#include <vnet/pg/pg.h>
#include <vppinfra/error.h>
#include <acl/acl.h>
-#include "bihash_40_8.h"
+#include <vppinfra/bihash_40_8.h>
#include <vppinfra/bihash_template.h>
#include <vppinfra/bihash_template.c>
clib_warning
("ACL_FA_NODE_DBG acl %d rule %d pkt dst addr %U match rule addr %U/%d",
acl_index, i, format_ip46_address, &pkt_5tuple->addr[1],
- IP46_TYPE_ANY, format_ip46_address, &r->dst, IP46_TYPE_ANY,
+ r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4, format_ip46_address,
+ &r->dst, r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4,
r->dst_prefixlen);
#endif
clib_warning
("ACL_FA_NODE_DBG acl %d rule %d pkt src addr %U match rule addr %U/%d",
acl_index, i, format_ip46_address, &pkt_5tuple->addr[0],
- IP46_TYPE_ANY, format_ip46_address, &r->src, IP46_TYPE_ANY,
+ r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4, format_ip46_address,
+ &r->src, r->is_ipv6 ? IP46_TYPE_IP6: IP46_TYPE_IP4,
r->src_prefixlen);
clib_warning
("ACL_FA_NODE_DBG acl %d rule %d trying to match pkt proto %d with rule %d",
static inline fa_session_t *get_session_ptr(acl_main_t *am, u16 thread_index, u32 session_index)
{
acl_fa_per_worker_data_t *pw = &am->per_worker_data[thread_index];
- fa_session_t *sess = pw->fa_sessions_pool + session_index;
+ fa_session_t *sess = pool_is_free_index (pw->fa_sessions_pool, session_index) ? 0 : pool_elt_at_index(pw->fa_sessions_pool, session_index);
return sess;
}
static inline int is_valid_session_ptr(acl_main_t *am, u16 thread_index, fa_session_t *sess)
{
acl_fa_per_worker_data_t *pw = &am->per_worker_data[thread_index];
- return ((sess - pw->fa_sessions_pool) < pool_len(pw->fa_sessions_pool));
+ return ((sess != 0) && ((sess - pw->fa_sessions_pool) < pool_len(pw->fa_sessions_pool)));
}
static void
static void
acl_fa_delete_session (acl_main_t * am, u32 sw_if_index, fa_full_session_id_t sess_id)
{
+ void *oldheap = clib_mem_set_heap(am->acl_mheap);
fa_session_t *sess = get_session_ptr(am, sess_id.thread_index, sess_id.session_index);
ASSERT(sess->thread_index == os_get_thread_index ());
BV (clib_bihash_add_del) (&am->fa_sessions_hash,
/* Deleting from timer structures not needed,
as the caller must have dealt with the timers. */
vec_validate (pw->fa_session_dels_by_sw_if_index, sw_if_index);
+ clib_mem_set_heap (oldheap);
pw->fa_session_dels_by_sw_if_index[sw_if_index]++;
clib_smp_atomic_add(&am->fa_session_total_dels, 1);
}
}
}
-static void
+static fa_session_t *
acl_fa_add_session (acl_main_t * am, int is_input, u32 sw_if_index, u64 now,
fa_5tuple_t * p5tuple)
{
clib_bihash_kv_40_8_t kv;
fa_full_session_id_t f_sess_id;
uword thread_index = os_get_thread_index();
+ void *oldheap = clib_mem_set_heap(am->acl_mheap);
acl_fa_per_worker_data_t *pw = &am->per_worker_data[thread_index];
f_sess_id.thread_index = thread_index;
acl_fa_conn_list_add_session(am, f_sess_id, now);
vec_validate (pw->fa_session_adds_by_sw_if_index, sw_if_index);
+ clib_mem_set_heap (oldheap);
pw->fa_session_adds_by_sw_if_index[sw_if_index]++;
clib_smp_atomic_add(&am->fa_session_total_adds, 1);
+ return sess;
}
static int
if (acl_fa_can_add_session (am, is_input, sw_if_index0))
{
- acl_fa_add_session (am, is_input, sw_if_index0, now,
- &kv_sess);
+ fa_session_t *sess = acl_fa_add_session (am, is_input, sw_if_index0, now,
+ &kv_sess);
+ acl_fa_track_session (am, is_input, sw_if_index0, now,
+ sess, &fa_5tuple);
pkts_new_session += 1;
}
else
pw->interrupt_is_unwanted = 0;
}
}
+ pw->interrupt_generation = am->fa_interrupt_generation;
return 0;
}
am->fa_current_cleaner_timer_wait_interval = max_timer_wait_interval;
am->fa_cleaner_node_index = acl_fa_session_cleaner_process_node.index;
-
+ am->fa_interrupt_generation = 1;
while (1)
{
now = clib_cpu_time_now ();
clib_warning("ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX bitmap: %U", format_bitmap_hex, clear_sw_if_index_bitmap);
#endif
vec_foreach(pw0, am->per_worker_data) {
- if ((pw0 == am->per_worker_data) && (vec_len(vlib_mains) > 1)) {
- /* thread 0 in multithreaded scenario is not used */
- continue;
- }
CLIB_MEMORY_BARRIER ();
while (pw0->clear_in_process) {
CLIB_MEMORY_BARRIER ();
clib_warning("CLEANER mains len: %d per-worker len: %d", vec_len(vlib_mains), vec_len(am->per_worker_data));
#endif
vec_foreach(pw0, am->per_worker_data) {
- if ((pw0 == am->per_worker_data) && (vec_len(vlib_mains) > 1)) {
- /* thread 0 in multithreaded scenario is not used */
- continue;
- }
CLIB_MEMORY_BARRIER ();
while (pw0->clear_in_process) {
CLIB_MEMORY_BARRIER ();
if (event_data)
_vec_len (event_data) = 0;
+ /*
+ * If the interrupts were not processed yet, ensure we wait a bit,
+ * but up to a point.
+ */
+ int need_more_wait = 0;
+ int max_wait_cycles = 100;
+ do {
+ need_more_wait = 0;
+ vec_foreach(pw0, am->per_worker_data) {
+ if (pw0->interrupt_generation != am->fa_interrupt_generation) {
+ need_more_wait = 1;
+ }
+ }
+ if (need_more_wait) {
+ vlib_process_suspend(vm, 0.0001);
+ }
+ } while (need_more_wait && (--max_wait_cycles > 0));
int interrupts_needed = 0;
int interrupts_unwanted = 0;
vec_foreach(pw0, am->per_worker_data) {
- if ((pw0 == am->per_worker_data) && (vec_len(vlib_mains) > 1)) {
- /* thread 0 in multithreaded scenario is not used */
- continue;
- }
if (pw0->interrupt_is_needed) {
interrupts_needed++;
/* the per-worker value is reset when sending the interrupt */
am->fa_current_cleaner_timer_wait_interval += cpu_cps * am->fa_cleaner_wait_time_increment;
}
am->fa_cleaner_cnt_event_cycles++;
+ am->fa_interrupt_generation++;
}
/* NOT REACHED */
return 0;
if (enable_disable) {
acl_fa_verify_init_sessions(am);
am->fa_total_enabled_count++;
+ void *oldheap = clib_mem_set_heap (am->vlib_main->heap_base);
vlib_process_signal_event (am->vlib_main, am->fa_cleaner_node_index,
ACL_FA_CLEANER_RESCHEDULE, 0);
+ clib_mem_set_heap (oldheap);
} else {
am->fa_total_enabled_count--;
}
if (is_input)
{
ASSERT(clib_bitmap_get(am->fa_in_acl_on_sw_if_index, sw_if_index) != enable_disable);
+ void *oldheap = clib_mem_set_heap (am->vlib_main->heap_base);
vnet_feature_enable_disable ("ip4-unicast", "acl-plugin-in-ip4-fa",
sw_if_index, enable_disable, 0, 0);
vnet_feature_enable_disable ("ip6-unicast", "acl-plugin-in-ip6-fa",
sw_if_index, enable_disable, 0, 0);
+ clib_mem_set_heap (oldheap);
am->fa_in_acl_on_sw_if_index =
clib_bitmap_set (am->fa_in_acl_on_sw_if_index, sw_if_index,
enable_disable);
else
{
ASSERT(clib_bitmap_get(am->fa_out_acl_on_sw_if_index, sw_if_index) != enable_disable);
+ void *oldheap = clib_mem_set_heap (am->vlib_main->heap_base);
vnet_feature_enable_disable ("ip4-output", "acl-plugin-out-ip4-fa",
sw_if_index, enable_disable, 0, 0);
vnet_feature_enable_disable ("ip6-output", "acl-plugin-out-ip6-fa",
sw_if_index, enable_disable, 0, 0);
+ clib_mem_set_heap (oldheap);
am->fa_out_acl_on_sw_if_index =
clib_bitmap_set (am->fa_out_acl_on_sw_if_index, sw_if_index,
enable_disable);
#ifdef FA_NODE_VERBOSE_DEBUG
clib_warning("ENABLE-DISABLE: clean the connections on interface %d", sw_if_index);
#endif
+ void *oldheap = clib_mem_set_heap (am->vlib_main->heap_base);
vlib_process_signal_event (am->vlib_main, am->fa_cleaner_node_index,
ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX,
sw_if_index);
+ clib_mem_set_heap (oldheap);
}
}
Code Review / vpp.git / blobdiff