mirror of
https://gitlab.nic.cz/labs/bird.git
synced 2025-01-20 16:01:53 +00:00
roa_check() uses the auxiliary table
This commit is contained in:
parent
499d5e6fb3
commit
b15eb4b546
@ -678,63 +678,41 @@ net_roa_check(rtable *tp, const net_addr *n, u32 asn)
|
|||||||
SKIP_BACK_DECLARE(net_addr_union, nu, n, n);
|
SKIP_BACK_DECLARE(net_addr_union, nu, n, n);
|
||||||
int anything = 0;
|
int anything = 0;
|
||||||
|
|
||||||
|
rtable *aux = tp->config->roa_aux_table->table;
|
||||||
|
|
||||||
#define TW(ipv) do { \
|
#define TW(ipv) do { \
|
||||||
TRIE_WALK_TO_ROOT_IP##ipv(trie, &(nu->ip##ipv), var) { \
|
TRIE_WALK_TO_ROOT_IP##ipv(trie, &(nu->ip##ipv), var) { \
|
||||||
net_addr_roa##ipv roa0 = NET_ADDR_ROA##ipv(var.prefix, var.pxlen, 0, 0); \
|
rte r = rt_net_best(aux, (net_addr *) &var); \
|
||||||
ROA_PARTIAL_CHECK(ipv); \
|
if (!r.attrs) continue; \
|
||||||
|
SKIP_BACK_DECLARE(struct rt_roa_aggregated_adata, rad, \
|
||||||
|
ad, ea_get_adata(r.attrs, &ea_roa_aggregated)); \
|
||||||
|
uint count = ROA_AGGR_COUNT(rad); \
|
||||||
|
for (uint p = 0; p < count; p++) \
|
||||||
|
if ((rad->u[p].max_pxlen >= nu->ip##ipv.pxlen) && \
|
||||||
|
(rad->u[p].asn == asn)) \
|
||||||
|
return ROA_VALID; \
|
||||||
|
else \
|
||||||
|
anything = 1; \
|
||||||
} TRIE_WALK_TO_ROOT_END; \
|
} TRIE_WALK_TO_ROOT_END; \
|
||||||
return anything ? ROA_INVALID : ROA_UNKNOWN; \
|
|
||||||
} while (0)
|
} while (0)
|
||||||
|
|
||||||
#define FW(ipv) do { \
|
RT_READ(aux, tr);
|
||||||
net_addr_roa##ipv roa0 = NET_ADDR_ROA##ipv(nu->ip##ipv.prefix, nu->ip##ipv.pxlen, 0, 0);\
|
|
||||||
while (1) { \
|
|
||||||
ROA_PARTIAL_CHECK(ipv); \
|
|
||||||
if (roa0.pxlen == 0) break; \
|
|
||||||
roa0.pxlen--; ip##ipv##_clrbit(&roa0.prefix, roa0.pxlen); \
|
|
||||||
} \
|
|
||||||
} while (0)
|
|
||||||
|
|
||||||
#define ROA_PARTIAL_CHECK(ipv) do { \
|
|
||||||
for (struct netindex *i = net_find_index_fragile_chain(nh, (net_addr *) &roa0); i; i = i->next)\
|
|
||||||
{ \
|
|
||||||
if (bs < i->index) continue; \
|
|
||||||
net_addr_roa##ipv *roa = (void *) i->addr; \
|
|
||||||
if (!net_equal_prefix_roa##ipv(roa, &roa0)) continue; \
|
|
||||||
net *r = &(atomic_load_explicit(&tr->t->routes, memory_order_acquire)[i->index]); \
|
|
||||||
struct rte_storage *s = NET_READ_BEST_ROUTE(tr, r); \
|
|
||||||
if (s && rte_is_valid(&s->rte)) \
|
|
||||||
{ \
|
|
||||||
anything = 1; \
|
|
||||||
if (asn && (roa->asn == asn) && (roa->max_pxlen >= nu->ip##ipv.pxlen)) \
|
|
||||||
return ROA_VALID; \
|
|
||||||
} \
|
|
||||||
} \
|
|
||||||
} while (0)
|
|
||||||
|
|
||||||
RT_READ(tp, tr);
|
|
||||||
|
|
||||||
{
|
{
|
||||||
u32 bs = atomic_load_explicit(&tr->t->routes_block_size, memory_order_acquire);
|
|
||||||
const struct f_trie *trie = atomic_load_explicit(&tr->t->trie, memory_order_acquire);
|
const struct f_trie *trie = atomic_load_explicit(&tr->t->trie, memory_order_acquire);
|
||||||
|
ASSERT_DIE(trie);
|
||||||
|
|
||||||
NH_LOCK(tr->t->netindex, nh);
|
if ((tp->addr_type == NET_ROA4) && (n->type == NET_IP4))
|
||||||
if ((tr->t->addr_type == NET_ROA4) && (n->type == NET_IP4))
|
TW(4);
|
||||||
{
|
else if ((tp->addr_type == NET_ROA6) && (n->type == NET_IP6))
|
||||||
if (trie) TW(4);
|
TW(6);
|
||||||
else FW(4);
|
else
|
||||||
}
|
log(L_WARN "Trying to run roa_check() of %s in %s",
|
||||||
else if ((tr->t->addr_type == NET_ROA6) && (n->type == NET_IP6))
|
net_label[n->type], net_label[tr->t->addr_type]);
|
||||||
{
|
|
||||||
if (trie) TW(6);
|
|
||||||
else FW(6);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return anything ? ROA_INVALID : ROA_UNKNOWN;
|
return anything ? ROA_INVALID : ROA_UNKNOWN;
|
||||||
#undef ROA_PARTIAL_CHECK
|
|
||||||
#undef TW
|
#undef TW
|
||||||
#undef FW
|
|
||||||
}
|
}
|
||||||
|
|
||||||
struct rte_storage *
|
struct rte_storage *
|
||||||
|
Loading…
Reference in New Issue
Block a user