VPP-2048

lawful-intercept : convert lawful-intercept to a plugin per https://jira.fd.io/browse/VPP-2048 Type: improvement
FDio · Jun 13, 2023 · 356f7ae · 356f7ae
1 parent 39c40fa
commit 356f7ae
Show file tree

Hide file tree

Showing 8 changed files with 215 additions and 19 deletions.
diff --git a/src/plugins/lawful-intercept/CMakeLists.txt b/src/plugins/lawful-intercept/CMakeLists.txt
@@ -0,0 +1,24 @@
+# Copyright (c) 2018 Cisco and/or its affiliates.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at:
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+add_vpp_plugin(lawful-intercept
+  SOURCES
+  lawful_intercept.c
+  lawful_intercept_api.c
+  node.c
+  plugin.c
+
+
+  API_FILES
+  lawful_intercept.api
+)
diff --git a/src/plugins/lawful-intercept/lawful_intercept.api b/src/plugins/lawful-intercept/lawful_intercept.api
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2015-2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+option version = "2.0.1";
+import "vnet/ip/ip_types.api";
+
+
+/** \brief Create or delete a VXLAN tunnel
+    @param client_index - opaque cookie to identify the sender
+    @param context - sender context, to match reply w/ request
+    @param is_add - Use 1 to create the tunnel, 0 to remove it
+    @param src_address - Source IP address
+    @param collector_address - Destination IP address, can be multicast
+    @param udp_port - UDP port for communication, uint32
+*/
+define lawful_interception_add_del
+{
+  u32 client_index;
+  u32 context;
+  bool is_add [default=true];
+  vl_api_address_t src_address;
+  vl_api_address_t collector_address;
+  u32 udp_port;
+};
+
+/* Return enum values for lawful_interception_add_del msg */
+enum lawful_interception_return_val_type                     
+{
+  LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__NONE = 0,
+  LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_PORT_ALREADY_CONFIGURED = 1,
+  LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_ALREADY_CONFIGURED = 2,
+  LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_NOT_CONFIGURED = 3,
+  LAWFUL_INTERCEPTION_RETURN_VAL_TYPE_UNDEFINED = 4,
+};
+
+define lawful_interception_add_del_reply
+{
+  u32 context;
+  i32 retval;
+};
diff --git a/src/vnet/lawful-intercept/lawful_intercept.c → ...ugins/lawful-intercept/lawful_intercept.c b/src/vnet/lawful-intercept/lawful_intercept.c → ...ugins/lawful-intercept/lawful_intercept.c
@@ -13,7 +13,7 @@
  * limitations under the License.
  */
 
-#include <vnet/lawful-intercept/lawful_intercept.h>
+#include "lawful_intercept.h"
 
 li_main_t li_main;
 

diff --git a/src/vnet/lawful-intercept/lawful_intercept.h → ...ugins/lawful-intercept/lawful_intercept.h b/src/vnet/lawful-intercept/lawful_intercept.h → ...ugins/lawful-intercept/lawful_intercept.h
diff --git a/src/plugins/lawful-intercept/lawful_intercept_api.c b/src/plugins/lawful-intercept/lawful_intercept_api.c
@@ -0,0 +1,115 @@
+/*
+ *------------------------------------------------------------------
+ * vxlan_api.c - vxlan api
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *------------------------------------------------------------------
+ */
+#include <vnet/vnet.h>
+#include <vlibmemory/api.h>
+
+#include <vnet/interface.h>
+#include <vnet/api_errno.h>
+#include <vnet/feature/feature.h>
+#include <vnet/fib/fib_table.h>
+#include <vnet/ip/ip_types_api.h>
+#include <vnet/udp/udp_local.h>
+#include <vnet/format_fns.h>
+#include <lawful-intercept/lawful_intercept.api_types.h>
+#include <lawful-intercept/lawful_intercept.api_enum.h>
+
+#include "lawful_intercept.h"
+
+static u16 msg_id_base;
+
+#define REPLY_MSG_ID_BASE msg_id_base
+#include <vlibapi/api_helper_macros.h>
+
+static void
+vl_api_lawful_interception_add_del_t_handler (
+  vl_api_lawful_interception_add_del_t *mp)
+{
+  vl_api_lawful_interception_add_del_reply_t *rmp;
+  int rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__NONE;
+  u32 i = 0;
+
+  li_main_t *lm = &li_main;
+  ip46_address_t collector;
+  ip46_address_t src;
+  u16 udp_port = 0;
+  ip_address_decode (&mp->src_address, &src);
+  ip_address_decode (&mp->collector_address, &collector);
+  bool is_add = mp->is_add;
+  udp_port = ntohs (mp->udp_port);
+
+  if (is_add)
+    {
+      for (i = 0; i < vec_len (lm->collectors); i++)
+	{
+	  if (lm->collectors[i].as_u32 == collector.ip4.as_u32)
+	    {
+	      if (lm->ports[i] == udp_port)
+		rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_PORT_ALREADY_CONFIGURED;
+	      else
+		rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_ALREADY_CONFIGURED;
+	    }
+	}
+      vec_add1 (lm->collectors, collector.ip4);
+      vec_add1 (lm->ports, udp_port);
+      vec_add1 (lm->src_addrs, src.ip4);
+    }
+  else
+    {
+      for (i = 0; i < vec_len (lm->collectors); i++)
+	{
+	  if ((lm->collectors[i].as_u32 == collector.ip4.as_u32) &&
+	      lm->ports[i] == udp_port)
+	    {
+	      vec_delete (lm->collectors, 1, i);
+	      vec_delete (lm->ports, 1, i);
+	      vec_delete (lm->src_addrs, 1, i);
+	    }
+	}
+    rv = LAWFUL_INTERCEPTION_RETURN_VAL_TYPE__COLLECTOR_NOT_CONFIGURED;
+    }
+
+  REPLY_MACRO(VL_API_LAWFUL_INTERCEPTION_ADD_DEL_REPLY);
+}
+
+#include <lawful-intercept/lawful_intercept.api.c>
+static clib_error_t *
+lawful_interception_api_hookup (vlib_main_t *vm)
+{
+  api_main_t *am = vlibapi_get_main ();
+
+  vl_api_increase_msg_trace_size (am, VL_API_LAWFUL_INTERCEPTION_ADD_DEL,
+				  16 * sizeof (u32));
+
+  /*
+   * Set up the (msg_name, crc, message-id) table
+   */
+  msg_id_base = setup_message_id_table ();
+
+  return 0;
+}
+
+VLIB_API_INIT_FUNCTION (lawful_interception_api_hookup);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/lawful-intercept/node.c → src/plugins/lawful-intercept/node.c b/src/vnet/lawful-intercept/node.c → src/plugins/lawful-intercept/node.c
@@ -17,7 +17,7 @@
 #include <vnet/vnet.h>
 #include <vppinfra/error.h>
 
-#include <vnet/lawful-intercept/lawful_intercept.h>
+#include "lawful_intercept.h"
 
 #include <vppinfra/error.h>
 #include <vppinfra/elog.h>

diff --git a/src/plugins/lawful-intercept/plugin.c b/src/plugins/lawful-intercept/plugin.c
@@ -0,0 +1,22 @@
+/* SPDX-License-Identifier: Apache-2.0
+ * Copyright (c) 2022 Cisco Systems, Inc.
+ * License: Cisco Proprietary Closed Source License - Cisco Internal.
+ * The software, documentation and any fonts accompanying this License whether
+ * on disk, in read only memory, on any other media or in any other form (col-
+ * lectively the “Software”) are licensed, not sold, to you by Cisco, Inc.
+ * (“Cisco”) for use only under the terms of this License, and Cisco reserves
+ * all rights not expressly granted to you. The rights granted herein are
+ * limited to Cisco’s intel- lectual property rights in the Cisco Software and
+ * do not include any other patents or intellectual property rights. You own
+ * the media on which the Cisco Software is recorded but Cisco and/or Cisco’s
+ * licensor(s) retain ownership of the Software itself.
+ */
+
+#include <vlib/vlib.h>
+#include <vnet/plugin/plugin.h>
+#include <vpp/app/version.h>
+
+VLIB_PLUGIN_REGISTER () = {
+  .version = VPP_BUILD_VER,
+  .description = "Lawful interception",
+};
diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt
@@ -877,23 +877,6 @@ list(APPEND VNET_HEADERS
   ipfix-export/flow_report_classify.h
 )
 
-##############################################################################
-# lawful intercept
-##############################################################################
-
-list(APPEND VNET_SOURCES
-  lawful-intercept/lawful_intercept.c
-  lawful-intercept/node.c
-)
-
-list(APPEND VNET_MULTIARCH_SOURCES
-  lawful-intercept/node.c
-)
-
-list(APPEND VNET_HEADERS
-  lawful-intercept/lawful_intercept.h
-)
-
 ##############################################################################
 # SPAN (port mirroring)
 ##############################################################################