summaryrefslogtreecommitdiffstats
path: root/tools/frrinit.sh.in (unfollow)
Commit message (Collapse)AuthorFilesLines
2023-10-10zebra: Free nexthop_groupKeelan101-0/+1
`ng` was not properly freed, leading to a memory leak. The commit calls `nexthop_group_delete` to free memory associated with `ng`. The ASan leak log for reference: ``` *********************************************************************************** Address Sanitizer Error detected in isis_topo1.test_isis_topo1/r5.asan.zebra.24308 ================================================================= ==24308==ERROR: LeakSanitizer: detected memory leaks Direct leak of 32 byte(s) in 1 object(s) allocated from: #0 0x7f4f47b43d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28) #1 0x7f4f4753c0a8 in qcalloc lib/memory.c:105 #2 0x7f4f47559526 in nexthop_group_new lib/nexthop_group.c:270 #3 0x562ded6a39d4 in zebra_add_import_table_entry zebra/redistribute.c:681 #4 0x562ded787c35 in rib_link zebra/zebra_rib.c:3972 #5 0x562ded787c35 in rib_addnode zebra/zebra_rib.c:3993 #6 0x562ded787c35 in process_subq_early_route_add zebra/zebra_rib.c:2860 #7 0x562ded787c35 in process_subq_early_route zebra/zebra_rib.c:3138 #8 0x562ded787c35 in process_subq zebra/zebra_rib.c:3178 #9 0x562ded787c35 in meta_queue_process zebra/zebra_rib.c:3228 #10 0x7f4f475f7118 in work_queue_run lib/workqueue.c:266 #11 0x7f4f475dc7f2 in event_call lib/event.c:1969 #12 0x7f4f4751f347 in frr_run lib/libfrr.c:1213 #13 0x562ded69e818 in main zebra/main.c:486 #14 0x7f4f468ffc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86) Indirect leak of 152 byte(s) in 1 object(s) allocated from: #0 0x7f4f47b43d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28) #1 0x7f4f4753c0a8 in qcalloc lib/memory.c:105 #2 0x7f4f475510ad in nexthop_new lib/nexthop.c:376 #3 0x7f4f475539c5 in nexthop_dup lib/nexthop.c:914 #4 0x7f4f4755b27a in copy_nexthops lib/nexthop_group.c:444 #5 0x562ded6a3a1c in zebra_add_import_table_entry zebra/redistribute.c:682 #6 0x562ded787c35 in rib_link zebra/zebra_rib.c:3972 #7 0x562ded787c35 in rib_addnode zebra/zebra_rib.c:3993 #8 0x562ded787c35 in process_subq_early_route_add zebra/zebra_rib.c:2860 #9 0x562ded787c35 in process_subq_early_route zebra/zebra_rib.c:3138 #10 0x562ded787c35 in process_subq zebra/zebra_rib.c:3178 #11 0x562ded787c35 in meta_queue_process zebra/zebra_rib.c:3228 #12 0x7f4f475f7118 in work_queue_run lib/workqueue.c:266 #13 0x7f4f475dc7f2 in event_call lib/event.c:1969 #14 0x7f4f4751f347 in frr_run lib/libfrr.c:1213 #15 0x562ded69e818 in main zebra/main.c:486 #16 0x7f4f468ffc86 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21c86) SUMMARY: AddressSanitizer: 184 byte(s) leaked in 2 allocation(s). *********************************************************************************** ``` Signed-off-by: Keelan Cannoo <keelan.cannoo@icloud.com>
2023-10-09zebra: Prevent leaking ctx memory in err conditionRajasekar Raja1-0/+1
When netlink_link_change() errors out for a new link for interface without MTU set, the allocated ctx is not freed.. Adding code for correctness Ticket# 3628313 Signed-off-by: Rajasekar Raja <rajasekarr@nvidia.com>
2023-10-07doc: replace commands list with header fileanlan_cs1-291/+1
Signed-off-by: anlan_cs <anlan_cs@tom.com>
2023-10-07*: remove ZEBRA_INTERFACE_VRF_UPDATEanlan_cs16-246/+5
Currently when one interface changes its VRF, zebra will send these messages to all daemons in *order*: 1) `ZEBRA_INTERFACE_DELETE` ( notify them delete from old VRF ) 2) `ZEBRA_INTERFACE_VRF_UPDATE` ( notify them move from old to new VRF ) 3) `ZEBRA_INTERFACE_ADD` ( notify them added into new VRF ) When daemons deal with `VRF_UPDATE`, they use `zebra_interface_vrf_update_read()->if_lookup_by_name()` to check the interface exist or not in old VRF. This check will always return *NULL* because `DELETE` ( deleted from old VRF ) is already done, so can't find this interface in old VRF. Send `VRF_UPDATE` is redundant and unuseful. `DELETE` and `ADD` are enough, they will deal with RB tree, so don't send this `VRF_UPDATE` message when vrf changes. Since all daemons have good mechanism to deal with changing vrf, and don't use this `VRF_UPDATE` mechanism. So, it is safe to completely remove all the code with `VRF_UPDATE`. Signed-off-by: anlan_cs <anlan_cs@tom.com>
2023-10-06zebra: add zclient to iprules keyMark Stapp1-7/+15
Include a zclient value in the hash and tree key computations for iprules in zebra: clients may collide without this. Signed-off-by: Mark Stapp <mjs@labn.net>
2023-10-06isisd: remove redundant northbound destroy callbacksIgor Ryzhov3-84/+0
Fixes startup warnings: ``` ISIS: [ZKB8W-3S2Q4][EC 100663330] unneeded 'destroy' callback for '/frr-isisd:isis/instance/segment-routing-srv6/msd/node-msd/max-segs-left' ISIS: [ZKB8W-3S2Q4][EC 100663330] unneeded 'destroy' callback for '/frr-isisd:isis/instance/segment-routing-srv6/msd/node-msd/max-end-pop' ISIS: [ZKB8W-3S2Q4][EC 100663330] unneeded 'destroy' callback for '/frr-isisd:isis/instance/segment-routing-srv6/msd/node-msd/max-h-encaps' ISIS: [ZKB8W-3S2Q4][EC 100663330] unneeded 'destroy' callback for '/frr-isisd:isis/instance/segment-routing-srv6/msd/node-msd/max-end-d' ``` Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2023-10-05lib,*: add vrf id to pbr rule results zapi messageMark Stapp3-1/+12
The iprule/pbr rule object has a vrf id, and zebra uses that internally, but the vrf id isn't returned to clients who install rules and are waiting for results. Include the vrf_id sent by the client in the zapi result notification message; update the existing clients so they decode the id. Signed-off-by: Mark Stapp <mjs@labn.net>
2023-10-05bgpd: Drop redundant assignment for aspath segment type and lengthDonatas Abraitis1-2/+0
They are already initialized via assegment_new(). Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-10-05tests: locate nhg id from json output in all_proto_startupMark Stapp1-3/+17
Don't hard-code a sharpd nhg id: those values aren't stable if the daemons/protos/route-types change. Use json show output to find the id in the 'resilient' nhg test case in the all_protocol_startup suite. Signed-off-by: Mark Stapp <mjs@labn.net>
2023-10-04staticd: Memory leak of string in staticdDonald Sharp1-5/+8
XSTRDUP and then calling strsep mangles the pointer returned by XSTRDUP. Keep a copy of the orig and when we are done, free that instead. Signed-off-by: Donald Sharp <sharpd@nvidia.com>
2023-10-04pimd: Indicating the rp in the msdp sa messageAdriano Marto Reis2-3/+25
Indicating the configured PIM Rendezvous Point (RP) in the MSDP SA message The RFC-3618, section 12.2.1, describes the fields included in the MSDP SA message. The "RP address" field is "the address of the RP in the domain the source has become active in". In the most common case, we will establish an MSDP connection from RP to RP. However, there are cases where we want to establish a MSDP connection from an interface/address that is not the RP. Section 3 of RFC-3618 describes that scenario as "intermediate MSDP peer". Moreover, the RP could be another router in the PIM domain - not the one establishing the MSDP connection. The current implementation could be problematic even with a single router per PIM domain. Consider the following scenario: * There are two PIM domains, each one with a single router. * The two routers are connected via two independent networks. Let's say that is to provide redundancy. * The routers are configured to establish two MSDP connections, one on each network (redundancy again). * A multicast source becomes active on the router 1. It will be communicated to router 2 via two independent MSDP SA messages, one per MSDP connection. * Without these changes, each MSDP SA message will indicate a different RP. * Both RP addresses will pass the RPF check, and both MSDP sources will be accepted. * If the router has clients interested in that multicast group, it will send PIM Join messages to both RPs and start receiving the multicast traffic from both. With the changes included in this commit, the multicast source available in router 1 would still be communicated to router 2 twice. But both MSDP SA messages would indicate the same RP, and one of them would be discarded due to failure in the RPF-check failure. Also, the changes allow us to define the RP that will be included in the MSDP SA message, and it could be one of the interfaces used to establish the MSDP connection, some other interface on the router, a loopback interface, or another router in the PIM domain. These changes should not create compatibility issues. As I mentioned, we usually establish MSDP connections from RP to RP. In this case, the result will be the same. We would still indicate the address used to establish the MSDP connection if the RP is not set - I wonder if that should even be a valid configuration. Signed-off-by: Adriano Marto Reis <adrianomarto@gmail.com>
2023-10-03bgpd: Add guards for zlog_debug when setting GTSM for the peerDonatas Abraitis1-3/+6
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-10-03ospfd: a possible fix for TAINTED_SCALAR coverity issuesMahdi Varasteh1-11/+22
Signed-off-by: Mahdi Varasteh <varasteh@amnesh.ir>
2023-10-02topotests: add bgp_large_comm_list_match testPhilippe Guibert8-0/+245
Add a topotest to check for proper functioning of the bgp large community list match operation under a route-map. Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
2023-10-02bgpd: add 'match community-list any' functionPhilippe Guibert15-71/+281
There is no match mechanism to match one community from the incoming community-list. Add the 'any' keyword to the 'match route-map' command of communit-list and large-community-list. > match community-list AAA any > match large-community-list AAA any Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
2023-10-01doc: adjust protocol command values for zebraanlan_cs1-223/+291
Adjust protocol command values for zebra based on latest code. Also, expand the field width to fit the length. Signed-off-by: anlan_cs <anlan_cs@tom.com>
2023-09-29zebra: be more careful removing 'installed' flag from nhgsMark Stapp1-2/+7
When interface addresses change, we examine nhgs associated with the interface in case they need to be reinstalled. As part of that, we may need to reinstall ecmp nhgs that use the interface being examined - but not always. Signed-off-by: Mark Stapp <mjs@labn.net>
2023-09-29tests: Make sure we have a valid FRRouting software version stringDonatas Abraitis1-1/+1
It can't begin with anything else, otherwise something is broken on the wire. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-29bgpd: Validate maximum length of software version when handling via dynamic capsDonatas Abraitis1-17/+36
We should not allow exceeding the stream's length, and also software version can't be larger than 64 bytes. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-29*: Do not cast to the same type as the destination isDonatas Abraitis8-23/+22
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-29zebra: delete label chunk upon releasefmihoub6WIND1-6/+7
In zebra/label_manager.c the releasing of the label chunk is done by disowning the chunk to the system. The presence of this system label chunk will cause label assignment to fail for this use case example: label chunk ospf: 300-320 label chunk system: 510-520 label chunk isis: 1200-1300 Then we try to allocate the chunk 500-530, we get this error: "Allocation of mpls label chunk [500/530] failed" The error is raised when the below condition is true: /* if chunk is used, cannot honor request */ if (lmc->proto != NO_PROTO) return NULL; Delete the label chunk instead of disowning it when the label releasing is done. Signed-off-by: Farid MIHOUB <farid.mihoub@6wind.com>
2023-09-29zebra: dump label table informationfmihoub6WIND3-0/+34
Add the new command "show debugging labeltable" to show allocated label chunks in the label table managed with label_manager.c Signed-off-by: Farid Mihoub <farid.mihoub@6wind.com> Signed-off-by: Philippe Guibert <philippe.guibert@6wind.com>
2023-09-29zebra: Drop new lines from zlog_debug for dpdk debug messagesDonatas Abraitis1-2/+2
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-29lib: use XREALLOC over realloc avoid coverity warningChristian Hopps1-6/+4
I believe coverity is complaining that the current code does not handle the realloc fail case, in which case the original pointer is not freed, but NULL is returned. The code assert()s it's not failed but that is not strong enough it needs to abort which XREALLOC does and is a better integration into FRR-inrfa anyway. Signed-off-by: Christian Hopps <chopps@labn.net>
2023-09-28bgpd: fix printing link state ospf opaque dataLouis Scalbert1-9/+2
Fix printing link state ospf opaque data. pnt address was not moving in the loop. Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28doc: add debian 12 build docs to toctreeQuentin Young1-0/+1
Not reachable without this Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28doc: remove northbound _sidebar definitionQuentin Young2-22/+7
This ain't a wiki But retain the ordering set up in the _sidebar in the RST index Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28doc: couple nbapi doc cleanupsQuentin Young1-17/+20
* Fix block quote & rfc link * Fix note block re: libyang dependencies Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28doc: fixup nbapi doc imagesQuentin Young8-46/+35
Pulled from web hosting into repo, all figure blocks updated. Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28bgpd: fix insecure data write with area addressesLouis Scalbert1-0/+5
Fix an issue where an attacker may inject a tainted length value to corrupt the memory. > CID 1568380 (#1 of 1): Untrusted value as argument (TAINTED_SCALAR) > 9. tainted_data: Passing tainted expression length to bgp_linkstate_nlri_value_display, which uses it as an offset Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28bgpd: fix insecure data write with ip addressesLouis Scalbert1-2/+4
Fix issues where an attacker may inject a tainted length value to corrupt the memory. > CID 1568378 (#1-6 of 6): Untrusted value as argument (TAINTED_SCALAR) > 16. tainted_data: Passing tainted expression length to bgp_linkstate_tlv_attribute_value_display, which uses it as an offset. [show details] Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28doc: unpin sphinx from 4.0.2Quentin Young3-9/+0
requirements.txt was pinning sphinx at a very old version. This version doesn't work in recent versions of Python; the new RTD configuration made RTD respect our requirements file, breaking the build. Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28bgpd: fix link_state_hash_cmp()Louis Scalbert1-1/+1
Fix comparaison of link state attributes pointers in link_state_hash_cmp(). > CID 1568379 (#1 of 1): Logically dead code (DEADCODE) > dead_error_line: Execution cannot reach this statement: return false;. Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28bgpd: fix illegal memory access in bgp_ls_tlv_check_size()Louis Scalbert2-5/+5
Fix illegal memory access bgp_ls_tlv_check_size() if type is 1253. > CID 1568377 (#4 of 4): Out-of-bounds read (OVERRUN) > 5. overrun-local: Overrunning array bgp_linkstate_tlv_infos of 1253 16-byte elements at element index 1253 (byte offset 20063) using index type (which evaluates to 1253). Fixes: 7e0d9ff8ba ("bgpd: display link-state prefixes detail") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28bgpd: do not check attr in bgp_packet_attributeLouis Scalbert1-1/+1
Fix the following coverity issue. attr cannot be NULL. > CID 1568376 (#1 of 1): Dereference before null check (REVERSE_INULL) > check_after_deref: Null-checking attr suggests that it may be null, but it has already been dereferenced on all paths leading to the check. Fixes: 8b531b1107 ("bgpd: store and send bgp link-state attributes") Signed-off-by: Louis Scalbert <louis.scalbert@6wind.com>
2023-09-28doc: Add `neighbor capability dynamic` commandDonatas Abraitis1-0/+10
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-28doc: Add an example on how to set a distance for a route from the kernelDonatas Abraitis2-4/+33
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-28doc: add .readthedocs.yaml configsQuentin Young2-0/+32
As of Sep 25 2023, RTD projects require config files to build. This patch is necessary for docs to continue to build. Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28doc: include checkpatch & cspf docs in toctreeQuentin Young4-0/+6
The documentation pages on checkpatch and CSPF were not reachable because they were not included in any toctree. Include them in the tree! Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28doc: fix whitespace, formatting errorsQuentin Young5-99/+105
* Fix various whitespace and syntax errors * Fix a couple tiny grammar mistakes Signed-off-by: Quentin Young <qlyoung@qlyoung.net>
2023-09-28vtysh: fix entering configuration node in file-lock modeIgor Ryzhov1-1/+13
When the config node is entered in file-lock mode, we should actually remember it to correctly apply the workaround in `vtysh_exit`. Otherwise, the file-lock mode is dropped once we exit any node one level below the config node. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2023-09-28vty: fix working in file-lock modeIgor Ryzhov1-0/+8
When the configuration node is entered in file-lock mode, candidate and running datastores are locked. Any configuration change is followed by an implicit commit which leads to a crash of mgmtd, because double lock is prohibited by an assert. When working in file-lock mode, we shouldn't do implicit commits which is disabled by allowing pending configuration changes. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2023-09-27vty: fix configure terminal argument descriptionsIgor Ryzhov2-4/+4
"terminal" and "file-lock" description are mixed up. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2023-09-27doc: Use backward order when for release dates hintDonatas Abraitis1-9/+7
Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-27doc: Fix release dates in workflowDonatas Abraitis1-6/+6
Align to the release rules: Releases are scheduled in a 4-month cycle on the first Tuesday each March/July/November. Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-27mgmtd: fix crash on "show mgmtd datastore-contents"Igor Ryzhov1-1/+1
When the command is called without specifying the datastore, it crashes. Signed-off-by: Igor Ryzhov <iryzhov@nfware.com>
2023-09-26doc: Add Debian 12 Build documentationMartin Winter2-0/+120
Signed-off-by: Rodrigo Nardi <rnardi@netdef.org> Signed-off-by: Martin Winter <mwinter@opensourcerouting.org>
2023-09-25bgpd: Set the TTL for the correct socketDonatas Abraitis1-6/+6
When we accept a connection, we try to set TTL for the socket, but the socket is not yet created/assigned and we are trying to set it on the wrong socket fd. ``` [Event] connection from 127.0.0.1 fd 25, active peer status 3 fd -1 can't set sockopt IP_TTL 255 to socket -1 bgp_set_socket_ttl: Can't set TxTTL on peer (rtrid 0.0.0.0) socket, err = 9 Unable to set min/max TTL on peer 127.0.0.1, Continuing ``` Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-25doc: Use different label to distinguish PBR nexthop groupsDonatas Abraitis1-2/+2
/root/frr/doc/user/pbr.rst:32: WARNING: duplicate label nexthop-groups, other instance in /root/frr/doc/user/nexthop_groups.rst Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>
2023-09-25doc: Replace `frr` code highlighting marker to `sh`Donatas Abraitis1-1/+1
No such thing exists. /root/frr/doc/user/ospfd.rst:624: WARNING: Cannot analyze code. No Pygments lexer found for "frr". Signed-off-by: Donatas Abraitis <donatas@opensourcerouting.org>