From b5b99af8532b14ab60af3e79ac2b5ebd59b55a2d Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@nvidia.com>
Date: Sat, 6 Mar 2021 09:31:45 -0500
Subject: [PATCH] bgpd: Display RPKI validation state if we have it

When dumping data about prefixes in bgp.  Let's dump the
rpki validation state as well:

Output if rpki is turned on:
janelle# show rpki prefix 2003::/19
Prefix                                   Prefix Length  Origin-AS
2003::                                      19 -  19         3320
janelle# show bgp ipv6 uni 2003::/19
BGP routing table entry for 2003::/19
Paths: (1 available, best #1, table default)
  Not advertised to any peer
  15096 6939 3320
    ::ffff:4113:867a from 65.19.134.122 (193.72.216.231)
    (fe80::e063:daff:fe79:1dab) (used)
      Origin IGP, valid, external, best (First path received), validation-state: valid
      Last update: Sat Mar  6 09:20:51 2021
janelle# show rpki prefix 8.8.8.0/24
Prefix                                   Prefix Length  Origin-AS
janelle# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  100.99.229.142
  15096 6939 15169
    65.19.134.122 from 65.19.134.122 (193.72.216.231)
      Origin IGP, valid, external, best (First path received), validation-state: not found
      Last update: Sat Mar  6 09:21:25 2021

Example output when rpki is not configured:
eva# show bgp ipv4 uni 8.8.8.0/24
BGP routing table entry for 8.8.8.0/24
Paths: (1 available, best #1, table default)
  Advertised to non peer-group peers:
  janelle(192.168.161.137)
  64539 15096 6939 15169
    192.168.161.137(janelle) from janelle(192.168.161.137) (192.168.44.1)
      Origin IGP, valid, external, bestpath-from-AS 64539, best (First path received)
      Last update: Sat Mar  6 09:33:51 2021

Signed-off-by: Donald Sharp <sharpd@nvidia.com>
---
 bgpd/bgp_route.c | 35 +++++++++++++++++++++++++++++++++++
 bgpd/bgp_rpki.c  |  1 +
 bgpd/bgpd.h      |  5 +++++
 3 files changed, 41 insertions(+)

diff --git a/bgpd/bgp_route.c b/bgpd/bgp_route.c
index ea6bf95d14..a753b7ef60 100644
--- a/bgpd/bgp_route.c
+++ b/bgpd/bgp_route.c
@@ -97,6 +97,11 @@ DEFINE_HOOK(bgp_snmp_update_stats,
 	    (struct bgp_node *rn, struct bgp_path_info *pi, bool added),
 	    (rn, pi, added))
 
+DEFINE_HOOK(bgp_rpki_prefix_status,
+	    (struct peer *peer, struct attr *attr,
+	     const struct prefix *prefix),
+	    (peer, attr, prefix))
+
 /* Extern from bgp_dump.c */
 extern const char *bgp_origin_str[];
 extern const char *bgp_origin_long_str[];
@@ -7554,6 +7559,21 @@ static const char *bgp_origin2str(uint8_t origin)
 	return "n/a";
 }
 
+static const char *bgp_rpki_validation2str(int v_state)
+{
+	switch (v_state) {
+	case 1:
+		return "valid";
+	case 2:
+		return "not found";
+	case 3:
+		return "invalid";
+	default:
+		break;
+	}
+	return "ERROR";
+}
+
 int bgp_aggregate_unset(struct bgp *bgp, struct prefix *prefix, afi_t afi,
 			safi_t safi, char *errmsg, size_t errmsg_len)
 {
@@ -9568,6 +9588,7 @@ void route_vty_out_detail(struct vty *vty, struct bgp *bgp,
 	int i;
 	char *nexthop_hostname =
 		bgp_nexthop_hostname(path->peer, path->nexthop);
+	int rpki_validation_state = 0;
 
 	if (json_paths) {
 		json_path = json_object_new_object();
@@ -10166,6 +10187,20 @@ void route_vty_out_detail(struct vty *vty, struct bgp *bgp,
 		}
 	}
 
+	const struct prefix *p = bgp_dest_get_prefix(bn);
+	if (p->family == AF_INET || p->family == AF_INET6)
+		rpki_validation_state = hook_call(bgp_rpki_prefix_status,
+						  path->peer, path->attr, p);
+	if (rpki_validation_state) {
+		if (json_paths)
+			json_object_string_add(
+				json_path, "rpkiValidationState",
+				bgp_rpki_validation2str(rpki_validation_state));
+		else
+			vty_out(vty, ", validation-state: %s",
+				bgp_rpki_validation2str(rpki_validation_state));
+	}
+
 	if (json_bestpath)
 		json_object_object_add(json_path, "bestpath", json_bestpath);
 
diff --git a/bgpd/bgp_rpki.c b/bgpd/bgp_rpki.c
index 6bb33ff859..42951efb01 100644
--- a/bgpd/bgp_rpki.c
+++ b/bgpd/bgp_rpki.c
@@ -562,6 +562,7 @@ static int bgp_rpki_module_init(void)
 {
 	lrtr_set_alloc_functions(malloc_wrapper, realloc_wrapper, free_wrapper);
 
+	hook_register(bgp_rpki_prefix_status, rpki_validate_prefix);
 	hook_register(frr_late_init, bgp_rpki_init);
 	hook_register(frr_early_fini, &bgp_rpki_fini);
 
diff --git a/bgpd/bgpd.h b/bgpd/bgpd.h
index 23d0e9dfb1..3f5ec07796 100644
--- a/bgpd/bgpd.h
+++ b/bgpd/bgpd.h
@@ -2371,6 +2371,11 @@ DECLARE_HOOK(bgp_snmp_update_last_changed, (struct bgp *bgp), (bgp))
 DECLARE_HOOK(bgp_snmp_update_stats,
 	     (struct bgp_node *rn, struct bgp_path_info *pi, bool added),
 	     (rn, pi, added))
+DECLARE_HOOK(bgp_rpki_prefix_status,
+	     (struct peer * peer, struct attr *attr,
+	      const struct prefix *prefix),
+	     (peer, attr, prefix))
+
 void peer_nsf_stop(struct peer *peer);
 
 #endif /* _QUAGGA_BGPD_H */
-- 
2.39.5