The SRv6 Locator TLV (RFC 9352 section #7.1) starts with the MTID field.
Let's expect the MTID as the first field when we are unpacking an SRv6
Locator TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The SRv6 Locator TLV (RFC 9352 section #7.1) starts with the MTID field.
Let's put the MTID as the first field when we are packing an SRv6
Locator TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
General TLV processing functions (i.e., copy, format, free, pack, and
unpack) perform a lookup of the specific handler for a TLV in the
`tlv_table`, and then call the specific handler to process the TLV.
This commit adds the handlers for the SRv6 Locator TLV (stored in
`tlv_srv6_locator_ops`) to the `tlv_table`.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Use the ITEM_TLV_OPS macro to define the TLV operations for the SRv6
Locator TLV (RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to unpack an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to pack an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Add a function to free an SRv6 Locator TLV and all its Sub-TLVs
(RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend generic TLVs format function to return information about SRv6
Locator TLVs (RFC 9352 section #7.1).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend Router Capabilities TLV format function to return information
about SRv6 Capabilities Sub-TLVs (RFC 9352 section #2).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Update the `isis_router_cap_tlv_size` function to take into account the
SRv6 Capabilities Sub-TLV and SRv6-related MSDs when calculating the
size needed to pack the Router Capabilities TLV.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
The Router Capabilities TLV unpack function already unpacks the Node MSD
Sub-TLV.
This commit extends Router Capabilities TLV unpack function to extract
SRv6 MSDs from the Node MSD Sub-TLV (RFC 9352 section #4).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Extend Router Capabilities TLV pack function to pack Node MSD Sub-TLV
with the infomation relevant for SRv6 (RFC 9352 section #4).
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Fixes a crash associated with attempting to read beyond the end of the
stream when parsing ASLA Sub-TLV.
```
Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
subtlv_len=13 '\r') at isisd/isis_tlvs.c:1473
at isisd/isis_tlvs.c:3264
context=<optimized out>, mtid=<optimized out>) at isisd/isis_tlvs.c:6078
indent=4) at isisd/isis_tlvs.c:6142
avail_len=<optimized out>, context=<optimized out>) at isisd/isis_tlvs.c:7032
at isisd/isis_tlvs.c:7054
(gdb)
```
Caught by fuzzer.
Signed-off-by: Carmine Scarpitta <carmine.scarpitta@uniroma2.it>
Deal with the packing and unpacking of following Flex-Algo
Sub-Sub-TLVs:
- Router Capability (already defined TLV 242)
- List of the Flex-Algo Definitions (Sub-TLV 26)
- Exclude admin group (Sub-Sub-TLV 1)
- Include-any admin group (Sub-Sub-TLV 2)
- Include-all admin group (Sub-Sub-TLV 3)
- Flags (for prefix-metric) (Sub-Sub-TLV 4)
This commit splits data into multiple router capability TLVs if needed
because a TLV cannot contains more than 255 bytes.
Note that the list of SR Algorithm (Sub-TLV 19) within Router Capability
(TLV 242) is already set in a previous commit.
Signed-off-by: Hiroki Shirokura <hiroki.shirokura@linecorp.com>
Signed-off-by: Eric Kinzie <ekinzie@labn.net>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Add the support of ASLA with the following TLV:
- Extended IS Reachability (already defined TLV 22)
- Application-Specific Link Attributes (Sub-TLV 16)
(to enable the Flex-Algo flag on a link)
- Admin-group (Sub-Sub-TLV 3)
- Extended Admin-group (Sub-Sub-TLV 14)
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Basically in frrouting source code principle,
the log string should not be a complicated abstraction
or streamlined for grep.
But for log format for the "TLV size does not match ..."
can be unified, which makes development easier.
> $ grep "TLV size does not match expected size for" isisd/isis_tlvs.c
> "TLV size does not match expected size for Administrative Group!\n");
> "TLV size does not match expected size for Local IPv6 address!\n");
> ...(snip)...
> "TLV size does not match expected size for Adjacency SID!\n");
> "TLV size does not match expected size for Adjacency SID!\n");
> "TLV size does not match expected size for Adjacency SID!\n");
> "TLV size does not match expected size for LAN-Adjacency SID!\n");
> "TLV size does not match expected size for LAN-Adjacency SID!\n");
> "TLV size does not match expected size for LAN-Adjacency SID!\n");
>
> $ grep "TLV size does not match expected size for" isisd/isis_tlvs.c | wc -l
> 25
Signed-off-by: Hiroki Shirokura <hiroki.shirokura@linecorp.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
isis_tlvs_add_extended_ip_reach adds IS-IS Extended
IP reachability to the LSP. In this case, if the
pcfg argument is not NULL, you can add IGP
Prefix-SID as its sub tlv.
Before this commit, only one Prefix-SID can be added.
After this commit, the argument is not a single
pointer but an array of pointers, and multiple
Prefix-SIDs can be added.
This feature is necessary because Flex-Algo
requires multiple Prefix-SIDs for each Algorithm.
Signed-off-by: Hiroki Shirokura <hiroki.shirokura@linecorp.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Before this commit, SR_ALGORITHM_COUNT was set to 2,
and each was hardcoded with router capability tlv.
When Flex-Algo is supported, SR-Algorithm may be
variably supported up to 256.
Signed-off-by: Hiroki Shirokura <hiroki.shirokura@linecorp.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
SR Algorithms are independent of specific IGPs
such as IS-IS. This commit adds lib/sr to
aggregate IGP agnostic functions and constants.
Signed-off-by: Hiroki Shirokura <hiroki.shirokura@linecorp.com>
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
This path replaces isisd_format_id, sysid_print, snpa_print, rawlspid_print and
isonet_print functions by the new printfrr ISO System ID & Network Address
format facilities. It also updates the isisd code to the new iso_address
structure defined in lib/iso.h
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Add to the Extended IS Reachability TLV the support of Extended
Administrative-Groups (RFC7308)
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Apply the TE_EXT_MASK mask to display a 24 bits instead of a wrong 32
bits value that includes unrelated bits.
Fixes: 1b3f47d04c ("isisd: Update TLVs processing for TE, RI & SR")
Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
Runing most of isisd tests with --valgrind-memleaks give many memory errors.
This is due to the way isisd is stopped: performing a "no router isis XXX"
through CLI solves most of them. Indeed, isis_finish() doesn't call
isis_area_destroy() leaving many allocated memory unfreed.
This patch adds call to appropriate delete function or XFREE() when necessary to
properly free all alocated memory before terminating isisd.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Only the multi-topology command can use 'ipv4-unicast' keyword to
configure standard topology.
The remaining code: dump from show commands, and yang definition,
uses 'standard' keyword instead.
The test have not been modified. The change would consists in
modifying test_fuzz_isis_tlv_tests.h.gz:
- replacing ipv4-unicast occurences with standard
\x69\x70\x76\x34\x2d\x75\x6e\x69\x63\x61\x73\x74
with
\x73\x74\x61\x6e\x64\x61\x72\x64
- align the buffer length by removing 4 bytes per occurence
Instead, a specific isis_mtid2str_fake() routing has been
put in place in isis_tlvs.c file.
Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
This has already been a requirement for Solaris, it is still a
requirement for some of the autoconf feature checks to work correctly,
and it will be a requirement for `-fms-extensions`.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
isis_tlvs.c would fail at multiple places if incorrect TLVs were
received causing stream assertion violations.
This patch fixes the issues by adding missing length checks, missing
consumed length updates and handling malformed Segment Routing subTLVs.
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
Small adjustments by Igor Ryzhov:
- fix incorrect replacement of srgb by srlb on lines 3052 and 3054
- add length check for ISIS_SUBTLV_ALGORITHM
- fix conflict in fuzzing data during rebase
Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
- Add advertisement of Global IPv6 address in IIH pdu
- Add new CLI to set IPv6 Router ID
- Add advertisement of IPv6 Router ID
- Correctly advertise IPv6 local and neighbor addresses in Extended IS and MT
Reachability TLVs
- Correct output of Neighbor IPv6 address in 'show isis database detail'
- Manage IPv6 addresses advertisement and corresponiding Adjacency SID when
IS-IS is not using Multi-Topology by introducing a new ISIS_MT_DISABLE
value for mtid (== 4096 i.e. first reserved flag set to 1)
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
isis_tlvs.c would fail at multiple places if incorrect
TLVs were received in unpack_item_ext_subtlvs(),
causing stream assertion violations.
Signed-off-by: Juraj Vijtiuk <juraj.vijtiuk@sartura.hr>
When you set the isis mtu to 200, isis ends up in a infinite loop
trying to fragment the tlv's.
Specifically ( for me ) the extended reachability function
for packing pack_item_extended_reach requires 11 + ISIS_SUBTLV_MAX_SIZE
room in the packet. Which is 180 bytes. At this point we have
174 bytes that we can write into a packet.
I created this by modifying the isis-topo1 topology to all
the isis routers to have a lsp-mtu of 200 and immediately
saw the crash.
Effectively the pack_items_ function had no detection for
when a part of the next bit it was writing into the stream
could not even fit and it would go into an infinite loop
allocating ~800 bytes at a time. This would cause the
router to run out of memory very very fast and the OOM
detector would kill the process.
Modify the code to notice that we have insufficient space to
even write any data into the stream.
I suspect that pack_item_extended_reach could also be optimized
to figure out exactly how much space is needed. But I also
think we need this protection in the function if this ever
happens again.
I also do not understand the use case of saying the min mtu is
200.
Fixes: #8289
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Convert most DEFINE_MTYPE into the _STATIC variant, and move the
remaining non-static ones to appropriate places.
Signed-off-by: David Lamparter <equinox@diac24.net>
Back when I put this together in 2015, ISO C11 was still reasonably new
and we couldn't require it just yet. Without ISO C11, there is no
"good" way (only bad hacks) to require a semicolon after a macro that
ends with a function definition. And if you added one anyway, you'd get
"spurious semicolon" warnings on some compilers...
With C11, `_Static_assert()` at the end of a macro will make it so that
the semicolon is properly required, consumed, and not warned about.
Consistently requiring semicolons after "file-level" macros matches
Linux kernel coding style and helps some editors against mis-syntax'ing
these macros.
Signed-off-by: David Lamparter <equinox@diac24.net>
In some extraordinary circumstances an LSP might not have any
TLV. Add a null check to prevent a crash when that happens.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
There exists a code path where we would allocate memory
then test a variable and then immediately return NULL.
Prevent memory from leaking in this situation.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
valgrind is showing a usage of uninited memory:
==935465== Conditional jump or move depends on uninitialised value(s)
==935465== at 0x159E17: tlvs_area_addresses_to_adj (isis_tlvs.c:4430)
==935465== by 0x15A4BD: isis_tlvs_to_adj (isis_tlvs.c:4568)
==935465== by 0x1377F0: process_p2p_hello (isis_pdu.c:203)
==935465== by 0x1391FD: process_hello (isis_pdu.c:781)
==935465== by 0x13BDBE: isis_handle_pdu (isis_pdu.c:1700)
==935465== by 0x13BECD: isis_receive (isis_pdu.c:1744)
==935465== by 0x49210FF: thread_call (thread.c:1585)
==935465== by 0x48CFACB: frr_run (libfrr.c:1099)
==935465== by 0x1218C9: main (isis_main.c:272)
==935465==
==935465== Conditional jump or move depends on uninitialised value(s)
==935465== at 0x483EEC5: bcmp (vg_replace_strmem.c:1111)
==935465== by 0x15A290: tlvs_ipv4_addresses_to_adj (isis_tlvs.c:4512)
==935465== by 0x15A4EB: isis_tlvs_to_adj (isis_tlvs.c:4570)
==935465== by 0x1377F0: process_p2p_hello (isis_pdu.c:203)
==935465== by 0x1391FD: process_hello (isis_pdu.c:781)
==935465== by 0x13BDBE: isis_handle_pdu (isis_pdu.c:1700)
==935465== by 0x13BECD: isis_receive (isis_pdu.c:1744)
==935465== by 0x49210FF: thread_call (thread.c:1585)
==935465== by 0x48CFACB: frr_run (libfrr.c:1099)
==935465== by 0x1218C9: main (isis_main.c:272)
Effectively we are reallocing memory to hold data. realloc does not
set the new memory to anything. So whatever happens to be in the memory
is what is there. after the realloc happens we are iterating over the
memory just realloced and doing memcmp's to values in it causing these
use of uninitialized memory.
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
Embed Prefix-SID information inside SPF data structures so that
Prefix-SIDs can be installed together with their associated routes
at the end of the SPF algorithm. This is different from the current
implementation where Prefix-SIDs are parsed and processed separately,
which is vastly suboptimal.
Advantages of the new code:
* No need to parse the LSPDB an additional time to detect and process
SR-related changes;
* Routes are installed with their Prefix-SID labels in the same ZAPI
message. This can prevent packet dropping for a few milliseconds
after each SPF run if there are BGP-labeled routes (e.g. L3VPN) that
recurse on IGP labeled routes;
* Much easier to support Anycast-SIDs, as the SPF code will naturally
figure out the best nexthops and use only them (that can't be done
in any reasonable way if the Prefix-SID Sub-TVLs are processed
separately);
* Less code to maintain and reduced memory footprint;
The "show isis segment-routing prefix-sids" command was removed as
it doesn't make sense anymore now that "show isis route" exists.
Prefix-SIDs are a property of routes, so what was done was to extend
the "show isis route" command with a new "prefix-sid" option that
changes the output table to show the Prefix-SID information associated
to each route.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
constants are int-typed, so adding something to an uint8_t yields an
int. Nevermind the fact that varargs calling conventions require
upcasting everything smaller than an int to an int anyways...
Signed-off-by: David Lamparter <equinox@diac24.net>
Remove mid-string line breaks, cf. workflow doc:
.. [#tool_style_conflicts] For example, lines over 80 characters are allowed
for text strings to make it possible to search the code for them: please
see `Linux kernel style (breaking long lines and strings)
<https://www.kernel.org/doc/html/v4.10/process/coding-style.html#breaking-long-lines-and-strings>`_
and `Issue #1794 <https://github.com/FRRouting/frr/issues/1794>`_.
Scripted commit, idempotent to running:
```
python3 tools/stringmangle.py --unwrap `git ls-files | egrep '\.[ch]$'`
```
Signed-off-by: David Lamparter <equinox@diac24.net>
For Segment Routing, isis_tlvs.c may failed if incorrect or maformed TLVs
are sent to the FRR router. This patch improve detection of such subTLVs error
and skip them, in particular for SRGB, SRLB and MSD subTLVs.
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Segment Routing Local Block (SRLB) is part of RFC8667. This change introduces
the possibility for isisd to advertize SRLB in LSP. Base and Range of SRLB
could be configured through CLI or Yang.
Adjacency-SID are now using this SRLB for label allocation. SRLB could also
be used for SID-Binding (e.g. LDP to SR).
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
This is an implementation of the IS-IS SR draft [1] for FRR.
The following features are supported:
* IPv4 and IPv6 Prefix-SIDs;
* IPv4 and IPv6 Adj-SIDs and LAN-Adj-SIDs;
* Index and absolute labels;
* The no-php and explicit-null Prefix-SID flags;
* Full integration with the Label Manager.
Known limitations:
* No support for Anycast-SIDs;
* No support for the SID/Label Binding TLV (required for LDP interop).
* No support for persistent Adj-SIDs;
* No support for multiple SRGBs.
[1] draft-ietf-isis-segment-routing-extensions-25
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The 'isis_adj_ip_enabled_hook' hook will be called whenever
an adjacency goes from zero to one or more IPv4 or IPv6
addresses. Conversely, the 'isis_adj_ip_disabled_hook' hook will
be called whenever an adjacency goes from one or more IPv4/IPv6
addresses to no addresses at all.
These hooks will be used by the upcoming SR code to add/delete
Adj-SIDs depending on the IP addresses present in the remote
adjacencies.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
In preparation to Segment Routing:
- Update the management of Traffic Engineering subTLVs to the new tlvs parser
- Add Router Capability TLV 242 as per RFC 4971 & 7981
- Add Segment Routing subTLVs as per draft-isis-segment-routing-extension-25
Modified files:
- isis_tlvs.h: add new structure to manage TE subTLVs, TLV 242 & SR subTLVs
- isis_tlvs.c: add new functions (pack, copy, free, unpack & print) to process
TE subTLVs, Router Capability TLV and SR subTLVs
- isis_circuit.[c,h] & isis_lsp.[c,h]: update to new subTLVs & TLV processing
- isis_te.[c,h]: remove all old TE structures and managment functions,
and add hook call to set local and remote IP addresses as wellas update TE
parameters
- isis_zebra.[c,h]: add hook call when new interface is up
- isis_mt.[c,h], isis_pdu.c & isis_northbound.c: adjust to new TE subTLVs
- tests/isisd/test_fuzz_isis_tlv_tests.h.gz: adapte fuuz tests to new parser
Signed-off-by: Olivier Dugeon <olivier.dugeon@orange.com>
The original check would always evaluate to false since
ISIS_PREFIX_SID_VALUE and ISIS_PREFIX_SID_LOCAL have different
values. Use !! to normalize the return value of the individual
checks to either 0 or 1, making the code do what was intended
(ensure the V/L flags are both 0 or 1).
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The correct cast for these is (unsigned char), because "char" could be
signed and thus have some negative value. isalpha & co. expect an int
arg that is positive, i.e. 0-255. So we need to cast to (unsigned char)
when calling any of these.
Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
The RFC states we can send only up to 16 v6 addresses in a hello packet
and cannot send sub tlv's of that type.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This is necessary to avoid a name collision with std::for_each
from C++.
Fixes the compilation of the gRPC northbound module.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
The Sub-TLVs of the Extended IPv4 reachability TLV were not being
displayed as expected. Fix this.
Suggested-by: Christian Franke chris@opensourcerouting.org
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
Historically, isisd has been carrying around its own red-black tree to
manage its LSP DB in. This replaces that with the newly-added
DECLARE_RBTREE_*. This allows completely removing the dict_* code.
Signed-off-by: David Lamparter <equinox@diac24.net>
the original isisd code did not distinguish between
authentication_failure and authentication_type_failure, so
additional code had to be added to differentiate between the two
and to return the raw_pdu as requested by the IETF YANG model.
Signed-off-by: Emanuele Di Pascale <emanuele@voltanet.io>
This reverts commit 48944eb65e.
We're using GNU C, not ISO C - and this commit triggers new (real)
warnings about {0} instead of bogus ones about {}.
Signed-off-by: David Lamparter <equinox@diac24.net>
Implement RFC 6232, optionally allowing to flood isisd's NET and
hostname in purges it originates.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
Extend isisd's TLV parser to support the Prefix-SID subtlv as per
draft-ietf-isis-segment-routing-extensions-19
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
To flood the tier calculated by the fabric locality detection,
OpenFabric makes use of TLV 150, defined in
draft-shen-isis-spine-leaf-ext-06, so add support for that TLV.
Signed-off-by: Christian Franke <chris@opensourcerouting.org>
The following types are nonstandard:
- u_char
- u_short
- u_int
- u_long
- u_int8_t
- u_int16_t
- u_int32_t
Replace them with the C99 standard types:
- uint8_t
- unsigned short
- unsigned int
- unsigned long
- uint8_t
- uint16_t
- uint32_t
Signed-off-by: Quentin Young <qlyoung@cumulusnetworks.com>
Convert the list_delete(struct list *) function to use
struct list **. This is to allow the list pointer to be nulled.
I keep running into uses of this list_delete function where we
forget to set the returned pointer to NULL and attempt to use
it and then experience a crash, usually after the developer
has long since left the building.
Let's make the api explicit in it setting the list pointer
to null.
Cynical Prediction: This code will expose a attempt
to use the NULL'ed list pointer in some obscure bit
of code.
Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
This fixes the broken indentation of several foreach loops throughout
the code.
From clang's documentation[1]:
ForEachMacros: A vector of macros that should be interpreted as foreach
loops instead of as function calls.
[1] http://clang.llvm.org/docs/ClangFormatStyleOptions.html
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
