aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/vnet/api_errno.h3
-rw-r--r--src/vnet/l2/l2_api.c19
-rw-r--r--src/vnet/l2/l2_bd.c45
-rw-r--r--src/vpp/api/api.c6
4 files changed, 70 insertions, 3 deletions
diff --git a/src/vnet/api_errno.h b/src/vnet/api_errno.h
index b87c197f134..e694fbf1ed4 100644
--- a/src/vnet/api_errno.h
+++ b/src/vnet/api_errno.h
@@ -110,7 +110,8 @@ _(SVM_SEGMENT_CREATE_FAIL, -117, "svm segment create fail") \
_(APPLICATION_NOT_ATTACHED, -118, "application not attached") \
_(BD_ALREADY_EXISTS, -119, "Bridge domain already exists") \
_(BD_IN_USE, -120, "Bridge domain has member interfaces") \
-_(UNSUPPORTED, -121, "Unsupported")
+_(BD_NOT_MODIFIABLE, -121, "Default bridge domain 0 can be neither deleted nor modified") \
+_(UNSUPPORTED, -122, "Unsupported")
typedef enum
{
diff --git a/src/vnet/l2/l2_api.c b/src/vnet/l2/l2_api.c
index 5a3c8dc2682..8cc7c7942eb 100644
--- a/src/vnet/l2/l2_api.c
+++ b/src/vnet/l2/l2_api.c
@@ -310,7 +310,15 @@ vl_api_bridge_domain_set_mac_age_t_handler (vl_api_bridge_domain_set_mac_age_t
vl_api_bridge_domain_set_mac_age_reply_t *rmp;
int rv = 0;
u32 bd_id = ntohl (mp->bd_id);
- uword *p = hash_get (bdm->bd_index_by_bd_id, bd_id);
+ uword *p;
+
+ if (bd_id == 0)
+ {
+ rv = VNET_API_ERROR_BD_NOT_MODIFIABLE;
+ goto out;
+ }
+
+ p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
{
rv = VNET_API_ERROR_NO_SUCH_ENTRY;
@@ -401,10 +409,13 @@ vl_api_bridge_domain_dump_t_handler (vl_api_bridge_domain_dump_t * mp)
return;
bd_id = ntohl (mp->bd_id);
+ if (bd_id == 0)
+ return;
bd_index = (bd_id == ~0) ? 0 : bd_find_index (bdm, bd_id);
ASSERT (bd_index != ~0);
end = (bd_id == ~0) ? vec_len (l2im->bd_configs) : bd_index + 1;
+
for (; bd_index < end; bd_index++)
{
bd_config = l2input_bd_config_from_index (l2im, bd_index);
@@ -437,6 +448,12 @@ vl_api_bridge_flags_t_handler (vl_api_bridge_flags_t * mp)
u32 flags = ntohl (mp->feature_bitmap);
uword *p;
+ if (bd_id == 0)
+ {
+ rv = VNET_API_ERROR_BD_NOT_MODIFIABLE;
+ goto out;
+ }
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
{
diff --git a/src/vnet/l2/l2_bd.c b/src/vnet/l2/l2_bd.c
index 7c55789bb32..4ebbb547134 100644
--- a/src/vnet/l2/l2_bd.c
+++ b/src/vnet/l2/l2_bd.c
@@ -304,6 +304,10 @@ bd_learn (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
@@ -369,6 +373,10 @@ bd_fwd (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
@@ -436,6 +444,10 @@ bd_flood (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
@@ -502,6 +514,10 @@ bd_uu_flood (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
@@ -568,6 +584,10 @@ bd_arp_term (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p)
bd_index = *p;
@@ -607,6 +627,10 @@ bd_mac_age (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
@@ -780,6 +804,10 @@ bd_arp_entry (vlib_main_t * vm,
goto done;
}
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p)
@@ -900,7 +928,7 @@ bd_show (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
u32 bd_id = ~0;
uword *p;
- start = 0;
+ start = 1;
end = vec_len (l2input_main.bd_configs);
if (unformat (input, "%d", &bd_id))
@@ -914,6 +942,10 @@ bd_show (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
if (unformat (input, "arp"))
arp = 1;
+ if (bd_id == 0)
+ return clib_error_return (0,
+ "No operations on the default bridge domain are supported");
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p)
bd_index = *p;
@@ -1125,6 +1157,8 @@ bd_add_del (l2_bridge_domain_add_del_args_t * a)
{
if (bd_index == ~0)
return VNET_API_ERROR_NO_SUCH_ENTRY;
+ if (bd_index == 0)
+ return VNET_API_ERROR_BD_NOT_MODIFIABLE;
if (vec_len (l2input_main.bd_configs[bd_index].members))
return VNET_API_ERROR_BD_IN_USE;
rv = bd_delete (bdm, bd_index);
@@ -1188,6 +1222,12 @@ bd_add_del_command_fn (vlib_main_t * vm, unformat_input_t * input,
goto done;
}
+ if (bd_id == 0)
+ {
+ error = clib_error_return (0, "bridge domain 0 can not be modified");
+ goto done;
+ }
+
if (mac_age > 255)
{
error = clib_error_return (0, "mac age must be less than 256");
@@ -1218,6 +1258,9 @@ bd_add_del_command_fn (vlib_main_t * vm, unformat_input_t * input,
case VNET_API_ERROR_NO_SUCH_ENTRY:
error = clib_error_return (0, "bridge domain id does not exist");
goto done;
+ case VNET_API_ERROR_BD_NOT_MODIFIABLE:
+ error = clib_error_return (0, "bridge domain 0 can not be modified");
+ goto done;
default:
error = clib_error_return (0, "bd_add_del returned %d", rv);
goto done;
diff --git a/src/vpp/api/api.c b/src/vpp/api/api.c
index 9c230574bf8..baf45d5c19a 100644
--- a/src/vpp/api/api.c
+++ b/src/vpp/api/api.c
@@ -446,6 +446,12 @@ vl_api_bd_ip_mac_add_del_t_handler (vl_api_bd_ip_mac_add_del_t * mp)
u32 bd_index;
uword *p;
+ if (bd_id == 0)
+ {
+ rv = VNET_API_ERROR_BD_NOT_MODIFIABLE;
+ goto out;
+ }
+
p = hash_get (bdm->bd_index_by_bd_id, bd_id);
if (p == 0)
{