[ovs-dev] [PATCH ovn 1/2] nbctl: validate outport in nbctl_lr_route_add

Lorenzo Bianconi lorenzo.bianconi at redhat.com
Fri Aug 6 12:58:35 UTC 2021


Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
---
 tests/ovn-nbctl.at    |  2 ++
 utilities/ovn-nbctl.c | 35 ++++++++++++++++++++++++++---------
 2 files changed, 28 insertions(+), 9 deletions(-)

diff --git a/tests/ovn-nbctl.at b/tests/ovn-nbctl.at
index 828777b82..5d05be387 100644
--- a/tests/ovn-nbctl.at
+++ b/tests/ovn-nbctl.at
@@ -1445,6 +1445,7 @@ dnl ---------------------------------------------------------------------
 
 OVN_NBCTL_TEST([ovn_nbctl_routes], [routes], [
 AT_CHECK([ovn-nbctl lr-add lr0])
+AT_CHECK([ovn-nbctl lrp-add lr0 lp0 f0:00:00:00:00:01 10.0.0.254/24])
 
 dnl Check IPv4 routes
 AT_CHECK([ovn-nbctl lr-route-add lr0 0.0.0.0/0 192.168.0.1])
@@ -1505,6 +1506,7 @@ IPv4 Routes
                 0.0.0.0/0               192.168.0.1 dst-ip
 ])
 
+AT_CHECK([ovn-nbctl lrp-add lr0 lp1 f0:00:00:00:00:02 11.0.0.254/24])
 AT_CHECK([ovn-nbctl --may-exist lr-route-add lr0 10.0.0.111/24 11.0.0.1 lp1])
 AT_CHECK([ovn-nbctl lr-route-list lr0], [0], [dnl
 IPv4 Routes
diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c
index f41238990..972a637ff 100644
--- a/utilities/ovn-nbctl.c
+++ b/utilities/ovn-nbctl.c
@@ -4006,6 +4006,8 @@ nbctl_pre_lr_route_add(struct ctl_context *ctx)
     ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_col_name);
     ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_col_static_routes);
 
+    ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_port_col_name);
+
     ovsdb_idl_add_column(ctx->idl, &nbrec_bfd_col_dst_ip);
 
     ovsdb_idl_add_column(ctx->idl,
@@ -4022,6 +4024,10 @@ nbctl_pre_lr_route_add(struct ctl_context *ctx)
                          &nbrec_logical_router_static_route_col_options);
 }
 
+static char * OVS_WARN_UNUSED_RESULT
+lrp_by_name_or_uuid(struct ctl_context *ctx, const char *id, bool must_exist,
+                    const struct nbrec_logical_router_port **lrp_p);
+
 static void
 nbctl_lr_route_add(struct ctl_context *ctx)
 {
@@ -4031,6 +4037,7 @@ nbctl_lr_route_add(struct ctl_context *ctx)
         ctx->error = error;
         return;
     }
+    const struct nbrec_logical_router_port *out_lrp = NULL;
     char *prefix = NULL, *next_hop = NULL;
 
     const char *policy = shash_find_data(&ctx->options, "--policy");
@@ -4093,6 +4100,15 @@ nbctl_lr_route_add(struct ctl_context *ctx)
         }
     }
 
+    if (ctx->argc == 5) {
+        /* validate output port. */
+        error = lrp_by_name_or_uuid(ctx, ctx->argv[4], true, &out_lrp);
+        if (error) {
+            ctx->error = error;
+            goto cleanup;
+        }
+    }
+
     bool may_exist = shash_find(&ctx->options, "--may-exist") != NULL;
     bool ecmp_symmetric_reply = shash_find(&ctx->options,
                                            "--ecmp-symmetric-reply") != NULL;
@@ -4111,7 +4127,7 @@ nbctl_lr_route_add(struct ctl_context *ctx)
             ctl_error(ctx, "bfd dst_ip cannot be discard.");
             goto cleanup;
         }
-        if (ctx->argc == 5) {
+        if (out_lrp) {
             if (is_discard_route) {
                 ctl_error(ctx, "outport is not valid for discard routes.");
                 goto cleanup;
@@ -4134,22 +4150,22 @@ nbctl_lr_route_add(struct ctl_context *ctx)
             nbrec_logical_router_static_route_verify_nexthop(route);
             nbrec_logical_router_static_route_set_ip_prefix(route, prefix);
             nbrec_logical_router_static_route_set_nexthop(route, next_hop);
-            if (ctx->argc == 5) {
+            if (out_lrp) {
                 nbrec_logical_router_static_route_set_output_port(
-                    route, ctx->argv[4]);
+                    route, out_lrp->name);
             }
             if (policy) {
                  nbrec_logical_router_static_route_set_policy(route, policy);
             }
             if (bfd) {
                 if (!nb_bt) {
-                    if (ctx->argc != 5) {
+                    if (!out_lrp) {
                         ctl_error(ctx, "insert entry in the BFD table failed");
                         goto cleanup;
                     }
                     nb_bt = nbrec_bfd_insert(ctx->txn);
                     nbrec_bfd_set_dst_ip(nb_bt, next_hop);
-                    nbrec_bfd_set_logical_port(nb_bt, ctx->argv[4]);
+                    nbrec_bfd_set_logical_port(nb_bt, out_lrp->name);
                 }
                 nbrec_logical_router_static_route_set_bfd(route, nb_bt);
             }
@@ -4172,8 +4188,9 @@ nbctl_lr_route_add(struct ctl_context *ctx)
     route = nbrec_logical_router_static_route_insert(ctx->txn);
     nbrec_logical_router_static_route_set_ip_prefix(route, prefix);
     nbrec_logical_router_static_route_set_nexthop(route, next_hop);
-    if (ctx->argc == 5) {
-        nbrec_logical_router_static_route_set_output_port(route, ctx->argv[4]);
+    if (out_lrp) {
+        nbrec_logical_router_static_route_set_output_port(route,
+                                                          out_lrp->name);
     }
     if (policy) {
         nbrec_logical_router_static_route_set_policy(route, policy);
@@ -4189,13 +4206,13 @@ nbctl_lr_route_add(struct ctl_context *ctx)
     nbrec_logical_router_update_static_routes_addvalue(lr, route);
     if (bfd) {
         if (!nb_bt) {
-            if (ctx->argc != 5) {
+            if (!out_lrp) {
                 ctl_error(ctx, "insert entry in the BFD table failed");
                 goto cleanup;
             }
             nb_bt = nbrec_bfd_insert(ctx->txn);
             nbrec_bfd_set_dst_ip(nb_bt, next_hop);
-            nbrec_bfd_set_logical_port(nb_bt, ctx->argv[4]);
+            nbrec_bfd_set_logical_port(nb_bt, out_lrp->name);
         }
         nbrec_logical_router_static_route_set_bfd(route, nb_bt);
     }
-- 
2.31.1



More information about the dev mailing list