FD.io VPP  v18.01.2-1-g9b554f3
Vector Packet Processing
acl_list.hpp
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #ifndef __VOM_ACL_LIST_H__
17 #define __VOM_ACL_LIST_H__
18 
19 #include <set>
20 
21 #include "vom/acl_l2_rule.hpp"
22 #include "vom/acl_l3_rule.hpp"
23 #include "vom/acl_types.hpp"
24 #include "vom/hw.hpp"
25 #include "vom/inspect.hpp"
26 #include "vom/om.hpp"
27 #include "vom/singular_db.hpp"
28 
29 namespace VOM {
30 namespace ACL {
31 /**
32  * An ACL list comprises a set of match actions rules to be applied to
33  * packets.
34  * A list is bound to a given interface.
35  */
36 template <typename RULE>
37 class list : public object_base
38 {
39 public:
40  /**
41  * The KEY can be used to uniquely identify the ACL.
42  * (other choices for keys, like the summation of the properties
43  * of the rules, are rather too cumbersome to use
44  */
45  typedef std::string key_t;
46 
47  /**
48  * The rule container type
49  */
50  typedef std::multiset<RULE> rules_t;
51 
52  /**
53  * Construct a new object matching the desried state
54  */
55  list(const key_t& key)
56  : m_key(key)
57  {
58  }
59 
60  list(const handle_t& hdl, const key_t& key)
61  : m_hdl(hdl)
62  , m_key(key)
63  {
64  }
65 
66  list(const key_t& key, const rules_t& rules)
67  : m_key(key)
68  , m_rules(rules)
69  {
70  m_evh.order();
71  }
72 
73  /**
74  * Copy Constructor
75  */
76  list(const list& o)
77  : m_hdl(o.m_hdl)
78  , m_key(o.m_key)
79  , m_rules(o.m_rules)
80  {
81  }
82 
83  /**
84  * Destructor
85  */
87  {
88  sweep();
89  m_db.release(m_key, this);
90  }
91 
92  /**
93  * Return the 'sigular instance' of the ACL that matches this object
94  */
95  std::shared_ptr<list> singular() const { return find_or_add(*this); }
96 
97  /**
98  * Dump all ACLs into the stream provided
99  */
100  static void dump(std::ostream& os) { m_db.dump(os); }
101 
102  /**
103  * convert to string format for debug purposes
104  */
105  std::string to_string() const
106  {
107  std::ostringstream s;
108  s << "acl-list:[" << m_key << " " << m_hdl.to_string() << " rules:[";
109 
110  for (auto rule : m_rules) {
111  s << rule.to_string() << " ";
112  }
113 
114  s << "]]";
115 
116  return (s.str());
117  }
118 
119  /**
120  * Insert priority sorted a rule into the list
121  */
122  void insert(const RULE& rule) { m_rules.insert(rule); }
123 
124  /**
125  * Remove a rule from the list
126  */
127  void remove(const RULE& rule) { m_rules.erase(rule); }
128 
129  /**
130  * Return the VPP assign handle
131  */
132  const handle_t& handle() const { return m_hdl.data(); }
133 
134  static std::shared_ptr<list> find(const handle_t& handle)
135  {
136  return (m_hdl_db[handle].lock());
137  }
138 
139  static std::shared_ptr<list> find(const key_t& key)
140  {
141  return (m_db.find(key));
142  }
143 
144  static void add(const handle_t& handle, std::shared_ptr<list> sp)
145  {
146  m_hdl_db[handle] = sp;
147  }
148 
149  static void remove(const handle_t& handle) { m_hdl_db.erase(handle); }
150 
151  const key_t& key() const { return m_key; }
152 
153  const rules_t& rules() const { return m_rules; }
154 
155  /**
156  * Comparison operator - for UT
157  */
158  bool operator==(const list& l) const
159  {
160  return (key() == l.key() && rules() == l.rules());
161  }
162 
163 private:
164  /**
165  * Class definition for listeners to OM events
166  */
167  class event_handler : public OM::listener, public inspect::command_handler
168  {
169  public:
170  event_handler()
171  {
172  OM::register_listener(this);
173  inspect::register_handler({ "acl" }, "ACL lists", this);
174  }
175  virtual ~event_handler() = default;
176 
177  /**
178  * Handle a populate event
179  */
180  void handle_populate(const client_db::key_t& key);
181 
182  /**
183  * Handle a replay event
184  */
185  void handle_replay() { m_db.replay(); }
186 
187  /**
188  * Show the object in the Singular DB
189  */
190  void show(std::ostream& os) { m_db.dump(os); }
191 
192  /**
193  * Get the sortable Id of the listener
194  */
195  dependency_t order() const { return (dependency_t::ACL); }
196  };
197 
198  /**
199  * event_handler to register with OM
200  */
201  static event_handler m_evh;
202 
203  /**
204  * Enqueue commands to the VPP command Q for the update
205  */
206  void update(const list& obj);
207 
208  /**
209  * HW assigned handle
210  */
211  HW::item<handle_t> m_hdl;
212 
213  /**
214  * Find or add the sigular instance in the DB
215  */
216  static std::shared_ptr<list> find_or_add(const list& temp)
217  {
218  return (m_db.find_or_add(temp.m_key, temp));
219  }
220 
221  /*
222  * It's the VOM::OM class that updates call update
223  */
224  friend class VOM::OM;
225 
226  /**
227  * It's the VOM::singular_db class that calls replay()
228  */
229  friend class singular_db<key_t, list>;
230 
231  /**
232  * Sweep/reap the object if still stale
233  */
234  void sweep(void);
235 
236  /**
237  * Replay the objects state to HW
238  */
239  void replay(void);
240 
241  /**
242  * A map of all ACL's against the client's key
243  */
244  static singular_db<key_t, list> m_db;
245 
246  /**
247  * A map of all ACLs keyed against VPP's handle
248  */
249  static std::map<const handle_t, std::weak_ptr<list>> m_hdl_db;
250 
251  /**
252  * The Key is a user defined identifer for this ACL
253  */
254  const key_t m_key;
255 
256  /**
257  * A sorted list of the rules
258  */
259  rules_t m_rules;
260 };
261 
262 /**
263  * Typedef the L3 ACL type
264  */
266 
267 /**
268  * Typedef the L2 ACL type
269  */
271 
272 /**
273  * Definition of the static singular_db for ACL Lists
274  */
275 template <typename RULE>
277 
278 /**
279  * Definition of the static per-handle DB for ACL Lists
280  */
281 template <typename RULE>
282 std::map<const handle_t, std::weak_ptr<ACL::list<RULE>>> list<RULE>::m_hdl_db;
283 
284 template <typename RULE>
286 };
287 };
288 
289 /*
290  * fd.io coding-style-patch-verification: ON
291  *
292  * Local Variables:
293  * eval: (c-set-style "mozilla")
294  * End:
295  */
296 
297 #endif
const rules_t & rules() const
Definition: acl_list.hpp:153
static void dump(std::ostream &os)
Dump all ACLs into the stream provided.
Definition: acl_list.hpp:100
void insert(const RULE &rule)
Insert priority sorted a rule into the list.
Definition: acl_list.hpp:122
std::string to_string() const
convert to string format for debug purposes
Definition: acl_list.hpp:105
static void add(const handle_t &handle, std::shared_ptr< list > sp)
Definition: acl_list.hpp:144
const std::string key_t
In the opflex world each entity is known by a URI which can be converted into a string.
Definition: client_db.hpp:51
An ACL list comprises a set of match actions rules to be applied to packets.
Definition: acl_list.hpp:37
static void register_handler(const std::vector< std::string > &cmds, const std::string &help, command_handler *ch)
Register a command handler for inspection.
Definition: inspect.cpp:85
static std::shared_ptr< list > find(const handle_t &handle)
Definition: acl_list.hpp:134
std::string to_string() const
convert to string format for debug purposes
Definition: hw.hpp:160
T & data()
Return the data read/written.
Definition: hw.hpp:108
std::string key_t
The KEY can be used to uniquely identify the ACL.
Definition: acl_list.hpp:45
std::shared_ptr< list > singular() const
Return the &#39;sigular instance&#39; of the ACL that matches this object.
Definition: acl_list.hpp:95
A Database to store the unique &#39;singular&#39; instances of a single object type.
Definition: singular_db.hpp:32
list(const key_t &key)
Construct a new object matching the desried state.
Definition: acl_list.hpp:55
static std::shared_ptr< list > find(const key_t &key)
Definition: acl_list.hpp:139
Class definition for listeners to OM events.
Definition: om.hpp:284
inspect command handler Handler
Definition: inspect.hpp:54
A type declaration of an interface handle in VPP.
Definition: types.hpp:164
dependency_t
There needs to be a strict order in which object types are read from VPP (at boot time) and replayed ...
Definition: types.hpp:43
The interface to writing objects into VPP OM.
Definition: om.hpp:140
list< l3_rule > l3_list
Typedef the L3 ACL type.
Definition: acl_list.hpp:265
A base class for all object_base in the VPP object_base-Model.
Definition: object_base.hpp:29
list(const list &o)
Copy Constructor.
Definition: acl_list.hpp:76
The VPP Object Model (VOM) library.
Definition: acl_binding.cpp:19
std::multiset< RULE > rules_t
The rule container type.
Definition: acl_list.hpp:50
void show(char *chroot_path, int verbose)
Definition: svmtool.c:105
list(const key_t &key, const rules_t &rules)
Definition: acl_list.hpp:66
const handle_t & handle() const
Return the VPP assign handle.
Definition: acl_list.hpp:132
list(const handle_t &hdl, const key_t &key)
Definition: acl_list.hpp:60
list< l2_rule > l2_list
Typedef the L2 ACL type.
Definition: acl_list.hpp:270
const key_t & key() const
Definition: acl_list.hpp:151
static bool register_listener(listener *listener)
Register a listener of events.
Definition: om.cpp:124
~list()
Destructor.
Definition: acl_list.hpp:86
bool operator==(const list &l) const
Comparison operator - for UT.
Definition: acl_list.hpp:158