* See the License for the specific language governing permissions and
* limitations under the License.
*/
+
#include <vnet/classify/vnet_classify.h>
#include <vnet/classify/in_out_acl.h>
#include <vnet/ip/ip.h>
#include <vnet/l2/l2_classify.h> /* for L2_INPUT_CLASSIFY_NEXT_xxx */
#include <vnet/fib/fib_table.h>
#include <vppinfra/lock.h>
+#include <vnet/classify/trace_classify.h>
+
+
/**
* @file
t->skip_n_vectors = skip_n_vectors;
t->entries_per_page = 2;
-#if USE_DLMALLOC == 0
- t->mheap = mheap_alloc (0 /* use VM */ , memory_size);
-#else
- t->mheap = create_mspace (memory_size, 1 /* locked */ );
- /* classifier requires the memory to be contiguous, so can not expand. */
- mspace_disable_expand (t->mheap);
-#endif
+ t->mheap = clib_mem_create_heap (0, memory_size, 1 /* locked */ ,
+ "classify");
vec_validate_aligned (t->buckets, nbuckets - 1, CLIB_CACHE_LINE_BYTES);
oldheap = clib_mem_set_heap (t->mheap);
vec_free (t->mask);
vec_free (t->buckets);
-#if USE_DLMALLOC == 0
- mheap_free (t->mheap);
-#else
- destroy_mspace (t->mheap);
-#endif
-
+ clib_mem_destroy_heap (t->mheap);
pool_put (cm->tables, t);
}
if (nbuckets == 0)
return VNET_API_ERROR_INVALID_VALUE;
+ if (match < 1 || match > 5)
+ return VNET_API_ERROR_INVALID_VALUE;
+
t = vnet_classify_new_table (cm, mask, nbuckets, memory_size,
skip, match);
t->next_table_index = next_table_index;
{
u8 **maskp = va_arg (*args, u8 **);
u8 *mask = 0;
- u8 found_something = 0;
+ u8 found_something;
ip6_header_t *ip;
u32 ip_version_traffic_class_and_flow_label;
break;
}
+ /* Account for "special" field names */
+ found_something = version + traffic_class + flow_label
+ + src_address + dst_address + protocol;
+
#define _(a) found_something += a;
foreach_ip6_proto_field;
#undef _
return 0;
}
+
+/*
+ * Reorder the chain of tables starting with table_index such
+ * that more more-specific masks come before less-specific masks.
+ * Return the new head of the table chain.
+ */
+u32
+classify_sort_table_chain (vnet_classify_main_t * cm, u32 table_index)
+{
+ /*
+ * Form a vector of all classifier tables in this chain.
+ */
+ u32 *tables = 0;
+ vnet_classify_table_t *t;
+ u32 cti;
+ for (cti = table_index; cti != ~0; cti = t->next_table_index)
+ {
+ vec_add1 (tables, cti);
+ t = pool_elt_at_index (cm->tables, cti);
+ }
+
+ /*
+ * Sort filter tables from most-specific mask to least-specific mask.
+ */
+ vec_sort_with_function (tables, filter_table_mask_compare);
+
+ /*
+ * Relink tables via next_table_index fields.
+ */
+ int i;
+ for (i = 0; i < vec_len (tables); i++)
+ {
+ t = pool_elt_at_index (cm->tables, tables[i]);
+
+ if ((i + 1) < vec_len (tables))
+ t->next_table_index = tables[i + 1];
+ else
+ t->next_table_index = ~0;
+ }
+
+ table_index = tables[0];
+ vec_free (tables);
+
+ return table_index;
+}
+
+
+u32
+classify_get_trace_chain (void)
+{
+ u32 table_index;
+
+ table_index = vlib_global_main.trace_filter.classify_table_index;
+
+ return table_index;
+}
+
+/*
+ * Seting the Trace chain to ~0 is a request to delete and clear it.
+ */
+void
+classify_set_trace_chain (vnet_classify_main_t * cm, u32 table_index)
+{
+ if (table_index == ~0)
+ {
+ u32 old_table_index;
+
+ old_table_index = vlib_global_main.trace_filter.classify_table_index;
+ vnet_classify_delete_table_index (cm, old_table_index, 1);
+ }
+
+ vlib_global_main.trace_filter.classify_table_index = table_index;
+}
+
+
+u32
+classify_get_pcap_chain (vnet_classify_main_t * cm, u32 sw_if_index)
+{
+ u32 table_index = ~0;
+
+ if (sw_if_index != ~0
+ && (sw_if_index < vec_len (cm->classify_table_index_by_sw_if_index)))
+ table_index = cm->classify_table_index_by_sw_if_index[sw_if_index];
+
+ return table_index;
+}
+
+void
+classify_set_pcap_chain (vnet_classify_main_t * cm,
+ u32 sw_if_index, u32 table_index)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+
+ if (sw_if_index != ~0 && table_index != ~0)
+ vec_validate_init_empty (cm->classify_table_index_by_sw_if_index,
+ sw_if_index, ~0);
+
+ if (table_index == ~0)
+ {
+ u32 old_table_index = ~0;
+
+ if (sw_if_index < vec_len (cm->classify_table_index_by_sw_if_index))
+ old_table_index =
+ cm->classify_table_index_by_sw_if_index[sw_if_index];
+
+ vnet_classify_delete_table_index (cm, old_table_index, 1);
+ }
+
+ /*
+ * Put the table index where device drivers can find them.
+ * This table index will be either a valid table or a ~0 to clear it.
+ */
+ if (vec_len (cm->classify_table_index_by_sw_if_index) > sw_if_index)
+ cm->classify_table_index_by_sw_if_index[sw_if_index] = table_index;
+ if (sw_if_index > 0)
+ {
+ vnet_hw_interface_t *hi;
+ hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
+ hi->trace_classify_table_index = table_index;
+ }
+}
+
+
+/*
+ * Search for a mask-compatible Classify table within the given table chain.
+ */
+u32
+classify_lookup_chain (u32 table_index, u8 * mask, u32 n_skip, u32 n_match)
+{
+ vnet_classify_main_t *cm = &vnet_classify_main;
+ vnet_classify_table_t *t;
+ u32 cti;
+
+ if (table_index == ~0)
+ return ~0;
+
+ for (cti = table_index; cti != ~0; cti = t->next_table_index)
+ {
+ t = pool_elt_at_index (cm->tables, cti);
+
+ /* Classifier geometry mismatch, can't use this table. */
+ if (t->match_n_vectors != n_match || t->skip_n_vectors != n_skip)
+ continue;
+
+ /* Masks aren't congruent, can't use this table. */
+ if (vec_len (t->mask) * sizeof (u32x4) != vec_len (mask))
+ continue;
+
+ /* Masks aren't bit-for-bit identical, can't use this table. */
+ if (memcmp (t->mask, mask, vec_len (mask)))
+ continue;
+
+ /* Winner... */
+ return cti;
+ }
+
+ return ~0;
+}
+
+
static clib_error_t *
classify_filter_command_fn (vlib_main_t * vm,
unformat_input_t * input,
u32 match = ~0;
u8 *match_vector;
int is_add = 1;
- int del_chain = 0;
u32 table_index = ~0;
u32 next_table_index = ~0;
u32 miss_next_index = ~0;
u32 current_data_flag = 0;
int current_data_offset = 0;
- int i;
- vnet_classify_table_t *t;
+ u32 sw_if_index = ~0;
+ int pkt_trace = 0;
+ int pcap = 0;
u8 *mask = 0;
vnet_classify_main_t *cm = &vnet_classify_main;
int rv = 0;
+ clib_error_t *err = 0;
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ unformat_input_t _line_input, *line_input = &_line_input;
+
+ /* Get a line of input. */
+ if (!unformat_user (input, unformat_line_input, line_input))
+ return 0;
+
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (input, "del"))
+ if (unformat (line_input, "del"))
is_add = 0;
- else if (unformat (input, "buckets %d", &nbuckets))
+ else if (unformat (line_input, "pcap %=", &pcap, 1))
+ sw_if_index = 0;
+ else if (unformat (line_input, "trace"))
+ pkt_trace = 1;
+ else if (unformat (line_input, "%U",
+ unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ if (sw_if_index == 0)
+ return clib_error_return (0, "Local interface not supported...");
+ }
+ else if (unformat (line_input, "buckets %d", &nbuckets))
;
- else if (unformat (input, "mask %U", unformat_classify_mask,
+ else if (unformat (line_input, "mask %U", unformat_classify_mask,
&mask, &skip, &match))
;
- else if (unformat (input, "memory-size %U", unformat_memory_size,
+ else if (unformat (line_input, "memory-size %U", unformat_memory_size,
&memory_size))
;
else
}
if (is_add && mask == 0 && table_index == ~0)
- return clib_error_return (0, "Mask required");
+ err = clib_error_return (0, "Mask required");
- if (is_add && skip == ~0 && table_index == ~0)
- return clib_error_return (0, "skip count required");
+ else if (is_add && skip == ~0 && table_index == ~0)
+ err = clib_error_return (0, "skip count required");
- if (is_add && match == ~0 && table_index == ~0)
- return clib_error_return (0, "match count required");
+ else if (is_add && match == ~0 && table_index == ~0)
+ err = clib_error_return (0, "match count required");
+
+ else if (sw_if_index == ~0 && pkt_trace == 0 && pcap == 0)
+ err = clib_error_return (0, "Must specify trace, pcap or interface...");
+
+ else if (pkt_trace && pcap)
+ err = clib_error_return
+ (0, "Packet trace and pcap are mutually exclusive...");
+
+ else if (pkt_trace && sw_if_index != ~0)
+ err = clib_error_return (0, "Packet trace filter is per-system");
+
+ if (err)
+ {
+ unformat_free (line_input);
+ return err;
+ }
if (!is_add)
{
- if (vec_len (vnm->classify_filter_table_indices) == 0)
- return clib_error_return (0, "No classify filter set...");
+ /*
+ * Delete an existing PCAP or trace classify table.
+ */
+ if (pkt_trace)
+ classify_set_trace_chain (cm, ~0);
+ else
+ classify_set_pcap_chain (cm, sw_if_index, ~0);
+
+ vec_free (mask);
+ unformat_free (line_input);
- del_chain = 1;
- table_index = vnm->classify_filter_table_indices[0];
- vec_reset_length (vnm->classify_filter_table_indices);
+ return 0;
}
- /* see if we already have a table for that... */
+ /*
+ * Find an existing compatible table or else make a new one.
+ */
+ if (pkt_trace)
+ table_index = classify_get_trace_chain ();
+ else
+ table_index = classify_get_pcap_chain (cm, sw_if_index);
+
+ if (table_index != ~0)
+ table_index = classify_lookup_chain (table_index, mask, skip, match);
- if (is_add)
+ /*
+ * When no table is found, make one.
+ */
+ if (table_index == ~0)
{
- for (i = 0; i < vec_len (vnm->classify_filter_table_indices); i++)
+ /*
+ * Matching table wasn't found, so create a new one at the
+ * head of the next_table_index chain.
+ */
+ next_table_index = table_index;
+ table_index = ~0;
+
+ rv = vnet_classify_add_del_table (cm, mask, nbuckets, memory_size,
+ skip, match, next_table_index,
+ miss_next_index, &table_index,
+ current_data_flag,
+ current_data_offset, 1, 0);
+
+ if (rv != 0)
{
- t = pool_elt_at_index (cm->tables, i);
- /* classifier geometry mismatch, can't use this table */
- if (t->match_n_vectors != match || t->skip_n_vectors != skip)
- continue;
- /* Masks aren't congruent, can't use this table */
- if (vec_len (t->mask) != vec_len (mask))
- continue;
- /* Masks aren't bit-for-bit identical, can't use this table */
- if (memcmp (t->mask, mask, vec_len (mask)))
- continue;
-
- /* Winner... */
- table_index = i;
- goto found_table;
+ vec_free (mask);
+ unformat_free (line_input);
+ return clib_error_return (0,
+ "vnet_classify_add_del_table returned %d",
+ rv);
}
- }
- rv = vnet_classify_add_del_table (cm, mask, nbuckets, memory_size,
- skip, match, next_table_index,
- miss_next_index, &table_index,
- current_data_flag, current_data_offset,
- is_add, del_chain);
- vec_free (mask);
-
- switch (rv)
- {
- case 0:
- break;
+ /*
+ * Reorder tables such that masks are most-specify to least-specific.
+ */
+ table_index = classify_sort_table_chain (cm, table_index);
- default:
- return clib_error_return (0, "vnet_classify_add_del_table returned %d",
- rv);
+ /*
+ * Put first classifier table in chain in a place where
+ * other data structures expect to find and use it.
+ */
+ if (pkt_trace)
+ classify_set_trace_chain (cm, table_index);
+ else
+ classify_set_pcap_chain (cm, sw_if_index, table_index);
}
- if (is_add == 0)
- return 0;
-
- /* Remember the table */
- vec_add1 (vnm->classify_filter_table_indices, table_index);
-
-found_table:
+ vec_free (mask);
- /* Now try to parse a session */
- if (unformat (input, "match %U", unformat_classify_match,
+ /*
+ * Now try to parse a and add a filter-match session.
+ */
+ if (unformat (line_input, "match %U", unformat_classify_match,
cm, &match_vector, table_index) == 0)
return 0;
-
/*
* We use hit or miss to determine whether to trace or pcap pkts
* so the session setup is very limited
vec_free (match_vector);
- /* Sort filter tables from most-specific mask to least-specific mask */
- vec_sort_with_function (vnm->classify_filter_table_indices,
- filter_table_mask_compare);
-
- ASSERT (vec_len (vnm->classify_filter_table_indices));
+ return 0;
+}
- /* Setup next_table_index fields */
- for (i = 0; i < vec_len (vnm->classify_filter_table_indices); i++)
+/** Enable / disable packet trace filter */
+int
+vlib_enable_disable_pkt_trace_filter (int enable)
+{
+ if (enable)
{
- t = pool_elt_at_index (cm->tables,
- vnm->classify_filter_table_indices[i]);
-
- if ((i + 1) < vec_len (vnm->classify_filter_table_indices))
- t->next_table_index = vnm->classify_filter_table_indices[i + 1];
- else
- t->next_table_index = ~0;
+ vlib_global_main.trace_filter.trace_filter_enable = 1;
+ }
+ else
+ {
+ vlib_global_main.trace_filter.trace_filter_enable = 0;
}
-
return 0;
}
/*?
* Construct an arbitrary set of packet classifier tables for use with
- * "pcap rx | tx trace," and (eventually) with the vpp packet
- * tracer
+ * "pcap rx | tx trace," and with the vpp packet tracer
*
* Packets which match a rule in the classifier table chain
* will be traced. The tables are automatically ordered so that
*
* Configure a simple classify filter, and configure pcap rx trace to use it:
*
- * <b><em>classify filter mask l3 ip4 src match l3 ip4 src 192.168.1.11"</em></b><br>
+ * <b><em>classify filter rx mask l3 ip4 src match l3 ip4 src 192.168.1.11"</em></b><br>
* <b><em>pcap rx trace on max 100 filter</em></b>
*
* Configure another fairly simple filter
*
* <b><em>classify filter mask l3 ip4 src dst match l3 ip4 src 192.168.1.10 dst 192.168.2.10"</em></b>
*
- * Clear all current classifier filters
*
- * <b><em>classify filter del</em></b>
+ * Configure a filter for use with the vpp packet tracer:
+ * <b><em>classify filter trace mask l3 ip4 src dst match l3 ip4 src 192.168.1.10 dst 192.168.2.10"</em></b>
+ * <b><em>trace add dpdk-input 100 filter</em></b>
+ *
+ * Clear classifier filters
+ *
+ * <b><em>classify filter [trace | rx | tx | <intfc>] del</em></b>
+ *
+ * To display the top-level classifier tables for each use case:
+ * <b><em>show classify filter</em/></b>
*
* To inspect the classifier tables, use
*
{
.path = "classify filter",
.short_help =
- "classify filter mask <mask-value> match <match-value> [del]"
- "[buckets <nn>] [memory-size <n>]",
+ "classify filter <intfc> | pcap mask <mask-value> match <match-value>\n"
+ " | trace mask <mask-value> match <match-value> [del]\n"
+ " [buckets <nn>] [memory-size <n>]",
.function = classify_filter_command_fn,
};
/* *INDENT-ON* */
+static clib_error_t *
+show_classify_filter_command_fn (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ vnet_classify_main_t *cm = &vnet_classify_main;
+ vnet_main_t *vnm = vnet_get_main ();
+ u8 *name = 0;
+ u8 *s = 0;
+ u32 table_index;
+ int verbose = 0;
+ int i, j, limit;
+
+ (void) unformat (input, "verbose %=", &verbose, 1);
+
+ vlib_cli_output (vm, "%-30s%s", "Filter Used By", " Table(s)");
+ vlib_cli_output (vm, "%-30s%s", "--------------", " --------");
+
+ limit = vec_len (cm->classify_table_index_by_sw_if_index);
+
+ for (i = -1; i < limit; i++)
+ {
+ switch (i)
+ {
+ case -1:
+ table_index = vlib_global_main.trace_filter.classify_table_index;
+ name = format (0, "packet tracer:");
+ break;
+
+ case 0:
+ table_index = cm->classify_table_index_by_sw_if_index[i];
+ name = format (0, "pcap rx/tx/drop:");
+ break;
+
+ default:
+ table_index = cm->classify_table_index_by_sw_if_index[i];
+ name = format (0, "%U:", format_vnet_sw_if_index_name, vnm, i);
+ break;
+ }
+
+ if (verbose)
+ {
+ vnet_classify_table_t *t;
+ j = table_index;
+ do
+ {
+ if (j == ~0)
+ s = format (s, " none");
+ else
+ {
+ s = format (s, " %u", j);
+ t = pool_elt_at_index (cm->tables, j);
+ j = t->next_table_index;
+ }
+ }
+ while (j != ~0);
+
+ vlib_cli_output (vm, "%-30v table(s)%v", name, s);
+ vec_reset_length (s);
+ }
+ else
+ {
+ if (table_index != ~0)
+ s = format (s, " %u", table_index);
+ else
+ s = format (s, " none");
+
+ vlib_cli_output (vm, "%-30v first table%v", name, s);
+ vec_reset_length (s);
+ }
+ vec_reset_length (name);
+ }
+ vec_free (s);
+ vec_free (name);
+ return 0;
+}
+
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (show_classify_filter, static) =
+{
+ .path = "show classify filter",
+ .short_help = "show classify filter [verbose [nn]]",
+ .function = show_classify_filter_command_fn,
+};
+/* *INDENT-ON* */
+
+
+
+
static u8 *
format_vnet_classify_table (u8 * s, va_list * args)
{
s = format (s, "%10u%10d%10d%10d", index, t->active_elements,
t->next_table_index, t->miss_next_index);
- s = format (s, "\n Heap: %U", format_mheap, t->mheap, 0 /*verbose */ );
+ s = format (s, "\n Heap: %U", format_clib_mem_heap, t->mheap,
+ 0 /*verbose */ );
s = format (s, "\n nbuckets %d, skip %d match %d flag %d offset %d",
t->nbuckets, t->skip_n_vectors, t->match_n_vectors,
}
/* *INDENT-OFF* */
- pool_foreach (t, cm->tables,
- ({
+ pool_foreach (t, cm->tables)
+ {
if (match_index == ~0 || (match_index == t - cm->tables))
vec_add1 (indices, t - cm->tables);
- }));
+ }
/* *INDENT-ON* */
if (vec_len (indices))
vnet_classify_register_unformat_acl_next_index_fn (unformat_acl_next_node);
+ vlib_global_main.trace_filter.classify_table_index = ~0;
+
return 0;
}
VLIB_INIT_FUNCTION (vnet_classify_init);
+int
+vnet_is_packet_traced (vlib_buffer_t * b, u32 classify_table_index, int func)
+{
+ return vnet_is_packet_traced_inline (b, classify_table_index, func);
+}
+
+
#define TEST_CODE 0
#if TEST_CODE > 0
Code Review / vpp.git / blobdiff