summaryrefslogtreecommitdiffstats
path: root/src/plugins/abf/abf_api.c
diff options
context:
space:
mode:
authorAndrew Yourtchenko <ayourtch@gmail.com>2017-11-17 14:38:18 +0100
committerDamjan Marion <dmarion.lists@gmail.com>2018-04-17 18:25:05 +0000
commit669d07dc016757b856e1014a415996cf9f0ebc58 (patch)
treebd86de6e168fd66563f3f81aa971403c0409bbe9 /src/plugins/abf/abf_api.c
parent2926eca95138577be8d88eb8d6a442d93f182309 (diff)
ACL based forwarding
A poor man's flow switching or policy based rounting. An ACL is used to match packets and is associated with a [set of] forwarding paths that determine how to forward matched packets - collectively this association is a 'policy'. Policies are then 'attached', in a priority order, to an interface when thaey are encountered as an input feature. If a packet matches no policies it is forwarded normally in the IP FIB. This commit is used to test the "ACL-as-a-service" functionality, which currently compiles, and the existing traffic ACL tests pass in both hash and linear modes. Change-Id: I0b274ec9f2e645352fa898b43eb54c457e195964 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Ole Troan <ot@cisco.com>
Diffstat (limited to 'src/plugins/abf/abf_api.c')
-rw-r--r--src/plugins/abf/abf_api.c327
1 files changed, 327 insertions, 0 deletions
diff --git a/src/plugins/abf/abf_api.c b/src/plugins/abf/abf_api.c
new file mode 100644
index 00000000000..55f43e626ad
--- /dev/null
+++ b/src/plugins/abf/abf_api.c
@@ -0,0 +1,327 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stddef.h>
+
+#include <vnet/vnet.h>
+#include <vnet/plugin/plugin.h>
+#include <abf/abf_policy.h>
+#include <abf/abf_itf_attach.h>
+#include <vnet/mpls/mpls_types.h>
+#include <vnet/fib/fib_path_list.h>
+#include <vnet/fib/fib_api.h>
+
+#include <vpp/app/version.h>
+
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+
+/* define message IDs */
+#include <abf/abf_msg_enum.h>
+
+/* define message structures */
+#define vl_typedefs
+#include <abf/abf_all_api_h.h>
+#undef vl_typedefs
+
+/* define generated endian-swappers */
+#define vl_endianfun
+#include <abf/abf_all_api_h.h>
+#undef vl_endianfun
+
+/* instantiate all the print functions we know about */
+#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
+#define vl_printfun
+#include <abf/abf_all_api_h.h>
+#undef vl_printfun
+
+/* Get the API version number */
+#define vl_api_version(n,v) static u32 api_version=(v);
+#include <abf/abf_all_api_h.h>
+#undef vl_api_version
+
+/**
+ * Base message ID fot the plugin
+ */
+static u32 abf_base_msg_id;
+
+#include <vlibapi/api_helper_macros.h>
+
+/* List of message types that this plugin understands */
+
+#define foreach_abf_plugin_api_msg \
+_(ABF_PLUGIN_GET_VERSION, abf_plugin_get_version) \
+_(ABF_POLICY_ADD_DEL, abf_policy_add_del) \
+_(ABF_POLICY_DUMP, abf_policy_dump) \
+_(ABF_ITF_ATTACH_ADD_DEL, abf_itf_attach_add_del) \
+_(ABF_ITF_ATTACH_DUMP, abf_itf_attach_dump)
+
+static void
+vl_api_abf_plugin_get_version_t_handler (vl_api_abf_plugin_get_version_t * mp)
+{
+ vl_api_abf_plugin_get_version_reply_t *rmp;
+ int msg_size = sizeof (*rmp);
+ unix_shared_memory_queue_t *q;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ {
+ return;
+ }
+
+ rmp = vl_msg_api_alloc (msg_size);
+ memset (rmp, 0, msg_size);
+ rmp->_vl_msg_id =
+ ntohs (VL_API_ABF_PLUGIN_GET_VERSION_REPLY + abf_base_msg_id);
+ rmp->context = mp->context;
+ rmp->major = htonl (ABF_PLUGIN_VERSION_MAJOR);
+ rmp->minor = htonl (ABF_PLUGIN_VERSION_MINOR);
+
+ vl_msg_api_send_shmem (q, (u8 *) & rmp);
+}
+
+static void
+vl_api_abf_policy_add_del_t_handler (vl_api_abf_policy_add_del_t * mp)
+{
+ vl_api_abf_policy_add_del_reply_t *rmp;
+ fib_route_path_t *paths = NULL, *path;
+ int rv = 0;
+ u8 pi;
+
+ vec_validate (paths, mp->policy.n_paths - 1);
+
+ for (pi = 0; pi < mp->policy.n_paths; pi++)
+ {
+ path = &paths[pi];
+ rv = fib_path_api_parse (&mp->policy.paths[pi], path);
+
+ if (0 != rv)
+ {
+ goto done;
+ }
+ }
+
+ if (mp->is_add)
+ {
+ abf_policy_update (ntohl (mp->policy.policy_id),
+ ntohl (mp->policy.acl_index), paths);
+ }
+ else
+ {
+ abf_policy_delete (ntohl (mp->policy.policy_id), paths);
+ }
+done:
+ vec_free (paths);
+
+ REPLY_MACRO (VL_API_ABF_POLICY_ADD_DEL_REPLY + abf_base_msg_id);
+}
+
+static void
+vl_api_abf_itf_attach_add_del_t_handler (vl_api_abf_itf_attach_add_del_t * mp)
+{
+ vl_api_abf_itf_attach_add_del_reply_t *rmp;
+ fib_protocol_t fproto = (mp->attach.is_ipv6 ?
+ FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4);
+ int rv = 0;
+
+ if (mp->is_add)
+ {
+ abf_itf_attach (fproto,
+ ntohl (mp->attach.policy_id),
+ ntohl (mp->attach.priority),
+ ntohl (mp->attach.sw_if_index));
+ }
+ else
+ {
+ abf_itf_detach (fproto,
+ ntohl (mp->attach.policy_id),
+ ntohl (mp->attach.sw_if_index));
+ }
+
+ REPLY_MACRO (VL_API_ABF_ITF_ATTACH_ADD_DEL_REPLY + abf_base_msg_id);
+}
+
+typedef struct abf_dump_walk_ctx_t_
+{
+ unix_shared_memory_queue_t *q;
+ u32 context;
+} abf_dump_walk_ctx_t;
+
+static int
+abf_policy_send_details (u32 api, void *args)
+{
+ fib_route_path_encode_t *api_rpaths = NULL, *api_rpath;
+ vl_api_abf_policy_details_t *mp;
+ abf_dump_walk_ctx_t *ctx;
+ vl_api_fib_path_t *fp;
+ size_t msg_size;
+ abf_policy_t *ap;
+ u8 n_paths;
+
+ ctx = args;
+ ap = abf_policy_get (api);
+ n_paths = fib_path_list_get_n_paths (ap->ap_pl);
+ msg_size = sizeof (*mp) + sizeof (mp->policy.paths[0]) * n_paths;
+
+ mp = vl_msg_api_alloc (msg_size);
+ memset (mp, 0, msg_size);
+ mp->_vl_msg_id = ntohs (VL_API_ABF_POLICY_DETAILS + abf_base_msg_id);
+
+ /* fill in the message */
+ mp->context = ctx->context;
+ mp->policy.n_paths = n_paths;
+ mp->policy.acl_index = htonl (ap->ap_acl);
+ mp->policy.policy_id = htonl (ap->ap_id);
+
+ fib_path_list_walk (ap->ap_pl, fib_path_encode, &api_rpaths);
+
+ fp = mp->policy.paths;
+ vec_foreach (api_rpath, api_rpaths)
+ {
+ fib_api_path_encode (api_rpath, fp);
+ fp++;
+ }
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & mp);
+
+ return (1);
+}
+
+static void
+vl_api_abf_policy_dump_t_handler (vl_api_abf_policy_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ {
+ return;
+ }
+
+ abf_dump_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ abf_policy_walk (abf_policy_send_details, &ctx);
+}
+
+static int
+abf_itf_attach_send_details (u32 aiai, void *args)
+{
+ vl_api_abf_itf_attach_details_t *mp;
+ abf_dump_walk_ctx_t *ctx;
+ abf_itf_attach_t *aia;
+ abf_policy_t *ap;
+
+ ctx = args;
+ aia = abf_itf_attach_get (aiai);
+ ap = abf_policy_get (aia->aia_abf);
+
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_ABF_ITF_ATTACH_DETAILS + abf_base_msg_id);
+
+ mp->context = ctx->context;
+ mp->attach.policy_id = htonl (ap->ap_id);
+ mp->attach.sw_if_index = htonl (aia->aia_sw_if_index);
+ mp->attach.priority = htonl (aia->aia_prio);
+ mp->attach.is_ipv6 = (aia->aia_proto == FIB_PROTOCOL_IP6);
+
+ vl_msg_api_send_shmem (ctx->q, (u8 *) & mp);
+
+ return (1);
+}
+
+static void
+vl_api_abf_itf_attach_dump_t_handler (vl_api_abf_itf_attach_dump_t * mp)
+{
+ unix_shared_memory_queue_t *q;
+
+ q = vl_api_client_index_to_input_queue (mp->client_index);
+ if (q == 0)
+ {
+ return;
+ }
+
+ abf_dump_walk_ctx_t ctx = {
+ .q = q,
+ .context = mp->context,
+ };
+
+ abf_itf_attach_walk (abf_itf_attach_send_details, &ctx);
+}
+
+#define vl_msg_name_crc_list
+#include <abf/abf_all_api_h.h>
+#undef vl_msg_name_crc_list
+
+/* Set up the API message handling tables */
+static clib_error_t *
+abf_plugin_api_hookup (vlib_main_t * vm)
+{
+#define _(N,n) \
+ vl_msg_api_set_handlers((VL_API_##N + abf_base_msg_id), \
+ #n, \
+ vl_api_##n##_t_handler, \
+ vl_noop_handler, \
+ vl_api_##n##_t_endian, \
+ vl_api_##n##_t_print, \
+ sizeof(vl_api_##n##_t), 1);
+ foreach_abf_plugin_api_msg;
+#undef _
+
+ return 0;
+}
+
+static void
+setup_message_id_table (api_main_t * apim)
+{
+#define _(id,n,crc) \
+ vl_msg_api_add_msg_name_crc (apim, #n "_" #crc, id + abf_base_msg_id);
+ foreach_vl_msg_name_crc_abf;
+#undef _
+}
+
+static clib_error_t *
+abf_api_init (vlib_main_t * vm)
+{
+ clib_error_t *error = 0;
+
+ u8 *name = format (0, "abf_%08x%c", api_version, 0);
+
+ /* Ask for a correctly-sized block of API message decode slots */
+ abf_base_msg_id = vl_msg_api_get_msg_ids ((char *) name,
+ VL_MSG_FIRST_AVAILABLE);
+
+ error = abf_plugin_api_hookup (vm);
+
+ /* Add our API messages to the global name_crc hash table */
+ setup_message_id_table (&api_main);
+
+ vec_free (name);
+
+ return error;
+}
+
+VLIB_INIT_FUNCTION (abf_api_init);
+
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */