FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
acl_l3_list.cpp
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include "vom/acl_l3_list.hpp"
17 #include "vom/acl_list_cmds.hpp"
18 #include "vom/api_types.hpp"
19 #include "vom/logger.hpp"
20 #include "vom/singular_db_funcs.hpp"
21 
22 namespace VOM {
23 namespace ACL {
24 
25 /**
26  * Definition of the static singular_db for ACL Lists
27  */
28 singular_db<l3_list::key_t, l3_list> l3_list::m_db;
29 
30 /**
31  * Definition of the static per-handle DB for ACL Lists
32  */
33 std::map<handle_t, std::weak_ptr<l3_list>> l3_list::m_hdl_db;
34 
35 l3_list::event_handler l3_list::m_evh;
36 
37 l3_list::event_handler::event_handler()
38 {
39  OM::register_listener(this);
40  inspect::register_handler({ "l3-acl-list" }, "L3 ACL lists", this);
41 }
42 
43 l3_list::l3_list(const key_t& key)
44  : m_hdl(handle_t::INVALID)
45  , m_key(key)
46 {}
47 
48 l3_list::l3_list(const handle_t& hdl, const key_t& key)
49  : m_hdl(hdl)
50  , m_key(key)
51 {}
52 
53 l3_list::l3_list(const key_t& key, const rules_t& rules)
54  : m_hdl(handle_t::INVALID)
55  , m_key(key)
56  , m_rules(rules)
57 {}
58 
59 l3_list::l3_list(const l3_list& o)
60  : m_hdl(o.m_hdl)
61  , m_key(o.m_key)
62  , m_rules(o.m_rules)
63 {}
64 
65 l3_list::~l3_list()
66 {
67  sweep();
68  m_db.release(m_key, this);
69 }
70 
71 std::shared_ptr<l3_list>
72 l3_list::singular() const
73 {
74  return find_or_add(*this);
75 }
76 
77 /**
78  * Dump all ACLs into the stream provided
79  */
80 void
81 l3_list::dump(std::ostream& os)
82 {
83  db_dump(m_db, os);
84 }
85 
86 /**
87  * convert to string format for debug purposes
88  */
89 std::string
90 l3_list::to_string() const
91 {
92  std::ostringstream s;
93  s << "acl-list:[" << m_key << " " << m_hdl.to_string() << " rules:[";
94 
95  for (auto rule : m_rules) {
96  s << rule.to_string() << " ";
97  }
98 
99  s << "]]";
100 
101  return (s.str());
102 }
103 
104 void
105 l3_list::insert(const l3_rule& rule)
106 {
107  m_rules.insert(rule);
108 }
109 
110 void
111 l3_list::remove(const l3_rule& rule)
112 {
113  m_rules.erase(rule);
114 }
115 
116 const handle_t&
117 l3_list::handle() const
118 {
119  return (singular()->handle_i());
120 }
121 
122 std::shared_ptr<l3_list>
123 l3_list::find(const handle_t& handle)
124 {
125  return (m_hdl_db[handle].lock());
126 }
127 
128 std::shared_ptr<l3_list>
129 l3_list::find(const key_t& key)
130 {
131  return (m_db.find(key));
132 }
133 
134 std::shared_ptr<l3_list>
135 l3_list::find_or_add(const l3_list& temp)
136 {
137  return (m_db.find_or_add(temp.key(), temp));
138 }
139 
140 const handle_t&
141 l3_list::handle_i() const
142 {
143  return (m_hdl.data());
144 }
145 
146 void
147 l3_list::add(const key_t& key, const HW::item<handle_t>& item)
148 {
149  std::shared_ptr<l3_list> sp = find(key);
150 
151  if (sp && item) {
152  m_hdl_db[item.data()] = sp;
153  }
154 }
155 
156 void
157 l3_list::remove(const HW::item<handle_t>& item)
158 {
159  m_hdl_db.erase(item.data());
160 }
161 
162 const l3_list::key_t&
163 l3_list::key() const
164 {
165  return m_key;
166 }
167 
168 const l3_list::rules_t&
169 l3_list::rules() const
170 {
171  return m_rules;
172 }
173 
174 bool
175 l3_list::operator==(const l3_list& l) const
176 {
177  return (key() == l.key() && rules() == l.rules());
178 }
179 
180 void
181 l3_list::event_handler::handle_populate(const client_db::key_t& key)
182 {
183  /*
184  * dump L3 ACLs Bridge domains
185  */
186  std::shared_ptr<list_cmds::l3_dump_cmd> cmd =
187  std::make_shared<list_cmds::l3_dump_cmd>();
188 
189  HW::enqueue(cmd);
190  HW::write();
191 
192  for (auto& record : *cmd) {
193  auto& payload = record.get_payload();
194 
195  const handle_t hdl(payload.acl_index);
196  l3_list acl(hdl, std::string(reinterpret_cast<const char*>(payload.tag)));
197 
198  for (unsigned int ii = 0; ii < payload.count; ii++) {
199  const route::prefix_t src = from_api(payload.r[ii].src_prefix);
200  const route::prefix_t dst = from_api(payload.r[ii].dst_prefix);
201  l3_rule rule(ii, action_t::from_int(payload.r[ii].is_permit), src, dst);
202 
203  rule.set_proto(payload.r[ii].proto);
204  rule.set_src_from_port(payload.r[ii].srcport_or_icmptype_first);
205  rule.set_src_to_port(payload.r[ii].srcport_or_icmptype_last);
206  rule.set_dst_from_port(payload.r[ii].dstport_or_icmpcode_first);
207  rule.set_dst_to_port(payload.r[ii].dstport_or_icmpcode_last);
208  rule.set_tcp_flags_mask(payload.r[ii].tcp_flags_mask);
209  rule.set_tcp_flags_value(payload.r[ii].tcp_flags_value);
210 
211  acl.insert(rule);
212  }
213  VOM_LOG(log_level_t::DEBUG) << "dump: " << acl.to_string();
214 
215  /*
216  * Write each of the discovered ACLs into the OM,
217  * but disable the HW Command q whilst we do, so that no
218  * commands are sent to VPP
219  */
220  OM::commit(key, acl);
221  }
222 }
223 
224 void
225 l3_list::event_handler::show(std::ostream& os)
226 {
227  db_dump(m_db, os);
228 }
229 
230 dependency_t
231 l3_list::event_handler::order() const
232 {
233  return (dependency_t::ACL);
234 }
235 
236 void
237 l3_list::event_handler::handle_replay()
238 {
239  m_db.replay();
240 }
241 
242 void
243 l3_list::update(const l3_list& obj)
244 {
245  /*
246  * always update the instance with the latest rule set
247  */
248  if (rc_t::OK != m_hdl.rc() || obj.m_rules != m_rules) {
249  HW::enqueue(new list_cmds::l3_update_cmd(m_hdl, m_key, m_rules));
250  }
251  /*
252  * We don't, can't, read the priority from VPP,
253  * so the is equals check above does not include the priorty.
254  * but we save it now.
255  */
256  m_rules = obj.m_rules;
257 }
258 
259 /**
260  * Sweep/reap the object if still stale
261  */
262 void
263 l3_list::sweep(void)
264 {
265  if (m_hdl) {
266  HW::enqueue(new list_cmds::l3_delete_cmd(m_hdl));
267  }
268  HW::write();
269 }
270 
271 /**
272  * Replay the objects state to HW
273  */
274 void
275 l3_list::replay(void)
276 {
277  if (m_hdl) {
278  m_hdl.data().reset();
279  HW::enqueue(new list_cmds::l3_update_cmd(m_hdl, m_key, m_rules));
280  }
281 }
282 
283 }; // namespace ACL
284 }; // namespace VOM
285 
286 /*
287  * fd.io coding-style-patch-verification: OFF
288  *
289  * Local Variables:
290  * eval: (c-set-style "mozilla")
291  * End:
292  */
VOM::route::prefix_t
A prefix defintion.
Definition: prefix.hpp:131
VOM::HW::item< handle_t >
VOM::ACL::l3_list::handle
const handle_t & handle() const
Return the VPP assign handle.
Definition: acl_l3_list.cpp:117
VOM::ACL::l3_list::rules_t
std::multiset< l3_rule > rules_t
The rule container type.
Definition: acl_l3_list.hpp:48
VOM::HW::write
static rc_t write()
Write/Execute all commands hitherto enqueued.
Definition: hw.cpp:255
VOM::OM::commit
static rc_t commit(const client_db::key_t &key, const OBJ &obj)
Make the State in VPP reflect the expressed desired state.
Definition: om.hpp:202
acl_l3_list.hpp
VOM_LOG
#define VOM_LOG(lvl)
Definition: logger.hpp:181
VOM::ACL::l3_list::singular
std::shared_ptr< l3_list > singular() const
Return the 'sigular instance' of the ACL that matches this object.
Definition: acl_l3_list.cpp:72
VOM
The VPP Object Model (VOM) library.
Definition: acl_binding.cpp:19
VOM::inspect::register_handler
static void register_handler(const std::vector< std::string > &cmds, const std::string &help, command_handler *ch)
Register a command handler for inspection.
Definition: inspect.cpp:85
VOM::dependency_t
dependency_t
There needs to be a strict order in which object types are read from VPP (at boot time) and replayed ...
Definition: types.hpp:43
VOM::rc_t::OK
const static rc_t OK
The HW write was successfull.
Definition: types.hpp:109
VOM::ACL::l3_list::operator==
bool operator==(const l3_list &l) const
Comparison operator - for UT.
Definition: acl_l3_list.cpp:175
VOM::handle_t::reset
void reset()
reset the value of the handle to ~0
Definition: types.cpp:99
VOM::ACL::l3_list::insert
void insert(const l3_rule &rule)
Insert priority sorted a rule into the list.
Definition: acl_l3_list.cpp:105
VOM::ACL::l3_list::rules
const rules_t & rules() const
Definition: acl_l3_list.cpp:169
key
typedef key
Definition: ipsec_types.api:88
VOM::db_dump
void db_dump(const DB &db, std::ostream &os)
Print each of the objects in the DB into the stream provided.
Definition: singular_db_funcs.hpp:35
VOM::ACL::l3_list::find
static std::shared_ptr< l3_list > find(const handle_t &handle)
Definition: acl_l3_list.cpp:123
VOM::OM::register_listener
static bool register_listener(listener *listener)
Register a listener of events.
Definition: om.cpp:127
VOM::ACL::l3_list::add
static void add(const key_t &key, const HW::item< handle_t > &item)
Definition: acl_l3_list.cpp:147
VOM::ACL::l3_rule
An ACL rule is the building block of an ACL.
Definition: acl_l3_rule.hpp:31
VOM::client_db::key_t
const typedef std::string key_t
In the opflex world each entity is known by a URI which can be converted into a string.
Definition: client_db.hpp:51
VOM::handle_t
A type declaration of an interface handle in VPP.
Definition: types.hpp:233
VOM::HW::enqueue
static void enqueue(cmd *f)
Enqueue A command for execution.
Definition: hw.cpp:212
src
vl_api_address_t src
Definition: gre.api:54
VOM::ACL::l3_list::key_t
std::string key_t
The KEY can be used to uniquely identify the ACL.
Definition: acl_l3_list.hpp:43
VOM::ACL::l3_list::~l3_list
~l3_list()
Destructor.
Definition: acl_l3_list.cpp:65
VOM::ACL::list_cmds::l3_delete_cmd
delete_cmd< l3_list, vapi::Acl_del > l3_delete_cmd
Definition: acl_list_cmds.hpp:201
VOM::ACL::l3_list::dump
static void dump(std::ostream &os)
Dump all ACLs into the stream provided.
Definition: acl_l3_list.cpp:81
VOM::HW::item::to_string
std::string to_string() const
convert to string format for debug purposes
Definition: hw.hpp:161
VOM::ACL::l3_list::l3_list
l3_list(const key_t &key)
Construct a new object matching the desried state.
Definition: acl_l3_list.cpp:43
VOM::log_level_t::DEBUG
const static log_level_t DEBUG
Definition: logger.hpp:32
VOM::ACL::l3_list::key
const key_t & key() const
Definition: acl_l3_list.cpp:163
VOM::ACL::l3_list::to_string
std::string to_string() const
convert to string format for debug purposes
Definition: acl_l3_list.cpp:90
VOM::ACL::l3_list
An L3 ACL list comprises a set of match actions rules to be applied to packets.
Definition: acl_l3_list.hpp:35
singular_db_funcs.hpp
VOM::HW::item::rc
rc_t rc() const
Get the HW return code.
Definition: hw.hpp:119
VOM::HW::item::data
T & data()
Return the data read/written.
Definition: hw.hpp:109
VOM::ACL::l3_list::remove
void remove(const l3_rule &rule)
Remove a rule from the list.
Definition: acl_l3_list.cpp:111
dst
vl_api_ip4_address_t dst
Definition: pnat.api:41
rules
vl_api_gbp_rule_t rules[n_rules]
Definition: gbp.api:338
acl_list_cmds.hpp
logger.hpp
item
cJSON * item
Definition: cJSON.h:222
show
void show(char *chroot_path, int verbose)
Definition: svmtool.c:104
event_handler
void event_handler(void *tls_async)
Definition: tls_async.c:334
VOM::cmd
A representation of a method call to VPP.
Definition: cmd.hpp:32
VOM::ACL::list_cmds::l3_update_cmd
update_cmd< l3_list, vapi::Acl_add_replace > l3_update_cmd
Typedef the L3 ACL commands.
Definition: acl_list_cmds.hpp:200
VOM::ACL::action_t::from_int
static const action_t & from_int(uint8_t i)
Get the enum type from a VPP integer value.
Definition: acl_types.cpp:30
VOM::from_api
const neighbour::flags_t from_api(vapi_enum_ip_neighbor_flags f)
Definition: api_types.cpp:36
api_types.hpp
VOM::dependency_t::ACL
@ ACL
ACLs.
string
const char *const string
Definition: cJSON.h:172