Fix the following heap-use-after-free
> ==82961==ERROR: AddressSanitizer: heap-use-after-free on address 0x6020001e4750 at pc 0x55a8cc7f63ac bp 0x7ffd6948e340 sp 0x7ffd6948e330
> READ of size 8 at 0x6020001e4750 thread T0
> #0 0x55a8cc7f63ab in isis_route_node_cleanup isisd/isis_route.c:335
> #1 0x7ff25ec617c1 in route_node_free lib/table.c:75
> #2 0x7ff25ec619fc in route_table_free lib/table.c:111
> #3 0x7ff25ec61661 in route_table_finish lib/table.c:46
> #4 0x55a8cc800d83 in _isis_spftree_del isisd/isis_spf.c:397
> #5 0x55a8cc800e45 in isis_spftree_clear isisd/isis_spf.c:414
> #6 0x55a8cc80bd9a in isis_run_spf isisd/isis_spf.c:2020
> #7 0x55a8cc80c370 in isis_run_spf_with_protection isisd/isis_spf.c:2076
> #8 0x55a8cc80cf52 in isis_run_spf_cb isisd/isis_spf.c:2165
> #9 0x7ff25ec7c4dc in event_call lib/event.c:1970
> #10 0x7ff25eb64423 in frr_run lib/libfrr.c:1213
> #11 0x55a8cc7799da in main isisd/isis_main.c:318
> #12 0x7ff25e623d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
> #13 0x7ff25e623e3f in __libc_start_main_impl ../csu/libc-start.c:392
> #14 0x55a8cc778e44 in _start (/usr/lib/frr/isisd+0x109e44)
>
> 0x6020001e4750 is located 0 bytes inside of 16-byte region [0x6020001e4750,0x6020001e4760)
> freed by thread T0 here:
> #0 0x7ff25f000537 in __interceptor_free ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:127
> #1 0x7ff25eb9012e in qfree lib/memory.c:130
> #2 0x55a8cc7f6485 in isis_route_table_info_free isisd/isis_route.c:351
> #3 0x55a8cc800cf4 in _isis_spftree_del isisd/isis_spf.c:395
> #4 0x55a8cc800e45 in isis_spftree_clear isisd/isis_spf.c:414
> #5 0x55a8cc80bd9a in isis_run_spf isisd/isis_spf.c:2020
> #6 0x55a8cc80c370 in isis_run_spf_with_protection isisd/isis_spf.c:2076
> #7 0x55a8cc80cf52 in isis_run_spf_cb isisd/isis_spf.c:2165
> #8 0x7ff25ec7c4dc in event_call lib/event.c:1970
> #9 0x7ff25eb64423 in frr_run lib/libfrr.c:1213
> #10 0x55a8cc7799da in main isisd/isis_main.c:318
> #11 0x7ff25e623d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
>
> previously allocated by thread T0 here:
> #0 0x7ff25f000a57 in __interceptor_calloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:154
> #1 0x7ff25eb8ffdc in qcalloc lib/memory.c:105
> #2 0x55a8cc7f63eb in isis_route_table_info_alloc isisd/isis_route.c:343
> #3 0x55a8cc80052a in _isis_spftree_init isisd/isis_spf.c:334
> #4 0x55a8cc800e51 in isis_spftree_clear isisd/isis_spf.c:415
> #5 0x55a8cc80bd9a in isis_run_spf isisd/isis_spf.c:2020
> #6 0x55a8cc80c370 in isis_run_spf_with_protection isisd/isis_spf.c:2076
> #7 0x55a8cc80cf52 in isis_run_spf_cb isisd/isis_spf.c:2165
> #8 0x7ff25ec7c4dc in event_call lib/event.c:1970
> #9 0x7ff25eb64423 in frr_run lib/libfrr.c:1213
> #10 0x55a8cc7799da in main isisd/isis_main.c:318
> #11 0x7ff25e623d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58
Fixes: 7153c3cabf ("isisd: update struct isis_route_info has multiple sr info by algorithm")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
... and use it instead of fiddling with the `.synchronous` field.
(Make it const while at it.)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Replace `struct list *` with `DLIST(if_connected, ...)`.
NB: while converting this, I found multiple places using connected
prefixes assuming they were IPv4 without checking:
- vrrpd/vrrp.c: vrrp_socket()
- zebra/irdp_interface.c: irdp_get_prefix(), irdp_if_start(),
irdp_advert_off()
(these fixes are really hard to split off into separate commits as that
would require going back and reapplying the change but with the old list
handling)
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
These were added in e38e0df01a but never used anywhere. Also the code
grabs any random /32 or /128 that is directly connected to the adjacent
router, which may not even be an address of that router itself.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
`isis_srv6_area_init` should not use `yang_get_default_*` functions for
fabricd.
Fixes: https://github.com/FRRouting/frr/issues/14722
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
...so that multiple functions can be subscribed.
The create/destroy hooks are renamed to real/unreal because that's what
they *actually* signal.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
I added a new variable to calculate the required level of neighborhood,
as well as checking if the interfaces are in the same area,
in accordance with cisco
Signed-off-by: Sososhas <1248756005hfh@gmail.com>
isis:fixed adj level in topotests
fixed adj level on rt6
Signed-off-by: Sososhas <1248756005hfh@gmail.com>
When isis_zebra_process_srv6_locator_chunk() returns prematurely
due to an error, do not forget to free memory allocated by
srv6_locator_chunk_alloc().
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
After the ISIS daemon is launched, the configuration of an srv6
locator in zebra triggers a crash:
> #4 0x00007f1f0ea980f3 in core_handler (signo=11, siginfo=0x7ffdb750de70, context=0x7ffdb750dd40)
> at /build/make-pkg/output/_packages/cp-routing/src/lib/sigevent.c:262
> #5 <signal handler called>
> #6 0x00005651a05783ef in isis_zebra_process_srv6_locator_add (cmd=117, zclient=0x5651a21d9bd0, length=25, vrf_id=0)
> at /build/make-pkg/output/_packages/cp-routing/src/isisd/isis_zebra.c:1258
> #7 0x00007f1f0ead5ac9 in zclient_read (thread=0x7ffdb750e750) at /build/make-pkg/output/_packages/cp-routing/src/lib/zclient.c:4246
> #8 0x00007f1f0eab19d4 in thread_call (thread=0x7ffdb750e750) at /build/make-pkg/output/_packages/cp-routing/src/lib/thread.c:1825
> #9 0x00007f1f0ea4862e in frr_run (master=0x5651a1f65a40) at /build/make-pkg/output/_packages/cp-routing/src/lib/libfrr.c:1155
> #10 0x00005651a051131a in main (argc=5, argv=0x7ffdb750e998, envp=0x7ffdb750e9c8)
> at /build/make-pkg/output/_packages/cp-routing/src/isisd/isis_main.c:282
> (gdb) f 6
> #6 0x00005651a05783ef in isis_zebra_process_srv6_locator_add (cmd=117, zclient=0x5651a21d9bd0, length=25, vrf_id=0)
> at /build/make-pkg/output/_packages/cp-routing/src/isisd/isis_zebra.c:1258
> (gdb) print isis
> $1 = (struct isis *) 0x0
> (gdb) print isis->area_list
> Cannot access memory at address 0x28
The isis pointer is NULL, because no instances have already been
configured on the ISIS instance.
Fix this by checking that there is any isis instance available when
zebra hooks related to srv6 are received.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Null checking the `sra` pointer after dereferencing it causes a
coverity issue. Let's perform the null check before dereferencing the
pointer.
Fixes this coverity issue:
*** CID 1568133: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_zebra.c: 1077 in isis_zebra_srv6_adj_sid_uninstall()
1071 enum seg6local_action_t action = ZEBRA_SEG6_LOCAL_ACTION_UNSPEC;
1072 struct interface *ifp;
1073 uint16_t prefixlen = IPV6_MAX_BITLEN;
1074 struct isis_circuit *circuit = sra->adj->circuit;
1075 struct isis_area *area = circuit->area;
1076
>>> CID 1568133: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sra" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1077 if (!sra)
1078 return;
1079
1080 switch (sra->behavior) {
1081 case SRV6_ENDPOINT_BEHAVIOR_END_X:
1082 prefixlen = IPV6_MAX_BITLEN;
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Null checking the `sra` pointer after dereferencing it causes a
coverity issue. Let's perform the null check before dereferencing the
pointer.
Fixes this coverity issue:
*** CID 1568132: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_zebra.c: 1023 in isis_zebra_srv6_adj_sid_install()
1017 struct seg6local_context ctx = {};
1018 uint16_t prefixlen = IPV6_MAX_BITLEN;
1019 struct interface *ifp;
1020 struct isis_circuit *circuit = sra->adj->circuit;
1021 struct isis_area *area = circuit->area;
1022
>>> CID 1568132: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sra" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
1023 if (!sra)
1024 return;
1025
1026 sr_debug("ISIS-SRv6 (%s): setting adjacency SID %pI6", area->area_tag,
1027 &sra->sid);
1028
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Fix this coverity issue:
*** CID 1568129: Null pointer dereferences (REVERSE_INULL)
/isisd/isis_tlvs.c: 2813 in unpack_item_srv6_end_sid()
2807 sid->subsubtlvs = NULL;
2808 }
2809
2810 append_item(&subtlvs->srv6_end_sids, (struct isis_item *)sid);
2811 return 0;
2812 out:
>>> CID 1568129: Null pointer dereferences (REVERSE_INULL)
>>> Null-checking "sid" suggests that it may be null, but it has already been dereferenced on all paths leading to the check.
2813 if (sid)
2814 free_item_srv6_end_sid((struct isis_item *)sid);
2815 return 1;
2816 }
2817
2818 /* Functions related to TLVs 1 Area Addresses */
Signed-off-by: Carmine Scarpitta <cscarpit@cisco.com>
Add CLI command and functions to configure the interface used for
installing SRv6 SIDs into Linux data plane
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The function `sid_exist` verifies if a given SRv6 SID has already been
allocated for a given IS-IS area. This commit extends `sid_exist` to
also consider adjacency SIDs when checking for the existence of the SID.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
An SRv6 adjacency SID is a SID that is associated with a particular
adjacency. Adjacency SIDs are advertised using the SRv6 End.X SID
Sub-TLV (RFC 9352 section #8.1) or SRv6 LAN End.X SID Sub-TLV (RFC 9352
section #8.2).
This commit defines the following Adj SIDs management functions:
* srv6_endx_sid_add_single: add a new SRv6 Adjacency SID
* srv6_endx_sid_del: delete an SRv6 Adjacency SID
* isis_srv6_endx_sid_find: lookup SRv6 End.X SID by type
It also attaches some callbacks to the hooks isis_adj_state_change_hook,
isis_adj_ip_enabled_hook, isis_adj_ip_disabled_hook, which are
responsible for installing/removing an SRv6 Adjacency SID automatically
when the state of an IS-IS adjacency changes.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
An SRv6 adjacency SID is a SID that is associated with a particular
adjacency. Adjacency SIDs are advertised using the SRv6 End.X SID
Sub-TLV (RFC 9352 section #8.1) or SRv6 LAN End.X SID Sub-TLV (RFC 9352
section #8.2).
This commit defines a data structure `srv6_adjacency` for storing
information about an SRv6 Adjacency SID. This data structure will be
used to support SRv6 Adjacency SIDs functionalities in future commits.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
We need to allocate memory SRv6 SID Structure Sub-Sub-TLV in
isis_srv6.c. MTYPE_ISIS_SUBSUBTLV is statically defined in isis_tlvs.c
and therefore is not visible in isis_srv6.c. Let's make
MTYPE_ISIS_SUBSUBTLV non-static to provide visibility to the external
world..
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend the Extended IS Reachability TLV unpack function to unpack the
SRv6 End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV, if present.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend the Extended IS Reachability TLV pack function to pack the SRv6
End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV, if present.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add SRv6 End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV codepoints
(defined in "IS-IS Sub-TLVs for TLVs Advertising Neighbor Information"
IANA registry). These codepoints will be used in future commits to
pack/unpack corresponding Sub-TLVs.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend the Extended IS Reachability TLV format function to show the SRv6
End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV, if present.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
SRv6 End.X SID Sub-TLV (RFC 9352 section #8.1) and SRv6 LAN End.X SID
Sub-TLV (RFC 9352 section #8.2) contain a `flag` field. Currently, three
flags are defined:
* B-Flag: Backup flag
* S-Flag: Set flag
* P-Flag: Persistent flag
This commit defines three constants representing these flags.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend the Extended IS Reachability TLV copy function to copy the SRv6
End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV, if present.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add SRv6 End.X SID Sub-TLV and SRv6 LAN End.X SID Sub-TLV to the
Extended IS Reachability Sub-TLVs data structure and perform proper
initialization/free when the Sub-TLVs data structure is
allocated/destroyed.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a data structure to represent an SRv6 LAN End.X SID Sub-TLV as per
RFC 9352 section #8.2.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a data structure to represent an SRv6 End.X SID Sub-TLV as per
RFC 9352 section #8.1.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add copyright claim for "IS-IS Extensions to Support SRv6" (RFC 9352)
to isis_tlvs.c and isis_tlvs.h.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
According to RFC 9352 section #5, the SRv6 Locators associated with
algorithms 0 and 1 should be also advertised in a Prefix Reachability
TLV (236 or 237) to allow legacy routers (i.e., routers that do not
support SRv6) installing a forwarding entry for algorithms 0 and 1 SRv6
traffic.
This commits extend IS-IS to advertise SRv6 Locators in IPv6
Reachability TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to build an SRv6 SID Structure Sub-Sub-TLV (RFC 9352
section #9) to advertise the structure of a specific SRv6 End SID passed
as an argument.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to build an SRv6 End SID TLV (RFC 9352 section #7.2) to
advertise a specific SRv6 End SID passed as an argument.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to build an SRv6 Locator TLV (RFC 9352 section #7.1) to
advertise a specific SRv6 Locator passed as an argument.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to fill in an SRv6 SID Structure Sub-Sub-TLV with
information from an SRv6 SID (RFC 9352 section #9).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to fill in an SRv6 End SID Sub-TLV with information from
an SRv6 End SID (RFC 9352 section #7.2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to fill in an SRv6 Locator TLV with information from an
SRv6 locator (RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
General Sub-Sub-TLV processing functions (i.e., copy, format, free,
pack, and unpack) perform a lookup of the handler specific for a
Sub-Sub-TLV in the `tlv_table`, and then call the specific handler to
process the Sub-Sub-TLV.
This commit adds the handlers for the SRv6 Structure Sub-Sub-TLV (stored
in `subsubtlv_srv6_sid_structure_ops`) to the `tlv_table`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Use the SUBSUBTLV_OPS macro to define the TLV operations for the SRv6
SID Structure Sub-Sub-TLV (RFC 9352 section #9).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend generic Sub-Sub-TLVs format function to return information about
SRv6 SID Structure Sub-Sub-TLVs (RFC 9352 section #9).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to return information about an SRv6 SID Structure
Sub-Sub-TLV (RFC 9352 section #9).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend SRv6 End SID Sub-TLV format function to return information about
Sub-Sub-TLVs (RFC 9352 section #7.2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to pack all the Sub-Sub-TLVs passed as an argument.
At this time, this function does not pack any Sub-Sub-TLVs because no
Sub-Sub-TLVs have been defined yet. This function will be extended in
future commits to pack specific Sub-Sub-TLVs, as they become supported.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to free all the Sub-Sub-TLVs and the `isis_subsubtlvs`
data structure passed as an argument.
At this time, this function only frees the `isis_subsubtlvs`. It does
not free any specific Sub-Sub-TLVs because no Sub-Sub-TLVs have been
defined yet. This function will be extended in future commits to free
specific Sub-Sub-TLVs, as they become supported.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to return information about all the Sub-Sub-TLVs passed
as an argument.
At this time, this function does nothing because no Sub-Sub-TLVs have
been defined yet. This function will be extended in
future commits to return information about specific Sub-Sub-TLVs,
as they become supported.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to copy all the Sub-Sub-TLVs passed as an argument.
At this time, this function does not copy any Sub-Sub-TLVs because no
Sub-Sub-TLVs have been defined yet. This function will be extended in
future commits to copy specific Sub-Sub-TLVs, as they become supported.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a data structure to store IS-IS Sub-Sub-TLVs information. At this
time, does not contain any Sub-Sub-TLV information because no
Sub-Sub-TLVs have been defined yet. This data structure will be extended
in future commits to store specific Sub-Sub-TLVs, as they become
supported.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add two macros `SUBSUBTLV_OPS` and `ITEM_SUBSUBTLV_OPS` that help the
developer to define the TLV operations for the IS-IS Sub-Sub-TLVs.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend generic Sub-TLVs format function to return information about
SRv6 End SID Sub-TLVs (RFC 9352 section #7.2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
General Sub-TLV processing functions (i.e., copy, format, free, pack,
and unpack) perform a lookup of the specific handler for a Sub-TLV in
the `tlv_table`, and then call the specific handler to process the
Sub-TLV.
This commit adds the handlers for the SRv6 End SID Sub-TLV (stored in
`tlv_srv6_end_sid_ops`) to the `tlv_table`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Use the ITEM_SUBTLV_OPS macro to define the TLV operations for the SRv6
End SID Sub-TLV (RFC 9352 section #7.2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to return information about an SRv6 End SID Sub-TLV
(RFC 9352 section #7.2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a new TLV context value for the SRv6 End SID Sub-TLV. It will be
needed to support unpacking of the Sub-Sub-TLVs of the SRv6 End SID
Sub-TLV in future commits.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a data structure to represent an SRv6 End SID Sub-TLV as per
RFC 9352 section #7.2.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The SRv6 Locator TLV (RFC 9352 section #7.1) starts with the MTID field.
Let's expect the MTID as the first field when we are unpacking an SRv6
Locator TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The SRv6 Locator TLV (RFC 9352 section #7.1) starts with the MTID field.
Let's put the MTID as the first field when we are packing an SRv6
Locator TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
General TLV processing functions (i.e., copy, format, free, pack, and
unpack) perform a lookup of the specific handler for a TLV in the
`tlv_table`, and then call the specific handler to process the TLV.
This commit adds the handlers for the SRv6 Locator TLV (stored in
`tlv_srv6_locator_ops`) to the `tlv_table`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Use the ITEM_TLV_OPS macro to define the TLV operations for the SRv6
Locator TLV (RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to unpack an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to pack an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to free an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend generic TLVs format function to return information about SRv6
Locator TLVs (RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add the `IS-IS SRv6 SID Structure Sub-Sub-TLV Codepoint` as defined in the
`IS-IS Sub-Sub-TLVs for SRv6 SID Sub-TLVs` IANA registry. This codepoint
will be used as the Sub-Sub-TLV Type to advertise the SRv6 SID Structure
Sub-Sub-TLV in the SRv6 End SID, SRv6 End.X SID, and SRv6 LAN End.X SID
Sub-TLVs.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add the `IS-IS SRv6 End SID Sub-TLV Codepoint` as defined in the
`IS-IS Sub-TLVs for TLVs Advertising Prefix Reachability` IANA registry.
This codepoint will be used as the Sub-TLV
Type to advertise the SRv6 End SID Sub-TLV in the SRv6 Locator TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend Router Capabilities TLV format function to return information
about SRv6 Capabilities Sub-TLVs (RFC 9352 section #2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a new TLV context value for the SRv6 Locator TLV. It will be needed
to support unpacking of the Sub-TLVs of the SRv6 Locator TLV in future
commits.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add IS-IS SRv6 Locator TLV Codepoint as defined in the IANA registry
IS-IS Top-Level TLV Codepoints.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
When an SRv6 locator is unset, remove all the SRv6 End SIDs allocated
from that locator.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
When zebra assigns a chunk to IS-IS, zebra sends a
ZEBRA_SRV6_MANAGER_GET_LOCATOR_CHUNK notification to IS-IS.
IS-IS invokes the `isis_zebra_process_srv6_locator_chunk()` callback to
process the received notification.
Actually, `isis_zebra_process_srv6_locator_chunk()` iterates over all
areas of the current IS-IS instance and looks for an area for which the
received chunk was requested.
If a match is found, the new chunk is added to the area's chunk list and
`lsp_regenerate_schedule()` is called to regenerate the LSPs to
advertise the new SRv6 locator.
This commit extends the `isis_zebra_process_srv6_locator_chunk()`
function to automatically allocate an SRv6 End SID from the received
chunk and install it in the data plane.
The SRv6 End SID is the instantiation of a Prefix-SID (RFC 8986 section
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
In some cases, IS-IS may attempt to remove routes that have not been
installed before. We can prevent IS-IS from doing this by aborting
`isis_zebra_route_del_route` when the ISIS_ROUTE_FLAG_ZEBRA_SYNCED flag
is unset, meaning that the route is not installed in the kernel.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to allocate an SRv6 SID from an SRv6 locator chunk owned
by IS-IS. The chunk must be allocated by a previous call to
`isis_zebra_srv6_manager_get_locator_chunk()`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add the list of SRv6 SIDs allocated by the IS-IS instance to the per-area
SRv6 configuration. The list is area-specific. Each IS-IS area has its
own SRv6 SIDs list. The list is initialized when an IS-IS area is
created and freed when an IS-IS area is destroyed.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Define a new memtype `MTYPE_ISIS_SRV6_SID` used to allocate objects of
type `IS-IS SRv6 SID`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add SRv6 SID structure as a member of the SRv6 SID to specify the format
of a specific SID (i.e., block/node/function/argument length).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add `struct isis_srv6_sid_structure` data structure to represent an SRv6
SID structure (as defined in RFC 8986 section #3.1).
The struct has the following members:
* loc_block_len: locator block length
* loc_node_len: locator node length
* func_len: function length
* arg_len: argument length
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add `struct isis_srv6_sid` data structure to represent an SRv6 SID.
The struct has the following members:
* next: pointer to the next SID, used to build linked lists of SRv6 SIDs
* flags: SID flags
* behavior: the behavior bound to the SRv6 SID (as defined in RFC 8986)
* value: the SID value (i.e., an IPv6 address)
* locator: a backpointer to the parent locator from which the SID has
been allocated.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a CLI command to unset a previously configured SRv6 locator for a
specific IS-IS instance.
Example:
r1# configure
r1(config)# router isis FOO
r1(config-router)# segment-routing srv6
r1(config-router-srv6)# no locator loc1
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a northbound command to show information about the SRv6 locator
configured in IS-IS.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a northbound command to unset an SRv6 locator for a specific
IS-IS area. This is a wrapper around `isis_srv6_locator_unset()`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a northbound command to configure an SRv6 locator for a specific
IS-IS area.
After configuring a locator, `isis_zebra_srv6_manager_get_locator_chunk`
is called to ask zebra to allocate a chunk from the configured locator.
The allocated chunk will be owned by IS-IS. IS-IS can allocate SIDs from
its chunk.
Currently, we support only one locator per-area. Therefore, before
configuring a locator we unset the previously configured locator, if
there was any.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to unset the SRv6 locator for a specific IS-IS area.
This function calls `isis_zebra_srv6_manager_release_locator_chunk()` to
ask zebra to release the locator chunk owned by IS-IS and removes the
chunk from the area's chunks list.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a callback function `isis_zebra_process_srv6_locator_delete()` that
is called when an SRv6 locator is deleted in zebra.
When an existing SRv6 locator is deleted in zebra, zebra sends a
ZEBRA_SRV6_LOCATOR_DELETE notification to all daemons informing them of
the deleted locator.
In IS-IS, we register the new `isis_zebra_process_srv6_locator_delete()`
callback as the handler for ZEBRA_SRV6_LOCATOR_DELETE.
This callback iterates over all areas of the current IS-IS instance and
looks for an area for which the deleted locator was configured.
If a match is found, we remove
the locator's chunks from the area's chunks list and call
`lsp_regenerate_schedule` to remove the locator from the SRv6 Locator
TLV advertised in the LSPs and regenerate the LSPs.
If no match is found, we do nothing.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a callback function `isis_zebra_process_srv6_locator_add()` that is
called upon receiving an SRv6 locator from zebra.
When a new SRv6 locator is created in zebra, zebra sends a
ZEBRA_SRV6_LOCATOR_ADD notification to all daemons informing them of the
new locator.
In IS-IS, we register the new `isis_zebra_process_srv6_locator_add()`
callback as the handler for ZEBRA_SRV6_LOCATOR_ADD.
This callback iterates over all areas of the current IS-IS instance and
looks for an area for which the new locator was configured.
If a match is found, we call
`isis_zebra_srv6_manager_get_locator_chunk()` to ask zebra a chunk from
the locator.
If no match is found, we do nothing.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a callback function that is called upon receiving an SRv6 locator
chunk from zebra.
This function iterates over all areas of the current IS-IS instance and
looks for an area for which the received chunk was requested.
If a match is found, the new chunk is added to the area's chunk list and
`lsp_regenerate_schedule()` is called to regenerate the LSPs to
advertise the new SRv6 locator.
If no match is found, we free the allocated resources and do nothing.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to ask zebra to release a chunk from the SRv6 locator
specified as a parameter.
The chunk to be released must have been allocated by a previous call to
`isis_zebra_srv6_manager_get_locator_chunk()`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to ask zebra to allocate a chunk from the SRv6 locator
specified as a parameter.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a list of SRv6 locator chunks allocated to a specific IS-IS area.
The list is initialized when the IS-IS area is created and freed when
the IS-IS area is destroyed. Subsequent commits will introduce the
possibility to allocate and release locator chunks.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add the name of the SRv6 locator to use with IS-IS to the per-area SRv6
configuration. If an SRv6 locator is not configured for an IS-IS
instance, the locator name is an empty string. When an IS-IS instance is
configured to use an SRv6 locator, the locator name stores the name of
the selected locator.
Subsequent commits will add the possibility to set and unset an SRv6
locator for a specific IS-IS instance.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a CLI command to print SRv6 capabilities, algorithms and MSDs
supported by the IS-IS nodes.
Example:
r1# show isis segment-routing srv6 node
Area FOO:
IS-IS L1 SRv6-Nodes:
IS-IS L2 SRv6-Nodes:
System ID Algorithm SRH Max SL SRH Max End Pop SRH Max H.encaps SRH Max End D
-----------------------------------------------------------------------------------------
1111.1111.1111 SPF 16 0 1 2
2222.2222.2222 SPF 16 0 1 2
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add Node MSD Sub-TLV containing the SRv6 MSDs to the Router Capabilities
TLV in the LSPs generated with the `lsp_build()` function.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Update the `isis_router_cap_tlv_size` function to take into account the
SRv6 Capabilities Sub-TLV and SRv6-related MSDs when calculating the
size needed to pack the Router Capabilities TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The Router Capabilities TLV unpack function already unpacks the Node MSD
Sub-TLV.
This commit extends Router Capabilities TLV unpack function to extract
SRv6 MSDs from the Node MSD Sub-TLV (RFC 9352 section #4).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend Router Capabilities TLV pack function to pack Node MSD Sub-TLV
with the infomation relevant for SRv6 (RFC 9352 section #4).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add support for SRv6 Node MSDs as per RFC 9352 section #4.
There are four types of SRv6 MSDs:
* Maximum Segments Left MSD Type
* Maximum End Pop MSD Type
* Maximum H.Encaps MSD Type
* Maximum End D MSD Type
These SRv6 Node MSDs are advertised in the Node MSD Sub-TLV, a Sub-TLV
of the Router Capabilities TLV.
This commit adds `struct isis_srv6_msd` data structure, which represents
the SRv6 MSDs advertised in the Node Sub-TLV.
This commit also adds the `struct isis_srv6_msd` to
`struct isis_router_cap`, a data structure representing the Router
Capabilities TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
This reverts commit 72eae2c3cb.
`frr_each_const(X, ...)` is not needed since it is the same as
`frr_each(X_const, ...)`.
The fact that it wasn't properly set up for clang-format, and that then
work-arounded with "clang-format off" is all the more reason to not do
this.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
Add SRv6 Capabilities Sub-TLV to the Router Capabilities TLV in the LSPs
generated with the `lsp_build()` function.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add Codepoints for SRv6 Capabilities Sub-TLV, SRH Max SL MSD,
SRH Max End Pop MSD, SRH Max H.encaps MSD, SRH Max End D MSD
as per RFC 9352.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add Maximum SRv6 SID Depths (MSDs) parameters as per RFC 9352 section #4
to the per-area IS-IS SRv6 Data Base. Currently the MSD values are
hardcoded.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
`isis_srv6_area_term()` cleans up SRv6 information for a specific
IS-IS area. This commit adds a new function `isis_srv6_term()` that will
be used to perform global SRv6 cleanup.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
`isis_srv6_area_init()` initializes SRv6 information for a specific
IS-IS area. This commit adds a new function `isis_srv6_init()` that will
be used to perform global SRv6 initialization.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
When SRv6 is initialized on a given IS-IS area, set the administrative
enabled status to the default value defined by the YANG model.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a boolean flag to indicate whether SRv6 is administratively enabled
on a given IS-IS area or not.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Call `isis_srv6_area_term()` to cleanup the per-area SRv6 information
when an IS-IS area is terminated.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Call `isis_srv6_area_init()` to initialize the per-area SRv6 DB when an
IS-IS area is created.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add `isis_srv6.c` and `isis_srv6.h` files needed to support SRv6 in IS-IS
(as per RFC 9352).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Node-SIDs refer to Prefix-SIDs associated with host prefixes of
loopback addresses. As such, whenever an interface address is added
or deleted, all configured Prefix-SIDs must be reevaluated to check
if the N-flag needs to be set or unset.
This change fixes some race conditions in the TI-LFA topotest where
specific sequence of events could cause Prefix-SIDs to not have the
N-flag set when they should, resulting in various failures.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The 'redistribute table' command does not create the internal
contexts with the appropriate table identifier.
Redistributed prefixes in IS-IS do not care about the
table identifier. Add a linked list of redistribution
contexts, and map the nb configuration to the linked list.
- A new 'table' attribute is added in the 'struct
isis_redist' context.
- The 'isis_redist_update_zebra_subscriptions()' function
is removed and is replaced by direct call to zebra API
for turning on/off redirection.
- The redistributed routes coming from zebra import the
'tableid' information.
- The fabricd redistribute running-config is reworked,
and the 'get_redist_settings()' function is removed.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
The yang model does not handle the table identifier in IS-IS.
For each redistributed each address family, a new list of
table elements is added to store the table identifier to
redistribute, and also the optional metric and route-map values
for each table identifier.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
When running all daemons with config for most of them, FRR has
sharpd@janelle:~/frr$ vtysh -c "show debug hashtable" | grep "VRF BIT HASH" | wc -l
3570
3570 hashes for bitmaps associated with the vrf. This is a very
large number of hashes. Let's do two things:
a) Reduce the created size of the actually created hashes to 2
instead of 32.
b) Delay generation of the hash *until* a set operation happens.
As that no hash directly implies a unset value if/when checked.
This reduces the number of hashes to 61 in my setup for normal
operation.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Fixes a crash associated with attempting to read beyond the end of the
stream when parsing ASLA Sub-TLV.
```
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
subtlv_len=13 '\r') at isisd/isis_tlvs.c:1473
at isisd/isis_tlvs.c:3264
context=<optimized out>, mtid=<optimized out>) at isisd/isis_tlvs.c:6078
indent=4) at isisd/isis_tlvs.c:6142
avail_len=<optimized out>, context=<optimized out>) at isisd/isis_tlvs.c:7032
at isisd/isis_tlvs.c:7054
(gdb)
```
Caught by fuzzer.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
A configured flex-algo algorithm may remain in disabled state after its
definition is advertised on the area.
It happens sometimes that, in isis_sr_flex_algo_topo1 topotest step 4 or
8, flex-algo 203 is disabled. It depends on the following sequence:
1. Flex-algo 203 is configured on a remote router to be re-advertised.
2. A LSP is received on the local router and contains the algo 203
definition.
3. The local router re-builds its own LSP with lsp_build().
4. local router isis_run_spf() recomputes the algo 203 SPF tree.
A 1. 2. 3. 4. sequence results in a working test. The reception of the
remote LSP (2.) does not trigger the built of the local LSP. If for
some reasons, the sequence is 1. 3. 4. 2. 4., isis_run_spf() will not
knows that flex-algo 203 has been re-enabled because
flex_algo_get_state() only returns the state from the local LSP.
Compare in sequence step 4. the flex-algo state from the local LSP with
the actual state. If the state is not the same, request a new local LSP
generation and quits the re-computation of algo SPF tree. The SPF tree
will be recomputed just after the built of the local LSP.
Fixes: 3f55b8c621 ("isisd: fix disabled flex-algo on race condition")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
A particular flex-algo algorithm may remain in disabled state after
configuring it if its flex-algo definition is being spread in the area.
It happens sometimes that, in isis_sr_flex_algo_topo1 topotest, r3
flex-algo 203 is disabled on test8. It depends on the following
sequence on r3:
1. a LSP containing the flex-algo 203 definition is received from
either r1 or r2 (or both).
2. the local LSP is rebuilt by lsp_build() because of the flex-algo 203
configuration
3. isis_run_spf() recomputes the algo 203 SPF tree
A 1. 2. 3. sequence results in a working test whereas 2. 1. 3. is not
working. The second case issue is because of an inconsistent flex-algo
definition state between the following:
- in lsp_build(), isis_flex_algo_elected_supported_local_fad() returns
false because no flex-algo definition is known.
- in isis_run_spf(), isis_flex_algo_elected_supported() returns true
because a flex-algo definition is found.
Set a flex-algo state lsp_build() depending on flex-algo definition
existence that is used later in isis_run_spf().
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
isis_spftree_clear() calls:
- _isis_spftree_del() to partially delete a spftree instance
without freeing spftree->route_table and
spftree->route_table_backup.
- then _isis_spftree_init() that allocates new spftree->route_table
and spftree->route_table_backup.
As a consequence, the previous table instances are not referenced and
not freed.
Free the route tables before allocating new ones.
Fixes: 860b75b40e ("isisd: calculate flex-algo constraint spf")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Fix a flex-algo data memory leak when a specific algorithm is removed.
Fixes: 7f198e063c ("isisd: add isis flex-algo base interface")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Free flex-algorithm database memory when an IS-IS area is destroyed.
Fixes: 735fb37db1 ("lib: add library for igp flexible-algorithm")
Fixes: 7f198e063c ("isisd: add isis flex-algo base interface")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
"show isis route algorithm ALGO json" display some text output before
printing the JSON one.
Do not print the text output in JSON mode.
Fixes: 0833c25180 ("isisd: add an algorithm argument to show isis route")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Reported by coverity scanner #1560315
Do not attempt to update the affinity map if the main isis struct is not
yet created.
Fixes: 9a65cf35da ("isisd: add affinity-map configuration hooks")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Reported by coverity scanner #1560313
Do not consider the affinity map is in use if the main isis struct is
not yet created.
Fixes: 9a65cf35da ("isisd: add affinity-map configuration hooks")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Coverity scanner reported the overrun issue #1560312 because
reach->id length is 7 bytes and we are trying to copy 8 bytes
(ie. ISIS_SYS_ID_LEN + 2).
Fix the issue by using the %pPN to display directly the 7 bytes
system-id.
Fixes: 860b75b40e ("isisd: calculate flex-algo constraint spf")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add the show isis flex-algo command to display the elected Flex-Algo
definitions and states (enabled/disabled).
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add an optional algorithm argument to "show isis route" command.
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add an optional algorithm argument to "show isis topology" command.
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add flex-algo information ID to the SPF extreme debug mode.
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Append an optional parameter to "show isis route [prefix-sid]" that
formats the output as a JSON array.
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Show Prefix-SIDs and labels for all available Flex-Algos.
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
fix typo in indef fabricd comment
Fixes: 20bd27e2aa ("isisd, yang: add configuration model and callback stubs")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
