt_init (vlib_main_t * vm)
794 clib_error_t *error = NULL;
795 punt_main_t *pm = &punt_main;
796 vlib_thread_main_t *tm = vlib_get_thread_main ();
798 pm->is_configured = false;
799 pm->interface_output_node =
800 vlib_get_node_by_name (vm, (u8 *) "interface-output");
802 if ((error = vlib_call_init_function (vm, punt_init)))
805 pm->hdl = vlib_punt_client_register ("ip-punt");
807 vec_validate_aligned (pm->thread_data, tm->n_vlib_mains,
808 CLIB_CACHE_LINE_BYTES);
813 VLIB_INIT_FUNCTION (ip_punt_init);
815 static clib_error_t *
816 punt_config (vlib_main_t * vm, unformat_input_t * input)
818 punt_main_t *pm = &punt_main;
819 char *socket_path = 0;
821 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
823 if (unformat (input, "socket %s", &socket_path))
824 strncpy (pm->sun_path, socket_path, UNIX_PATH_MAX - 1);
826 return clib_error_return (0, "unknown input `%U'",
827 format_unformat_error, input);
830 if (socket_path == 0)
833 /* UNIX domain socket */
834 struct sockaddr_un addr;
835 if ((pm->socket_fd = socket (AF_UNIX, SOCK_DGRAM | SOCK_NONBLOCK, 0)) == -1)
837 return clib_error_return (0, "socket error");
840 clib_memset (&addr, 0, sizeof (addr));
841 addr.sun_family = AF_UNIX;
842 if (*socket_path == '\0')
844 *addr.sun_path = '\0';
845 strncpy (addr.sun_path + 1, socket_path + 1,
846 sizeof (addr.sun_path) - 2);
850 strncpy (addr.sun_path, socket_path, sizeof (addr.sun_path) - 1);
851 unlink (socket_path);
854 if (bind (pm->socket_fd, (struct sockaddr *) &addr, sizeof (addr)) == -1)
856 return clib_error_return (0, "bind error");
859 int n_bytes = 0x10000;
862 (pm->socket_fd, SOL_SOCKET, SO_SNDBUF, &n_bytes,
863 sizeof (n_bytes)) == -1)
865 return clib_error_return (0, "setsockopt error");
868 /* Register socket */
869 clib_file_main_t *fm = &file_main;
870 clib_file_t template = { 0 };
871 template.read_function = punt_socket_read_ready;
872 template.file_descriptor = pm->socket_fd;
873 template.description = format (0, "%s", socket_path);
874 pm->clib_file_index = clib_file_add (fm, &template);
876 pm->is_configured = true;
881 VLIB_CONFIG_FUNCTION (punt_config, "punt");
884 * fd.io coding-style-patch-verification: ON
887 * eval: (c-set-style "gnu")