acl-plugin: hash lookup bitmask not cleared when ACL is unapplied from interface...

[vpp.git] / src / plugins / acl / acl.c

diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c
index 3c1e819..db54d4e 100644 (file)
--- a/src/plugins/acl/acl.c
+++ b/src/plugins/acl/acl.c
@@ -91,11 +91,39 @@ acl_set_heap(acl_main_t *am)
 {
   if (0 == am->acl_mheap) {
     am->acl_mheap = mheap_alloc (0 /* use VM */ , 2 << 29);
+    mheap_t *h = mheap_header (am->acl_mheap);
+    h->flags |= MHEAP_FLAG_THREAD_SAFE;
   }
   void *oldheap = clib_mem_set_heap(am->acl_mheap);
   return oldheap;
 }
 
+void
+acl_plugin_acl_set_validate_heap(acl_main_t *am, int on)
+{
+  clib_mem_set_heap(acl_set_heap(am));
+  mheap_t *h = mheap_header (am->acl_mheap);
+  if (on) {
+    h->flags |= MHEAP_FLAG_VALIDATE;
+    h->flags &= ~MHEAP_FLAG_SMALL_OBJECT_CACHE;
+    mheap_validate(h);
+  } else {
+    h->flags &= ~MHEAP_FLAG_VALIDATE;
+    h->flags |= MHEAP_FLAG_SMALL_OBJECT_CACHE;
+  }
+}
+
+void
+acl_plugin_acl_set_trace_heap(acl_main_t *am, int on)
+{
+  clib_mem_set_heap(acl_set_heap(am));
+  mheap_t *h = mheap_header (am->acl_mheap);
+  if (on) {
+    h->flags |= MHEAP_FLAG_TRACE;
+  } else {
+    h->flags &= ~MHEAP_FLAG_TRACE;
+  }
+}
 
 static void
 vl_api_acl_plugin_get_version_t_handler (vl_api_acl_plugin_get_version_t * mp)
@@ -411,8 +439,8 @@ acl_classify_add_del_table_small (vnet_classify_main_t * cm, u8 * mask,
                                      table_index, current_data_flag,
                                      current_data_offset, is_add,
                                      1 /* delete_chain */);
-  return ret;
   clib_mem_set_heap (oldheap);
+  return ret;
 }
 
 
@@ -1930,6 +1958,8 @@ acl_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
 
 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (acl_sw_interface_add_del);
 
+
+
 static clib_error_t *
 acl_set_aclplugin_fn (vlib_main_t * vm,
                               unformat_input_t * input,
@@ -1958,6 +1988,26 @@ acl_set_aclplugin_fn (vlib_main_t * vm,
       am->l4_match_nonfirst_fragment = (val != 0);
       goto done;
     }
+  if (unformat (input, "heap"))
+    {
+      if (unformat(input, "main"))
+        {
+          if (unformat(input, "validate %u", &val))
+            acl_plugin_acl_set_validate_heap(am, val);
+          else if (unformat(input, "trace %u", &val))
+            acl_plugin_acl_set_trace_heap(am, val);
+          goto done;
+        }
+      else if (unformat(input, "hash"))
+        {
+          if (unformat(input, "validate %u", &val))
+            acl_plugin_hash_acl_set_validate_heap(am, val);
+          else if (unformat(input, "trace %u", &val))
+            acl_plugin_hash_acl_set_trace_heap(am, val);
+          goto done;
+        }
+      goto done;
+    }
   if (unformat (input, "session")) {
     if (unformat (input, "table")) {
       /* The commands here are for tuning/testing. No user-serviceable parts inside */
@@ -2327,6 +2377,7 @@ acl_show_aclplugin_fn (vlib_main_t * vm,
           if (swi < vec_len(am->input_applied_hash_acl_info_by_sw_if_index)) {
             applied_hash_acl_info_t *pal = &am->input_applied_hash_acl_info_by_sw_if_index[swi];
             out0 = format(out0, "  input lookup mask_type_index_bitmap: %U\n", format_bitmap_hex, pal->mask_type_index_bitmap);
+            out0 = format(out0, "  input applied acls: %U\n", format_vec32, pal->applied_acls, "%d");
           }
           if (swi < vec_len(am->input_hash_entry_vec_by_sw_if_index)) {
             out0 = format(out0, "  input lookup applied entries:\n");
@@ -2341,6 +2392,7 @@ acl_show_aclplugin_fn (vlib_main_t * vm,
           if (swi < vec_len(am->output_applied_hash_acl_info_by_sw_if_index)) {
             applied_hash_acl_info_t *pal = &am->output_applied_hash_acl_info_by_sw_if_index[swi];
             out0 = format(out0, "  output lookup mask_type_index_bitmap: %U\n", format_bitmap_hex, pal->mask_type_index_bitmap);
+            out0 = format(out0, "  output applied acls: %U\n", format_vec32, pal->applied_acls, "%d");
           }
           if (swi < vec_len(am->output_hash_entry_vec_by_sw_if_index)) {
             out0 = format(out0, "  output lookup applied entries:\n");