Commit Graph

27069 Commits

Author SHA1 Message Date
qingkaishi
c3793352a8 babeld: fix #10502 #10503 by repairing the checks on length
This patch repairs the checking conditions on length in four functions:
babel_packet_examin, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv

Signed-off-by: qingkaishi <qingkaishi@gmail.com>
2022-02-04 16:58:56 -05:00
Jafar Al-Gharaibeh
2da1428ab2
Merge pull request #10501 from donaldsharp/more_zebra_show
More zebra show
2022-02-04 15:13:45 -06:00
Jafar Al-Gharaibeh
e743c1b8e7
Merge pull request #10470 from ton31337/fix/advance_packaging_version_for_development
debian, redhat: updating changelog for new release
2022-02-04 14:38:12 -06:00
Jafar Al-Gharaibeh
40ec6ef9e0
Merge pull request #10161 from donaldsharp/hash_crash
zebra: Fix improper usage of hash_iterate that caused crashes
2022-02-04 14:18:03 -06:00
Donald Sharp
341743ac5b lib: Update hash.h documentation to warn of a possible crash
Multiple deletions from the hash_walk or hash_iteration calls
during a single invocation of the passed in function can and
will cause the program to crash.  Warn against doing such a
thing.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 12:15:27 -05:00
Donald Sharp
07b9ebca65 zebra: Ensure zebra_nhg_sweep_table accounts for double deletes
I'm seeing this crash in various forms:
Program terminated with signal SIGSEGV, Segmentation fault.
50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
[Current thread is 1 (Thread 0x7f418efbc7c0 (LWP 3580253))]
(gdb) bt
(gdb) f 4
267 (*func)(hb, arg);
(gdb) p hb
$1 = (struct hash_bucket *) 0x558cdaafb250
(gdb) p *hb
$2 = {len = 0, next = 0x0, key = 0, data = 0x0}
(gdb)

I've also seen a crash where data is 0x03.

My suspicion is that hash_iterate is calling zebra_nhg_sweep_entry which
does delete the particular entry we are looking at as well as possibly other
entries when the ref count for those entries gets set to 0 as well.

Then we have this loop in hash_iterate.c:

   for (i = 0; i < hash->size; i++)
            for (hb = hash->index[i]; hb; hb = hbnext) {
                    /* get pointer to next hash bucket here, in case (*func)
                     * decides to delete hb by calling hash_release
                     */
                    hbnext = hb->next;
                    (*func)(hb, arg);
            }
Suppose in the previous loop hbnext is set to hb->next and we call
zebra_nhg_sweep_entry. This deletes the previous entry and also
happens to cause the hbnext entry to be deleted as well, because of nhg
refcounts. At this point in time the memory pointed to by hbnext is
not owned by the pthread anymore and we can end up on a state where
it's overwritten by another pthread in zebra with data for other incoming events.

What to do?  Let's change the sweep function to a hash_walk and have
it stop iterating and to start over if there is a possible double
delete operation.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 12:05:38 -05:00
Russ White
ab68283cee
Merge pull request #10401 from donaldsharp/donot_agree
zebra: Make Router Advertisement warnings show up once every 6 hours
2022-02-04 10:55:00 -05:00
Donatas Abraitis
66a59f8743
Merge pull request #10469 from mjstapp/fix_dplane_netlink_groups
zebra: reduce incoming netlink messages for dplane thread
2022-02-04 17:51:31 +02:00
Donald Sharp
446f6ec5ed doc: Update show zebra command
Update the `show zebra` command documentation to
show what it is doing now.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
530c9fc4f5 zebra: Convert some show zebra output to a table
Make the output a bit easier to interpret and use by
converting to usage of a table.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
954e1a2bc9 zebra: Add knowledge about RA and RFC 5549 to show zebra
Add to `show zebra` whether or not RA is compiled into FRR
and whether or not BGP is using RFC 5549 at the moment.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
281686819d zebra: Add evpn status to show zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
1777ba2ac4 zebra: Add os and version to show zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
090ee85656 zebra: Add kernel nexthop group support to show zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
1a97e35eb8 zebra: Add MPLS status to show zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
9783de6faf zebra: Add if v4/v6 forwarding is turned on/off to show zebra
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
dd42779ff9 zebra: Add to show zebra the type of vrf devices being used
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
88fd4cb8ca zebra: Add ability to know when FRR is not asic offloaded
Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
46b48b3302 lib: Add more information to show version
Add to lib/command.c the ability to remember the
release/version/system information and to allow
`show version` to dump some of it.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Donald Sharp
cd44428d62 bgpd: Prevent use after variable goes out of scope
`struct prefix p` was declared inside an if statement
where we assign the address of to a pointer that is
then passed to a sub function.  This will eventually
leave us in a bad state.

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2022-02-04 10:29:38 -05:00
Igor Ryzhov
d058d106f0
Merge pull request #10495 from anlancs/doc-ospf-range
doc: complete area id for ospf's "range" command
2022-02-04 15:28:38 +03:00
Igor Ryzhov
2d8f6f91df
Merge pull request #10473 from tlsalmin/master
ospfd: Core in ospf_if_down during shutdown.
2022-02-04 15:23:20 +03:00
Tomi Salminen
d4e66f1485 ospfd: Core in ospf_if_down during shutdown.
Skip marking routes as changed in ospf_if_down if there's now
new_table present, which might be the case when the instance is
being finished

The backtrace for the core was:

  raise (sig=sig@entry=11) at ../sysdeps/unix/sysv/linux/raise.c:50
  core_handler (signo=11, siginfo=0x7fffffffe170, context=<optimized out>) at lib/sigevent.c:262
  <signal handler called>
  route_top (table=0x0) at lib/table.c:401
  ospf_if_down (oi=oi@entry=0x555555999090) at ospfd/ospf_interface.c:849
  ospf_if_free (oi=0x555555999090) at ospfd/ospf_interface.c:339
  ospf_finish_final (ospf=0x55555599c830) at ospfd/ospfd.c:749
  ospf_deferred_shutdown_finish (ospf=0x55555599c830) at ospfd/ospfd.c:578
  ospf_deferred_shutdown_check (ospf=<optimized out>) at ospfd/ospfd.c:627
  ospf_finish (ospf=<optimized out>) at ospfd/ospfd.c:683
  ospf_terminate () at ospfd/ospfd.c:653
  sigint () at ospfd/ospf_main.c:109
  quagga_sigevent_process () at lib/sigevent.c:130
  thread_fetch (m=m@entry=0x5555556e45e0, fetch=fetch@entry=0x7fffffffe9b0) at lib/thread.c:1709
  frr_run (master=0x5555556e45e0) at lib/libfrr.c:1174
  main (argc=9, argv=0x7fffffffecb8) at ospfd/ospf_main.c:254

Signed-off-by: Tomi Salminen <tsalminen@forcepoint.com>
2022-02-04 10:26:54 +02:00
anlan_cs
8bb8273f61 doc: complete area id for ospf's "range" command
Like other commands, just complete area id.
Additonally replace `IPV4_PREFIX` with generic `A.B.C.D/M`.

Signed-off-by: anlan_cs <vic.lan@pica8.com>
2022-02-04 10:21:27 +08:00
Donatas Abraitis
a89a78236c
Merge pull request #10481 from mobash-rasool/pim-doc
doc: Correcting the documentation for pimd
2022-02-03 08:47:45 +02:00
Donatas Abraitis
22358595ec
Merge pull request #10485 from qlyoung/strnccncncncncmppp
bgpd: strncmp -> strcmp in community hash foo
2022-02-03 08:01:56 +02:00
Quentin Young
c975f1a5e4 bgpd: strncmp -> strcmp in community hash foo
buffers are null terminated

Signed-off-by: Quentin Young <qlyoung@nvidia.com>
2022-02-02 16:34:03 -05:00
Donatas Abraitis
c2177771d5 debian, redhat: updating changelog for new release
Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2022-02-02 21:49:42 +02:00
Mobashshera Rasool
4d0ead82fd doc: Correcting the documentation for pimd
While going through the doc, found some commands are missing in the doc.
Also correcting few mistakes.

Signed-off-by: Mobashshera Rasool <mrasool@vmware.com>
2022-02-02 11:18:11 -08:00
Mark Stapp
3d1ff4bfdb
Merge pull request #10409 from idryzhov/zebra-mq-clean-crash
zebra: fix cleanup of meta queues on vrf disable
2022-02-02 08:35:00 -05:00
Igor Ryzhov
249932f969
Merge pull request #10388 from anlancs/bfd-fsm-passive
bfdd: fix broken FSM in passive mode
2022-02-02 13:06:11 +03:00
anlan_cs
fd2109e575 bfdd: fix broken FSM in passive mode
Problem:
One is with active mode, the other is with passive mode. Sometimes
the one with active mode is in `Down` stauts, but the other one
with passive mode is unluckily stuck in `Init` status:
It doesn't answer its peer with any packets, even receiving continuous
`Down` packets.

Root Cause:
bfdd with passive mode answers its peer only *one* packet in `Down` status,
then it enters into `Init` status and ignores subsequent `Down` packets.
Unluckily that *one* answered packet is lost, at that moment its peer
with active mode can only have to send `Down` packets.

Fix:
1) With passive mode, bfdd should start xmittimer after received `Down` packet.
Refer to RFC5880:
"A system taking the Passive role MUST NOT begin sending BFD packets for
a particular session until it has received a BFD packet for that session, and
thus has learned the remote system's discriminator value."

2) Currently this added xmittimer for passive mode can be safely removed
except receiving `AdminDown` packet:
    - `bfd_session_enable/bfd_set_passive_mode` doesn't start xmittimer
    - `ptm_bfd_sess_dn/bfd_set_shutdown` can remove xmittimer
Per RFC5880, receiving `AdminDown` packet should be also regarded as `Down`,
so just call `ptm_bfd_sess_dn`, which will safely remove the added xmittimer
for passive mode. In summary, call `ptm_bfd_sess_dn` for two status changes
on receiving `AdminDown`: `Init`->`Down` and `Up`->`Down`.

Signed-off-by: anlan_cs <vic.lan@pica8.com>
2022-02-02 13:03:09 +08:00
Mark Stapp
ceab66b7f4 zebra: reduce incoming netlink messages for dplane thread
The dataplane pthread only processes a limited set of incoming
netlink notifications: only register for that set of events,
reducing duplicate incoming netlink messages.

Signed-off-by: Mark Stapp <mstapp@nvidia.com>
2022-02-01 13:43:51 -05:00
Mark Stapp
cf8638ed34
Merge pull request #10464 from pguibert6WIND/negogiate
topotests: fix typo about bgp_dont_capability folder name
2022-02-01 13:00:54 -05:00
Russ White
acd2fe6bdd
Merge pull request #10428 from ton31337/fix/attr_extra_ipv6_ecommunity
bgpd: Move out ipv6_ecommunity struct from attr to attr_extra
2022-02-01 11:38:39 -05:00
Russ White
d7251c4b14
Merge pull request #10413 from anlancs/bfd-with-check
bfdd,doc,yang: a few minor commits for bfdd
2022-02-01 11:18:52 -05:00
Igor Ryzhov
0624c3cfcc
Merge pull request #10373 from anlancs/ospf-add-asbr
ospfd: fix missing "aggregation timer" in running configuration
2022-02-01 19:04:33 +03:00
Russ White
e9a2378119
Merge pull request #10391 from gromit1811/bug_9720_ecmp_inter_area_topotest_3paths
tests: Topotest for checking ECMP inter-area nexthop handling
2022-02-01 10:55:13 -05:00
Philippe Guibert
0a1663ce3a topotests: fix typo about bgp_dont_capability folder name
The folder bgp_dont_capability.. was wrong. Use negotiate
instead of negogiate.

Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
2022-02-01 16:52:20 +01:00
Russ White
f088fe245b
Merge pull request #10431 from ton31337/fix/rpki
bgpd: Handle TCP connection errors with connection callbacks for RPKI
2022-02-01 10:48:58 -05:00
Igor Ryzhov
3b216639d7
Merge pull request #10430 from ton31337/fix/addpath_maximum-prefix-out
bgpd: Add bgp_check_selected() helper and just consistency changes
2022-02-01 18:38:57 +03:00
Igor Ryzhov
0ef6eacc95 zebra: fix cleanup of meta queues on vrf disable
Current code treats all metaqueues as lists of route_node structures.
However, some queues contain other structures that need to be cleaned up
differently. Casting the elements of those queues to struct route_node
and dereferencing them leads to a crash. The crash may be seen when
executing bgp_multi_vrf_topo2.

Fix the code by using the proper list element types.

Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2022-02-01 18:20:30 +03:00
Igor Ryzhov
aa6e3cef62
Merge pull request #10322 from iqras23/coverity
bgpd: Addressing few coverity issues
2022-02-01 16:27:04 +03:00
Donatas Abraitis
b1dd718078 bgpd: Add bgp_check_selected() helper for abstraction
Just check if the path is selected to be advertised: best path or addpath
capable.

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2022-02-01 13:31:29 +02:00
Donatas Abraitis
be92fc9f1a bgpd: Convert bgp_addpath_encode_[tr]x() to bool from int
Rename addpath_encode[d] to addpath_capable to be consistent.

Signed-off-by: Donatas Abraitis <donatas.abraitis@gmail.com>
2022-02-01 13:31:16 +02:00
Igor Ryzhov
4adbab9b23
Merge pull request #10446 from anlancs/staticd-cleanup
staticd: small cleanup
2022-02-01 13:33:13 +03:00
Igor Ryzhov
8ccce75009
Merge pull request #10435 from ckishimo/ospf6d_distance
ospf6d: fix distance not applied
2022-02-01 13:28:44 +03:00
Igor Ryzhov
914ce787b8
Merge pull request #10459 from ckishimo/ospfd_distance
ospfd: fix distance not applied
2022-02-01 13:28:33 +03:00
Igor Ryzhov
515ae0c090
Merge pull request #10442 from ton31337/fix/reuse_bgp_path_info_extra_get
bgpd: Reuse bgp_path_info_extra_get() for allocating new bgp path info
2022-02-01 12:19:23 +03:00
Igor Ryzhov
461a8d7aba
Merge pull request #10443 from mjstapp/zebra_re_opaque
zebra: name the route_entry opaque struct more specifically
2022-02-01 12:19:11 +03:00