summaryrefslogtreecommitdiffstats
path: root/src/vlib/init.h
blob: fc638013efc65259e81d1b76bc391651617ed214 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
/*
 * Copyright (c) 2015 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
/*
 * init.h: mechanism for functions to be called at init/exit.
 *
 * Copyright (c) 2008 Eliot Dresselhaus
 *
 * Permission is hereby granted, free of charge, to any person obtaining
 * a copy of this software and associated documentation files (the
 * "Software"), to deal in the Software without restriction, including
 * without limitation the rights to use, copy, modify, merge, publish,
 * distribute, sublicense, and/or sell copies of the Software, and to
 * permit persons to whom the Software is furnished to do so, subject to
 * the following conditions:
 *
 * The above copyright notice and this permission notice shall be
 * included in all copies or substantial portions of the Software.
 *
 *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
 *  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
 *  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
 *  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
 *  LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
 *  OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 *  WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 */

#ifndef included_vlib_init_h
#define included_vlib_init_h

#include <vppinfra/error.h>
#include <vppinfra/format.h>
#include <vppinfra/hash.h>

/* Init/exit functions: called at start/end of main routine.  Init
   functions are typically used to register and setup packet
   processing nodes.  */

typedef clib_error_t *(vlib_init_function_t) (struct vlib_main_t * vm);

typedef struct _vlib_init_function_list_elt
{
  struct _vlib_init_function_list_elt *next_init_function;
  vlib_init_function_t *f;
  char *name;
  char **runs_before;
  char **runs_after;
  char **init_order;
} _vlib_init_function_list_elt_t;

/* Configuration functions: called with configuration input just before
   main polling loop starts. */
typedef clib_error_t *(vlib_config_function_t) (struct vlib_main_t * vm,
						unformat_input_t * input);

typedef struct vlib_config_function_runtime_t
{
  /* Function to call.  Set to null once function has already been called. */
  vlib_config_function_t *function;

  /* Input for function. */
  unformat_input_t input;

  /* next config function registration */
  struct vlib_config_function_runtime_t *next_registration;

  /* To be invoked as soon as the clib heap is available */
  u8 is_early;

  /* Name used to distinguish input on command line. */
  char name[32];
} vlib_config_function_runtime_t;

#define VLIB_REMOVE_FROM_LINKED_LIST(first,p,next)              \
{                                                               \
  ASSERT (first);                                               \
  if (first == p)                                               \
      first = (p)->next;                                        \
  else                                                          \
    {                                                           \
      __typeof__ (p) current = first;                           \
      while (current->next)                                     \
	{                                                       \
	  if (current->next == p)                               \
	    {                                                   \
	      current->next = current->next->next;              \
	      break;                                            \
	    }                                                   \
	  current = current->next;                              \
	}                                                       \
      ASSERT (current);                                         \
    }                                                           \
}

#define _VLIB_INIT_FUNCTION_SYMBOL(x, type)	\
  _vlib_##type##_function_##x

#define VLIB_INIT_FUNCTION_SYMBOL(x)		\
  _VLIB_INIT_FUNCTION_SYMBOL(x, init)
#define VLIB_MAIN_LOOP_ENTER_FUNCTION_SYMBOL(x)		\
  _VLIB_INIT_FUNCTION_SYMBOL(x, main_loop_enter)
#define VLIB_MAIN_LOOP_EXIT_FUNCTION_SYMBOL(x)	\
  _VLIB_INIT_FUNCTION_SYMBOL(x, main_loop_exit)
#define VLIB_CONFIG_FUNCTION_SYMBOL(x)		\
  _VLIB_INIT_FUNCTION_SYMBOL(x, config)

/* Declaration is global (e.g. not static) so that init functions can
   be called from other modules to resolve init function depend. */

#ifndef CLIB_MARCH_VARIANT
#define VLIB_DECLARE_INIT_FUNCTION(x, tag)                              \
vlib_init_function_t * _VLIB_INIT_FUNCTION_SYMBOL (x, tag) = x;         \
static void __vlib_add_##tag##_function_##x (void)                      \
    __attribute__((__constructor__)) ;                                  \
static _vlib_init_function_list_elt_t _vlib_init_function_##tag_##x;    \
static void __vlib_add_##tag##_function_##x (void)                      \
{                                                                       \
 vlib_main_t * vm = vlib_get_main();                                    \
 _vlib_init_function_##tag_##x.next_init_function                       \
    = vm->tag##_function_registrations;                                 \
  vm->tag##_function_registrations = &_vlib_init_function_##tag_##x;    \
 _vlib_init_function_##tag_##x.f = &x;                                  \
 _vlib_init_function_##tag_##x.name = #x;                               \
}                                                                       \
static void __vlib_rm_##tag##_function_##x (void)                       \
    __attribute__((__destructor__)) ;                                   \
static void __vlib_rm_##tag##_function_##x (void)                       \
{                                                                       \
  vlib_main_t * vm = vlib_get_main();                                   \
  _vlib_init_function_list_elt_t *this, *prev;                          \
  this = vm->tag##_function_registrations;                              \
  if (this == 0)							\
    return;								\
  if (this->f == &x)  				                        \
    {                                                                   \
      vm->tag##_function_registrations = this->next_init_function;	\
      return;                                                           \
    }                                                                   \
  prev = this;								\
  this = this->next_init_function;					\
  while (this)								\
    {                                                                   \
      if (this->f == &x)		                                \
        {                                                               \
          prev->next_init_function =                                    \
            this->next_init_function;					\
          return;                                                       \
        }                                                               \
      prev = this;							\
      this = this->next_init_function;                                  \
    }                                                                   \
}									\
static _vlib_init_function_list_elt_t _vlib_init_function_##tag_##x
#else
/* create unused pointer to silence compiler warnings and get whole
   function optimized out */
#define VLIB_DECLARE_INIT_FUNCTION(x, tag)                      \
static __clib_unused void * __clib_unused_##tag##_##x = x
#endif

#define VLIB_INIT_FUNCTION(x) VLIB_DECLARE_INIT_FUNCTION(x,init)
#define VLIB_WORKER_INIT_FUNCTION(x) VLIB_DECLARE_INIT_FUNCTION(x,worker_init)

#define VLIB_MAIN_LOOP_ENTER_FUNCTION(x) \
  VLIB_DECLARE_INIT_FUNCTION(x,main_loop_enter)
#define VLIB_MAIN_LOOP_EXIT_FUNCTION(x) \
VLIB_DECLARE_INIT_FUNCTION(x,main_loop_exit)

#ifndef CLIB_MARCH_VARIANT
#define VLIB_CONFIG_FUNCTION(x,n,...)                           \
    __VA_ARGS__ vlib_config_function_runtime_t                  \
    VLIB_CONFIG_FUNCTION_SYMBOL(x);                             \
static void __vlib_add_config_function_##x (void)               \
    __attribute__((__constructor__)) ;                          \
static void __vlib_add_config_function_##x (void)               \
{                                                               \
    vlib_main_t * vm = vlib_get_main();                         \
    VLIB_CONFIG_FUNCTION_SYMBOL(x).next_registration            \
       = vm->config_function_registrations;                     \
    vm->config_function_registrations                           \
       = &VLIB_CONFIG_FUNCTION_SYMBOL(x);                       \
}                                                               \
static void __vlib_rm_config_function_##x (void)                \
    __attribute__((__destructor__)) ;                           \
static void __vlib_rm_config_function_##x (void)                \
{                                                               \
    vlib_main_t * vm = vlib_get_main();                         \
    vlib_config_function_runtime_t *p =                         \
       & VLIB_CONFIG_FUNCTION_SYMBOL (x);                       \
    VLIB_REMOVE_FROM_LINKED_LIST                                \
      (vm->config_function_registrations, p, next_registration);\
}                                                               \
  vlib_config_function_runtime_t                                \
    VLIB_CONFIG_FUNCTION_SYMBOL (x)                             \
  = {                                                           \
    .name = n,                                                  \
    .function = x,                                              \
    .is_early = 0,						\
  }
#else
/* create unused pointer to silence compiler warnings and get whole
   function optimized out */
#define VLIB_CONFIG_FUNCTION(x,n,...)                           \
  static __clib_unused vlib_config_function_runtime_t           \
    VLIB_CONFIG_FUNCTION_SYMBOL (__clib_unused_##x)             \
  = {                                                           \
    .name = n,                                                  \
    .function = x,                                              \
    .is_early = 0,						\
  }
#endif

#ifndef CLIB_MARCH_VARIANT
#define VLIB_EARLY_CONFIG_FUNCTION(x,n,...)                     \
    __VA_ARGS__ vlib_config_function_runtime_t                  \
    VLIB_CONFIG_FUNCTION_SYMBOL(x);                             \
static void __vlib_add_config_function_##x (void)               \
    __attribute__((__constructor__)) ;                          \
static void __vlib_add_config_function_##x (void)               \
{                                                               \
    vlib_main_t * vm = vlib_get_main();                         \
    VLIB_CONFIG_FUNCTION_SYMBOL(x).next_registration            \
       = vm->config_function_registrations;                     \
    vm->config_function_registrations                           \
       = &VLIB_CONFIG_FUNCTION_SYMBOL(x);                       \
}                                                               \
static void __vlib_rm_config_function_##x (void)                \
    __attribute__((__destructor__)) ;                           \
static void __vlib_rm_config_function_##x (void)                \
{                                                               \
    vlib_main_t * vm = vlib_get_main();                         \
    vlib_config_function_runtime_t *p =                         \
       & VLIB_CONFIG_FUNCTION_SYMBOL (x);                       \
    VLIB_REMOVE_FROM_LINKED_LIST                                \
      (vm->config_function_registrations, p, next_registration);\
}                                                               \
  vlib_config_function_runtime_t                                \
    VLIB_CONFIG_FUNCTION_SYMBOL (x)                             \
  = {                                                           \
    .name = n,                                                  \
    .function = x,                                              \
    .is_early = 1,						\
  }
#else
/* create unused pointer to silence compiler warnings and get whole
   function optimized out */
#define VLIB_EARLY_CONFIG_FUNCTION(x,n,...)                     \
  static __clib_unused vlib_config_function_runtime_t           \
    VLIB_CONFIG_FUNCTION_SYMBOL (__clib_unused_##x)             \
  = {                                                           \
    .name = n,                                                  \
    .function = x,                                              \
    .is_early = 1,						\
  }
#endif

/* Call given init function: used for init function dependencies. */
#define vlib_call_init_function(vm, x)					\
  ({									\
    extern vlib_init_function_t * VLIB_INIT_FUNCTION_SYMBOL (x);	\
    vlib_init_function_t * _f = VLIB_INIT_FUNCTION_SYMBOL (x);		\
    clib_error_t * _error = 0;						\
    if (! hash_get (vm->init_functions_called, _f))			\
      {									\
	hash_set1 (vm->init_functions_called, _f);			\
	_error = _f (vm);						\
      }									\
    _error;								\
  })

/* Don't call given init function: used to suppress parts of the netstack */
#define vlib_mark_init_function_complete(vm, x)				\
  ({									\
    extern vlib_init_function_t * VLIB_INIT_FUNCTION_SYMBOL (x);	\
    vlib_init_function_t * _f = VLIB_INIT_FUNCTION_SYMBOL (x);		\
    hash_set1 (vm->init_functions_called, _f);				\
  })

#define vlib_call_post_graph_init_function(vm, x)			\
  ({									\
    extern vlib_init_function_t * VLIB_POST_GRAPH_INIT_FUNCTION_SYMBOL (x); \
    vlib_init_function_t * _f = VLIB_POST_GRAPH_INIT_FUNCTION_SYMBOL (x); \
    clib_error_t * _error = 0;						\
    if (! hash_get (vm->init_functions_called, _f))			\
      {									\
	hash_set1 (vm->init_functions_called, _f);			\
	_error = _f (vm);						\
      }									\
    _error;								\
  })

#define vlib_call_config_function(vm, x)			\
  ({								\
    vlib_config_function_runtime_t * _r;			\
    clib_error_t * _error = 0;					\
    extern vlib_config_function_runtime_t			\
      VLIB_CONFIG_FUNCTION_SYMBOL (x);				\
								\
    _r = &VLIB_CONFIG_FUNCTION_SYMBOL (x);			\
    if (! hash_get (vm->init_functions_called, _r->function))	\
      {								\
        hash_set1 (vm->init_functions_called, _r->function);	\
	_error = _r->function (vm, &_r->input);			\
      }								\
    _error;							\
  })

/* External functions. */
clib_error_t *vlib_call_all_init_functions (struct vlib_main_t *vm);
clib_error_t *vlib_call_all_config_functions (struct vlib_main_t *vm,
					      unformat_input_t * input,
					      int is_early);
clib_error_t *vlib_call_all_main_loop_enter_functions (struct vlib_main_t
						       *vm);
clib_error_t *vlib_call_all_main_loop_exit_functions (struct vlib_main_t *vm);
clib_error_t *vlib_call_init_exit_functions (struct vlib_main_t *vm,
					     _vlib_init_function_list_elt_t **
					     headp, int call_once);
clib_error_t *vlib_call_init_exit_functions_no_sort (struct vlib_main_t *vm,
						     _vlib_init_function_list_elt_t
						     ** headp, int call_once);
clib_error_t *vlib_sort_init_exit_functions (_vlib_init_function_list_elt_t
					     **);
#define foreach_vlib_module_reference		\
  _ (node_cli)					\
  _ (trace_cli)

/* Dummy function to get node_cli.c linked in. */
#define _(x) void vlib_##x##_reference (void);
foreach_vlib_module_reference
#undef _
#define VLIB_INITS(...)  (char*[]) { __VA_ARGS__, 0}
#endif /* included_vlib_init_h */
/*
 * fd.io coding-style-patch-verification: ON
 *
 * Local Variables:
 * eval: (c-set-style "gnu")
 * End:
 */
>thread_index; while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 0 && n_left_to_next > 0) { u32 pi0; vlib_buffer_t *p0; u8 error0; ip6_mapt_icmp_next_t next0; map_domain_t *d0; u16 len0; icmp6_to_icmp_ctx_t ctx0; ip6_header_t *ip60; pi0 = to_next[0] = from[0]; from += 1; n_left_from -= 1; to_next += 1; n_left_to_next -= 1; error0 = MAP_ERROR_NONE; next0 = IP6_MAPT_ICMP_NEXT_IP4_LOOKUP; p0 = vlib_get_buffer (vm, pi0); ip60 = vlib_buffer_get_current (p0); len0 = clib_net_to_host_u16 (ip60->payload_length); d0 = pool_elt_at_index (map_main.domains, vnet_buffer (p0)->map_t.map_domain_index); ctx0.d = d0; ctx0.sender_port = 0; if (!ip6_get_port (vm, p0, ip60, p0->current_length, NULL, &ctx0.sender_port, NULL, NULL, NULL, NULL)) { // In case of 1:1 mapping, we don't care about the port if (!(d0->ea_bits_len == 0 && d0->rules)) { error0 = MAP_ERROR_ICMP; goto err0; } } if (icmp6_to_icmp (vm, p0, ip6_to_ip4_set_icmp_cb, &ctx0, ip6_to_ip4_set_inner_icmp_cb, &ctx0)) { error0 = MAP_ERROR_ICMP; goto err0; } if (vnet_buffer (p0)->map_t.mtu < p0->current_length) { // Send to fragmentation node if necessary vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu; vnet_buffer (p0)->ip_frag.next_index = IP_FRAG_NEXT_IP4_LOOKUP; next0 = IP6_MAPT_ICMP_NEXT_IP4_FRAG; } else { next0 = ip6_map_ip4_lookup_bypass (p0, NULL) ? IP6_MAPT_ICMP_NEXT_IP4_REWRITE : next0; } err0: if (PREDICT_TRUE (error0 == MAP_ERROR_NONE)) { vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX, thread_index, vnet_buffer (p0)-> map_t.map_domain_index, 1, len0); } else { next0 = IP6_MAPT_ICMP_NEXT_DROP; } p0->error = error_node->errors[error0]; vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); } vlib_put_next_frame (vm, node, next_index, n_left_to_next); } return frame->n_vectors; } /* * Translate IPv6 fragmented packet to IPv4. */ always_inline int map_ip6_to_ip4_fragmented (vlib_main_t * vm, vlib_buffer_t * p) { ip6_header_t *ip6; ip6_frag_hdr_t *frag; ip4_header_t *ip4; u16 frag_id; u8 frag_more; u16 frag_offset; u8 l4_protocol; u16 l4_offset; ip6 = vlib_buffer_get_current (p); if (ip6_parse (vm, p, ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset)) return -1; frag = (ip6_frag_hdr_t *) u8_ptr_add (ip6, frag_offset); ip4 = (ip4_header_t *) u8_ptr_add (ip6, l4_offset - sizeof (*ip4)); vlib_buffer_advance (p, l4_offset - sizeof (*ip4)); frag_id = frag_id_6to4 (frag->identification); frag_more = ip6_frag_hdr_more (frag); frag_offset = ip6_frag_hdr_offset (frag); ip4->dst_address.as_u32 = vnet_buffer (p)->map_t.v6.daddr; ip4->src_address.as_u32 = vnet_buffer (p)->map_t.v6.saddr; ip4->ip_version_and_header_length = IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; ip4->tos = ip6_translate_tos (ip6->ip_version_traffic_class_and_flow_label); ip4->length = u16_net_add (ip6->payload_length, sizeof (*ip4) - l4_offset + sizeof (*ip6)); ip4->fragment_id = frag_id; ip4->flags_and_fragment_offset = clib_host_to_net_u16 (frag_offset | (frag_more ? IP4_HEADER_FLAG_MORE_FRAGMENTS : 0)); ip4->ttl = ip6->hop_limit; ip4->protocol = (l4_protocol == IP_PROTOCOL_ICMP6) ? IP_PROTOCOL_ICMP : l4_protocol; ip4->checksum = ip4_header_checksum (ip4); return 0; } static uword ip6_map_t_fragmented (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { u32 n_left_from, *from, next_index, *to_next, n_left_to_next; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; vlib_node_runtime_t *error_node = vlib_node_get_runtime (vm, ip6_map_t_fragmented_node.index); while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 0 && n_left_to_next > 0) { u32 pi0; vlib_buffer_t *p0; u32 next0; pi0 = to_next[0] = from[0]; from += 1; n_left_from -= 1; to_next += 1; n_left_to_next -= 1; next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP; p0 = vlib_get_buffer (vm, pi0); if (map_ip6_to_ip4_fragmented (vm, p0)) { p0->error = error_node->errors[MAP_ERROR_FRAGMENT_DROPPED]; next0 = IP6_MAPT_FRAGMENTED_NEXT_DROP; } else { if (vnet_buffer (p0)->map_t.mtu < p0->current_length) { // Send to fragmentation node if necessary vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu; vnet_buffer (p0)->ip_frag.next_index = IP_FRAG_NEXT_IP4_LOOKUP; next0 = IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG; } else { next0 = ip6_map_ip4_lookup_bypass (p0, NULL) ? IP6_MAPT_FRAGMENTED_NEXT_IP4_REWRITE : next0; } } vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); } vlib_put_next_frame (vm, node, next_index, n_left_to_next); } return frame->n_vectors; } /* * Translate IPv6 UDP/TCP packet to IPv4. * Returns 0 on success. * Returns a non-zero error code on error. */ always_inline int map_ip6_to_ip4_tcp_udp (vlib_main_t * vm, vlib_buffer_t * p, bool udp_checksum) { map_main_t *mm = &map_main; ip6_header_t *ip6; u16 *checksum; ip_csum_t csum = 0; ip4_header_t *ip4; u16 fragment_id; u16 flags; u16 frag_offset; u8 l4_protocol; u16 l4_offset; ip6_address_t old_src, old_dst; ip6 = vlib_buffer_get_current (p); if (ip6_parse (vm, p, ip6, p->current_length, &l4_protocol, &l4_offset, &frag_offset)) return -1; if (l4_protocol == IP_PROTOCOL_TCP) { tcp_header_t *tcp = (tcp_header_t *) u8_ptr_add (ip6, l4_offset); if (mm->tcp_mss > 0) { csum = tcp->checksum; map_mss_clamping (tcp, &csum, mm->tcp_mss); tcp->checksum = ip_csum_fold (csum); } checksum = &tcp->checksum; } else { udp_header_t *udp = (udp_header_t *) u8_ptr_add (ip6, l4_offset); checksum = &udp->checksum; } old_src.as_u64[0] = ip6->src_address.as_u64[0]; old_src.as_u64[1] = ip6->src_address.as_u64[1]; old_dst.as_u64[0] = ip6->dst_address.as_u64[0]; old_dst.as_u64[1] = ip6->dst_address.as_u64[1]; ip4 = (ip4_header_t *) u8_ptr_add (ip6, l4_offset - sizeof (*ip4)); vlib_buffer_advance (p, l4_offset - sizeof (*ip4)); if (PREDICT_FALSE (frag_offset)) { // Only the first fragment ip6_frag_hdr_t *hdr = (ip6_frag_hdr_t *) u8_ptr_add (ip6, frag_offset); fragment_id = frag_id_6to4 (hdr->identification); flags = clib_host_to_net_u16 (IP4_HEADER_FLAG_MORE_FRAGMENTS); } else { fragment_id = 0; flags = 0; } ip4->dst_address.as_u32 = vnet_buffer (p)->map_t.v6.daddr; ip4->src_address.as_u32 = vnet_buffer (p)->map_t.v6.saddr; /* * Drop spoofed packets that from a known domain source. */ u32 map_domain_index = -1; u8 error = 0; ip4_map_get_domain (&ip4->src_address, &map_domain_index, &error); if (error) return error; ip4->ip_version_and_header_length = IP4_VERSION_AND_HEADER_LENGTH_NO_OPTIONS; ip4->tos = ip6_translate_tos (ip6->ip_version_traffic_class_and_flow_label); ip4->length = u16_net_add (ip6->payload_length, sizeof (*ip4) + sizeof (*ip6) - l4_offset); ip4->fragment_id = fragment_id; ip4->flags_and_fragment_offset = flags; ip4->ttl = ip6->hop_limit; ip4->protocol = l4_protocol; ip4->checksum = ip4_header_checksum (ip4); // UDP checksum is optional over IPv4 if (!udp_checksum && l4_protocol == IP_PROTOCOL_UDP) { *checksum = 0; } else { csum = ip_csum_sub_even (*checksum, old_src.as_u64[0]); csum = ip_csum_sub_even (csum, old_src.as_u64[1]); csum = ip_csum_sub_even (csum, old_dst.as_u64[0]); csum = ip_csum_sub_even (csum, old_dst.as_u64[1]); csum = ip_csum_add_even (csum, ip4->dst_address.as_u32); csum = ip_csum_add_even (csum, ip4->src_address.as_u32); *checksum = ip_csum_fold (csum); } return 0; } static uword ip6_map_t_tcp_udp (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { u32 n_left_from, *from, next_index, *to_next, n_left_to_next; vlib_node_runtime_t *error_node = vlib_node_get_runtime (vm, ip6_map_t_tcp_udp_node.index); from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 0 && n_left_to_next > 0) { u32 pi0; vlib_buffer_t *p0; ip6_mapt_tcp_udp_next_t next0; pi0 = to_next[0] = from[0]; from += 1; n_left_from -= 1; to_next += 1; n_left_to_next -= 1; next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP; p0 = vlib_get_buffer (vm, pi0); if (map_ip6_to_ip4_tcp_udp (vm, p0, true)) { p0->error = error_node->errors[MAP_ERROR_UNKNOWN]; next0 = IP6_MAPT_TCP_UDP_NEXT_DROP; } else { if (vnet_buffer (p0)->map_t.mtu < p0->current_length) { // Send to fragmentation node if necessary vnet_buffer (p0)->ip_frag.mtu = vnet_buffer (p0)->map_t.mtu; vnet_buffer (p0)->ip_frag.next_index = IP_FRAG_NEXT_IP4_LOOKUP; next0 = IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG; } else { next0 = ip6_map_ip4_lookup_bypass (p0, NULL) ? IP6_MAPT_TCP_UDP_NEXT_IP4_REWRITE : next0; } } vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); } vlib_put_next_frame (vm, node, next_index, n_left_to_next); } return frame->n_vectors; } static uword ip6_map_t (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { u32 n_left_from, *from, next_index, *to_next, n_left_to_next; vlib_node_runtime_t *error_node = vlib_node_get_runtime (vm, ip6_map_t_node.index); map_main_t *mm = &map_main; vlib_combined_counter_main_t *cm = map_main.domain_counters; u32 thread_index = vm->thread_index; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; while (n_left_from > 0) { vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); while (n_left_from > 0 && n_left_to_next > 0) { u32 pi0; vlib_buffer_t *p0; ip6_header_t *ip60; u8 error0; u32 l4_len0; i32 map_port0; map_domain_t *d0; ip6_frag_hdr_t *frag0; ip6_mapt_next_t next0 = 0; u32 saddr; pi0 = to_next[0] = from[0]; from += 1; n_left_from -= 1; to_next += 1; n_left_to_next -= 1; error0 = MAP_ERROR_NONE; p0 = vlib_get_buffer (vm, pi0); u16 l4_src_port = vnet_buffer (p0)->ip.reass.l4_src_port; ip60 = vlib_buffer_get_current (p0); d0 = ip6_map_get_domain (&ip60->dst_address, &vnet_buffer (p0)->map_t.map_domain_index, &error0); if (!d0) { /* Guess it wasn't for us */ vnet_feature_next (&next0, p0); goto exit; } saddr = map_get_ip4 (&ip60->src_address, d0->ip6_src_len); vnet_buffer (p0)->map_t.v6.saddr = saddr; vnet_buffer (p0)->map_t.v6.daddr = ip6_map_t_embedded_address (d0, &ip60->dst_address); vnet_buffer (p0)->map_t.mtu = d0->mtu ? d0->mtu : ~0; map_port0 = -1; if (PREDICT_FALSE (ip60->hop_limit == 1)) { icmp6_error_set_vnet_buffer (p0, ICMP6_time_exceeded, ICMP6_time_exceeded_ttl_exceeded_in_transit, 0); p0->error = error_node->errors[MAP_ERROR_TIME_EXCEEDED]; next0 = IP6_MAPT_NEXT_ICMP; goto trace; } if (PREDICT_FALSE (ip6_parse (vm, p0, ip60, p0->current_length, &(vnet_buffer (p0)->map_t.v6.l4_protocol), &(vnet_buffer (p0)->map_t.v6.l4_offset), &(vnet_buffer (p0)->map_t.v6.frag_offset)))) { error0 = error0 == MAP_ERROR_NONE ? MAP_ERROR_MALFORMED : error0; } l4_len0 = (u32) clib_net_to_host_u16 (ip60->payload_length) + sizeof (*ip60) - vnet_buffer (p0)->map_t.v6.l4_offset; frag0 = (ip6_frag_hdr_t *) u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6. frag_offset); if (PREDICT_FALSE (vnet_buffer (p0)->map_t.v6.frag_offset && ip6_frag_hdr_offset (frag0))) { map_port0 = l4_src_port; next0 = IP6_MAPT_NEXT_MAPT_FRAGMENTED; } else if (PREDICT_TRUE (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_TCP)) { error0 = l4_len0 < sizeof (tcp_header_t) ? MAP_ERROR_MALFORMED : error0; vnet_buffer (p0)->map_t.checksum_offset = vnet_buffer (p0)->map_t.v6.l4_offset + 16; next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP; map_port0 = l4_src_port; } else if (PREDICT_TRUE (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_UDP)) { error0 = l4_len0 < sizeof (udp_header_t) ? MAP_ERROR_MALFORMED : error0; vnet_buffer (p0)->map_t.checksum_offset = vnet_buffer (p0)->map_t.v6.l4_offset + 6; next0 = IP6_MAPT_NEXT_MAPT_TCP_UDP; map_port0 = l4_src_port; } else if (vnet_buffer (p0)->map_t.v6.l4_protocol == IP_PROTOCOL_ICMP6) { error0 = l4_len0 < sizeof (icmp46_header_t) ? MAP_ERROR_MALFORMED : error0; next0 = IP6_MAPT_NEXT_MAPT_ICMP; if (((icmp46_header_t *) u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset))->type == ICMP6_echo_reply || ((icmp46_header_t *) u8_ptr_add (ip60, vnet_buffer (p0)->map_t.v6.l4_offset))-> type == ICMP6_echo_request) map_port0 = l4_src_port; } else { // TODO: In case of 1:1 mapping, it might be possible to // do something with those packets. error0 = MAP_ERROR_BAD_PROTOCOL; } if (PREDICT_FALSE (map_port0 != -1) && (ip60->src_address.as_u64[0] != map_get_pfx_net (d0, vnet_buffer (p0)->map_t.v6.saddr, map_port0) || ip60->src_address.as_u64[1] != map_get_sfx_net (d0, vnet_buffer (p0)->map_t. v6.saddr, map_port0))) { // Security check when map_port0 is not zero (non-first // fragment, UDP or TCP) error0 = error0 == MAP_ERROR_NONE ? MAP_ERROR_SEC_CHECK : error0; } if (PREDICT_TRUE (error0 == MAP_ERROR_NONE && next0 != IP6_MAPT_NEXT_MAPT_ICMP)) { vlib_increment_combined_counter (cm + MAP_DOMAIN_COUNTER_RX, thread_index, vnet_buffer (p0)->map_t. map_domain_index, 1, clib_net_to_host_u16 (ip60-> payload_length)); } if (PREDICT_FALSE (error0 == MAP_ERROR_SEC_CHECK && mm->icmp6_enabled)) { icmp6_error_set_vnet_buffer (p0, ICMP6_destination_unreachable, ICMP6_destination_unreachable_source_address_failed_policy, 0); next0 = IP6_MAPT_NEXT_ICMP; } else { next0 = (error0 != MAP_ERROR_NONE) ? IP6_MAPT_NEXT_DROP : next0; } p0->error = error_node->errors[error0]; trace: if (PREDICT_FALSE (p0->flags & VLIB_BUFFER_IS_TRACED)) { map_add_trace (vm, node, p0, vnet_buffer (p0)->map_t.map_domain_index, map_port0); } exit: vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); } vlib_put_next_frame (vm, node, next_index, n_left_to_next); } return frame->n_vectors; } /* *INDENT-OFF* */ VLIB_REGISTER_NODE(ip6_map_t_fragmented_node) = { .function = ip6_map_t_fragmented, .name = "ip6-map-t-fragmented", .vector_size = sizeof (u32), .format_trace = format_map_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = MAP_N_ERROR, .error_counters = map_error_counters, .n_next_nodes = IP6_MAPT_FRAGMENTED_N_NEXT, .next_nodes = { [IP6_MAPT_FRAGMENTED_NEXT_IP4_LOOKUP] = "ip4-lookup", [IP6_MAPT_FRAGMENTED_NEXT_IP4_REWRITE] = "ip4-load-balance", [IP6_MAPT_FRAGMENTED_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME, [IP6_MAPT_FRAGMENTED_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ /* *INDENT-OFF* */ VLIB_REGISTER_NODE(ip6_map_t_icmp_node) = { .function = ip6_map_t_icmp, .name = "ip6-map-t-icmp", .vector_size = sizeof (u32), .format_trace = format_map_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = MAP_N_ERROR, .error_counters = map_error_counters, .n_next_nodes = IP6_MAPT_ICMP_N_NEXT, .next_nodes = { [IP6_MAPT_ICMP_NEXT_IP4_LOOKUP] = "ip4-lookup", [IP6_MAPT_ICMP_NEXT_IP4_REWRITE] = "ip4-load-balance", [IP6_MAPT_ICMP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME, [IP6_MAPT_ICMP_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ /* *INDENT-OFF* */ VLIB_REGISTER_NODE(ip6_map_t_tcp_udp_node) = { .function = ip6_map_t_tcp_udp, .name = "ip6-map-t-tcp-udp", .vector_size = sizeof (u32), .format_trace = format_map_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = MAP_N_ERROR, .error_counters = map_error_counters, .n_next_nodes = IP6_MAPT_TCP_UDP_N_NEXT, .next_nodes = { [IP6_MAPT_TCP_UDP_NEXT_IP4_LOOKUP] = "ip4-lookup", [IP6_MAPT_TCP_UDP_NEXT_IP4_REWRITE] = "ip4-load-balance", [IP6_MAPT_TCP_UDP_NEXT_IP4_FRAG] = IP4_FRAG_NODE_NAME, [IP6_MAPT_TCP_UDP_NEXT_DROP] = "error-drop", }, }; /* *INDENT-ON* */ /* *INDENT-OFF* */ VNET_FEATURE_INIT (ip6_map_t_feature, static) = { .arc_name = "ip6-unicast", .node_name = "ip6-map-t", .runs_before = VNET_FEATURES ("ip6-flow-classify"), .runs_after = VNET_FEATURES ("ip6-sv-reassembly-feature"), }; VLIB_REGISTER_NODE(ip6_map_t_node) = { .function = ip6_map_t, .name = "ip6-map-t", .vector_size = sizeof(u32), .format_trace = format_map_trace, .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = MAP_N_ERROR, .error_counters = map_error_counters, .n_next_nodes = IP6_MAPT_N_NEXT, .next_nodes = { [IP6_MAPT_NEXT_MAPT_TCP_UDP] = "ip6-map-t-tcp-udp", [IP6_MAPT_NEXT_MAPT_ICMP] = "ip6-map-t-icmp", [IP6_MAPT_NEXT_MAPT_FRAGMENTED] = "ip6-map-t-fragmented", [IP6_MAPT_NEXT_DROP] = "error-drop", [IP6_MAPT_NEXT_ICMP] = "ip6-icmp-error", }, }; /* *INDENT-ON* */ /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */