summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2016-08-23 10:52:44 +0200
committerFilip Tehlar <ftehlar@cisco.com>2016-08-23 12:14:52 +0200
commit3cd9e730f9db0d998e5e8a27ddff1da5a123625b (patch)
treeda11bbdef541295160c8e42286755f35fd437562
parentb28e498a49aeb5386bb10695146f859032bd90ae (diff)
VPP-342: Don't allow remote mapping to overwrite local or static mapping
Change-Id: I9888d7c087da538b81a6a1967edbdf1103cc095a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
-rw-r--r--vnet/vnet/lisp-cp/control.c20
-rw-r--r--vnet/vnet/lisp-cp/control.h3
-rw-r--r--vnet/vnet/lisp-cp/lisp_types.h2
-rw-r--r--vpp/vpp-api/api.c2
4 files changed, 22 insertions, 5 deletions
diff --git a/vnet/vnet/lisp-cp/control.c b/vnet/vnet/lisp-cp/control.c
index 2fd1dce1..d7ac3c52 100644
--- a/vnet/vnet/lisp-cp/control.c
+++ b/vnet/vnet/lisp-cp/control.c
@@ -445,6 +445,7 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a,
m->ttl = a->ttl;
m->action = a->action;
m->local = a->local;
+ m->is_static = a->is_static;
map_index = m - lcm->mapping_pool;
gid_dictionary_add_del (&lcm->mapping_index_by_gid, &a->eid, map_index,
@@ -767,11 +768,13 @@ compare_locators (lisp_cp_main_t * lcm, u32 * old_ls_indexes,
* @param is_add add mapping if non-zero, delete otherwise
* @param res_map_index the map-index that was created/updated/removed. It is
* set to ~0 if no action is taken.
+ * @param is_static used for distinguishing between statically learned
+ remote mappings and mappings obtained from MR
* @return return code
*/
int
vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action,
- u8 authoritative, u32 ttl, u8 is_add,
+ u8 authoritative, u32 ttl, u8 is_add, u8 is_static,
u32 * res_map_index)
{
vnet_lisp_add_del_mapping_args_t _m_args, *m_args = &_m_args;
@@ -803,6 +806,15 @@ vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action,
* updated and be done */
if (old_map && gid_address_cmp (&old_map->eid, eid) == 0)
{
+ if (!is_static && (old_map->is_static || old_map->local))
+ {
+ /* do not overwrite local or static remote mappings */
+ clib_warning ("mapping %U rejected due to collision with local "
+ "or static remote mapping!", format_gid_address,
+ &eid);
+ return 0;
+ }
+
locator_set_t *old_ls;
/* update mapping attributes */
@@ -836,6 +848,7 @@ vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action,
m_args->is_add = 1;
m_args->action = action;
m_args->locator_set_index = ls_index;
+ m_args->is_static = is_static;
vnet_lisp_map_cache_add_del (m_args, &dst_map_index);
if (res_map_index)
@@ -1084,7 +1097,8 @@ lisp_add_del_remote_mapping_command_fn (vlib_main_t * vm,
/* add as static remote mapping, i.e., not authoritative and infinite
* ttl */
- rv = vnet_lisp_add_del_mapping (&eid, rlocs, action, 0, ~0, is_add, 0);
+ rv = vnet_lisp_add_del_mapping (&eid, rlocs, action, 0, ~0, is_add,
+ 1 /* is_static */ , 0);
if (rv)
clib_warning ("failed to %s remote mapping!", is_add ? "add" : "delete");
@@ -3141,7 +3155,7 @@ process_map_reply (void *arg)
/* insert/update mappings cache */
vnet_lisp_add_del_mapping (&deid, locators, action, authoritative, ttl,
- 1, &dst_map_index);
+ 1, 0 /* is_static */ , &dst_map_index);
/* try to program forwarding only if mapping saved or updated */
if ((u32) ~ 0 != dst_map_index)
diff --git a/vnet/vnet/lisp-cp/control.h b/vnet/vnet/lisp-cp/control.h
index c5cb9a3d..76590b2c 100644
--- a/vnet/vnet/lisp-cp/control.h
+++ b/vnet/vnet/lisp-cp/control.h
@@ -189,6 +189,7 @@ typedef struct
u8 authoritative;
u8 local;
+ u8 is_static;
} vnet_lisp_add_del_mapping_args_t;
int
@@ -200,7 +201,7 @@ vnet_lisp_add_del_local_mapping (vnet_lisp_add_del_mapping_args_t * a,
int
vnet_lisp_add_del_mapping (gid_address_t * deid, locator_t * dlocs, u8 action,
- u8 authoritative, u32 ttl, u8 is_add,
+ u8 authoritative, u32 ttl, u8 is_add, u8 is_static,
u32 * res_map_index);
typedef struct
diff --git a/vnet/vnet/lisp-cp/lisp_types.h b/vnet/vnet/lisp-cp/lisp_types.h
index 06cd116e..cb1b277b 100644
--- a/vnet/vnet/lisp-cp/lisp_types.h
+++ b/vnet/vnet/lisp-cp/lisp_types.h
@@ -287,6 +287,8 @@ typedef struct
u8 authoritative;
u8 local;
+ /* valid only for remote mappings */
+ u8 is_static;
} mapping_t;
uword
diff --git a/vpp/vpp-api/api.c b/vpp/vpp-api/api.c
index 93401ed1..db818fdf 100644
--- a/vpp/vpp-api/api.c
+++ b/vpp/vpp-api/api.c
@@ -5503,7 +5503,7 @@ static void
/* NOTE: for now this works as a static remote mapping, i.e.,
* not authoritative and ttl infinite. */
rv = vnet_lisp_add_del_mapping (eid, rlocs, mp->action, 0, ~0,
- mp->is_add, 0);
+ mp->is_add, 1 /* is_static */ , 0);
if (mp->del_all)
vnet_lisp_clear_all_remote_adjacencies ();