api: binary api cleanup

Multiple API message handlers call vnet_get_sup_hw_interface(...) without checking the inbound sw_if_index. This can cause a pool_elt_at_index ASSERT in a debug image, and major disorder in a production image. Given that a number of places are coded as follows, add an "api_visible_or_null" variant of vnet_get_sup_hw_interface, which returns NULL given an invalid sw_if_index, or a hidden sw interface: - hw = vnet_get_sup_hw_interface (vnm, sw_if_index); + hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index); if (hw == NULL || memif_device_class.index != hw->dev_class_index) return clib_error_return (0, "not a memif interface"); Rename two existing xxx_safe functions -> xxx_or_null to make it obvious what they return. Type: fix Change-Id: I29996e8d0768fd9e0c5495bd91ff8bedcf2c5697 Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit 3940de36728b768574a3e998389bb90d55f690d1)
author: Dave Barach <dave@barachs.net> 2019-07-23 16:28:36 -0400
committer: Dave Barach <dave@barachs.net> 2019-07-24 08:14:39 -0400
commit: b71b5ffbfb2ddbad408a22ef17046dfe5fea1cad (patch)
tree: 73490766e73d335ae722f45c89b092cfcd707b34 /src/vnet
parent: 9fb50d83dbe22cab30532cec8c85e711af1f82ff (diff)
14 files changed, 55 insertions, 26 deletions
diff --git a/src/vnet/adj/rewrite.c b/src/vnet/adj/rewrite.c
index 95671b06930..181d85943b4 100644
--- a/src/vnet/adj/rewrite.c
+++ b/src/vnet/adj/rewrite.c
@@ -53,7 +53,7 @@ format_vnet_rewrite (u8 * s, va_list * args)
   if (rw->sw_if_index != ~0)
     {
       vnet_sw_interface_t *si;
-      si = vnet_get_sw_interface_safe (vnm, rw->sw_if_index);
+      si = vnet_get_sw_interface_or_null (vnm, rw->sw_if_index);
       if (NULL != si)
 	s = format (s, "%U:", format_vnet_sw_interface_name, vnm, si);
       else
diff --git a/src/vnet/bfd/bfd_cli.c b/src/vnet/bfd/bfd_cli.c
index cab20a65b0b..4b5f75eb01b 100644
--- a/src/vnet/bfd/bfd_cli.c
+++ b/src/vnet/bfd/bfd_cli.c
@@ -170,7 +170,7 @@ show_bfd (vlib_main_t * vm, unformat_input_t * input,
       if (is_set)
 	{
 	  vnet_sw_interface_t *sw_if =
-	    vnet_get_sw_interface_safe (&vnet_main, sw_if_index);
+	    vnet_get_sw_interface_or_null (&vnet_main, sw_if_index);
 	  vnet_hw_interface_t *hw_if =
 	    vnet_get_hw_interface (&vnet_main, sw_if->hw_if_index);
 	  u8 *s = format (NULL, "UDP echo source is: %v\n", hw_if->name);
diff --git a/src/vnet/bfd/bfd_udp.c b/src/vnet/bfd/bfd_udp.c
index 147cd6eda99..ca5bae51561 100644
--- a/src/vnet/bfd/bfd_udp.c
+++ b/src/vnet/bfd/bfd_udp.c
@@ -78,7 +78,7 @@ vnet_api_error_t
 bfd_udp_set_echo_source (u32 sw_if_index)
 {
   vnet_sw_interface_t *sw_if =
-    vnet_get_sw_interface_safe (bfd_udp_main.vnet_main, sw_if_index);
+    vnet_get_sw_interface_or_null (bfd_udp_main.vnet_main, sw_if_index);
   if (sw_if)
     {
       bfd_udp_main.echo_source_sw_if_index = sw_if_index;
@@ -110,8 +110,8 @@ bfd_udp_is_echo_available (bfd_transport_e transport)
    * pick an unused address from that subnet
    */
   vnet_sw_interface_t *sw_if =
-    vnet_get_sw_interface_safe (bfd_udp_main.vnet_main,
-				bfd_udp_main.echo_source_sw_if_index);
+    vnet_get_sw_interface_or_null (bfd_udp_main.vnet_main,
+				   bfd_udp_main.echo_source_sw_if_index);
   if (sw_if && sw_if->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
     {
       if (BFD_TRANSPORT_UDP4 == transport)
@@ -545,7 +545,7 @@ bfd_udp_validate_api_input (u32 sw_if_index,
 {
   bfd_udp_main_t *bum = &bfd_udp_main;
   vnet_sw_interface_t *sw_if =
-    vnet_get_sw_interface_safe (bfd_udp_main.vnet_main, sw_if_index);
+    vnet_get_sw_interface_or_null (bfd_udp_main.vnet_main, sw_if_index);
   u8 local_ip_valid = 0;
   ip_interface_address_t *ia = NULL;
   if (!sw_if)
diff --git a/src/vnet/devices/tap/tap.c b/src/vnet/devices/tap/tap.c
index e05ceff92d6..7e5890b87f6 100644
--- a/src/vnet/devices/tap/tap.c
+++ b/src/vnet/devices/tap/tap.c
@@ -447,7 +447,7 @@ tap_delete_if (vlib_main_t * vm, u32 sw_if_index)
   virtio_if_t *vif;
   vnet_hw_interface_t *hw;
 
-  hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
+  hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index);
   if (hw == NULL || virtio_device_class.index != hw->dev_class_index)
     return VNET_API_ERROR_INVALID_SW_IF_INDEX;
 
@@ -493,9 +493,11 @@ tap_gso_enable_disable (vlib_main_t * vm, u32 sw_if_index, int enable_disable)
   vnet_main_t *vnm = vnet_get_main ();
   virtio_main_t *mm = &virtio_main;
   virtio_if_t *vif;
-  vnet_hw_interface_t *hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
+  vnet_hw_interface_t *hw;
   clib_error_t *err = 0;
 
+  hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index);
+
   if (hw == NULL || virtio_device_class.index != hw->dev_class_index)
     return VNET_API_ERROR_INVALID_SW_IF_INDEX;
 
diff --git a/src/vnet/devices/virtio/cli.c b/src/vnet/devices/virtio/cli.c
index 92e7e93831a..f6cb2b3e6b1 100644
--- a/src/vnet/devices/virtio/cli.c
+++ b/src/vnet/devices/virtio/cli.c
@@ -99,7 +99,7 @@ virtio_pci_delete_command_fn (vlib_main_t * vm, unformat_input_t * input,
     return clib_error_return (0,
 			      "please specify interface name or sw_if_index");
 
-  hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
+  hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index);
   if (hw == NULL || virtio_device_class.index != hw->dev_class_index)
     return clib_error_return (0, "not a virtio interface");
 
diff --git a/src/vnet/devices/virtio/vhost_user.c b/src/vnet/devices/virtio/vhost_user.c
index f16d015ef5a..a18313b2038 100644
--- a/src/vnet/devices/virtio/vhost_user.c
+++ b/src/vnet/devices/virtio/vhost_user.c
@@ -1250,8 +1250,10 @@ vhost_user_delete_if (vnet_main_t * vnm, vlib_main_t * vm, u32 sw_if_index)
   vnet_hw_interface_t *hwif;
   u16 qid;
 
-  if (!(hwif = vnet_get_sup_hw_interface (vnm, sw_if_index)) ||
-      hwif->dev_class_index != vhost_user_device_class.index)
+  if (!
+      (hwif =
+       vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index))
+      || hwif->dev_class_index != vhost_user_device_class.index)
     return VNET_API_ERROR_INVALID_SW_IF_INDEX;
 
   vui = pool_elt_at_index (vum->vhost_user_interfaces, hwif->dev_instance);
@@ -1534,8 +1536,10 @@ vhost_user_modify_if (vnet_main_t * vnm, vlib_main_t * vm,
   vnet_hw_interface_t *hwif;
   uword *if_index;
 
-  if (!(hwif = vnet_get_sup_hw_interface (vnm, sw_if_index)) ||
-      hwif->dev_class_index != vhost_user_device_class.index)
+  if (!
+      (hwif =
+       vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index))
+      || hwif->dev_class_index != vhost_user_device_class.index)
     return VNET_API_ERROR_INVALID_SW_IF_INDEX;
 
   if (sock_filename == NULL || !(strlen (sock_filename) > 0))
@@ -1658,7 +1662,7 @@ vhost_user_delete_command_fn (vlib_main_t * vm,
 		&sw_if_index))
 	{
 	  vnet_hw_interface_t *hwif =
-	    vnet_get_sup_hw_interface (vnm, sw_if_index);
+	    vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index);
 	  if (hwif == NULL ||
 	      vhost_user_device_class.index != hwif->dev_class_index)
 	    {
diff --git a/src/vnet/devices/virtio/virtio_api.c b/src/vnet/devices/virtio/virtio_api.c
index ff123ae081c..6e8d34f872e 100644
--- a/src/vnet/devices/virtio/virtio_api.c
+++ b/src/vnet/devices/virtio/virtio_api.c
@@ -97,10 +97,12 @@ vl_api_virtio_pci_delete_t_handler (vl_api_virtio_pci_delete_t * mp)
   vl_api_virtio_pci_delete_reply_t *rmp;
   vl_api_registration_t *reg;
 
-  hw = vnet_get_sup_hw_interface (vnm, htonl (mp->sw_if_index));
+  hw =
+    vnet_get_sup_hw_interface_api_visible_or_null (vnm,
+						   htonl (mp->sw_if_index));
   if (hw == NULL || virtio_device_class.index != hw->dev_class_index)
     {
-      rv = VNET_API_ERROR_INVALID_INTERFACE;
+      rv = VNET_API_ERROR_INVALID_SW_IF_INDEX;
       goto reply;
     }
 
diff --git a/src/vnet/interface_api.c b/src/vnet/interface_api.c
index b973ea1aa97..608104ae5c6 100644
--- a/src/vnet/interface_api.c
+++ b/src/vnet/interface_api.c
@@ -1399,6 +1399,9 @@ interface_api_hookup (vlib_main_t * vm)
   am->is_mp_safe[VL_API_SW_INTERFACE_DETAILS] = 1;
   am->is_mp_safe[VL_API_SW_INTERFACE_TAG_ADD_DEL] = 1;
 
+  /* Do not replay VL_API_SW_INTERFACE_DUMP messages */
+  am->api_trace_cfg[VL_API_SW_INTERFACE_DUMP].replay_enable = 0;
+
   /*
    * Set up the (msg_name, crc, message-id) table
    */
diff --git a/src/vnet/interface_format.c b/src/vnet/interface_format.c
index ee332f398e9..fc2dea96cc8 100644
--- a/src/vnet/interface_format.c
+++ b/src/vnet/interface_format.c
@@ -190,7 +190,7 @@ format_vnet_sw_if_index_name (u8 * s, va_list * args)
   u32 sw_if_index = va_arg (*args, u32);
   vnet_sw_interface_t *si;
 
-  si = vnet_get_sw_interface_safe (vnm, sw_if_index);
+  si = vnet_get_sw_interface_or_null (vnm, sw_if_index);
 
   if (NULL == si)
     {
diff --git a/src/vnet/interface_funcs.h b/src/vnet/interface_funcs.h
index b862f48ef36..18a1065201b 100644
--- a/src/vnet/interface_funcs.h
+++ b/src/vnet/interface_funcs.h
@@ -47,7 +47,7 @@ vnet_get_hw_interface (vnet_main_t * vnm, u32 hw_if_index)
 }
 
 always_inline vnet_hw_interface_t *
-vnet_get_hw_interface_safe (vnet_main_t * vnm, u32 hw_if_index)
+vnet_get_hw_interface_or_null (vnet_main_t * vnm, u32 hw_if_index)
 {
   if (!pool_is_free_index (vnm->interface_main.hw_interfaces, hw_if_index))
     return pool_elt_at_index (vnm->interface_main.hw_interfaces, hw_if_index);
@@ -61,7 +61,7 @@ vnet_get_sw_interface (vnet_main_t * vnm, u32 sw_if_index)
 }
 
 always_inline vnet_sw_interface_t *
-vnet_get_sw_interface_safe (vnet_main_t * vnm, u32 sw_if_index)
+vnet_get_sw_interface_or_null (vnet_main_t * vnm, u32 sw_if_index)
 {
   if (!pool_is_free_index (vnm->interface_main.sw_interfaces, sw_if_index))
     return pool_elt_at_index (vnm->interface_main.sw_interfaces, sw_if_index);
@@ -97,6 +97,22 @@ vnet_get_sup_hw_interface (vnet_main_t * vnm, u32 sw_if_index)
   return vnet_get_hw_interface (vnm, sw->hw_if_index);
 }
 
+always_inline vnet_hw_interface_t *
+vnet_get_sup_hw_interface_api_visible_or_null (vnet_main_t * vnm,
+					       u32 sw_if_index)
+{
+  vnet_sw_interface_t *si;
+  if (PREDICT_FALSE (pool_is_free_index (vnm->interface_main.sw_interfaces,
+					 sw_if_index)))
+    return NULL;
+  si = vnet_get_sup_sw_interface (vnm, sw_if_index);
+  if (PREDICT_FALSE (si->flags & VNET_SW_INTERFACE_FLAG_HIDDEN))
+    return NULL;
+  ASSERT ((si->type == VNET_SW_INTERFACE_TYPE_HARDWARE) ||
+	  (si->type == VNET_SW_INTERFACE_TYPE_PIPE));
+  return vnet_get_hw_interface (vnm, si->hw_if_index);
+}
+
 always_inline vnet_hw_interface_class_t *
 vnet_get_hw_interface_class (vnet_main_t * vnm, u32 hw_class_index)
 {
diff --git a/src/vnet/ip/ip4_punt_drop.c b/src/vnet/ip/ip4_punt_drop.c
index 85409857f38..76b92c6a4a0 100644
--- a/src/vnet/ip/ip4_punt_drop.c
+++ b/src/vnet/ip/ip4_punt_drop.c
@@ -99,7 +99,7 @@ format_ip_punt_redirect_trace (u8 * s, va_list * args)
   vnet_main_t *vnm = vnet_get_main ();
   vnet_sw_interface_t *si;
 
-  si = vnet_get_sw_interface_safe (vnm, t->redirect.tx_sw_if_index);
+  si = vnet_get_sw_interface_or_null (vnm, t->redirect.tx_sw_if_index);
 
   if (NULL != si)
     s = format (s, "via %U on %U using adj:%d",
diff --git a/src/vnet/l2/l2_fib.c b/src/vnet/l2/l2_fib.c
index fc518fe9dbf..04fd975c319 100644
--- a/src/vnet/l2/l2_fib.c
+++ b/src/vnet/l2/l2_fib.c
@@ -95,12 +95,13 @@ format_vnet_sw_if_index_name_with_NA (u8 * s, va_list * args)
   if (sw_if_index == ~0)
     return format (s, "N/A");
 
-  vnet_sw_interface_t *swif = vnet_get_sw_interface_safe (vnm, sw_if_index);
+  vnet_sw_interface_t *swif =
+    vnet_get_sw_interface_or_null (vnm, sw_if_index);
   if (!swif)
     return format (s, "Stale");
 
   return format (s, "%U", format_vnet_sw_interface_name, vnm,
-		 vnet_get_sw_interface_safe (vnm, sw_if_index));
+		 vnet_get_sw_interface_or_null (vnm, sw_if_index));
 }
 
 typedef struct l2fib_dump_walk_ctx_t_
diff --git a/src/vnet/l2/l2_vtr.c b/src/vnet/l2/l2_vtr.c
index aa3d5c45bee..bfd1dcb9280 100644
--- a/src/vnet/l2/l2_vtr.c
+++ b/src/vnet/l2/l2_vtr.c
@@ -61,7 +61,7 @@ l2pbb_configure (vlib_main_t * vlib_main,
 
   l2_output_config_t *config = 0;
   vnet_hw_interface_t *hi;
-  hi = vnet_get_sup_hw_interface (vnet_main, sw_if_index);
+  hi = vnet_get_sup_hw_interface_api_visible_or_null (vnet_main, sw_if_index);
 
   if (!hi)
     {
@@ -149,7 +149,7 @@ l2vtr_configure (vlib_main_t * vlib_main, vnet_main_t * vnet_main, u32 sw_if_ind
   u32 push_outer_et;
   u32 cfg_tags;
 
-  hi = vnet_get_sup_hw_interface (vnet_main, sw_if_index);
+  hi = vnet_get_sup_hw_interface_api_visible_or_null (vnet_main, sw_if_index);
   if (!hi || (hi->hw_class_index != ethernet_hw_interface_class.index))
     {
       error = VNET_API_ERROR_INVALID_INTERFACE;	/* non-ethernet interface */
@@ -364,7 +364,7 @@ l2vtr_get (vlib_main_t * vlib_main, vnet_main_t * vnet_main, u32 sw_if_index, u3
   *vtr_tag2 = 0;
   *push_dot1q = 0;
 
-  hi = vnet_get_sup_hw_interface (vnet_main, sw_if_index);
+  hi = vnet_get_sup_hw_interface_api_visible_or_null (vnet_main, sw_if_index);
   if (!hi || (hi->hw_class_index != ethernet_hw_interface_class.index))
     {
       /* non-ethernet interface */
diff --git a/src/vnet/session/application_namespace.c b/src/vnet/session/application_namespace.c
index 47a369ed765..294192ceea1 100644
--- a/src/vnet/session/application_namespace.c
+++ b/src/vnet/session/application_namespace.c
@@ -70,7 +70,8 @@ vnet_app_namespace_add_del (vnet_app_namespace_add_del_args_t * a)
   if (a->is_add)
     {
       if (a->sw_if_index != APP_NAMESPACE_INVALID_INDEX
-	  && !vnet_get_sw_interface_safe (vnet_get_main (), a->sw_if_index))
+	  && !vnet_get_sw_interface_or_null (vnet_get_main (),
+					     a->sw_if_index))
 	return VNET_API_ERROR_INVALID_SW_IF_INDEX;
author	Dave Barach <dave@barachs.net>	2019-07-23 16:28:36 -0400
committer	Dave Barach <dave@barachs.net>	2019-07-24 08:14:39 -0400
commit	b71b5ffbfb2ddbad408a22ef17046dfe5fea1cad (patch)
tree	73490766e73d335ae722f45c89b092cfcd707b34 /src/vnet
parent	9fb50d83dbe22cab30532cec8c85e711af1f82ff (diff)