diff options
author | Stanislav Zaikin <stanislav.zaikin@46labs.com> | 2024-09-09 15:00:33 +0200 |
---|---|---|
committer | Stanislav Zaikin <stanislav.zaikin@46labs.com> | 2024-09-24 14:17:38 +0200 |
commit | 43b6ff39aef2b35479e12b30e3fd4658ebfd364a (patch) | |
tree | 3a893ddfcd9f48e430c93246316e9dc6c812ef32 | |
parent | 53239b45caa6cc2aefb260c9f49ab352c32a4207 (diff) |
ipsec: cleanup tun protect on interface removal
when a protected tunnel gets deleted it's necessary to run a proper
cleanup
Type: fix
Change-Id: I9d2c60ecbf97c4df299ac5c2228b036bf3478a56
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
-rw-r--r-- | src/vnet/ipsec/ipsec_tun.c | 50 |
1 files changed, 39 insertions, 11 deletions
diff --git a/src/vnet/ipsec/ipsec_tun.c b/src/vnet/ipsec/ipsec_tun.c index ecda291e985..5fb07b3ba09 100644 --- a/src/vnet/ipsec/ipsec_tun.c +++ b/src/vnet/ipsec/ipsec_tun.c @@ -23,6 +23,7 @@ #include <vnet/adj/adj_midchain.h> #include <vnet/teib/teib.h> #include <vnet/mpls/mpls.h> +#include <vnet/interface.h> /* instantiate the bihash functions */ #include <vppinfra/bihash_8_16.h> @@ -704,22 +705,13 @@ out: return (rv); } -int -ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t * nh) +static int +ipsec_tun_protect_del_by_idx (index_t itpi) { ipsec_tun_protect_t *itp; ipsec_main_t *im; - index_t itpi; - - ITP_DBG2 ("delete: %U/%U", - format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index, - format_ip_address, nh); im = &ipsec_main; - if (NULL == nh) - nh = &IP_ADDR_ALL_0; - - itpi = ipsec_tun_protect_find (sw_if_index, nh); if (INDEX_INVALID == itpi) return (VNET_API_ERROR_NO_SUCH_ENTRY); @@ -736,6 +728,22 @@ ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t * nh) return (0); } +int +ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t *nh) +{ + index_t itpi; + + ITP_DBG2 ("delete: %U/%U", format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip_address, nh); + + if (NULL == nh) + nh = &IP_ADDR_ALL_0; + + itpi = ipsec_tun_protect_find (sw_if_index, nh); + + return ipsec_tun_protect_del_by_idx (itpi); +} + void ipsec_tun_protect_walk (ipsec_tun_protect_walk_cb_t fn, void *ctx) { @@ -747,6 +755,26 @@ ipsec_tun_protect_walk (ipsec_tun_protect_walk_cb_t fn, void *ctx) } } +walk_rc_t +ipsec_tun_interface_cleanup (index_t itpi, void *ctx) +{ + ipsec_tun_protect_del_by_idx (itpi); + return WALK_CONTINUE; +} + +static clib_error_t * +ipsec_tun_interface_add_del (vnet_main_t *vnm, u32 sw_if_index, u32 is_add) +{ + if (is_add) + return 0; + + ipsec_tun_protect_walk_itf (sw_if_index, ipsec_tun_interface_cleanup, 0); + + return 0; +} + +VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ipsec_tun_interface_add_del); + void ipsec_tun_protect_walk_itf (u32 sw_if_index, ipsec_tun_protect_walk_cb_t fn, void *ctx) |