From 43b6ff39aef2b35479e12b30e3fd4658ebfd364a Mon Sep 17 00:00:00 2001 From: Stanislav Zaikin Date: Mon, 9 Sep 2024 15:00:33 +0200 Subject: ipsec: cleanup tun protect on interface removal when a protected tunnel gets deleted it's necessary to run a proper cleanup Type: fix Change-Id: I9d2c60ecbf97c4df299ac5c2228b036bf3478a56 Signed-off-by: Stanislav Zaikin --- src/vnet/ipsec/ipsec_tun.c | 50 ++++++++++++++++++++++++++++++++++++---------- 1 file changed, 39 insertions(+), 11 deletions(-) (limited to 'src/vnet') diff --git a/src/vnet/ipsec/ipsec_tun.c b/src/vnet/ipsec/ipsec_tun.c index ecda291e985..5fb07b3ba09 100644 --- a/src/vnet/ipsec/ipsec_tun.c +++ b/src/vnet/ipsec/ipsec_tun.c @@ -23,6 +23,7 @@ #include #include #include +#include /* instantiate the bihash functions */ #include @@ -704,22 +705,13 @@ out: return (rv); } -int -ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t * nh) +static int +ipsec_tun_protect_del_by_idx (index_t itpi) { ipsec_tun_protect_t *itp; ipsec_main_t *im; - index_t itpi; - - ITP_DBG2 ("delete: %U/%U", - format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index, - format_ip_address, nh); im = &ipsec_main; - if (NULL == nh) - nh = &IP_ADDR_ALL_0; - - itpi = ipsec_tun_protect_find (sw_if_index, nh); if (INDEX_INVALID == itpi) return (VNET_API_ERROR_NO_SUCH_ENTRY); @@ -736,6 +728,22 @@ ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t * nh) return (0); } +int +ipsec_tun_protect_del (u32 sw_if_index, const ip_address_t *nh) +{ + index_t itpi; + + ITP_DBG2 ("delete: %U/%U", format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip_address, nh); + + if (NULL == nh) + nh = &IP_ADDR_ALL_0; + + itpi = ipsec_tun_protect_find (sw_if_index, nh); + + return ipsec_tun_protect_del_by_idx (itpi); +} + void ipsec_tun_protect_walk (ipsec_tun_protect_walk_cb_t fn, void *ctx) { @@ -747,6 +755,26 @@ ipsec_tun_protect_walk (ipsec_tun_protect_walk_cb_t fn, void *ctx) } } +walk_rc_t +ipsec_tun_interface_cleanup (index_t itpi, void *ctx) +{ + ipsec_tun_protect_del_by_idx (itpi); + return WALK_CONTINUE; +} + +static clib_error_t * +ipsec_tun_interface_add_del (vnet_main_t *vnm, u32 sw_if_index, u32 is_add) +{ + if (is_add) + return 0; + + ipsec_tun_protect_walk_itf (sw_if_index, ipsec_tun_interface_cleanup, 0); + + return 0; +} + +VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ipsec_tun_interface_add_del); + void ipsec_tun_protect_walk_itf (u32 sw_if_index, ipsec_tun_protect_walk_cb_t fn, void *ctx) -- cgit 1.2.3-korg