X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fplugins%2Facl%2Facl.c;h=db54d4e8a529e8661a59e72dc910736066e282d7;hb=faef07fdd048cf96626daa8e09ed995af8e30f00;hp=bc38265a6c5f6840e222da0123d52eb3ab0792e7;hpb=a5e614f76fda9efb7bd1577ec18f9c0407d95d03;p=vpp.git diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c index bc38265a6c5..db54d4e8a52 100644 --- a/src/plugins/acl/acl.c +++ b/src/plugins/acl/acl.c @@ -74,7 +74,9 @@ _(MACIP_ACL_ADD, macip_acl_add) \ _(MACIP_ACL_DEL, macip_acl_del) \ _(MACIP_ACL_INTERFACE_ADD_DEL, macip_acl_interface_add_del) \ _(MACIP_ACL_DUMP, macip_acl_dump) \ -_(MACIP_ACL_INTERFACE_GET, macip_acl_interface_get) +_(MACIP_ACL_INTERFACE_GET, macip_acl_interface_get) \ +_(MACIP_ACL_INTERFACE_LIST_DUMP, macip_acl_interface_list_dump) + /* *INDENT-OFF* */ VLIB_PLUGIN_REGISTER () = { @@ -89,11 +91,39 @@ acl_set_heap(acl_main_t *am) { if (0 == am->acl_mheap) { am->acl_mheap = mheap_alloc (0 /* use VM */ , 2 << 29); + mheap_t *h = mheap_header (am->acl_mheap); + h->flags |= MHEAP_FLAG_THREAD_SAFE; } void *oldheap = clib_mem_set_heap(am->acl_mheap); return oldheap; } +void +acl_plugin_acl_set_validate_heap(acl_main_t *am, int on) +{ + clib_mem_set_heap(acl_set_heap(am)); + mheap_t *h = mheap_header (am->acl_mheap); + if (on) { + h->flags |= MHEAP_FLAG_VALIDATE; + h->flags &= ~MHEAP_FLAG_SMALL_OBJECT_CACHE; + mheap_validate(h); + } else { + h->flags &= ~MHEAP_FLAG_VALIDATE; + h->flags |= MHEAP_FLAG_SMALL_OBJECT_CACHE; + } +} + +void +acl_plugin_acl_set_trace_heap(acl_main_t *am, int on) +{ + clib_mem_set_heap(acl_set_heap(am)); + mheap_t *h = mheap_header (am->acl_mheap); + if (on) { + h->flags |= MHEAP_FLAG_TRACE; + } else { + h->flags &= ~MHEAP_FLAG_TRACE; + } +} static void vl_api_acl_plugin_get_version_t_handler (vl_api_acl_plugin_get_version_t * mp) @@ -409,8 +439,8 @@ acl_classify_add_del_table_small (vnet_classify_main_t * cm, u8 * mask, table_index, current_data_flag, current_data_offset, is_add, 1 /* delete_chain */); - return ret; clib_mem_set_heap (oldheap); + return ret; } @@ -1738,6 +1768,66 @@ vl_api_macip_acl_interface_get_t_handler (vl_api_macip_acl_interface_get_t * vl_msg_api_send_shmem (q, (u8 *) & rmp); } +static void +send_macip_acl_interface_list_details (acl_main_t * am, + unix_shared_memory_queue_t * q, + u32 sw_if_index, + u32 acl_index, + u32 context) +{ + vl_api_macip_acl_interface_list_details_t *rmp; + /* at this time there is only ever 1 mac ip acl per interface */ + int msg_size = sizeof (*rmp) + sizeof (rmp->acls[0]); + + rmp = vl_msg_api_alloc (msg_size); + memset (rmp, 0, msg_size); + rmp->_vl_msg_id = ntohs (VL_API_MACIP_ACL_INTERFACE_LIST_DETAILS + am->msg_id_base); + + /* fill in the message */ + rmp->context = context; + rmp->count = 1; + rmp->sw_if_index = htonl (sw_if_index); + rmp->acls[0] = htonl (acl_index); + + vl_msg_api_send_shmem (q, (u8 *) & rmp); +} + +static void +vl_api_macip_acl_interface_list_dump_t_handler (vl_api_macip_acl_interface_list_dump_t *mp) +{ + unix_shared_memory_queue_t *q; + acl_main_t *am = &acl_main; + u32 sw_if_index = ntohl (mp->sw_if_index); + + q = vl_api_client_index_to_input_queue (mp->client_index); + if (q == 0) + { + return; + } + + if (sw_if_index == ~0) + { + vec_foreach_index(sw_if_index, am->macip_acl_by_sw_if_index) + { + if (~0 != am->macip_acl_by_sw_if_index[sw_if_index]) + { + send_macip_acl_interface_list_details(am, q, sw_if_index, + am->macip_acl_by_sw_if_index[sw_if_index], + mp->context); + } + } + } + else + { + if (vec_len(am->macip_acl_by_sw_if_index) > sw_if_index) + { + send_macip_acl_interface_list_details(am, q, sw_if_index, + am->macip_acl_by_sw_if_index[sw_if_index], + mp->context); + } + } +} + /* Set up the API message handling tables */ static clib_error_t * acl_plugin_api_hookup (vlib_main_t * vm) @@ -1868,6 +1958,8 @@ acl_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add) VNET_SW_INTERFACE_ADD_DEL_FUNCTION (acl_sw_interface_add_del); + + static clib_error_t * acl_set_aclplugin_fn (vlib_main_t * vm, unformat_input_t * input, @@ -1896,6 +1988,26 @@ acl_set_aclplugin_fn (vlib_main_t * vm, am->l4_match_nonfirst_fragment = (val != 0); goto done; } + if (unformat (input, "heap")) + { + if (unformat(input, "main")) + { + if (unformat(input, "validate %u", &val)) + acl_plugin_acl_set_validate_heap(am, val); + else if (unformat(input, "trace %u", &val)) + acl_plugin_acl_set_trace_heap(am, val); + goto done; + } + else if (unformat(input, "hash")) + { + if (unformat(input, "validate %u", &val)) + acl_plugin_hash_acl_set_validate_heap(am, val); + else if (unformat(input, "trace %u", &val)) + acl_plugin_hash_acl_set_trace_heap(am, val); + goto done; + } + goto done; + } if (unformat (input, "session")) { if (unformat (input, "table")) { /* The commands here are for tuning/testing. No user-serviceable parts inside */ @@ -2265,6 +2377,7 @@ acl_show_aclplugin_fn (vlib_main_t * vm, if (swi < vec_len(am->input_applied_hash_acl_info_by_sw_if_index)) { applied_hash_acl_info_t *pal = &am->input_applied_hash_acl_info_by_sw_if_index[swi]; out0 = format(out0, " input lookup mask_type_index_bitmap: %U\n", format_bitmap_hex, pal->mask_type_index_bitmap); + out0 = format(out0, " input applied acls: %U\n", format_vec32, pal->applied_acls, "%d"); } if (swi < vec_len(am->input_hash_entry_vec_by_sw_if_index)) { out0 = format(out0, " input lookup applied entries:\n"); @@ -2279,6 +2392,7 @@ acl_show_aclplugin_fn (vlib_main_t * vm, if (swi < vec_len(am->output_applied_hash_acl_info_by_sw_if_index)) { applied_hash_acl_info_t *pal = &am->output_applied_hash_acl_info_by_sw_if_index[swi]; out0 = format(out0, " output lookup mask_type_index_bitmap: %U\n", format_bitmap_hex, pal->mask_type_index_bitmap); + out0 = format(out0, " output applied acls: %U\n", format_vec32, pal->applied_acls, "%d"); } if (swi < vec_len(am->output_hash_entry_vec_by_sw_if_index)) { out0 = format(out0, " output lookup applied entries:\n");