X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Flisp-cp%2Fcontrol.c;h=e4015c76fcee8f051e60ada17e7531684dc71b68;hb=5cd31ec9405d2bb2fbc8152a08c4cfb64f2a8e73;hp=340217c661e1861d8bea0b87b46e8998443bb038;hpb=060bfb987a277624e5644de2fcbee1196c2c76e8;p=vpp.git diff --git a/src/vnet/lisp-cp/control.c b/src/vnet/lisp-cp/control.c index 340217c661e..e4015c76fce 100644 --- a/src/vnet/lisp-cp/control.c +++ b/src/vnet/lisp-cp/control.c @@ -114,7 +114,7 @@ ip_interface_get_first_ip_address (lisp_cp_main_t * lcm, u32 sw_if_index, ip_lookup_main_t *lm; void *addr; - lm = (version == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; + lm = (version == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; addr = ip_interface_get_first_address (lm, sw_if_index, version); if (!addr) return 0; @@ -129,7 +129,7 @@ ip_interface_get_first_ip_address (lisp_cp_main_t * lcm, u32 sw_if_index, void ip_address_to_fib_prefix (const ip_address_t * addr, fib_prefix_t * prefix) { - if (addr->version == IP4) + if (addr->version == AF_IP4) { prefix->fp_len = 32; prefix->fp_proto = FIB_PROTOCOL_IP4; @@ -142,6 +142,7 @@ ip_address_to_fib_prefix (const ip_address_t * addr, fib_prefix_t * prefix) prefix->fp_proto = FIB_PROTOCOL_IP6; memcpy (&prefix->fp_addr.ip6, &addr->ip, sizeof (prefix->fp_addr.ip6)); } + prefix->___fp___pad = 0; } /** @@ -189,7 +190,7 @@ ip_fib_get_first_egress_ip_for_dst (lisp_cp_main_t * lcm, ip_address_t * dst, ipver = ip_addr_version (dst); - lm = (ipver == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; + lm = (ipver == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; si = ip_fib_get_egress_iface_for_dst (lcm, dst); if ((u32) ~ 0 == si) @@ -899,16 +900,17 @@ vnet_lisp_add_del_local_mapping (vnet_lisp_add_del_mapping_args_t * a, return vnet_lisp_map_cache_add_del (a, map_index_result); } -static void +static int add_l2_arp_bd (BVT (clib_bihash_kv) * kvp, void *arg) { u32 **ht = arg; u32 version = (u32) kvp->key[0]; - if (IP6 == version) - return; + if (AF_IP6 == version) + return (BIHASH_WALK_CONTINUE); u32 bd = (u32) (kvp->key[0] >> 32); hash_set (ht[0], bd, 0); + return (BIHASH_WALK_CONTINUE); } u32 * @@ -922,16 +924,17 @@ vnet_lisp_l2_arp_bds_get (void) return bds; } -static void +static int add_ndp_bd (BVT (clib_bihash_kv) * kvp, void *arg) { u32 **ht = arg; u32 version = (u32) kvp->key[0]; - if (IP4 == version) - return; + if (AF_IP4 == version) + return (BIHASH_WALK_CONTINUE); u32 bd = (u32) (kvp->key[0] >> 32); hash_set (ht[0], bd, 0); + return (BIHASH_WALK_CONTINUE); } u32 * @@ -951,15 +954,15 @@ typedef struct u32 bd; } lisp_add_l2_arp_ndp_args_t; -static void +static int add_l2_arp_entry (BVT (clib_bihash_kv) * kvp, void *arg) { lisp_add_l2_arp_ndp_args_t *a = arg; lisp_api_l2_arp_entry_t **vector = a->vector, e; u32 version = (u32) kvp->key[0]; - if (IP6 == version) - return; + if (AF_IP6 == version) + return (BIHASH_WALK_CONTINUE); u32 bd = (u32) (kvp->key[0] >> 32); @@ -969,6 +972,7 @@ add_l2_arp_entry (BVT (clib_bihash_kv) * kvp, void *arg) e.ip4 = (u32) kvp->key[1]; vec_add1 (vector[0], e); } + return (BIHASH_WALK_CONTINUE); } lisp_api_l2_arp_entry_t * @@ -986,15 +990,15 @@ vnet_lisp_l2_arp_entries_get_by_bd (u32 bd) return entries; } -static void +static int add_ndp_entry (BVT (clib_bihash_kv) * kvp, void *arg) { lisp_add_l2_arp_ndp_args_t *a = arg; lisp_api_ndp_entry_t **vector = a->vector, e; u32 version = (u32) kvp->key[0]; - if (IP4 == version) - return; + if (AF_IP4 == version) + return (BIHASH_WALK_CONTINUE); u32 bd = (u32) (kvp->key[0] >> 32); @@ -1004,6 +1008,7 @@ add_ndp_entry (BVT (clib_bihash_kv) * kvp, void *arg) clib_memcpy (e.ip6, &kvp->key[1], 16); vec_add1 (vector[0], e); } + return (BIHASH_WALK_CONTINUE); } lisp_api_ndp_entry_t * @@ -2297,6 +2302,9 @@ vnet_lisp_enable_disable (u8 is_enable) } } + if (is_enable) + vnet_lisp_create_retry_process (lcm); + /* update global flag */ lcm->is_enabled = is_enable; @@ -2510,7 +2518,7 @@ build_itr_rloc_list (lisp_cp_main_t * lcm, locator_set_t * loc_set) loc->sw_if_index, 1 /* unnumbered */, ({ addr = ip_interface_address_get_address (&lcm->im4->lookup_main, ia); - ip_address_set (rloc, addr, IP4); + ip_address_set (rloc, addr, AF_IP4); ip_prefix_len (ippref) = 32; ip_prefix_normalize (ippref); vec_add1 (rlocs, gid[0]); @@ -2521,7 +2529,7 @@ build_itr_rloc_list (lisp_cp_main_t * lcm, locator_set_t * loc_set) loc->sw_if_index, 1 /* unnumbered */, ({ addr = ip_interface_address_get_address (&lcm->im6->lookup_main, ia); - ip_address_set (rloc, addr, IP6); + ip_address_set (rloc, addr, AF_IP6); ip_prefix_len (ippref) = 128; ip_prefix_normalize (ippref); vec_add1 (rlocs, gid[0]); @@ -2684,7 +2692,7 @@ add_locators (lisp_cp_main_t * lcm, mapping_t * m, u32 locator_set_index, ({ addr = ip_interface_address_get_address (&lcm->im4->lookup_main, ia); - ip_address_set (new_ip, addr, IP4); + ip_address_set (new_ip, addr, AF_IP4); })); /* Add ipv6 locators */ @@ -2693,7 +2701,7 @@ add_locators (lisp_cp_main_t * lcm, mapping_t * m, u32 locator_set_index, ({ addr = ip_interface_address_get_address (&lcm->im6->lookup_main, ia); - ip_address_set (new_ip, addr, IP6); + ip_address_set (new_ip, addr, AF_IP6); })); /* *INDENT-ON* */ @@ -2725,6 +2733,22 @@ build_map_register_record_list (lisp_cp_main_t * lcm) return recs; } +static vnet_crypto_alg_t +lisp_key_type_to_crypto_alg (lisp_key_type_t key_id) +{ + switch (key_id) + { + case HMAC_SHA_1_96: + return VNET_CRYPTO_ALG_HMAC_SHA1; + case HMAC_SHA_256_128: + return VNET_CRYPTO_ALG_HMAC_SHA256; + default: + clib_warning ("unsupported encryption key type: %d!", key_id); + break; + } + return VNET_CRYPTO_ALG_NONE; +} + static vnet_crypto_op_id_t lisp_key_type_to_crypto_op (lisp_key_type_t key_id) { @@ -2750,17 +2774,23 @@ update_map_register_auth_data (map_register_hdr_t * map_reg_hdr, MREG_KEY_ID (map_reg_hdr) = clib_host_to_net_u16 (key_id); MREG_AUTH_DATA_LEN (map_reg_hdr) = clib_host_to_net_u16 (auth_data_len); vnet_crypto_op_t _op, *op = &_op; + vnet_crypto_key_index_t ki; vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id)); - op->key = key; - op->key_len = vec_len (key); op->len = msg_len; op->digest = MREG_DATA (map_reg_hdr); op->src = (u8 *) map_reg_hdr; op->digest_len = 0; op->iv = 0; + ki = vnet_crypto_key_add (lcm->vlib_main, + lisp_key_type_to_crypto_alg (key_id), key, + vec_len (key)); + + op->key_index = ki; + vnet_crypto_process_ops (lcm->vlib_main, op, 1); + vnet_crypto_key_del (lcm->vlib_main, ki); return 0; } @@ -2894,7 +2924,7 @@ send_rloc_probe (lisp_cp_main_t * lcm, gid_address_t * deid, vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (rloc) == IP4) ? + next_index = (ip_addr_version (rloc) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -3006,7 +3036,7 @@ send_map_register (lisp_cp_main_t * lcm, u8 want_map_notif) vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_server) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_server) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -3153,7 +3183,7 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, /* set fib index to default and lookup node */ vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -3208,14 +3238,14 @@ get_src_and_dst_ip (void *hdr, ip_address_t * src, ip_address_t * dst) if ((ip4->ip_version_and_header_length & 0xF0) == 0x40) { - ip_address_set (src, &ip4->src_address, IP4); - ip_address_set (dst, &ip4->dst_address, IP4); + ip_address_set (src, &ip4->src_address, AF_IP4); + ip_address_set (dst, &ip4->dst_address, AF_IP4); } else { ip6 = hdr; - ip_address_set (src, &ip6->src_address, IP6); - ip_address_set (dst, &ip6->dst_address, IP6); + ip_address_set (src, &ip6->src_address, AF_IP6); + ip_address_set (dst, &ip6->dst_address, AF_IP6); } } @@ -3227,7 +3257,8 @@ lisp_get_vni_from_buffer_ip (lisp_cp_main_t * lcm, vlib_buffer_t * b, u32 vni = ~0, table_id = ~0; table_id = fib_table_get_table_id_for_sw_if_index ((version == - IP4 ? FIB_PROTOCOL_IP4 : + AF_IP4 ? + FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6), vnet_buffer (b)->sw_if_index @@ -3325,7 +3356,7 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, { clib_memset (&gid_address_arp_ndp_ip (dst), 0, sizeof (ip_address_t)); - ip_addr_version (&gid_address_arp_ndp_ip (dst)) = IP4; + ip_addr_version (&gid_address_arp_ndp_ip (dst)) = AF_IP4; gid_address_arp_ndp_bd (dst) = ~0; return; } @@ -3358,7 +3389,7 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, clib_memset (&gid_address_arp_ndp_ip (dst), 0, sizeof (ip_address_t)); ip_addr_version (&gid_address_arp_ndp_ip (dst)) = - IP6; + AF_IP6; gid_address_arp_ndp_bd (dst) = ~0; gid_address_type (src) = GID_ADDR_NO_ADDRESS; return; @@ -3367,7 +3398,7 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, gid_address_ndp_bd (dst) = lisp_get_bd_from_buffer_eth (b); ip_address_set (&gid_address_arp_ndp_ip (dst), - &ndh->target_address, IP6); + &ndh->target_address, AF_IP6); return; } } @@ -3926,6 +3957,7 @@ is_auth_data_valid (map_notify_hdr_t * h, u32 msg_len, u16 auth_data_len; int result; vnet_crypto_op_t _op, *op = &_op; + vnet_crypto_key_index_t ki; u8 out[EVP_MAX_MD_SIZE] = { 0, }; auth_data_len = auth_data_len_by_key_id (key_id); @@ -3943,15 +3975,20 @@ is_auth_data_valid (map_notify_hdr_t * h, u32 msg_len, clib_memset (MNOTIFY_DATA (h), 0, auth_data_len); vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id)); - op->key = key; - op->key_len = vec_len (key); op->len = msg_len; op->digest = out; op->src = (u8 *) h; op->digest_len = 0; op->iv = 0; + ki = vnet_crypto_key_add (lcm->vlib_main, + lisp_key_type_to_crypto_alg (key_id), key, + vec_len (key)); + + op->key_index = ki; + vnet_crypto_process_ops (lcm->vlib_main, op, 1); + vnet_crypto_key_del (lcm->vlib_main, ki); result = memcmp (out, auth_data, auth_data_len); @@ -4197,7 +4234,7 @@ send_map_reply (lisp_cp_main_t * lcm, u32 mi, ip_address_t * dst, free_map_register_records (records); vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -4329,7 +4366,7 @@ parse_map_reply (vlib_buffer_t * b) a->is_rloc_probe = MREP_RLOC_PROBE (mrep_hdr); if (!vlib_buffer_has_space (b, sizeof (*mrep_hdr))) { - clib_mem_free (a); + map_records_arg_free (a); return 0; } vlib_buffer_pull (b, sizeof (*mrep_hdr)); @@ -4875,14 +4912,17 @@ vnet_lisp_stats_enable_disable_state (void) return lcm->flags & LISP_FLAG_STATS_ENABLED; } -/* *INDENT-OFF* */ -VLIB_REGISTER_NODE (lisp_retry_service_node,static) = { - .function = send_map_resolver_service, - .type = VLIB_NODE_TYPE_PROCESS, - .name = "lisp-retry-service", - .process_log2_n_stack_bytes = 16, -}; -/* *INDENT-ON* */ +void +vnet_lisp_create_retry_process (lisp_cp_main_t * lcm) +{ + if (lcm->retry_service_index) + return; + + lcm->retry_service_index = vlib_process_create (vlib_get_main (), + "lisp-retry-service", + send_map_resolver_service, + 16 /* stack_bytes */ ); +} u32 vnet_lisp_set_transport_protocol (u8 protocol)