feat: boostrap hicn 22.02

The current patch provides several new features, improvements,
bug fixes and also complete rewrite of entire components.

- lib
The hicn packet parser has been improved with a new packet
format fully based on UDP. The TCP header is still temporarily
supported but the UDP header will replace completely the new hicn
packet format. Improvements have been made to make sure every
packet parsing operation is made via this library. The current
new header can be used as header between the payload and the
UDP header or as trailer in the UDP surplus area to be tested
when UDP options will start to be used.

- hicn-light
The portable packet forwarder has been completely rewritten from
scratch with the twofold objective to improve performance and
code size but  also to drop dependencies such as libparc which is
now removed by the current implementation.

- hicn control
the control library is the agent that is used to program the
packet forwarders via their binary API. This component has
benefited from significant improvements in terms of interaction
model which is now event driven and more robust to failures.

- VPP plugin has been updated to support VPP 22.02

- transport
Major improvement have been made to the RTC protocol, to the
support of IO modules and to the security sub system. Signed
manifests are the default data authenticity and integrity framework.
Confidentiality can be enabled by sharing the encryption key to the
prod/cons layer. The library has been tested with group key based
applications such as broadcast/multicast and real-time on-line
meetings with trusted server keys or MLS.

- testing
Unit testing has been introduced using GoogleTest. One third of
the code base is covered by unit testing with priority on
critical features. Functional testing has also been introduce
using Docker, linux bridging and Robot Framework to define
test with Less Code techniques to facilitate the extension
of the coverage.

Co-authored-by: Mauro Sardara <msardara@cisco.com>
Co-authored-by: Jordan Augé <jordan.auge+fdio@cisco.com>
Co-authored-by: Michele Papalini <micpapal@cisco.com>
Co-authored-by: Angelo Mantellini <manangel@cisco.com>
Co-authored-by: Jacques Samain <jsamain@cisco.com>
Co-authored-by: Olivier Roques <oroques+fdio@cisco.com>
Co-authored-by: Enrico Loparco <eloparco@cisco.com>
Co-authored-by: Giulio Grassi <gigrassi@cisco.com>

Change-Id: I75d0ef70f86d921e3ef503c99271216ff583c215
Signed-off-by: Luca Muscariello <muscariello@ieee.org>
Signed-off-by: Mauro Sardara <msardara@cisco.com>

4 files changed, 96 insertions, 55 deletions

diff --git a/hicn-plugin/src/udp_tunnels/udp_decap.h b/hicn-plugin/src/udp_tunnels/udp_decap.h
index 9ddb8a73b..7dc13f272 100644
--- a/hicn-plugin/src/udp_tunnels/udp_decap.h
+++ b/hicn-plugin/src/udp_tunnels/udp_decap.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
diff --git a/hicn-plugin/src/udp_tunnels/udp_decap_node.c b/hicn-plugin/src/udp_tunnels/udp_decap_node.c
index 06eb8da71..2ac1b1ecb 100644
--- a/hicn-plugin/src/udp_tunnels/udp_decap_node.c
+++ b/hicn-plugin/src/udp_tunnels/udp_decap_node.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020-2021 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
@@ -223,7 +223,7 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip4_header_t *) outer_ptr0)->dst_address);
 	  udp0 = (udp_header_t *) (outer_ptr0 + sizeof (ip4_header_t));
 	  next0 = v0 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP4_DECAP_NEXT_LOOKUP_IP6;
+				     UDP4_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip4 (&src1,
 				&((ip4_header_t *) outer_ptr1)->src_address);
@@ -231,7 +231,7 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip4_header_t *) outer_ptr1)->dst_address);
 	  udp1 = (udp_header_t *) (outer_ptr1 + sizeof (ip4_header_t));
 	  next1 = v1 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP4_DECAP_NEXT_LOOKUP_IP6;
+				     UDP4_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip4 (&src2,
 				&((ip4_header_t *) outer_ptr2)->src_address);
@@ -239,7 +239,7 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip4_header_t *) outer_ptr2)->dst_address);
 	  udp2 = (udp_header_t *) (outer_ptr2 + sizeof (ip4_header_t));
 	  next2 = v2 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP4_DECAP_NEXT_LOOKUP_IP6;
+				     UDP4_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip4 (&src3,
 				&((ip4_header_t *) outer_ptr3)->src_address);
@@ -247,7 +247,7 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip4_header_t *) outer_ptr3)->dst_address);
 	  udp3 = (udp_header_t *) (outer_ptr3 + sizeof (ip4_header_t));
 	  next3 = v3 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP4_DECAP_NEXT_LOOKUP_IP6;
+				     UDP4_DECAP_NEXT_LOOKUP_IP6;
 
 	  hicn_buffer_t *hicnb0, *hicnb1, *hicnb2, *hicnb3;
 	  hicnb0 = hicn_get_buffer (b0);
@@ -257,34 +257,39 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 
 	  /* Udp encap-decap tunnels have dst and src addresses and port
 	   * swapped */
-	  vnet_buffer (b0)->ip.adj_index[VLIB_RX] =
-	    udp_tunnel_get (&dst0, &src0, udp0->dst_port, udp0->src_port);
-	  vnet_buffer (b1)->ip.adj_index[VLIB_RX] =
-	    udp_tunnel_get (&dst1, &src1, udp1->dst_port, udp1->src_port);
-	  vnet_buffer (b2)->ip.adj_index[VLIB_RX] =
-	    udp_tunnel_get (&dst2, &src2, udp2->dst_port, udp2->src_port);
-	  vnet_buffer (b3)->ip.adj_index[VLIB_RX] =
-	    udp_tunnel_get (&dst3, &src3, udp3->dst_port, udp3->src_port);
-
-	  if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
-	    hicnb0->flags |=
-	      (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
-
-	  if (vnet_buffer (b1)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
-	    hicnb1->flags |=
-	      (outer_v1 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
-
-	  if (vnet_buffer (b2)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
-	    hicnb2->flags |=
-	      (outer_v2 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
-
-	  if (vnet_buffer (b3)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
-	    hicnb3->flags |=
-	      (outer_v3 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+	  vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get_create (
+	    &dst0, &src0, udp0->dst_port, udp0->src_port);
+	  vnet_buffer (b1)->ip.adj_index[VLIB_RX] = udp_tunnel_get_create (
+	    &dst1, &src1, udp1->dst_port, udp1->src_port);
+	  vnet_buffer (b2)->ip.adj_index[VLIB_RX] = udp_tunnel_get_create (
+	    &dst2, &src2, udp2->dst_port, udp2->src_port);
+	  vnet_buffer (b3)->ip.adj_index[VLIB_RX] = udp_tunnel_get_create (
+	    &dst3, &src3, udp3->dst_port, udp3->src_port);
+
+	  ASSERT (vnet_buffer (b0)->ip.adj_index[VLIB_RX] !=
+		  UDP_TUNNEL_INVALID);
+	  ASSERT (vnet_buffer (b1)->ip.adj_index[VLIB_RX] !=
+		  UDP_TUNNEL_INVALID);
+	  ASSERT (vnet_buffer (b2)->ip.adj_index[VLIB_RX] !=
+		  UDP_TUNNEL_INVALID);
+	  ASSERT (vnet_buffer (b3)->ip.adj_index[VLIB_RX] !=
+		  UDP_TUNNEL_INVALID);
+
+	  hicnb0->flags =
+	    (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
+				      HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+
+	  hicnb1->flags =
+	    (outer_v1 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
+				      HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+
+	  hicnb2->flags =
+	    (outer_v2 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
+				      HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+
+	  hicnb3->flags =
+	    (outer_v3 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
+				      HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  udp_decap_trace_buffer (vm, node, 1, b0);
 	  udp_decap_trace_buffer (vm, node, 1, b1);
@@ -346,17 +351,19 @@ udp4_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip4_header_t *) outer_ptr0)->dst_address);
 	  udp0 = (udp_header_t *) (outer_ptr0 + sizeof (ip4_header_t));
 	  next0 = v0 == 0x40 ? UDP4_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP4_DECAP_NEXT_LOOKUP_IP6;
+				     UDP4_DECAP_NEXT_LOOKUP_IP6;
 
 	  hicn_buffer_t *hicnb0 = hicn_get_buffer (b0);
 
-	  vnet_buffer (b0)->ip.adj_index[VLIB_RX] =
-	    udp_tunnel_get (&dst0, &src0, udp0->dst_port, udp0->src_port);
+	  vnet_buffer (b0)->ip.adj_index[VLIB_RX] = udp_tunnel_get_create (
+	    &dst0, &src0, udp0->dst_port, udp0->src_port);
 
-	  if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
-	    hicnb0->flags |=
-	      (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+	  ASSERT (vnet_buffer (b0)->ip.adj_index[VLIB_RX] !=
+		  UDP_TUNNEL_INVALID);
+
+	  hicnb0->flags |=
+	    (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
+				      HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  udp_decap_trace_buffer (vm, node, 1, b0);
 
@@ -488,7 +495,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip6_header_t *) outer_ptr0)->dst_address);
 	  udp0 = (udp_header_t *) (outer_ptr0 + sizeof (ip6_header_t));
 	  next0 = v0 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP6_DECAP_NEXT_LOOKUP_IP6;
+				     UDP6_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip6 (&src1,
 				&((ip6_header_t *) outer_ptr1)->src_address);
@@ -496,7 +503,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip6_header_t *) outer_ptr1)->dst_address);
 	  udp1 = (udp_header_t *) (outer_ptr1 + sizeof (ip6_header_t));
 	  next1 = v1 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP6_DECAP_NEXT_LOOKUP_IP6;
+				     UDP6_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip6 (&src2,
 				&((ip6_header_t *) outer_ptr2)->src_address);
@@ -504,7 +511,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip6_header_t *) outer_ptr2)->dst_address);
 	  udp2 = (udp_header_t *) (outer_ptr2 + sizeof (ip6_header_t));
 	  next2 = v2 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP6_DECAP_NEXT_LOOKUP_IP6;
+				     UDP6_DECAP_NEXT_LOOKUP_IP6;
 
 	  ip46_address_set_ip6 (&src3,
 				&((ip6_header_t *) outer_ptr3)->src_address);
@@ -512,7 +519,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip6_header_t *) outer_ptr3)->dst_address);
 	  udp3 = (udp_header_t *) (outer_ptr3 + sizeof (ip6_header_t));
 	  next3 = v3 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP6_DECAP_NEXT_LOOKUP_IP6;
+				     UDP6_DECAP_NEXT_LOOKUP_IP6;
 
 	  hicn_buffer_t *hicnb0, *hicnb1, *hicnb2, *hicnb3;
 	  hicnb0 = hicn_get_buffer (b0);
@@ -534,22 +541,22 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 	  if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
 	    hicnb0->flags |=
 	      (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+					HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  if (vnet_buffer (b1)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
 	    hicnb1->flags |=
 	      (outer_v1 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+					HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  if (vnet_buffer (b2)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
 	    hicnb2->flags |=
 	      (outer_v2 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+					HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  if (vnet_buffer (b3)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
 	    hicnb3->flags |=
 	      (outer_v3 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+					HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  udp_decap_trace_buffer (vm, node, 0, b0);
 	  udp_decap_trace_buffer (vm, node, 0, b1);
@@ -610,7 +617,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 				&((ip6_header_t *) outer_ptr0)->dst_address);
 	  udp0 = (udp_header_t *) (outer_ptr0 + sizeof (ip6_header_t));
 	  next0 = v0 == 0x40 ? UDP6_DECAP_NEXT_LOOKUP_IP4 :
-			       UDP6_DECAP_NEXT_LOOKUP_IP6;
+				     UDP6_DECAP_NEXT_LOOKUP_IP6;
 
 	  hicn_buffer_t *hicnb0 = hicn_get_buffer (b0);
 
@@ -620,7 +627,7 @@ udp6_decap_node_fn (vlib_main_t *vm, vlib_node_runtime_t *node,
 	  if (vnet_buffer (b0)->ip.adj_index[VLIB_RX] != UDP_TUNNEL_INVALID)
 	    hicnb0->flags |=
 	      (outer_v0 == 0x40 ? HICN_BUFFER_FLAGS_FROM_UDP4_TUNNEL :
-				  HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
+					HICN_BUFFER_FLAGS_FROM_UDP6_TUNNEL);
 
 	  udp_decap_trace_buffer (vm, node, 0, b0);
 
diff --git a/hicn-plugin/src/udp_tunnels/udp_tunnel.c b/hicn-plugin/src/udp_tunnels/udp_tunnel.c
index 8ea2cb503..d03d6a74e 100644
--- a/hicn-plugin/src/udp_tunnels/udp_tunnel.c
+++ b/hicn-plugin/src/udp_tunnels/udp_tunnel.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020-2021 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
@@ -156,6 +156,27 @@ udp_tunnel_get (const ip46_address_t *src_ip, const ip46_address_t *dst_ip,
   return ret == 0 ? (u32) value.value : UDP_TUNNEL_INVALID;
 }
 
+u32
+udp_tunnel_get_create (const ip46_address_t *src_ip,
+		       const ip46_address_t *dst_ip, u16 src_port,
+		       u16 dst_port)
+{
+  u32 ret = udp_tunnel_get (src_ip, dst_ip, src_port, dst_port);
+  if (ret == UDP_TUNNEL_INVALID)
+    {
+      fib_protocol_t proto =
+	ip46_address_is_ip4 (src_ip) ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6;
+
+      index_t fib_index = fib_table_find (proto, HICN_FIB_TABLE);
+
+      ret = udp_tunnel_add (
+	proto, fib_index, src_ip, dst_ip, clib_net_to_host_u16 (src_port),
+	clib_net_to_host_u16 (dst_port), UDP_ENCAP_FIXUP_NONE);
+    }
+
+  return ret;
+}
+
 void
 udp_tunnel_init ()
 {
@@ -255,8 +276,8 @@ udp_tunnel_command_fn (vlib_main_t *vm, unformat_input_t *main_input,
       int ret = udp_tunnel_del (fproto, fib_index, &src_ip, &dst_ip, src_port,
 				dst_port, UDP_ENCAP_FIXUP_NONE);
       error = (ret == HICN_ERROR_NONE) ?
-		0 :
-		clib_error_return (0, "%s\n", get_error_string (ret));
+		      0 :
+		      clib_error_return (0, "%s\n", get_error_string (ret));
     }
   else
     {
diff --git a/hicn-plugin/src/udp_tunnels/udp_tunnel.h b/hicn-plugin/src/udp_tunnels/udp_tunnel.h
index 2e57b7857..376adf5fa 100644
--- a/hicn-plugin/src/udp_tunnels/udp_tunnel.h
+++ b/hicn-plugin/src/udp_tunnels/udp_tunnel.h
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at:
@@ -70,6 +70,19 @@ u32 udp_tunnel_get (const ip46_address_t *src_ip, const ip46_address_t *dst_ip,
 		    u16 src_port, u16 dst_port);
 
 /**
+ * @brief Get udp tunnel UEI. Creates the tunnel if does not exist already.
+ *
+ * @param src_ip source address of the tunnel
+ * @param dst_ip destination address of the tunnel
+ * @param src_port source port
+ * @param src_port destination port
+ * @return id of the udp tunnel/encap
+ */
+u32 udp_tunnel_get_create (const ip46_address_t *src_ip,
+			   const ip46_address_t *dst_ip, u16 src_port,
+			   u16 dst_port);
+
+/**
  * @brief Delete a udp tunnel
  *
  * @param proto FIB_PROTOCOL_IP4 or FIB_PROTOCOL_IP6