blob: 7cdb5fcc084e1e3a991afc9769fc056fe0489d13 [file] [log] [blame]
/*
* Copyright (c) 2016 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @file
* @brief Local TCP/IP stack punt infrastructure.
*
* Provides a set of VPP nodes together with the relevant APIs and CLI
* commands in order to adjust and dispatch packets from the VPP data plane
* to the local TCP/IP stack
*/
#include <vnet/ip/ip.h>
#include <vlib/vlib.h>
#include <vnet/udp/udp.h>
#include <vnet/tcp/tcp.h>
#include <vnet/ip/punt.h>
#include <vlib/unix/unix.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/uio.h>
#include <stdlib.h>
punt_main_t punt_main;
char *
vnet_punt_get_server_pathname (void)
{
punt_main_t *pm = &punt_main;
return pm->sun_path;
}
static void
punt_client_l4_db_add (ip_address_family_t af, u16 port, u32 index)
{
punt_main_t *pm = &punt_main;
pm->db.clients_by_l4_port = hash_set (pm->db.clients_by_l4_port,
punt_client_l4_mk_key (af, port),
index);
}
static u32
punt_client_l4_db_remove (ip_address_family_t af, u16 port)
{
punt_main_t *pm = &punt_main;
u32 key, index = ~0;
uword *p;
key = punt_client_l4_mk_key (af, port);
p = hash_get (pm->db.clients_by_l4_port, key);
if (p)
index = p[0];
hash_unset (pm->db.clients_by_l4_port, key);
return (index);
}
static void
punt_client_ip_proto_db_add (ip_address_family_t af,
ip_protocol_t proto, u32 index)
{
punt_main_t *pm = &punt_main;
pm->db.clients_by_ip_proto = hash_set (pm->db.clients_by_ip_proto,
punt_client_ip_proto_mk_key (af,
proto),
index);
}
static u32
punt_client_ip_proto_db_remove (ip_address_family_t af, ip_protocol_t proto)
{
punt_main_t *pm = &punt_main;
u32 key, index = ~0;
uword *p;
key = punt_client_ip_proto_mk_key (af, proto);
p = hash_get (pm->db.clients_by_ip_proto, key);
if (p)
index = p[0];
hash_unset (pm->db.clients_by_ip_proto, key);
return (index);
}
static void
punt_client_exception_db_add (vlib_punt_reason_t reason, u32 pci)
{
punt_main_t *pm = &punt_main;
vec_validate_init_empty (pm->db.clients_by_exception, reason, ~0);
pm->db.clients_by_exception[reason] = pci;
}
static u32
punt_client_exception_db_remove (vlib_punt_reason_t reason)
{
punt_main_t *pm = &punt_main;
u32 pci = ~0;
if (punt_client_exception_get (reason))
{
pci = pm->db.clients_by_exception[reason];
pm->db.clients_by_exception[reason] = ~0;
}
return pci;
}
static clib_error_t *
punt_socket_read_ready (clib_file_t * uf)
{
vlib_main_t *vm = vlib_get_main ();
punt_main_t *pm = &punt_main;
/** Schedule the rx node */
vlib_node_set_interrupt_pending (vm, punt_socket_rx_node.index);
vec_add1 (pm->ready_fds, uf->file_descriptor);
return 0;
}
static clib_error_t *
punt_socket_register_l4 (vlib_main_t * vm,
ip_address_family_t af,
u8 protocol, u16 port, char *client_pathname)
{
punt_main_t *pm = &punt_main;
punt_client_t *c;
/* For now we only support UDP punt */
if (protocol != IP_PROTOCOL_UDP)
return clib_error_return (0,
"only UDP protocol (%d) is supported, got %d",
IP_PROTOCOL_UDP, protocol);
if (port == (u16) ~ 0)
return clib_error_return (0, "UDP port number required");
c = punt_client_l4_get (af, port);
if (NULL == c)
{
pool_get_zero (pm->punt_client_pool, c);
punt_client_l4_db_add (af, port, c - pm->punt_client_pool);
}
memcpy (c->caddr.sun_path, client_pathname, sizeof (c->caddr.sun_path));
c->caddr.sun_family = AF_UNIX;
c->reg.type = PUNT_TYPE_L4;
c->reg.punt.l4.port = port;
c->reg.punt.l4.protocol = protocol;
c->reg.punt.l4.af = af;
u32 node_index = (af == AF_IP4 ?
udp4_punt_socket_node.index :
udp6_punt_socket_node.index);
udp_register_dst_port (vm, port, node_index, af == AF_IP4);
return (NULL);
}
static clib_error_t *
punt_socket_register_ip_proto (vlib_main_t * vm,
ip_address_family_t af,
ip_protocol_t proto, char *client_pathname)
{
punt_main_t *pm = &punt_main;
punt_client_t *c;
c = punt_client_ip_proto_get (af, proto);
if (NULL == c)
{
pool_get_zero (pm->punt_client_pool, c);
punt_client_ip_proto_db_add (af, proto, c - pm->punt_client_pool);
}
memcpy (c->caddr.sun_path, client_pathname, sizeof (c->caddr.sun_path));
c->caddr.sun_family = AF_UNIX;
c->reg.type = PUNT_TYPE_IP_PROTO;
c->reg.punt.ip_proto.protocol = proto;
c->reg.punt.ip_proto.af = af;
if (af == AF_IP4)
ip4_register_protocol (proto, ip4_proto_punt_socket_node.index);
else
ip6_register_protocol (proto, ip6_proto_punt_socket_node.index);
return (NULL);
}
static clib_error_t *
punt_socket_register_exception (vlib_main_t * vm,
vlib_punt_reason_t reason,
char *client_pathname)
{
punt_main_t *pm = &punt_main;
punt_client_t *pc;
pc = punt_client_exception_get (reason);
if (NULL == pc)
{
pool_get_zero (pm->punt_client_pool, pc);
punt_client_exception_db_add (reason, pc - pm->punt_client_pool);
}
memcpy (pc->caddr.sun_path, client_pathname, sizeof (pc->caddr.sun_path));
pc->caddr.sun_family = AF_UNIX;
pc->reg.type = PUNT_TYPE_EXCEPTION;
pc->reg.punt.exception.reason = reason;
vlib_punt_register (pm->hdl,
pc->reg.punt.exception.reason, "exception-punt-socket");
return (NULL);
}
static clib_error_t *
punt_socket_unregister_l4 (ip_address_family_t af,
ip_protocol_t protocol, u16 port)
{
u32 pci;
udp_unregister_dst_port (vlib_get_main (), port, af == AF_IP4);
pci = punt_client_l4_db_remove (af, port);
if (~0 != pci)
pool_put_index (punt_main.punt_client_pool, pci);
return (NULL);
}
static clib_error_t *
punt_socket_unregister_ip_proto (ip_address_family_t af, ip_protocol_t proto)
{
u32 pci;
if (af == AF_IP4)
ip4_unregister_protocol (proto);
else
ip6_unregister_protocol (proto);
pci = punt_client_ip_proto_db_remove (af, proto);
if (~0 != pci)
pool_put_index (punt_main.punt_client_pool, pci);
return (NULL);
}
static clib_error_t *
punt_socket_unregister_exception (vlib_punt_reason_t reason)
{
u32 pci;
pci = punt_client_exception_db_remove (reason);
if (~0 != pci)
pool_put_index (punt_main.punt_client_pool, pci);
return (NULL);
}
clib_error_t *
vnet_punt_socket_add (vlib_main_t * vm, u32 header_version,
const punt_reg_t * pr, char *client_pathname)
{
punt_main_t *pm = &punt_main;
if (!pm->is_configured)
return clib_error_return (0, "socket is not configured");
if (header_version != PUNT_PACKETDESC_VERSION)
return clib_error_return (0, "Invalid packet descriptor version");
if (strncmp (client_pathname, vnet_punt_get_server_pathname (),
UNIX_PATH_MAX) == 0)
return clib_error_return (0,
"Punt socket: Invalid client path: %s",
client_pathname);
/* Register client */
switch (pr->type)
{
case PUNT_TYPE_L4:
return (punt_socket_register_l4 (vm,
pr->punt.l4.af,
pr->punt.l4.protocol,
pr->punt.l4.port, client_pathname));
case PUNT_TYPE_IP_PROTO:
return (punt_socket_register_ip_proto (vm,
pr->punt.ip_proto.af,
pr->punt.ip_proto.protocol,
client_pathname));
case PUNT_TYPE_EXCEPTION:
return (punt_socket_register_exception (vm,
pr->punt.exception.reason,
client_pathname));
}
return 0;
}
clib_error_t *
vnet_punt_socket_del (vlib_main_t * vm, const punt_reg_t * pr)
{
punt_main_t *pm = &punt_main;
if (!pm->is_configured)
return clib_error_return (0, "socket is not configured");
switch (pr->type)
{
case PUNT_TYPE_L4:
return (punt_socket_unregister_l4 (pr->punt.l4.af,
pr->punt.l4.protocol,
pr->punt.l4.port));
case PUNT_TYPE_IP_PROTO:
return (punt_socket_unregister_ip_proto (pr->punt.ip_proto.af,
pr->punt.ip_proto.protocol));
case PUNT_TYPE_EXCEPTION:
return (punt_socket_unregister_exception (pr->punt.exception.reason));
}
return 0;
}
/**
* @brief Request IP L4 traffic punt to the local TCP/IP stack.
*
* @em Note
* - UDP is the only protocol supported in the current implementation
*
* @param vm vlib_main_t corresponding to the current thread
* @param af IP address family.
* @param protocol 8-bits L4 protocol value
* UDP is 17
* TCP is 1
* @param port 16-bits L4 (TCP/IP) port number when applicable (UDP only)
*
* @returns 0 on success, non-zero value otherwise
*/
static clib_error_t *
punt_l4_add_del (vlib_main_t * vm,
ip_address_family_t af,
ip_protocol_t protocol, u16 port, bool is_add)
{
/* For now we only support TCP and UDP punt */
if (protocol != IP_PROTOCOL_UDP && protocol != IP_PROTOCOL_TCP)
return clib_error_return (0,
"only UDP (%d) and TCP (%d) protocols are supported, got %d",
IP_PROTOCOL_UDP, IP_PROTOCOL_TCP, protocol);
if (port == (u16) ~ 0)
{
if (protocol == IP_PROTOCOL_UDP)
udp_punt_unknown (vm, af == AF_IP4, is_add);
else if (protocol == IP_PROTOCOL_TCP)
tcp_punt_unknown (vm, af == AF_IP4, is_add);
return 0;
}
else if (is_add)
{
if (protocol == IP_PROTOCOL_TCP)
return clib_error_return (0, "punt TCP ports is not supported yet");
udp_register_dst_port (vm, port, udp4_punt_node.index, af == AF_IP4);
return 0;
}
else
{
if (protocol == IP_PROTOCOL_TCP)
return clib_error_return (0, "punt TCP ports is not supported yet");
udp_unregister_dst_port (vm, port, af == AF_IP4);
return 0;
}
}
clib_error_t *
vnet_punt_add_del (vlib_main_t * vm, const punt_reg_t * pr, bool is_add)
{
switch (pr->type)
{
case PUNT_TYPE_L4:
return (punt_l4_add_del (vm, pr->punt.l4.af, pr->punt.l4.protocol,
pr->punt.l4.port, is_add));
case PUNT_TYPE_EXCEPTION:
case PUNT_TYPE_IP_PROTO:
break;
}
return (clib_error_return (0, "Unsupported punt type: %d", pr->type));
}
static clib_error_t *
punt_cli (vlib_main_t * vm,
unformat_input_t * input__, vlib_cli_command_t * cmd)
{
unformat_input_t line_input, *input = &line_input;
clib_error_t *error = NULL;
bool is_add = true;
/* *INDENT-OFF* */
punt_reg_t pr = {
.punt = {
.l4 = {
.af = AF_IP4,
.port = ~0,
.protocol = IP_PROTOCOL_UDP,
},
},
.type = PUNT_TYPE_L4,
};
u32 port;
/* *INDENT-ON* */
if (!unformat_user (input__, unformat_line_input, input))
return 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "del"))
is_add = false;
else if (unformat (input, "ipv4"))
pr.punt.l4.af = AF_IP4;
else if (unformat (input, "ipv6"))
pr.punt.l4.af = AF_IP6;
else if (unformat (input, "ip6"))
pr.punt.l4.af = AF_IP6;
else if (unformat (input, "%d", &port))
pr.punt.l4.port = port;
else if (unformat (input, "all"))
pr.punt.l4.port = ~0;
else if (unformat (input, "udp"))
pr.punt.l4.protocol = IP_PROTOCOL_UDP;
else if (unformat (input, "tcp"))
pr.punt.l4.protocol = IP_PROTOCOL_TCP;
else
{
error = clib_error_return (0, "parse error: '%U'",
format_unformat_error, input);
goto done;
}
}
/* punt both IPv6 and IPv4 when used in CLI */
error = vnet_punt_add_del (vm, &pr, is_add);
if (error)
{
clib_error_report (error);
}
done:
unformat_free (input);
return error;
}
/*?
* The set of '<em>set punt</em>' commands allows specific IP traffic to
* be punted to the host TCP/IP stack
*
* @em Note
* - UDP is the only protocol supported in the current implementation
* - All TCP traffic is currently punted to the host by default
*
* @cliexpar
* @parblock
* Example of how to request NTP traffic to be punted
* @cliexcmd{set punt udp 125}
*
* Example of how to request all 'unknown' UDP traffic to be punted
* @cliexcmd{set punt udp all}
*
* Example of how to stop all 'unknown' UDP traffic to be punted
* @cliexcmd{set punt udp del all}
* @endparblock
?*/
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (punt_command, static) = {
.path = "set punt",
.short_help = "set punt [IPV4|ip6|ipv6] [UDP|tcp] [del] [ALL|<port-num>]",
.function = punt_cli,
};
/* *INDENT-ON* */
static clib_error_t *
punt_socket_register_cmd (vlib_main_t * vm,
unformat_input_t * input__,
vlib_cli_command_t * cmd)
{
unformat_input_t line_input, *input = &line_input;
u8 *socket_name = 0;
clib_error_t *error = NULL;
/* *INDENT-OFF* */
punt_reg_t pr = {
.punt = {
.l4 = {
.af = AF_IP4,
.port = ~0,
.protocol = IP_PROTOCOL_UDP,
},
},
.type = PUNT_TYPE_L4,
};
/* *INDENT-ON* */
if (!unformat_user (input__, unformat_line_input, input))
return 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "ipv4"))
pr.punt.l4.af = AF_IP4;
else if (unformat (input, "ipv6"))
pr.punt.l4.af = AF_IP6;
else if (unformat (input, "udp"))
pr.punt.l4.protocol = IP_PROTOCOL_UDP;
else if (unformat (input, "tcp"))
pr.punt.l4.protocol = IP_PROTOCOL_TCP;
else if (unformat (input, "%d", &pr.punt.l4.port))
;
else if (unformat (input, "all"))
pr.punt.l4.port = ~0;
else if (unformat (input, "socket %s", &socket_name))
;
else
{
error = clib_error_return (0, "parse error: '%U'",
format_unformat_error, input);
goto done;
}
}
if (!socket_name)
error = clib_error_return (0, "socket name not specified");
else
error = vnet_punt_socket_add (vm, 1, &pr, (char *) socket_name);
done:
unformat_free (input);
return error;
}
/*?
*
* @cliexpar
* @cliexcmd{punt socket register socket punt_l4_foo.sock}
?*/
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (punt_socket_register_command, static) =
{
.path = "punt socket register",
.function = punt_socket_register_cmd,
.short_help = "punt socket register [IPV4|ipv6] [UDP|tcp] [ALL|<port-num>] socket <socket>",
.is_mp_safe = 1,
};
/* *INDENT-ON* */
static clib_error_t *
punt_socket_deregister_cmd (vlib_main_t * vm,
unformat_input_t * input__,
vlib_cli_command_t * cmd)
{
unformat_input_t line_input, *input = &line_input;
clib_error_t *error = NULL;
/* *INDENT-OFF* */
punt_reg_t pr = {
.punt = {
.l4 = {
.af = AF_IP4,
.port = ~0,
.protocol = IP_PROTOCOL_UDP,
},
},
.type = PUNT_TYPE_L4,
};
/* *INDENT-ON* */
if (!unformat_user (input__, unformat_line_input, input))
return 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "ipv4"))
pr.punt.l4.af = AF_IP4;
else if (unformat (input, "ipv6"))
pr.punt.l4.af = AF_IP6;
else if (unformat (input, "udp"))
pr.punt.l4.protocol = IP_PROTOCOL_UDP;
else if (unformat (input, "tcp"))
pr.punt.l4.protocol = IP_PROTOCOL_TCP;
else if (unformat (input, "%d", &pr.punt.l4.port))
;
else if (unformat (input, "all"))
pr.punt.l4.port = ~0;
else
{
error = clib_error_return (0, "parse error: '%U'",
format_unformat_error, input);
goto done;
}
}
error = vnet_punt_socket_del (vm, &pr);
done:
unformat_free (input);
return error;
}
/*?
*
* @cliexpar
* @cliexcmd{punt socket register}
?*/
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (punt_socket_deregister_command, static) =
{
.path = "punt socket deregister",
.function = punt_socket_deregister_cmd,
.short_help = "punt socket deregister [IPV4|ipv6] [UDP|tcp] [ALL|<port-num>]",
.is_mp_safe = 1,
};
/* *INDENT-ON* */
void
punt_client_walk (punt_type_t pt, punt_client_walk_cb_t cb, void *ctx)
{
punt_main_t *pm = &punt_main;
switch (pt)
{
case PUNT_TYPE_L4:
{
u32 pci, key;
/* *INDENT-OFF* */
hash_foreach(key, pci, pm->db.clients_by_l4_port,
({
cb (pool_elt_at_index(pm->punt_client_pool, pci), ctx);
}));
/* *INDENT-ON* */
break;
}
case PUNT_TYPE_IP_PROTO:
{
u32 pci, key;
/* *INDENT-OFF* */
hash_foreach(key, pci, pm->db.clients_by_ip_proto,
({
cb (pool_elt_at_index(pm->punt_client_pool, pci), ctx);
}));
/* *INDENT-ON* */
break;
}
case PUNT_TYPE_EXCEPTION:
{
u32 *pci;
vec_foreach (pci, pm->db.clients_by_exception)
{
if (~0 != *pci)
cb (pool_elt_at_index (pm->punt_client_pool, *pci), ctx);
}
break;
}
}
}
static u8 *
format_punt_client (u8 * s, va_list * args)
{
punt_client_t *pc = va_arg (*args, punt_client_t *);
s = format (s, " punt ");
switch (pc->reg.type)
{
case PUNT_TYPE_L4:
s = format (s, "%U %U port %d",
format_ip_address_family, pc->reg.punt.l4.af,
format_ip_protocol, pc->reg.punt.l4.protocol,
pc->reg.punt.l4.port);
break;
case PUNT_TYPE_IP_PROTO:
s = format (s, "%U %U",
format_ip_address_family, pc->reg.punt.ip_proto.af,
format_ip_protocol, pc->reg.punt.ip_proto.protocol);
break;
case PUNT_TYPE_EXCEPTION:
s = format (s, " %U", format_vlib_punt_reason,
pc->reg.punt.exception.reason);
break;
}
s = format (s, " to socket %s \n", pc->caddr.sun_path);
return (s);
}
static walk_rc_t
punt_client_show_one (const punt_client_t * pc, void *ctx)
{
vlib_cli_output (ctx, "%U", format_punt_client, pc);
return (WALK_CONTINUE);
}
static clib_error_t *
punt_socket_show_cmd (vlib_main_t * vm,
unformat_input_t * input__, vlib_cli_command_t * cmd)
{
unformat_input_t line_input, *input = &line_input;
clib_error_t *error = NULL;
punt_type_t pt;
pt = PUNT_TYPE_L4;
if (!unformat_user (input__, unformat_line_input, input))
return 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "exception"))
pt = PUNT_TYPE_EXCEPTION;
else if (unformat (input, "l4"))
pt = PUNT_TYPE_L4;
else if (unformat (input, "ip"))
pt = PUNT_TYPE_IP_PROTO;
else
{
error = clib_error_return (0, "parse error: '%U'",
format_unformat_error, input);
goto done;
}
}
punt_client_walk (pt, punt_client_show_one, vm);
done:
unformat_free (input);
return (error);
}
/*?
*
* @cliexpar
* @cliexcmd{show punt socket ipv4}
?*/
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (show_punt_socket_registration_command, static) =
{
.path = "show punt socket registrations",
.function = punt_socket_show_cmd,
.short_help = "show punt socket registrations [l4|exception]",
.is_mp_safe = 1,
};
/* *INDENT-ON* */
clib_error_t *
ip_punt_init (vlib_main_t * vm)
{
clib_error_t *error = NULL;
punt_main_t *pm = &punt_main;
vlib_thread_main_t *tm = vlib_get_thread_main ();
pm->is_configured = false;
pm->interface_output_node =
vlib_get_node_by_name (vm, (u8 *) "interface-output");
if ((error = vlib_call_init_function (vm, punt_init)))
return error;
pm->hdl = vlib_punt_client_register ("ip-punt");
vec_validate_aligned (pm->thread_data, tm->n_vlib_mains,
CLIB_CACHE_LINE_BYTES);
return (error);
}
VLIB_INIT_FUNCTION (ip_punt_init);
static clib_error_t *
punt_config (vlib_main_t * vm, unformat_input_t * input)
{
punt_main_t *pm = &punt_main;
char *socket_path = 0;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "socket %s", &socket_path))
strncpy (pm->sun_path, socket_path, UNIX_PATH_MAX - 1);
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, input);
}
if (socket_path == 0)
return 0;
/* UNIX domain socket */
struct sockaddr_un addr;
if ((pm->socket_fd = socket (AF_UNIX, SOCK_DGRAM | SOCK_NONBLOCK, 0)) == -1)
{
return clib_error_return (0, "socket error");
}
clib_memset (&addr, 0, sizeof (addr));
addr.sun_family = AF_UNIX;
if (*socket_path == '\0')
{
*addr.sun_path = '\0';
strncpy (addr.sun_path + 1, socket_path + 1,
sizeof (addr.sun_path) - 2);
}
else
{
strncpy (addr.sun_path, socket_path, sizeof (addr.sun_path) - 1);
unlink (socket_path);
}
if (bind (pm->socket_fd, (struct sockaddr *) &addr, sizeof (addr)) == -1)
{
return clib_error_return (0, "bind error");
}
int n_bytes = 0x10000;
if (setsockopt
(pm->socket_fd, SOL_SOCKET, SO_SNDBUF, &n_bytes,
sizeof (n_bytes)) == -1)
{
return clib_error_return (0, "setsockopt error");
}
/* Register socket */
clib_file_main_t *fm = &file_main;
clib_file_t template = { 0 };
template.read_function = punt_socket_read_ready;
template.file_descriptor = pm->socket_fd;
template.description = format (0, "punt socket %s", socket_path);
pm->clib_file_index = clib_file_add (fm, &template);
pm->is_configured = true;
return 0;
}
VLIB_CONFIG_FUNCTION (punt_config, "punt");
/*
* fd.io coding-style-patch-verification: ON
*
* Local Variables:
* eval: (c-set-style "gnu")
* End:
*/