]> git.proxmox.com Git - mirror_frr.git/blob - nhrpd/nhrp_vc.c
projects / mirror_frr.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #5919 from qlyoung/fix-vrrp-mvl-uaf
[mirror_frr.git] / nhrpd / nhrp_vc.c
1 /* NHRP virtual connection
2 * Copyright (c) 2014-2015 Timo Teräs
3 *
4 * This file is free software: you may copy, redistribute and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, either version 2 of the License, or
7 * (at your option) any later version.
8 */
9
10 #include "zebra.h"
11 #include "memory.h"
12 #include "stream.h"
13 #include "hash.h"
14 #include "thread.h"
15 #include "jhash.h"
16
17 #include "nhrpd.h"
18 #include "os.h"
19
20 DEFINE_MTYPE_STATIC(NHRPD, NHRP_VC, "NHRP virtual connection")
21
22 struct child_sa {
23 uint32_t id;
24 struct nhrp_vc *vc;
25 struct list_head childlist_entry;
26 };
27
28 static struct hash *nhrp_vc_hash;
29 static struct list_head childlist_head[512];
30
31 static unsigned int nhrp_vc_key(const void *peer_data)
32 {
33 const struct nhrp_vc *vc = peer_data;
34 return jhash_2words(sockunion_hash(&vc->local.nbma),
35 sockunion_hash(&vc->remote.nbma), 0);
36 }
37
38 static bool nhrp_vc_cmp(const void *cache_data, const void *key_data)
39 {
40 const struct nhrp_vc *a = cache_data;
41 const struct nhrp_vc *b = key_data;
42
43 return sockunion_same(&a->local.nbma, &b->local.nbma)
44 && sockunion_same(&a->remote.nbma, &b->remote.nbma);
45 }
46
47 static void *nhrp_vc_alloc(void *data)
48 {
49 struct nhrp_vc *vc, *key = data;
50
51 vc = XMALLOC(MTYPE_NHRP_VC, sizeof(struct nhrp_vc));
52
53 *vc = (struct nhrp_vc){
54 .local.nbma = key->local.nbma,
55 .remote.nbma = key->remote.nbma,
56 .notifier_list =
57 NOTIFIER_LIST_INITIALIZER(&vc->notifier_list),
58 };
59
60 return vc;
61 }
62
63 static void nhrp_vc_free(void *data)
64 {
65 XFREE(MTYPE_NHRP_VC, data);
66 }
67
68 struct nhrp_vc *nhrp_vc_get(const union sockunion *src,
69 const union sockunion *dst, int create)
70 {
71 struct nhrp_vc key;
72 key.local.nbma = *src;
73 key.remote.nbma = *dst;
74 return hash_get(nhrp_vc_hash, &key, create ? nhrp_vc_alloc : 0);
75 }
76
77 static void nhrp_vc_check_delete(struct nhrp_vc *vc)
78 {
79 if (vc->updating || vc->ipsec || notifier_active(&vc->notifier_list))
80 return;
81 hash_release(nhrp_vc_hash, vc);
82 nhrp_vc_free(vc);
83 }
84
85 static void nhrp_vc_update(struct nhrp_vc *vc, long cmd)
86 {
87 vc->updating = 1;
88 notifier_call(&vc->notifier_list, cmd);
89 vc->updating = 0;
90 nhrp_vc_check_delete(vc);
91 }
92
93 static void nhrp_vc_ipsec_reset(struct nhrp_vc *vc)
94 {
95 vc->local.id[0] = 0;
96 vc->local.certlen = 0;
97 vc->remote.id[0] = 0;
98 vc->remote.certlen = 0;
99 }
100
101 int nhrp_vc_ipsec_updown(uint32_t child_id, struct nhrp_vc *vc)
102 {
103 char buf[2][SU_ADDRSTRLEN];
104 struct child_sa *sa = NULL, *lsa;
105 uint32_t child_hash = child_id % array_size(childlist_head);
106 int abort_migration = 0;
107
108 list_for_each_entry(lsa, &childlist_head[child_hash], childlist_entry)
109 {
110 if (lsa->id == child_id) {
111 sa = lsa;
112 break;
113 }
114 }
115
116 if (!sa) {
117 if (!vc)
118 return 0;
119
120 sa = XMALLOC(MTYPE_NHRP_VC, sizeof(struct child_sa));
121
122 *sa = (struct child_sa){
123 .id = child_id,
124 .childlist_entry =
125 LIST_INITIALIZER(sa->childlist_entry),
126 .vc = NULL,
127 };
128 list_add_tail(&sa->childlist_entry,
129 &childlist_head[child_hash]);
130 }
131
132 if (sa->vc == vc)
133 return 0;
134
135 if (vc) {
136 /* Attach first to new VC */
137 vc->ipsec++;
138 nhrp_vc_update(vc, NOTIFY_VC_IPSEC_CHANGED);
139 }
140 if (sa->vc && vc) {
141 /* Notify old VC of migration */
142 sa->vc->abort_migration = 0;
143 debugf(NHRP_DEBUG_COMMON, "IPsec NBMA change of %s to %s",
144 sockunion2str(&sa->vc->remote.nbma, buf[0],
145 sizeof(buf[0])),
146 sockunion2str(&vc->remote.nbma, buf[1], sizeof(buf[1])));
147 nhrp_vc_update(sa->vc, NOTIFY_VC_IPSEC_UPDATE_NBMA);
148 abort_migration = sa->vc->abort_migration;
149 }
150 if (sa->vc) {
151 /* Deattach old VC */
152 sa->vc->ipsec--;
153 if (!sa->vc->ipsec)
154 nhrp_vc_ipsec_reset(sa->vc);
155 nhrp_vc_update(sa->vc, NOTIFY_VC_IPSEC_CHANGED);
156 }
157
158 /* Update */
159 sa->vc = vc;
160 if (!vc) {
161 list_del(&sa->childlist_entry);
162 XFREE(MTYPE_NHRP_VC, sa);
163 }
164
165 return abort_migration;
166 }
167
168 void nhrp_vc_notify_add(struct nhrp_vc *vc, struct notifier_block *n,
169 notifier_fn_t action)
170 {
171 notifier_add(n, &vc->notifier_list, action);
172 }
173
174 void nhrp_vc_notify_del(struct nhrp_vc *vc, struct notifier_block *n)
175 {
176 notifier_del(n);
177 nhrp_vc_check_delete(vc);
178 }
179
180
181 struct nhrp_vc_iterator_ctx {
182 void (*cb)(struct nhrp_vc *, void *);
183 void *ctx;
184 };
185
186 static void nhrp_vc_iterator(struct hash_bucket *b, void *ctx)
187 {
188 struct nhrp_vc_iterator_ctx *ic = ctx;
189 ic->cb(b->data, ic->ctx);
190 }
191
192 void nhrp_vc_foreach(void (*cb)(struct nhrp_vc *, void *), void *ctx)
193 {
194 struct nhrp_vc_iterator_ctx ic = {
195 .cb = cb, .ctx = ctx,
196 };
197 hash_iterate(nhrp_vc_hash, nhrp_vc_iterator, &ic);
198 }
199
200 void nhrp_vc_init(void)
201 {
202 size_t i;
203
204 nhrp_vc_hash = hash_create(nhrp_vc_key, nhrp_vc_cmp, "NHRP VC hash");
205 for (i = 0; i < array_size(childlist_head); i++)
206 list_init(&childlist_head[i]);
207 }
208
209 void nhrp_vc_reset(void)
210 {
211 struct child_sa *sa, *n;
212 size_t i;
213
214 for (i = 0; i < array_size(childlist_head); i++) {
215 list_for_each_entry_safe(sa, n, &childlist_head[i],
216 childlist_entry)
217 nhrp_vc_ipsec_updown(sa->id, 0);
218 }
219 }
220
221 void nhrp_vc_terminate(void)
222 {
223 nhrp_vc_reset();
224 hash_clean(nhrp_vc_hash, nhrp_vc_free);
225 }
FRRouting mirror