+ /* sanity check first */
+ const i32 start = vnet_buffer (b)->l3_hdr_offset;
+ if (start < 0 && start < sizeof (b->pre_data))
+ {
+ BFD_ERR ("Start of ip header is before pre_data, ignoring");
+ *ip6 = NULL;
+ *udp = NULL;
+ return;
+ }
+ *ip6 = (ip6_header_t *) (b->data + start);
+ if ((u8 *) * ip6 > (u8 *) vlib_buffer_get_current (b))
+ {
+ BFD_ERR ("Start of ip header is beyond current data, ignoring");
+ *ip6 = NULL;
+ *udp = NULL;
+ return;
+ }
+ if ((*ip6)->protocol != IP_PROTOCOL_UDP)
+ {
+ BFD_ERR ("Unexpected protocol in IPv6 header '%u', expected '%u' (== "
+ "IP_PROTOCOL_UDP)", (*ip6)->protocol, IP_PROTOCOL_UDP);
+ *ip6 = NULL;
+ *udp = NULL;
+ return;
+ }
+ *udp = (udp_header_t *) ((*ip6) + 1);
+}
+
+static bfd_udp_error_t
+bfd_udp6_verify_transport (const ip6_header_t * ip6,
+ const udp_header_t * udp, const bfd_session_t * bs)
+{
+ const bfd_udp_session_t *bus = &bs->udp;
+ const bfd_udp_key_t *key = &bus->key;
+ if (ip6->src_address.as_u64[0] != key->peer_addr.ip6.as_u64[0] &&
+ ip6->src_address.as_u64[1] != key->peer_addr.ip6.as_u64[1])
+ {
+ BFD_ERR ("IP src addr mismatch, got %U, expected %U",
+ format_ip6_address, ip6, format_ip6_address,
+ &key->peer_addr.ip6);
+ return BFD_UDP_ERROR_BAD;
+ }
+ if (ip6->dst_address.as_u64[0] != key->local_addr.ip6.as_u64[0] &&
+ ip6->dst_address.as_u64[1] != key->local_addr.ip6.as_u64[1])
+ {
+ BFD_ERR ("IP dst addr mismatch, got %U, expected %U",
+ format_ip6_address, ip6, format_ip6_address,
+ &key->local_addr.ip6);
+ return BFD_UDP_ERROR_BAD;
+ }
+ const u8 expected_hop_limit = 255;
+ if (ip6->hop_limit != expected_hop_limit)
+ {
+ BFD_ERR ("IPv6 unexpected hop-limit value %u, expected %u",
+ ip6->hop_limit, expected_hop_limit);
+ return BFD_UDP_ERROR_BAD;
+ }
+ if (clib_net_to_host_u16 (udp->src_port) < 49152)
+ {
+ BFD_ERR ("Invalid UDP src port %u, out of range <49152,65535>",
+ udp->src_port);
+ }
+ return BFD_UDP_ERROR_NONE;
+}
+
+static bfd_udp_error_t
+bfd_udp6_scan (vlib_main_t * vm, vlib_node_runtime_t * rt,
+ vlib_buffer_t * b, bfd_session_t ** bs_out)
+{
+ const bfd_pkt_t *pkt = vlib_buffer_get_current (b);
+ if (sizeof (*pkt) > b->current_length)
+ {
+ BFD_ERR
+ ("Payload size %d too small to hold bfd packet of minimum size %d",
+ b->current_length, sizeof (*pkt));
+ return BFD_UDP_ERROR_BAD;
+ }
+ ip6_header_t *ip6;
+ udp_header_t *udp;
+ bfd_udp6_find_headers (b, &ip6, &udp);
+ if (!ip6 || !udp)
+ {
+ BFD_ERR ("Couldn't find ip6 or udp header");
+ return BFD_UDP_ERROR_BAD;
+ }
+ const u32 udp_payload_length = udp->length - sizeof (*udp);
+ if (pkt->head.length > udp_payload_length)
+ {
+ BFD_ERR
+ ("BFD packet length is larger than udp payload length (%u > %u)",
+ pkt->head.length, udp_payload_length);
+ return BFD_UDP_ERROR_BAD;
+ }
+ if (!bfd_verify_pkt_common (pkt))
+ {
+ return BFD_UDP_ERROR_BAD;
+ }
+ bfd_session_t *bs = NULL;
+ if (pkt->your_disc)
+ {
+ BFD_DBG ("Looking up BFD session using discriminator %u",
+ pkt->your_disc);
+ bs = bfd_find_session_by_disc (bfd_udp_main.bfd_main, pkt->your_disc);
+ }
+ else
+ {
+ bfd_udp_key_t key;
+ clib_memset (&key, 0, sizeof (key));
+ key.sw_if_index = vnet_buffer (b)->sw_if_index[VLIB_RX];
+ key.local_addr.ip6.as_u64[0] = ip6->dst_address.as_u64[0];
+ key.local_addr.ip6.as_u64[1] = ip6->dst_address.as_u64[1];
+ key.peer_addr.ip6.as_u64[0] = ip6->src_address.as_u64[0];
+ key.peer_addr.ip6.as_u64[1] = ip6->src_address.as_u64[1];
+ BFD_DBG ("Looking up BFD session using key (sw_if_index=%u, local=%U, "
+ "peer=%U)",
+ key.sw_if_index, format_ip6_address, &key.local_addr,
+ format_ip6_address, &key.peer_addr);
+ bs = bfd_lookup_session (&bfd_udp_main, &key);
+ }
+ if (!bs)
+ {
+ BFD_ERR ("BFD session lookup failed - no session matches BFD pkt");
+ return BFD_UDP_ERROR_BAD;
+ }
+ BFD_DBG ("BFD session found, bs_idx=%u", bs->bs_idx);
+ if (!bfd_verify_pkt_auth (vm, pkt, b->current_length, bs))
+ {
+ BFD_ERR ("Packet verification failed, dropping packet");
+ return BFD_UDP_ERROR_BAD;
+ }
+ bfd_udp_error_t err;
+ if (BFD_UDP_ERROR_NONE != (err = bfd_udp6_verify_transport (ip6, udp, bs)))
+ {
+ return err;
+ }
+ bfd_rpc_update_session (vm, bs->bs_idx, pkt);
+ *bs_out = bs;
+ return BFD_UDP_ERROR_NONE;