FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
bfd_main.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2011-2016 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 /**
16  * @file
17  * @brief BFD nodes implementation
18  */
19 
20 #include <vlibmemory/api.h>
21 #include <vppinfra/random.h>
22 #include <vppinfra/error.h>
23 #include <vppinfra/hash.h>
24 #include <vppinfra/xxhash.h>
25 #include <vnet/ethernet/ethernet.h>
26 #include <vnet/ethernet/packet.h>
27 #include <vnet/bfd/bfd_debug.h>
28 #include <vnet/bfd/bfd_protocol.h>
29 #include <vnet/bfd/bfd_main.h>
30 #include <vlib/log.h>
31 #include <vnet/crypto/crypto.h>
32 
33 static u64
34 bfd_calc_echo_checksum (u32 discriminator, u64 expire_time, u32 secret)
35 {
36  u64 checksum = 0;
37 #if defined(clib_crc32c_uses_intrinsics) && !defined (__i386__)
38  checksum = crc32_u64 (0, discriminator);
39  checksum = crc32_u64 (checksum, expire_time);
40  checksum = crc32_u64 (checksum, secret);
41 #else
42  checksum = clib_xxhash (discriminator ^ expire_time ^ secret);
43 #endif
44  return checksum;
45 }
46 
47 static u64
49 {
50  return us * NSEC_PER_USEC;
51 }
52 
53 u32
55 {
56  return nsec / NSEC_PER_USEC;
57 }
58 
61 {
62  f64 _vm_time = vlib_time_now (vm);
63  if (vm_time)
64  *vm_time = _vm_time;
65  return _vm_time * NSEC_PER_SEC;
66 }
67 
69 
70 u8 *
71 format_bfd_auth_key (u8 * s, va_list * args)
72 {
73  const bfd_auth_key_t *key = va_arg (*args, bfd_auth_key_t *);
74  if (key)
75  {
76  s = format (s, "{auth-type=%u:%s, conf-key-id=%u, use-count=%u}, ",
77  key->auth_type, bfd_auth_type_str (key->auth_type),
78  key->conf_key_id, key->use_count);
79  }
80  else
81  {
82  s = format (s, "{none}");
83  }
84  return s;
85 }
86 
87 /*
88  * We actually send all bfd pkts to the "error" node after scanning
89  * them, so the graph node has only one next-index. The "error-drop"
90  * node automatically bumps our per-node packet counters for us.
91  */
92 typedef enum
93 {
97 
98 static void bfd_on_state_change (bfd_main_t * bm, bfd_session_t * bs, u64 now,
99  int handling_wakeup);
100 
101 static void
103 {
104  bs->local_state = BFD_STATE_down;
105  bs->local_diag = BFD_DIAG_CODE_no_diag;
106  bs->remote_state = BFD_STATE_down;
107  bs->remote_discr = 0;
108  bs->hop_type = BFD_HOP_TYPE_SINGLE;
112  bs->remote_min_rx_usec = 1;
114  bs->remote_min_echo_rx_usec = 0;
115  bs->remote_min_echo_rx_nsec = 0;
116  bs->remote_demand = 0;
117  bs->auth.remote_seq_number = 0;
120  bs->echo_secret = random_u32 (&bm->random_seed);
121 }
122 
123 static void
125 {
126  if (bs->local_diag != code)
127  {
128  BFD_DBG ("set local_diag, bs_idx=%d: '%d:%s'", bs->bs_idx, code,
129  bfd_diag_code_string (code));
130  bs->local_diag = code;
131  }
132 }
133 
134 static void
136  bfd_state_e new_state, int handling_wakeup)
137 {
138  if (bs->local_state != new_state)
139  {
140  BFD_DBG ("Change state, bs_idx=%d: %s->%s", bs->bs_idx,
142  bfd_state_string (new_state));
143  bs->local_state = new_state;
144  bfd_on_state_change (bm, bs, bfd_time_now_nsec (vm, NULL),
145  handling_wakeup);
146  }
147 }
148 
149 const char *
151 {
152  switch (state)
153  {
154 #define F(x) \
155  case BFD_POLL_##x: \
156  return "BFD_POLL_" #x;
158 #undef F
159  }
160  return "UNKNOWN";
161 }
162 
163 static void
165 {
166  if (bs->poll_state != state)
167  {
168  BFD_DBG ("Setting poll state=%s, bs_idx=%u",
170  bs->poll_state = state;
171  }
172 }
173 
174 static void
176 {
179  BFD_DBG ("Recalculated transmit interval " BFD_CLK_FMT,
180  BFD_CLK_PRN (bs->transmit_interval_nsec));
181 }
182 
183 static void
185 {
188  BFD_DBG ("Recalculated echo transmit interval " BFD_CLK_FMT,
189  BFD_CLK_PRN (bs->echo_transmit_interval_nsec));
190 }
191 
192 static void
194 {
195  if (bs->local_detect_mult > 1)
196  {
197  /* common case - 75-100% of transmit interval */
198  bs->tx_timeout_nsec = bs->last_tx_nsec +
199  (1 - .25 * (random_f64 (&bm->random_seed))) *
201  if (bs->tx_timeout_nsec < now)
202  {
203  /*
204  * the timeout is in the past, which means that either remote
205  * demand mode was set or performance/clock issues ...
206  */
207  BFD_DBG ("Missed %lu transmit events (now is %lu, calc "
208  "tx_timeout is %lu)",
209  (now - bs->tx_timeout_nsec) /
211  bs->tx_timeout_nsec = now;
212  }
213  }
214  else
215  {
216  /* special case - 75-90% of transmit interval */
217  bs->tx_timeout_nsec = bs->last_tx_nsec +
218  (.9 - .15 * (random_f64 (&bm->random_seed))) *
220  if (bs->tx_timeout_nsec < now)
221  {
222  /*
223  * the timeout is in the past, which means that either remote
224  * demand mode was set or performance/clock issues ...
225  */
226  BFD_DBG ("Missed %lu transmit events (now is %lu, calc "
227  "tx_timeout is %lu)",
228  (now - bs->tx_timeout_nsec) /
230  bs->tx_timeout_nsec = now;
231  }
232  }
233  if (bs->tx_timeout_nsec)
234  {
235  BFD_DBG ("Next transmit in %lu nsec/%.02fs@%lu",
236  bs->tx_timeout_nsec - now,
237  (bs->tx_timeout_nsec - now) * SEC_PER_NSEC,
238  bs->tx_timeout_nsec);
239  }
240 }
241 
242 static void
244 {
247  if (bs->echo_tx_timeout_nsec < now)
248  {
249  /* huh, we've missed it already, transmit now */
250  BFD_DBG ("Missed %lu echo transmit events (now is %lu, calc tx_timeout "
251  "is %lu)",
252  (now - bs->echo_tx_timeout_nsec) /
256  }
257  BFD_DBG ("Next echo transmit in %lu nsec/%.02fs@%lu",
261 }
262 
263 static void
265 {
266  if (bs->local_state == BFD_STATE_init || bs->local_state == BFD_STATE_up)
267  {
268  bs->detection_time_nsec =
269  bs->remote_detect_mult *
272  BFD_DBG ("Recalculated detection time %lu nsec/%.3fs",
275  }
276 }
277 
278 static void
280  int handling_wakeup)
281 {
282  u64 next = 0;
283  u64 rx_timeout = 0;
284  u64 tx_timeout = 0;
285  if (BFD_STATE_up == bs->local_state)
286  {
287  rx_timeout = bs->last_rx_nsec + bs->detection_time_nsec;
288  }
289  if (BFD_STATE_up != bs->local_state ||
290  (!bs->remote_demand && bs->remote_min_rx_usec) ||
291  BFD_POLL_NOT_NEEDED != bs->poll_state)
292  {
293  tx_timeout = bs->tx_timeout_nsec;
294  }
295  if (tx_timeout && rx_timeout)
296  {
297  next = clib_min (tx_timeout, rx_timeout);
298  }
299  else if (tx_timeout)
300  {
301  next = tx_timeout;
302  }
303  else if (rx_timeout)
304  {
305  next = rx_timeout;
306  }
307  if (bs->echo && next > bs->echo_tx_timeout_nsec)
308  {
310  }
311  BFD_DBG ("bs_idx=%u, tx_timeout=%lu, echo_tx_timeout=%lu, rx_timeout=%lu, "
312  "next=%s",
313  bs->bs_idx, tx_timeout, bs->echo_tx_timeout_nsec, rx_timeout,
314  next == tx_timeout
315  ? "tx" : (next == bs->echo_tx_timeout_nsec ? "echo tx" : "rx"));
316  if (next)
317  {
318  int send_signal = 0;
319  bs->event_time_nsec = next;
320  /* add extra tick if it's not even */
321  u32 wheel_time_ticks =
322  (bs->event_time_nsec - now) / bm->nsec_per_tw_tick +
323  ((bs->event_time_nsec - now) % bm->nsec_per_tw_tick != 0);
324  BFD_DBG ("event_time_nsec %lu (%lu nsec/%.3fs in future) -> "
325  "wheel_time_ticks %u", bs->event_time_nsec,
326  bs->event_time_nsec - now,
327  (bs->event_time_nsec - now) * SEC_PER_NSEC, wheel_time_ticks);
328  wheel_time_ticks = wheel_time_ticks ? wheel_time_ticks : 1;
329  bfd_lock (bm);
330  if (bs->tw_id)
331  {
332  TW (tw_timer_update) (&bm->wheel, bs->tw_id, wheel_time_ticks);
333  BFD_DBG ("tw_timer_update(%p, %u, %lu);", &bm->wheel, bs->tw_id,
334  wheel_time_ticks);
335  }
336  else
337  {
338  bs->tw_id =
339  TW (tw_timer_start) (&bm->wheel, bs->bs_idx, 0, wheel_time_ticks);
340  BFD_DBG ("tw_timer_start(%p, %u, 0, %lu) == %u;", &bm->wheel,
341  bs->bs_idx, wheel_time_ticks);
342  }
343 
344  if (!handling_wakeup)
345  {
346 
347  /* Send only if it is earlier than current awaited wakeup time */
348  send_signal =
350  /*
351  * If the wake-up time is within 2x the delay of the event propagation delay,
352  * avoid the expense of sending the event. The 2x multiplier is to workaround the race whereby
353  * simultaneous event + expired timer create one recurring bogus wakeup/suspend instance,
354  * due to double scheduling of the node on the pending list.
355  */
358  /* Must be no events in flight to send an event */
360 
361  /* If we do send the signal, note this down along with the start timestamp */
362  if (send_signal)
363  {
366  }
367  }
368  bfd_unlock (bm);
369 
370  /* Use the multithreaded event sending so the workers can send events too */
371  if (send_signal)
372  {
376  }
377  }
378 }
379 
380 static void
382  bfd_session_t * bs, u64 now,
383  u64 desired_min_tx_nsec)
384 {
385  bs->effective_desired_min_tx_nsec = desired_min_tx_nsec;
386  BFD_DBG ("Set effective desired min tx to " BFD_CLK_FMT,
387  BFD_CLK_PRN (bs->effective_desired_min_tx_nsec));
388  bfd_recalc_detection_time (bm, bs);
389  bfd_recalc_tx_interval (bm, bs);
391  bfd_calc_next_tx (bm, bs, now);
392 }
393 
394 static void
396  bfd_session_t * bs,
397  u64 required_min_rx_nsec)
398 {
399  bs->effective_required_min_rx_nsec = required_min_rx_nsec;
400  BFD_DBG ("Set effective required min rx to " BFD_CLK_FMT,
401  BFD_CLK_PRN (bs->effective_required_min_rx_nsec));
402  bfd_recalc_detection_time (bm, bs);
403 }
404 
405 static void
407  u64 now, u32 remote_required_min_rx_usec)
408 {
409  if (bs->remote_min_rx_usec != remote_required_min_rx_usec)
410  {
411  bs->remote_min_rx_usec = remote_required_min_rx_usec;
412  bs->remote_min_rx_nsec = bfd_usec_to_nsec (remote_required_min_rx_usec);
413  BFD_DBG ("Set remote min rx to " BFD_CLK_FMT,
414  BFD_CLK_PRN (bs->remote_min_rx_nsec));
415  bfd_recalc_detection_time (bm, bs);
416  bfd_recalc_tx_interval (bm, bs);
417  }
418 }
419 
420 static void
422  u64 now,
423  u32 remote_required_min_echo_rx_usec)
424 {
425  if (bs->remote_min_echo_rx_usec != remote_required_min_echo_rx_usec)
426  {
427  bs->remote_min_echo_rx_usec = remote_required_min_echo_rx_usec;
430  BFD_DBG ("Set remote min echo rx to " BFD_CLK_FMT,
431  BFD_CLK_PRN (bs->remote_min_echo_rx_nsec));
433  }
434 }
435 
436 static void
438  bfd_listen_event_e event, const bfd_session_t * bs)
439 {
440  bfd_notify_fn_t *fn;
441  vec_foreach (fn, bm->listeners)
442  {
443  (*fn) (event, bs);
444  }
445 }
446 
447 void
449 {
450  BFD_DBG ("\nStarting session: %U", format_bfd_session, bs);
451  vlib_log_info (bm->log_class, "start BFD session: %U",
454  bfd_recalc_tx_interval (bm, bs);
457  bfd_notify_listeners (bm, BFD_LISTEN_EVENT_CREATE, bs);
458 }
459 
460 void
462 {
463  bfd_main_t *bm = &bfd_main;
464  u64 now = bfd_time_now_nsec (vm, NULL);
465  if (admin_up_down)
466  {
467  BFD_DBG ("Session set admin-up, bs-idx=%u", bs->bs_idx);
468  vlib_log_info (bm->log_class, "set session admin-up: %U",
470  bfd_set_state (vm, bm, bs, BFD_STATE_down, 0);
471  bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
472  bfd_calc_next_tx (bm, bs, now);
473  bfd_set_timer (bm, bs, now, 0);
474  }
475  else
476  {
477  BFD_DBG ("Session set admin-down, bs-idx=%u", bs->bs_idx);
478  vlib_log_info (bm->log_class, "set session admin-down: %U",
480  bfd_set_diag (bs, BFD_DIAG_CODE_admin_down);
481  bfd_set_state (vm, bm, bs, BFD_STATE_admin_down, 0);
482  bfd_calc_next_tx (bm, bs, now);
483  bfd_set_timer (bm, bs, now, 0);
484  }
485 }
486 
487 u8 *
488 bfd_input_format_trace (u8 * s, va_list * args)
489 {
490  CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
491  CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
492  const bfd_input_trace_t *t = va_arg (*args, bfd_input_trace_t *);
493  const bfd_pkt_t *pkt = (bfd_pkt_t *) t->data;
494  if (t->len > STRUCT_SIZE_OF (bfd_pkt_t, head))
495  {
496  s = format (s, "BFD v%u, diag=%u(%s), state=%u(%s),\n"
497  " flags=(P:%u, F:%u, C:%u, A:%u, D:%u, M:%u), "
498  "detect_mult=%u, length=%u\n",
501  bfd_pkt_get_state (pkt),
503  bfd_pkt_get_poll (pkt), bfd_pkt_get_final (pkt),
506  bfd_pkt_get_multipoint (pkt), pkt->head.detect_mult,
507  pkt->head.length);
508  if (t->len >= sizeof (bfd_pkt_t) &&
509  pkt->head.length >= sizeof (bfd_pkt_t))
510  {
511  s = format (s, " my discriminator: %u\n",
512  clib_net_to_host_u32 (pkt->my_disc));
513  s = format (s, " your discriminator: %u\n",
514  clib_net_to_host_u32 (pkt->your_disc));
515  s = format (s, " desired min tx interval: %u\n",
516  clib_net_to_host_u32 (pkt->des_min_tx));
517  s = format (s, " required min rx interval: %u\n",
518  clib_net_to_host_u32 (pkt->req_min_rx));
519  s = format (s, " required min echo rx interval: %u",
520  clib_net_to_host_u32 (pkt->req_min_echo_rx));
521  }
522  if (t->len >= sizeof (bfd_pkt_with_common_auth_t) &&
523  pkt->head.length >= sizeof (bfd_pkt_with_common_auth_t) &&
525  {
526  const bfd_pkt_with_common_auth_t *with_auth = (void *) pkt;
527  const bfd_auth_common_t *common = &with_auth->common_auth;
528  s = format (s, "\n auth len: %u\n", common->len);
529  s = format (s, " auth type: %u:%s\n", common->type,
530  bfd_auth_type_str (common->type));
531  if (t->len >= sizeof (bfd_pkt_with_sha1_auth_t) &&
532  pkt->head.length >= sizeof (bfd_pkt_with_sha1_auth_t) &&
533  (BFD_AUTH_TYPE_keyed_sha1 == common->type ||
534  BFD_AUTH_TYPE_meticulous_keyed_sha1 == common->type))
535  {
536  const bfd_pkt_with_sha1_auth_t *with_sha1 = (void *) pkt;
537  const bfd_auth_sha1_t *sha1 = &with_sha1->sha1_auth;
538  s = format (s, " seq num: %u\n",
539  clib_net_to_host_u32 (sha1->seq_num));
540  s = format (s, " key id: %u\n", sha1->key_id);
541  s = format (s, " hash: %U", format_hex_bytes, sha1->hash,
542  sizeof (sha1->hash));
543  }
544  }
545  else
546  {
547  s = format (s, "\n");
548  }
549  }
550 
551  return s;
552 }
553 
554 typedef struct
555 {
558 
559 static void
561 {
562  bfd_main_t *bm = &bfd_main;
563  u32 bs_idx = a->bs_idx;
564  u32 valid_bs = 0;
565  bfd_session_t session_data;
566 
567  bfd_lock (bm);
568  if (!pool_is_free_index (bm->sessions, bs_idx))
569  {
570  bfd_session_t *bs = pool_elt_at_index (bm->sessions, bs_idx);
571  clib_memcpy (&session_data, bs, sizeof (bfd_session_t));
572  valid_bs = 1;
573  }
574  else
575  {
576  BFD_DBG ("Ignoring event RPC for non-existent session index %u",
577  bs_idx);
578  }
579  bfd_unlock (bm);
580 
581  if (valid_bs)
582  bfd_event (bm, &session_data);
583 }
584 
585 static void
587 {
588  const u32 data_size = sizeof (bfd_rpc_event_t);
589  u8 data[data_size];
590  bfd_rpc_event_t *event = (bfd_rpc_event_t *) data;
591 
592  event->bs_idx = bs_idx;
594 }
595 
596 typedef struct
597 {
600 
601 static void
603 {
604  bfd_main_t *bm = &bfd_main;
605  u32 bs_idx = a->bs_idx;
606  bfd_lock (bm);
607  if (!pool_is_free_index (bm->sessions, bs_idx))
608  {
609  bfd_session_t *bs = pool_elt_at_index (bm->sessions, bs_idx);
610  bfd_notify_listeners (bm, BFD_LISTEN_EVENT_UPDATE, bs);
611  }
612  else
613  {
614  BFD_DBG ("Ignoring notify RPC for non-existent session index %u",
615  bs_idx);
616  }
617  bfd_unlock (bm);
618 }
619 
620 static void
622 {
623  const u32 data_size = sizeof (bfd_rpc_notify_listeners_t);
624  u8 data[data_size];
626  notify->bs_idx = bs_idx;
628 }
629 
630 static void
632  int handling_wakeup)
633 {
634  BFD_DBG ("\nState changed: %U", format_bfd_session, bs);
635 
636  if (vlib_get_thread_index () == 0)
637  {
638  bfd_event (bm, bs);
639  }
640  else
641  {
642  /* without RPC - a REGRESSION: BFD event are not propagated */
643  bfd_event_rpc (bs->bs_idx);
644  }
645 
646  switch (bs->local_state)
647  {
648  case BFD_STATE_admin_down:
649  bs->echo = 0;
651  clib_max
656  bfd_set_timer (bm, bs, now, handling_wakeup);
657  break;
658  case BFD_STATE_down:
659  bs->echo = 0;
661  clib_max
666  bfd_set_timer (bm, bs, now, handling_wakeup);
667  break;
668  case BFD_STATE_init:
669  bs->echo = 0;
672  bfd_set_timer (bm, bs, now, handling_wakeup);
673  break;
674  case BFD_STATE_up:
677  if (BFD_POLL_NOT_NEEDED == bs->poll_state)
678  {
681  }
682  bfd_set_timer (bm, bs, now, handling_wakeup);
683  break;
684  }
685  if (vlib_get_thread_index () == 0)
686  {
687  bfd_notify_listeners (bm, BFD_LISTEN_EVENT_UPDATE, bs);
688  }
689  else
690  {
691  /* without RPC - a REGRESSION: state changes are not propagated */
693  }
694 }
695 
696 static void
698  bfd_main_t * bm, bfd_session_t * bs, u64 now)
699 {
700  /*
701  * if remote demand mode is set and we need to do a poll, set the next
702  * timeout so that the session wakes up immediately
703  */
704  if (bs->remote_demand && BFD_POLL_NEEDED == bs->poll_state &&
706  {
707  bs->tx_timeout_nsec = now;
708  }
709  bfd_recalc_detection_time (bm, bs);
710  bfd_set_timer (bm, bs, now, 0);
711 }
712 
713 static void
715 {
716  switch (bs->transport)
717  {
718  case BFD_TRANSPORT_UDP4:
719  BFD_DBG ("Transport bfd via udp4, bs_idx=%u", bs->bs_idx);
720  bfd_add_udp4_transport (vm, bi, bs, 0 /* is_echo */ );
721  break;
722  case BFD_TRANSPORT_UDP6:
723  BFD_DBG ("Transport bfd via udp6, bs_idx=%u", bs->bs_idx);
724  bfd_add_udp6_transport (vm, bi, bs, 0 /* is_echo */ );
725  break;
726  }
727 }
728 
729 static int
731 {
732  switch (bs->transport)
733  {
734  case BFD_TRANSPORT_UDP4:
735  BFD_DBG ("Transport bfd via udp4, bs_idx=%u", bs->bs_idx);
736  return bfd_transport_udp4 (vm, bi, bs);
737  break;
738  case BFD_TRANSPORT_UDP6:
739  BFD_DBG ("Transport bfd via udp6, bs_idx=%u", bs->bs_idx);
740  return bfd_transport_udp6 (vm, bi, bs);
741  break;
742  }
743  return 0;
744 }
745 
746 static int
748 {
749  switch (bs->transport)
750  {
751  case BFD_TRANSPORT_UDP4:
752  BFD_DBG ("Transport bfd echo via udp4, bs_idx=%u", bs->bs_idx);
753  return bfd_add_udp4_transport (vm, bi, bs, 1 /* is_echo */ );
754  break;
755  case BFD_TRANSPORT_UDP6:
756  BFD_DBG ("Transport bfd echo via udp6, bs_idx=%u", bs->bs_idx);
757  return bfd_add_udp6_transport (vm, bi, bs, 1 /* is_echo */ );
758  break;
759  }
760  return 0;
761 }
762 
763 static int
765 {
766  switch (bs->transport)
767  {
768  case BFD_TRANSPORT_UDP4:
769  BFD_DBG ("Transport bfd echo via udp4, bs_idx=%u", bs->bs_idx);
770  return bfd_transport_udp4 (vm, bi, bs);
771  break;
772  case BFD_TRANSPORT_UDP6:
773  BFD_DBG ("Transport bfd echo via udp6, bs_idx=%u", bs->bs_idx);
774  return bfd_transport_udp6 (vm, bi, bs);
775  break;
776  }
777  return 0;
778 }
779 
780 static void
782  bfd_session_t *bs)
783 {
784  bfd_pkt_with_sha1_auth_t *pkt = vlib_buffer_get_current (b);
785  bfd_auth_sha1_t *auth = &pkt->sha1_auth;
786  b->current_length += sizeof (*auth);
787  pkt->pkt.head.length += sizeof (*auth);
788  bfd_pkt_set_auth_present (&pkt->pkt);
789  clib_memset (auth, 0, sizeof (*auth));
790  auth->type_len.type = bs->auth.curr_key->auth_type;
791  /*
792  * only meticulous authentication types require incrementing seq number
793  * for every message, but doing so doesn't violate the RFC
794  */
795  ++bs->auth.local_seq_number;
796  auth->type_len.len = sizeof (bfd_auth_sha1_t);
797  auth->key_id = bs->auth.curr_bfd_key_id;
798  auth->seq_num = clib_host_to_net_u32 (bs->auth.local_seq_number);
799  /*
800  * first copy the password into the packet, then calculate the hash
801  * and finally replace the password with the calculated hash
802  */
803  clib_memcpy (auth->hash, bs->auth.curr_key->key,
804  sizeof (bs->auth.curr_key->key));
805  unsigned char hash[sizeof (auth->hash)];
806 
807  vnet_crypto_op_t op;
808  vnet_crypto_op_init (&op, VNET_CRYPTO_OP_SHA1_HASH);
809  op.src = (u8 *) pkt;
810  op.len = sizeof (*pkt);
811  op.digest = hash;
812  vnet_crypto_process_ops (vm, &op, 1);
813  BFD_DBG ("hashing: %U", format_hex_bytes, pkt, sizeof (*pkt));
814  clib_memcpy (auth->hash, hash, sizeof (hash));
815 }
816 
817 static void
819 {
820  bfd_main_t *bm = &bfd_main;
821  if (bs->auth.curr_key)
822  {
823  const bfd_auth_type_e auth_type = bs->auth.curr_key->auth_type;
824  switch (auth_type)
825  {
826  case BFD_AUTH_TYPE_reserved:
827  /* fallthrough */
828  case BFD_AUTH_TYPE_simple_password:
829  /* fallthrough */
830  case BFD_AUTH_TYPE_keyed_md5:
831  /* fallthrough */
832  case BFD_AUTH_TYPE_meticulous_keyed_md5:
834  "internal error, unexpected BFD auth type '%d'",
835  auth_type);
836  break;
837  case BFD_AUTH_TYPE_keyed_sha1:
838  /* fallthrough */
839  case BFD_AUTH_TYPE_meticulous_keyed_sha1:
841  break;
842  }
843  }
844 }
845 
846 static int
848 {
849  if (BFD_STATE_up == bs->local_state && BFD_STATE_up == bs->remote_state &&
850  bs->remote_min_echo_rx_usec > 0)
851  {
852  switch (bs->transport)
853  {
854  case BFD_TRANSPORT_UDP4:
855  return bfd_udp_is_echo_available (BFD_TRANSPORT_UDP4);
856  case BFD_TRANSPORT_UDP6:
857  return bfd_udp_is_echo_available (BFD_TRANSPORT_UDP6);
858  }
859  }
860  return 0;
861 }
862 
863 static void
865  vlib_buffer_t * b)
866 {
867  bfd_pkt_t *pkt = vlib_buffer_get_current (b);
868  u32 bfd_length = 0;
869  bfd_length = sizeof (bfd_pkt_t);
870  clib_memset (pkt, 0, sizeof (*pkt));
871  bfd_pkt_set_version (pkt, 1);
873  bfd_pkt_set_state (pkt, bs->local_state);
874  pkt->head.detect_mult = bs->local_detect_mult;
875  pkt->head.length = bfd_length;
876  pkt->my_disc = bs->local_discr;
877  pkt->your_disc = bs->remote_discr;
878  pkt->des_min_tx = clib_host_to_net_u32 (bs->config_desired_min_tx_usec);
879  if (bs->echo)
880  {
881  pkt->req_min_rx =
882  clib_host_to_net_u32 (bfd_nsec_to_usec
884  }
885  else
886  {
887  pkt->req_min_rx =
888  clib_host_to_net_u32 (bs->config_required_min_rx_usec);
889  }
890  pkt->req_min_echo_rx = clib_host_to_net_u32 (1);
891  b->current_length = bfd_length;
892 }
893 
894 static void
896  bfd_main_t * bm, bfd_session_t * bs, u64 now)
897 {
898  if (!bfd_is_echo_possible (bs))
899  {
900  BFD_DBG ("\nSwitching off echo function: %U", format_bfd_session, bs);
901  bs->echo = 0;
902  return;
903  }
904  if (now >= bs->echo_tx_timeout_nsec)
905  {
906  BFD_DBG ("\nSending echo packet: %U", format_bfd_session, bs);
907  u32 bi;
908  if (vlib_buffer_alloc (vm, &bi, 1) != 1)
909  {
910  vlib_log_crit (bm->log_class, "buffer allocation failure");
911  return;
912  }
914  ASSERT (b->current_data == 0);
915  bfd_echo_pkt_t *pkt = vlib_buffer_get_current (b);
916  clib_memset (pkt, 0, sizeof (*pkt));
917  pkt->discriminator = bs->local_discr;
918  pkt->expire_time_nsec =
920  pkt->checksum =
921  bfd_calc_echo_checksum (bs->local_discr, pkt->expire_time_nsec,
922  bs->echo_secret);
923  b->current_length = sizeof (*pkt);
924  if (!bfd_echo_add_transport_layer (vm, bi, bs))
925  {
926  BFD_ERR ("cannot send echo packet out, turning echo off");
927  bs->echo = 0;
928  vlib_buffer_free_one (vm, bi);
929  return;
930  }
931  if (!bfd_transport_echo (vm, bi, bs))
932  {
933  BFD_ERR ("cannot send echo packet out, turning echo off");
934  bs->echo = 0;
935  vlib_buffer_free_one (vm, bi);
936  return;
937  }
938  bs->echo_last_tx_nsec = now;
939  bfd_calc_next_echo_tx (bm, bs, now);
940  }
941  else
942  {
943  BFD_DBG
944  ("No need to send echo packet now, now is %lu, tx_timeout is %lu",
946  }
947 }
948 
949 static void
951  bfd_main_t * bm, bfd_session_t * bs, u64 now)
952 {
953  if (!bs->remote_min_rx_usec && BFD_POLL_NOT_NEEDED == bs->poll_state)
954  {
955  BFD_DBG ("Remote min rx interval is zero, not sending periodic control "
956  "frame");
957  return;
958  }
959  if (BFD_POLL_NOT_NEEDED == bs->poll_state && bs->remote_demand &&
960  BFD_STATE_up == bs->local_state && BFD_STATE_up == bs->remote_state)
961  {
962  /*
963  * A system MUST NOT periodically transmit BFD Control packets if Demand
964  * mode is active on the remote system (bfd.RemoteDemandMode is 1,
965  * bfd.SessionState is Up, and bfd.RemoteSessionState is Up) and a Poll
966  * Sequence is not being transmitted.
967  */
968  BFD_DBG ("Remote demand is set, not sending periodic control frame");
969  return;
970  }
971  if (now >= bs->tx_timeout_nsec)
972  {
973  BFD_DBG ("\nSending periodic control frame: %U", format_bfd_session,
974  bs);
975  u32 bi;
976  if (vlib_buffer_alloc (vm, &bi, 1) != 1)
977  {
978  vlib_log_crit (bm->log_class, "buffer allocation failure");
979  return;
980  }
982  ASSERT (b->current_data == 0);
983  bfd_init_control_frame (bm, bs, b);
984  switch (bs->poll_state)
985  {
986  case BFD_POLL_NEEDED:
987  if (now < bs->poll_state_start_or_timeout_nsec)
988  {
989  BFD_DBG ("Cannot start a poll sequence yet, need to wait for "
990  BFD_CLK_FMT,
991  BFD_CLK_PRN (bs->poll_state_start_or_timeout_nsec -
992  now));
993  break;
994  }
996  bfd_set_poll_state (bs, BFD_POLL_IN_PROGRESS);
997  /* fallthrough */
998  case BFD_POLL_IN_PROGRESS:
999  case BFD_POLL_IN_PROGRESS_AND_QUEUED:
1001  BFD_DBG ("Setting poll bit in packet, bs_idx=%u", bs->bs_idx);
1002  break;
1003  case BFD_POLL_NOT_NEEDED:
1004  /* fallthrough */
1005  break;
1006  }
1007  bfd_add_auth_section (vm, b, bs);
1008  bfd_add_transport_layer (vm, bi, bs);
1009  if (!bfd_transport_control_frame (vm, bi, bs))
1010  {
1011  vlib_buffer_free_one (vm, bi);
1012  }
1013  bs->last_tx_nsec = now;
1014  bfd_calc_next_tx (bm, bs, now);
1015  }
1016  else
1017  {
1018  BFD_DBG
1019  ("No need to send control frame now, now is %lu, tx_timeout is %lu",
1020  now, bs->tx_timeout_nsec);
1021  }
1022 }
1023 
1024 void
1026  bfd_main_t * bm, bfd_session_t * bs,
1027  int is_local)
1028 {
1029  BFD_DBG ("Send final control frame for bs_idx=%lu", bs->bs_idx);
1030  bfd_init_control_frame (bm, bs, b);
1032  bfd_add_auth_section (vm, b, bs);
1033  u32 bi = vlib_get_buffer_index (vm, b);
1034  bfd_add_transport_layer (vm, bi, bs);
1035  bs->last_tx_nsec = bfd_time_now_nsec (vm, NULL);
1036  /*
1037  * RFC allows to include changes in final frame, so if there were any
1038  * pending, we already did that, thus we can clear any pending poll needs
1039  */
1040  bfd_set_poll_state (bs, BFD_POLL_NOT_NEEDED);
1041 }
1042 
1043 static void
1045  u64 now, int handling_wakeup)
1046 {
1047  if (bs->last_rx_nsec + bs->detection_time_nsec <= now)
1048  {
1049  BFD_DBG ("Rx timeout, session goes down");
1050  /*
1051  * RFC 5880 6.8.1. State Variables
1052 
1053  * bfd.RemoteDiscr
1054 
1055  * The remote discriminator for this BFD session. This is the
1056  * discriminator chosen by the remote system, and is totally opaque
1057  * to the local system. This MUST be initialized to zero. If a
1058  * period of a Detection Time passes without the receipt of a valid,
1059  * authenticated BFD packet from the remote system, this variable
1060  * MUST be set to zero.
1061  */
1062  bs->remote_discr = 0;
1063  bfd_set_diag (bs, BFD_DIAG_CODE_det_time_exp);
1064  bfd_set_state (vm, bm, bs, BFD_STATE_down, handling_wakeup);
1065  /*
1066  * If the remote system does not receive any
1067  * BFD Control packets for a Detection Time, it SHOULD reset
1068  * bfd.RemoteMinRxInterval to its initial value of 1 (per section 6.8.1,
1069  * since it is no longer required to maintain previous session state)
1070  * and then can transmit at its own rate.
1071  */
1072  bfd_set_remote_required_min_rx (bm, bs, now, 1);
1073  }
1074  else if (bs->echo
1075  && bs->echo_last_rx_nsec +
1077  {
1078  BFD_DBG ("Echo rx timeout, session goes down");
1079  bfd_set_diag (bs, BFD_DIAG_CODE_echo_failed);
1080  bfd_set_state (vm, bm, bs, BFD_STATE_down, handling_wakeup);
1081  }
1082 }
1083 
1084 void
1086  bfd_session_t * bs, u64 now)
1087 {
1088  BFD_DBG ("Timeout for bs_idx=%lu", bs->bs_idx);
1089  switch (bs->local_state)
1090  {
1091  case BFD_STATE_admin_down:
1092  bfd_send_periodic (vm, rt, bm, bs, now);
1093  break;
1094  case BFD_STATE_down:
1095  bfd_send_periodic (vm, rt, bm, bs, now);
1096  break;
1097  case BFD_STATE_init:
1098  bfd_check_rx_timeout (vm, bm, bs, now, 1);
1099  bfd_send_periodic (vm, rt, bm, bs, now);
1100  break;
1101  case BFD_STATE_up:
1102  bfd_check_rx_timeout (vm, bm, bs, now, 1);
1103  if (BFD_POLL_NOT_NEEDED == bs->poll_state && !bs->echo &&
1104  bfd_is_echo_possible (bs))
1105  {
1106  /* switch on echo function as main detection method now */
1107  BFD_DBG ("Switching on echo function, bs_idx=%u", bs->bs_idx);
1108  bs->echo = 1;
1109  bs->echo_last_rx_nsec = now;
1110  bs->echo_tx_timeout_nsec = now;
1112  clib_max
1115  bfd_set_poll_state (bs, BFD_POLL_NEEDED);
1116  }
1117  bfd_send_periodic (vm, rt, bm, bs, now);
1118  if (bs->echo)
1119  {
1120  bfd_send_echo (vm, rt, bm, bs, now);
1121  }
1122  break;
1123  }
1124 }
1125 
1126 /*
1127  * bfd process node function
1128  */
1129 static uword
1131 {
1132  bfd_main_t *bm = &bfd_main;
1133  u32 *expired = 0;
1134  uword event_type, *event_data = 0;
1135 
1136  /* So we can send events to the bfd process */
1138 
1139  while (1)
1140  {
1141  f64 vm_time;
1142  u64 now = bfd_time_now_nsec (vm, &vm_time);
1143  BFD_DBG ("wakeup, now is %llunsec, vlib_time_now() is %.9f", now,
1144  vm_time);
1145  bfd_lock (bm);
1146  f64 timeout;
1147  if (pool_elts (bm->sessions))
1148  {
1149  u32 first_expires_in_ticks =
1150  TW (tw_timer_first_expires_in_ticks) (&bm->wheel);
1151  if (!first_expires_in_ticks)
1152  {
1153  BFD_DBG
1154  ("tw_timer_first_expires_in_ticks(%p) returns 0ticks",
1155  &bm->wheel);
1156  timeout = bm->wheel.next_run_time - vm_time;
1157  BFD_DBG ("wheel.next_run_time is %.9f",
1158  bm->wheel.next_run_time);
1159  u64 next_expire_nsec = now + timeout * SEC_PER_NSEC;
1160  bm->bfd_process_next_wakeup_nsec = next_expire_nsec;
1161  bfd_unlock (bm);
1162  }
1163  else
1164  {
1165  BFD_DBG ("tw_timer_first_expires_in_ticks(%p) returns %luticks",
1166  &bm->wheel, first_expires_in_ticks);
1167  u64 next_expire_nsec =
1168  now + first_expires_in_ticks * bm->nsec_per_tw_tick;
1169  bm->bfd_process_next_wakeup_nsec = next_expire_nsec;
1170  bfd_unlock (bm);
1171  timeout = (next_expire_nsec - now) * SEC_PER_NSEC;
1172  }
1173  BFD_DBG ("vlib_process_wait_for_event_or_clock(vm, %.09f)",
1174  timeout);
1175  (void) vlib_process_wait_for_event_or_clock (vm, timeout);
1176  }
1177  else
1178  {
1179  bfd_unlock (bm);
1181  }
1182  event_type = vlib_process_get_events (vm, &event_data);
1183  now = bfd_time_now_nsec (vm, &vm_time);
1184  uword *session_index;
1185  switch (event_type)
1186  {
1187  case ~0: /* no events => timeout */
1188  /* nothing to do here */
1189  break;
1190  case BFD_EVENT_RESCHEDULE:
1191  BFD_DBG ("reschedule event");
1192  bfd_lock (bm);
1196  bfd_unlock (bm);
1197  /* nothing to do here - reschedule is done automatically after
1198  * each event or timeout */
1199  break;
1200  case BFD_EVENT_NEW_SESSION:
1201  vec_foreach (session_index, event_data)
1202  {
1203  bfd_lock (bm);
1204  if (!pool_is_free_index (bm->sessions, *session_index))
1205  {
1206  bfd_session_t *bs =
1207  pool_elt_at_index (bm->sessions, *session_index);
1208  bfd_send_periodic (vm, rt, bm, bs, now);
1209  bfd_set_timer (bm, bs, now, 1);
1210  }
1211  else
1212  {
1213  BFD_DBG ("Ignoring event for non-existent session index %u",
1214  (u32) * session_index);
1215  }
1216  bfd_unlock (bm);
1217  }
1218  break;
1220  vec_foreach (session_index, event_data)
1221  {
1222  bfd_lock (bm);
1223  if (!pool_is_free_index (bm->sessions, *session_index))
1224  {
1225  bfd_session_t *bs =
1226  pool_elt_at_index (bm->sessions, *session_index);
1227  bfd_on_config_change (vm, rt, bm, bs, now);
1228  }
1229  else
1230  {
1231  BFD_DBG ("Ignoring event for non-existent session index %u",
1232  (u32) * session_index);
1233  }
1234  bfd_unlock (bm);
1235  }
1236  break;
1237  default:
1238  vlib_log_err (bm->log_class, "BUG: event type 0x%wx", event_type);
1239  break;
1240  }
1241  BFD_DBG ("tw_timer_expire_timers_vec(%p, %.04f);", &bm->wheel, vm_time);
1242  bfd_lock (bm);
1243  expired =
1244  TW (tw_timer_expire_timers_vec) (&bm->wheel, vm_time, expired);
1245  BFD_DBG ("Expired %d elements", vec_len (expired));
1246  u32 *p = NULL;
1247  vec_foreach (p, expired)
1248  {
1249  const u32 bs_idx = *p;
1250  if (!pool_is_free_index (bm->sessions, bs_idx))
1251  {
1252  bfd_session_t *bs = pool_elt_at_index (bm->sessions, bs_idx);
1253  bs->tw_id = 0; /* timer is gone because it expired */
1254  bfd_on_timeout (vm, rt, bm, bs, now);
1255  bfd_set_timer (bm, bs, now, 1);
1256  }
1257  }
1258  bfd_unlock (bm);
1259  if (expired)
1260  {
1261  _vec_len (expired) = 0;
1262  }
1263  if (event_data)
1264  {
1265  _vec_len (event_data) = 0;
1266  }
1267  }
1268 
1269  return 0;
1270 }
1271 
1272 /*
1273  * bfd process node declaration
1274  */
1275 /* *INDENT-OFF* */
1277  .function = bfd_process,
1278  .type = VLIB_NODE_TYPE_PROCESS,
1279  .name = "bfd-process",
1280  .n_next_nodes = 0,
1281  .next_nodes = {},
1282 };
1283 /* *INDENT-ON* */
1284 
1285 static clib_error_t *
1287 {
1288  // bfd_main_t *bm = &bfd_main;
1289  // vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
1291  {
1292  /* TODO */
1293  }
1294  return 0;
1295 }
1296 
1298 
1299 static clib_error_t *
1301 {
1302  // bfd_main_t *bm = &bfd_main;
1304  {
1305  /* TODO */
1306  }
1307  return 0;
1308 }
1309 
1311 
1312 void
1314 {
1315  bfd_main_t *bm = &bfd_main;
1316 
1317  vec_add1 (bm->listeners, fn);
1318 }
1319 
1320 /*
1321  * setup function
1322  */
1323 static clib_error_t *
1325 {
1327  u32 n_vlib_mains = tm->n_vlib_mains;
1328 #if BFD_DEBUG
1329  setbuf (stdout, NULL);
1330 #endif
1331  bfd_main_t *bm = &bfd_main;
1333  bm->vlib_main = vm;
1334  bm->vnet_main = vnet_get_main ();
1335  clib_memset (&bm->wheel, 0, sizeof (bm->wheel));
1341  BFD_DBG ("tw_timer_wheel_init(%p, %p, %.04f, %u)", &bm->wheel, NULL,
1342  1.00 / BFD_TW_TPS, ~0);
1343  TW (tw_timer_wheel_init) (&bm->wheel, NULL, 1.00 / BFD_TW_TPS, ~0);
1344  bm->log_class = vlib_log_register_class ("bfd", 0);
1345  vlib_log_debug (bm->log_class, "initialized");
1346  bm->owner_thread_index = ~0;
1347  if (n_vlib_mains > 1)
1348  clib_spinlock_init (&bm->lock);
1349  return 0;
1350 }
1351 
1353 
1354 bfd_session_t *
1356 {
1357  bfd_session_t *result;
1358 
1359  bfd_lock (bm);
1360 
1361  pool_get (bm->sessions, result);
1362  clib_memset (result, 0, sizeof (*result));
1363  result->bs_idx = result - bm->sessions;
1364  result->transport = t;
1365  const unsigned limit = 1000;
1366  unsigned counter = 0;
1367  do
1368  {
1369  result->local_discr = random_u32 (&bm->random_seed);
1370  if (counter > limit)
1371  {
1372  vlib_log_crit (bm->log_class,
1373  "couldn't allocate unused session discriminator even "
1374  "after %u tries!", limit);
1375  pool_put (bm->sessions, result);
1376  bfd_unlock (bm);
1377  return NULL;
1378  }
1379  ++counter;
1380  }
1381  while (hash_get (bm->session_by_disc, result->local_discr));
1382  bfd_set_defaults (bm, result);
1383  hash_set (bm->session_by_disc, result->local_discr, result->bs_idx);
1384  bfd_unlock (bm);
1385  return result;
1386 }
1387 
1388 void
1390 {
1391  bfd_lock (bm);
1392 
1393  vlib_log_info (bm->log_class, "delete session: %U",
1395  bfd_notify_listeners (bm, BFD_LISTEN_EVENT_DELETE, bs);
1396  if (bs->auth.curr_key)
1397  {
1398  --bs->auth.curr_key->use_count;
1399  }
1400  if (bs->auth.next_key)
1401  {
1402  --bs->auth.next_key->use_count;
1403  }
1405  pool_put (bm->sessions, bs);
1406  bfd_unlock (bm);
1407 }
1408 
1409 bfd_session_t *
1411 {
1412  bfd_lock_check (bm);
1413  if (!pool_is_free_index (bm->sessions, bs_idx))
1414  {
1415  return pool_elt_at_index (bm->sessions, bs_idx);
1416  }
1417  return NULL;
1418 }
1419 
1420 bfd_session_t *
1422 {
1423  bfd_lock_check (bm);
1424  uword *p = hash_get (bfd_main.session_by_disc, disc);
1425  if (p)
1426  {
1427  return pool_elt_at_index (bfd_main.sessions, *p);
1428  }
1429  return NULL;
1430 }
1431 
1432 /**
1433  * @brief verify bfd packet - common checks
1434  *
1435  * @param pkt
1436  *
1437  * @return 1 if bfd packet is valid
1438  */
1439 int
1440 bfd_verify_pkt_common (const bfd_pkt_t * pkt)
1441 {
1442  if (1 != bfd_pkt_get_version (pkt))
1443  {
1444  BFD_ERR ("BFD verification failed - unexpected version: '%d'",
1445  bfd_pkt_get_version (pkt));
1446  return 0;
1447  }
1448  if (pkt->head.length < sizeof (bfd_pkt_t) ||
1449  (bfd_pkt_get_auth_present (pkt) &&
1450  pkt->head.length < sizeof (bfd_pkt_with_common_auth_t)))
1451  {
1452  BFD_ERR ("BFD verification failed - unexpected length: '%d' (auth "
1453  "present: %d)",
1454  pkt->head.length, bfd_pkt_get_auth_present (pkt));
1455  return 0;
1456  }
1457  if (!pkt->head.detect_mult)
1458  {
1459  BFD_ERR ("BFD verification failed - unexpected detect-mult: '%d'",
1460  pkt->head.detect_mult);
1461  return 0;
1462  }
1463  if (bfd_pkt_get_multipoint (pkt))
1464  {
1465  BFD_ERR ("BFD verification failed - unexpected multipoint: '%d'",
1466  bfd_pkt_get_multipoint (pkt));
1467  return 0;
1468  }
1469  if (!pkt->my_disc)
1470  {
1471  BFD_ERR ("BFD verification failed - unexpected my-disc: '%d'",
1472  pkt->my_disc);
1473  return 0;
1474  }
1475  if (!pkt->your_disc)
1476  {
1477  const u8 pkt_state = bfd_pkt_get_state (pkt);
1478  if (pkt_state != BFD_STATE_down && pkt_state != BFD_STATE_admin_down)
1479  {
1480  BFD_ERR ("BFD verification failed - unexpected state: '%s' "
1481  "(your-disc is zero)", bfd_state_string (pkt_state));
1482  return 0;
1483  }
1484  }
1485  return 1;
1486 }
1487 
1488 static void
1490 {
1491  BFD_DBG ("Switching authentication key from %U to %U for bs_idx=%u",
1493  bs->auth.next_key, bs->bs_idx);
1494  bs->auth.is_delayed = 0;
1495  if (bs->auth.curr_key)
1496  {
1497  --bs->auth.curr_key->use_count;
1498  }
1499  bs->auth.curr_key = bs->auth.next_key;
1500  bs->auth.next_key = NULL;
1502 }
1503 
1504 static int
1506 {
1507  if (BFD_AUTH_TYPE_meticulous_keyed_md5 == auth_type ||
1508  BFD_AUTH_TYPE_meticulous_keyed_sha1 == auth_type)
1509  {
1510  return 1;
1511  }
1512  return 0;
1513 }
1514 
1515 static int
1517  u32 received_seq_num, int is_meticulous)
1518 {
1519  /*
1520  * RFC 5880 6.8.1:
1521  *
1522  * This variable MUST be set to zero after no packets have been
1523  * received on this session for at least twice the Detection Time.
1524  */
1525  u64 now = bfd_time_now_nsec (vm, NULL);
1526  if (now - bs->last_rx_nsec > bs->detection_time_nsec * 2)
1527  {
1528  BFD_DBG ("BFD peer unresponsive for %lu nsec, which is > 2 * "
1529  "detection_time=%u nsec, resetting remote_seq_number_known "
1530  "flag", now - bs->last_rx_nsec, bs->detection_time_nsec * 2);
1531  bs->auth.remote_seq_number_known = 0;
1532  }
1533  if (bs->auth.remote_seq_number_known)
1534  {
1535  /* remote sequence number is known, verify its validity */
1536  const u32 max_u32 = 0xffffffff;
1537  /* the calculation might wrap, account for the special case... */
1538  if (bs->auth.remote_seq_number > max_u32 - 3 * bs->local_detect_mult)
1539  {
1540  /*
1541  * special case
1542  *
1543  * x y z
1544  * |----------+----------------------------+-----------|
1545  * 0 ^ ^ 0xffffffff
1546  * | remote_seq_num------+
1547  * |
1548  * +-----(remote_seq_num + 3*detect_mult) % * 0xffffffff
1549  *
1550  * x + y + z = 0xffffffff
1551  * x + z = 3 * detect_mult
1552  */
1553  const u32 z = max_u32 - bs->auth.remote_seq_number;
1554  const u32 x = 3 * bs->local_detect_mult - z;
1555  if (received_seq_num > x &&
1556  received_seq_num < bs->auth.remote_seq_number + is_meticulous)
1557  {
1558  BFD_ERR
1559  ("Recvd sequence number=%u out of ranges <0, %u>, <%u, %u>",
1560  received_seq_num, x,
1561  bs->auth.remote_seq_number + is_meticulous, max_u32);
1562  return 0;
1563  }
1564  }
1565  else
1566  {
1567  /* regular case */
1568  const u32 min = bs->auth.remote_seq_number + is_meticulous;
1569  const u32 max =
1571  if (received_seq_num < min || received_seq_num > max)
1572  {
1573  BFD_ERR ("Recvd sequence number=%u out of range <%u, %u>",
1574  received_seq_num, min, max);
1575  return 0;
1576  }
1577  }
1578  }
1579  return 1;
1580 }
1581 
1582 static int
1584  u32 pkt_size, bfd_session_t *bs, u8 bfd_key_id,
1585  bfd_auth_key_t *auth_key)
1586 {
1587  ASSERT (auth_key->auth_type == BFD_AUTH_TYPE_keyed_sha1 ||
1588  auth_key->auth_type == BFD_AUTH_TYPE_meticulous_keyed_sha1);
1589 
1590  bfd_pkt_with_common_auth_t *with_common = (void *) pkt;
1591  if (pkt_size < sizeof (*with_common))
1592  {
1593  BFD_ERR ("Packet size too small to hold authentication common header");
1594  return 0;
1595  }
1596  if (with_common->common_auth.type != auth_key->auth_type)
1597  {
1598  BFD_ERR ("BFD auth type mismatch, packet auth=%d:%s doesn't match "
1599  "in-use auth=%d:%s",
1600  with_common->common_auth.type,
1601  bfd_auth_type_str (with_common->common_auth.type),
1602  auth_key->auth_type, bfd_auth_type_str (auth_key->auth_type));
1603  return 0;
1604  }
1605  bfd_pkt_with_sha1_auth_t *with_sha1 = (void *) pkt;
1606  if (pkt_size < sizeof (*with_sha1) ||
1607  with_sha1->sha1_auth.type_len.len < sizeof (with_sha1->sha1_auth))
1608  {
1609  BFD_ERR
1610  ("BFD size mismatch, payload size=%u, expected=%u, auth_len=%u, "
1611  "expected=%u", pkt_size, sizeof (*with_sha1),
1612  with_sha1->sha1_auth.type_len.len, sizeof (with_sha1->sha1_auth));
1613  return 0;
1614  }
1615  if (with_sha1->sha1_auth.key_id != bfd_key_id)
1616  {
1617  BFD_ERR
1618  ("BFD key ID mismatch, packet key ID=%u doesn't match key ID=%u%s",
1619  with_sha1->sha1_auth.key_id, bfd_key_id,
1620  bs->
1621  auth.is_delayed ? " (but a delayed auth change is scheduled)" : "");
1622  return 0;
1623  }
1624 
1625  u8 hash_from_packet[STRUCT_SIZE_OF (bfd_auth_sha1_t, hash)];
1626  u8 calculated_hash[STRUCT_SIZE_OF (bfd_auth_sha1_t, hash)];
1627  clib_memcpy (hash_from_packet, with_sha1->sha1_auth.hash,
1628  sizeof (with_sha1->sha1_auth.hash));
1629  clib_memcpy (with_sha1->sha1_auth.hash, auth_key->key,
1630  sizeof (auth_key->key));
1631  vnet_crypto_op_t op;
1632  vnet_crypto_op_init (&op, VNET_CRYPTO_OP_SHA1_HASH);
1633  op.src = (u8 *) with_sha1;
1634  op.len = sizeof (*with_sha1);
1635  op.digest = calculated_hash;
1636  vnet_crypto_process_ops (vm, &op, 1);
1637  if (0 ==
1638  memcmp (calculated_hash, hash_from_packet, sizeof (calculated_hash)))
1639  {
1640  clib_memcpy (with_sha1->sha1_auth.hash, hash_from_packet,
1641  sizeof (hash_from_packet));
1642  return 1;
1643  }
1644  BFD_ERR ("SHA1 hash: %U doesn't match the expected value: %U",
1645  format_hex_bytes, hash_from_packet, sizeof (hash_from_packet),
1646  format_hex_bytes, calculated_hash, sizeof (calculated_hash));
1647  return 0;
1648 }
1649 
1650 static int
1651 bfd_verify_pkt_auth_key (vlib_main_t * vm, const bfd_pkt_t * pkt,
1652  u32 pkt_size, bfd_session_t * bs, u8 bfd_key_id,
1653  bfd_auth_key_t * auth_key)
1654 {
1655  bfd_main_t *bm = &bfd_main;
1656  switch (auth_key->auth_type)
1657  {
1658  case BFD_AUTH_TYPE_reserved:
1659  vlib_log_err (bm->log_class,
1660  "internal error, unexpected auth_type=%d:%s",
1661  auth_key->auth_type,
1662  bfd_auth_type_str (auth_key->auth_type));
1663  return 0;
1664  case BFD_AUTH_TYPE_simple_password:
1665  vlib_log_err (bm->log_class,
1666  "internal error, not implemented, unexpected auth_type=%d:%s",
1667  auth_key->auth_type,
1668  bfd_auth_type_str (auth_key->auth_type));
1669  return 0;
1670  case BFD_AUTH_TYPE_keyed_md5:
1671  /* fallthrough */
1672  case BFD_AUTH_TYPE_meticulous_keyed_md5:
1673  vlib_log_err
1674  (bm->log_class,
1675  "internal error, not implemented, unexpected auth_type=%d:%s",
1676  auth_key->auth_type, bfd_auth_type_str (auth_key->auth_type));
1677  return 0;
1678  case BFD_AUTH_TYPE_keyed_sha1:
1679  /* fallthrough */
1680  case BFD_AUTH_TYPE_meticulous_keyed_sha1:
1681  do
1682  {
1683  const u32 seq_num = clib_net_to_host_u32 (((bfd_pkt_with_sha1_auth_t
1684  *) pkt)->
1685  sha1_auth.seq_num);
1687  vm, bs, seq_num,
1688  bfd_auth_type_is_meticulous (auth_key->auth_type)) &&
1689  bfd_verify_pkt_auth_key_sha1 (vm, pkt, pkt_size, bs,
1690  bfd_key_id, auth_key);
1691  }
1692  while (0);
1693  }
1694  return 0;
1695 }
1696 
1697 /**
1698  * @brief verify bfd packet - authentication
1699  *
1700  * @param pkt
1701  *
1702  * @return 1 if bfd packet is valid
1703  */
1704 int
1705 bfd_verify_pkt_auth (vlib_main_t * vm, const bfd_pkt_t * pkt, u16 pkt_size,
1706  bfd_session_t * bs)
1707 {
1708  if (bfd_pkt_get_auth_present (pkt))
1709  {
1710  /* authentication present in packet */
1711  if (!bs->auth.curr_key)
1712  {
1713  /* currently not using authentication - can we turn it on? */
1714  if (bs->auth.is_delayed && bs->auth.next_key)
1715  {
1716  /* yes, switch is scheduled - make sure the auth is valid */
1717  if (bfd_verify_pkt_auth_key (vm, pkt, pkt_size, bs,
1718  bs->auth.next_bfd_key_id,
1719  bs->auth.next_key))
1720  {
1721  /* auth matches next key, do the switch, packet is valid */
1723  return 1;
1724  }
1725  }
1726  }
1727  else
1728  {
1729  /* yes, using authentication, verify the key */
1730  if (bfd_verify_pkt_auth_key (vm, pkt, pkt_size, bs,
1731  bs->auth.curr_bfd_key_id,
1732  bs->auth.curr_key))
1733  {
1734  /* verification passed, packet is valid */
1735  return 1;
1736  }
1737  else
1738  {
1739  /* verification failed - but maybe we need to switch key */
1740  if (bs->auth.is_delayed && bs->auth.next_key)
1741  {
1742  /* delayed switch present, verify if that key works */
1743  if (bfd_verify_pkt_auth_key (vm, pkt, pkt_size, bs,
1744  bs->auth.next_bfd_key_id,
1745  bs->auth.next_key))
1746  {
1747  /* auth matches next key, switch key, packet is valid */
1749  return 1;
1750  }
1751  }
1752  }
1753  }
1754  }
1755  else
1756  {
1757  /* authentication in packet not present */
1758  if (pkt_size > sizeof (*pkt))
1759  {
1760  BFD_ERR ("BFD verification failed - unexpected packet size '%d' "
1761  "(auth not present)", pkt_size);
1762  return 0;
1763  }
1764  if (bs->auth.curr_key)
1765  {
1766  /* currently authenticating - could we turn it off? */
1767  if (bs->auth.is_delayed && !bs->auth.next_key)
1768  {
1769  /* yes, delayed switch to NULL key is scheduled */
1771  return 1;
1772  }
1773  }
1774  else
1775  {
1776  /* no auth in packet, no auth in use - packet is valid */
1777  return 1;
1778  }
1779  }
1780  return 0;
1781 }
1782 
1783 void
1784 bfd_consume_pkt (vlib_main_t * vm, bfd_main_t * bm, const bfd_pkt_t * pkt,
1785  u32 bs_idx)
1786 {
1787  bfd_lock_check (bm);
1788 
1789  bfd_session_t *bs = bfd_find_session_by_idx (bm, bs_idx);
1790  if (!bs || (pkt->your_disc && pkt->your_disc != bs->local_discr))
1791  {
1792  return;
1793  }
1794  BFD_DBG ("Scanning bfd packet, bs_idx=%d", bs->bs_idx);
1795  bs->remote_discr = pkt->my_disc;
1796  bs->remote_state = bfd_pkt_get_state (pkt);
1797  bs->remote_demand = bfd_pkt_get_demand (pkt);
1798  bs->remote_diag = bfd_pkt_get_diag_code (pkt);
1799  u64 now = bfd_time_now_nsec (vm, NULL);
1800  bs->last_rx_nsec = now;
1801  if (bfd_pkt_get_auth_present (pkt))
1802  {
1803  bfd_auth_type_e auth_type =
1804  ((bfd_pkt_with_common_auth_t *) (pkt))->common_auth.type;
1805  switch (auth_type)
1806  {
1807  case BFD_AUTH_TYPE_reserved:
1808  /* fallthrough */
1809  case BFD_AUTH_TYPE_simple_password:
1810  /* fallthrough */
1811  case BFD_AUTH_TYPE_keyed_md5:
1812  /* fallthrough */
1813  case BFD_AUTH_TYPE_meticulous_keyed_md5:
1814  vlib_log_crit (bm->log_class,
1815  "internal error, unexpected auth_type=%d:%s",
1816  auth_type, bfd_auth_type_str (auth_type));
1817  break;
1818  case BFD_AUTH_TYPE_keyed_sha1:
1819  /* fallthrough */
1820  case BFD_AUTH_TYPE_meticulous_keyed_sha1:
1821  do
1822  {
1823  bfd_pkt_with_sha1_auth_t *with_sha1 =
1824  (bfd_pkt_with_sha1_auth_t *) pkt;
1825  bs->auth.remote_seq_number =
1826  clib_net_to_host_u32 (with_sha1->sha1_auth.seq_num);
1827  bs->auth.remote_seq_number_known = 1;
1828  BFD_DBG ("Received sequence number %u",
1829  bs->auth.remote_seq_number);
1830  }
1831  while (0);
1832  }
1833  }
1835  bfd_usec_to_nsec (clib_net_to_host_u32 (pkt->des_min_tx));
1836  bs->remote_detect_mult = pkt->head.detect_mult;
1838  clib_net_to_host_u32 (pkt->req_min_rx));
1840  clib_net_to_host_u32
1841  (pkt->req_min_echo_rx));
1842  if (bfd_pkt_get_final (pkt))
1843  {
1844  if (BFD_POLL_IN_PROGRESS == bs->poll_state)
1845  {
1846  BFD_DBG ("Poll sequence terminated, bs_idx=%u", bs->bs_idx);
1847  bfd_set_poll_state (bs, BFD_POLL_NOT_NEEDED);
1848  if (BFD_STATE_up == bs->local_state)
1849  {
1851  clib_max (bs->echo *
1854  }
1855  }
1856  else if (BFD_POLL_IN_PROGRESS_AND_QUEUED == bs->poll_state)
1857  {
1858  /*
1859  * next poll sequence must be delayed by at least the round trip
1860  * time, so calculate that here
1861  */
1862  BFD_DBG ("Next poll sequence can commence in " BFD_CLK_FMT,
1863  BFD_CLK_PRN (now - bs->poll_state_start_or_timeout_nsec));
1866  BFD_DBG
1867  ("Poll sequence terminated, but another is needed, bs_idx=%u",
1868  bs->bs_idx);
1869  bfd_set_poll_state (bs, BFD_POLL_NEEDED);
1870  }
1871  }
1872  bfd_calc_next_tx (bm, bs, now);
1873  bfd_set_timer (bm, bs, now, 0);
1874  if (BFD_STATE_admin_down == bs->local_state)
1875  {
1876  BFD_DBG ("Session is admin-down, ignoring packet, bs_idx=%u",
1877  bs->bs_idx);
1878  return;
1879  }
1880  if (BFD_STATE_admin_down == bs->remote_state)
1881  {
1882  bfd_set_diag (bs, BFD_DIAG_CODE_neighbor_sig_down);
1883  bfd_set_state (vm, bm, bs, BFD_STATE_down, 0);
1884  }
1885  else if (BFD_STATE_down == bs->local_state)
1886  {
1887  if (BFD_STATE_down == bs->remote_state)
1888  {
1889  bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
1890  bfd_set_state (vm, bm, bs, BFD_STATE_init, 0);
1891  }
1892  else if (BFD_STATE_init == bs->remote_state)
1893  {
1894  bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
1895  bfd_set_state (vm, bm, bs, BFD_STATE_up, 0);
1896  }
1897  }
1898  else if (BFD_STATE_init == bs->local_state)
1899  {
1900  if (BFD_STATE_up == bs->remote_state ||
1901  BFD_STATE_init == bs->remote_state)
1902  {
1903  bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
1904  bfd_set_state (vm, bm, bs, BFD_STATE_up, 0);
1905  }
1906  }
1907  else /* BFD_STATE_up == bs->local_state */
1908  {
1909  if (BFD_STATE_down == bs->remote_state)
1910  {
1911  bfd_set_diag (bs, BFD_DIAG_CODE_neighbor_sig_down);
1912  bfd_set_state (vm, bm, bs, BFD_STATE_down, 0);
1913  }
1914  }
1915 }
1916 
1917 int
1919 {
1920  bfd_echo_pkt_t *pkt = NULL;
1921  if (b->current_length != sizeof (*pkt))
1922  {
1923  return 0;
1924  }
1925  pkt = vlib_buffer_get_current (b);
1926  bfd_session_t *bs = bfd_find_session_by_disc (bm, pkt->discriminator);
1927  if (!bs)
1928  {
1929  return 0;
1930  }
1931  BFD_DBG ("Scanning bfd echo packet, bs_idx=%d", bs->bs_idx);
1932  u64 checksum =
1933  bfd_calc_echo_checksum (bs->local_discr, pkt->expire_time_nsec,
1934  bs->echo_secret);
1935  if (checksum != pkt->checksum)
1936  {
1937  BFD_DBG ("Invalid echo packet, checksum mismatch");
1938  return 1;
1939  }
1940  u64 now = bfd_time_now_nsec (vm, NULL);
1941  if (pkt->expire_time_nsec < now)
1942  {
1943  BFD_DBG ("Stale packet received, expire time %lu < now %lu",
1944  pkt->expire_time_nsec, now);
1945  }
1946  else
1947  {
1948  bs->echo_last_rx_nsec = now;
1949  }
1950  return 1;
1951 }
1952 
1953 u8 *
1954 format_bfd_session (u8 * s, va_list * args)
1955 {
1956  const bfd_session_t *bs = va_arg (*args, bfd_session_t *);
1957  s = format (s, "bs_idx=%u local-state=%s remote-state=%s\n"
1958  "local-discriminator=%u remote-discriminator=%u\n"
1959  "local-diag=%s echo-active=%s\n"
1960  "desired-min-tx=%u required-min-rx=%u\n"
1961  "required-min-echo-rx=%u detect-mult=%u\n"
1962  "remote-min-rx=%u remote-min-echo-rx=%u\n"
1963  "remote-demand=%s poll-state=%s\n"
1964  "auth: local-seq-num=%u remote-seq-num=%u\n"
1965  " is-delayed=%s\n"
1966  " curr-key=%U\n"
1967  " next-key=%U",
1968  bs->bs_idx, bfd_state_string (bs->local_state),
1971  (bs->echo ? "yes" : "no"), bs->config_desired_min_tx_usec,
1974  (bs->remote_demand ? "yes" : "no"),
1977  (bs->auth.is_delayed ? "yes" : "no"),
1979  bs->auth.next_key);
1980  return s;
1981 }
1982 
1983 u8 *
1984 format_bfd_session_brief (u8 * s, va_list * args)
1985 {
1986  const bfd_session_t *bs = va_arg (*args, bfd_session_t *);
1987  s =
1988  format (s, "bs_idx=%u local-state=%s remote-state=%s", bs->bs_idx,
1991  return s;
1992 }
1993 
1994 unsigned
1996 {
1997  if (auth_type == BFD_AUTH_TYPE_keyed_sha1 ||
1998  auth_type == BFD_AUTH_TYPE_meticulous_keyed_sha1)
1999  {
2000  return 1;
2001  }
2002  return 0;
2003 }
2004 
2007  u8 bfd_key_id, u8 is_delayed)
2008 {
2009  bfd_main_t *bm = &bfd_main;
2010  const uword *key_idx_p =
2011  hash_get (bm->auth_key_by_conf_key_id, conf_key_id);
2012  if (!key_idx_p)
2013  {
2014  vlib_log_err (bm->log_class,
2015  "authentication key with config ID %u doesn't exist)",
2016  conf_key_id);
2017  return VNET_API_ERROR_BFD_ENOENT;
2018  }
2019  const uword key_idx = *key_idx_p;
2020  bfd_auth_key_t *key = pool_elt_at_index (bm->auth_keys, key_idx);
2021  if (is_delayed)
2022  {
2023  if (bs->auth.next_key == key)
2024  {
2025  /* already using this key, no changes required */
2026  return 0;
2027  }
2028  bs->auth.next_key = key;
2029  bs->auth.next_bfd_key_id = bfd_key_id;
2030  bs->auth.is_delayed = 1;
2031  }
2032  else
2033  {
2034  if (bs->auth.curr_key == key)
2035  {
2036  /* already using this key, no changes required */
2037  return 0;
2038  }
2039  if (bs->auth.curr_key)
2040  {
2041  --bs->auth.curr_key->use_count;
2042  }
2043  bs->auth.curr_key = key;
2044  bs->auth.curr_bfd_key_id = bfd_key_id;
2045  bs->auth.is_delayed = 0;
2046  }
2047  ++key->use_count;
2048  BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs);
2049  vlib_log_info (bm->log_class, "session auth modified: %U",
2051  return 0;
2052 }
2053 
2056 {
2057  bfd_main_t *bm = &bfd_main;
2058  if (!is_delayed)
2059  {
2060  /* not delayed - deactivate the current key right now */
2061  if (bs->auth.curr_key)
2062  {
2063  --bs->auth.curr_key->use_count;
2064  bs->auth.curr_key = NULL;
2065  }
2066  bs->auth.is_delayed = 0;
2067  }
2068  else
2069  {
2070  /* delayed - mark as so */
2071  bs->auth.is_delayed = 1;
2072  }
2073  /*
2074  * clear the next key unconditionally - either the auth change is not delayed
2075  * in which case the caller expects the session to not use authentication
2076  * from this point forward, or it is delayed, in which case the next_key
2077  * needs to be set to NULL to make it so in the future
2078  */
2079  if (bs->auth.next_key)
2080  {
2081  --bs->auth.next_key->use_count;
2082  bs->auth.next_key = NULL;
2083  }
2084  BFD_DBG ("\nSession auth modified: %U", format_bfd_session, bs);
2085  vlib_log_info (bm->log_class, "session auth modified: %U",
2087  return 0;
2088 }
2089 
2092  u32 desired_min_tx_usec,
2093  u32 required_min_rx_usec, u8 detect_mult)
2094 {
2095  if (bs->local_detect_mult != detect_mult ||
2096  bs->config_desired_min_tx_usec != desired_min_tx_usec ||
2097  bs->config_required_min_rx_usec != required_min_rx_usec)
2098  {
2099  BFD_DBG ("\nChanging session params: %U", format_bfd_session, bs);
2100  switch (bs->poll_state)
2101  {
2102  case BFD_POLL_NOT_NEEDED:
2103  if (BFD_STATE_up == bs->local_state ||
2104  BFD_STATE_init == bs->local_state)
2105  {
2106  /* poll sequence is not needed for detect multiplier change */
2107  if (bs->config_desired_min_tx_usec != desired_min_tx_usec ||
2108  bs->config_required_min_rx_usec != required_min_rx_usec)
2109  {
2110  bfd_set_poll_state (bs, BFD_POLL_NEEDED);
2111  }
2112  }
2113  break;
2114  case BFD_POLL_NEEDED:
2115  case BFD_POLL_IN_PROGRESS_AND_QUEUED:
2116  /*
2117  * nothing to do - will be handled in the future poll which is
2118  * already scheduled for execution
2119  */
2120  break;
2121  case BFD_POLL_IN_PROGRESS:
2122  /* poll sequence is not needed for detect multiplier change */
2123  if (bs->config_desired_min_tx_usec != desired_min_tx_usec ||
2124  bs->config_required_min_rx_usec != required_min_rx_usec)
2125  {
2126  BFD_DBG ("Poll in progress, queueing extra poll, bs_idx=%u",
2127  bs->bs_idx);
2128  bfd_set_poll_state (bs, BFD_POLL_IN_PROGRESS_AND_QUEUED);
2129  }
2130  }
2131 
2132  bs->local_detect_mult = detect_mult;
2133  bs->config_desired_min_tx_usec = desired_min_tx_usec;
2134  bs->config_desired_min_tx_nsec = bfd_usec_to_nsec (desired_min_tx_usec);
2135  bs->config_required_min_rx_usec = required_min_rx_usec;
2137  bfd_usec_to_nsec (required_min_rx_usec);
2138  BFD_DBG ("\nChanged session params: %U", format_bfd_session, bs);
2139 
2140  vlib_log_info (bm->log_class, "changed session params: %U",
2144  }
2145  else
2146  {
2147  BFD_DBG ("Ignore parameter change - no change, bs_idx=%u", bs->bs_idx);
2148  }
2149  return 0;
2150 }
2151 
2153 bfd_auth_set_key (u32 conf_key_id, u8 auth_type, u8 key_len,
2154  const u8 * key_data)
2155 {
2156  bfd_main_t *bm = &bfd_main;
2157  bfd_auth_key_t *auth_key = NULL;
2158  if (!key_len || key_len > bfd_max_key_len_for_auth_type (auth_type))
2159  {
2160  vlib_log_err (bm->log_class,
2161  "invalid authentication key length for auth_type=%d:%s "
2162  "(key_len=%u, must be non-zero, expected max=%u)",
2163  auth_type, bfd_auth_type_str (auth_type), key_len,
2164  (u32) bfd_max_key_len_for_auth_type (auth_type));
2165  return VNET_API_ERROR_INVALID_VALUE;
2166  }
2167  if (!bfd_auth_type_supported (auth_type))
2168  {
2169  vlib_log_err (bm->log_class, "unsupported auth type=%d:%s", auth_type,
2170  bfd_auth_type_str (auth_type));
2171  return VNET_API_ERROR_BFD_NOTSUPP;
2172  }
2173  uword *key_idx_p = hash_get (bm->auth_key_by_conf_key_id, conf_key_id);
2174  if (key_idx_p)
2175  {
2176  /* modifying existing key - must not be used */
2177  const uword key_idx = *key_idx_p;
2178  auth_key = pool_elt_at_index (bm->auth_keys, key_idx);
2179  if (auth_key->use_count > 0)
2180  {
2181  vlib_log_err (bm->log_class,
2182  "authentication key with conf ID %u in use by %u BFD "
2183  "session(s) - cannot modify", conf_key_id,
2184  auth_key->use_count);
2185  return VNET_API_ERROR_BFD_EINUSE;
2186  }
2187  }
2188  else
2189  {
2190  /* adding new key */
2191  pool_get (bm->auth_keys, auth_key);
2192  auth_key->conf_key_id = conf_key_id;
2193  hash_set (bm->auth_key_by_conf_key_id, conf_key_id,
2194  auth_key - bm->auth_keys);
2195  }
2196  auth_key->auth_type = auth_type;
2197  clib_memset (auth_key->key, 0, sizeof (auth_key->key));
2198  clib_memcpy (auth_key->key, key_data, key_len);
2199  return 0;
2200 }
2201 
2203 bfd_auth_del_key (u32 conf_key_id)
2204 {
2205  bfd_auth_key_t *auth_key = NULL;
2206  bfd_main_t *bm = &bfd_main;
2207  uword *key_idx_p = hash_get (bm->auth_key_by_conf_key_id, conf_key_id);
2208  if (key_idx_p)
2209  {
2210  /* deleting existing key - must not be used */
2211  const uword key_idx = *key_idx_p;
2212  auth_key = pool_elt_at_index (bm->auth_keys, key_idx);
2213  if (auth_key->use_count > 0)
2214  {
2215  vlib_log_err (bm->log_class,
2216  "authentication key with conf ID %u in use by %u BFD "
2217  "session(s) - cannot delete", conf_key_id,
2218  auth_key->use_count);
2219  return VNET_API_ERROR_BFD_EINUSE;
2220  }
2221  hash_unset (bm->auth_key_by_conf_key_id, conf_key_id);
2222  clib_memset (auth_key, 0, sizeof (*auth_key));
2223  pool_put (bm->auth_keys, auth_key);
2224  }
2225  else
2226  {
2227  /* no such key */
2228  vlib_log_err (bm->log_class,
2229  "authentication key with conf ID %u does not exist",
2230  conf_key_id);
2231  return VNET_API_ERROR_BFD_ENOENT;
2232  }
2233  return 0;
2234 }
2235 
2237 
2238 /*
2239  * fd.io coding-style-patch-verification: ON
2240  *
2241  * Local Variables:
2242  * eval: (c-set-style "gnu")
2243  * End:
2244  */
vlib_process_signal_event_mt
static void vlib_process_signal_event_mt(vlib_main_t *vm, uword node_index, uword type_opaque, uword data)
Signal event to process from any thread.
Definition: node_funcs.h:1043
bfd_session_s::remote_desired_min_tx_nsec
u64 remote_desired_min_tx_nsec
remote desired min tx interval (nsec)
Definition: bfd_main.h:142
clib_spinlock_init
static void clib_spinlock_init(clib_spinlock_t *p)
Definition: lock.h:65
bfd_process
static uword bfd_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
Definition: bfd_main.c:1130
bfd_pkt_set_poll
void bfd_pkt_set_poll(bfd_pkt_t *pkt)
Definition: bfd_protocol.c:66
bfd_pkt_get_final
u8 bfd_pkt_get_final(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:72
vnet_crypto_op_t::digest
u8 * digest
Definition: crypto.h:299
bfd_session_s::last_rx_nsec
u64 last_rx_nsec
timestamp of last packet received
Definition: bfd_main.h:172
bfd_session_start
void bfd_session_start(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:448
bfd_session_s::remote_discr
u32 remote_discr
remote discriminator
Definition: bfd_main.h:109
bfd_session_s::remote_diag
bfd_diag_code_e remote_diag
remote diagnostics
Definition: bfd_main.h:103
vnet_crypto_op_init
static_always_inline void vnet_crypto_op_init(vnet_crypto_op_t *op, vnet_crypto_op_id_t type)
Definition: crypto.h:528
bfd_add_auth_section
static void bfd_add_auth_section(vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t *bs)
Definition: bfd_main.c:818
bfd_main_t::vlib_main
vlib_main_t * vlib_main
convenience variables
Definition: bfd_main.h:297
auth
vl_api_ikev2_auth_t auth
Definition: ikev2_types.api:88
api.h
bfd_main_init
static clib_error_t * bfd_main_init(vlib_main_t *vm)
Definition: bfd_main.c:1324
bfd_session_s::transport
bfd_transport_e transport
transport type for this session
Definition: bfd_main.h:236
bfd_pkt_get_diag_code
u8 bfd_pkt_get_diag_code(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:35
bfd_session_s::effective_desired_min_tx_nsec
u64 effective_desired_min_tx_nsec
effective desired min tx interval (nsec)
Definition: bfd_main.h:118
bfd_usec_to_nsec
static u64 bfd_usec_to_nsec(u64 us)
Definition: bfd_main.c:48
bfd_verify_pkt_auth_seq_num
static int bfd_verify_pkt_auth_seq_num(vlib_main_t *vm, bfd_session_t *bs, u32 received_seq_num, int is_meticulous)
Definition: bfd_main.c:1516
bfd_notify_fn_t
void(* bfd_notify_fn_t)(bfd_listen_event_e, const bfd_session_t *)
session nitification call back function type
Definition: bfd_main.h:263
bfd_session_s::last_tx_nsec
u64 last_tx_nsec
timestamp of last packet transmitted
Definition: bfd_main.h:169
bfd_auth_type_e
bfd_auth_type_e
Definition: bfd_protocol.h:36
crypto.h
clib_memcpy
#define clib_memcpy(d, s, n)
Definition: string.h:197
bfd_set_effective_required_min_rx
static void bfd_set_effective_required_min_rx(bfd_main_t *bm, bfd_session_t *bs, u64 required_min_rx_nsec)
Definition: bfd_main.c:395
bfd_lock
static void bfd_lock(bfd_main_t *bm)
Definition: bfd_main.h:368
clib_max
#define clib_max(x, y)
Definition: clib.h:335
vlib_get_buffer
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
Definition: buffer_funcs.h:111
bfd_auth_activate
vnet_api_error_t bfd_auth_activate(bfd_session_t *bs, u32 conf_key_id, u8 bfd_key_id, u8 is_delayed)
Definition: bfd_main.c:2006
vlib_process_wait_for_event
static uword * vlib_process_wait_for_event(vlib_main_t *vm)
Definition: node_funcs.h:660
f
vlib_frame_t * f
Definition: interface_output.c:1080
BFD_INPUT_NEXT_NORMAL
@ BFD_INPUT_NEXT_NORMAL
Definition: bfd_main.c:94
pool_elt_at_index
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:553
bfd_diag_code_e
bfd_diag_code_e
Definition: bfd_protocol.h:177
bfd_recalc_echo_tx_interval
static void bfd_recalc_echo_tx_interval(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:184
next
u16 * next
Definition: nat44_ei_out2in.c:718
bfd_on_state_change
static void bfd_on_state_change(bfd_main_t *bm, bfd_session_t *bs, u64 now, int handling_wakeup)
Definition: bfd_main.c:631
bfd_state_e
bfd_state_e
Definition: bfd_protocol.h:195
vlib_log_register_class
vlib_log_class_t vlib_log_register_class(char *class, char *subclass)
Definition: log.c:339
format_hex_bytes
u8 * format_hex_bytes(u8 *s, va_list *va)
Definition: std-formats.c:84
bfd_session_s::config_desired_min_tx_usec
u32 config_desired_min_tx_usec
configured desired min tx interval (microseconds)
Definition: bfd_main.h:112
node
vlib_main_t vlib_node_runtime_t * node
Definition: nat44_ei.c:3047
bfd_session_s::next_key
bfd_auth_key_t * next_key
set to next key to use if delayed switch is enabled - in that case the key is switched when first inc...
Definition: bfd_main.h:211
bfd_debug.h
BFD global declarations.
tw_timer_expire_timers_vec
__clib_export u32 *TW() tw_timer_expire_timers_vec(TWT(tw_timer_wheel) *tw, f64 now, u32 *vec)
Definition: tw_timer_template.c:820
bfd_pkt_set_version
void bfd_pkt_set_version(bfd_pkt_t *pkt, int version)
Definition: bfd_protocol.c:28
NSEC_PER_USEC
#define NSEC_PER_USEC
Definition: bfd_main.h:443
bfd_transport_e
bfd_transport_e
Definition: bfd_api.h:30
bfd_session_s::hop_type
bfd_hop_type_e hop_type
BFD hop type.
Definition: bfd_main.h:97
vnet_crypto_op_t::src
u8 * src
Definition: crypto.h:277
u16
unsigned short u16
Definition: types.h:57
bfd_session_s::detection_time_nsec
u64 detection_time_nsec
detection time
Definition: bfd_main.h:190
tw_timer_update
__clib_export void TW() tw_timer_update(TWT(tw_timer_wheel) *tw, u32 handle, u64 interval)
Update a tw timer.
Definition: tw_timer_template.c:392
BFD_EVENT_RESCHEDULE
@ BFD_EVENT_RESCHEDULE
Definition: bfd_main.h:350
bfd_session_s::local_discr
u32 local_discr
local discriminator
Definition: bfd_main.h:106
bfd_auth_key_t::conf_key_id
u32 conf_key_id
global configuration key ID
Definition: bfd_main.h:43
VNET_SW_INTERFACE_FLAG_ADMIN_UP
@ VNET_SW_INTERFACE_FLAG_ADMIN_UP
Definition: interface.h:843
pool_put
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:305
bfd_main_t::lock
clib_spinlock_t lock
lock to protect data structures
Definition: bfd_main.h:268
vm
vlib_main_t * vm
X-connect all packets from the HOST to the PHY.
Definition: nat44_ei.c:3047
bfd_notify_listeners
static void bfd_notify_listeners(bfd_main_t *bm, bfd_listen_event_e event, const bfd_session_t *bs)
Definition: bfd_main.c:437
VNET_HW_INTERFACE_FLAG_LINK_UP
@ VNET_HW_INTERFACE_FLAG_LINK_UP
Definition: interface.h:509
state
vl_api_dhcp_client_state_t state
Definition: dhcp.api:201
bfd_poll_state_string
const char * bfd_poll_state_string(bfd_poll_state_e state)
Definition: bfd_main.c:150
bfd_process_node
static vlib_node_registration_t bfd_process_node
(constructor) VLIB_REGISTER_NODE (bfd_process_node)
Definition: bfd_main.c:68
BFD_DEFAULT_DESIRED_MIN_TX_USEC
#define BFD_DEFAULT_DESIRED_MIN_TX_USEC
default, slow transmission interval for BFD packets, per spec at least 1s
Definition: bfd_main.h:452
bfd_rpc_notify_listeners_t
Definition: bfd_main.c:596
bfd_main_t::session_by_disc
u32 * session_by_disc
hashmap - bfd session by discriminator
Definition: bfd_main.h:291
bfd_session_s::transmit_interval_nsec
u64 transmit_interval_nsec
transmit interval
Definition: bfd_main.h:163
BFD_EVENT_CONFIG_CHANGED
@ BFD_EVENT_CONFIG_CHANGED
Definition: bfd_main.h:352
bfd_register_listener
void bfd_register_listener(bfd_notify_fn_t fn)
Register a callback function to receive session notifications.
Definition: bfd_main.c:1313
bfd_rpc_event_t::bs_idx
u32 bs_idx
Definition: bfd_main.c:556
bfd_set_remote_required_min_rx
static void bfd_set_remote_required_min_rx(bfd_main_t *bm, bfd_session_t *bs, u64 now, u32 remote_required_min_rx_usec)
Definition: bfd_main.c:406
bfd_session_s::effective_required_min_rx_nsec
u64 effective_required_min_rx_nsec
effective required min rx interval (nsec)
Definition: bfd_main.h:127
bfd_session_s::local_seq_number
u32 local_seq_number
sequence number incremented occasionally or always (if meticulous)
Definition: bfd_main.h:214
bfd_pkt_get_auth_present
u8 bfd_pkt_get_auth_present(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:98
bfd_session_set_params
vnet_api_error_t bfd_session_set_params(bfd_main_t *bm, bfd_session_t *bs, u32 desired_min_tx_usec, u32 required_min_rx_usec, u8 detect_mult)
Definition: bfd_main.c:2091
vnet_crypto_op_t::len
u32 len
Definition: crypto.h:287
vlib_frame_t
Definition: node.h:372
vlib_process_signal_event
static void vlib_process_signal_event(vlib_main_t *vm, uword node_index, uword type_opaque, uword data)
Definition: node_funcs.h:1019
bfd_main_t::vnet_main
vnet_main_t * vnet_main
Definition: bfd_main.h:298
bfd_add_transport_layer
static void bfd_add_transport_layer(vlib_main_t *vm, u32 bi, bfd_session_t *bs)
Definition: bfd_main.c:714
random_f64
static f64 random_f64(u32 *seed)
Generate f64 random number in the interval [0,1].
Definition: random.h:145
bfd_session_s::event_time_nsec
u64 event_time_nsec
next event time in nsec for this session (0 if no event)
Definition: bfd_main.h:157
vlib_log_info
#define vlib_log_info(...)
Definition: log.h:136
bfd_calc_echo_checksum
static u64 bfd_calc_echo_checksum(u32 discriminator, u64 expire_time, u32 secret)
Definition: bfd_main.c:34
ethernet.h
bfd_set_defaults
static void bfd_set_defaults(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:102
bfd_poll_state_e
bfd_poll_state_e
Definition: bfd_main.h:64
bfd_put_session
void bfd_put_session(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:1389
vlib_log_err
#define vlib_log_err(...)
Definition: log.h:133
bfd_verify_pkt_auth_key
static int bfd_verify_pkt_auth_key(vlib_main_t *vm, const bfd_pkt_t *pkt, u32 pkt_size, bfd_session_t *bs, u8 bfd_key_id, bfd_auth_key_t *auth_key)
Definition: bfd_main.c:1651
bfd_calc_next_tx
static void bfd_calc_next_tx(bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:193
key
typedef key
Definition: ipsec_types.api:88
bfd_session_s::next_bfd_key_id
u8 next_bfd_key_id
key ID to use when switched to next_key
Definition: bfd_main.h:226
bfd_session_s::config_required_min_rx_nsec
u64 config_required_min_rx_nsec
configured required min rx interval (nsec)
Definition: bfd_main.h:124
bfd_session_s::config_desired_min_tx_nsec
u64 config_desired_min_tx_nsec
configured desired min tx interval (nsec)
Definition: bfd_main.h:115
bfd_add_sha1_auth_section
static void bfd_add_sha1_auth_section(vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t *bs)
Definition: bfd_main.c:781
vnet_crypto_op_t
Definition: crypto.h:255
random_u32
static u32 random_u32(u32 *seed)
32-bit random number generator
Definition: random.h:69
bfd_session_s::bs_idx
u32 bs_idx
index in bfd_main.sessions pool
Definition: bfd_main.h:88
pool_is_free_index
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
Definition: pool.h:302
bfd_main_t
Definition: bfd_main.h:265
bfd_set_state
static void bfd_set_state(vlib_main_t *vm, bfd_main_t *bm, bfd_session_t *bs, bfd_state_e new_state, int handling_wakeup)
Definition: bfd_main.c:135
hash_set
#define hash_set(h, key, value)
Definition: hash.h:255
bfd_transport_control_frame
static int bfd_transport_control_frame(vlib_main_t *vm, u32 bi, bfd_session_t *bs)
Definition: bfd_main.c:730
bfd_get_session
bfd_session_t * bfd_get_session(bfd_main_t *bm, bfd_transport_e t)
Definition: bfd_main.c:1355
vlib_process_get_events
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type,...
Definition: node_funcs.h:583
vlib_buffer_t::current_data
i16 current_data
signed offset in data[], pre_data[] that we are currently processing.
Definition: buffer.h:119
bfd_set_diag
static void bfd_set_diag(bfd_session_t *bs, bfd_diag_code_e code)
Definition: bfd_main.c:124
bfd_main.h
BFD global declarations.
vlib_thread_main_t::n_vlib_mains
u32 n_vlib_mains
Definition: threads.h:283
bfd_add_udp6_transport
int bfd_add_udp6_transport(vlib_main_t *vm, u32 bi, const bfd_session_t *bs, int is_echo)
Definition: bfd_udp.c:308
bfd_main_t::bfd_process_next_wakeup_nsec
u64 bfd_process_next_wakeup_nsec
When the bfd process is supposed to wake up next.
Definition: bfd_main.h:282
vnet_crypto_process_ops
u32 vnet_crypto_process_ops(vlib_main_t *vm, vnet_crypto_op_t ops[], u32 n_ops)
Definition: crypto.c:99
bfd_session_s::remote_detect_mult
u8 remote_detect_mult
remote detect multiplier
Definition: bfd_main.h:151
vec_len
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
Definition: vec_bootstrap.h:142
packet.h
bfd_pkt_set_state
void bfd_pkt_set_state(bfd_pkt_t *pkt, int value)
Definition: bfd_protocol.c:54
error.h
random.h
bfd_session_s::remote_min_echo_rx_usec
u64 remote_min_echo_rx_usec
remote min echo rx interval (microseconds)
Definition: bfd_main.h:136
vec_add1
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
Definition: vec.h:606
vlib_buffer_alloc
static __clib_warn_unused_result u32 vlib_buffer_alloc(vlib_main_t *vm, u32 *buffers, u32 n_buffers)
Allocate buffers into supplied array.
Definition: buffer_funcs.h:708
bfd_session_s
Definition: bfd_main.h:85
bfd_main_t::random_seed
u32 random_seed
for generating random numbers
Definition: bfd_main.h:310
bfd_session_s::poll_state_start_or_timeout_nsec
u64 poll_state_start_or_timeout_nsec
helper for delayed poll sequence - marks either start of running poll sequence or timeout,...
Definition: bfd_main.h:199
CLIB_UNUSED
#define CLIB_UNUSED(x)
Definition: clib.h:90
bfd_rpc_notify_listeners_cb
static void bfd_rpc_notify_listeners_cb(const bfd_rpc_notify_listeners_t *a)
Definition: bfd_main.c:602
bfd_lock_check
static void bfd_lock_check(bfd_main_t *bm)
Definition: bfd_main.h:401
vnet_get_main
vnet_main_t * vnet_get_main(void)
Definition: pnat_test_stubs.h:56
bfd_send_periodic
static void bfd_send_periodic(vlib_main_t *vm, vlib_node_runtime_t *rt, bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:950
bfd_send_echo
static void bfd_send_echo(vlib_main_t *vm, vlib_node_runtime_t *rt, bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:895
vlib_get_thread_index
static_always_inline uword vlib_get_thread_index(void)
Definition: threads.h:208
bfd_auth_type_is_meticulous
static int bfd_auth_type_is_meticulous(bfd_auth_type_e auth_type)
Definition: bfd_main.c:1505
bfd_session_s::local_state
bfd_state_e local_state
session state
Definition: bfd_main.h:91
vlib_get_buffer_index
static u32 vlib_get_buffer_index(vlib_main_t *vm, void *p)
Translate buffer pointer into buffer index.
Definition: buffer_funcs.h:324
bfd_protocol.h
BFD protocol declarations.
bfd_session_switch_auth_to_next
static void bfd_session_switch_auth_to_next(bfd_session_t *bs)
Definition: bfd_main.c:1489
log.h
bfd_session_s::remote_min_rx_nsec
u64 remote_min_rx_nsec
remote min rx interval (nsec)
Definition: bfd_main.h:133
format_bfd_auth_key
u8 * format_bfd_auth_key(u8 *s, va_list *args)
Definition: bfd_main.c:71
bfd_echo_add_transport_layer
static int bfd_echo_add_transport_layer(vlib_main_t *vm, u32 bi, bfd_session_t *bs)
Definition: bfd_main.c:747
bfd_nsec_to_usec
u32 bfd_nsec_to_usec(u64 nsec)
Definition: bfd_main.c:54
bfd_add_udp4_transport
int bfd_add_udp4_transport(vlib_main_t *vm, u32 bi, const bfd_session_t *bs, int is_echo)
Definition: bfd_udp.c:253
bfd_session_s::remote_seq_number
u32 remote_seq_number
remote sequence number
Definition: bfd_main.h:217
bfd_auth_type_str
const char * bfd_auth_type_str(bfd_auth_type_e auth_type)
Definition: bfd_protocol.c:151
uword
u64 uword
Definition: types.h:112
if
if(node->flags &VLIB_NODE_FLAG_TRACE) vnet_interface_output_trace(vm
vlib_thread_main
vlib_thread_main_t vlib_thread_main
Definition: threads.c:36
hash_get
#define hash_get(h, key)
Definition: hash.h:249
bfd_pkt_set_diag_code
void bfd_pkt_set_diag_code(bfd_pkt_t *pkt, int value)
Definition: bfd_protocol.c:41
bfd_transport_udp4
int bfd_transport_udp4(vlib_main_t *vm, u32 bi, const struct bfd_session_s *bs)
transport packet over udpv4
Definition: bfd_udp.c:438
bfd_main_t::sessions
bfd_session_t * sessions
pool of bfd sessions context data
Definition: bfd_main.h:285
bfd_calc_next_echo_tx
static void bfd_calc_next_echo_tx(bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:243
bfd_event
void bfd_event(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_api.c:220
bfd_rpc_event_t
Definition: bfd_main.c:554
bfd_recalc_tx_interval
static void bfd_recalc_tx_interval(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:175
bfd_auth_type_supported
unsigned bfd_auth_type_supported(bfd_auth_type_e auth_type)
Definition: bfd_main.c:1995
bfd_main_t::bfd_process_node_index
u32 bfd_process_node_index
background process node index
Definition: bfd_main.h:294
f64
double f64
Definition: types.h:142
bfd_set_poll_state
static void bfd_set_poll_state(bfd_session_t *bs, bfd_poll_state_e state)
Definition: bfd_main.c:164
bfd_input_next_t
bfd_input_next_t
Definition: bfd_main.c:92
pool_get
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:255
bfd_main_t::bfd_process_wakeup_events_in_flight
int bfd_process_wakeup_events_in_flight
Number of event wakeup RPCs in flight.
Definition: bfd_main.h:273
tw_timer_wheel_init
__clib_export void TW() tw_timer_wheel_init(TWT(tw_timer_wheel) *tw, void *expired_timer_callback, f64 timer_interval_in_seconds, u32 max_expirations)
Initialize a tw timer wheel template instance.
Definition: tw_timer_template.c:408
vlib_log_debug
#define vlib_log_debug(...)
Definition: log.h:137
bfd_session_s::curr_key
bfd_auth_key_t * curr_key
current key in use
Definition: bfd_main.h:205
clib_xxhash
static u64 clib_xxhash(u64 key)
Definition: xxhash.h:58
bfd_session_s::remote_seq_number_known
u8 remote_seq_number_known
set to 1 if remote sequence number is known
Definition: bfd_main.h:220
bfd_sw_interface_up_down
static clib_error_t * bfd_sw_interface_up_down(vnet_main_t *vnm, u32 sw_if_index, u32 flags)
Definition: bfd_main.c:1286
vlib_log_crit
#define vlib_log_crit(...)
Definition: log.h:132
bfd_recalc_detection_time
static void bfd_recalc_detection_time(bfd_main_t *bm, bfd_session_t *bs)
Definition: bfd_main.c:264
clib_min
#define clib_min(x, y)
Definition: clib.h:342
vlib_node_registration_t
struct _vlib_node_registration vlib_node_registration_t
bfd_main_t::bfd_process_wakeup_event_start_nsec
u64 bfd_process_wakeup_event_start_nsec
The timestamp of last wakeup event being sent.
Definition: bfd_main.h:276
bfd_input_format_trace
u8 * bfd_input_format_trace(u8 *s, va_list *args)
Definition: bfd_main.c:488
vlib_buffer_t::current_length
u16 current_length
Nbytes between current data and the end of this buffer.
Definition: buffer.h:122
bfd_on_timeout
void bfd_on_timeout(vlib_main_t *vm, vlib_node_runtime_t *rt, bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:1085
BFD_INPUT_N_NEXT
@ BFD_INPUT_N_NEXT
Definition: bfd_main.c:95
bfd_session_s::tx_timeout_nsec
u64 tx_timeout_nsec
next time at which to transmit a packet
Definition: bfd_main.h:166
bfd_diag_code_string
const char * bfd_diag_code_string(bfd_diag_code_e diag)
Definition: bfd_protocol.c:164
bfd_pkt_set_final
void bfd_pkt_set_final(bfd_pkt_t *pkt)
Definition: bfd_protocol.c:78
bfd_main_t::auth_key_by_conf_key_id
u32 * auth_key_by_conf_key_id
hashmap - index in pool auth_keys by conf_key_id
Definition: bfd_main.h:316
data
u8 data[128]
Definition: ipsec_types.api:92
BFD_TW_TPS
#define BFD_TW_TPS
timing wheel tick-rate, 1ms should be good enough
Definition: bfd_main.h:449
bfd_auth_key_t::use_count
u32 use_count
keeps track of how many sessions reference this key
Definition: bfd_main.h:46
bfd_pkt_set_auth_present
void bfd_pkt_set_auth_present(bfd_pkt_t *pkt)
Definition: bfd_protocol.c:104
bfd_find_session_by_disc
bfd_session_t * bfd_find_session_by_disc(bfd_main_t *bm, u32 disc)
Definition: bfd_main.c:1421
xxhash.h
vnet_main_t
Definition: vnet.h:76
bfd_main_t::bfd_process_wakeup_event_delay_nsec
u64 bfd_process_wakeup_event_delay_nsec
The time it took the last wakeup event to make it to handling.
Definition: bfd_main.h:279
bfd_session_s::curr_bfd_key_id
u8 curr_bfd_key_id
current key ID sent out in bfd packet
Definition: bfd_main.h:223
bfd_pkt_get_state
u8 bfd_pkt_get_state(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:48
always_inline
#define always_inline
Definition: rdma_mlx5dv.h:23
tw_timer_start
__clib_export u32 TW() tw_timer_start(TWT(tw_timer_wheel) *tw, u32 user_id, u32 timer_id, u64 interval)
Start a Tw Timer.
Definition: tw_timer_template.c:296
BFD_REQUIRED_MIN_RX_USEC_WHILE_ECHO
#define BFD_REQUIRED_MIN_RX_USEC_WHILE_ECHO
minimum required min rx set locally when echo function is used, per spec should be set to at least 1s
Definition: bfd_main.h:458
bfd_verify_pkt_common
int bfd_verify_pkt_common(const bfd_pkt_t *pkt)
verify bfd packet - common checks
Definition: bfd_main.c:1440
bfd_on_config_change
static void bfd_on_config_change(vlib_main_t *vm, vlib_node_runtime_t *rt, bfd_main_t *bm, bfd_session_t *bs, u64 now)
Definition: bfd_main.c:697
bfd_session_s::local_detect_mult
u8 local_detect_mult
configured detect multiplier
Definition: bfd_main.h:145
bfd_session_s::echo_tx_timeout_nsec
u64 echo_tx_timeout_nsec
next time at which to transmit echo packet
Definition: bfd_main.h:178
u64
unsigned long u64
Definition: types.h:89
bfd_verify_pkt_auth
int bfd_verify_pkt_auth(vlib_main_t *vm, const bfd_pkt_t *pkt, u16 pkt_size, bfd_session_t *bs)
verify bfd packet - authentication
Definition: bfd_main.c:1705
bfd_max_key_len_for_auth_type
u32 bfd_max_key_len_for_auth_type(bfd_auth_type_e auth_type)
get the maximum length of key data for given auth type
Definition: bfd_protocol.c:138
bfd_verify_pkt_auth_key_sha1
static int bfd_verify_pkt_auth_key_sha1(vlib_main_t *vm, const bfd_pkt_t *pkt, u32 pkt_size, bfd_session_t *bs, u8 bfd_key_id, bfd_auth_key_t *auth_key)
Definition: bfd_main.c:1583
vlib_process_wait_for_event_or_clock
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
Definition: node_funcs.h:755
bfd_unlock
static void bfd_unlock(bfd_main_t *bm)
Definition: bfd_main.h:385
format
description fragment has unexpected format
Definition: map.api:433
ASSERT
#define ASSERT(truth)
Definition: error_bootstrap.h:69
bfd_session_s::local_diag
bfd_diag_code_e local_diag
local diagnostics
Definition: bfd_main.h:100
bfd_main_t::owner_thread_index
uword owner_thread_index
Definition: bfd_main.h:270
bfd_init_control_frame
static void bfd_init_control_frame(bfd_main_t *bm, bfd_session_t *bs, vlib_buffer_t *b)
Definition: bfd_main.c:864
bfd_pkt_get_poll
u8 bfd_pkt_get_poll(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:60
u32
unsigned int u32
Definition: types.h:88
bfd_pkt_get_demand
u8 bfd_pkt_get_demand(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:110
VLIB_INIT_FUNCTION
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:172
bfd_pkt_get_version
u8 bfd_pkt_get_version(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:22
bfd_find_session_by_idx
bfd_session_t * bfd_find_session_by_idx(bfd_main_t *bm, uword bs_idx)
Definition: bfd_main.c:1410
bfd_main_t::listeners
bfd_notify_fn_t * listeners
vector of callback notification functions
Definition: bfd_main.h:319
bfd_session_s::remote_demand
u8 remote_demand
1 if remote system sets demand mode, 0 otherwise
Definition: bfd_main.h:148
vlib_thread_main_t
Definition: threads.h:264
VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION
VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION(bfd_hw_interface_up_down)
BFD_DBG
#define BFD_DBG(...)
Definition: bfd_debug.h:71
vec_foreach
#define vec_foreach(var, vec)
Vector iterator.
Definition: vec_bootstrap.h:213
bfd_session_s::tw_id
u32 tw_id
timing wheel internal id used to manipulate timer (if set)
Definition: bfd_main.h:160
bfd_init_final_control_frame
void bfd_init_final_control_frame(vlib_main_t *vm, vlib_buffer_t *b, bfd_main_t *bm, bfd_session_t *bs, int is_local)
Definition: bfd_main.c:1025
vl_api_rpc_call_main_thread
void vl_api_rpc_call_main_thread(void *fp, u8 *data, u32 data_length)
Definition: vlib_api.c:620
bfd_session_s::remote_state
bfd_state_e remote_state
remote session state
Definition: bfd_main.h:94
VLIB_NODE_TYPE_PROCESS
@ VLIB_NODE_TYPE_PROCESS
Definition: node.h:84
pool_elts
static uword pool_elts(void *v)
Number of active elements in a pool.
Definition: pool.h:127
bfd_main_t::log_class
vlib_log_class_t log_class
log class
Definition: bfd_main.h:322
bfd_session_set_flags
void bfd_session_set_flags(vlib_main_t *vm, bfd_session_t *bs, u8 admin_up_down)
Definition: bfd_main.c:461
bfd_auth_deactivate
vnet_api_error_t bfd_auth_deactivate(bfd_session_t *bs, u8 is_delayed)
Definition: bfd_main.c:2055
bfd_main_t::nsec_per_tw_tick
u64 nsec_per_tw_tick
how many nanoseconds is one timing wheel tick
Definition: bfd_main.h:301
now
f64 now
Definition: nat44_ei_out2in.c:710
bfd_main
bfd_main_t bfd_main
Definition: bfd_main.c:2236
hash_unset
#define hash_unset(h, key)
Definition: hash.h:261
clib_memset
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
vlib_main_t
Definition: main.h:102
bfd_pkt_get_control_plane_independent
u8 bfd_pkt_get_control_plane_independent(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:84
bfd_input_trace_t::data
u8 data[400]
Definition: bfd_main.h:345
vlib_node_t
Definition: node.h:247
hash.h
bfd_session_s::remote_min_echo_rx_nsec
u64 remote_min_echo_rx_nsec
remote min echo rx interval (nsec)
Definition: bfd_main.h:139
b
vlib_buffer_t ** b
Definition: nat44_ei_out2in.c:717
u8
unsigned char u8
Definition: types.h:56
clib_error_t
Definition: clib_error.h:21
a
a
Definition: bitmap.h:544
bfd_auth_del_key
vnet_api_error_t bfd_auth_del_key(u32 conf_key_id)
delete existing authentication key
Definition: bfd_main.c:2203
vlib_buffer_get_current
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
Definition: buffer.h:257
rt
vnet_interface_output_runtime_t * rt
Definition: interface_output.c:399
bfd_session_s::is_delayed
u8 is_delayed
set to 1 if delayed action is pending, which might be activation of authentication,...
Definition: bfd_main.h:232
bfd_main_t::min_required_min_rx_while_echo_nsec
u64 min_required_min_rx_while_echo_nsec
minimum required min rx while echo function is active - nsec
Definition: bfd_main.h:307
vlib_init_function_t
clib_error_t *() vlib_init_function_t(struct vlib_main_t *vm)
Definition: init.h:51
bfd_session_s::poll_state
bfd_poll_state_e poll_state
state info regarding poll sequence
Definition: bfd_main.h:193
bfd_rpc_event_cb
static void bfd_rpc_event_cb(const bfd_rpc_event_t *a)
Definition: bfd_main.c:560
bfd_main_t::default_desired_min_tx_nsec
u64 default_desired_min_tx_nsec
default desired min tx in nsec
Definition: bfd_main.h:304
bfd_hw_interface_up_down
static clib_error_t * bfd_hw_interface_up_down(vnet_main_t *vnm, u32 hw_if_index, u32 flags)
Definition: bfd_main.c:1300
foreach_bfd_poll_state
@ foreach_bfd_poll_state
Definition: bfd_main.h:67
bfd_consume_echo_pkt
int bfd_consume_echo_pkt(vlib_main_t *vm, bfd_main_t *bm, vlib_buffer_t *b)
Definition: bfd_main.c:1918
bfd_udp_is_echo_available
int bfd_udp_is_echo_available(bfd_transport_e transport)
check if the bfd udp layer is echo-capable at this time
Definition: bfd_udp.c:105
bfd_time_now_nsec
static u64 bfd_time_now_nsec(vlib_main_t *vm, f64 *vm_time)
Definition: bfd_main.c:60
bfd_set_timer
static void bfd_set_timer(bfd_main_t *bm, bfd_session_t *bs, u64 now, int handling_wakeup)
Definition: bfd_main.c:279
VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION
VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION(bfd_sw_interface_up_down)
bfd_check_rx_timeout
static void bfd_check_rx_timeout(vlib_main_t *vm, bfd_main_t *bm, bfd_session_t *bs, u64 now, int handling_wakeup)
Definition: bfd_main.c:1044
key_len
u16 key_len
Definition: ikev2_types.api:95
vlib_buffer_free_one
static void vlib_buffer_free_one(vlib_main_t *vm, u32 buffer_index)
Free one buffer Shorthand to free a single buffer chain.
Definition: buffer_funcs.h:1015
bfd_listen_event_e
bfd_listen_event_e
Definition: bfd_main.h:253
bfd_consume_pkt
void bfd_consume_pkt(vlib_main_t *vm, bfd_main_t *bm, const bfd_pkt_t *pkt, u32 bs_idx)
Definition: bfd_main.c:1784
bfd_state_string
const char * bfd_state_string(bfd_state_e state)
Definition: bfd_protocol.c:177
TW
#define TW(a)
Definition: tw_timer_template.h:31
vlib_time_now
static f64 vlib_time_now(vlib_main_t *vm)
Definition: main.h:325
bfd_notify_listeners_rpc
static void bfd_notify_listeners_rpc(u32 bs_idx)
Definition: bfd_main.c:621
bfd_auth_key_t
Definition: bfd_main.h:40
bfd_auth_key_t::auth_type
bfd_auth_type_e auth_type
authentication type for this key
Definition: bfd_main.h:55
bfd_input_trace_t::len
u32 len
Definition: bfd_main.h:344
bfd_pkt_get_multipoint
u8 bfd_pkt_get_multipoint(const bfd_pkt_t *pkt)
Definition: bfd_protocol.c:124
bfd_session_s::remote_min_rx_usec
u64 remote_min_rx_usec
remote min rx interval (microseconds)
Definition: bfd_main.h:130
vlib_node_runtime_t
Definition: node.h:454
bfd_session_s::auth
struct bfd_session_s::@149 auth
authentication information
is_local
bool is_local
Definition: ikev2_types.api:33
bfd_session_s::config_required_min_rx_usec
u32 config_required_min_rx_usec
configured required min rx interval (microseconds)
Definition: bfd_main.h:121
bfd_set_remote_required_min_echo_rx
static void bfd_set_remote_required_min_echo_rx(bfd_main_t *bm, bfd_session_t *bs, u64 now, u32 remote_required_min_echo_rx_usec)
Definition: bfd_main.c:421
sw_if_index
vl_api_interface_index_t sw_if_index
Definition: wireguard.api:34
bfd_auth_key_t::key
u8 key[20]
key data directly usable for bfd purposes - already padded with zeroes (so we don't need the actual l...
Definition: bfd_main.h:52
bfd_transport_echo
static int bfd_transport_echo(vlib_main_t *vm, u32 bi, bfd_session_t *bs)
Definition: bfd_main.c:764
BFD_EVENT_NEW_SESSION
@ BFD_EVENT_NEW_SESSION
Definition: bfd_main.h:351
format_bfd_session
u8 * format_bfd_session(u8 *s, va_list *args)
Definition: bfd_main.c:1954
bfd_main_t::auth_keys
bfd_auth_key_t * auth_keys
pool of authentication keys
Definition: bfd_main.h:313
bfd_session_s::echo_secret
u32 echo_secret
secret used for calculating/checking checksum of echo packets
Definition: bfd_main.h:187
STRUCT_SIZE_OF
#define STRUCT_SIZE_OF(t, f)
Definition: clib.h:75
bfd_transport_udp6
int bfd_transport_udp6(vlib_main_t *vm, u32 bi, const struct bfd_session_s *bs)
transport packet over udpv6
Definition: bfd_udp.c:450
bfd_event_rpc
static void bfd_event_rpc(u32 bs_idx)
Definition: bfd_main.c:586
bfd_session_s::echo_last_tx_nsec
u64 echo_last_tx_nsec
timestamp of last echo packet transmitted
Definition: bfd_main.h:181
F
#define F(x)
bfd_is_echo_possible
static int bfd_is_echo_possible(bfd_session_t *bs)
Definition: bfd_main.c:847
SEC_PER_NSEC
#define SEC_PER_NSEC
Definition: bfd_main.h:446
bfd_session_s::echo_transmit_interval_nsec
u64 echo_transmit_interval_nsec
transmit interval for echo packets
Definition: bfd_main.h:175
vnet_api_error_t
vnet_api_error_t
Definition: api_errno.h:162
bfd_set_effective_desired_min_tx
static void bfd_set_effective_desired_min_tx(bfd_main_t *bm, bfd_session_t *bs, u64 now, u64 desired_min_tx_nsec)
Definition: bfd_main.c:381
bfd_input_trace_t
bfd packet trace capture
Definition: bfd_main.h:342
vlib_buffer_t
VLIB buffer representation.
Definition: buffer.h:111
bfd_rpc_notify_listeners_t::bs_idx
u32 bs_idx
Definition: bfd_main.c:598
BFD_ERR
#define BFD_ERR(...)
Definition: bfd_debug.h:72
bfd_session_s::echo_last_rx_nsec
u64 echo_last_rx_nsec
timestamp of last echo packet received
Definition: bfd_main.h:184
bfd_session_s::echo
u8 echo
1 is echo function is active, 0 otherwise
Definition: bfd_main.h:154
VLIB_REGISTER_NODE
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:169
format_bfd_session_brief
u8 * format_bfd_session_brief(u8 *s, va_list *args)
Definition: bfd_main.c:1984
random_default_seed
static uword random_default_seed(void)
Default random seed (unix/linux user-mode)
Definition: random.h:91
bfd_auth_set_key
vnet_api_error_t bfd_auth_set_key(u32 conf_key_id, u8 auth_type, u8 key_len, const u8 *key_data)
create or modify bfd authentication key
Definition: bfd_main.c:2153
flags
vl_api_wireguard_peer_flags_t flags
Definition: wireguard.api:105