FD.io VPP  v20.05.1-6-gf53edbc3b
Vector Packet Processing
stn.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <stn/stn.h>
17 
18 #include <vnet/plugin/plugin.h>
19 #include <vpp/app/version.h>
20 #include <vnet/ip/format.h>
21 #include <vnet/ethernet/packet.h>
22 #include <vnet/udp/udp.h>
23 #include <vnet/tcp/tcp.h>
24 
28 
29 static u8 stn_hw_addr_local[6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
30 static u8 stn_hw_addr_dst[6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
31 
32 static ethernet_header_t stn_ip4_ethernet_header = {};
33 static ethernet_header_t stn_ip6_ethernet_header = {};
34 
35 typedef struct {
38 
39 static u8 *
40 format_stn_rule (u8 * s, va_list * args)
41 {
42  stn_rule_t *r = va_arg (*args, stn_rule_t *);
43  stn_main_t *stn = &stn_main;
44  u32 indent = format_get_indent (s);
45  u32 node_index = ip46_address_is_ip4(&r->address)?stn_ip4_punt.index:stn_ip6_punt.index;
46  vlib_node_t *next_node = vlib_get_next_node(vlib_get_main(), node_index, r->next_node_index);
47  s = format (s, "rule_index: %d\n", r - stn->rules);
48  s = format (s, "%Uaddress: %U\n", format_white_space, indent,
50  s = format (s, "%Uiface: %U (%d)\n", format_white_space, indent,
52  r->sw_if_index);
53  s = format (s, "%Unext_node: %s (%d)", format_white_space, indent,
54  next_node->name, next_node->index);
55  return s;
56 }
57 
59 format_stn_ip46_punt_trace (u8 * s, va_list * args, u8 is_ipv4)
60 {
61  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
62  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
63  stn_ip46_punt_trace_t *t = va_arg (*args, stn_ip46_punt_trace_t *);
64  u32 indent = format_get_indent (s);
65 
66  s = format (s, "dst_address: %U\n", format_ip46_address,
67  (ip46_address_t *)t->kv.key, IP46_TYPE_ANY);
68 
69  if (t->kv.value == ~(0L))
70  {
71  s = format (s, "%Urule: none", format_white_space, indent);
72  }
73  else
74  {
75  s = format (s, "%Urule:\n%U%U", format_white_space, indent,
76  format_white_space, indent + 2,
77  format_stn_rule, &stn_main.rules[t->kv.value]);
78  }
79  return s;
80 }
81 
82 typedef enum
83 {
87 
92  u8 is_ipv4)
93 {
94  u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
95  stn_main_t *stn = &stn_main;
96 
97  from = vlib_frame_vector_args (frame);
98  n_left_from = frame->n_vectors;
99  next_index = node->cached_next_index;
100 
101  while (n_left_from > 0)
102  {
103  vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
104 
105  /* Single loop */
106  while (n_left_from > 0 && n_left_to_next > 0)
107  {
108  u32 pi0;
109  vlib_buffer_t *p0;
111  u32 next0 = STN_IP_PUNT_DROP;
112 
113  pi0 = to_next[0] = from[0];
114  from += 1;
115  n_left_from -= 1;
116  to_next += 1;
117  n_left_to_next -= 1;
118 
119  p0 = vlib_get_buffer (vm, pi0);
120 
121  if (is_ipv4)
122  {
124  ip46_address_set_ip4((ip46_address_t *)kv.key, &hdr->dst_address);
125  }
126  else
127  {
129  kv.key[0] = hdr->dst_address.as_u64[0];
130  kv.key[1] = hdr->dst_address.as_u64[1];
131  }
132 
133  kv.value = ~(0L);
134  clib_bihash_search_inline_16_8 (&stn->rule_by_address_table, &kv);
135  if (kv.value != ~(0L))
136  {
137  ethernet_header_t *eth;
138  stn_rule_t *r = &stn->rules[kv.value];
139  vnet_buffer(p0)->sw_if_index[VLIB_TX] = r->sw_if_index;
140  next0 = r->next_node_index;
141  vlib_buffer_advance(p0, -sizeof(*eth));
143  if (is_ipv4)
144  clib_memcpy_fast(eth, &stn_ip4_ethernet_header, sizeof(*eth));
145  else
146  clib_memcpy_fast(eth, &stn_ip6_ethernet_header, sizeof(*eth));
147  }
148  else
149  {
150  vnet_feature_next (&next0, p0);
151  }
152 
153  if (PREDICT_FALSE (p0->flags & VLIB_BUFFER_IS_TRACED))
154  {
156  vlib_add_trace (vm, node, p0, sizeof (*tr));
157  tr->kv = kv;
158  }
159 
160  vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
161  n_left_to_next, pi0, next0);
162  }
163  vlib_put_next_frame (vm, node, next_index, n_left_to_next);
164  }
165 
166  return frame->n_vectors;
167 }
168 
169 
170 #define foreach_stn_ip_punt_error \
171  _(NONE, "no error")
172 
173 typedef enum {
174 #define _(sym,str) STN_IP_punt_ERROR_##sym,
176 #undef _
178 } ila_error_t;
179 
180 static char *stn_ip_punt_error_strings[] = {
181 #define _(sym,string) string,
183 #undef _
184 };
185 
186 u8 *
187 format_stn_ip6_punt_trace (u8 * s, va_list * args)
188 {
189  return format_stn_ip46_punt_trace (s, args, 0);
190 }
191 
192 static uword
195 {
196  return stn_ip46_punt_fn(vm, node, frame, 0);
197 }
198 
199 /** *INDENT-OFF* */
201 {
202  .function = stn_ip6_punt_fn,
203  .name = "stn-ip6-punt",
204  .vector_size = sizeof (u32),
205  .format_trace = format_stn_ip6_punt_trace,
206  .n_errors = STN_IP_PUNT_N_ERROR,
207  .error_strings = stn_ip_punt_error_strings,
208  .n_next_nodes = STN_IP_PUNT_N_NEXT,
209  .next_nodes =
210  {
211  [STN_IP_PUNT_DROP] = "error-drop"
212  },
213 };
214 VNET_FEATURE_INIT (stn_ip6_punt_feat_node, static) = {
215  .arc_name = "ip6-punt",
216  .node_name = "stn-ip6-punt",
217  .runs_before = VNET_FEATURES("ip6-punt-redirect"),
218 };
219 /** *INDENT-ON* */
220 
221 u8 *
222 format_stn_ip4_punt_trace (u8 * s, va_list * args)
223 {
224  return format_stn_ip46_punt_trace (s, args, 1);
225 }
226 
227 static uword
230 {
231  return stn_ip46_punt_fn(vm, node, frame, 1);
232 }
233 
234 /** *INDENT-OFF* */
236 {
237  .function = stn_ip4_punt_fn,
238  .name = "stn-ip4-punt",
239  .vector_size = sizeof (u32),
240  .format_trace = format_stn_ip4_punt_trace,
241  .n_errors = STN_IP_PUNT_N_ERROR,
242  .error_strings = stn_ip_punt_error_strings,
243  .n_next_nodes = STN_IP_PUNT_N_NEXT,
244  .next_nodes =
245  {
246  [STN_IP_PUNT_DROP] = "error-drop",
247  },
248 };
249 VNET_FEATURE_INIT (stn_ip4_punt_feat_node, static) = {
250  .arc_name = "ip4-punt",
251  .node_name = "stn-ip4-punt",
252  .runs_before = VNET_FEATURES("ip4-punt-redirect"),
253 };
254 /** *INDENT-ON* */
255 
256 clib_error_t *
258 {
259  stn_main_t *stn = &stn_main;
260  stn->rules = 0;
261  clib_bihash_init_16_8(&stn->rule_by_address_table, "stn addresses",
262  1024, 1<<20);
263 
264  clib_memcpy_fast(stn_ip4_ethernet_header.dst_address, stn_hw_addr_dst, 6);
265  clib_memcpy_fast(stn_ip4_ethernet_header.src_address, stn_hw_addr_local, 6);
266  stn_ip4_ethernet_header.type = clib_host_to_net_u16(ETHERNET_TYPE_IP4);
267 
268  clib_memcpy_fast(stn_ip6_ethernet_header.dst_address, stn_hw_addr_dst, 6);
269  clib_memcpy_fast(stn_ip6_ethernet_header.src_address, stn_hw_addr_local, 6);
270  stn_ip6_ethernet_header.type = clib_host_to_net_u16(ETHERNET_TYPE_IP6);
271 
272  return stn_api_init (vm, stn);
273 
274  return NULL;
275 }
276 
278 
279 /* *INDENT-OFF* */
281  .version = VPP_BUILD_VER,
282  .description = "VPP Steals the NIC (STN) for Container Integration",
283 };
284 /* *INDENT-ON* */
285 
287 {
288  vnet_main_t *vnm = vnet_get_main();
290  stn_main_t *stn = &stn_main;
291 
292  stn_rule_t *r = NULL;
294  kv.key[0] = args->address.as_u64[0];
295  kv.key[1] = args->address.as_u64[1];
296 
297  if (clib_bihash_search_inline_16_8 (&stn->rule_by_address_table, &kv) == 0)
298  {
299  r = &stn->rules[kv.value];
300  }
301  else if (!args->del)
302  {
303  pool_get(stn->rules, r);
304  kv.value = r - stn->rules;
305  clib_bihash_add_del_16_8(&stn->rule_by_address_table, &kv, 1);
306  r->address = args->address;
307 
308  stn->n_rules++;
309  if (stn->n_rules == 1)
310  {
311  vnet_feature_enable_disable("ip6-punt", "stn-ip6-punt",
312  0, 1, 0, 0);
313  vnet_feature_enable_disable("ip4-punt", "stn-ip4-punt",
314  0, 1, 0, 0);
315 
316  udp_punt_unknown(vm, 0, 1);
317  udp_punt_unknown(vm, 1, 1);
318  tcp_punt_unknown(vm, 0, 1);
319  tcp_punt_unknown(vm, 1, 1);
320  }
321  }
322 
323  if (!args->del)
324  {
325  /* Getting output node and adding it as next */
326  u32 output_node_index =
328  u32 node_index = ip46_address_is_ip4(&args->address)?
329  stn_ip4_punt.index : stn_ip6_punt.index;
330 
331  r->sw_if_index = args->sw_if_index;
332  r->next_node_index =
333  vlib_node_add_next(vm, node_index, output_node_index);
334 
335  /* enabling forwarding on the output node (might not be done since
336  * it is unnumbered) */
339  }
340  else if (r)
341  {
342  clib_bihash_add_del_16_8(&stn->rule_by_address_table, &kv, 0);
343  pool_put(stn->rules, r);
344 
345  stn->n_rules--;
346  if (stn->n_rules == 0)
347  {
348  vnet_feature_enable_disable("ip6-punt", "stn-ip6-punt",
349  0, 0, 0, 0);
350  vnet_feature_enable_disable("ip4-punt", "stn-ip4-punt",
351  0, 0, 0, 0);
352  }
353  }
354  else
355  {
356  return VNET_API_ERROR_NO_SUCH_ENTRY;
357  }
358 
359  return 0;
360 }
361 
362 static clib_error_t *
364  unformat_input_t * input, vlib_cli_command_t * cmd)
365 {
366  stn_main_t *stn = &stn_main;
367  u8 *s = 0;
368  stn_rule_t *rule;
369  pool_foreach(rule, stn->rules, {
370  s = format (s, "- %U\n", format_stn_rule, rule);
371  });
372 
373  vlib_cli_output(vm, "%v", s);
374 
375  vec_free(s);
376  return NULL;
377 }
378 
379 VLIB_CLI_COMMAND (show_stn_rules_command, static) =
380 {
381  .path = "show stn rules",
382  .short_help = "",
383  .function = show_stn_rules_fn,
384 };
385 
386 static clib_error_t *
388  unformat_input_t * input, vlib_cli_command_t * cmd)
389 {
390  unformat_input_t _line_input, *line_input = &_line_input;
391  clib_error_t *error = 0;
392  stn_rule_add_del_args_t args = {};
393  u8 got_addr = 0;
394  u8 got_iface = 0;
395  int ret;
396 
397  if (!unformat_user (input, unformat_line_input, line_input))
398  return 0;
399 
400  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
401  {
402  if (unformat (line_input, "address %U", unformat_ip46_address,
403  &args.address, IP46_TYPE_ANY))
404  got_addr = 1;
405  else if (unformat
406  (line_input, "interface %U", unformat_vnet_sw_interface,
407  vnet_get_main(), &args.sw_if_index))
408  got_iface = 1;
409  else if (unformat (line_input, "del"))
410  args.del = 1;
411  else
412  {
413  error = clib_error_return (0, "parse error: '%U'",
414  format_unformat_error, line_input);
415  goto done;
416  }
417  }
418 
419  if (!got_addr)
420  {
421  error = clib_error_return (0, "Missing address");
422  goto done;
423  }
424 
425  if (!got_iface)
426  {
427  error = clib_error_return (0, "Missing interface");
428  goto done;
429  }
430 
431  if ((ret = stn_rule_add_del (&args)))
432  {
433  error = clib_error_return (0, "stn_rule_add_del returned error %d", ret);
434  goto done;
435  }
436 
437 done:
438  unformat_free (line_input);
439  return error;
440 }
441 
442 VLIB_CLI_COMMAND (stn_rule_command, static) =
443 {
444  .path = "stn rule",
445  .short_help = "address <addr> interface <iface> [del]",
446  .function = stn_rule_fn,
447 };
u32 flags
buffer flags: VLIB_BUFFER_FREE_LIST_INDEX_MASK: bits used to store free list index, VLIB_BUFFER_IS_TRACED: trace this buffer.
Definition: buffer.h:124
static uword stn_ip4_punt_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: stn.c:228
static u8 stn_hw_addr_local[6]
Definition: stn.c:29
VLIB_PLUGIN_REGISTER()
#define CLIB_UNUSED(x)
Definition: clib.h:86
stn_ip_punt_next_t
Definition: stn.c:82
vnet_main_t * vnet_get_main(void)
Definition: misc.c:46
clib_bihash_kv_16_8_t kv
Definition: stn.c:36
static char * stn_ip_punt_error_strings[]
Definition: stn.c:180
Definition: stn.h:24
#define clib_memcpy_fast(a, b, c)
Definition: string.h:81
u32 index
Definition: node.h:282
u8 src_address[6]
Definition: packet.h:56
Definition: stn.h:30
u32 sw_if_index
TX interface to send packets to.
Definition: stn.h:50
static vlib_node_registration_t stn_ip6_punt
INDENT-OFF
Definition: stn.c:27
uword unformat_user(unformat_input_t *input, unformat_function_t *func,...)
Definition: unformat.c:989
static u32 format_get_indent(u8 *s)
Definition: format.h:72
int stn_rule_add_del(stn_rule_add_del_args_t *args)
Add or delete an stn rule.
Definition: stn.c:286
clib_bihash_16_8_t rule_by_address_table
Definition: stn.h:38
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:424
unformat_function_t unformat_vnet_sw_interface
static u8 ip46_address_is_ip4(const ip46_address_t *ip46)
Definition: ip46_address.h:55
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:252
stn_main_t stn_main
Definition: stn.c:25
format_function_t format_vnet_sw_if_index_name
static uword vlib_node_add_next(vlib_main_t *vm, uword node, uword next_node)
Definition: node_funcs.h:1092
u32 n_rules
Definition: stn.h:35
unsigned char u8
Definition: types.h:56
static vlib_node_registration_t stn_ip4_punt
INDENT-OFF
Definition: stn.c:26
ip46_address_t address
Destination address of intercepted packets.
Definition: stn.h:48
stn_rule_t * rules
Definition: stn.h:32
#define static_always_inline
Definition: clib.h:106
#define pool_foreach(VAR, POOL, BODY)
Iterate through pool.
Definition: pool.h:513
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:173
static uword stn_ip6_punt_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: stn.c:193
ip4_address_t dst_address
Definition: ip4_packet.h:170
u8 dst_address[6]
Definition: packet.h:55
u8 * format_white_space(u8 *s, va_list *va)
Definition: std-formats.c:129
#define clib_error_return(e, args...)
Definition: error.h:99
u8 del
Whether to delete the rule.
Definition: stn.h:52
static_always_inline uword stn_ip46_punt_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame, u8 is_ipv4)
Definition: stn.c:89
unsigned int u32
Definition: types.h:88
#define foreach_stn_ip_punt_error
Definition: stn.c:170
unformat_function_t unformat_line_input
Definition: format.h:283
u8 * format_stn_ip6_punt_trace(u8 *s, va_list *args)
Definition: stn.c:187
void ip4_sw_interface_enable_disable(u32 sw_if_index, u32 is_enable)
Definition: ip4_forward.c:640
clib_error_t * stn_api_init(vlib_main_t *vm, stn_main_t *sm)
Definition: stn_api.c:114
struct _unformat_input_t unformat_input_t
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:229
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:302
#define PREDICT_FALSE(x)
Definition: clib.h:118
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
Definition: buffer_node.h:224
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
Definition: node_funcs.h:338
vlib_main_t * vm
Definition: in2out_ed.c:1599
format_function_t format_ip46_address
Definition: ip46_address.h:50
u8 * name
Definition: node.h:266
void udp_punt_unknown(vlib_main_t *vm, u8 is_ip4, u8 is_add)
Definition: udp_local.c:545
clib_error_t * stn_init(vlib_main_t *vm)
INDENT-ON
Definition: stn.c:257
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:169
#define UNFORMAT_END_OF_INPUT
Definition: format.h:145
static u8 stn_hw_addr_dst[6]
Definition: stn.c:30
u16 n_vectors
Definition: node.h:399
ila_error_t
Definition: stn.c:173
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:380
static_always_inline void vnet_feature_next(u32 *next0, vlib_buffer_t *b0)
Definition: feature.h:322
u32 vnet_tx_node_index_for_sw_interface(vnet_main_t *vnm, u32 sw_if_index)
Definition: rewrite.c:73
VNET_FEATURE_INIT(stn_ip6_punt_feat_node, static)
void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
Definition: main.c:483
vlib_main_t vlib_node_runtime_t * node
Definition: in2out_ed.c:1599
u32 next_node_index
Definition: stn.h:26
#define VLIB_CLI_COMMAND(x,...)
Definition: cli.h:152
u16 cached_next_index
Next frame index that vector arguments were last enqueued to last time this node ran.
Definition: node.h:517
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
Definition: cli.c:689
static clib_error_t * stn_rule_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: stn.c:387
static_always_inline u8 * format_stn_ip46_punt_trace(u8 *s, va_list *args, u8 is_ipv4)
Definition: stn.c:59
static void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
Definition: buffer.h:248
unformat_function_t unformat_ip46_address
Definition: format.h:63
#define VNET_FEATURES(...)
Definition: feature.h:470
static vlib_main_t * vlib_get_main(void)
Definition: global_funcs.h:23
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
Definition: trace_funcs.h:55
struct _vlib_node_registration vlib_node_registration_t
void tcp_punt_unknown(vlib_main_t *vm, u8 is_ip4, u8 is_add)
Definition: tcp.c:1399
Definition: defs.h:47
static vlib_node_t * vlib_get_next_node(vlib_main_t *vm, u32 node_index, u32 next_index)
Get vlib node by graph arc (next) index.
Definition: node_funcs.h:72
u8 * format_stn_ip4_punt_trace(u8 *s, va_list *args)
INDENT-ON
Definition: stn.c:222
VLIB buffer representation.
Definition: buffer.h:102
u64 uword
Definition: types.h:112
static void unformat_free(unformat_input_t *i)
Definition: format.h:163
u32 sw_if_index
Definition: stn.h:27
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
Definition: node_funcs.h:244
static u8 * format_stn_rule(u8 *s, va_list *args)
Definition: stn.c:40
#define vnet_buffer(b)
Definition: buffer.h:417
u8 * format_unformat_error(u8 *s, va_list *va)
Definition: unformat.c:91
ip46_address_t address
Definition: stn.h:25
static clib_error_t * show_stn_rules_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: stn.c:363
vlib_main_t vlib_node_runtime_t vlib_frame_t * frame
Definition: in2out_ed.c:1600
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:85
void ip6_sw_interface_enable_disable(u32 sw_if_index, u32 is_enable)
Definition: ip6_forward.c:239
static void ip46_address_set_ip4(ip46_address_t *ip46, const ip4_address_t *ip)
Definition: ip46_address.h:67
uword unformat(unformat_input_t *i, const char *fmt,...)
Definition: unformat.c:978
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)
Definition: feature.c:304
ip6_address_t dst_address
Definition: ip6_packet.h:310
static uword unformat_check_input(unformat_input_t *i)
Definition: format.h:171