/* * Copyright (c) 2015 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* * ip/icmp6.c: ip6 icmp * * Copyright (c) 2008 Eliot Dresselhaus * * Permission is hereby granted, free of charge, to any person obtaining * a copy of this software and associated documentation files (the * "Software"), to deal in the Software without restriction, including * without limitation the rights to use, copy, modify, merge, publish, * distribute, sublicense, and/or sell copies of the Software, and to * permit persons to whom the Software is furnished to do so, subject to * the following conditions: * * The above copyright notice and this permission notice shall be * included in all copies or substantial portions of the Software. * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. */ #include #include #include static u8 * format_ip6_icmp_type_and_code (u8 * s, va_list * args) { icmp6_type_t type = va_arg (*args, int); u8 code = va_arg (*args, int); char *t = 0; #define _(n,f) case n: t = #f; break; switch (type) { foreach_icmp6_type; default: break; } #undef _ if (!t) return format (s, "unknown 0x%x", type); s = format (s, "%s", t); t = 0; switch ((type << 8) | code) { #define _(a,n,f) case (ICMP6_##a << 8) | (n): t = #f; break; foreach_icmp6_code; #undef _ } if (t) s = format (s, " %s", t); return s; } static u8 * format_icmp6_header (u8 * s, va_list * args) { icmp46_header_t *icmp = va_arg (*args, icmp46_header_t *); u32 max_header_bytes = va_arg (*args, u32); /* Nothing to do. */ if (max_header_bytes < sizeof (icmp[0])) return format (s, "ICMP header truncated"); s = format (s, "ICMP %U checksum 0x%x", format_ip6_icmp_type_and_code, icmp->type, icmp->code, clib_net_to_host_u16 (icmp->checksum)); if (max_header_bytes >= sizeof (icmp6_neighbor_solicitation_or_advertisement_header_t) && (icmp->type == ICMP6_neighbor_solicitation || icmp->type == ICMP6_neighbor_advertisement)) { icmp6_neighbor_solicitation_or_advertisement_header_t *icmp6_nd = (icmp6_neighbor_solicitation_or_advertisement_header_t *) icmp; s = format (s, "\n target address %U", format_ip6_address, &icmp6_nd->target_address); } return s; } u8 * format_icmp6_input_trace (u8 * s, va_list * va) { CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *); CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *); icmp6_input_trace_t *t = va_arg (*va, icmp6_input_trace_t *); s = format (s, "%U", format_ip6_header, t->packet_data, sizeof (t->packet_data)); return s; } static char *icmp_error_strings[] = { #define _(f,s) s, foreach_icmp6_error #undef _ }; typedef enum { ICMP_INPUT_NEXT_DROP, ICMP_INPUT_N_NEXT, } icmp_input_next_t; typedef struct { uword *type_and_code_by_name; uword *type_by_name; /* Vector dispatch table indexed by [icmp type]. */ u8 input_next_index_by_type[256]; /* Max valid code indexed by icmp type. */ u8 max_valid_code_by_type[256]; /* hop_limit must be >= this value for this icmp type. */ u8 min_valid_hop_limit_by_type[256]; u8 min_valid_length_by_type[256]; } icmp6_main_t; icmp6_main_t icmp6_main; static uword ip6_icmp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { icmp6_main_t *im = &icmp6_main; u32 *from, *to_next; u32 n_left_from, n_left_to_next, next_index; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; if (node->flags & VLIB_NODE_FLAG_TRACE) vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors, /* stride */ 1, sizeof (icmp6_input_trace_t)); while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 0 && n_left_to_next > 0) { vlib_buffer_t *b0; ip6_header_t *ip0; icmp46_header_t *icmp0; icmp6_type_t type0; u32 bi0, next0, error0, len0; bi0 = to_next[0] = from[0]; from += 1; n_left_from -= 1; to_next += 1; n_left_to_next -= 1; b0 = vlib_get_buffer (vm, bi0); ip0 = vlib_buffer_get_current (b0); icmp0 = ip6_next_header (ip0); type0 = icmp0->type; error0 = ICMP6_ERROR_NONE; next0 = im->input_next_index_by_type[type0]; error0 = next0 == ICMP_INPUT_NEXT_DROP ? ICMP6_ERROR_UNKNOWN_TYPE : error0; /* Check code is valid for type. */ error0 = icmp0->code > im->max_valid_code_by_type[type0] ? ICMP6_ERROR_INVALID_CODE_FOR_TYPE : error0; /* Checksum is already validated by ip6_local node so we don't need to check that. */ /* Check that hop limit == 255 for certain types. */ error0 = ip0->hop_limit < im->min_valid_hop_limit_by_type[type0] ? ICMP6_ERROR_INVALID_HOP_LIMIT_FOR_TYPE : error0; len0 = clib_net_to_host_u16 (ip0->payload_length); error0 = len0 < im->min_valid_length_by_type[type0] ? ICMP6_ERROR_LENGTH_TOO_SMALL_FOR_TYPE : error0; b0->error = node->errors[error0]; next0 = error0 != ICMP6_ERROR_NONE ? ICMP_INPUT_NEXT_DROP : next0; vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, bi0, next0); } vlib_put_next_frame (vm, node, next_index, n_left_to_next); } return frame->n_vectors; } /* *INDENT-OFF* */ VLIB_REGISTER_NODE (ip6_icmp_input_node) = { .function = ip6_icmp_input, .name = "ip6-icmp-input", .vector_size = sizeof (u32), .format_trace = format_icmp6_input_trace, .n_errors = ARRAY_LEN (icmp_error_strings), .error_strings = icmp_error_strings, .n_next_nodes = 1, .next_nodes = { [ICMP_INPUT_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ typedef enum { ICMP6_ECHO_REQUEST_NEXT_LOOKUP, ICMP6_ECHO_REQUEST_NEXT_OUTPUT, ICMP6_ECHO_REQUEST_N_NEXT, } icmp6_echo_request_next_t; static uword ip6_icmp_echo_request (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { u32 *from, *to_next; u32 n_left_from, n_left_to_next, next_index; ip6_main_t *im = &ip6_main; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; if (node->flags & VLIB_NODE_FLAG_TRACE) vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors, /* stride */ 1, sizeof (icmp6_input_trace_t)); while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 2 && n_left_to_next > 2) { vlib_buffer_t *p0, *p1; ip6_header_t *ip0, *ip1; icmp46_header_t *icmp0, *icmp1; ip6_address_t tmp0, tmp1; ip_csum_t sum0, sum1; u32 bi0, bi1; u32 fib_index0, fib_index1; u32 next0 = ICMP6_ECHO_REQUEST_NEXT_LOOKUP; u32 next1 = ICMP6_ECHO_REQUEST_NEXT_LOOKUP; bi0 = to_next[0] = from[0]; bi1 = to_next[1] = from[1]; from += 2; n_left_from -= 2; to_next += 2; n_left_to_next -= 2; p0 = vlib_get_buffer (vm, bi0); p1 = vlib_get_buffer (vm, bi1); ip0 = vlib_buffer_get_current (p0); ip1 = vlib_buffer_get_current (p1); icmp0 = ip6_next_header (ip0); icmp1 = ip6_next_header (ip1); /* Check icmp type to echo reply and update icmp checksum. */ sum0 = icmp0->checksum; sum1 = icmp1->checksum; ASSERT (icmp0->type == ICMP6_echo_request); ASSERT (icmp1->type == ICMP6_echo_request); sum0 = ip_csum_update (sum0, ICMP6_echo_request, ICMP6_echo_reply, icmp46_header_t, type); sum1 = ip_csum_update (sum1, ICMP6_echo_request, ICMP6_echo_reply, icmp46_header_t, type); icmp0->checksum = ip_csum_fold (sum0); icmp1->checksum = ip_csum_fold (sum1); icmp0->type = ICMP6_echo_reply; icmp1->type = ICMP6_echo_reply; /* Swap source and destination address. */ tmp0 = ip0->src_address; tmp1 = ip1->src_address; ip0->src_address = ip0->dst_address; ip1->src_address = ip1->dst_address; ip0->dst_address = tmp0; ip1->dst_address = tmp1; /* New hop count. */ ip0->hop_limit = im->host_config.ttl; ip1->hop_limit = im->host_config.ttl; if (ip6_address_is_link_local_unicast (&ip0->dst_address)) { ethernet_header_t *eth0; u8 tmp_mac[6]; /* For link local, reuse current MAC header by sawpping * SMAC to DMAC instead of IP6 lookup since link local * is not in the IP6 FIB */ vlib_buffer_reset (p0); eth0 = vlib_buffer_get_current (p0); clib_memcpy (tmp_mac, eth0->dst_address, 6); clib_memcpy (eth0->dst_address, eth0->src_address, 6); clib_memcpy (eth0->src_address, tmp_mac, 6); vnet_buffer (p0)->sw_if_index[VLIB_TX] = vnet_buffer (p0)->sw_if_index[VLIB_RX]; next0 = ICMP6_ECHO_REQUEST_NEXT_OUTPUT; } else { /* Determine the correct lookup fib indices... */ fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]); vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; } if (ip6_address_is_link_local_unicast (&ip1->dst_address)) { ethernet_header_t *eth1; u8 tmp_mac[6]; /* For link local, reuse current MAC header by sawpping * SMAC to DMAC instead of IP6 lookup since link local * is not in the IP6 FIB */ vlib_buffer_reset (p1); eth1 = vlib_buffer_get_current (p1); clib_memcpy (tmp_mac, eth1->dst_address, 6); clib_memcpy (eth1->dst_address, eth1->src_address, 6); clib_memcpy (eth1->src_address, tmp_mac, 6); vnet_buffer (p1)->sw_if_index[VLIB_TX] = vnet_buffer (p1)->sw_if_index[VLIB_RX]; next1 = ICMP6_ECHO_REQUEST_NEXT_OUTPUT; } else 
/*
 * Copyright (c) 2015 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
#ifndef __included_vxlan_gpe_ioam_util_h__
#define __included_vxlan_gpe_ioam_util_h__

#include <vnet/vxlan-gpe/vxlan_gpe.h>
#include <vnet/vxlan-gpe/vxlan_gpe_packet.h>
#include <vnet/ip/ip.h>


typedef struct
{
  u32 tunnel_index;
  ioam_trace_t fmt_trace;
} vxlan_gpe_ioam_v4_trace_t;


static u8 *
format_vxlan_gpe_ioam_v4_trace (u8 * s, va_list * args)
{
  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
  vxlan_gpe_ioam_v4_trace_t *t1 = va_arg (*args, vxlan_gpe_ioam_v4_trace_t *);
  ioam_trace_t *t = &(t1->fmt_trace);
  vxlan_gpe_ioam_option_t *fmt_trace0;
  vxlan_gpe_ioam_option_t *opt0, *limit0;
  vxlan_gpe_ioam_main_t *hm = &vxlan_gpe_ioam_main;

  u8 type0;

  fmt_trace0 = (vxlan_gpe_ioam_option_t *) t->option_data;

  s = format (s, "VXLAN-GPE-IOAM: next_index %d len %d traced %d",
	      t->next_index, fmt_trace0->length, t->trace_len);