diff options
Diffstat (limited to 'zebra')
41 files changed, 1549 insertions, 728 deletions
diff --git a/zebra/connected.h b/zebra/connected.h index 2a2b093395..75b6e05bda 100644 --- a/zebra/connected.h +++ b/zebra/connected.h @@ -22,6 +22,12 @@ #ifndef _ZEBRA_CONNECTED_H #define _ZEBRA_CONNECTED_H +#include <zebra.h> +#include <stdint.h> + +#include "lib/if.h" +#include "lib/prefix.h" + extern struct connected *connected_check(struct interface *ifp, union prefixconstptr p); extern struct connected *connected_check_ptp(struct interface *ifp, diff --git a/zebra/debug.h b/zebra/debug.h index 1c08459e26..e74afe476b 100644 --- a/zebra/debug.h +++ b/zebra/debug.h @@ -22,6 +22,8 @@ #ifndef _ZEBRA_DEBUG_H #define _ZEBRA_DEBUG_H +#include "lib/vty.h" + /* Debug flags. */ #define ZEBRA_DEBUG_EVENT 0x01 diff --git a/zebra/if_ioctl.c b/zebra/if_ioctl.c index f5ed945527..d17a9cf498 100644 --- a/zebra/if_ioctl.c +++ b/zebra/if_ioctl.c @@ -33,6 +33,7 @@ #include "log.h" #include "vrf.h" #include "vty.h" +#include "lib_errors.h" #include "zebra/interface.h" #include "zebra/rib.h" @@ -175,13 +176,15 @@ static int if_getaddrs(void) ret = getifaddrs(&ifap); if (ret != 0) { - zlog_err("getifaddrs(): %s", safe_strerror(errno)); + flog_err_sys(LIB_ERR_SYSTEM_CALL, "getifaddrs(): %s", + safe_strerror(errno)); return -1; } for (ifapfree = ifap; ifap; ifap = ifap->ifa_next) { if (ifap->ifa_addr == NULL) { - zlog_err( + flog_err( + LIB_ERR_INTERFACE, "%s: nonsensical ifaddr with NULL ifa_addr, ifname %s", __func__, (ifap->ifa_name ? ifap->ifa_name : "(null)")); @@ -190,8 +193,9 @@ static int if_getaddrs(void) ifp = if_lookup_by_name(ifap->ifa_name, VRF_DEFAULT); if (ifp == NULL) { - zlog_err("if_getaddrs(): Can't lookup interface %s\n", - ifap->ifa_name); + flog_err(LIB_ERR_INTERFACE, + "if_getaddrs(): Can't lookup interface %s\n", + ifap->ifa_name); continue; } diff --git a/zebra/if_ioctl_solaris.c b/zebra/if_ioctl_solaris.c index 6cf98e85f5..5a58fe1751 100644 --- a/zebra/if_ioctl_solaris.c +++ b/zebra/if_ioctl_solaris.c @@ -34,6 +34,7 @@ #include "privs.h" #include "vrf.h" #include "vty.h" +#include "lib_errors.h" #include "zebra/interface.h" #include "zebra/ioctl_solaris.h" @@ -58,29 +59,26 @@ static int interface_list_ioctl(int af) size_t needed, lastneeded = 0; char *buf = NULL; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); + frr_elevate_privs(&zserv_privs) { + sock = socket(af, SOCK_DGRAM, 0); + } - sock = socket(af, SOCK_DGRAM, 0); if (sock < 0) { zlog_warn("Can't make %s socket stream: %s", (af == AF_INET ? "AF_INET" : "AF_INET6"), safe_strerror(errno)); - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - return -1; } -calculate_lifc_len: /* must hold privileges to enter here */ - lifn.lifn_family = af; - lifn.lifn_flags = LIFC_NOXMIT; /* we want NOXMIT interfaces too */ - ret = ioctl(sock, SIOCGLIFNUM, &lifn); - save_errno = errno; +calculate_lifc_len: + frr_elevate_privs(&zserv_privs) { + lifn.lifn_family = af; + lifn.lifn_flags = LIFC_NOXMIT; + /* we want NOXMIT interfaces too */ + ret = ioctl(sock, SIOCGLIFNUM, &lifn); + save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + } if (ret < 0) { zlog_warn("interface_list_ioctl: SIOCGLIFNUM failed %s", @@ -100,11 +98,7 @@ calculate_lifc_len: /* must hold privileges to enter here */ if (needed > lastneeded || needed < lastneeded / 2) { if (buf != NULL) XFREE(MTYPE_TMP, buf); - if ((buf = XMALLOC(MTYPE_TMP, needed)) == NULL) { - zlog_warn("interface_list_ioctl: malloc failed"); - close(sock); - return -1; - } + buf = XMALLOC(MTYPE_TMP, needed); } lastneeded = needed; @@ -113,27 +107,18 @@ calculate_lifc_len: /* must hold privileges to enter here */ lifconf.lifc_len = needed; lifconf.lifc_buf = buf; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - - ret = ioctl(sock, SIOCGLIFCONF, &lifconf); + frr_elevate_privs(&zserv_privs) { + ret = ioctl(sock, SIOCGLIFCONF, &lifconf); + } if (ret < 0) { if (errno == EINVAL) - goto calculate_lifc_len; /* deliberately hold privileges - */ + goto calculate_lifc_len; zlog_warn("SIOCGLIFCONF: %s", safe_strerror(errno)); - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - goto end; } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - /* Allocate interface. */ lifreq = lifconf.lifc_req; diff --git a/zebra/if_netlink.c b/zebra/if_netlink.c index 56e27e6dc8..a15d914243 100644 --- a/zebra/if_netlink.c +++ b/zebra/if_netlink.c @@ -52,6 +52,7 @@ #include "vrf.h" #include "vrf_int.h" #include "mpls.h" +#include "lib_errors.h" #include "vty.h" #include "zebra/zserv.h" @@ -79,9 +80,9 @@ static void set_ifindex(struct interface *ifp, ifindex_t ifi_index, if (((oifp = if_lookup_by_index_per_ns(zns, ifi_index)) != NULL) && (oifp != ifp)) { if (ifi_index == IFINDEX_INTERNAL) - zlog_err( - "Netlink is setting interface %s ifindex to reserved " - "internal value %u", + flog_err( + LIB_ERR_INTERFACE, + "Netlink is setting interface %s ifindex to reserved internal value %u", ifp->name, ifi_index); else { if (IS_ZEBRA_DEBUG_KERNEL) @@ -89,9 +90,9 @@ static void set_ifindex(struct interface *ifp, ifindex_t ifi_index, "interface index %d was renamed from %s to %s", ifi_index, oifp->name, ifp->name); if (if_is_up(oifp)) - zlog_err( - "interface rename detected on up interface: index %d " - "was renamed from %s to %s, results are uncertain!", + flog_err( + LIB_ERR_INTERFACE, + "interface rename detected on up interface: index %d was renamed from %s to %s, results are uncertain!", ifi_index, oifp->name, ifp->name); if_delete_update(oifp); } @@ -309,8 +310,8 @@ static void netlink_vrf_change(struct nlmsghdr *h, struct rtattr *tb, vrf = vrf_get((vrf_id_t)ifi->ifi_index, name); // It would create vrf if (!vrf) { - zlog_err("VRF %s id %u not created", name, - ifi->ifi_index); + flog_err(LIB_ERR_INTERFACE, "VRF %s id %u not created", + name, ifi->ifi_index); return; } @@ -331,8 +332,9 @@ static void netlink_vrf_change(struct nlmsghdr *h, struct rtattr *tb, /* Enable the created VRF. */ if (!vrf_enable(vrf)) { - zlog_err("Failed to enable VRF %s id %u", name, - ifi->ifi_index); + flog_err(LIB_ERR_INTERFACE, + "Failed to enable VRF %s id %u", name, + ifi->ifi_index); return; } @@ -373,20 +375,20 @@ static int get_iflink_speed(struct interface *interface) ifdata.ifr_data = (caddr_t)&ecmd; /* use ioctl to get IP address of an interface */ - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - sd = vrf_socket(PF_INET, SOCK_DGRAM, IPPROTO_IP, interface->vrf_id, - NULL); - if (sd < 0) { - if (IS_ZEBRA_DEBUG_KERNEL) - zlog_debug("Failure to read interface %s speed: %d %s", - ifname, errno, safe_strerror(errno)); - return 0; - } + frr_elevate_privs(&zserv_privs) { + sd = vrf_socket(PF_INET, SOCK_DGRAM, IPPROTO_IP, + interface->vrf_id, + NULL); + if (sd < 0) { + if (IS_ZEBRA_DEBUG_KERNEL) + zlog_debug("Failure to read interface %s speed: %d %s", + ifname, errno, safe_strerror(errno)); + return 0; + } /* Get the current link state for the interface */ - rc = vrf_ioctl(interface->vrf_id, sd, SIOCETHTOOL, (char *)&ifdata); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + rc = vrf_ioctl(interface->vrf_id, sd, SIOCETHTOOL, + (char *)&ifdata); + } if (rc < 0) { if (IS_ZEBRA_DEBUG_KERNEL) zlog_debug( @@ -915,7 +917,8 @@ int netlink_interface_addr(struct nlmsghdr *h, ns_id_t ns_id, int startup) ifp = if_lookup_by_index_per_ns(zns, ifa->ifa_index); if (ifp == NULL) { - zlog_err( + flog_err( + LIB_ERR_INTERFACE, "netlink_interface_addr can't find interface by index %d", ifa->ifa_index); return -1; diff --git a/zebra/interface.c b/zebra/interface.c index 4211155c27..763931d350 100644 --- a/zebra/interface.c +++ b/zebra/interface.c @@ -22,6 +22,7 @@ #include <zebra.h> #include "if.h" +#include "lib_errors.h" #include "vty.h" #include "sockunion.h" #include "prefix.h" @@ -718,7 +719,8 @@ void if_delete_update(struct interface *ifp) struct zebra_if *zif; if (if_is_up(ifp)) { - zlog_err( + flog_err( + LIB_ERR_INTERFACE, "interface %s vrf %u index %d is still up while being deleted.", ifp->name, ifp->vrf_id, ifp->ifindex); return; diff --git a/zebra/ioctl.c b/zebra/ioctl.c index a577b008d5..0469bc38c0 100644 --- a/zebra/ioctl.c +++ b/zebra/ioctl.c @@ -27,6 +27,7 @@ #include "ioctl.h" #include "log.h" #include "privs.h" +#include "lib_errors.h" #include "vty.h" #include "zebra/rib.h" @@ -54,22 +55,16 @@ int if_ioctl(unsigned long request, caddr_t buffer) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_err("Cannot create UDP socket: %s", - safe_strerror(save_errno)); - exit(1); + frr_elevate_privs(&zserv_privs) { + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create UDP socket: %s", + safe_strerror(errno)); + exit(1); + } + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); close(sock); if (ret < 0) { @@ -86,23 +81,17 @@ int vrf_if_ioctl(unsigned long request, caddr_t buffer, vrf_id_t vrf_id) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - sock = vrf_socket(AF_INET, SOCK_DGRAM, 0, vrf_id, NULL); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_err("Cannot create UDP socket: %s", - safe_strerror(save_errno)); - exit(1); + frr_elevate_privs(&zserv_privs) { + sock = vrf_socket(AF_INET, SOCK_DGRAM, 0, vrf_id, NULL); + if (sock < 0) { + zlog_err("Cannot create UDP socket: %s", + safe_strerror(errno)); + exit(1); + } + ret = vrf_ioctl(vrf_id, sock, request, buffer); + if (ret < 0) + err = errno; } - ret = vrf_ioctl(vrf_id, sock, request, buffer); - if (ret < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); close(sock); if (ret < 0) { @@ -119,23 +108,17 @@ static int if_ioctl_ipv6(unsigned long request, caddr_t buffer) int ret; int err = 0; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - sock = socket(AF_INET6, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_err("Cannot create IPv6 datagram socket: %s", - safe_strerror(save_errno)); - exit(1); - } + frr_elevate_privs(&zserv_privs) { + sock = socket(AF_INET6, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create IPv6 datagram socket: %s", + safe_strerror(errno)); + exit(1); + } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; + } close(sock); if (ret < 0) { @@ -413,8 +396,9 @@ void if_get_flags(struct interface *ifp) ret = vrf_if_ioctl(SIOCGIFFLAGS, (caddr_t)&ifreq, ifp->vrf_id); if (ret < 0) { - zlog_err("vrf_if_ioctl(SIOCGIFFLAGS) failed: %s", - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SYSTEM_CALL, + "vrf_if_ioctl(SIOCGIFFLAGS) failed: %s", + safe_strerror(errno)); return; } #ifdef HAVE_BSD_LINK_DETECT /* Detect BSD link-state at start-up */ @@ -431,8 +415,9 @@ void if_get_flags(struct interface *ifp) /* Seems not all interfaces implement this ioctl */ if (if_ioctl(SIOCGIFMEDIA, (caddr_t)&ifmr) < 0) - zlog_err("if_ioctl(SIOCGIFMEDIA) failed: %s", - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SYSTEM_CALL, + "if_ioctl(SIOCGIFMEDIA) failed: %s", + safe_strerror(errno)); else if (ifmr.ifm_status & IFM_AVALID) /* Link state is valid */ { if (ifmr.ifm_status & IFM_ACTIVE) diff --git a/zebra/ioctl_solaris.c b/zebra/ioctl_solaris.c index eb68451f7c..260911ce67 100644 --- a/zebra/ioctl_solaris.c +++ b/zebra/ioctl_solaris.c @@ -31,6 +31,7 @@ #include "privs.h" #include "vty.h" #include "vrf.h" +#include "lib_errors.h" #include "zebra/rib.h" #include "zebra/rt.h" @@ -57,24 +58,19 @@ int if_ioctl(unsigned long request, caddr_t buffer) int ret; int err; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - - sock = socket(AF_INET, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_err("Cannot create UDP socket: %s", - safe_strerror(save_errno)); - exit(1); - } + frr_elevate_privs(&zserv_privs) { + + sock = socket(AF_INET, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create UDP socket: %s", + safe_strerror(errno)); + exit(1); + } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + } close(sock); @@ -92,24 +88,19 @@ int if_ioctl_ipv6(unsigned long request, caddr_t buffer) int ret; int err; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - - sock = socket(AF_INET6, SOCK_DGRAM, 0); - if (sock < 0) { - int save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_err("Cannot create IPv6 datagram socket: %s", - safe_strerror(save_errno)); - exit(1); - } + frr_elevate_privs(&zserv_privs) { + + sock = socket(AF_INET6, SOCK_DGRAM, 0); + if (sock < 0) { + zlog_err("Cannot create IPv6 datagram socket: %s", + safe_strerror(errno)); + exit(1); + } - if ((ret = ioctl(sock, request, buffer)) < 0) - err = errno; + if ((ret = ioctl(sock, request, buffer)) < 0) + err = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + } close(sock); diff --git a/zebra/ipforward_proc.c b/zebra/ipforward_proc.c index f823ec4384..3a766b1ea9 100644 --- a/zebra/ipforward_proc.c +++ b/zebra/ipforward_proc.c @@ -25,6 +25,7 @@ #include "log.h" #include "privs.h" +#include "lib_errors.h" #include "zebra/ipforward.h" @@ -76,24 +77,19 @@ int ipforward_on(void) { FILE *fp; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges, %s", safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen(proc_ipv4_forwarding, "w"); + fp = fopen(proc_ipv4_forwarding, "w"); - if (fp == NULL) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", - safe_strerror(errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf(fp, "1\n"); + fprintf(fp, "1\n"); - fclose(fp); + fclose(fp); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", safe_strerror(errno)); + } return ipforward(); } @@ -102,24 +98,19 @@ int ipforward_off(void) { FILE *fp; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges, %s", safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen(proc_ipv4_forwarding, "w"); + fp = fopen(proc_ipv4_forwarding, "w"); - if (fp == NULL) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", - safe_strerror(errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf(fp, "0\n"); + fprintf(fp, "0\n"); - fclose(fp); + fclose(fp); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", safe_strerror(errno)); + } return ipforward(); } @@ -153,24 +144,19 @@ int ipforward_ipv6_on(void) { FILE *fp; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges, %s", safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen(proc_ipv6_forwarding, "w"); + fp = fopen(proc_ipv6_forwarding, "w"); - if (fp == NULL) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", - safe_strerror(errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf(fp, "1\n"); + fprintf(fp, "1\n"); - fclose(fp); + fclose(fp); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", safe_strerror(errno)); + } return ipforward_ipv6(); } @@ -180,24 +166,19 @@ int ipforward_ipv6_off(void) { FILE *fp; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges, %s", safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - fp = fopen(proc_ipv6_forwarding, "w"); + fp = fopen(proc_ipv6_forwarding, "w"); - if (fp == NULL) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", - safe_strerror(errno)); - return -1; - } + if (fp == NULL) { + return -1; + } - fprintf(fp, "0\n"); + fprintf(fp, "0\n"); - fclose(fp); + fclose(fp); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges, %s", safe_strerror(errno)); + } return ipforward_ipv6(); } diff --git a/zebra/ipforward_solaris.c b/zebra/ipforward_solaris.c index 123cf1bd08..b06baa04a9 100644 --- a/zebra/ipforward_solaris.c +++ b/zebra/ipforward_solaris.c @@ -25,6 +25,7 @@ #include "log.h" #include "prefix.h" +#include "lib_errors.h" #include "privs.h" #include "zebra/ipforward.h" @@ -69,10 +70,10 @@ static int solaris_nd(const int cmd, const char *parameter, const int value) else if (cmd == ND_GET) snprintf(nd_buf, ND_BUFFER_SIZE, "%s", parameter); else { - zlog_err( - "internal error - inappropriate command given to " - "solaris_nd()%s:%d", - __FILE__, __LINE__); + flog_err_sys(LIB_ERR_SYSTEM_CALL, + "internal error - inappropriate command given to " + "solaris_nd()%s:%d", + __FILE__, __LINE__); return -1; } @@ -81,27 +82,21 @@ static int solaris_nd(const int cmd, const char *parameter, const int value) strioctl.ic_len = ND_BUFFER_SIZE; strioctl.ic_dp = nd_buf; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("solaris_nd: Can't raise privileges"); - if ((fd = open(device, O_RDWR)) < 0) { - zlog_warn("failed to open device %s - %s", device, - safe_strerror(errno)); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("solaris_nd: Can't lower privileges"); - return -1; - } - if (ioctl(fd, I_STR, &strioctl) < 0) { - int save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("solaris_nd: Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + if ((fd = open(device, O_RDWR)) < 0) { + zlog_warn("failed to open device %s - %s", device, + safe_strerror(errno)); + return -1; + } + if (ioctl(fd, I_STR, &strioctl) < 0) { + close(fd); + zlog_warn("ioctl I_STR failed on device %s - %s", + device, + safe_strerror(errno)); + return -1; + } close(fd); - zlog_warn("ioctl I_STR failed on device %s - %s", device, - safe_strerror(save_errno)); - return -1; } - close(fd); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("solaris_nd: Can't lower privileges"); if (cmd == ND_GET) { errno = 0; diff --git a/zebra/ipforward_sysctl.c b/zebra/ipforward_sysctl.c index cdf426b9b8..74a178e59c 100644 --- a/zebra/ipforward_sysctl.c +++ b/zebra/ipforward_sysctl.c @@ -26,6 +26,7 @@ #include "zebra/ipforward.h" #include "log.h" +#include "lib_errors.h" #define MIB_SIZ 4 @@ -53,16 +54,12 @@ int ipforward_on(void) int ipforwarding = 1; len = sizeof ipforwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_warn("Can't set ipforwarding on"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { + zlog_warn("Can't set ipforwarding on"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); return ipforwarding; } @@ -72,16 +69,12 @@ int ipforward_off(void) int ipforwarding = 0; len = sizeof ipforwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_warn("Can't set ipforwarding on"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib, MIB_SIZ, NULL, NULL, &ipforwarding, len) < 0) { + zlog_warn("Can't set ipforwarding on"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); return ipforwarding; } @@ -100,16 +93,12 @@ int ipforward_ipv6(void) int ip6forwarding = 0; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, &ip6forwarding, &len, 0, 0) < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); return ip6forwarding; } @@ -119,16 +108,13 @@ int ipforward_ipv6_on(void) int ip6forwarding = 1; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) + < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); return ip6forwarding; } @@ -138,16 +124,13 @@ int ipforward_ipv6_off(void) int ip6forwarding = 0; len = sizeof ip6forwarding; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - zlog_warn("can't get ip6forwarding value"); - return -1; + frr_elevate_privs(&zserv_privs) { + if (sysctl(mib_ipv6, MIB_SIZ, NULL, NULL, &ip6forwarding, len) + < 0) { + zlog_warn("can't get ip6forwarding value"); + return -1; + } } - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); return ip6forwarding; } diff --git a/zebra/irdp_interface.c b/zebra/irdp_interface.c index ca78404797..f02ba1fa2f 100644 --- a/zebra/irdp_interface.c +++ b/zebra/irdp_interface.c @@ -1,7 +1,13 @@ /* * - * Copyright (C) 2000 Robert Olsson. - * Swedish University of Agricultural Sciences + * Copyright (C) 1997, 2000 + * Portions: + * Swedish University of Agricultural Sciences + * Robert Olsson + * Kunihiro Ishiguro + * + * Thanks to Jens Laas at Swedish University of Agricultural Sciences + * for reviewing and tests. * * This file is part of GNU Zebra. * @@ -20,19 +26,6 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ -/* - * This work includes work with the following copywrite: - * - * Copyright (C) 1997, 2000 Kunihiro Ishiguro - * - */ - -/* - * Thanks to Jens Låås at Swedish University of Agricultural Sciences - * for reviewing and tests. - */ - - #include <zebra.h> #include "if.h" diff --git a/zebra/irdp_main.c b/zebra/irdp_main.c index c2411d083f..771ae796e1 100644 --- a/zebra/irdp_main.c +++ b/zebra/irdp_main.c @@ -28,7 +28,7 @@ */ /* - * Thanks to Jens Låås at Swedish University of Agricultural Sciences + * Thanks to Jens Laas at Swedish University of Agricultural Sciences * for reviewing and tests. */ @@ -51,6 +51,7 @@ #include "thread.h" #include "privs.h" #include "libfrr.h" +#include "lib_errors.h" #include "version.h" #include "zebra/interface.h" #include "zebra/rtadv.h" @@ -80,16 +81,12 @@ int irdp_sock_init(void) int save_errno; int sock; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("irdp_sock_init: could not raise privs, %s", - safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); - save_errno = errno; + sock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("irdp_sock_init: could not lower privs, %s", - safe_strerror(errno)); + } if (sock < 0) { zlog_warn("IRDP: can't create irdp socket %s", diff --git a/zebra/irdp_packet.c b/zebra/irdp_packet.c index b0dde96cce..c36c958973 100644 --- a/zebra/irdp_packet.c +++ b/zebra/irdp_packet.c @@ -28,39 +28,39 @@ */ /* - * Thanks to Jens Låås at Swedish University of Agricultural Sciences + * Thanks to Jens Laas at Swedish University of Agricultural Sciences * for reviewing and tests. */ #include <zebra.h> +#include <netinet/ip_icmp.h> - -#include "if.h" -#include "vty.h" -#include "sockunion.h" -#include "prefix.h" +#include "checksum.h" #include "command.h" -#include "memory.h" -#include "zebra_memory.h" -#include "stream.h" -#include "ioctl.h" #include "connected.h" +#include "if.h" +#include "ioctl.h" #include "log.h" -#include "zclient.h" +#include "log.h" +#include "memory.h" +#include "prefix.h" +#include "sockopt.h" +#include "sockunion.h" +#include "sockunion.h" +#include "stream.h" #include "thread.h" +#include "vty.h" +#include "zclient.h" + +#include "zebra_memory.h" #include "zebra/interface.h" #include "zebra/rtadv.h" #include "zebra/rib.h" #include "zebra/zserv.h" #include "zebra/redistribute.h" #include "zebra/irdp.h" -#include <netinet/ip_icmp.h> -#include "if.h" -#include "checksum.h" -#include "sockunion.h" -#include "log.h" -#include "sockopt.h" +#include "zebra/zebra_errors.h" /* GLOBAL VARS */ @@ -95,13 +95,15 @@ static void parse_irdp_packet(char *p, int len, struct interface *ifp) src = ip->ip_src; if (len != iplen) { - zlog_err("IRDP: RX length doesnt match IP length"); + flog_err(ZEBRA_ERR_IRDP_LEN_MISMATCH, + "IRDP: RX length doesnt match IP length"); return; } if (iplen < ICMP_MINLEN) { - zlog_err("IRDP: RX ICMP packet too short from %s\n", - inet_ntoa(src)); + flog_err(ZEBRA_ERR_IRDP_LEN_MISMATCH, + "IRDP: RX ICMP packet too short from %s\n", + inet_ntoa(src)); return; } @@ -110,8 +112,9 @@ static void parse_irdp_packet(char *p, int len, struct interface *ifp) + len of IP-header) 14+20 */ if (iplen > IRDP_RX_BUF - 34) { - zlog_err("IRDP: RX ICMP packet too long from %s\n", - inet_ntoa(src)); + flog_err(ZEBRA_ERR_IRDP_LEN_MISMATCH, + "IRDP: RX ICMP packet too long from %s\n", + inet_ntoa(src)); return; } diff --git a/zebra/kernel_netlink.c b/zebra/kernel_netlink.c index a5c2cd69f3..ef7c26c9df 100644 --- a/zebra/kernel_netlink.c +++ b/zebra/kernel_netlink.c @@ -41,6 +41,7 @@ #include "nexthop.h" #include "vrf.h" #include "mpls.h" +#include "lib_errors.h" #include "zebra/zserv.h" #include "zebra/zebra_ns.h" @@ -51,6 +52,7 @@ #include "zebra/rt_netlink.h" #include "zebra/if_netlink.h" #include "zebra/rule_netlink.h" +#include "zebra/zebra_errors.h" #ifndef SO_RCVBUFFORCE #define SO_RCVBUFFORCE (33) @@ -147,9 +149,8 @@ int netlink_talk_filter(struct nlmsghdr *h, ns_id_t ns_id, int startup) * received some other message in an unexpected * way. */ - zlog_err("%s: ignoring message type 0x%04x(%s) NS %u", - __PRETTY_FUNCTION__, h->nlmsg_type, - nl_msg_type_to_str(h->nlmsg_type), ns_id); + zlog_debug("%s: ignoring message type 0x%04x(%s) NS %u", __func__, + h->nlmsg_type, nl_msg_type_to_str(h->nlmsg_type), ns_id); return 0; } @@ -162,31 +163,33 @@ static int netlink_recvbuf(struct nlsock *nl, uint32_t newsize) ret = getsockopt(nl->sock, SOL_SOCKET, SO_RCVBUF, &oldsize, &oldlen); if (ret < 0) { - zlog_err("Can't get %s receive buffer size: %s", nl->name, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, + "Can't get %s receive buffer size: %s", nl->name, + safe_strerror(errno)); return -1; } /* Try force option (linux >= 2.6.14) and fall back to normal set */ - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("routing_socket: Can't raise privileges"); - ret = setsockopt(nl->sock, SOL_SOCKET, SO_RCVBUFFORCE, &nl_rcvbufsize, - sizeof(nl_rcvbufsize)); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("routing_socket: Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ret = setsockopt(nl->sock, SOL_SOCKET, SO_RCVBUFFORCE, + &nl_rcvbufsize, + sizeof(nl_rcvbufsize)); + } if (ret < 0) ret = setsockopt(nl->sock, SOL_SOCKET, SO_RCVBUF, &nl_rcvbufsize, sizeof(nl_rcvbufsize)); if (ret < 0) { - zlog_err("Can't set %s receive buffer size: %s", nl->name, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, + "Can't set %s receive buffer size: %s", nl->name, + safe_strerror(errno)); return -1; } ret = getsockopt(nl->sock, SOL_SOCKET, SO_RCVBUF, &newsize, &newlen); if (ret < 0) { - zlog_err("Can't get %s receive buffer size: %s", nl->name, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, + "Can't get %s receive buffer size: %s", nl->name, + safe_strerror(errno)); return -1; } @@ -203,33 +206,26 @@ static int netlink_socket(struct nlsock *nl, unsigned long groups, struct sockaddr_nl snl; int sock; int namelen; - int save_errno; - if (zserv_privs.change(ZPRIVS_RAISE)) { - zlog_err("Can't raise privileges"); - return -1; - } - - sock = ns_socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE, ns_id); - if (sock < 0) { - zlog_err("Can't open %s socket: %s", nl->name, - safe_strerror(errno)); - return -1; - } + frr_elevate_privs(&zserv_privs) { + sock = ns_socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE, ns_id); + if (sock < 0) { + zlog_err("Can't open %s socket: %s", nl->name, + safe_strerror(errno)); + return -1; + } - memset(&snl, 0, sizeof snl); - snl.nl_family = AF_NETLINK; - snl.nl_groups = groups; + memset(&snl, 0, sizeof snl); + snl.nl_family = AF_NETLINK; + snl.nl_groups = groups; - /* Bind the socket to the netlink structure for anything. */ - ret = bind(sock, (struct sockaddr *)&snl, sizeof snl); - save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + /* Bind the socket to the netlink structure for anything. */ + ret = bind(sock, (struct sockaddr *)&snl, sizeof snl); + } if (ret < 0) { zlog_err("Can't bind %s socket to group 0x%x: %s", nl->name, - snl.nl_groups, safe_strerror(save_errno)); + snl.nl_groups, safe_strerror(errno)); close(sock); return -1; } @@ -238,8 +234,8 @@ static int netlink_socket(struct nlsock *nl, unsigned long groups, namelen = sizeof snl; ret = getsockname(sock, (struct sockaddr *)&snl, (socklen_t *)&namelen); if (ret < 0 || namelen != sizeof snl) { - zlog_err("Can't get %s socket name: %s", nl->name, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, "Can't get %s socket name: %s", + nl->name, safe_strerror(errno)); close(sock); return -1; } @@ -290,9 +286,10 @@ static int netlink_information_fetch(struct nlmsghdr *h, ns_id_t ns_id, * this message type or not ask for * it to be sent up to us */ - zlog_err("Unknown netlink nlmsg_type %s(%d) vrf %u\n", - nl_msg_type_to_str(h->nlmsg_type), h->nlmsg_type, - ns_id); + flog_err(ZEBRA_ERR_UNKNOWN_NLMSG, + "Unknown netlink nlmsg_type %s(%d) vrf %u\n", + nl_msg_type_to_str(h->nlmsg_type), h->nlmsg_type, + ns_id); break; } return 0; @@ -335,15 +332,15 @@ static void netlink_write_incoming(const char *buf, const unsigned int size, char fname[MAXPATHLEN]; FILE *f; - zserv_privs.change(ZPRIVS_RAISE); snprintf(fname, MAXPATHLEN, "%s/%s_%u", DAEMON_VTY_DIR, "netlink", counter); - f = fopen(fname, "w"); + frr_elevate_privs(&zserv_privs) { + f = fopen(fname, "w"); + } if (f) { fwrite(buf, 1, size, f); fclose(f); } - zserv_privs.change(ZPRIVS_LOWER); } /** @@ -358,8 +355,9 @@ static long netlink_read_file(char *buf, const char *fname) FILE *f; long file_bytes = -1; - zserv_privs.change(ZPRIVS_RAISE); - f = fopen(fname, "r"); + frr_elevate_privs(&zserv_privs) { + f = fopen(fname, "r"); + } if (f) { fseek(f, 0, SEEK_END); file_bytes = ftell(f); @@ -367,7 +365,6 @@ static long netlink_read_file(char *buf, const char *fname) fread(buf, NL_RCV_PKT_BUF_SIZE, 1, f); fclose(f); } - zserv_privs.change(ZPRIVS_LOWER); return file_bytes; } @@ -699,8 +696,9 @@ int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int), continue; if (errno == EWOULDBLOCK || errno == EAGAIN) break; - zlog_err("%s recvmsg overrun: %s", nl->name, - safe_strerror(errno)); + flog_err(ZEBRA_ERR_RECVMSG_OVERRUN, + "%s recvmsg overrun: %s", nl->name, + safe_strerror(errno)); /* * In this case we are screwed. * There is no good way to @@ -711,13 +709,14 @@ int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int), } if (status == 0) { - zlog_err("%s EOF", nl->name); + flog_err_sys(LIB_ERR_SOCKET, "%s EOF", nl->name); return -1; } if (msg.msg_namelen != sizeof snl) { - zlog_err("%s sender address length error: length %d", - nl->name, msg.msg_namelen); + flog_err(ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "%s sender address length error: length %d", + nl->name, msg.msg_namelen); return -1; } @@ -788,6 +787,15 @@ int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int), continue; } + if (h->nlmsg_len + < NLMSG_LENGTH(sizeof(struct nlmsgerr))) { + flog_err( + ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "%s error: message truncated", + nl->name); + return -1; + } + /* Deal with errors that occur because of races * in link handling */ if (nl == &zns->netlink_cmd @@ -836,7 +844,8 @@ int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int), err->msg.nlmsg_seq, err->msg.nlmsg_pid); } else - zlog_err( + flog_err( + ZEBRA_ERR_UNEXPECTED_MESSAGE, "%s error: %s, type=%s(%u), seq=%u, pid=%u", nl->name, safe_strerror(-errnum), @@ -862,27 +871,28 @@ int netlink_parse_info(int (*filter)(struct nlmsghdr *, ns_id_t, int), * other actors besides the kernel */ if (snl.nl_pid != 0) { - zlog_err("Ignoring message from pid %u", - snl.nl_pid); + zlog_debug("Ignoring message from pid %u", + snl.nl_pid); continue; } error = (*filter)(h, zns->ns_id, startup); if (error < 0) { - zlog_err("%s filter function error", nl->name); - zlog_backtrace(LOG_ERR); + zlog_warn("%s filter function error", nl->name); ret = error; } } /* After error care. */ if (msg.msg_flags & MSG_TRUNC) { - zlog_err("%s error: message truncated", nl->name); + flog_err(ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "%s error: message truncated", nl->name); continue; } if (status) { - zlog_err("%s error: data remnant size %d", nl->name, - status); + flog_err(ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "%s error: data remnant size %d", nl->name, + status); return -1; } } @@ -906,11 +916,11 @@ int netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), struct nlmsghdr *n, struct nlsock *nl, struct zebra_ns *zns, int startup) { - int status; + int status = 0; struct sockaddr_nl snl; struct iovec iov; struct msghdr msg; - int save_errno; + int save_errno = 0; memset(&snl, 0, sizeof snl); memset(&iov, 0, sizeof iov); @@ -936,12 +946,10 @@ int netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), n->nlmsg_flags); /* Send message to netlink interface. */ - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - status = sendmsg(nl->sock, &msg, 0); - save_errno = errno; - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + status = sendmsg(nl->sock, &msg, 0); + save_errno = errno; + } if (IS_ZEBRA_DEBUG_KERNEL_MSGDUMP_SEND) { zlog_debug("%s: >> netlink message dump [sent]", __func__); @@ -949,8 +957,8 @@ int netlink_talk(int (*filter)(struct nlmsghdr *, ns_id_t, int startup), } if (status < 0) { - zlog_err("netlink_talk sendmsg() error: %s", - safe_strerror(save_errno)); + flog_err_sys(LIB_ERR_SOCKET, "netlink_talk sendmsg() error: %s", + safe_strerror(save_errno)); return -1; } @@ -969,11 +977,11 @@ int netlink_request(struct nlsock *nl, struct nlmsghdr *n) { int ret; struct sockaddr_nl snl; - int save_errno; /* Check netlink socket. */ if (nl->sock < 0) { - zlog_err("%s socket isn't active.", nl->name); + flog_err_sys(LIB_ERR_SOCKET, "%s socket isn't active.", + nl->name); return -1; } @@ -986,21 +994,14 @@ int netlink_request(struct nlsock *nl, struct nlmsghdr *n) snl.nl_family = AF_NETLINK; /* Raise capabilities and send message, then lower capabilities. */ - if (zserv_privs.change(ZPRIVS_RAISE)) { - zlog_err("Can't raise privileges"); - return -1; + frr_elevate_privs(&zserv_privs) { + ret = sendto(nl->sock, (void *)n, n->nlmsg_len, 0, + (struct sockaddr *)&snl, sizeof snl); } - ret = sendto(nl->sock, (void *)n, n->nlmsg_len, 0, - (struct sockaddr *)&snl, sizeof snl); - save_errno = errno; - - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); - if (ret < 0) { zlog_err("%s sendto failed: %s", nl->name, - safe_strerror(save_errno)); + safe_strerror(errno)); return -1; } @@ -1074,8 +1075,8 @@ void kernel_init(struct zebra_ns *zns) /* Register kernel socket. */ if (fcntl(zns->netlink.sock, F_SETFL, O_NONBLOCK) < 0) - zlog_err("Can't set %s socket error: %s(%d)", - zns->netlink.name, safe_strerror(errno), errno); + flog_err_sys(LIB_ERR_SOCKET, "Can't set %s socket flags: %s", + zns->netlink.name, safe_strerror(errno)); if (fcntl(zns->netlink_cmd.sock, F_SETFL, O_NONBLOCK) < 0) zlog_err("Can't set %s socket error: %s(%d)", diff --git a/zebra/kernel_socket.c b/zebra/kernel_socket.c index 71d709e72d..78e25e7626 100644 --- a/zebra/kernel_socket.c +++ b/zebra/kernel_socket.c @@ -39,6 +39,7 @@ #include "rib.h" #include "privs.h" #include "vrf.h" +#include "lib_errors.h" #include "zebra/rt.h" #include "zebra/interface.h" @@ -46,6 +47,7 @@ #include "zebra/debug.h" #include "zebra/kernel_socket.h" #include "zebra/rib.h" +#include "zebra/zebra_errors.h" extern struct zebra_privs_t zserv_privs; @@ -407,8 +409,9 @@ int ifm_read(struct if_msghdr *ifm) /* paranoia: sanity check structure */ if (ifm->ifm_msglen < sizeof(struct if_msghdr)) { - zlog_err("ifm_read: ifm->ifm_msglen %d too short\n", - ifm->ifm_msglen); + flog_err(ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "ifm_read: ifm->ifm_msglen %d too short\n", + ifm->ifm_msglen); return -1; } @@ -1382,15 +1385,11 @@ static int kernel_read(struct thread *thread) /* Make routing socket. */ static void routing_socket(struct zebra_ns *zns) { - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("routing_socket: Can't raise privileges"); - - routing_sock = - ns_socket(AF_ROUTE, SOCK_RAW, 0, zns->ns_id); + frr_elevate_privs(&zserv_privs) { + routing_sock = ns_socket(AF_ROUTE, SOCK_RAW, 0, zns->ns_id); + } if (routing_sock < 0) { - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("routing_socket: Can't lower privileges"); zlog_warn("Can't init kernel routing socket"); return; } @@ -1402,9 +1401,6 @@ static void routing_socket(struct zebra_ns *zns) /*if (fcntl (routing_sock, F_SETFL, O_NONBLOCK) < 0) zlog_warn ("Can't set O_NONBLOCK to routing socket");*/ - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("routing_socket: Can't lower privileges"); - /* kernel_read needs rewrite. */ thread_add_read(zebrad.master, kernel_read, NULL, routing_sock, NULL); } diff --git a/zebra/label_manager.c b/zebra/label_manager.c index b24a4b68dc..e53764c770 100644 --- a/zebra/label_manager.c +++ b/zebra/label_manager.c @@ -21,12 +21,11 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ +#include <zebra.h> #include <stdio.h> #include <string.h> #include <sys/types.h> -#include "zebra.h" -#include "zserv.h" #include "lib/log.h" #include "lib/memory.h" #include "lib/mpls.h" @@ -35,7 +34,9 @@ #include "lib/zclient.h" #include "lib/libfrr.h" -#include "label_manager.h" +#include "zebra/zserv.h" +#include "zebra/label_manager.h" +#include "zebra/zebra_errors.h" #define CONNECTION_DELAY 5 @@ -82,8 +83,9 @@ static int relay_response_back(void) ret = zclient_read_header(src, zclient->sock, &size, &marker, &version, &vrf_id, &resp_cmd); if (ret < 0 && errno != EAGAIN) { - zlog_err("Error reading Label Manager response: %s", - strerror(errno)); + flog_err(ZEBRA_ERR_LM_RESPONSE, + "Error reading Label Manager response: %s", + strerror(errno)); return -1; } zlog_debug("Label Manager response received, %d bytes", size); @@ -101,7 +103,8 @@ static int relay_response_back(void) /* lookup the client to relay the msg to */ zserv = zserv_find_client(proto, instance); if (!zserv) { - zlog_err( + flog_err( + ZEBRA_ERR_LM_NO_SUCH_CLIENT, "Error relaying LM response: can't find client %s, instance %u", proto_str, instance); return -1; @@ -116,8 +119,9 @@ static int relay_response_back(void) /* send response back */ ret = writen(zserv->sock, dst->data, stream_get_endp(dst)); if (ret <= 0) { - zlog_err("Error relaying LM response to %s instance %u: %s", - proto_str, instance, strerror(errno)); + flog_err(ZEBRA_ERR_LM_RELAY_FAILED, + "Error relaying LM response to %s instance %u: %s", + proto_str, instance, strerror(errno)); return -1; } zlog_debug("Relayed LM response (%d bytes) to %s instance %u", ret, @@ -183,7 +187,8 @@ int zread_relay_label_manager_request(int cmd, struct zserv *zserv, unsigned short instance; if (zclient->sock < 0) { - zlog_err("Unable to relay LM request: no socket"); + flog_err(ZEBRA_ERR_LM_NO_SOCKET, + "Unable to relay LM request: no socket"); reply_error(cmd, zserv, vrf_id); return -1; } @@ -211,8 +216,9 @@ int zread_relay_label_manager_request(int cmd, struct zserv *zserv, /* check & set client instance if unset */ if (zserv->instance && zserv->instance != instance) { - zlog_err("Client instance(%u) != msg instance(%u)", - zserv->instance, instance); + flog_err(ZEBRA_ERR_LM_BAD_INSTANCE, + "Client instance(%u) != msg instance(%u)", + zserv->instance, instance); return -1; } @@ -233,8 +239,9 @@ int zread_relay_label_manager_request(int cmd, struct zserv *zserv, /* Send request to external label manager */ ret = writen(zclient->sock, dst->data, stream_get_endp(dst)); if (ret <= 0) { - zlog_err("Error relaying LM request from %s instance %u: %s", - proto_str, instance, strerror(errno)); + flog_err(ZEBRA_ERR_LM_RELAY_FAILED, + "Error relaying LM request from %s instance %u: %s", + proto_str, instance, strerror(errno)); reply_error(cmd, zserv, vrf_id); return -1; } @@ -262,7 +269,8 @@ static int lm_zclient_connect(struct thread *t) return 0; if (zclient_socket_connect(zclient) < 0) { - zlog_err("Error connecting synchronous zclient!"); + flog_err(ZEBRA_ERR_LM_CLIENT_CONNECTION_FAILED, + "Error connecting synchronous zclient!"); thread_add_timer(zebrad.master, lm_zclient_connect, zclient, CONNECTION_DELAY, &zclient->t_connect); return -1; @@ -384,8 +392,6 @@ struct label_manager_chunk *assign_label_chunk(uint8_t proto, } /* otherwise create a new one */ lmc = XCALLOC(MTYPE_LM_CHUNK, sizeof(struct label_manager_chunk)); - if (!lmc) - return NULL; if (list_isempty(lbl_mgr.lc_list)) lmc->start = MPLS_LABEL_UNRESERVED_MIN; @@ -395,8 +401,9 @@ struct label_manager_chunk *assign_label_chunk(uint8_t proto, ->end + 1; if (lmc->start > MPLS_LABEL_UNRESERVED_MAX - size + 1) { - zlog_err("Reached max labels. Start: %u, size: %u", lmc->start, - size); + flog_err(ZEBRA_ERR_LM_EXHAUSTED_LABELS, + "Reached max labels. Start: %u, size: %u", lmc->start, + size); XFREE(MTYPE_LM_CHUNK, lmc); return NULL; } @@ -434,7 +441,8 @@ int release_label_chunk(uint8_t proto, unsigned short instance, uint32_t start, if (lmc->end != end) continue; if (lmc->proto != proto || lmc->instance != instance) { - zlog_err("%s: Daemon mismatch!!", __func__); + flog_err(ZEBRA_ERR_LM_DAEMON_MISMATCH, + "%s: Daemon mismatch!!", __func__); continue; } lmc->proto = NO_PROTO; @@ -444,7 +452,8 @@ int release_label_chunk(uint8_t proto, unsigned short instance, uint32_t start, break; } if (ret != 0) - zlog_err("%s: Label chunk not released!!", __func__); + flog_err(ZEBRA_ERR_LM_UNRELEASED_CHUNK, + "%s: Label chunk not released!!", __func__); return ret; } diff --git a/zebra/main.c b/zebra/main.c index 4eeba8549a..5e7c69382f 100644 --- a/zebra/main.c +++ b/zebra/main.c @@ -39,6 +39,7 @@ #include "routemap.h" #include "frr_pthread.h" +#include "zebra/zebra_errors.h" #include "zebra/rib.h" #include "zebra/zserv.h" #include "zebra/debug.h" @@ -288,7 +289,8 @@ int main(int argc, char **argv) multipath_num = atoi(optarg); if (multipath_num > MULTIPATH_NUM || multipath_num <= 0) { - zlog_err( + flog_err( + ZEBRA_ERR_BAD_MULTIPATH_NUM, "Multipath Number specified must be less than %d and greater than 0", MULTIPATH_NUM); return 1; @@ -411,6 +413,9 @@ int main(int argc, char **argv) /* RNH init */ zebra_rnh_init(); + + /* Error init */ + zebra_error_init(); #if defined(HANDLE_ZAPI_FUZZING) if (zapi_fuzzing) { diff --git a/zebra/rt_socket.c b/zebra/rt_socket.c index 346699198f..c0ad87ce39 100644 --- a/zebra/rt_socket.c +++ b/zebra/rt_socket.c @@ -33,6 +33,7 @@ #include "log.h" #include "privs.h" #include "vxlan.h" +#include "lib_errors.h" #include "zebra/debug.h" #include "zebra/rib.h" @@ -211,7 +212,8 @@ static int kernel_rtm_ipv4(int cmd, const struct prefix *p, */ case ZEBRA_ERR_RTEXIST: if (cmd != RTM_ADD) - zlog_err( + flog_err( + LIB_ERR_SYSTEM_CALL, "%s: rtm_write() returned %d for command %d", __func__, error, cmd); continue; @@ -224,7 +226,8 @@ static int kernel_rtm_ipv4(int cmd, const struct prefix *p, case ZEBRA_ERR_RTNOEXIST: case ZEBRA_ERR_RTUNREACH: default: - zlog_err( + flog_err( + LIB_ERR_SYSTEM_CALL, "%s: %s: rtm_write() unexpectedly returned %d for command %s", __func__, prefix2str(p, prefix_buf, @@ -396,21 +399,19 @@ enum dp_req_result kernel_route_rib(struct route_node *rn, int route = 0; if (src_p && src_p->prefixlen) { - zlog_err("route add: IPv6 sourcedest routes unsupported!"); + zlog_warn("%s: IPv6 sourcedest routes unsupported!", __func__); return DP_REQUEST_FAILURE; } - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); + frr_elevate_privs(&zserv_privs) { - if (old) - route |= kernel_rtm(RTM_DELETE, p, old); + if (old) + route |= kernel_rtm(RTM_DELETE, p, old); - if (new) - route |= kernel_rtm(RTM_ADD, p, new); + if (new) + route |= kernel_rtm(RTM_ADD, p, new); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + } if (new) { kernel_route_rib_pass_fail( diff --git a/zebra/rtadv.c b/zebra/rtadv.c index 49ffcdd490..43dfca10e6 100644 --- a/zebra/rtadv.c +++ b/zebra/rtadv.c @@ -35,6 +35,7 @@ #include "privs.h" #include "vrf.h" #include "ns.h" +#include "lib_errors.h" #include "zebra/interface.h" #include "zebra/rtadv.h" @@ -123,7 +124,7 @@ static int rtadv_recv_packet(struct zebra_ns *zns, int sock, uint8_t *buf, if (ret < 0) return ret; - for (cmsgptr = ZCMSG_FIRSTHDR(&msg); cmsgptr != NULL; + for (cmsgptr = CMSG_FIRSTHDR(&msg); cmsgptr != NULL; cmsgptr = CMSG_NXTHDR(&msg, cmsgptr)) { /* I want interface index which this packet comes from. */ if (cmsgptr->cmsg_level == IPPROTO_IPV6 @@ -180,7 +181,7 @@ static void rtadv_send_packet(int sock, struct interface *ifp) adata = calloc(1, CMSG_SPACE(sizeof(struct in6_pktinfo))); if (adata == NULL) { - zlog_err( + zlog_warn( "rtadv_send_packet: can't malloc control data"); exit(-1); } @@ -362,7 +363,7 @@ static void rtadv_send_packet(int sock, struct interface *ifp) iov.iov_base = buf; iov.iov_len = len; - cmsgptr = ZCMSG_FIRSTHDR(&msg); + cmsgptr = CMSG_FIRSTHDR(&msg); cmsgptr->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); cmsgptr->cmsg_level = IPPROTO_IPV6; cmsgptr->cmsg_type = IPV6_PKTINFO; @@ -373,9 +374,10 @@ static void rtadv_send_packet(int sock, struct interface *ifp) ret = sendmsg(sock, &msg, 0); if (ret < 0) { - zlog_err("%s(%u): Tx RA failed, socket %u error %d (%s)", - ifp->name, ifp->ifindex, sock, errno, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, + "%s(%u): Tx RA failed, socket %u error %d (%s)", + ifp->name, ifp->ifindex, sock, errno, + safe_strerror(errno)); } else zif->ra_sent++; } @@ -624,19 +626,15 @@ static int rtadv_read(struct thread *thread) static int rtadv_make_socket(ns_id_t ns_id) { - int sock; + int sock = -1; int ret = 0; struct icmp6_filter filter; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("rtadv_make_socket: could not raise privs, %s", - safe_strerror(errno)); + frr_elevate_privs(&zserv_privs) { - sock = ns_socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6, ns_id); + sock = ns_socket(AF_INET6, SOCK_RAW, IPPROTO_ICMPV6, ns_id); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("rtadv_make_socket: could not lower privs, %s", - safe_strerror(errno)); + } if (sock < 0) { return -1; diff --git a/zebra/rule_socket.c b/zebra/rule_socket.c index ecd642d807..620410de04 100644 --- a/zebra/rule_socket.c +++ b/zebra/rule_socket.c @@ -29,6 +29,7 @@ #include "if.h" #include "prefix.h" #include "vrf.h" +#include "lib_errors.h" #include "zebra/zserv.h" #include "zebra/zebra_ns.h" @@ -43,13 +44,15 @@ enum dp_req_result kernel_add_pbr_rule(struct zebra_pbr_rule *rule) { - zlog_err("%s not Implemented for this platform", __PRETTY_FUNCTION__); + flog_err(LIB_ERR_UNAVAILABLE, "%s not Implemented for this platform", + __PRETTY_FUNCTION__); return DP_REQUEST_FAILURE; } enum dp_req_result kernel_del_pbr_rule(struct zebra_pbr_rule *rule) { - zlog_err("%s not Implemented for this platform", __PRETTY_FUNCTION__); + flog_err(LIB_ERR_UNAVAILABLE, "%s not Implemented for this platform", + __PRETTY_FUNCTION__); return DP_REQUEST_FAILURE; } diff --git a/zebra/subdir.am b/zebra/subdir.am index 73354ec38e..f44574b236 100644 --- a/zebra/subdir.am +++ b/zebra/subdir.am @@ -71,6 +71,7 @@ zebra_zebra_SOURCES = \ zebra/zebra_netns_notify.c \ zebra/table_manager.c \ zebra/zapi_msg.c \ + zebra/zebra_errors.c \ # end zebra/zebra_vty_clippy.c: $(CLIPPY_DEPS) @@ -115,6 +116,7 @@ noinst_HEADERS += \ zebra/zebra_netns_notify.h \ zebra/table_manager.h \ zebra/zapi_msg.h \ + zebra/zebra_errors.h \ # end zebra_zebra_irdp_la_SOURCES = \ diff --git a/zebra/table_manager.c b/zebra/table_manager.c index 5bcc2c40d6..43b5c7d59e 100644 --- a/zebra/table_manager.c +++ b/zebra/table_manager.c @@ -35,6 +35,7 @@ #include "zebra/zebra_vrf.h" #include "zebra/label_manager.h" /* for NO_PROTO */ #include "zebra/table_manager.h" +#include "zebra/zebra_errors.h" /* routing table identifiers * @@ -146,8 +147,9 @@ struct table_manager_chunk *assign_table_chunk(uint8_t proto, uint16_t instance, #endif /* SUNOS_5 */ tmc->start = start; if (RT_TABLE_ID_UNRESERVED_MAX - size + 1 < start) { - zlog_err("Reached max table id. Start/Size %u/%u", - start, size); + flog_err(ZEBRA_ERR_TM_EXHAUSTED_IDS, + "Reached max table id. Start/Size %u/%u", start, + size); XFREE(MTYPE_TM_CHUNK, tmc); return NULL; } @@ -184,7 +186,8 @@ int release_table_chunk(uint8_t proto, uint16_t instance, uint32_t start, if (tmc->end != end) continue; if (tmc->proto != proto || tmc->instance != instance) { - zlog_err("%s: Daemon mismatch!!", __func__); + flog_err(ZEBRA_ERR_TM_DAEMON_MISMATCH, + "%s: Daemon mismatch!!", __func__); continue; } tmc->proto = NO_PROTO; @@ -193,7 +196,8 @@ int release_table_chunk(uint8_t proto, uint16_t instance, uint32_t start, break; } if (ret != 0) - zlog_err("%s: Table chunk not released!!", __func__); + flog_err(ZEBRA_ERR_TM_UNRELEASED_CHUNK, + "%s: Table chunk not released!!", __func__); return ret; } diff --git a/zebra/zapi_msg.c b/zebra/zapi_msg.c index ad574d7e8b..008fc8f066 100644 --- a/zebra/zapi_msg.c +++ b/zebra/zapi_msg.c @@ -1058,7 +1058,8 @@ static void zread_rnh_register(ZAPI_HANDLER_ARGS) STREAM_GET(&p.u.prefix6, s, IPV6_MAX_BYTELEN); l += IPV6_MAX_BYTELEN; } else { - zlog_err( + flog_err( + ZEBRA_ERR_UNKNOWN_FAMILY, "rnh_register: Received unknown family type %d\n", p.family); return; @@ -1136,7 +1137,8 @@ static void zread_rnh_unregister(ZAPI_HANDLER_ARGS) STREAM_GET(&p.u.prefix6, s, IPV6_MAX_BYTELEN); l += IPV6_MAX_BYTELEN; } else { - zlog_err( + flog_err( + ZEBRA_ERR_UNKNOWN_FAMILY, "rnh_register: Received unknown family type %d\n", p.family); return; @@ -1172,7 +1174,8 @@ static void zread_fec_register(ZAPI_HANDLER_ARGS) * registration */ if (hdr->length < ZEBRA_MIN_FEC_LENGTH) { - zlog_err( + flog_err( + ZEBRA_ERR_IRDP_LEN_MISMATCH, "fec_register: Received a fec register of hdr->length %d, it is of insufficient size to properly decode", hdr->length); return; @@ -1183,7 +1186,8 @@ static void zread_fec_register(ZAPI_HANDLER_ARGS) memset(&p, 0, sizeof(p)); STREAM_GETW(s, p.family); if (p.family != AF_INET && p.family != AF_INET6) { - zlog_err( + flog_err( + ZEBRA_ERR_UNKNOWN_FAMILY, "fec_register: Received unknown family type %d\n", p.family); return; @@ -1230,7 +1234,8 @@ static void zread_fec_unregister(ZAPI_HANDLER_ARGS) * fec unregistration */ if (hdr->length < ZEBRA_MIN_FEC_LENGTH) { - zlog_err( + flog_err( + ZEBRA_ERR_IRDP_LEN_MISMATCH, "fec_unregister: Received a fec unregister of hdr->length %d, it is of insufficient size to properly decode", hdr->length); return; @@ -1244,7 +1249,8 @@ static void zread_fec_unregister(ZAPI_HANDLER_ARGS) memset(&p, 0, sizeof(p)); STREAM_GETW(s, p.family); if (p.family != AF_INET && p.family != AF_INET6) { - zlog_err( + flog_err( + ZEBRA_ERR_UNKNOWN_FAMILY, "fec_unregister: Received unknown family type %d\n", p.family); return; @@ -2376,8 +2382,9 @@ static void zread_table_manager_connect(struct zserv *client, /* accept only dynamic routing protocols */ if ((proto >= ZEBRA_ROUTE_MAX) || (proto <= ZEBRA_ROUTE_STATIC)) { - zlog_err("client %d has wrong protocol %s", client->sock, - zebra_route_string(proto)); + flog_err(ZEBRA_ERR_TM_WRONG_PROTO, + "client %d has wrong protocol %s", client->sock, + zebra_route_string(proto)); zsend_table_manager_connect_response(client, vrf_id, 1); return; } @@ -2415,8 +2422,9 @@ static void zread_label_manager_connect(struct zserv *client, /* accept only dynamic routing protocols */ if ((proto >= ZEBRA_ROUTE_MAX) || (proto <= ZEBRA_ROUTE_STATIC)) { - zlog_err("client %d has wrong protocol %s", client->sock, - zebra_route_string(proto)); + flog_err(ZEBRA_ERR_TM_WRONG_PROTO, + "client %d has wrong protocol %s", client->sock, + zebra_route_string(proto)); zsend_label_manager_connect_response(client, vrf_id, 1); return; } @@ -2444,14 +2452,16 @@ static int msg_client_id_mismatch(const char *op, struct zserv *client, uint8_t proto, unsigned int instance) { if (proto != client->proto) { - zlog_err("%s: msg vs client proto mismatch, client=%u msg=%u", - op, client->proto, proto); + flog_err(ZEBRA_ERR_PROTO_OR_INSTANCE_MISMATCH, + "%s: msg vs client proto mismatch, client=%u msg=%u", + op, client->proto, proto); /* TODO: fail when BGP sets proto and instance */ /* return 1; */ } if (instance != client->instance) { - zlog_err( + flog_err( + ZEBRA_ERR_PROTO_OR_INSTANCE_MISMATCH, "%s: msg vs client instance mismatch, client=%u msg=%u", op, client->instance, instance); /* TODO: fail when BGP sets proto and instance */ @@ -2486,7 +2496,8 @@ static void zread_get_label_chunk(struct zserv *client, struct stream *msg, lmc = assign_label_chunk(client->proto, client->instance, keep, size); if (!lmc) - zlog_err( + flog_err( + ZEBRA_ERR_LM_CANNOT_ASSIGN_CHUNK, "Unable to assign Label Chunk of size %u to %s instance %u", size, zebra_route_string(client->proto), client->instance); @@ -2544,7 +2555,8 @@ static void zread_label_manager_request(ZAPI_HANDLER_ARGS) else { /* Sanity: don't allow 'unidentified' requests */ if (!client->proto) { - zlog_err( + flog_err( + ZEBRA_ERR_LM_ALIENS, "Got label request from an unidentified client"); return; } @@ -2572,8 +2584,9 @@ static void zread_get_table_chunk(struct zserv *client, struct stream *msg, tmc = assign_table_chunk(client->proto, client->instance, size); if (!tmc) - zlog_err("%s: Unable to assign Table Chunk of size %u", - __func__, size); + flog_err(ZEBRA_ERR_TM_CANNOT_ASSIGN_CHUNK, + "%s: Unable to assign Table Chunk of size %u", + __func__, size); else zlog_debug("Assigned Table Chunk %u - %u", tmc->start, tmc->end); @@ -2610,7 +2623,8 @@ static void zread_table_manager_request(ZAPI_HANDLER_ARGS) else { /* Sanity: don't allow 'unidentified' requests */ if (!client->proto) { - zlog_err( + flog_err( + ZEBRA_ERR_TM_ALIENS, "Got table request from an unidentified client"); return; } @@ -3015,6 +3029,9 @@ void (*zserv_handlers[])(ZAPI_HANDLER_ARGS) = { [ZEBRA_BFD_DEST_UPDATE] = zebra_ptm_bfd_dst_register, [ZEBRA_BFD_DEST_REGISTER] = zebra_ptm_bfd_dst_register, [ZEBRA_BFD_DEST_DEREGISTER] = zebra_ptm_bfd_dst_deregister, +#if HAVE_BFDD > 0 + [ZEBRA_BFD_DEST_REPLAY] = zebra_ptm_bfd_dst_replay, +#endif /* HAVE_BFDD */ [ZEBRA_VRF_UNREGISTER] = zread_vrf_unregister, [ZEBRA_VRF_LABEL] = zread_vrf_label, [ZEBRA_BFD_CLIENT_REGISTER] = zebra_ptm_bfd_client_register, @@ -3070,12 +3087,13 @@ static void zserv_write_incoming(struct stream *orig, uint16_t command) copy = stream_dup(orig); stream_set_getp(copy, 0); - zserv_privs.change(ZPRIVS_RAISE); snprintf(fname, MAXPATHLEN, "%s/%u", DAEMON_VTY_DIR, command); - fd = open(fname, O_CREAT | O_WRONLY | O_EXCL, 0644); + + frr_elevate_privs(&zserv_privs) { + fd = open(fname, O_CREAT | O_WRONLY | O_EXCL, 0644); + } stream_flush(copy, fd); close(fd); - zserv_privs.change(ZPRIVS_LOWER); stream_free(copy); } #endif diff --git a/zebra/zapi_msg.h b/zebra/zapi_msg.h index 8289e33c6a..29fe59babf 100644 --- a/zebra/zapi_msg.h +++ b/zebra/zapi_msg.h @@ -28,6 +28,7 @@ #include "zebra/rib.h" #include "zebra/zserv.h" #include "zebra/zebra_pbr.h" +#include "zebra/zebra_errors.h" /* * This is called to process inbound ZAPI messages. diff --git a/zebra/zebra_errors.c b/zebra/zebra_errors.c new file mode 100644 index 0000000000..198e1cce23 --- /dev/null +++ b/zebra/zebra_errors.c @@ -0,0 +1,278 @@ +/* + * Zebra-specific error messages. + * Copyright (C) 2018 Cumulus Networks, Inc. + * Quentin Young + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; see the file COPYING; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#include <zebra.h> + +#include "lib/ferr.h" +#include "zebra_errors.h" + +/* clang-format off */ +static struct log_ref ferr_zebra_err[] = { + { + .code = ZEBRA_ERR_LM_RESPONSE, + .title = "Error reading response from label manager", + .description = "Zebra could not read the ZAPI header from the label manager", + .suggestion = "Wait for the error to resolve on its own. If it does not resolve, restart Zebra.", + }, + { + .code = ZEBRA_ERR_LM_NO_SUCH_CLIENT, + .title = "Label manager could not find ZAPI client", + .description = "Zebra was unable to find a ZAPI client matching the given protocol and instance number.", + .suggestion = "Ensure clients which use the label manager are properly configured and running.", + }, + { + .code = ZEBRA_ERR_LM_RELAY_FAILED, + .title = "Zebra could not relay label manager response", + .description = "Zebra found the client and instance to relay the label manager response or request to, but was not able to do so, possibly because the connection was closed.", + .suggestion = "Ensure clients which use the label manager are properly configured and running.", + }, + { + .code = ZEBRA_ERR_LM_BAD_INSTANCE, + .title = "Mismatch between ZAPI instance and encoded message instance", + .description = "While relaying a request to the external label manager, Zebra noticed that the instance number encoded in the message did not match the client instance number.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_LM_EXHAUSTED_LABELS, + .title = "Zebra label manager used all available labels", + .description = "Zebra is unable to assign additional label chunks because it has exhausted its assigned label range.", + .suggestion = "Make the label range bigger and restart Zebra.", + }, + { + .code = ZEBRA_ERR_LM_DAEMON_MISMATCH, + .title = "Daemon mismatch when releasing label chunks", + .description = "Zebra noticed a mismatch between a label chunk and a protocol daemon number or instance when releasing unused label chunks.", + .suggestion = "Ignore this error.", + }, + { + .code = ZEBRA_ERR_LM_UNRELEASED_CHUNK, + .title = "Zebra did not free any label chunks", + .description = "Zebra's chunk cleanup procedure ran, but no label chunks were released.", + .suggestion = "Ignore this error.", + }, + { + .code = ZEBRA_ERR_DP_INVALID_RC, + .title = "Dataplane returned invalid status code", + .description = "The underlying dataplane responded to a Zebra message or other interaction with an unrecognized, unknown or invalid status code.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_WQ_NONEXISTENT, + .title = "A necessary work queue does not exist.", + .description = "A necessary work queue does not exist.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_FEC_ADD_FAILED, + .title = "Failed to add FEC for MPLS client", + .description = "A client requested a label binding for a new FEC, but Zebra was unable to add the FEC to its internal table.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_FEC_RM_FAILED, + .title = "Failed to remove FEC for MPLS client", + .description = "Zebra was unable to find and remove a FEC in its internal table.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_IRDP_LEN_MISMATCH, + .title = "IRDP message length mismatch", + .description = "The length encoded in the IP TLV does not match the length of the packet received.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_RNH_UNKNOWN_FAMILY, + .title = "Attempted to perform nexthop update for unknown address family", + .description = "Zebra attempted to perform a nexthop update for unknown address family", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_DP_INSTALL_FAIL, + .title = "Dataplane installation failure", + .description = "Installation of routes to underlying dataplane failed.", + .suggestion = "Check all configuration parameters for correctness.", + }, + { + .code = ZEBRA_ERR_TABLE_LOOKUP_FAILED, + .title = "Zebra table lookup failed", + .description = "Zebra attempted to look up a table for a particular address family and subsequent address family, but didn't find anything.", + .suggestion = "If you entered a command to trigger this error, make sure you entered the arguments correctly. Check your config file for any potential errors. If these look correct, seek help.", + }, + { + .code = ZEBRA_ERR_NETLINK_NOT_AVAILABLE, + .title = "Netlink backend not available", + .description = "FRR was not compiled with support for Netlink. Any operations that require Netlink will fail.", + .suggestion = "Recompile FRR with Netlink, or install a package that supports this feature.", + }, + { + .code = ZEBRA_ERR_PROTOBUF_NOT_AVAILABLE, + .title = "Protocol Buffers backend not available", + .description = "FRR was not compiled with support for Protocol Buffers. Any operations that require Protobuf will fail.", + .suggestion = "Recompile FRR with Protobuf support, or install a package that supports this feature.", + }, + { + .code = ZEBRA_ERR_TM_EXHAUSTED_IDS, + .title = "Table manager used all available IDs", + .description = "Zebra's table manager used up all IDs available to it and can't assign any more.", + .suggestion = "Reconfigure Zebra with a larger range of table IDs.", + }, + { + .code = ZEBRA_ERR_TM_DAEMON_MISMATCH, + .title = "Daemon mismatch when releasing table chunks", + .description = "Zebra noticed a mismatch between a table ID chunk and a protocol daemon number instance when releasing unused table chunks.", + .suggestion = "Ignore this error.", + }, + { + .code = ZEBRA_ERR_TM_UNRELEASED_CHUNK, + .title = "Zebra did not free any table chunks", + .description = "Zebra's table chunk cleanup procedure ran, but no table chunks were released.", + .suggestion = "Ignore this error.", + }, + { + .code = ZEBRA_ERR_UNKNOWN_FAMILY, + .title = "Address family specifier unrecognized", + .description = "Zebra attempted to process information from somewhere that included an address family specifier, but did not recognize the provided specifier.", + .suggestion = "Ensure that your configuration is correct. If it is, notify a developer.", + }, + { + .code = ZEBRA_ERR_TM_WRONG_PROTO, + .title = "Incorrect protocol for table manager client", + .description = "Zebra's table manager only accepts connections from daemons managing dynamic routing protocols, but received a connection attempt from a daemon that does not meet this criterion.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_PROTO_OR_INSTANCE_MISMATCH, + .title = "Mismatch between message and client protocol and/or instance", + .description = "Zebra detected a mismatch between a client's protocol and/or instance numbers versus those stored in a message transiting its socket.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_LM_CANNOT_ASSIGN_CHUNK, + .title = "Label manager unable to assign label chunk", + .description = "Zebra's label manager was unable to assign a label chunk to client.", + .suggestion = "Ensure that Zebra has a sufficient label range available and that there is not a range collision.", + }, + { + .code = ZEBRA_ERR_LM_ALIENS, + .title = "Label request from unidentified client", + .description = "Zebra's label manager received a label request from an unidentified client.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_TM_CANNOT_ASSIGN_CHUNK, + .title = "Table manager unable to assign table chunk", + .description = "Zebra's table manager was unable to assign a table chunk to a client.", + .suggestion = "Ensure that Zebra has sufficient table ID range available and that there is not a range collision.", + }, + { + .code = ZEBRA_ERR_TM_ALIENS, + .title = "Table request from unidentified client", + .description = "Zebra's table manager received a table request from an unidentified client.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_RECVBUF, + .title = "Cannot set receive buffer size", + .description = "Socket receive buffer size could not be set in the kernel", + .suggestion = "Ignore this error.", + }, + { + .code = ZEBRA_ERR_UNKNOWN_NLMSG, + .title = "Unknown Netlink message type", + .description = "Zebra received a Netlink message with an unrecognized type field.", + .suggestion = "Verify that you are running the latest version of FRR to ensure kernel compatibility. If the problem persists, notify a developer.", + }, + { + .code = ZEBRA_ERR_RECVMSG_OVERRUN, + .title = "Receive buffer overrun", + .description = "The kernel's buffer for a socket has been overrun, rendering the socket invalid.", + .suggestion = "Zebra will restart itself. Notify a developer if this issue shows up frequently.", + }, + { + .code = ZEBRA_ERR_NETLINK_LENGTH_ERROR, + .title = "Netlink message length mismatch", + .description = "Zebra received a Netlink message with incorrect length fields.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_NETLINK_LENGTH_ERROR, + .title = "Netlink message length mismatch", + .description = "Zebra received a Netlink message with incorrect length fields.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_UNEXPECTED_MESSAGE, + .title = "Received unexpected response from kernel", + .description = "Received unexpected response from the kernel via Netlink.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_NETLINK_BAD_SEQUENCE, + .title = "Bad sequence number in Netlink message", + .description = "Zebra received a Netlink message with a bad sequence number.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_BAD_MULTIPATH_NUM, + .title = "Multipath number was out of valid range", + .description = "Multipath number specified to Zebra must be in the appropriate range", + .suggestion = "Provide a multipath number that is within its accepted range", + }, + { + .code = ZEBRA_ERR_PREFIX_PARSE_ERROR, + .title = "String could not be parsed as IP prefix", + .description = "There was an attempt to parse a string as an IPv4 or IPv6 prefix, but the string could not be parsed and this operation failed.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_MAC_ADD_FAILED, + .title = "Failed to add MAC address to interface", + .description = "Zebra attempted to assign a MAC address to a vxlan interface but failed", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_VNI_DEL_FAILED, + .title = "Failed to delete VNI", + .description = "Zebra attempted to delete a VNI entry and failed", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_VTEP_ADD_FAILED, + .title = "Adding remote VTEP failed", + .description = "Zebra attempted to add a remote VTEP and failed.", + .suggestion = "Notify a developer.", + }, + { + .code = ZEBRA_ERR_VNI_ADD_FAILED, + .title = "Adding VNI failed", + .description = "Zebra attempted to add a VNI hash to an interface and failed", + .suggestion = "Notify a developer.", + }, + { + .code = END_FERR, + } +}; +/* clang-format on */ + + +void zebra_error_init(void) +{ + log_ref_add(ferr_zebra_err); +} diff --git a/zebra/zebra_errors.h b/zebra/zebra_errors.h new file mode 100644 index 0000000000..f8a00bce0d --- /dev/null +++ b/zebra/zebra_errors.h @@ -0,0 +1,73 @@ +/* + * Zebra-specific error messages. + * Copyright (C) 2018 Cumulus Networks, Inc. + * Quentin Young + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along + * with this program; see the file COPYING; if not, write to the Free Software + * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + */ + +#ifndef __ZEBRA_ERRORS_H__ +#define __ZEBRA_ERRORS_H__ + +#include "lib/ferr.h" + +enum zebra_log_refs { + ZEBRA_ERR_LM_RESPONSE = ZEBRA_FERR_START, + ZEBRA_ERR_LM_NO_SUCH_CLIENT, + ZEBRA_ERR_LM_RELAY_FAILED, + ZEBRA_ERR_LM_NO_SOCKET, + ZEBRA_ERR_LM_BAD_INSTANCE, + ZEBRA_ERR_LM_RELAY_REQUEST_FAILED, + ZEBRA_ERR_LM_CLIENT_CONNECTION_FAILED, + ZEBRA_ERR_LM_EXHAUSTED_LABELS, + ZEBRA_ERR_LM_DAEMON_MISMATCH, + ZEBRA_ERR_LM_UNRELEASED_CHUNK, + ZEBRA_ERR_DP_INVALID_RC, + ZEBRA_ERR_WQ_NONEXISTENT, + ZEBRA_ERR_FEC_ADD_FAILED, + ZEBRA_ERR_FEC_RM_FAILED, + ZEBRA_ERR_IRDP_LEN_MISMATCH, + ZEBRA_ERR_RNH_UNKNOWN_FAMILY, + ZEBRA_ERR_DP_INSTALL_FAIL, + ZEBRA_ERR_TABLE_LOOKUP_FAILED, + ZEBRA_ERR_NETLINK_NOT_AVAILABLE, + ZEBRA_ERR_PROTOBUF_NOT_AVAILABLE, + ZEBRA_ERR_TM_EXHAUSTED_IDS, + ZEBRA_ERR_TM_DAEMON_MISMATCH, + ZEBRA_ERR_TM_UNRELEASED_CHUNK, + ZEBRA_ERR_UNKNOWN_FAMILY, + ZEBRA_ERR_TM_WRONG_PROTO, + ZEBRA_ERR_PROTO_OR_INSTANCE_MISMATCH, + ZEBRA_ERR_LM_CANNOT_ASSIGN_CHUNK, + ZEBRA_ERR_LM_ALIENS, + ZEBRA_ERR_TM_CANNOT_ASSIGN_CHUNK, + ZEBRA_ERR_TM_ALIENS, + ZEBRA_ERR_RECVBUF, + ZEBRA_ERR_UNKNOWN_NLMSG, + ZEBRA_ERR_RECVMSG_OVERRUN, + ZEBRA_ERR_NETLINK_LENGTH_ERROR, + ZEBRA_ERR_UNEXPECTED_MESSAGE, + ZEBRA_ERR_NETLINK_BAD_SEQUENCE, + ZEBRA_ERR_BAD_MULTIPATH_NUM, + ZEBRA_ERR_PREFIX_PARSE_ERROR, + ZEBRA_ERR_MAC_ADD_FAILED, + ZEBRA_ERR_VNI_DEL_FAILED, + ZEBRA_ERR_VTEP_ADD_FAILED, + ZEBRA_ERR_VNI_ADD_FAILED, +}; + +void zebra_error_init(void); + +#endif /* __ZEBRA_ERRORS_H__ */ diff --git a/zebra/zebra_fpm.c b/zebra/zebra_fpm.c index 9d3133f55b..1cb14abbf9 100644 --- a/zebra/zebra_fpm.c +++ b/zebra/zebra_fpm.c @@ -35,6 +35,7 @@ #include "zebra/zserv.h" #include "zebra/zebra_ns.h" #include "zebra/zebra_vrf.h" +#include "zebra/zebra_errors.h" #include "fpm/fpm.h" #include "zebra_fpm_private.h" @@ -1517,7 +1518,9 @@ static inline void zfpm_init_message_format(const char *format) if (!strcmp("netlink", format)) { if (!have_netlink) { - zlog_err("FPM netlink message format is not available"); + flog_err( + ZEBRA_ERR_NETLINK_NOT_AVAILABLE, + "FPM netlink message format is not available"); return; } zfpm_g->message_format = ZFPM_MSG_FORMAT_NETLINK; @@ -1526,7 +1529,8 @@ static inline void zfpm_init_message_format(const char *format) if (!strcmp("protobuf", format)) { if (!have_protobuf) { - zlog_err( + flog_err( + ZEBRA_ERR_PROTOBUF_NOT_AVAILABLE, "FPM protobuf message format is not available"); return; } diff --git a/zebra/zebra_mpls.c b/zebra/zebra_mpls.c index cfe208d35b..cd41537a1b 100644 --- a/zebra/zebra_mpls.c +++ b/zebra/zebra_mpls.c @@ -45,6 +45,7 @@ #include "zebra/zebra_memory.h" #include "zebra/zebra_vrf.h" #include "zebra/zebra_mpls.h" +#include "zebra/zebra_errors.h" DEFINE_MTYPE_STATIC(ZEBRA, LSP, "MPLS LSP object") DEFINE_MTYPE_STATIC(ZEBRA, FEC, "MPLS FEC object") @@ -550,8 +551,6 @@ static zebra_fec_t *fec_add(struct route_table *table, struct prefix *p, if (!fec) { fec = XCALLOC(MTYPE_FEC, sizeof(zebra_fec_t)); - if (!fec) - return NULL; rn->info = fec; fec->rn = rn; @@ -919,7 +918,9 @@ static wq_item_status lsp_process(struct work_queue *wq, void *data) UNSET_FLAG(lsp->flags, LSP_FLAG_CHANGED); switch (kernel_add_lsp(lsp)) { case DP_REQUEST_QUEUED: - zlog_err("No current DataPlane interfaces can return this, please fix"); + flog_err( + ZEBRA_ERR_DP_INVALID_RC, + "No current DataPlane interfaces can return this, please fix"); break; case DP_REQUEST_FAILURE: break; @@ -934,7 +935,9 @@ static wq_item_status lsp_process(struct work_queue *wq, void *data) switch (kernel_del_lsp(lsp)) { case DP_REQUEST_QUEUED: - zlog_err("No current DataPlane interfaces can return this, please fix"); + flog_err( + ZEBRA_ERR_DP_INVALID_RC, + "No current DataPlane interfaces can return this, please fix"); break; case DP_REQUEST_FAILURE: break; @@ -972,7 +975,9 @@ static wq_item_status lsp_process(struct work_queue *wq, void *data) switch (kernel_upd_lsp(lsp)) { case DP_REQUEST_QUEUED: - zlog_err("No current DataPlane interfaces can return this, please fix"); + flog_err( + ZEBRA_ERR_DP_INVALID_RC, + "No current DataPlane interfaces can return this, please fix"); break; case DP_REQUEST_FAILURE: break; @@ -1050,7 +1055,8 @@ static int lsp_processq_add(zebra_lsp_t *lsp) return 0; if (zebrad.lsp_process_q == NULL) { - zlog_err("%s: work_queue does not exist!", __func__); + flog_err(ZEBRA_ERR_WQ_NONEXISTENT, + "%s: work_queue does not exist!", __func__); return -1; } @@ -1181,8 +1187,6 @@ static zebra_nhlfe_t *nhlfe_add(zebra_lsp_t *lsp, enum lsp_types_t lsp_type, return NULL; nhlfe = XCALLOC(MTYPE_NHLFE, sizeof(zebra_nhlfe_t)); - if (!nhlfe) - return NULL; nhlfe->lsp = lsp; nhlfe->type = lsp_type; @@ -1694,7 +1698,8 @@ static int mpls_processq_init(struct zebra_t *zebra) { zebra->lsp_process_q = work_queue_new(zebra->master, "LSP processing"); if (!zebra->lsp_process_q) { - zlog_err("%s: could not initialise work queue!", __func__); + flog_err(ZEBRA_ERR_WQ_NONEXISTENT, + "%s: could not initialise work queue!", __func__); return -1; } @@ -1829,7 +1834,8 @@ int zebra_mpls_fec_register(struct zebra_vrf *zvrf, struct prefix *p, fec = fec_add(table, p, MPLS_INVALID_LABEL, 0, label_index); if (!fec) { prefix2str(p, buf, BUFSIZ); - zlog_err( + flog_err( + ZEBRA_ERR_FEC_ADD_FAILED, "Failed to add FEC %s upon register, client %s", buf, zebra_route_string(client->proto)); return -1; @@ -1909,8 +1915,9 @@ int zebra_mpls_fec_unregister(struct zebra_vrf *zvrf, struct prefix *p, fec = fec_find(table, p); if (!fec) { prefix2str(p, buf, BUFSIZ); - zlog_err("Failed to find FEC %s upon unregister, client %s", - buf, zebra_route_string(client->proto)); + flog_err(ZEBRA_ERR_FEC_RM_FAILED, + "Failed to find FEC %s upon unregister, client %s", + buf, zebra_route_string(client->proto)); return -1; } @@ -2040,7 +2047,8 @@ int zebra_mpls_static_fec_add(struct zebra_vrf *zvrf, struct prefix *p, MPLS_INVALID_LABEL_INDEX); if (!fec) { prefix2str(p, buf, BUFSIZ); - zlog_err("Failed to add FEC %s upon config", buf); + flog_err(ZEBRA_ERR_FEC_ADD_FAILED, + "Failed to add FEC %s upon config", buf); return -1; } @@ -2087,7 +2095,8 @@ int zebra_mpls_static_fec_del(struct zebra_vrf *zvrf, struct prefix *p) fec = fec_find(table, p); if (!fec) { prefix2str(p, buf, BUFSIZ); - zlog_err("Failed to find FEC %s upon delete", buf); + flog_err(ZEBRA_ERR_FEC_RM_FAILED, + "Failed to find FEC %s upon delete", buf); return -1; } diff --git a/zebra/zebra_mpls_openbsd.c b/zebra/zebra_mpls_openbsd.c index 412fe7d3dd..542de27e83 100644 --- a/zebra/zebra_mpls_openbsd.c +++ b/zebra/zebra_mpls_openbsd.c @@ -31,6 +31,7 @@ #include "prefix.h" #include "interface.h" #include "log.h" +#include "lib_errors.h" extern struct zebra_privs_t zserv_privs; @@ -116,14 +117,13 @@ static int kernel_send_rtmsg_v4(int action, mpls_label_t in_label, hdr.rtm_mpls = MPLS_OP_SWAP; } - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - ret = writev(kr_state.fd, iov, iovcnt); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ret = writev(kr_state.fd, iov, iovcnt); + } if (ret == -1) - zlog_err("%s: %s", __func__, safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, "%s: %s", __func__, + safe_strerror(errno)); return ret; } @@ -224,14 +224,13 @@ static int kernel_send_rtmsg_v6(int action, mpls_label_t in_label, hdr.rtm_mpls = MPLS_OP_SWAP; } - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - ret = writev(kr_state.fd, iov, iovcnt); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ret = writev(kr_state.fd, iov, iovcnt); + } if (ret == -1) - zlog_err("%s: %s", __func__, safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, "%s: %s", __func__, + safe_strerror(errno)); return ret; } @@ -360,8 +359,8 @@ static int kmpw_install(struct zebra_pw *pw) imr.imr_type = IMR_TYPE_ETHERNET_TAGGED; break; default: - zlog_err("%s: unhandled pseudowire type (%#X)", __func__, - pw->type); + zlog_warn("%s: unhandled pseudowire type (%#X)", __func__, + pw->type); return -1; } @@ -382,8 +381,8 @@ static int kmpw_install(struct zebra_pw *pw) sa_in6->sin6_addr = pw->nexthop.ipv6; break; default: - zlog_err("%s: unhandled pseudowire address-family (%u)", - __func__, pw->af); + zlog_warn("%s: unhandled pseudowire address-family (%u)", + __func__, pw->af); return -1; } memcpy(&imr.imr_nexthop, (struct sockaddr *)&ss, @@ -398,7 +397,8 @@ static int kmpw_install(struct zebra_pw *pw) strlcpy(ifr.ifr_name, pw->ifname, sizeof(ifr.ifr_name)); ifr.ifr_data = (caddr_t)&imr; if (ioctl(kr_state.ioctl_fd, SIOCSETMPWCFG, &ifr) == -1) { - zlog_err("ioctl SIOCSETMPWCFG: %s", safe_strerror(errno)); + flog_err_sys(LIB_ERR_SYSTEM_CALL, "ioctl SIOCSETMPWCFG: %s", + safe_strerror(errno)); return -1; } @@ -415,7 +415,8 @@ static int kmpw_uninstall(struct zebra_pw *pw) strlcpy(ifr.ifr_name, pw->ifname, sizeof(ifr.ifr_name)); ifr.ifr_data = (caddr_t)&imr; if (ioctl(kr_state.ioctl_fd, SIOCSETMPWCFG, &ifr) == -1) { - zlog_err("ioctl SIOCSETMPWCFG: %s", safe_strerror(errno)); + flog_err_sys(LIB_ERR_SYSTEM_CALL, "ioctl SIOCSETMPWCFG: %s", + safe_strerror(errno)); return -1; } diff --git a/zebra/zebra_netns_id.c b/zebra/zebra_netns_id.c index 96e6df34da..a3278c4780 100644 --- a/zebra/zebra_netns_id.c +++ b/zebra/zebra_netns_id.c @@ -22,6 +22,7 @@ #include "ns.h" #include "vrf.h" #include "log.h" +#include "lib_errors.h" #if defined(HAVE_NETLINK) @@ -34,7 +35,8 @@ #include "kernel_netlink.h" #endif /* defined(HAVE_NETLINK) */ -#include "zebra_netns_id.h" +#include "zebra/zebra_netns_id.h" +#include "zebra/zebra_errors.h" /* default NS ID value used when VRF backend is not NETNS */ #define NS_DEFAULT_INTERNAL 0 @@ -86,8 +88,8 @@ static int send_receive(int sock, struct nlmsghdr *nlh, unsigned int seq, ret = sendto(sock, (const void *)nlh, (size_t)nlh->nlmsg_len, 0, (struct sockaddr *)&snl, (socklen_t)sizeof(snl)); if (ret < 0) { - zlog_err("netlink( %u) sendmsg() error: %s", sock, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, "netlink( %u) sendmsg() error: %s", + sock, safe_strerror(errno)); return -1; } @@ -107,16 +109,20 @@ static int send_receive(int sock, struct nlmsghdr *nlh, unsigned int seq, }; ret = recvmsg(sock, &msg, 0); if (ret < 0) { - zlog_err("netlink recvmsg: error %d (errno %u)", ret, errno); + flog_err_sys(LIB_ERR_SOCKET, + "netlink recvmsg: error %d (errno %u)", ret, + errno); return -1; } if (msg.msg_flags & MSG_TRUNC) { - zlog_err("netlink recvmsg : error message truncated"); + flog_err(ZEBRA_ERR_NETLINK_LENGTH_ERROR, + "netlink recvmsg : error message truncated"); return -1; } /* nlh already points to buf */ if (nlh->nlmsg_seq != seq) { - zlog_err( + flog_err( + ZEBRA_ERR_NETLINK_BAD_SEQUENCE, "netlink recvmsg: bad sequence number %x (expected %x)", seq, nlh->nlmsg_seq); return -1; @@ -170,8 +176,8 @@ ns_id_t zebra_ns_id_get(const char *netnspath) /* netlink socket */ sock = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); if (sock < 0) { - zlog_err("netlink( %u) socket() error: %s", sock, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, "netlink( %u) socket() error: %s", + sock, safe_strerror(errno)); close(fd); return NS_UNKNOWN; } @@ -181,8 +187,9 @@ ns_id_t zebra_ns_id_get(const char *netnspath) snl.nl_pid = 0; /* AUTO PID */ ret = bind(sock, (struct sockaddr *)&snl, sizeof(snl)); if (ret < 0) { - zlog_err("netlink( %u) socket() bind error: %s", sock, - safe_strerror(errno)); + flog_err_sys(LIB_ERR_SOCKET, + "netlink( %u) socket() bind error: %s", sock, + safe_strerror(errno)); close(sock); close(fd); return NS_UNKNOWN; @@ -255,7 +262,8 @@ ns_id_t zebra_ns_id_get(const char *netnspath) if (ret <= 0) { if (errno != EEXIST && ret != 0) { - zlog_err( + flog_err( + LIB_ERR_SOCKET, "netlink( %u) recvfrom() error 2 when reading: %s", fd, safe_strerror(errno)); close(sock); diff --git a/zebra/zebra_netns_notify.c b/zebra/zebra_netns_notify.c index 2dd686fd0d..2b7bf04ec3 100644 --- a/zebra/zebra_netns_notify.c +++ b/zebra/zebra_netns_notify.c @@ -34,6 +34,7 @@ #include "ns.h" #include "command.h" #include "memory.h" +#include "lib_errors.h" #include "zserv.h" #include "zebra_memory.h" @@ -75,11 +76,9 @@ static void zebra_ns_notify_create_context_from_entry_name(const char *name) if (netnspath == NULL) return; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - ns_id = zebra_ns_id_get(netnspath); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ns_id = zebra_ns_id_get(netnspath); + } if (ns_id == NS_UNKNOWN) return; ns_id_external = ns_map_nsid_with_external(ns_id, true); @@ -96,12 +95,10 @@ static void zebra_ns_notify_create_context_from_entry_name(const char *name) ns_map_nsid_with_external(ns_id, false); return; } - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - ret = vrf_netns_handler_create(NULL, vrf, netnspath, - ns_id_external, ns_id); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ret = vrf_netns_handler_create(NULL, vrf, netnspath, + ns_id_external, ns_id); + } if (ret != CMD_SUCCESS) { zlog_warn("NS notify : failed to create NS %s", netnspath); ns_map_nsid_with_external(ns_id, false); @@ -168,20 +165,16 @@ static int zebra_ns_ready_read(struct thread *t) netnspath = zns_info->netnspath; if (--zns_info->retries == 0) stop_retry = 1; - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - err = ns_switch_to_netns(netnspath); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + err = ns_switch_to_netns(netnspath); + } if (err < 0) return zebra_ns_continue_read(zns_info, stop_retry); /* go back to default ns */ - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - err = ns_switchback_to_initial(); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + err = ns_switchback_to_initial(); + } if (err < 0) return zebra_ns_continue_read(zns_info, stop_retry); diff --git a/zebra/zebra_ns.c b/zebra/zebra_ns.c index 25e68cc081..456253cc30 100644 --- a/zebra/zebra_ns.c +++ b/zebra/zebra_ns.c @@ -26,6 +26,7 @@ #include "lib/logicalrouter.h" #include "lib/prefix.h" #include "lib/memory.h" +#include "lib/lib_errors.h" #include "rtadv.h" #include "zebra_ns.h" @@ -314,11 +315,9 @@ int zebra_ns_init(void) dzns = zebra_ns_alloc(); - if (zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); - ns_id = zebra_ns_id_get_default(); - if (zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); + frr_elevate_privs(&zserv_privs) { + ns_id = zebra_ns_id_get_default(); + } ns_id_external = ns_map_nsid_with_external(ns_id, true); ns_init_management(ns_id_external, ns_id); diff --git a/zebra/zebra_ptm.c b/zebra/zebra_ptm.c index 5975c4058b..b71234be04 100644 --- a/zebra/zebra_ptm.c +++ b/zebra/zebra_ptm.c @@ -19,25 +19,38 @@ */ #include <zebra.h> + #include <sys/un.h> /* for sockaddr_un */ #include <net/if.h> + +#include "bfd.h" +#include "buffer.h" +#include "command.h" +#include "if.h" +#include "network.h" +#include "ptm_lib.h" +#include "rib.h" +#include "stream.h" +#include "version.h" +#include "vrf.h" #include "vty.h" -#include "zebra/zserv.h" -#include "zebra/interface.h" + #include "zebra/debug.h" +#include "zebra/interface.h" +#include "zebra/zebra_errors.h" #include "zebra/zebra_ptm.h" -#include "if.h" -#include "command.h" -#include "stream.h" -#include "ptm_lib.h" -#include "network.h" -#include "buffer.h" #include "zebra/zebra_ptm_redistribute.h" -#include "bfd.h" -#include "vrf.h" -#include "rib.h" +#include "zebra/zserv.h" #include "zebra_vrf.h" -#include "version.h" + +/* + * Choose the BFD implementation that we'll use. + * + * There are two implementations: + * - PTM BFD: which uses an external daemon; + * - bfdd: FRR's own BFD daemon; + */ +#if HAVE_BFDD == 0 #define ZEBRA_PTM_RECONNECT_TIME_INITIAL 1 /* initial reconnect is 1s */ #define ZEBRA_PTM_RECONNECT_TIME_MAX 300 @@ -491,15 +504,17 @@ static int zebra_ptm_handle_bfd_msg(void *arg, void *in_ctxt, dest_str, src_str); if (str2prefix(dest_str, &dest_prefix) == 0) { - zlog_err("%s: Peer addr %s not found", __func__, dest_str); + flog_err(ZEBRA_ERR_PREFIX_PARSE_ERROR, + "%s: Peer addr %s not found", __func__, dest_str); return -1; } memset(&src_prefix, 0, sizeof(struct prefix)); if (strcmp(ZEBRA_PTM_INVALID_SRC_IP, src_str)) { if (str2prefix(src_str, &src_prefix) == 0) { - zlog_err("%s: Local addr %s not found", __func__, - src_str); + flog_err(ZEBRA_ERR_PREFIX_PARSE_ERROR, + "%s: Local addr %s not found", __func__, + src_str); return -1; } } @@ -593,8 +608,8 @@ static int zebra_ptm_handle_msg_cb(void *arg, void *in_ctxt) ifp = if_lookup_by_name_all_vrf(port_str); if (!ifp) { - zlog_err("%s: %s not found in interface list", __func__, - port_str); + zlog_warn("%s: %s not found in interface list", + __func__, port_str); return -1; } } @@ -1017,8 +1032,8 @@ int zebra_ptm_bfd_client_deregister(struct zserv *client) return 0; if (IS_ZEBRA_DEBUG_EVENT) - zlog_err("bfd_client_deregister msg for client %s", - zebra_route_string(proto)); + zlog_warn("bfd_client_deregister msg for client %s", + zebra_route_string(proto)); if (ptm_cb.ptm_sock == -1) { ptm_cb.t_timer = NULL; @@ -1141,3 +1156,432 @@ void zebra_ptm_if_write(struct vty *vty, struct zebra_if *zebra_ifp) if (zebra_ifp->ptm_enable == ZEBRA_IF_PTM_ENABLE_OFF) vty_out(vty, " no ptm-enable\n"); } + +#else /* HAVE_BFDD */ + +#include "zebra/zebra_memory.h" + +/* + * Data structures. + */ +struct ptm_process { + struct zserv *pp_zs; + pid_t pp_pid; + + TAILQ_ENTRY(ptm_process) pp_entry; +}; +TAILQ_HEAD(ppqueue, ptm_process) ppqueue; + +DEFINE_MTYPE_STATIC(ZEBRA, ZEBRA_PTM_BFD_PROCESS, + "PTM BFD process registration table."); + +/* + * Prototypes. + */ +static struct ptm_process *pp_new(pid_t pid, struct zserv *zs); +static struct ptm_process *pp_lookup_byzs(struct zserv *zs); +static void pp_free(struct ptm_process *pp); +static void pp_free_all(void); + +static void zebra_ptm_send_bfdd(struct stream *msg); +static void zebra_ptm_send_clients(struct stream *msg); +static int _zebra_ptm_bfd_client_deregister(struct zserv *zs); +static void _zebra_ptm_reroute(struct zserv *zs, struct stream *msg, + uint32_t command); + + +/* + * Process PID registration. + */ +static struct ptm_process *pp_new(pid_t pid, struct zserv *zs) +{ + struct ptm_process *pp; + +#ifdef PTM_DEBUG + /* Sanity check: more than one client can't have the same PID. */ + TAILQ_FOREACH(pp, &ppqueue, pp_entry) { + if (pp->pp_pid == pid && pp->pp_zs != zs) + zlog_err("%s:%d pid and client pointer doesn't match", + __FILE__, __LINE__); + } +#endif /* PTM_DEBUG */ + + /* Lookup for duplicates. */ + pp = pp_lookup_byzs(zs); + if (pp != NULL) + return pp; + + /* Allocate and register new process. */ + pp = XCALLOC(MTYPE_ZEBRA_PTM_BFD_PROCESS, sizeof(*pp)); + if (pp == NULL) + return NULL; + + pp->pp_pid = pid; + pp->pp_zs = zs; + TAILQ_INSERT_HEAD(&ppqueue, pp, pp_entry); + + return pp; +} + +static struct ptm_process *pp_lookup_byzs(struct zserv *zs) +{ + struct ptm_process *pp; + + TAILQ_FOREACH(pp, &ppqueue, pp_entry) { + if (pp->pp_zs != zs) + continue; + + break; + } + + return pp; +} + +static void pp_free(struct ptm_process *pp) +{ + if (pp == NULL) + return; + + TAILQ_REMOVE(&ppqueue, pp, pp_entry); + XFREE(MTYPE_ZEBRA_PTM_BFD_PROCESS, pp); +} + +static void pp_free_all(void) +{ + struct ptm_process *pp; + + while (!TAILQ_EMPTY(&ppqueue)) { + pp = TAILQ_FIRST(&ppqueue); + pp_free(pp); + } +} + + +/* + * Use the FRR's internal daemon implementation. + */ +static void zebra_ptm_send_bfdd(struct stream *msg) +{ + struct listnode *node; + struct zserv *client; + struct stream *msgc; + + /* Create copy for replication. */ + msgc = stream_dup(msg); + if (msgc == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + + /* Send message to all running BFDd daemons. */ + for (ALL_LIST_ELEMENTS_RO(zebrad.client_list, node, client)) { + if (client->proto != ZEBRA_ROUTE_BFD) + continue; + + zserv_send_message(client, msg); + + /* Allocate more messages. */ + msg = stream_dup(msgc); + if (msg == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + } + + stream_free(msgc); +} + +static void zebra_ptm_send_clients(struct stream *msg) +{ + struct listnode *node; + struct zserv *client; + struct stream *msgc; + + /* Create copy for replication. */ + msgc = stream_dup(msg); + if (msgc == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + + /* Send message to all running client daemons. */ + for (ALL_LIST_ELEMENTS_RO(zebrad.client_list, node, client)) { + switch (client->proto) { + case ZEBRA_ROUTE_BGP: + case ZEBRA_ROUTE_OSPF: + case ZEBRA_ROUTE_OSPF6: + case ZEBRA_ROUTE_PIM: + break; + + default: + /* NOTHING: skip this daemon. */ + continue; + } + + zserv_send_message(client, msg); + + /* Allocate more messages. */ + msg = stream_dup(msgc); + if (msg == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + } + + stream_free(msgc); +} + +static int _zebra_ptm_bfd_client_deregister(struct zserv *zs) +{ + struct stream *msg; + struct ptm_process *pp; + + /* Filter daemons that must receive this treatment. */ + switch (zs->proto) { + case ZEBRA_ROUTE_BGP: + case ZEBRA_ROUTE_OSPF: + case ZEBRA_ROUTE_OSPF6: + case ZEBRA_ROUTE_PIM: + break; + + case ZEBRA_ROUTE_BFD: + /* Don't try to send BFDd messages to itself. */ + return 0; + + default: + /* Unsupported daemon. */ + return 0; + } + + /* Find daemon pid by zebra connection pointer. */ + pp = pp_lookup_byzs(zs); + if (pp == NULL) { + zlog_err("%s:%d failed to find process pid registration", + __FILE__, __LINE__); + return -1; + } + + /* Generate, send message and free() daemon related data. */ + msg = stream_new(ZEBRA_MAX_PACKET_SIZ); + if (msg == NULL) { + zlog_warn("%s: not enough memory", __func__); + return 0; + } + + /* + * The message type will be BFD_DEST_REPLY so we can use only + * one callback at the `bfdd` side, however the real command + * number will be included right after the zebra header. + */ + zclient_create_header(msg, ZEBRA_BFD_DEST_REPLAY, 0); + stream_putl(msg, ZEBRA_BFD_CLIENT_DEREGISTER); + + /* Put process PID. */ + stream_putl(msg, pp->pp_pid); + + /* Update the data pointers. */ + stream_putw_at(msg, 0, stream_get_endp(msg)); + + zebra_ptm_send_bfdd(msg); + + pp_free(pp); + + return 0; +} + +void zebra_ptm_init(void) +{ + /* Initialize the ptm process information list. */ + TAILQ_INIT(&ppqueue); + + /* + * Send deregistration messages to BFD daemon when some other + * daemon closes. This will help avoid sending daemons + * unnecessary notification messages. + */ + hook_register(zserv_client_close, _zebra_ptm_bfd_client_deregister); +} + +void zebra_ptm_finish(void) +{ + /* Remove the client disconnect hook and free all memory. */ + hook_unregister(zserv_client_close, _zebra_ptm_bfd_client_deregister); + pp_free_all(); +} + + +/* + * Message handling. + */ +static void _zebra_ptm_reroute(struct zserv *zs, struct stream *msg, + uint32_t command) +{ + struct stream *msgc; + size_t zmsglen, zhdrlen; + pid_t ppid; + + /* + * Don't modify message in the zebra API. In order to do that we + * need to allocate a new message stream and copy the message + * provided by zebra. + */ + msgc = stream_new(ZEBRA_MAX_PACKET_SIZ); + if (msgc == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + + /* Calculate our header size plus the message contents. */ + zhdrlen = ZEBRA_HEADER_SIZE + sizeof(uint32_t); + zmsglen = msg->endp - msg->getp; + memcpy(msgc->data + zhdrlen, msg->data + msg->getp, zmsglen); + + /* + * The message type will be BFD_DEST_REPLY so we can use only + * one callback at the `bfdd` side, however the real command + * number will be included right after the zebra header. + */ + zclient_create_header(msgc, ZEBRA_BFD_DEST_REPLAY, 0); + stream_putl(msgc, command); + + /* Update the data pointers. */ + msgc->getp = 0; + msgc->endp = zhdrlen + zmsglen; + stream_putw_at(msgc, 0, stream_get_endp(msgc)); + + zebra_ptm_send_bfdd(msgc); + + /* Registrate process PID for shutdown hook. */ + STREAM_GETL(msg, ppid); + pp_new(ppid, zs); + + return; + +stream_failure: + zlog_err("%s:%d failed to registrate client pid", __FILE__, __LINE__); +} + +void zebra_ptm_bfd_dst_register(ZAPI_HANDLER_ARGS) +{ + if (IS_ZEBRA_DEBUG_EVENT) + zlog_debug("bfd_dst_register msg from client %s: length=%d", + zebra_route_string(client->proto), hdr->length); + + _zebra_ptm_reroute(client, msg, ZEBRA_BFD_DEST_REGISTER); +} + +void zebra_ptm_bfd_dst_deregister(ZAPI_HANDLER_ARGS) +{ + if (IS_ZEBRA_DEBUG_EVENT) + zlog_debug("bfd_dst_deregister msg from client %s: length=%d", + zebra_route_string(client->proto), hdr->length); + + _zebra_ptm_reroute(client, msg, ZEBRA_BFD_DEST_DEREGISTER); +} + +void zebra_ptm_bfd_client_register(ZAPI_HANDLER_ARGS) +{ + if (IS_ZEBRA_DEBUG_EVENT) + zlog_debug("bfd_client_register msg from client %s: length=%d", + zebra_route_string(client->proto), hdr->length); + + _zebra_ptm_reroute(client, msg, ZEBRA_BFD_CLIENT_REGISTER); +} + +void zebra_ptm_bfd_dst_replay(ZAPI_HANDLER_ARGS) +{ + struct stream *msgc; + size_t zmsglen, zhdrlen; + uint32_t cmd; + + /* + * NOTE: + * Replay messages with HAVE_BFDD are meant to be replayed to + * the client daemons. These messages are composed and + * originated from the `bfdd` daemon. + */ + if (IS_ZEBRA_DEBUG_EVENT) + zlog_debug("bfd_dst_update msg from client %s: length=%d", + zebra_route_string(client->proto), hdr->length); + + /* + * Client messages must be re-routed, otherwise do the `bfdd` + * special treatment. + */ + if (client->proto != ZEBRA_ROUTE_BFD) { + _zebra_ptm_reroute(client, msg, ZEBRA_BFD_DEST_REPLAY); + return; + } + + /* Figure out if this is an DEST_UPDATE or DEST_REPLAY. */ + if (stream_getl2(msg, &cmd) == false) { + zlog_err("%s: expected at least 4 bytes (command)", __func__); + return; + } + + /* + * Don't modify message in the zebra API. In order to do that we + * need to allocate a new message stream and copy the message + * provided by zebra. + */ + msgc = stream_new(ZEBRA_MAX_PACKET_SIZ); + if (msgc == NULL) { + zlog_warn("%s: not enough memory", __func__); + return; + } + + /* Calculate our header size plus the message contents. */ + if (cmd != ZEBRA_BFD_DEST_REPLAY) { + zhdrlen = ZEBRA_HEADER_SIZE; + zmsglen = msg->endp - msg->getp; + memcpy(msgc->data + zhdrlen, msg->data + msg->getp, zmsglen); + + zclient_create_header(msgc, cmd, zvrf_id(zvrf)); + + msgc->getp = 0; + msgc->endp = zhdrlen + zmsglen; + } else + zclient_create_header(msgc, cmd, zvrf_id(zvrf)); + + /* Update the data pointers. */ + stream_putw_at(msgc, 0, stream_get_endp(msgc)); + + zebra_ptm_send_clients(msgc); +} + +/* + * Unused functions. + */ +void zebra_ptm_if_init(struct zebra_if *zifp __attribute__((__unused__))) +{ + /* NOTHING */ +} + +int zebra_ptm_get_enable_state(void) +{ + return 1; +} + +void zebra_ptm_show_status(struct vty *vty __attribute__((__unused__)), + struct interface *ifp __attribute__((__unused__))) +{ + /* NOTHING */ +} + +void zebra_ptm_write(struct vty *vty __attribute__((__unused__))) +{ + /* NOTHING */ +} + +void zebra_ptm_if_write(struct vty *vty __attribute__((__unused__)), + struct zebra_if *zifp __attribute__((__unused__))) +{ + /* NOTHING */ +} +void zebra_ptm_if_set_ptm_state(struct interface *i __attribute__((__unused__)), + struct zebra_if *zi __attribute__((__unused__))) +{ + /* NOTHING */ +} + +#endif /* HAVE_BFDD */ diff --git a/zebra/zebra_ptm.h b/zebra/zebra_ptm.h index 0e55574a02..ada4f7b4f7 100644 --- a/zebra/zebra_ptm.h +++ b/zebra/zebra_ptm.h @@ -69,6 +69,9 @@ int zebra_ptm_get_enable_state(void); void zebra_ptm_bfd_dst_register(ZAPI_HANDLER_ARGS); void zebra_ptm_bfd_dst_deregister(ZAPI_HANDLER_ARGS); void zebra_ptm_bfd_client_register(ZAPI_HANDLER_ARGS); +#if HAVE_BFDD > 0 +void zebra_ptm_bfd_dst_replay(ZAPI_HANDLER_ARGS); +#endif /* HAVE_BFDD */ void zebra_ptm_show_status(struct vty *vty, struct interface *ifp); void zebra_ptm_if_init(struct zebra_if *zebra_ifp); diff --git a/zebra/zebra_pw.c b/zebra/zebra_pw.c index bf76f7e86b..c6db1463f2 100644 --- a/zebra/zebra_pw.c +++ b/zebra/zebra_pw.c @@ -308,15 +308,14 @@ void zebra_pw_exit(struct zebra_vrf *zvrf) DEFUN_NOSH (pseudowire_if, pseudowire_if_cmd, - "[no] pseudowire IFNAME", - NO_STR + "pseudowire IFNAME", "Static pseudowire configuration\n" "Pseudowire name\n") { struct zebra_vrf *zvrf; struct zebra_pw *pw; - int idx = 0; const char *ifname; + int idx = 0; zvrf = vrf_info_lookup(VRF_DEFAULT); if (!zvrf) @@ -324,19 +323,13 @@ DEFUN_NOSH (pseudowire_if, argv_find(argv, argc, "IFNAME", &idx); ifname = argv[idx]->arg; + pw = zebra_pw_find(zvrf, ifname); if (pw && pw->protocol != ZEBRA_ROUTE_STATIC) { vty_out(vty, "%% Pseudowire is not static\n"); return CMD_WARNING; } - if (argv_find(argv, argc, "no", &idx)) { - if (!pw) - return CMD_SUCCESS; - zebra_pw_del(zvrf, pw); - return CMD_SUCCESS; - } - if (!pw) pw = zebra_pw_add(zvrf, ifname, ZEBRA_ROUTE_STATIC, NULL); VTY_PUSH_CONTEXT(PW_NODE, pw); @@ -344,6 +337,37 @@ DEFUN_NOSH (pseudowire_if, return CMD_SUCCESS; } +DEFUN (no_pseudowire_if, + no_pseudowire_if_cmd, + "no pseudowire IFNAME", + NO_STR + "Static pseudowire configuration\n" + "Pseudowire name\n") +{ + struct zebra_vrf *zvrf; + struct zebra_pw *pw; + const char *ifname; + int idx = 0; + + zvrf = vrf_info_lookup(VRF_DEFAULT); + if (!zvrf) + return CMD_WARNING; + + argv_find(argv, argc, "IFNAME", &idx); + ifname = argv[idx]->arg; + + pw = zebra_pw_find(zvrf, ifname); + if (pw) { + if (pw->protocol != ZEBRA_ROUTE_STATIC) { + vty_out(vty, "%% Pseudowire is not static\n"); + return CMD_WARNING; + } + zebra_pw_del(zvrf, pw); + } + + return CMD_SUCCESS; +} + DEFUN (pseudowire_labels, pseudowire_labels_cmd, "[no] mpls label local (16-1048575) remote (16-1048575)", @@ -531,6 +555,7 @@ void zebra_pw_vty_init(void) install_default(PW_NODE); install_element(CONFIG_NODE, &pseudowire_if_cmd); + install_element(CONFIG_NODE, &no_pseudowire_if_cmd); install_element(PW_NODE, &pseudowire_labels_cmd); install_element(PW_NODE, &pseudowire_neighbor_cmd); install_element(PW_NODE, &pseudowire_control_word_cmd); diff --git a/zebra/zebra_rib.c b/zebra/zebra_rib.c index 18bd6b6cbe..b477cd4706 100644 --- a/zebra/zebra_rib.c +++ b/zebra/zebra_rib.c @@ -20,37 +20,38 @@ #include <zebra.h> -#include "if.h" -#include "prefix.h" -#include "table.h" -#include "memory.h" -#include "zebra_memory.h" #include "command.h" +#include "if.h" +#include "linklist.h" #include "log.h" #include "log_int.h" -#include "sockunion.h" -#include "linklist.h" -#include "thread.h" -#include "workqueue.h" +#include "memory.h" +#include "mpls.h" +#include "nexthop.h" +#include "prefix.h" #include "prefix.h" #include "routemap.h" -#include "nexthop.h" -#include "vrf.h" -#include "mpls.h" +#include "sockunion.h" #include "srcdest_table.h" +#include "table.h" +#include "thread.h" +#include "vrf.h" +#include "workqueue.h" +#include "zebra/connected.h" +#include "zebra/debug.h" +#include "zebra/interface.h" +#include "zebra/redistribute.h" #include "zebra/rib.h" #include "zebra/rt.h" +#include "zebra/zapi_msg.h" +#include "zebra/zebra_errors.h" +#include "zebra/zebra_memory.h" #include "zebra/zebra_ns.h" -#include "zebra/zebra_vrf.h" -#include "zebra/redistribute.h" -#include "zebra/zebra_routemap.h" -#include "zebra/debug.h" #include "zebra/zebra_rnh.h" -#include "zebra/interface.h" -#include "zebra/connected.h" +#include "zebra/zebra_routemap.h" +#include "zebra/zebra_vrf.h" #include "zebra/zebra_vxlan.h" -#include "zebra/zapi_msg.h" DEFINE_HOOK(rib_update, (struct route_node * rn, const char *reason), (rn, reason)) @@ -1125,10 +1126,14 @@ void rib_install_kernel(struct route_node *rn, struct route_entry *re, hook_call(rib_update, rn, "installing in kernel"); switch (kernel_route_rib(rn, p, src_p, old, re)) { case DP_REQUEST_QUEUED: - zlog_err("No current known DataPlane interfaces can return this, please fix"); + flog_err( + ZEBRA_ERR_DP_INVALID_RC, + "No current known DataPlane interfaces can return this, please fix"); break; case DP_REQUEST_FAILURE: - zlog_err("No current known Rib Install Failure cases, please fix"); + flog_err( + ZEBRA_ERR_DP_INSTALL_FAIL, + "No current known Rib Install Failure cases, please fix"); break; case DP_REQUEST_SUCCESS: zvrf->installs++; @@ -1161,10 +1166,14 @@ void rib_uninstall_kernel(struct route_node *rn, struct route_entry *re) hook_call(rib_update, rn, "uninstalling from kernel"); switch (kernel_route_rib(rn, p, src_p, re, NULL)) { case DP_REQUEST_QUEUED: - zlog_err("No current known DataPlane interfaces can return this, please fix"); + flog_err( + ZEBRA_ERR_DP_INVALID_RC, + "No current known DataPlane interfaces can return this, please fix"); break; case DP_REQUEST_FAILURE: - zlog_err("No current known RIB Install Failure cases, please fix"); + flog_err( + ZEBRA_ERR_DP_INSTALL_FAIL, + "No current known RIB Install Failure cases, please fix"); break; case DP_REQUEST_SUCCESS: if (zvrf) @@ -1936,7 +1945,8 @@ void rib_queue_add(struct route_node *rn) } if (zebrad.ribq == NULL) { - zlog_err("%s: work_queue does not exist!", __func__); + flog_err(ZEBRA_ERR_WQ_NONEXISTENT, + "%s: work_queue does not exist!", __func__); return; } @@ -1965,7 +1975,6 @@ static struct meta_queue *meta_queue_new(void) unsigned i; new = XCALLOC(MTYPE_WORK_QUEUE, sizeof(struct meta_queue)); - assert(new); for (i = 0; i < MQ_SIZE; i++) { new->subq[i] = list_new(); @@ -1992,7 +2001,8 @@ static void rib_queue_init(struct zebra_t *zebra) if (!(zebra->ribq = work_queue_new(zebra->master, "route_node processing"))) { - zlog_err("%s: could not initialise work queue!", __func__); + flog_err(ZEBRA_ERR_WQ_NONEXISTENT, + "%s: could not initialise work queue!", __func__); return; } @@ -2005,7 +2015,8 @@ static void rib_queue_init(struct zebra_t *zebra) zebra->ribq->spec.hold = ZEBRA_RIB_PROCESS_HOLD_TIME; if (!(zebra->mq = meta_queue_new())) { - zlog_err("%s: could not initialise meta queue!", __func__); + flog_err(ZEBRA_ERR_WQ_NONEXISTENT, + "%s: could not initialise meta queue!", __func__); return; } return; @@ -2232,8 +2243,9 @@ void rib_lookup_and_dump(struct prefix_ipv4 *p, vrf_id_t vrf_id) /* Lookup table. */ table = zebra_vrf_table(AFI_IP, SAFI_UNICAST, vrf_id); if (!table) { - zlog_err("%s:%u zebra_vrf_table() returned NULL", - __func__, vrf_id); + flog_err(ZEBRA_ERR_TABLE_LOOKUP_FAILED, + "%s:%u zebra_vrf_table() returned NULL", __func__, + vrf_id); return; } @@ -2279,8 +2291,9 @@ void rib_lookup_and_pushup(struct prefix_ipv4 *p, vrf_id_t vrf_id) rib_dest_t *dest; if (NULL == (table = zebra_vrf_table(AFI_IP, SAFI_UNICAST, vrf_id))) { - zlog_err("%s:%u zebra_vrf_table() returned NULL", - __func__, vrf_id); + flog_err(ZEBRA_ERR_TABLE_LOOKUP_FAILED, + "%s:%u zebra_vrf_table() returned NULL", __func__, + vrf_id); return; } @@ -2355,7 +2368,6 @@ int rib_add_multipath(afi_t afi, safi_t safi, struct prefix *p, /* Lookup route node.*/ rn = srcdest_rnode_get(table, p, src_p); - zlog_debug("Distance: %d", re->distance); /* * If same type of route are installed, treat it as a implicit * withdraw. @@ -2387,7 +2399,6 @@ int rib_add_multipath(afi_t afi, safi_t safi, struct prefix *p, break; } - zlog_debug("same: %p distance: %d", same, same ? same->distance : -1); /* If this route is kernel route, set FIB flag to the route. */ if (RIB_SYSTEM_ROUTE(re)) for (nexthop = re->ng.nexthop; nexthop; nexthop = nexthop->next) diff --git a/zebra/zebra_rnh.c b/zebra/zebra_rnh.c index 453f08a183..156600c105 100644 --- a/zebra/zebra_rnh.c +++ b/zebra/zebra_rnh.c @@ -47,6 +47,7 @@ #include "zebra/zebra_routemap.h" #include "zebra/interface.h" #include "zebra/zebra_memory.h" +#include "zebra/zebra_errors.h" static void free_state(vrf_id_t vrf_id, struct route_entry *re, struct route_node *rn); @@ -857,8 +858,9 @@ static int send_client(struct rnh *rnh, struct zserv *client, rnh_type_t type, stream_put(s, &rn->p.u.prefix6, IPV6_MAX_BYTELEN); break; default: - zlog_err("%s: Unknown family (%d) notification attempted\n", - __FUNCTION__, rn->p.family); + flog_err(ZEBRA_ERR_RNH_UNKNOWN_FAMILY, + "%s: Unknown family (%d) notification attempted\n", + __FUNCTION__, rn->p.family); break; } if (re) { diff --git a/zebra/zebra_routemap.c b/zebra/zebra_routemap.c index 0b48e87b1b..fc17ee3491 100644 --- a/zebra/zebra_routemap.c +++ b/zebra/zebra_routemap.c @@ -1098,9 +1098,6 @@ static void *route_match_address_prefix_len_compile(const char *arg) prefix_len = XMALLOC(MTYPE_ROUTE_MAP_COMPILED, sizeof(uint32_t)); - if (!prefix_len) - return prefix_len; - *prefix_len = tmpval; return prefix_len; } diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c index 4955f3f77c..d979be4a36 100644 --- a/zebra/zebra_vxlan.c +++ b/zebra/zebra_vxlan.c @@ -22,33 +22,34 @@ #include <zebra.h> +#include "hash.h" #include "if.h" -#include "prefix.h" -#include "table.h" -#include "memory.h" -#include "log.h" +#include "jhash.h" #include "linklist.h" +#include "log.h" +#include "memory.h" +#include "prefix.h" #include "stream.h" -#include "hash.h" -#include "jhash.h" +#include "table.h" #include "vlan.h" #include "vxlan.h" #ifdef GNU_LINUX #include <linux/neighbour.h> #endif +#include "zebra/debug.h" +#include "zebra/interface.h" #include "zebra/rib.h" #include "zebra/rt.h" +#include "zebra/rt_netlink.h" +#include "zebra/zebra_errors.h" +#include "zebra/zebra_l2.h" +#include "zebra/zebra_memory.h" #include "zebra/zebra_ns.h" -#include "zebra/zserv.h" -#include "zebra/debug.h" -#include "zebra/interface.h" #include "zebra/zebra_vrf.h" -#include "zebra/rt_netlink.h" -#include "zebra/zebra_vxlan_private.h" #include "zebra/zebra_vxlan.h" -#include "zebra/zebra_memory.h" -#include "zebra/zebra_l2.h" +#include "zebra/zebra_vxlan_private.h" +#include "zebra/zserv.h" DEFINE_MTYPE_STATIC(ZEBRA, HOST_PREFIX, "host prefix"); DEFINE_MTYPE_STATIC(ZEBRA, ZVNI, "VNI hash"); @@ -1492,14 +1493,13 @@ static void zvni_process_neigh_on_local_mac_del(zebra_vni_t *zvni, zvni_neigh_send_del_to_client(zvni->vni, &n->ip, &n->emac, 0); } - } else if (CHECK_FLAG(n->flags, ZEBRA_NEIGH_REMOTE)) { - if (IS_ZEBRA_DEBUG_VXLAN) - zlog_err( - "local MAC %s getting deleted on VNI %u has remote neigh %s", - prefix_mac2str(&n->emac, buf, - sizeof(buf)), - zvni->vni, - ipaddr2str(&n->ip, buf2, sizeof(buf2))); + } else if (CHECK_FLAG(n->flags, ZEBRA_NEIGH_REMOTE) + && IS_ZEBRA_DEBUG_VXLAN) { + zlog_debug( + "local MAC %s getting deleted on VNI %u has remote neigh %s", + prefix_mac2str(&n->emac, buf, sizeof(buf)), + zvni->vni, + ipaddr2str(&n->ip, buf2, sizeof(buf2))); } } } @@ -1543,14 +1543,13 @@ static void zvni_process_neigh_on_remote_mac_del(zebra_vni_t *zvni, char buf2[INET6_ADDRSTRLEN]; for (ALL_LIST_ELEMENTS_RO(zmac->neigh_list, node, n)) { - if (CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL)) { - if (IS_ZEBRA_DEBUG_VXLAN) - zlog_err( - "remote MAC %s getting deleted on VNI %u has local neigh %s", - prefix_mac2str(&n->emac, buf, - sizeof(buf)), - zvni->vni, - ipaddr2str(&n->ip, buf2, sizeof(buf2))); + if (CHECK_FLAG(n->flags, ZEBRA_NEIGH_LOCAL) + && IS_ZEBRA_DEBUG_VXLAN) { + zlog_debug( + "remote MAC %s getting deleted on VNI %u has local neigh %s", + prefix_mac2str(&n->emac, buf, sizeof(buf)), + zvni->vni, + ipaddr2str(&n->ip, buf2, sizeof(buf2))); } } } @@ -1628,8 +1627,8 @@ static int zvni_neigh_uninstall(zebra_vni_t *zvni, zebra_neigh_t *n) return 0; if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p couldn't be uninstalled - no intf", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p couldn't be uninstalled - no intf", + zvni->vni, zvni); return -1; } @@ -1803,9 +1802,10 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, if (!mac) { mac = zvni_mac_add(zvni, macaddr); if (!mac) { - zlog_err("Failed to add MAC %s intf %s(%u) VID %u", - prefix_mac2str(macaddr, buf, sizeof(buf)), - ifp->name, ifp->ifindex, vxl->access_vlan); + flog_err(ZEBRA_ERR_MAC_ADD_FAILED, + "Failed to add MAC %s intf %s(%u) VID %u", + prefix_mac2str(macaddr, buf, sizeof(buf)), + ifp->name, ifp->ifindex, vxl->access_vlan); return -1; } } @@ -1822,7 +1822,8 @@ static int zvni_gw_macip_add(struct interface *ifp, zebra_vni_t *zvni, if (!n) { n = zvni_neigh_add(zvni, ip, macaddr); if (!n) { - zlog_err( + flog_err( + ZEBRA_ERR_MAC_ADD_FAILED, "Failed to add neighbor %s MAC %s intf %s(%u) -> VNI %u", ipaddr2str(ip, buf2, sizeof(buf2)), prefix_mac2str(macaddr, buf, sizeof(buf)), @@ -1875,9 +1876,9 @@ static int zvni_gw_macip_del(struct interface *ifp, zebra_vni_t *zvni, /* mac entry should be present */ mac = zvni_mac_lookup(zvni, &n->emac); if (!mac) { - zlog_err("MAC %s doesnt exists for neigh %s on VNI %u", - prefix_mac2str(&n->emac, buf1, sizeof(buf1)), - ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); + zlog_warn("MAC %s doesnt exists for neigh %s on VNI %u", + prefix_mac2str(&n->emac, buf1, sizeof(buf1)), + ipaddr2str(ip, buf2, sizeof(buf2)), zvni->vni); return -1; } @@ -2085,7 +2086,8 @@ static int zvni_local_neigh_update(zebra_vni_t *zvni, /* New neighbor - create */ n = zvni_neigh_add(zvni, ip, macaddr); if (!n) { - zlog_err( + flog_err( + ZEBRA_ERR_MAC_ADD_FAILED, "Failed to add neighbor %s MAC %s intf %s(%u) -> VNI %u", ipaddr2str(ip, buf2, sizeof(buf2)), prefix_mac2str(macaddr, buf, sizeof(buf)), @@ -2156,10 +2158,11 @@ static int zvni_remote_neigh_update(zebra_vni_t *zvni, */ zmac = zvni_mac_lookup(zvni, macaddr); if (!zmac || !CHECK_FLAG(zmac->flags, ZEBRA_MAC_REMOTE)) { - zlog_err("Ignore remote neigh %s (MAC %s) on L2-VNI %u - MAC unknown or local", - ipaddr2str(&n->ip, buf2, sizeof(buf2)), - prefix_mac2str(macaddr, buf, sizeof(buf)), - zvni->vni); + zlog_warn( + "Ignore remote neigh %s (MAC %s) on L2-VNI %u - MAC unknown or local", + ipaddr2str(&n->ip, buf2, sizeof(buf2)), + prefix_mac2str(macaddr, buf, sizeof(buf)), + zvni->vni); return -1; } @@ -2588,8 +2591,8 @@ static int zvni_mac_uninstall(zebra_vni_t *zvni, zebra_mac_t *mac, int local) return 0; if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p couldn't be uninstalled - no intf", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p couldn't be uninstalled - no intf", + zvni->vni, zvni); return -1; } @@ -2918,7 +2921,7 @@ static void zvni_build_hash_table() /* VNI hash entry is not expected to exist. */ zvni = zvni_lookup(vni); if (zvni) { - zlog_err( + zlog_warn( "VNI hash already present for IF %s(%u) L2-VNI %u", ifp->name, ifp->ifindex, vni); continue; @@ -2926,7 +2929,7 @@ static void zvni_build_hash_table() zvni = zvni_add(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to add VNI hash, IF %s(%u) L2-VNI %u", ifp->name, ifp->ifindex, vni); return; @@ -2985,10 +2988,6 @@ static zebra_vtep_t *zvni_vtep_add(zebra_vni_t *zvni, struct in_addr *vtep_ip) zebra_vtep_t *zvtep; zvtep = XCALLOC(MTYPE_ZVNI_VTEP, sizeof(zebra_vtep_t)); - if (!zvtep) { - zlog_err("Failed to alloc VTEP entry, VNI %u", zvni->vni); - return NULL; - } zvtep->vtep_ip = *vtep_ip; @@ -3053,8 +3052,8 @@ static int zvni_vtep_install(zebra_vni_t *zvni, struct in_addr *vtep_ip) static int zvni_vtep_uninstall(zebra_vni_t *zvni, struct in_addr *vtep_ip) { if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p couldn't be uninstalled - no intf", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p couldn't be uninstalled - no intf", + zvni->vni, zvni); return -1; } @@ -3248,7 +3247,7 @@ static int zl3vni_rmac_uninstall(zebra_l3vni_t *zl3vni, zebra_mac_t *zrmac) return 0; if (!zl3vni->vxlan_if) { - zlog_err( + zlog_warn( "RMAC %s on L3-VNI %u hash %p couldn't be uninstalled - no vxlan_if", prefix_mac2str(&zrmac->macaddr, buf, sizeof(buf)), zl3vni->vni, zl3vni); @@ -3904,8 +3903,9 @@ static int zebra_vxlan_handle_vni_transition(struct zebra_vrf *zvrf, vni_t vni, /* Delete the hash entry. */ if (zvni_del(zvni)) { - zlog_err("Failed to del VNI hash %p, VNI %u", zvni, - zvni->vni); + flog_err(ZEBRA_ERR_VNI_DEL_FAILED, + "Failed to del VNI hash %p, VNI %u", zvni, + zvni->vni); return -1; } } else { @@ -4924,7 +4924,7 @@ int zebra_vxlan_handle_kernel_neigh_del(struct interface *ifp, return 0; if (!zvni->vxlan_if) { - zlog_err( + zlog_warn( "VNI %u hash %p doesn't have intf upon local neighbor DEL", zvni->vni, zvni); return -1; @@ -4943,7 +4943,7 @@ int zebra_vxlan_handle_kernel_neigh_del(struct interface *ifp, zmac = zvni_mac_lookup(zvni, &n->emac); if (!zmac) { if (IS_ZEBRA_DEBUG_VXLAN) - zlog_err( + zlog_warn( "Trying to del a neigh %s without a mac %s on VNI %u", ipaddr2str(ip, buf, sizeof(buf)), prefix_mac2str(&n->emac, buf2, sizeof(buf2)), @@ -5090,7 +5090,7 @@ void zebra_vxlan_remote_macip_del(ZAPI_HANDLER_ARGS) } ifp = zvni->vxlan_if; if (!ifp) { - zlog_err( + zlog_warn( "VNI %u hash %p doesn't have intf upon remote MACIP DEL", vni, zvni); continue; @@ -5117,9 +5117,9 @@ void zebra_vxlan_remote_macip_del(ZAPI_HANDLER_ARGS) n = zvni_neigh_lookup(zvni, &ip); if (n && !mac) { - zlog_err("Failed to locate MAC %s for neigh %s VNI %u", - prefix_mac2str(&macaddr, buf, sizeof(buf)), - ipaddr2str(&ip, buf1, sizeof(buf1)), vni); + zlog_warn("Failed to locate MAC %s for neigh %s VNI %u", + prefix_mac2str(&macaddr, buf, sizeof(buf)), + ipaddr2str(&ip, buf1, sizeof(buf1)), vni); continue; } @@ -5133,7 +5133,7 @@ void zebra_vxlan_remote_macip_del(ZAPI_HANDLER_ARGS) /* Ignore the delete if this mac is a gateway mac-ip */ if (mac && CHECK_FLAG(mac->flags, ZEBRA_MAC_LOCAL) && CHECK_FLAG(mac->flags, ZEBRA_MAC_DEF_GW)) { - zlog_err( + zlog_warn( "%u: Ignore Del for MAC %s neigh %s on VNI %u as it is configured as a default gateway", zvrf_id(zvrf), prefix_mac2str(&macaddr, buf, sizeof(buf)), @@ -5252,14 +5252,14 @@ void zebra_vxlan_remote_macip_add(ZAPI_HANDLER_ARGS) /* Locate VNI hash entry - expected to exist. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to locate VNI hash upon remote MACIP ADD, VNI %u", vni); continue; } ifp = zvni->vxlan_if; if (!ifp) { - zlog_err( + zlog_warn( "VNI %u hash %p doesn't have intf upon remote MACIP add", vni, zvni); continue; @@ -5279,7 +5279,8 @@ void zebra_vxlan_remote_macip_add(ZAPI_HANDLER_ARGS) zvtep = zvni_vtep_find(zvni, &vtep_ip); if (!zvtep) { if (zvni_vtep_add(zvni, &vtep_ip) == NULL) { - zlog_err( + flog_err( + ZEBRA_ERR_VTEP_ADD_FAILED, "Failed to add remote VTEP, VNI %u zvni %p", vni, zvni); continue; @@ -5552,8 +5553,8 @@ int zebra_vxlan_local_mac_del(struct interface *ifp, struct interface *br_if, if (!zvni) return 0; if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p doesn't have intf upon local MAC DEL", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p doesn't have intf upon local MAC DEL", + zvni->vni, zvni); return -1; } @@ -5620,8 +5621,8 @@ int zebra_vxlan_local_mac_add_update(struct interface *ifp, } if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p doesn't have intf upon local MAC ADD", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p doesn't have intf upon local MAC ADD", + zvni->vni, zvni); return -1; } @@ -5686,9 +5687,10 @@ int zebra_vxlan_local_mac_add_update(struct interface *ifp, if (!mac) { mac = zvni_mac_add(zvni, macaddr); if (!mac) { - zlog_err("Failed to add MAC %s intf %s(%u) VID %u", - prefix_mac2str(macaddr, buf, sizeof(buf)), - ifp->name, ifp->ifindex, vid); + flog_err(ZEBRA_ERR_MAC_ADD_FAILED, + "Failed to add MAC %s intf %s(%u) VID %u", + prefix_mac2str(macaddr, buf, sizeof(buf)), + ifp->name, ifp->ifindex, vid); return -1; } } @@ -5738,8 +5740,8 @@ void zebra_vxlan_remote_vtep_del(ZAPI_HANDLER_ARGS) } if (zvrf_id(zvrf) != VRF_DEFAULT) { - zlog_err("Recv MACIP DEL for non-default VRF %u", - zvrf_id(zvrf)); + zlog_warn("Recv MACIP DEL for non-default VRF %u", + zvrf_id(zvrf)); return; } @@ -5770,7 +5772,7 @@ void zebra_vxlan_remote_vtep_del(ZAPI_HANDLER_ARGS) ifp = zvni->vxlan_if; if (!ifp) { - zlog_err( + zlog_warn( "VNI %u hash %p doesn't have intf upon remote VTEP DEL", zvni->vni, zvni); continue; @@ -5822,8 +5824,8 @@ void zebra_vxlan_remote_vtep_add(ZAPI_HANDLER_ARGS) } if (zvrf_id(zvrf) != VRF_DEFAULT) { - zlog_err("Recv MACIP ADD for non-default VRF %u", - zvrf_id(zvrf)); + zlog_warn("Recv MACIP ADD for non-default VRF %u", + zvrf_id(zvrf)); return; } @@ -5844,7 +5846,8 @@ void zebra_vxlan_remote_vtep_add(ZAPI_HANDLER_ARGS) /* Locate VNI hash entry - expected to exist. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + flog_err( + ZEBRA_ERR_VTEP_ADD_FAILED, "Failed to locate VNI hash upon remote VTEP ADD, VNI %u", vni); continue; @@ -5852,7 +5855,8 @@ void zebra_vxlan_remote_vtep_add(ZAPI_HANDLER_ARGS) ifp = zvni->vxlan_if; if (!ifp) { - zlog_err( + flog_err( + ZEBRA_ERR_VTEP_ADD_FAILED, "VNI %u hash %p doesn't have intf upon remote VTEP ADD", zvni->vni, zvni); continue; @@ -5870,8 +5874,9 @@ void zebra_vxlan_remote_vtep_add(ZAPI_HANDLER_ARGS) continue; if (zvni_vtep_add(zvni, &vtep_ip) == NULL) { - zlog_err("Failed to add remote VTEP, VNI %u zvni %p", - vni, zvni); + flog_err(ZEBRA_ERR_VTEP_ADD_FAILED, + "Failed to add remote VTEP, VNI %u zvni %p", + vni, zvni); continue; } @@ -5922,8 +5927,8 @@ int zebra_vxlan_add_del_gw_macip(struct interface *ifp, struct prefix *p, svi_if = if_lookup_by_index_per_ns(zebra_ns_lookup(NS_DEFAULT), ifp_zif->link_ifindex); if (!svi_if) { - zlog_err("MACVLAN %s(%u) without link information", - ifp->name, ifp->ifindex); + zlog_warn("MACVLAN %s(%u) without link information", + ifp->name, ifp->ifindex); return -1; } @@ -5970,8 +5975,8 @@ int zebra_vxlan_add_del_gw_macip(struct interface *ifp, struct prefix *p, return 0; if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p doesn't have intf upon MACVLAN up", - zvni->vni, zvni); + zlog_warn("VNI %u hash %p doesn't have intf upon MACVLAN up", + zvni->vni, zvni); return -1; } @@ -6067,8 +6072,9 @@ int zebra_vxlan_svi_up(struct interface *ifp, struct interface *link_if) return 0; if (!zvni->vxlan_if) { - zlog_err("VNI %u hash %p doesn't have intf upon SVI up", - zvni->vni, zvni); + zlog_warn( + "VNI %u hash %p doesn't have intf upon SVI up", + zvni->vni, zvni); return -1; } @@ -6129,7 +6135,7 @@ int zebra_vxlan_if_down(struct interface *ifp) /* Locate hash entry; it is expected to exist. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to locate VNI hash at DOWN, IF %s(%u) VNI %u", ifp->name, ifp->ifindex, vni); return -1; @@ -6195,7 +6201,7 @@ int zebra_vxlan_if_up(struct interface *ifp) /* Locate hash entry; it is expected to exist. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to locate VNI hash at UP, IF %s(%u) VNI %u", ifp->name, ifp->ifindex, vni); return -1; @@ -6266,7 +6272,7 @@ int zebra_vxlan_if_del(struct interface *ifp) /* Locate hash entry; it is expected to exist. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to locate VNI hash at del, IF %s(%u) VNI %u", ifp->name, ifp->ifindex, vni); return 0; @@ -6289,8 +6295,9 @@ int zebra_vxlan_if_del(struct interface *ifp) /* Delete the hash entry. */ if (zvni_del(zvni)) { - zlog_err("Failed to del VNI hash %p, IF %s(%u) VNI %u", - zvni, ifp->name, ifp->ifindex, zvni->vni); + flog_err(ZEBRA_ERR_VNI_DEL_FAILED, + "Failed to del VNI hash %p, IF %s(%u) VNI %u", + zvni, ifp->name, ifp->ifindex, zvni->vni); return -1; } } @@ -6376,7 +6383,7 @@ int zebra_vxlan_if_update(struct interface *ifp, uint16_t chgflags) /* Update VNI hash. */ zvni = zvni_lookup(vni); if (!zvni) { - zlog_err( + zlog_warn( "Failed to find L2-VNI hash on update, IF %s(%u) VNI %u", ifp->name, ifp->ifindex, vni); return -1; @@ -6504,7 +6511,8 @@ int zebra_vxlan_if_add(struct interface *ifp) if (!zvni) { zvni = zvni_add(vni); if (!zvni) { - zlog_err( + flog_err( + ZEBRA_ERR_VNI_ADD_FAILED, "Failed to add VNI hash, IF %s(%u) VNI %u", ifp->name, ifp->ifindex, vni); return -1; @@ -6707,8 +6715,8 @@ void zebra_vxlan_advertise_subnet(ZAPI_HANDLER_ARGS) struct interface *vlan_if = NULL; if (zvrf_id(zvrf) != VRF_DEFAULT) { - zlog_err("EVPN GW-MACIP Adv for non-default VRF %u", - zvrf_id(zvrf)); + zlog_warn("EVPN GW-MACIP Adv for non-default VRF %u", + zvrf_id(zvrf)); return; } @@ -6770,8 +6778,8 @@ void zebra_vxlan_advertise_gw_macip(ZAPI_HANDLER_ARGS) struct interface *ifp = NULL; if (zvrf_id(zvrf) != VRF_DEFAULT) { - zlog_err("EVPN GW-MACIP Adv for non-default VRF %u", - zvrf_id(zvrf)); + zlog_warn("EVPN GW-MACIP Adv for non-default VRF %u", + zvrf_id(zvrf)); return; } @@ -6875,7 +6883,7 @@ void zebra_vxlan_advertise_all_vni(ZAPI_HANDLER_ARGS) struct zebra_ns *zns = NULL; if (zvrf_id(zvrf) != VRF_DEFAULT) { - zlog_err("EVPN VNI Adv for non-default VRF %u", zvrf_id(zvrf)); + zlog_warn("EVPN VNI Adv for non-default VRF %u", zvrf_id(zvrf)); return; } diff --git a/zebra/zserv.c b/zebra/zserv.c index f76c2fabd6..174e010743 100644 --- a/zebra/zserv.c +++ b/zebra/zserv.c @@ -54,6 +54,7 @@ #include "lib/zclient.h" /* for zmsghdr, ZEBRA_HEADER_SIZE, ZEBRA... */ #include "lib/frr_pthread.h" /* for frr_pthread_new, frr_pthread_stop... */ #include "lib/frratomic.h" /* for atomic_load_explicit, atomic_stor... */ +#include "lib/lib_errors.h" /* for generic ferr ids */ #include "zebra/debug.h" /* for various debugging macros */ #include "zebra/rib.h" /* for rib_score_proto */ @@ -786,15 +787,14 @@ void zserv_start(char *path) unlink(suna->sun_path); } - zserv_privs.change(ZPRIVS_RAISE); - setsockopt_so_recvbuf(zebrad.sock, 1048576); - setsockopt_so_sendbuf(zebrad.sock, 1048576); - zserv_privs.change(ZPRIVS_LOWER); - - if (sa.ss_family != AF_UNIX && zserv_privs.change(ZPRIVS_RAISE)) - zlog_err("Can't raise privileges"); + frr_elevate_privs(&zserv_privs) { + setsockopt_so_recvbuf(zebrad.sock, 1048576); + setsockopt_so_sendbuf(zebrad.sock, 1048576); + } - ret = bind(zebrad.sock, (struct sockaddr *)&sa, sa_len); + frr_elevate_privs((sa.ss_family != AF_UNIX) ? &zserv_privs : NULL) { + ret = bind(zebrad.sock, (struct sockaddr *)&sa, sa_len); + } if (ret < 0) { zlog_warn("Can't bind zserv socket on %s: %s", path, safe_strerror(errno)); @@ -804,8 +804,6 @@ void zserv_start(char *path) zebrad.sock = -1; return; } - if (sa.ss_family != AF_UNIX && zserv_privs.change(ZPRIVS_LOWER)) - zlog_err("Can't lower privileges"); ret = listen(zebrad.sock, 5); if (ret < 0) { |