Compare commits
No commits in common. 'c9' and 'i10cs' have entirely different histories.
@ -1 +1 @@
|
|||||||
467835eb73a6018948fd667663ce68282cf6d16b SOURCES/frr-8.3.1.tar.gz
|
ae93955533d9370c136d45a3adf808d7b50284a0 SOURCES/frr-10.1.tar.gz
|
||||||
|
@ -1 +1 @@
|
|||||||
SOURCES/frr-8.3.1.tar.gz
|
SOURCES/frr-10.1.tar.gz
|
||||||
|
@ -1,25 +0,0 @@
|
|||||||
diff --git a/ospfd/ospf_spf.c b/ospfd/ospf_spf.c
|
|
||||||
index 74a5674..aec9037 100644
|
|
||||||
--- a/ospfd/ospf_spf.c
|
|
||||||
+++ b/ospfd/ospf_spf.c
|
|
||||||
@@ -48,7 +48,10 @@
|
|
||||||
#include "ospfd/ospf_sr.h"
|
|
||||||
#include "ospfd/ospf_ti_lfa.h"
|
|
||||||
#include "ospfd/ospf_errors.h"
|
|
||||||
+
|
|
||||||
+#ifdef SUPPORT_OSPF_API
|
|
||||||
#include "ospfd/ospf_apiserver.h"
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/* Variables to ensure a SPF scheduled log message is printed only once */
|
|
||||||
|
|
||||||
@@ -1897,7 +1900,9 @@ static void ospf_spf_calculate_schedule_worker(struct thread *thread)
|
|
||||||
/* Update all routers routing table */
|
|
||||||
ospf->oall_rtrs = ospf->all_rtrs;
|
|
||||||
ospf->all_rtrs = all_rtrs;
|
|
||||||
+#ifdef SUPPORT_OSPF_API
|
|
||||||
ospf_apiserver_notify_reachable(ospf->oall_rtrs, ospf->all_rtrs);
|
|
||||||
+#endif
|
|
||||||
|
|
||||||
/* Free old ABR/ASBR routing table */
|
|
||||||
if (ospf->old_rtrs)
|
|
@ -0,0 +1,27 @@
|
|||||||
|
diff --git a/tests/lib/subdir.am b/tests/lib/subdir.am
|
||||||
|
index 7b5eaa4..5c82f69 100644
|
||||||
|
--- a/tests/lib/subdir.am
|
||||||
|
+++ b/tests/lib/subdir.am
|
||||||
|
@@ -18,22 +18,6 @@ tests_lib_test_frrscript_SOURCES = tests/lib/test_frrscript.c
|
||||||
|
test -e tests/lib/script1.lua || \
|
||||||
|
$(INSTALL_SCRIPT) $< tests/lib/script1.lua
|
||||||
|
|
||||||
|
-##############################################################################
|
||||||
|
-GRPC_TESTS_LDADD = mgmtd/libmgmt_be_nb.la staticd/libstatic.a grpc/libfrrgrpc_pb.la $(GRPC_LIBS) $(ALL_TESTS_LDADD) $(LIBYANG_LIBS) -lm
|
||||||
|
-
|
||||||
|
-if GRPC
|
||||||
|
-check_PROGRAMS += tests/lib/test_grpc
|
||||||
|
-endif
|
||||||
|
-tests_lib_test_grpc_CXXFLAGS = $(WERROR) $(TESTS_CXXFLAGS)
|
||||||
|
-tests_lib_test_grpc_CPPFLAGS = $(TESTS_CPPFLAGS)
|
||||||
|
-tests_lib_test_grpc_LDADD = $(GRPC_TESTS_LDADD)
|
||||||
|
-tests_lib_test_grpc_SOURCES = tests/lib/test_grpc.cpp
|
||||||
|
-nodist_tests_lib_test_grpc_SOURCES = \
|
||||||
|
- yang/frr-bfdd.yang.c \
|
||||||
|
- yang/frr-staticd.yang.c \
|
||||||
|
- # end
|
||||||
|
-
|
||||||
|
-
|
||||||
|
##############################################################################
|
||||||
|
if ZEROMQ
|
||||||
|
check_PROGRAMS += tests/lib/test_zmq
|
@ -1,78 +0,0 @@
|
|||||||
From 12f9f8472d0f8cfc026352906b8e5342df2846cc Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
Date: Tue, 27 Sep 2022 17:30:16 +0300
|
|
||||||
Subject: [PATCH] bgpd: Do not send Deconfig/Shutdown message when restarting
|
|
||||||
|
|
||||||
We might disable sending unconfig/shutdown notifications when
|
|
||||||
Graceful-Restart is enabled and negotiated.
|
|
||||||
|
|
||||||
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
---
|
|
||||||
bgpd/bgpd.c | 35 ++++++++++++++++++++++++++---------
|
|
||||||
1 file changed, 26 insertions(+), 9 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgpd.c b/bgpd/bgpd.c
|
|
||||||
index 749e46ebe9d..ae1308db423 100644
|
|
||||||
--- a/bgpd/bgpd.c
|
|
||||||
+++ b/bgpd/bgpd.c
|
|
||||||
@@ -2755,11 +2755,34 @@ int peer_group_remote_as(struct bgp *bgp, const char *group_name, as_t *as,
|
|
||||||
|
|
||||||
void peer_notify_unconfig(struct peer *peer)
|
|
||||||
{
|
|
||||||
+ if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)) {
|
|
||||||
+ if (bgp_debug_neighbor_events(peer))
|
|
||||||
+ zlog_debug(
|
|
||||||
+ "%pBP configured Graceful-Restart, skipping unconfig notification",
|
|
||||||
+ peer);
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (BGP_IS_VALID_STATE_FOR_NOTIF(peer->status))
|
|
||||||
bgp_notify_send(peer, BGP_NOTIFY_CEASE,
|
|
||||||
BGP_NOTIFY_CEASE_PEER_UNCONFIG);
|
|
||||||
}
|
|
||||||
|
|
||||||
+static void peer_notify_shutdown(struct peer *peer)
|
|
||||||
+{
|
|
||||||
+ if (BGP_PEER_GRACEFUL_RESTART_CAPABLE(peer)) {
|
|
||||||
+ if (bgp_debug_neighbor_events(peer))
|
|
||||||
+ zlog_debug(
|
|
||||||
+ "%pBP configured Graceful-Restart, skipping shutdown notification",
|
|
||||||
+ peer);
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ if (BGP_IS_VALID_STATE_FOR_NOTIF(peer->status))
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_CEASE,
|
|
||||||
+ BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
void peer_group_notify_unconfig(struct peer_group *group)
|
|
||||||
{
|
|
||||||
struct peer *peer, *other;
|
|
||||||
@@ -3676,11 +3699,8 @@ int bgp_delete(struct bgp *bgp)
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Inform peers we're going down. */
|
|
||||||
- for (ALL_LIST_ELEMENTS(bgp->peer, node, next, peer)) {
|
|
||||||
- if (BGP_IS_VALID_STATE_FOR_NOTIF(peer->status))
|
|
||||||
- bgp_notify_send(peer, BGP_NOTIFY_CEASE,
|
|
||||||
- BGP_NOTIFY_CEASE_ADMIN_SHUTDOWN);
|
|
||||||
- }
|
|
||||||
+ for (ALL_LIST_ELEMENTS(bgp->peer, node, next, peer))
|
|
||||||
+ peer_notify_shutdown(peer);
|
|
||||||
|
|
||||||
/* Delete static routes (networks). */
|
|
||||||
bgp_static_delete(bgp);
|
|
||||||
@@ -8252,10 +8272,7 @@ void bgp_terminate(void)
|
|
||||||
|
|
||||||
for (ALL_LIST_ELEMENTS(bm->bgp, mnode, mnnode, bgp))
|
|
||||||
for (ALL_LIST_ELEMENTS(bgp->peer, node, nnode, peer))
|
|
||||||
- if (peer_established(peer) || peer->status == OpenSent
|
|
||||||
- || peer->status == OpenConfirm)
|
|
||||||
- bgp_notify_send(peer, BGP_NOTIFY_CEASE,
|
|
||||||
- BGP_NOTIFY_CEASE_PEER_UNCONFIG);
|
|
||||||
+ peer_notify_unconfig(peer);
|
|
||||||
|
|
||||||
BGP_TIMER_OFF(bm->t_rmap_update);
|
|
||||||
|
|
@ -0,0 +1,487 @@
|
|||||||
|
From f450e1cda41f1b7576094a0b3017ba9849cd55ae Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
Date: Fri, 7 Jun 2024 12:30:59 -0400
|
||||||
|
Subject: [PATCH 1/5] zebra: Make p and src_p const for rib_delete
|
||||||
|
|
||||||
|
The prefix'es p and src_p are not const. Let's make
|
||||||
|
them so. Useful to signal that we will not change this
|
||||||
|
data.
|
||||||
|
|
||||||
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
---
|
||||||
|
zebra/rib.h | 2 +-
|
||||||
|
zebra/zebra_rib.c | 4 ++--
|
||||||
|
2 files changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/zebra/rib.h b/zebra/rib.h
|
||||||
|
index 84ea766c4733..7f4e3949e02d 100644
|
||||||
|
--- a/zebra/rib.h
|
||||||
|
+++ b/zebra/rib.h
|
||||||
|
@@ -395,7 +395,7 @@ extern int rib_add_multipath_nhe(afi_t afi, safi_t safi, struct prefix *p,
|
||||||
|
|
||||||
|
extern void rib_delete(afi_t afi, safi_t safi, vrf_id_t vrf_id, int type,
|
||||||
|
unsigned short instance, uint32_t flags,
|
||||||
|
- struct prefix *p, struct prefix_ipv6 *src_p,
|
||||||
|
+ const struct prefix *p, const struct prefix_ipv6 *src_p,
|
||||||
|
const struct nexthop *nh, uint32_t nhe_id,
|
||||||
|
uint32_t table_id, uint32_t metric, uint8_t distance,
|
||||||
|
bool fromkernel);
|
||||||
|
diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
|
||||||
|
index 59190e9dd330..c1bd61e1db31 100644
|
||||||
|
--- a/zebra/zebra_rib.c
|
||||||
|
+++ b/zebra/zebra_rib.c
|
||||||
|
@@ -4393,8 +4393,8 @@ int rib_add_multipath(afi_t afi, safi_t safi, struct prefix *p,
|
||||||
|
}
|
||||||
|
|
||||||
|
void rib_delete(afi_t afi, safi_t safi, vrf_id_t vrf_id, int type,
|
||||||
|
- unsigned short instance, uint32_t flags, struct prefix *p,
|
||||||
|
- struct prefix_ipv6 *src_p, const struct nexthop *nh,
|
||||||
|
+ unsigned short instance, uint32_t flags, const struct prefix *p,
|
||||||
|
+ const struct prefix_ipv6 *src_p, const struct nexthop *nh,
|
||||||
|
uint32_t nhe_id, uint32_t table_id, uint32_t metric,
|
||||||
|
uint8_t distance, bool fromkernel)
|
||||||
|
{
|
||||||
|
|
||||||
|
From bdfccf69fa128c51c45bbd3528788f72ac17d854 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
Date: Fri, 7 Jun 2024 12:56:35 -0400
|
||||||
|
Subject: [PATCH 2/5] zebra: Expose rib_update_handle_vrf_all
|
||||||
|
|
||||||
|
This function will be used on interface down
|
||||||
|
events to allow for kernel routes to be cleaned
|
||||||
|
up.
|
||||||
|
|
||||||
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
---
|
||||||
|
zebra/rib.h | 2 ++
|
||||||
|
zebra/zebra_rib.c | 2 +-
|
||||||
|
2 files changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/zebra/rib.h b/zebra/rib.h
|
||||||
|
index 7f4e3949e02d..8792fb7908ac 100644
|
||||||
|
--- a/zebra/rib.h
|
||||||
|
+++ b/zebra/rib.h
|
||||||
|
@@ -477,6 +477,8 @@ extern uint8_t route_distance(int type);
|
||||||
|
extern void zebra_rib_evaluate_rn_nexthops(struct route_node *rn, uint32_t seq,
|
||||||
|
bool rt_delete);
|
||||||
|
|
||||||
|
+extern void rib_update_handle_vrf_all(enum rib_update_event event, int rtype);
|
||||||
|
+
|
||||||
|
/*
|
||||||
|
* rib_find_rn_from_ctx
|
||||||
|
*
|
||||||
|
diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
|
||||||
|
index c1bd61e1db31..649450b5c63c 100644
|
||||||
|
--- a/zebra/zebra_rib.c
|
||||||
|
+++ b/zebra/zebra_rib.c
|
||||||
|
@@ -4543,7 +4543,7 @@ void rib_update_table(struct route_table *table, enum rib_update_event event,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-static void rib_update_handle_vrf_all(enum rib_update_event event, int rtype)
|
||||||
|
+void rib_update_handle_vrf_all(enum rib_update_event event, int rtype)
|
||||||
|
{
|
||||||
|
struct zebra_router_table *zrt;
|
||||||
|
|
||||||
|
|
||||||
|
From d528c02a204086da0d542d5655b8724de681a65c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
Date: Fri, 7 Jun 2024 13:50:07 -0400
|
||||||
|
Subject: [PATCH 3/5] zebra: Handle kernel routes appropriately
|
||||||
|
|
||||||
|
Current code intentionally ignores kernel routes. Modify
|
||||||
|
zebra to allow these routes to be read in on linux. Also
|
||||||
|
modify zebra to look to see if a route should be treated
|
||||||
|
as a connected and mark it as such.
|
||||||
|
|
||||||
|
Additionally this should properly handle some of the issues
|
||||||
|
being seen with NOPREFIXROUTE.
|
||||||
|
|
||||||
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
---
|
||||||
|
zebra/interface.c | 2 +
|
||||||
|
zebra/rib.h | 1 +
|
||||||
|
zebra/rt_netlink.c | 2 -
|
||||||
|
zebra/zebra_rib.c | 105 +++++++++++++++++++++++++++++++++++++++------
|
||||||
|
4 files changed, 96 insertions(+), 14 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/zebra/interface.c b/zebra/interface.c
|
||||||
|
index 03b710e1a0f9..d146004781a5 100644
|
||||||
|
--- a/zebra/interface.c
|
||||||
|
+++ b/zebra/interface.c
|
||||||
|
@@ -1058,6 +1058,8 @@ void if_down(struct interface *ifp)
|
||||||
|
|
||||||
|
/* Delete all neighbor addresses learnt through IPv6 RA */
|
||||||
|
if_down_del_nbr_connected(ifp);
|
||||||
|
+
|
||||||
|
+ rib_update_handle_vrf_all(RIB_UPDATE_INTERFACE_DOWN, ZEBRA_ROUTE_KERNEL);
|
||||||
|
}
|
||||||
|
|
||||||
|
void if_refresh(struct interface *ifp)
|
||||||
|
diff --git a/zebra/rib.h b/zebra/rib.h
|
||||||
|
index 8792fb7908ac..cd6efbfb36dd 100644
|
||||||
|
--- a/zebra/rib.h
|
||||||
|
+++ b/zebra/rib.h
|
||||||
|
@@ -326,6 +326,7 @@ typedef struct rib_tables_iter_t_ {
|
||||||
|
|
||||||
|
/* Events/reasons triggering a RIB update. */
|
||||||
|
enum rib_update_event {
|
||||||
|
+ RIB_UPDATE_INTERFACE_DOWN,
|
||||||
|
RIB_UPDATE_KERNEL,
|
||||||
|
RIB_UPDATE_RMAP_CHANGE,
|
||||||
|
RIB_UPDATE_OTHER,
|
||||||
|
diff --git a/zebra/rt_netlink.c b/zebra/rt_netlink.c
|
||||||
|
index c22145be693b..ddcb83cd8ce7 100644
|
||||||
|
--- a/zebra/rt_netlink.c
|
||||||
|
+++ b/zebra/rt_netlink.c
|
||||||
|
@@ -799,8 +799,6 @@ int netlink_route_change_read_unicast_internal(struct nlmsghdr *h,
|
||||||
|
return 0;
|
||||||
|
if (rtm->rtm_protocol == RTPROT_REDIRECT)
|
||||||
|
return 0;
|
||||||
|
- if (rtm->rtm_protocol == RTPROT_KERNEL)
|
||||||
|
- return 0;
|
||||||
|
|
||||||
|
selfroute = is_selfroute(rtm->rtm_protocol);
|
||||||
|
|
||||||
|
diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
|
||||||
|
index 649450b5c63c..2d6c5148833a 100644
|
||||||
|
--- a/zebra/zebra_rib.c
|
||||||
|
+++ b/zebra/zebra_rib.c
|
||||||
|
@@ -1619,6 +1619,10 @@ static bool rib_compare_routes(const struct route_entry *re1,
|
||||||
|
* v6 link-locals, and we also support multiple addresses in the same
|
||||||
|
* subnet on a single interface.
|
||||||
|
*/
|
||||||
|
+ if (re1->type == ZEBRA_ROUTE_CONNECT &&
|
||||||
|
+ (re1->nhe->nhg.nexthop->ifindex == re2->nhe->nhg.nexthop->ifindex))
|
||||||
|
+ return true;
|
||||||
|
+
|
||||||
|
if (re1->type != ZEBRA_ROUTE_CONNECT && re1->type != ZEBRA_ROUTE_LOCAL)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
@@ -2863,10 +2867,11 @@ static void process_subq_early_route_add(struct zebra_early_route *ere)
|
||||||
|
|
||||||
|
/* Link new re to node.*/
|
||||||
|
if (IS_ZEBRA_DEBUG_RIB) {
|
||||||
|
- rnode_debug(
|
||||||
|
- rn, re->vrf_id,
|
||||||
|
- "Inserting route rn %p, re %p (%s) existing %p, same_count %d",
|
||||||
|
- rn, re, zebra_route_string(re->type), same, same_count);
|
||||||
|
+ rnode_debug(rn, re->vrf_id,
|
||||||
|
+ "Inserting route rn %p, re %p (%s/%s/%s) existing %p, same_count %d",
|
||||||
|
+ rn, re, zebra_route_string(re->type),
|
||||||
|
+ afi2str(ere->afi), safi2str(ere->safi), same,
|
||||||
|
+ same_count);
|
||||||
|
|
||||||
|
if (IS_ZEBRA_DEBUG_RIB_DETAILED)
|
||||||
|
route_entry_dump(
|
||||||
|
@@ -4383,6 +4388,34 @@ int rib_add_multipath(afi_t afi, safi_t safi, struct prefix *p,
|
||||||
|
nhe.id = re->nhe_id;
|
||||||
|
|
||||||
|
n = zebra_nhe_copy(&nhe, 0);
|
||||||
|
+
|
||||||
|
+ if (re->type == ZEBRA_ROUTE_KERNEL) {
|
||||||
|
+ struct interface *ifp;
|
||||||
|
+ struct connected *connected;
|
||||||
|
+
|
||||||
|
+ if (p->family == AF_INET6 &&
|
||||||
|
+ IN6_IS_ADDR_LINKLOCAL(&p->u.prefix6)) {
|
||||||
|
+ zebra_nhg_free(n);
|
||||||
|
+ zebra_rib_route_entry_free(re);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ ifp = if_lookup_prefix(p, re->vrf_id);
|
||||||
|
+ if (ifp) {
|
||||||
|
+ connected = connected_lookup_prefix(ifp, p);
|
||||||
|
+
|
||||||
|
+ if (connected && !CHECK_FLAG(connected->flags,
|
||||||
|
+ ZEBRA_IFA_NOPREFIXROUTE)) {
|
||||||
|
+ zebra_nhg_free(n);
|
||||||
|
+ zebra_rib_route_entry_free(re);
|
||||||
|
+ return -1;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (ifp->ifindex == ng->nexthop->ifindex)
|
||||||
|
+ re->type = ZEBRA_ROUTE_CONNECT;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
ret = rib_add_multipath_nhe(afi, safi, p, src_p, re, n, startup);
|
||||||
|
|
||||||
|
/* In error cases, free the route also */
|
||||||
|
@@ -4458,6 +4491,9 @@ static const char *rib_update_event2str(enum rib_update_event event)
|
||||||
|
const char *ret = "UNKNOWN";
|
||||||
|
|
||||||
|
switch (event) {
|
||||||
|
+ case RIB_UPDATE_INTERFACE_DOWN:
|
||||||
|
+ ret = "RIB_UPDATE_INTERFACE_DOWN";
|
||||||
|
+ break;
|
||||||
|
case RIB_UPDATE_KERNEL:
|
||||||
|
ret = "RIB_UPDATE_KERNEL";
|
||||||
|
break;
|
||||||
|
@@ -4474,15 +4510,56 @@ static const char *rib_update_event2str(enum rib_update_event event)
|
||||||
|
return ret;
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * We now keep kernel routes, but we don't have any
|
||||||
|
+ * trigger events for them when they are implicitly
|
||||||
|
+ * deleted. Since we are already walking the
|
||||||
|
+ * entire table on a down event let's look at
|
||||||
|
+ * the few kernel routes we may have
|
||||||
|
+ */
|
||||||
|
+static void
|
||||||
|
+rib_update_handle_kernel_route_down_possibility(struct route_node *rn,
|
||||||
|
+ struct route_entry *re)
|
||||||
|
+{
|
||||||
|
+ struct nexthop *nexthop = NULL;
|
||||||
|
+ bool alive = false;
|
||||||
|
+
|
||||||
|
+ for (ALL_NEXTHOPS(re->nhe->nhg, nexthop)) {
|
||||||
|
+ struct interface *ifp = if_lookup_by_index(nexthop->ifindex,
|
||||||
|
+ nexthop->vrf_id);
|
||||||
|
+
|
||||||
|
+ if (ifp && if_is_up(ifp)) {
|
||||||
|
+ alive = true;
|
||||||
|
+ break;
|
||||||
|
+ }
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ if (!alive) {
|
||||||
|
+ struct rib_table_info *rib_table = srcdest_rnode_table_info(rn);
|
||||||
|
+ const struct prefix *p;
|
||||||
|
+ const struct prefix_ipv6 *src_p;
|
||||||
|
+
|
||||||
|
+ srcdest_rnode_prefixes(rn, &p, (const struct prefix **)&src_p);
|
||||||
|
+
|
||||||
|
+ rib_delete(rib_table->afi, rib_table->safi, re->vrf_id,
|
||||||
|
+ re->type, re->instance, re->flags, p, src_p, NULL, 0,
|
||||||
|
+ re->table, re->metric, re->distance, true);
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
|
||||||
|
/* Schedule route nodes to be processed if they match the type */
|
||||||
|
-static void rib_update_route_node(struct route_node *rn, int type)
|
||||||
|
+static void rib_update_route_node(struct route_node *rn, int type,
|
||||||
|
+ enum rib_update_event event)
|
||||||
|
{
|
||||||
|
struct route_entry *re, *next;
|
||||||
|
bool re_changed = false;
|
||||||
|
|
||||||
|
RNODE_FOREACH_RE_SAFE (rn, re, next) {
|
||||||
|
- if (type == ZEBRA_ROUTE_ALL || type == re->type) {
|
||||||
|
+ if (event == RIB_UPDATE_INTERFACE_DOWN && type == re->type &&
|
||||||
|
+ type == ZEBRA_ROUTE_KERNEL)
|
||||||
|
+ rib_update_handle_kernel_route_down_possibility(rn, re);
|
||||||
|
+ else if (type == ZEBRA_ROUTE_ALL || type == re->type) {
|
||||||
|
SET_FLAG(re->status, ROUTE_ENTRY_CHANGED);
|
||||||
|
re_changed = true;
|
||||||
|
}
|
||||||
|
@@ -4522,20 +4599,24 @@ void rib_update_table(struct route_table *table, enum rib_update_event event,
|
||||||
|
/*
|
||||||
|
* If we are looking at a route node and the node
|
||||||
|
* has already been queued we don't
|
||||||
|
- * need to queue it up again
|
||||||
|
+ * need to queue it up again, unless it is
|
||||||
|
+ * an interface down event as that we need
|
||||||
|
+ * to process this no matter what.
|
||||||
|
*/
|
||||||
|
- if (rn->info
|
||||||
|
- && CHECK_FLAG(rib_dest_from_rnode(rn)->flags,
|
||||||
|
- RIB_ROUTE_ANY_QUEUED))
|
||||||
|
+ if (rn->info &&
|
||||||
|
+ CHECK_FLAG(rib_dest_from_rnode(rn)->flags,
|
||||||
|
+ RIB_ROUTE_ANY_QUEUED) &&
|
||||||
|
+ event != RIB_UPDATE_INTERFACE_DOWN)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
switch (event) {
|
||||||
|
+ case RIB_UPDATE_INTERFACE_DOWN:
|
||||||
|
case RIB_UPDATE_KERNEL:
|
||||||
|
- rib_update_route_node(rn, ZEBRA_ROUTE_KERNEL);
|
||||||
|
+ rib_update_route_node(rn, ZEBRA_ROUTE_KERNEL, event);
|
||||||
|
break;
|
||||||
|
case RIB_UPDATE_RMAP_CHANGE:
|
||||||
|
case RIB_UPDATE_OTHER:
|
||||||
|
- rib_update_route_node(rn, rtype);
|
||||||
|
+ rib_update_route_node(rn, rtype, event);
|
||||||
|
break;
|
||||||
|
case RIB_UPDATE_MAX:
|
||||||
|
break;
|
||||||
|
|
||||||
|
From 9bc0cd8241f39e4fd751edfa52c09fae6db2db1c Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
Date: Wed, 26 Jun 2024 13:21:38 -0400
|
||||||
|
Subject: [PATCH 4/5] zebra: Prevent accidental re memory leak in odd case
|
||||||
|
|
||||||
|
There exists a path in rib_add_multipath where if a decision
|
||||||
|
is made to not use the passed in re, we just drop the memory
|
||||||
|
instead of freeing it. Let's free it.
|
||||||
|
|
||||||
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
---
|
||||||
|
zebra/zebra_rib.c | 4 +++-
|
||||||
|
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c
|
||||||
|
index 2d6c5148833a..b4baee148aef 100644
|
||||||
|
--- a/zebra/zebra_rib.c
|
||||||
|
+++ b/zebra/zebra_rib.c
|
||||||
|
@@ -4375,8 +4375,10 @@ int rib_add_multipath(afi_t afi, safi_t safi, struct prefix *p,
|
||||||
|
return -1;
|
||||||
|
|
||||||
|
/* We either need nexthop(s) or an existing nexthop id */
|
||||||
|
- if (ng == NULL && re->nhe_id == 0)
|
||||||
|
+ if (ng == NULL && re->nhe_id == 0) {
|
||||||
|
+ zebra_rib_route_entry_free(re);
|
||||||
|
return -1;
|
||||||
|
+ }
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Use a temporary nhe to convey info to the common/main api.
|
||||||
|
|
||||||
|
From 37dd51867f2b98f0fb616fc3cf9922240346fd19 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
Date: Thu, 15 Aug 2024 16:02:55 -0400
|
||||||
|
Subject: [PATCH 5/5] tests: Add some tests to show new behavior works as
|
||||||
|
expected
|
||||||
|
|
||||||
|
a) A noprefix address by itself should not create a connected route.
|
||||||
|
This was pre-existing.
|
||||||
|
b) A noprefix address with a corresponding route should result in a
|
||||||
|
connected route. This is how NetworkManager appears to work.
|
||||||
|
This is new behavior, so a new test.
|
||||||
|
c) A route is added to the system from someone else.
|
||||||
|
This is new behavior, so a new test.
|
||||||
|
|
||||||
|
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
||||||
|
---
|
||||||
|
.../r1/ip_route_connected.json | 24 +++++++++++
|
||||||
|
.../r1/ip_route_kernel.json | 24 +++++++++++
|
||||||
|
.../test_zebra_multiple_connected.py | 43 +++++++++++++++++++
|
||||||
|
3 files changed, 91 insertions(+)
|
||||||
|
create mode 100644 tests/topotests/zebra_multiple_connected/r1/ip_route_connected.json
|
||||||
|
create mode 100644 tests/topotests/zebra_multiple_connected/r1/ip_route_kernel.json
|
||||||
|
|
||||||
|
diff --git a/tests/topotests/zebra_multiple_connected/r1/ip_route_connected.json b/tests/topotests/zebra_multiple_connected/r1/ip_route_connected.json
|
||||||
|
new file mode 100644
|
||||||
|
index 000000000000..db03ce84a6a4
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/topotests/zebra_multiple_connected/r1/ip_route_connected.json
|
||||||
|
@@ -0,0 +1,24 @@
|
||||||
|
+{
|
||||||
|
+ "192.168.44.0/24":[
|
||||||
|
+ {
|
||||||
|
+ "prefix":"192.168.44.0/24",
|
||||||
|
+ "prefixLen":24,
|
||||||
|
+ "protocol":"connected",
|
||||||
|
+ "vrfName":"default",
|
||||||
|
+ "selected":true,
|
||||||
|
+ "destSelected":true,
|
||||||
|
+ "distance":0,
|
||||||
|
+ "metric":0,
|
||||||
|
+ "installed":true,
|
||||||
|
+ "table":254,
|
||||||
|
+ "nexthops":[
|
||||||
|
+ {
|
||||||
|
+ "fib":true,
|
||||||
|
+ "directlyConnected":true,
|
||||||
|
+ "interfaceName":"r1-eth1",
|
||||||
|
+ "active":true
|
||||||
|
+ }
|
||||||
|
+ ]
|
||||||
|
+ }
|
||||||
|
+ ]
|
||||||
|
+}
|
||||||
|
diff --git a/tests/topotests/zebra_multiple_connected/r1/ip_route_kernel.json b/tests/topotests/zebra_multiple_connected/r1/ip_route_kernel.json
|
||||||
|
new file mode 100644
|
||||||
|
index 000000000000..22465cb477d3
|
||||||
|
--- /dev/null
|
||||||
|
+++ b/tests/topotests/zebra_multiple_connected/r1/ip_route_kernel.json
|
||||||
|
@@ -0,0 +1,24 @@
|
||||||
|
+{
|
||||||
|
+ "4.5.6.7/32":[
|
||||||
|
+ {
|
||||||
|
+ "prefix":"4.5.6.7/32",
|
||||||
|
+ "prefixLen":32,
|
||||||
|
+ "protocol":"kernel",
|
||||||
|
+ "vrfName":"default",
|
||||||
|
+ "selected":true,
|
||||||
|
+ "destSelected":true,
|
||||||
|
+ "distance":0,
|
||||||
|
+ "metric":0,
|
||||||
|
+ "installed":true,
|
||||||
|
+ "table":254,
|
||||||
|
+ "nexthops":[
|
||||||
|
+ {
|
||||||
|
+ "fib":true,
|
||||||
|
+ "directlyConnected":true,
|
||||||
|
+ "interfaceName":"r1-eth1",
|
||||||
|
+ "active":true
|
||||||
|
+ }
|
||||||
|
+ ]
|
||||||
|
+ }
|
||||||
|
+ ]
|
||||||
|
+}
|
||||||
|
diff --git a/tests/topotests/zebra_multiple_connected/test_zebra_multiple_connected.py b/tests/topotests/zebra_multiple_connected/test_zebra_multiple_connected.py
|
||||||
|
index dc47527c74c2..7dbeb6f1ccb3 100644
|
||||||
|
--- a/tests/topotests/zebra_multiple_connected/test_zebra_multiple_connected.py
|
||||||
|
+++ b/tests/topotests/zebra_multiple_connected/test_zebra_multiple_connected.py
|
||||||
|
@@ -19,6 +19,9 @@
|
||||||
|
import pytest
|
||||||
|
import json
|
||||||
|
from functools import partial
|
||||||
|
+from lib.topolog import logger
|
||||||
|
+
|
||||||
|
+pytestmark = pytest.mark.random_order(disabled=True)
|
||||||
|
|
||||||
|
# Save the Current Working Directory to find configuration files.
|
||||||
|
CWD = os.path.dirname(os.path.realpath(__file__))
|
||||||
|
@@ -159,6 +162,46 @@ def test_zebra_noprefix_connected():
|
||||||
|
assert result, "Connected Route should not have been added"
|
||||||
|
|
||||||
|
|
||||||
|
+def test_zebra_noprefix_connected_add():
|
||||||
|
+ "Test that a noprefixroute created with a manual route works as expected, this is for NetworkManager"
|
||||||
|
+
|
||||||
|
+ tgen = get_topogen()
|
||||||
|
+ if tgen.routers_have_failure():
|
||||||
|
+ pytest.skip(tgen.errors)
|
||||||
|
+
|
||||||
|
+ router = tgen.gears["r1"]
|
||||||
|
+ router.run("ip route add 192.168.44.0/24 dev r1-eth1")
|
||||||
|
+
|
||||||
|
+ connected = "{}/{}/ip_route_connected.json".format(CWD, router.name)
|
||||||
|
+ expected = json.loads(open(connected).read())
|
||||||
|
+
|
||||||
|
+ test_func = partial(
|
||||||
|
+ topotest.router_json_cmp, router, "show ip route 192.168.44.0/24 json", expected
|
||||||
|
+ )
|
||||||
|
+ result, _ = topotest.run_and_expect(test_func, None, count=20, wait=1)
|
||||||
|
+ assert result, "Connected Route should have been added\n{}".format(_)
|
||||||
|
+
|
||||||
|
+
|
||||||
|
+def test_zebra_kernel_route_add():
|
||||||
|
+ "Test that a random kernel route is properly handled as expected"
|
||||||
|
+
|
||||||
|
+ tgen = get_topogen()
|
||||||
|
+ if tgen.routers_have_failure():
|
||||||
|
+ pytest.skip(tgen.errors)
|
||||||
|
+
|
||||||
|
+ router = tgen.gears["r1"]
|
||||||
|
+ router.run("ip route add 4.5.6.7/32 dev r1-eth1")
|
||||||
|
+
|
||||||
|
+ kernel = "{}/{}/ip_route_kernel.json".format(CWD, router.name)
|
||||||
|
+ expected = json.loads(open(kernel).read())
|
||||||
|
+
|
||||||
|
+ test_func = partial(
|
||||||
|
+ topotest.router_json_cmp, router, "show ip route 4.5.6.7/32 json", expected
|
||||||
|
+ )
|
||||||
|
+ result, _ = topotest.run_and_expect(test_func, None, count=20, wait=1)
|
||||||
|
+ assert result, "Connected Route should have been added\n{}".format(_)
|
||||||
|
+
|
||||||
|
+
|
||||||
|
if __name__ == "__main__":
|
||||||
|
args = ["-s"] + sys.argv[1:]
|
||||||
|
sys.exit(pytest.main(args))
|
@ -0,0 +1,48 @@
|
|||||||
|
From 0998b38e4d61179441f90dd7e7fd6a3a8b7bd8c5 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Donatas Abraitis <donatas@opensourcerouting.org>
|
||||||
|
Date: Wed, 31 Jul 2024 08:35:14 +0300
|
||||||
|
Subject: [PATCH] bgpd: Check the actual remaining stream length before taking
|
||||||
|
TLV value
|
||||||
|
|
||||||
|
```
|
||||||
|
0 0xb50b9f898028 in __sanitizer_print_stack_trace (/home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/.libs/bgpd+0x368028) (BuildId: 3292703ed7958b20076550c967f879db8dc27ca7)
|
||||||
|
1 0xb50b9f7ed8e4 in fuzzer::PrintStackTrace() (/home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/.libs/bgpd+0x2bd8e4) (BuildId: 3292703ed7958b20076550c967f879db8dc27ca7)
|
||||||
|
2 0xb50b9f7d4d9c in fuzzer::Fuzzer::CrashCallback() (/home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/.libs/bgpd+0x2a4d9c) (BuildId: 3292703ed7958b20076550c967f879db8dc27ca7)
|
||||||
|
3 0xe0d12d7469cc (linux-vdso.so.1+0x9cc) (BuildId: 1a77697e9d723fe22246cfd7641b140c427b7e11)
|
||||||
|
4 0xe0d12c88f1fc in __pthread_kill_implementation nptl/pthread_kill.c:43:17
|
||||||
|
5 0xe0d12c84a678 in gsignal signal/../sysdeps/posix/raise.c:26:13
|
||||||
|
6 0xe0d12c83712c in abort stdlib/abort.c:79:7
|
||||||
|
7 0xe0d12d214724 in _zlog_assert_failed /home/ubuntu/frr-public/frr_public_private-libfuzzer/lib/zlog.c:789:2
|
||||||
|
8 0xe0d12d1285e4 in stream_get /home/ubuntu/frr-public/frr_public_private-libfuzzer/lib/stream.c:324:3
|
||||||
|
9 0xb50b9f8e47c4 in bgp_attr_encap /home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/bgp_attr.c:2758:3
|
||||||
|
10 0xb50b9f8dcd38 in bgp_attr_parse /home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/bgp_attr.c:3783:10
|
||||||
|
11 0xb50b9faf74b4 in bgp_update_receive /home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/bgp_packet.c:2383:20
|
||||||
|
12 0xb50b9faf1dcc in bgp_process_packet /home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/bgp_packet.c:4075:11
|
||||||
|
13 0xb50b9f8c90d0 in LLVMFuzzerTestOneInput /home/ubuntu/frr-public/frr_public_private-libfuzzer/bgpd/bgp_main.c:582:3
|
||||||
|
```
|
||||||
|
|
||||||
|
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
|
||||||
|
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
||||||
|
---
|
||||||
|
bgpd/bgp_attr.c | 8 ++++++++
|
||||||
|
1 file changed, 8 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
|
||||||
|
index 2ed49935e52b..ac5d08b6fe6e 100644
|
||||||
|
--- a/bgpd/bgp_attr.c
|
||||||
|
+++ b/bgpd/bgp_attr.c
|
||||||
|
@@ -2749,6 +2749,14 @@ static int bgp_attr_encap(struct bgp_attr_parser_args *args)
|
||||||
|
args->total);
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (STREAM_READABLE(BGP_INPUT(peer)) < sublength) {
|
||||||
|
+ zlog_err("Tunnel Encap attribute sub-tlv length %d exceeds remaining stream length %zu",
|
||||||
|
+ sublength, STREAM_READABLE(BGP_INPUT(peer)));
|
||||||
|
+ return bgp_attr_malformed(args,
|
||||||
|
+ BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
||||||
|
+ args->total);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
/* alloc and copy sub-tlv */
|
||||||
|
/* TBD make sure these are freed when attributes are released */
|
||||||
|
tlv = XCALLOC(MTYPE_ENCAP_TLV,
|
@ -1,32 +0,0 @@
|
|||||||
From ff6db1027f8f36df657ff2e5ea167773752537ed Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Thu, 21 Jul 2022 08:11:58 -0400
|
|
||||||
Subject: [PATCH] bgpd: Make sure hdr length is at a minimum of what is
|
|
||||||
expected
|
|
||||||
|
|
||||||
Ensure that if the capability length specified is enough data.
|
|
||||||
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_packet.c | 8 ++++++++
|
|
||||||
1 file changed, 8 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
|
|
||||||
index dbf6c0b2e99..45752a8ab6d 100644
|
|
||||||
--- a/bgpd/bgp_packet.c
|
|
||||||
+++ b/bgpd/bgp_packet.c
|
|
||||||
@@ -2620,6 +2620,14 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt,
|
|
||||||
"%s CAPABILITY has action: %d, code: %u, length %u",
|
|
||||||
peer->host, action, hdr->code, hdr->length);
|
|
||||||
|
|
||||||
+ if (hdr->length < sizeof(struct capability_mp_data)) {
|
|
||||||
+ zlog_info(
|
|
||||||
+ "%pBP Capability structure is not properly filled out, expected at least %zu bytes but header length specified is %d",
|
|
||||||
+ peer, sizeof(struct capability_mp_data),
|
|
||||||
+ hdr->length);
|
|
||||||
+ return BGP_Stop;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
/* Capability length check. */
|
|
||||||
if ((pnt + hdr->length + 3) > end) {
|
|
||||||
zlog_info("%s Capability length error", peer->host);
|
|
@ -1,67 +0,0 @@
|
|||||||
From 1d42fb941af17a29346b2af03338f8e18470f009 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Michal Ruprich <michalruprich@gmail.com>
|
|
||||||
Date: Tue, 22 Nov 2022 12:38:05 +0100
|
|
||||||
Subject: [PATCH] tools: Enable start of FRR for non-root user
|
|
||||||
|
|
||||||
There might be use cases when this would make sense, for example
|
|
||||||
running FRR in a container as a designated user.
|
|
||||||
|
|
||||||
Signed-off-by: Michal Ruprich <mruprich@redhat.com>
|
|
||||||
---
|
|
||||||
tools/etc/frr/daemons | 5 +++++
|
|
||||||
tools/frrcommon.sh.in | 4 ++++
|
|
||||||
2 files changed, 9 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/tools/etc/frr/daemons b/tools/etc/frr/daemons
|
|
||||||
index 8aa08871e35..2427bfff777 100644
|
|
||||||
--- a/tools/etc/frr/daemons
|
|
||||||
+++ b/tools/etc/frr/daemons
|
|
||||||
@@ -91,6 +91,12 @@ pathd_options=" -A 127.0.0.1"
|
|
||||||
# say BGP.
|
|
||||||
#MAX_FDS=1024
|
|
||||||
|
|
||||||
+# Uncomment this option if you want to run FRR as a non-root user. Note that
|
|
||||||
+# you should know what you are doing since most of the daemons need root
|
|
||||||
+# to work. This could be useful if you want to run FRR in a container
|
|
||||||
+# for instance.
|
|
||||||
+# FRR_NO_ROOT="yes"
|
|
||||||
+
|
|
||||||
# The list of daemons to watch is automatically generated by the init script.
|
|
||||||
#watchfrr_options=""
|
|
||||||
|
|
||||||
diff --git a/tools/frrcommon.sh.in b/tools/frrcommon.sh.in
|
|
||||||
index 3c16c27c6df..4f095a176e4 100755
|
|
||||||
--- a/tools/frrcommon.sh.in
|
|
||||||
+++ b/tools/frrcommon.sh.in
|
|
||||||
@@ -43,6 +43,10 @@ RELOAD_SCRIPT="$D_PATH/frr-reload.py"
|
|
||||||
#
|
|
||||||
|
|
||||||
is_user_root () {
|
|
||||||
+ if [[ ! -z $FRR_NO_ROOT && "${FRR_NO_ROOT}" == "yes" ]]; then
|
|
||||||
+ return 0
|
|
||||||
+ fi
|
|
||||||
+
|
|
||||||
[ "${EUID:-$(id -u)}" -eq 0 ] || {
|
|
||||||
log_failure_msg "Only users having EUID=0 can start/stop daemons"
|
|
||||||
return 1
|
|
||||||
diff --git a/doc/user/setup.rst b/doc/user/setup.rst
|
|
||||||
index 25934df..51ffd32 100644
|
|
||||||
--- a/doc/user/setup.rst
|
|
||||||
+++ b/doc/user/setup.rst
|
|
||||||
@@ -114,6 +114,16 @@ most operating systems is 1024. If the operator plans to run bgp with
|
|
||||||
several thousands of peers than this is where we would modify FRR to
|
|
||||||
allow this to happen.
|
|
||||||
|
|
||||||
+::
|
|
||||||
+
|
|
||||||
+ FRR_NO_ROOT="yes"
|
|
||||||
+
|
|
||||||
+This option allows you to run FRR as a non-root user. Use this option
|
|
||||||
+only when you know what you are doing since most of the daemons
|
|
||||||
+in FRR will not be able to run under a regular user. This option
|
|
||||||
+is useful for example when you run FRR in a container with a designated
|
|
||||||
+user instead of root.
|
|
||||||
+
|
|
||||||
::
|
|
||||||
|
|
||||||
zebra_options=" -s 90000000 --daemon -A 127.0.0.1"
|
|
@ -1,59 +0,0 @@
|
|||||||
From 3e46b43e3788f0f87bae56a86b54d412b4710286 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Fri, 30 Sep 2022 08:51:45 -0400
|
|
||||||
Subject: [PATCH] bgpd: Ensure FRR has enough data to read 2 bytes in
|
|
||||||
peek_for_as4_capability
|
|
||||||
|
|
||||||
In peek_for_as4_capability the code is checking that the
|
|
||||||
stream has at least 2 bytes to read ( the opt_type and the
|
|
||||||
opt_length ). However if BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)
|
|
||||||
is configured then FRR is reading 3 bytes. Which is not good
|
|
||||||
since the packet could be badly formated. Ensure that
|
|
||||||
FRR has the appropriate data length to read the data.
|
|
||||||
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_open.c | 27 +++++++++++++++++++++------
|
|
||||||
1 file changed, 21 insertions(+), 6 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
|
|
||||||
index 7248f034a5a..a760a7ca013 100644
|
|
||||||
--- a/bgpd/bgp_open.c
|
|
||||||
+++ b/bgpd/bgp_open.c
|
|
||||||
@@ -1185,15 +1185,30 @@ as_t peek_for_as4_capability(struct peer *peer, uint16_t length)
|
|
||||||
uint8_t opt_type;
|
|
||||||
uint16_t opt_length;
|
|
||||||
|
|
||||||
- /* Check the length. */
|
|
||||||
- if (stream_get_getp(s) + 2 > end)
|
|
||||||
+ /* Ensure we can read the option type */
|
|
||||||
+ if (stream_get_getp(s) + 1 > end)
|
|
||||||
goto end;
|
|
||||||
|
|
||||||
- /* Fetch option type and length. */
|
|
||||||
+ /* Fetch the option type */
|
|
||||||
opt_type = stream_getc(s);
|
|
||||||
- opt_length = BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)
|
|
||||||
- ? stream_getw(s)
|
|
||||||
- : stream_getc(s);
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * Check the length and fetch the opt_length
|
|
||||||
+ * If the peer is BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)
|
|
||||||
+ * then we do a getw which is 2 bytes. So we need to
|
|
||||||
+ * ensure that we can read that as well
|
|
||||||
+ */
|
|
||||||
+ if (BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)) {
|
|
||||||
+ if (stream_get_getp(s) + 2 > end)
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ opt_length = stream_getw(s);
|
|
||||||
+ } else {
|
|
||||||
+ if (stream_get_getp(s) + 1 > end)
|
|
||||||
+ goto end;
|
|
||||||
+
|
|
||||||
+ opt_length = stream_getc(s);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* Option length check. */
|
|
||||||
if (stream_get_getp(s) + opt_length > end)
|
|
@ -1,47 +0,0 @@
|
|||||||
From 766eec1b7accffe2c04a5c9ebb14e9f487bb9f78 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Wed, 2 Nov 2022 13:24:48 -0400
|
|
||||||
Subject: [PATCH] bgpd: Ensure that bgp open message stream has enough data to
|
|
||||||
read
|
|
||||||
|
|
||||||
If a operator receives an invalid packet that is of insufficient size
|
|
||||||
then it is possible for BGP to assert during reading of the packet
|
|
||||||
instead of gracefully resetting the connection with the peer.
|
|
||||||
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_packet.c | 19 +++++++++++++++++++
|
|
||||||
1 file changed, 19 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
|
|
||||||
index 769f9613da8..72d6a923175 100644
|
|
||||||
--- a/bgpd/bgp_packet.c
|
|
||||||
+++ b/bgpd/bgp_packet.c
|
|
||||||
@@ -1386,8 +1386,27 @@ static int bgp_open_receive(struct peer *peer, bgp_size_t size)
|
|
||||||
|| CHECK_FLAG(peer->flags, PEER_FLAG_EXTENDED_OPT_PARAMS)) {
|
|
||||||
uint8_t opttype;
|
|
||||||
|
|
||||||
+ if (STREAM_READABLE(peer->curr) < 1) {
|
|
||||||
+ flog_err(
|
|
||||||
+ EC_BGP_PKT_OPEN,
|
|
||||||
+ "%s: stream does not have enough bytes for extended optional parameters",
|
|
||||||
+ peer->host);
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
|
|
||||||
+ BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
||||||
+ return BGP_Stop;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
opttype = stream_getc(peer->curr);
|
|
||||||
if (opttype == BGP_OPEN_NON_EXT_OPT_TYPE_EXTENDED_LENGTH) {
|
|
||||||
+ if (STREAM_READABLE(peer->curr) < 2) {
|
|
||||||
+ flog_err(
|
|
||||||
+ EC_BGP_PKT_OPEN,
|
|
||||||
+ "%s: stream does not have enough bytes to read the extended optional parameters optlen",
|
|
||||||
+ peer->host);
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
|
|
||||||
+ BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
||||||
+ return BGP_Stop;
|
|
||||||
+ }
|
|
||||||
optlen = stream_getw(peer->curr);
|
|
||||||
SET_FLAG(peer->sflags,
|
|
||||||
PEER_STATUS_EXT_OPT_PARAMS_LENGTH);
|
|
@ -1,70 +0,0 @@
|
|||||||
From 1117baca3c592877a4d8a13ed6a1d9bd83977487 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Fri, 30 Sep 2022 08:57:43 -0400
|
|
||||||
Subject: [PATCH] bgpd: Ensure FRR has enough data to read 2 bytes in
|
|
||||||
bgp_open_option_parse
|
|
||||||
|
|
||||||
In bgp_open_option_parse the code is checking that the
|
|
||||||
stream has at least 2 bytes to read ( the opt_type and
|
|
||||||
the opt_length). However if BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)
|
|
||||||
is configured then FRR is reading 3 bytes. Which is not good
|
|
||||||
since the packet could be badly formateed. Ensure that
|
|
||||||
FRR has the appropriate data length to read the data.
|
|
||||||
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_open.c | 35 ++++++++++++++++++++++++++++-------
|
|
||||||
1 file changed, 28 insertions(+), 7 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_open.c b/bgpd/bgp_open.c
|
|
||||||
index a760a7ca013..d1667fac261 100644
|
|
||||||
--- a/bgpd/bgp_open.c
|
|
||||||
+++ b/bgpd/bgp_open.c
|
|
||||||
@@ -1278,19 +1278,40 @@ int bgp_open_option_parse(struct peer *peer, uint16_t length,
|
|
||||||
uint8_t opt_type;
|
|
||||||
uint16_t opt_length;
|
|
||||||
|
|
||||||
- /* Must have at least an OPEN option header */
|
|
||||||
- if (STREAM_READABLE(s) < 2) {
|
|
||||||
+ /*
|
|
||||||
+ * Check that we can read the opt_type and fetch it
|
|
||||||
+ */
|
|
||||||
+ if (STREAM_READABLE(s) < 1) {
|
|
||||||
zlog_info("%s Option length error", peer->host);
|
|
||||||
bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
|
|
||||||
BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
-
|
|
||||||
- /* Fetch option type and length. */
|
|
||||||
opt_type = stream_getc(s);
|
|
||||||
- opt_length = BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)
|
|
||||||
- ? stream_getw(s)
|
|
||||||
- : stream_getc(s);
|
|
||||||
+
|
|
||||||
+ /*
|
|
||||||
+ * Check the length of the stream to ensure that
|
|
||||||
+ * FRR can properly read the opt_length. Then read it
|
|
||||||
+ */
|
|
||||||
+ if (BGP_OPEN_EXT_OPT_PARAMS_CAPABLE(peer)) {
|
|
||||||
+ if (STREAM_READABLE(s) < 2) {
|
|
||||||
+ zlog_info("%s Option length error", peer->host);
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
|
|
||||||
+ BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ opt_length = stream_getw(s);
|
|
||||||
+ } else {
|
|
||||||
+ if (STREAM_READABLE(s) < 1) {
|
|
||||||
+ zlog_info("%s Option length error", peer->host);
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_OPEN_ERR,
|
|
||||||
+ BGP_NOTIFY_OPEN_MALFORMED_ATTR);
|
|
||||||
+ return -1;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
+ opt_length = stream_getc(s);
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* Option length check. */
|
|
||||||
if (STREAM_READABLE(s) < opt_length) {
|
|
@ -1,255 +0,0 @@
|
|||||||
From edc3f63167fd95e4e70287743c9b252415c9336e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Philippe Guibert <philippe.guibert@6wind.com>
|
|
||||||
Date: Thu, 7 Jul 2022 14:33:48 +0200
|
|
||||||
Subject: [PATCH] bfdd: allow l3vrf bfd sessions without udp leaking
|
|
||||||
|
|
||||||
Until now, when in vrf-lite mode, the BFD implementation
|
|
||||||
creates a single UDP socket and relies on the following
|
|
||||||
sysctl value to 1:
|
|
||||||
|
|
||||||
echo 1 > /proc/sys/net/ipv4/udp_l3mdev_accept
|
|
||||||
|
|
||||||
With this setting, the incoming BFD packets from a given
|
|
||||||
vrf, would leak to the default vrf, and would match the
|
|
||||||
UDP socket.
|
|
||||||
|
|
||||||
The drawback of this solution is that udp packets received
|
|
||||||
on a given vrf may leak to an other vrf. This may be a
|
|
||||||
security concern.
|
|
||||||
|
|
||||||
The commit addresses this issue by avoiding this leak
|
|
||||||
mechanism. An UDP socket is created for each vrf, and each
|
|
||||||
socket uses new setsockopt option: SO_REUSEADDR + SO_REUSEPORT.
|
|
||||||
|
|
||||||
With this option, the incoming UDP packets are distributed on
|
|
||||||
the available sockets. The impact of those options with l3mdev
|
|
||||||
devices is unknown. It has been observed that this option is not
|
|
||||||
needed, until the default vrf sockets are created.
|
|
||||||
|
|
||||||
To ensure the BFD packets are correctly routed to the appropriate
|
|
||||||
socket, a BPF filter has been put in place and attached to the
|
|
||||||
sockets : SO_ATTACH_REUSEPORT_CBPF. This option adds a criterium
|
|
||||||
to force the packet to choose a given socket. If initial criteria
|
|
||||||
from the default distribution algorithm were not good, at least
|
|
||||||
two sockets would be available, and the CBPF would force the
|
|
||||||
selection to the same socket. This would come to the situation
|
|
||||||
where an incoming packet would be processed on a different vrf.
|
|
||||||
|
|
||||||
The bpf code is the following one:
|
|
||||||
|
|
||||||
struct sock_filter code[] = {
|
|
||||||
{ BPF_RET | BPF_K, 0, 0, 0 },
|
|
||||||
};
|
|
||||||
|
|
||||||
struct sock_fprog p = {
|
|
||||||
.len = sizeof(code)/sizeof(struct sock_filter),
|
|
||||||
.filter = code,
|
|
||||||
};
|
|
||||||
|
|
||||||
if (setsockopt(sd, SOL_SOCKET, SO_ATTACH_REUSEPORT_CBPF, &p, sizeof(p))) {
|
|
||||||
zlog_warn("unable to set SO_ATTACH_REUSEPORT_CBPF on socket: %s",
|
|
||||||
strerror(errno));
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
Some tests have been done with by creating vrf contexts, and by using
|
|
||||||
the below vtysh configuration:
|
|
||||||
|
|
||||||
ip route 2.2.2.2/32 10.126.0.2
|
|
||||||
vrf vrf2
|
|
||||||
ip route 2.2.2.2/32 10.126.0.2
|
|
||||||
!
|
|
||||||
interface ntfp2
|
|
||||||
ip address 10.126.0.1/24
|
|
||||||
!
|
|
||||||
interface ntfp3 vrf vrf4
|
|
||||||
ip address 10.126.0.1/24
|
|
||||||
!
|
|
||||||
interface ntfp2 vrf vrf1
|
|
||||||
ip address 10.126.0.1/24
|
|
||||||
!
|
|
||||||
interface ntfp2.100 vrf vrf2
|
|
||||||
ip address 10.126.0.1/24
|
|
||||||
!
|
|
||||||
interface ntfp2.200 vrf vrf3
|
|
||||||
ip address 10.126.0.1/24
|
|
||||||
!
|
|
||||||
line vty
|
|
||||||
!
|
|
||||||
bfd
|
|
||||||
peer 10.126.0.2 vrf vrf2
|
|
||||||
!
|
|
||||||
peer 10.126.0.2 vrf vrf3
|
|
||||||
!
|
|
||||||
peer 10.126.0.2
|
|
||||||
!
|
|
||||||
peer 10.126.0.2 vrf vrf4
|
|
||||||
!
|
|
||||||
peer 2.2.2.2 multihop local-address 1.1.1.1
|
|
||||||
!
|
|
||||||
peer 2.2.2.2 multihop local-address 1.1.1.1 vrf vrf2
|
|
||||||
transmit-interval 1500
|
|
||||||
receive-interval 1500
|
|
||||||
!
|
|
||||||
|
|
||||||
The results showed no issue related to packets received by
|
|
||||||
the wrong vrf. Even changing the udp_l3mdev_accept flag to
|
|
||||||
1 did not change the test results.
|
|
||||||
|
|
||||||
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
|
|
||||||
---
|
|
||||||
bfdd/bfd.c | 66 +++++++++++++++++++++++------------------------
|
|
||||||
bfdd/bfd_packet.c | 45 ++++++++++++++++++++++++++++++++
|
|
||||||
2 files changed, 77 insertions(+), 34 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bfdd/bfd.c b/bfdd/bfd.c
|
|
||||||
index 483beb1b17c..a1619263588 100644
|
|
||||||
--- a/bfdd/bfd.c
|
|
||||||
+++ b/bfdd/bfd.c
|
|
||||||
@@ -1950,40 +1950,38 @@ static int bfd_vrf_enable(struct vrf *vrf)
|
|
||||||
if (bglobal.debug_zebra)
|
|
||||||
zlog_debug("VRF enable add %s id %u", vrf->name, vrf->vrf_id);
|
|
||||||
|
|
||||||
- if (vrf->vrf_id == VRF_DEFAULT ||
|
|
||||||
- vrf_get_backend() == VRF_BACKEND_NETNS) {
|
|
||||||
- if (!bvrf->bg_shop)
|
|
||||||
- bvrf->bg_shop = bp_udp_shop(vrf);
|
|
||||||
- if (!bvrf->bg_mhop)
|
|
||||||
- bvrf->bg_mhop = bp_udp_mhop(vrf);
|
|
||||||
- if (!bvrf->bg_shop6)
|
|
||||||
- bvrf->bg_shop6 = bp_udp6_shop(vrf);
|
|
||||||
- if (!bvrf->bg_mhop6)
|
|
||||||
- bvrf->bg_mhop6 = bp_udp6_mhop(vrf);
|
|
||||||
- if (!bvrf->bg_echo)
|
|
||||||
- bvrf->bg_echo = bp_echo_socket(vrf);
|
|
||||||
- if (!bvrf->bg_echov6)
|
|
||||||
- bvrf->bg_echov6 = bp_echov6_socket(vrf);
|
|
||||||
-
|
|
||||||
- if (!bvrf->bg_ev[0] && bvrf->bg_shop != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_shop, &bvrf->bg_ev[0]);
|
|
||||||
- if (!bvrf->bg_ev[1] && bvrf->bg_mhop != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_mhop, &bvrf->bg_ev[1]);
|
|
||||||
- if (!bvrf->bg_ev[2] && bvrf->bg_shop6 != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_shop6, &bvrf->bg_ev[2]);
|
|
||||||
- if (!bvrf->bg_ev[3] && bvrf->bg_mhop6 != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_mhop6, &bvrf->bg_ev[3]);
|
|
||||||
- if (!bvrf->bg_ev[4] && bvrf->bg_echo != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_echo, &bvrf->bg_ev[4]);
|
|
||||||
- if (!bvrf->bg_ev[5] && bvrf->bg_echov6 != -1)
|
|
||||||
- thread_add_read(master, bfd_recv_cb, bvrf,
|
|
||||||
- bvrf->bg_echov6, &bvrf->bg_ev[5]);
|
|
||||||
- }
|
|
||||||
+ if (!bvrf->bg_shop)
|
|
||||||
+ bvrf->bg_shop = bp_udp_shop(vrf);
|
|
||||||
+ if (!bvrf->bg_mhop)
|
|
||||||
+ bvrf->bg_mhop = bp_udp_mhop(vrf);
|
|
||||||
+ if (!bvrf->bg_shop6)
|
|
||||||
+ bvrf->bg_shop6 = bp_udp6_shop(vrf);
|
|
||||||
+ if (!bvrf->bg_mhop6)
|
|
||||||
+ bvrf->bg_mhop6 = bp_udp6_mhop(vrf);
|
|
||||||
+ if (!bvrf->bg_echo)
|
|
||||||
+ bvrf->bg_echo = bp_echo_socket(vrf);
|
|
||||||
+ if (!bvrf->bg_echov6)
|
|
||||||
+ bvrf->bg_echov6 = bp_echov6_socket(vrf);
|
|
||||||
+
|
|
||||||
+ if (!bvrf->bg_ev[0] && bvrf->bg_shop != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_shop,
|
|
||||||
+ &bvrf->bg_ev[0]);
|
|
||||||
+ if (!bvrf->bg_ev[1] && bvrf->bg_mhop != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_mhop,
|
|
||||||
+ &bvrf->bg_ev[1]);
|
|
||||||
+ if (!bvrf->bg_ev[2] && bvrf->bg_shop6 != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_shop6,
|
|
||||||
+ &bvrf->bg_ev[2]);
|
|
||||||
+ if (!bvrf->bg_ev[3] && bvrf->bg_mhop6 != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_mhop6,
|
|
||||||
+ &bvrf->bg_ev[3]);
|
|
||||||
+ if (!bvrf->bg_ev[4] && bvrf->bg_echo != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_echo,
|
|
||||||
+ &bvrf->bg_ev[4]);
|
|
||||||
+ if (!bvrf->bg_ev[5] && bvrf->bg_echov6 != -1)
|
|
||||||
+ thread_add_read(master, bfd_recv_cb, bvrf, bvrf->bg_echov6,
|
|
||||||
+ &bvrf->bg_ev[5]);
|
|
||||||
+
|
|
||||||
if (vrf->vrf_id != VRF_DEFAULT) {
|
|
||||||
bfdd_zclient_register(vrf->vrf_id);
|
|
||||||
bfdd_sessions_enable_vrf(vrf);
|
|
||||||
diff --git a/bfdd/bfd_packet.c b/bfdd/bfd_packet.c
|
|
||||||
index d34d6427628..054a9bfbf21 100644
|
|
||||||
--- a/bfdd/bfd_packet.c
|
|
||||||
+++ b/bfdd/bfd_packet.c
|
|
||||||
@@ -876,6 +876,14 @@ void bfd_recv_cb(struct thread *t)
|
|
||||||
"no session found");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
+ /*
|
|
||||||
+ * We may have a situation where received packet is on wrong vrf
|
|
||||||
+ */
|
|
||||||
+ if (bfd && bfd->vrf && bfd->vrf != bvrf->vrf) {
|
|
||||||
+ cp_debug(is_mhop, &peer, &local, ifindex, vrfid,
|
|
||||||
+ "wrong vrfid.");
|
|
||||||
+ return;
|
|
||||||
+ }
|
|
||||||
|
|
||||||
/* Ensure that existing good sessions are not overridden. */
|
|
||||||
if (!cp->discrs.remote_discr && bfd->ses_state != PTM_BFD_DOWN &&
|
|
||||||
@@ -1208,10 +1216,41 @@ int bp_set_tos(int sd, uint8_t value)
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static bool bp_set_reuse_addr(int sd)
|
|
||||||
+{
|
|
||||||
+ int one = 1;
|
|
||||||
+
|
|
||||||
+ if (setsockopt(sd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one)) == -1) {
|
|
||||||
+ zlog_warn("set-reuse-addr: setsockopt(SO_REUSEADDR, %d): %s",
|
|
||||||
+ one, strerror(errno));
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+ return true;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+static bool bp_set_reuse_port(int sd)
|
|
||||||
+{
|
|
||||||
+ int one = 1;
|
|
||||||
+
|
|
||||||
+ if (setsockopt(sd, SOL_SOCKET, SO_REUSEPORT, &one, sizeof(one)) == -1) {
|
|
||||||
+ zlog_warn("set-reuse-port: setsockopt(SO_REUSEPORT, %d): %s",
|
|
||||||
+ one, strerror(errno));
|
|
||||||
+ return false;
|
|
||||||
+ }
|
|
||||||
+ return true;
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
+
|
|
||||||
static void bp_set_ipopts(int sd)
|
|
||||||
{
|
|
||||||
int rcvttl = BFD_RCV_TTL_VAL;
|
|
||||||
|
|
||||||
+ if (!bp_set_reuse_addr(sd))
|
|
||||||
+ zlog_fatal("set-reuse-addr: failed");
|
|
||||||
+
|
|
||||||
+ if (!bp_set_reuse_port(sd))
|
|
||||||
+ zlog_fatal("set-reuse-port: failed");
|
|
||||||
+
|
|
||||||
if (bp_set_ttl(sd, BFD_TTL_VAL) != 0)
|
|
||||||
zlog_fatal("set-ipopts: TTL configuration failed");
|
|
||||||
|
|
||||||
@@ -1453,6 +1492,12 @@ static void bp_set_ipv6opts(int sd)
|
|
||||||
int ipv6_pktinfo = BFD_IPV6_PKT_INFO_VAL;
|
|
||||||
int ipv6_only = BFD_IPV6_ONLY_VAL;
|
|
||||||
|
|
||||||
+ if (!bp_set_reuse_addr(sd))
|
|
||||||
+ zlog_fatal("set-reuse-addr: failed");
|
|
||||||
+
|
|
||||||
+ if (!bp_set_reuse_port(sd))
|
|
||||||
+ zlog_fatal("set-reuse-port: failed");
|
|
||||||
+
|
|
||||||
if (bp_set_ttlv6(sd, BFD_TTL_VAL) == -1)
|
|
||||||
zlog_fatal(
|
|
||||||
"set-ipv6opts: setsockopt(IPV6_UNICAST_HOPS, %d): %s",
|
|
@ -1,129 +0,0 @@
|
|||||||
From 46817adab03802355c3cce7b753c7a735bdcc5ae Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
Date: Thu, 13 Jul 2023 22:32:03 +0300
|
|
||||||
Subject: [PATCH] bgpd: Use treat-as-withdraw for tunnel encapsulation
|
|
||||||
attribute
|
|
||||||
|
|
||||||
Before this path we used session reset method, which is discouraged by rfc7606.
|
|
||||||
|
|
||||||
Handle this as rfc requires.
|
|
||||||
|
|
||||||
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
(cherry picked from commit bcb6b58d9530173df41d3a3cbc4c600ee0b4b186)
|
|
||||||
---
|
|
||||||
bgpd/bgp_attr.c | 61 ++++++++++++++++++++-----------------------------
|
|
||||||
1 file changed, 25 insertions(+), 36 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
|
|
||||||
index 058fae23cbd..1c0803cfd8e 100644
|
|
||||||
--- a/bgpd/bgp_attr.c
|
|
||||||
+++ b/bgpd/bgp_attr.c
|
|
||||||
@@ -1301,6 +1301,7 @@ bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode,
|
|
||||||
case BGP_ATTR_LARGE_COMMUNITIES:
|
|
||||||
case BGP_ATTR_ORIGINATOR_ID:
|
|
||||||
case BGP_ATTR_CLUSTER_LIST:
|
|
||||||
+ case BGP_ATTR_ENCAP:
|
|
||||||
return BGP_ATTR_PARSE_WITHDRAW;
|
|
||||||
case BGP_ATTR_MP_REACH_NLRI:
|
|
||||||
case BGP_ATTR_MP_UNREACH_NLRI:
|
|
||||||
@@ -2434,26 +2435,21 @@ bgp_attr_ipv6_ext_communities(struct bgp_attr_parser_args *args)
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Parse Tunnel Encap attribute in an UPDATE */
|
|
||||||
-static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
|
|
||||||
- bgp_size_t length, /* IN: attr's length field */
|
|
||||||
- struct attr *attr, /* IN: caller already allocated */
|
|
||||||
- uint8_t flag, /* IN: attr's flags field */
|
|
||||||
- uint8_t *startp)
|
|
||||||
+static int bgp_attr_encap(struct bgp_attr_parser_args *args)
|
|
||||||
{
|
|
||||||
- bgp_size_t total;
|
|
||||||
uint16_t tunneltype = 0;
|
|
||||||
-
|
|
||||||
- total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3);
|
|
||||||
+ struct peer *const peer = args->peer;
|
|
||||||
+ struct attr *const attr = args->attr;
|
|
||||||
+ bgp_size_t length = args->length;
|
|
||||||
+ uint8_t type = args->type;
|
|
||||||
+ uint8_t flag = args->flags;
|
|
||||||
|
|
||||||
if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS)
|
|
||||||
|| !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) {
|
|
||||||
- zlog_info(
|
|
||||||
- "Tunnel Encap attribute flag isn't optional and transitive %d",
|
|
||||||
- flag);
|
|
||||||
- bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
|
|
||||||
- BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR,
|
|
||||||
- startp, total);
|
|
||||||
- return -1;
|
|
||||||
+ zlog_err("Tunnel Encap attribute flag isn't optional and transitive %d",
|
|
||||||
+ flag);
|
|
||||||
+ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
|
||||||
+ args->total);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (BGP_ATTR_ENCAP == type) {
|
|
||||||
@@ -2461,12 +2457,11 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
|
|
||||||
uint16_t tlv_length;
|
|
||||||
|
|
||||||
if (length < 4) {
|
|
||||||
- zlog_info(
|
|
||||||
+ zlog_err(
|
|
||||||
"Tunnel Encap attribute not long enough to contain outer T,L");
|
|
||||||
- bgp_notify_send_with_data(
|
|
||||||
- peer, BGP_NOTIFY_UPDATE_ERR,
|
|
||||||
- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
|
|
||||||
- return -1;
|
|
||||||
+ return bgp_attr_malformed(args,
|
|
||||||
+ BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
|
||||||
+ args->total);
|
|
||||||
}
|
|
||||||
tunneltype = stream_getw(BGP_INPUT(peer));
|
|
||||||
tlv_length = stream_getw(BGP_INPUT(peer));
|
|
||||||
@@ -2496,13 +2491,11 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
|
|
||||||
}
|
|
||||||
|
|
||||||
if (sublength > length) {
|
|
||||||
- zlog_info(
|
|
||||||
- "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
|
|
||||||
- sublength, length);
|
|
||||||
- bgp_notify_send_with_data(
|
|
||||||
- peer, BGP_NOTIFY_UPDATE_ERR,
|
|
||||||
- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total);
|
|
||||||
- return -1;
|
|
||||||
+ zlog_err("Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d",
|
|
||||||
+ sublength, length);
|
|
||||||
+ return bgp_attr_malformed(args,
|
|
||||||
+ BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
|
||||||
+ args->total);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* alloc and copy sub-tlv */
|
|
||||||
@@ -2550,13 +2543,10 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */
|
|
||||||
|
|
||||||
if (length) {
|
|
||||||
/* spurious leftover data */
|
|
||||||
- zlog_info(
|
|
||||||
- "Tunnel Encap attribute length is bad: %d leftover octets",
|
|
||||||
- length);
|
|
||||||
- bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR,
|
|
||||||
- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
|
||||||
- startp, total);
|
|
||||||
- return -1;
|
|
||||||
+ zlog_err("Tunnel Encap attribute length is bad: %d leftover octets",
|
|
||||||
+ length);
|
|
||||||
+ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR,
|
|
||||||
+ args->total);
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
@@ -3396,8 +3386,7 @@ enum bgp_attr_parse_ret bgp_attr_parse(struct peer *peer, struct attr *attr,
|
|
||||||
case BGP_ATTR_VNC:
|
|
||||||
#endif
|
|
||||||
case BGP_ATTR_ENCAP:
|
|
||||||
- ret = bgp_attr_encap(type, peer, length, attr, flag,
|
|
||||||
- startp);
|
|
||||||
+ ret = bgp_attr_encap(&attr_args);
|
|
||||||
break;
|
|
||||||
case BGP_ATTR_PREFIX_SID:
|
|
||||||
ret = bgp_attr_prefix_sid(&attr_args);
|
|
@ -1,93 +0,0 @@
|
|||||||
From 767aaa3a80489bfc4ff097f932fc347e3db25b89 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
Date: Mon, 21 Aug 2023 00:01:42 +0300
|
|
||||||
Subject: [PATCH] bgpd: Do not explicitly print MAXTTL value for ebgp-multihop
|
|
||||||
vty output
|
|
||||||
|
|
||||||
1. Create /etc/frr/frr.conf
|
|
||||||
```
|
|
||||||
frr version 7.5
|
|
||||||
frr defaults traditional
|
|
||||||
hostname centos8.localdomain
|
|
||||||
no ip forwarding
|
|
||||||
no ipv6 forwarding
|
|
||||||
service integrated-vtysh-config
|
|
||||||
line vty
|
|
||||||
router bgp 4250001000
|
|
||||||
neighbor 192.168.122.207 remote-as 65512
|
|
||||||
neighbor 192.168.122.207 ebgp-multihop
|
|
||||||
```
|
|
||||||
|
|
||||||
2. Start FRR
|
|
||||||
`# systemctl start frr
|
|
||||||
`
|
|
||||||
3. Show running configuration. Note that FRR explicitly set and shows the default TTL (225)
|
|
||||||
|
|
||||||
```
|
|
||||||
Building configuration...
|
|
||||||
|
|
||||||
Current configuration:
|
|
||||||
!
|
|
||||||
frr version 7.5
|
|
||||||
frr defaults traditional
|
|
||||||
hostname centos8.localdomain
|
|
||||||
no ip forwarding
|
|
||||||
no ipv6 forwarding
|
|
||||||
service integrated-vtysh-config
|
|
||||||
!
|
|
||||||
router bgp 4250001000
|
|
||||||
neighbor 192.168.122.207 remote-as 65512
|
|
||||||
neighbor 192.168.122.207 ebgp-multihop 255
|
|
||||||
!
|
|
||||||
line vty
|
|
||||||
!
|
|
||||||
end
|
|
||||||
```
|
|
||||||
4. Copy initial frr.conf to frr.conf.new (no changes)
|
|
||||||
`# cp /etc/frr/frr.conf /root/frr.conf.new
|
|
||||||
`
|
|
||||||
5. Run frr-reload.sh:
|
|
||||||
|
|
||||||
```
|
|
||||||
$ /usr/lib/frr/frr-reload.py --test /root/frr.conf.new
|
|
||||||
2023-08-20 20:15:48,050 INFO: Called via "Namespace(bindir='/usr/bin', confdir='/etc/frr', daemon='', debug=False, filename='/root/frr.conf.new', input=None, log_level='info', overwrite=False, pathspace=None, reload=False, rundir='/var/run/frr', stdout=False, test=True, vty_socket=None)"
|
|
||||||
2023-08-20 20:15:48,050 INFO: Loading Config object from file /root/frr.conf.new
|
|
||||||
2023-08-20 20:15:48,124 INFO: Loading Config object from vtysh show running
|
|
||||||
|
|
||||||
Lines To Delete
|
|
||||||
===============
|
|
||||||
router bgp 4250001000
|
|
||||||
no neighbor 192.168.122.207 ebgp-multihop 255
|
|
||||||
|
|
||||||
Lines To Add
|
|
||||||
============
|
|
||||||
router bgp 4250001000
|
|
||||||
neighbor 192.168.122.207 ebgp-multihop
|
|
||||||
```
|
|
||||||
|
|
||||||
Closes https://github.com/FRRouting/frr/issues/14242
|
|
||||||
|
|
||||||
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
---
|
|
||||||
bgpd/bgp_vty.c | 8 ++++++--
|
|
||||||
1 file changed, 6 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_vty.c b/bgpd/bgp_vty.c
|
|
||||||
index be0fe4283747..c9a9255f3392 100644
|
|
||||||
--- a/bgpd/bgp_vty.c
|
|
||||||
+++ b/bgpd/bgp_vty.c
|
|
||||||
@@ -17735,8 +17735,12 @@ static void bgp_config_write_peer_global(struct vty *vty, struct bgp *bgp,
|
|
||||||
&& !(peer->gtsm_hops != BGP_GTSM_HOPS_DISABLED
|
|
||||||
&& peer->ttl == MAXTTL)) {
|
|
||||||
if (!peer_group_active(peer) || g_peer->ttl != peer->ttl) {
|
|
||||||
- vty_out(vty, " neighbor %s ebgp-multihop %d\n", addr,
|
|
||||||
- peer->ttl);
|
|
||||||
+ if (peer->ttl != MAXTTL)
|
|
||||||
+ vty_out(vty, " neighbor %s ebgp-multihop %d\n",
|
|
||||||
+ addr, peer->ttl);
|
|
||||||
+ else
|
|
||||||
+ vty_out(vty, " neighbor %s ebgp-multihop\n",
|
|
||||||
+ addr);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,110 +0,0 @@
|
|||||||
From 71422bfe269e34b69d78f9fb02f30426f2fdef48 Mon Sep 17 00:00:00 2001
|
|
||||||
From: rpm-build <rpm-build>
|
|
||||||
Date: Wed, 13 Dec 2023 16:59:46 +0100
|
|
||||||
Subject: [PATCH] bgpd: Treat EOR as withdrawn to avoid unwanted handling of
|
|
||||||
malformed attrs
|
|
||||||
|
|
||||||
Treat-as-withdraw, otherwise if we just ignore it, we will pass it to be
|
|
||||||
processed as a normal UPDATE without mandatory attributes, that could lead
|
|
||||||
to harmful behavior. In this case, a crash for route-maps with the configuration
|
|
||||||
such as:
|
|
||||||
|
|
||||||
```
|
|
||||||
router bgp 65001
|
|
||||||
no bgp ebgp-requires-policy
|
|
||||||
neighbor 127.0.0.1 remote-as external
|
|
||||||
neighbor 127.0.0.1 passive
|
|
||||||
neighbor 127.0.0.1 ebgp-multihop
|
|
||||||
neighbor 127.0.0.1 disable-connected-check
|
|
||||||
neighbor 127.0.0.1 update-source 127.0.0.2
|
|
||||||
neighbor 127.0.0.1 timers 3 90
|
|
||||||
neighbor 127.0.0.1 timers connect 1
|
|
||||||
!
|
|
||||||
address-family ipv4 unicast
|
|
||||||
neighbor 127.0.0.1 addpath-tx-all-paths
|
|
||||||
neighbor 127.0.0.1 default-originate
|
|
||||||
neighbor 127.0.0.1 route-map RM_IN in
|
|
||||||
exit-address-family
|
|
||||||
exit
|
|
||||||
!
|
|
||||||
route-map RM_IN permit 10
|
|
||||||
set as-path prepend 200
|
|
||||||
exit
|
|
||||||
```
|
|
||||||
|
|
||||||
Send a malformed optional transitive attribute:
|
|
||||||
|
|
||||||
```
|
|
||||||
import socket
|
|
||||||
import time
|
|
||||||
|
|
||||||
OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
|
|
||||||
b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02"
|
|
||||||
b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02"
|
|
||||||
b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00"
|
|
||||||
b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d"
|
|
||||||
b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01"
|
|
||||||
b"\x80\x00\x00\x00")
|
|
||||||
|
|
||||||
KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff"
|
|
||||||
b"\xff\xff\xff\xff\xff\xff\x00\x13\x04")
|
|
||||||
|
|
||||||
UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff002b0200000003c0ff00010100eb00ac100b0b001ad908ac100b0b")
|
|
||||||
|
|
||||||
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
|
|
||||||
s.connect(('127.0.0.2', 179))
|
|
||||||
s.send(OPEN)
|
|
||||||
data = s.recv(1024)
|
|
||||||
s.send(KEEPALIVE)
|
|
||||||
data = s.recv(1024)
|
|
||||||
s.send(UPDATE)
|
|
||||||
data = s.recv(1024)
|
|
||||||
time.sleep(100)
|
|
||||||
s.close()
|
|
||||||
```
|
|
||||||
|
|
||||||
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
|
|
||||||
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
|
|
||||||
(cherry picked from commit 6814f2e0138a6ea5e1f83bdd9085d9a77999900b)
|
|
||||||
---
|
|
||||||
bgpd/bgp_attr.c | 15 ++++++++++++---
|
|
||||||
1 file changed, 12 insertions(+), 3 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
|
|
||||||
index a121911..12a6953 100644
|
|
||||||
--- a/bgpd/bgp_attr.c
|
|
||||||
+++ b/bgpd/bgp_attr.c
|
|
||||||
@@ -3079,9 +3079,12 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr)
|
|
||||||
uint8_t type = 0;
|
|
||||||
|
|
||||||
/* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an
|
|
||||||
- * empty UPDATE. */
|
|
||||||
+ * empty UPDATE. Treat-as-withdraw, otherwise if we just ignore it,
|
|
||||||
+ * we will pass it to be processed as a normal UPDATE without mandatory
|
|
||||||
+ * attributes, that could lead to harmful behavior.
|
|
||||||
+ */
|
|
||||||
if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
|
|
||||||
- return BGP_ATTR_PARSE_PROCEED;
|
|
||||||
+ return BGP_ATTR_PARSE_WITHDRAW;
|
|
||||||
|
|
||||||
/* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
|
|
||||||
to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
|
|
||||||
@@ -3507,7 +3510,13 @@ done:
|
|
||||||
aspath_unintern(&as4_path);
|
|
||||||
|
|
||||||
transit = bgp_attr_get_transit(attr);
|
|
||||||
- if (ret != BGP_ATTR_PARSE_ERROR) {
|
|
||||||
+ /* If we received an UPDATE with mandatory attributes, then
|
|
||||||
+ * the unrecognized transitive optional attribute of that
|
|
||||||
+ * path MUST be passed. Otherwise, it's an error, and from
|
|
||||||
+ * security perspective it might be very harmful if we continue
|
|
||||||
+ * here with the unrecognized attributes.
|
|
||||||
+ */
|
|
||||||
+ if (ret == BGP_ATTR_PARSE_PROCEED) {
|
|
||||||
/* Finally intern unknown attribute. */
|
|
||||||
if (transit)
|
|
||||||
bgp_attr_set_transit(attr, transit_intern(transit));
|
|
||||||
--
|
|
||||||
2.43.0
|
|
||||||
|
|
@ -1,95 +0,0 @@
|
|||||||
From 7fe95b24333cceb6cd04595694cd502fcd3666f6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: rpm-build <rpm-build>
|
|
||||||
Date: Wed, 13 Dec 2023 18:25:48 +0100
|
|
||||||
Subject: [PATCH] bgpd: Ignore handling NLRIs if we received MP_UNREACH_NLRI
|
|
||||||
|
|
||||||
If we receive MP_UNREACH_NLRI, we should stop handling remaining NLRIs if
|
|
||||||
no mandatory path attributes received.
|
|
||||||
|
|
||||||
In other words, if MP_UNREACH_NLRI received, the remaining NLRIs should be handled
|
|
||||||
as a new data, but without mandatory attributes, it's a malformed packet.
|
|
||||||
|
|
||||||
In normal case, this MUST not happen at all, but to avoid crashing bgpd, we MUST
|
|
||||||
handle that.
|
|
||||||
|
|
||||||
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
|
|
||||||
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
|
|
||||||
Signed-off-by: Christian Breunig <christian@breunig.cc>
|
|
||||||
|
|
||||||
(cherry picked from commit c37119df45bbf4ef713bc10475af2ee06e12f3bf)
|
|
||||||
---
|
|
||||||
bgpd/bgp_attr.c | 19 ++++++++++---------
|
|
||||||
bgpd/bgp_attr.h | 1 +
|
|
||||||
bgpd/bgp_packet.c | 7 ++++++-
|
|
||||||
3 files changed, 17 insertions(+), 10 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c
|
|
||||||
index 12a6953..8b02f2c 100644
|
|
||||||
--- a/bgpd/bgp_attr.c
|
|
||||||
+++ b/bgpd/bgp_attr.c
|
|
||||||
@@ -3086,15 +3086,6 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr)
|
|
||||||
if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag)
|
|
||||||
return BGP_ATTR_PARSE_WITHDRAW;
|
|
||||||
|
|
||||||
- /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required
|
|
||||||
- to carry any other path attributes.", though if MP_REACH_NLRI or NLRI
|
|
||||||
- are present, it should. Check for any other attribute being present
|
|
||||||
- instead.
|
|
||||||
- */
|
|
||||||
- if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
|
|
||||||
- CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))))
|
|
||||||
- return BGP_ATTR_PARSE_PROCEED;
|
|
||||||
-
|
|
||||||
if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN)))
|
|
||||||
type = BGP_ATTR_ORIGIN;
|
|
||||||
|
|
||||||
@@ -3113,6 +3104,16 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr)
|
|
||||||
&& !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF)))
|
|
||||||
type = BGP_ATTR_LOCAL_PREF;
|
|
||||||
|
|
||||||
+ /* An UPDATE message that contains the MP_UNREACH_NLRI is not required
|
|
||||||
+ * to carry any other path attributes. Though if MP_REACH_NLRI or NLRI
|
|
||||||
+ * are present, it should. Check for any other attribute being present
|
|
||||||
+ * instead.
|
|
||||||
+ */
|
|
||||||
+ if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) &&
|
|
||||||
+ CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)))
|
|
||||||
+ return type ? BGP_ATTR_PARSE_MISSING_MANDATORY
|
|
||||||
+ : BGP_ATTR_PARSE_PROCEED;
|
|
||||||
+
|
|
||||||
/* If any of the well-known mandatory attributes are not present
|
|
||||||
* in an UPDATE message, then "treat-as-withdraw" MUST be used.
|
|
||||||
*/
|
|
||||||
diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h
|
|
||||||
index 06f350b..b9dfec9 100644
|
|
||||||
--- a/bgpd/bgp_attr.h
|
|
||||||
+++ b/bgpd/bgp_attr.h
|
|
||||||
@@ -379,6 +379,7 @@ enum bgp_attr_parse_ret {
|
|
||||||
*/
|
|
||||||
BGP_ATTR_PARSE_ERROR_NOTIFYPLS = -3,
|
|
||||||
BGP_ATTR_PARSE_EOR = -4,
|
|
||||||
+ BGP_ATTR_PARSE_MISSING_MANDATORY = -5,
|
|
||||||
};
|
|
||||||
|
|
||||||
struct bpacket_attr_vec_arr;
|
|
||||||
diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c
|
|
||||||
index a5f065a..cdf0734 100644
|
|
||||||
--- a/bgpd/bgp_packet.c
|
|
||||||
+++ b/bgpd/bgp_packet.c
|
|
||||||
@@ -1873,7 +1873,12 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size)
|
|
||||||
/* Network Layer Reachability Information. */
|
|
||||||
update_len = end - stream_pnt(s);
|
|
||||||
|
|
||||||
- if (update_len) {
|
|
||||||
+ /* If we received MP_UNREACH_NLRI attribute, but also NLRIs, then
|
|
||||||
+ * NLRIs should be handled as a new data. Though, if we received
|
|
||||||
+ * NLRIs without mandatory attributes, they should be ignored.
|
|
||||||
+ */
|
|
||||||
+ if (update_len && attribute_len &&
|
|
||||||
+ attr_parse_ret != BGP_ATTR_PARSE_MISSING_MANDATORY) {
|
|
||||||
/* Set NLRI portion to structure. */
|
|
||||||
nlris[NLRI_UPDATE].afi = AFI_IP;
|
|
||||||
nlris[NLRI_UPDATE].safi = SAFI_UNICAST;
|
|
||||||
--
|
|
||||||
2.43.0
|
|
||||||
|
|
@ -1,34 +0,0 @@
|
|||||||
From 0b999c886e241c52bd1f7ef0066700e4b618ebb3 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Thu, 23 Feb 2023 13:29:32 -0500
|
|
||||||
Subject: [PATCH] bgpd: Flowspec overflow issue
|
|
||||||
|
|
||||||
According to the flowspec RFC 8955 a flowspec nlri is <length, <nlri data>>
|
|
||||||
Specifying 0 as a length makes BGP get all warm on the inside. Which
|
|
||||||
in this case is not a good thing at all. Prevent warmth, stay cold
|
|
||||||
on the inside.
|
|
||||||
|
|
||||||
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_flowspec.c | 7 +++++++
|
|
||||||
1 file changed, 7 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_flowspec.c b/bgpd/bgp_flowspec.c
|
|
||||||
index 8d5ca5e77779..f9debe43cd45 100644
|
|
||||||
--- a/bgpd/bgp_flowspec.c
|
|
||||||
+++ b/bgpd/bgp_flowspec.c
|
|
||||||
@@ -127,6 +127,13 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr,
|
|
||||||
psize);
|
|
||||||
return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
|
|
||||||
}
|
|
||||||
+
|
|
||||||
+ if (psize == 0) {
|
|
||||||
+ flog_err(EC_BGP_FLOWSPEC_PACKET,
|
|
||||||
+ "Flowspec NLRI length 0 which makes no sense");
|
|
||||||
+ return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (bgp_fs_nlri_validate(pnt, psize, afi) < 0) {
|
|
||||||
flog_err(
|
|
||||||
EC_BGP_FLOWSPEC_PACKET,
|
|
@ -1,54 +0,0 @@
|
|||||||
From 7404a914b0cafe046703c8381903a80d3def8f8b Mon Sep 17 00:00:00 2001
|
|
||||||
From: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
Date: Fri, 3 Mar 2023 21:58:33 -0500
|
|
||||||
Subject: [PATCH] bgpd: Fix use beyond end of stream of labeled unicast parsing
|
|
||||||
|
|
||||||
Fixes a couple crashes associated with attempting to read
|
|
||||||
beyond the end of the stream.
|
|
||||||
|
|
||||||
Reported-by: Iggy Frankovic <iggyfran@amazon.com>
|
|
||||||
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
|
|
||||||
---
|
|
||||||
bgpd/bgp_label.c | 15 +++++++++++++++
|
|
||||||
1 file changed, 15 insertions(+)
|
|
||||||
|
|
||||||
diff --git a/bgpd/bgp_label.c b/bgpd/bgp_label.c
|
|
||||||
index 0cad119af101..c4a5277553ba 100644
|
|
||||||
--- a/bgpd/bgp_label.c
|
|
||||||
+++ b/bgpd/bgp_label.c
|
|
||||||
@@ -297,6 +297,9 @@ static int bgp_nlri_get_labels(struct peer *peer, uint8_t *pnt, uint8_t plen,
|
|
||||||
uint8_t llen = 0;
|
|
||||||
uint8_t label_depth = 0;
|
|
||||||
|
|
||||||
+ if (plen < BGP_LABEL_BYTES)
|
|
||||||
+ return 0;
|
|
||||||
+
|
|
||||||
for (; data < lim; data += BGP_LABEL_BYTES) {
|
|
||||||
memcpy(label, data, BGP_LABEL_BYTES);
|
|
||||||
llen += BGP_LABEL_BYTES;
|
|
||||||
@@ -359,6 +362,9 @@ int bgp_nlri_parse_label(struct peer *peer, struct attr *attr,
|
|
||||||
memcpy(&addpath_id, pnt, BGP_ADDPATH_ID_LEN);
|
|
||||||
addpath_id = ntohl(addpath_id);
|
|
||||||
pnt += BGP_ADDPATH_ID_LEN;
|
|
||||||
+
|
|
||||||
+ if (pnt >= lim)
|
|
||||||
+ return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Fetch prefix length. */
|
|
||||||
@@ -377,6 +383,15 @@ int bgp_nlri_parse_label(struct peer *peer, struct attr *attr,
|
|
||||||
|
|
||||||
/* Fill in the labels */
|
|
||||||
llen = bgp_nlri_get_labels(peer, pnt, psize, &label);
|
|
||||||
+ if (llen == 0) {
|
|
||||||
+ flog_err(
|
|
||||||
+ EC_BGP_UPDATE_RCV,
|
|
||||||
+ "%s [Error] Update packet error (wrong label length 0)",
|
|
||||||
+ peer->host);
|
|
||||||
+ bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR,
|
|
||||||
+ BGP_NOTIFY_UPDATE_INVAL_NETWORK);
|
|
||||||
+ return BGP_NLRI_PARSE_ERROR_LABEL_LENGTH;
|
|
||||||
+ }
|
|
||||||
p.prefixlen = prefixlen - BSIZE(llen);
|
|
||||||
|
|
||||||
/* There needs to be at least one label */
|
|
@ -1,16 +0,0 @@
|
|||||||
#!/bin/sh
|
|
||||||
#this script is used to remove babled and ldpd from the tar sources
|
|
||||||
#Usage: sh remove-babeld-ldpd.sh <VERSION>
|
|
||||||
#Example: sh remove-babeld-ldpd.sh 7.3.1 - this is for frr-7.3.1.tar.gz file
|
|
||||||
|
|
||||||
VERSION=$1
|
|
||||||
TAR=frr-${VERSION}.tar.gz
|
|
||||||
DIR=frr-${VERSION}
|
|
||||||
|
|
||||||
echo ${VERSION}
|
|
||||||
echo ${TAR}
|
|
||||||
echo ${DIR}
|
|
||||||
|
|
||||||
tar -xzf ${TAR}
|
|
||||||
rm -rf ${DIR}/babeld ${DIR}/ldpd
|
|
||||||
tar -czf ${TAR} ${DIR}
|
|
Loading…
Reference in new issue