diff options
author | Filip Tehlar <ftehlar@cisco.com> | 2016-08-23 10:52:44 +0200 |
---|---|---|
committer | Florin Coras <florin.coras@gmail.com> | 2016-08-23 13:27:23 +0000 |
commit | a20d317e63a75f9dc21158c15d1651dc2f92f24b (patch) | |
tree | a829da3ea7a13b1536b6cd94a0a1ff025c8f7cc1 | |
parent | dbc6e3f0bb22a63f86f7d036953656cde5ec7ff3 (diff) |
VPP-342: Don't allow remote mapping to overwrite local or static mapping
Change-Id: I9888d7c087da538b81a6a1967edbdf1103cc095a
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
(cherry picked from commit 3cd9e730f9db0d998e5e8a27ddff1da5a123625b)
-rw-r--r-- | vnet/vnet/lisp-cp/control.c | 20 | ||||
-rw-r--r-- | vnet/vnet/lisp-cp/control.h | 3 | ||||
-rw-r--r-- | vnet/vnet/lisp-cp/lisp_types.h | 2 | ||||
-rw-r--r-- | vpp/vpp-api/api.c | 2 |
4 files changed, 22 insertions, 5 deletions
diff --git a/vnet/vnet/lisp-cp/control.c b/vnet/vnet/lisp-cp/control.c index 2fd1dce1bb6..d7ac3c52d2a 100644 --- a/vnet/vnet/lisp-cp/control.c +++ b/vnet/vnet/lisp-cp/control.c @@ -445,6 +445,7 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a, m->ttl = a->ttl; m->action = a->action; m->local = a->local; + m->is_static = a->is_static; map_index = m - lcm->mapping_pool; gid_dictionary_add_del (&lcm->mapping_index_by_gid, &a->eid, map_index, @@ -767,11 +768,13 @@ compare_locators (lisp_cp_main_t * lcm, u32 * old_ls_indexes, * @param is_add add mapping if non-zero, delete otherwise * @param res_map_index the map-index that was created/updated/removed. It is * set to ~0 if no action is taken. + * @param is_static used for distinguishing between statically learned + remote mappings and mappings obtained from MR * @return return code */ int vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action, - u8 authoritative, u32 ttl, u8 is_add, + u8 authoritative, u32 ttl, u8 is_add, u8 is_static, u32 * res_map_index) { vnet_lisp_add_del_mapping_args_t _m_args, *m_args = &_m_args; @@ -803,6 +806,15 @@ vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action, * updated and be done */ if (old_map && gid_address_cmp (&old_map->eid, eid) == 0) { + if (!is_static && (old_map->is_static || old_map->local)) + { + /* do not overwrite local or static remote mappings */ + clib_warning ("mapping %U rejected due to collision with local " + "or static remote mapping!", format_gid_address, + &eid); + return 0; + } + locator_set_t *old_ls; /* update mapping attributes */ @@ -836,6 +848,7 @@ vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action, m_args->is_add = 1; m_args->action = action; m_args->locator_set_index = ls_index; + m_args->is_static = is_static; vnet_lisp_map_cache_add_del (m_args, &dst_map_index); if (res_map_index) @@ -1084,7 +1097,8 @@ lisp_add_del_remote_mapping_command_fn (vlib_main_t * vm, /* add as static remote mapping, i.e., not authoritative and infinite * ttl */ - rv = vnet_lisp_add_del_mapping (&eid, rlocs, action, 0, ~0, is_add, 0); + rv = vnet_lisp_add_del_mapping (&eid, rlocs, action, 0, ~0, is_add, + 1 /* is_static */ , 0); if (rv) clib_warning ("failed to %s remote mapping!", is_add ? "add" : "delete"); @@ -3141,7 +3155,7 @@ process_map_reply (void *arg) /* insert/update mappings cache */ vnet_lisp_add_del_mapping (&deid, locators, action, authoritative, ttl, - 1, &dst_map_index); + 1, 0 /* is_static */ , &dst_map_index); /* try to program forwarding only if mapping saved or updated */ if ((u32) ~ 0 != dst_map_index) diff --git a/vnet/vnet/lisp-cp/control.h b/vnet/vnet/lisp-cp/control.h index c5cb9a3d594..76590b2c36b 100644 --- a/vnet/vnet/lisp-cp/control.h +++ b/vnet/vnet/lisp-cp/control.h @@ -189,6 +189,7 @@ typedef struct u8 authoritative; u8 local; + u8 is_static; } vnet_lisp_add_del_mapping_args_t; int @@ -200,7 +201,7 @@ vnet_lisp_add_del_local_mapping (vnet_lisp_add_del_mapping_args_t * a, int vnet_lisp_add_del_mapping (gid_address_t * deid, locator_t * dlocs, u8 action, - u8 authoritative, u32 ttl, u8 is_add, + u8 authoritative, u32 ttl, u8 is_add, u8 is_static, u32 * res_map_index); typedef struct diff --git a/vnet/vnet/lisp-cp/lisp_types.h b/vnet/vnet/lisp-cp/lisp_types.h index 06cd116eb4b..cb1b277b530 100644 --- a/vnet/vnet/lisp-cp/lisp_types.h +++ b/vnet/vnet/lisp-cp/lisp_types.h @@ -287,6 +287,8 @@ typedef struct u8 authoritative; u8 local; + /* valid only for remote mappings */ + u8 is_static; } mapping_t; uword diff --git a/vpp/vpp-api/api.c b/vpp/vpp-api/api.c index e142be63e71..6bfb1bb6644 100644 --- a/vpp/vpp-api/api.c +++ b/vpp/vpp-api/api.c @@ -5499,7 +5499,7 @@ static void /* NOTE: for now this works as a static remote mapping, i.e., * not authoritative and ttl infinite. */ rv = vnet_lisp_add_del_mapping (eid, rlocs, mp->action, 0, ~0, - mp->is_add, 0); + mp->is_add, 1 /* is_static */ , 0); if (mp->del_all) vnet_lisp_clear_all_remote_adjacencies (); |