diff options
author | Andrew Yourtchenko <ayourtch@gmail.com> | 2019-03-20 11:11:19 +0100 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2019-03-22 17:33:09 +0000 |
commit | b5395729c7b08c88f2e520c06b0edec28d3a1fe1 (patch) | |
tree | 8eaa6ef43d59bebd649351295bdf11224b26dac1 /src/plugins/acl | |
parent | 063dfa1587a58319fac139eab5e655ad1c555e33 (diff) |
acl-plugin: get rid of a separate "count" field in the linear acl struct
Long time ago, the linear array of rules in the ACL structure was not
a vector. Now it is, so get rid of the extraneous "count" member.
Do so in a manner that would ease potential the MP-safe manipulation of
ACL rules in the future.
Change-Id: Ib9c0731e4f21723c9ec4d7f00c3e5ead8e1e97bd
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Diffstat (limited to 'src/plugins/acl')
-rw-r--r-- | src/plugins/acl/acl.c | 17 | ||||
-rw-r--r-- | src/plugins/acl/acl.h | 1 | ||||
-rw-r--r-- | src/plugins/acl/hash_lookup.c | 10 | ||||
-rw-r--r-- | src/plugins/acl/public_inlines.h | 8 |
4 files changed, 18 insertions, 18 deletions
diff --git a/src/plugins/acl/acl.c b/src/plugins/acl/acl.c index 1e040b6a036..396fe1fd114 100644 --- a/src/plugins/acl/acl.c +++ b/src/plugins/acl/acl.c @@ -260,13 +260,14 @@ acl_print_acl_x (acl_vector_print_func_t vpr, vlib_main_t * vm, acl_main_t * am, int acl_index) { acl_rule_t *r; + acl_rule_t *acl_rules = am->acls[acl_index].rules; u8 *out0 = format (0, "acl-index %u count %u tag {%s}\n", acl_index, - am->acls[acl_index].count, am->acls[acl_index].tag); + vec_len (acl_rules), am->acls[acl_index].tag); int j; vpr (vm, out0); - for (j = 0; j < am->acls[acl_index].count; j++) + for (j = 0; j < vec_len (acl_rules); j++) { - r = &am->acls[acl_index].rules[j]; + r = &acl_rules[j]; out0 = format (out0, " %9d: %s ", j, r->is_ipv6 ? "ipv6" : "ipv4"); out0 = format_acl_action (out0, r->is_permit); out0 = format (out0, " src %U/%d", format_ip46_address, &r->src, @@ -457,7 +458,6 @@ acl_add_list (u32 count, vl_api_acl_rule_t rules[], vec_free (a->rules); } a->rules = acl_new_rules; - a->count = count; memcpy (a->tag, tag, sizeof (a->tag)); if (am->trace_acl > 255) warning_acl_print_acl (am->vlib_main, am, *acl_list_index); @@ -2003,7 +2003,8 @@ send_acl_details (acl_main_t * am, vl_api_registration_t * reg, vl_api_acl_details_t *mp; vl_api_acl_rule_t *rules; int i; - int msg_size = sizeof (*mp) + sizeof (mp->r[0]) * acl->count; + acl_rule_t *acl_rules = acl->rules; + int msg_size = sizeof (*mp) + sizeof (mp->r[0]) * vec_len (acl_rules); void *oldheap = acl_set_heap (am); mp = vl_msg_api_alloc (msg_size); @@ -2012,14 +2013,14 @@ send_acl_details (acl_main_t * am, vl_api_registration_t * reg, /* fill in the message */ mp->context = context; - mp->count = htonl (acl->count); + mp->count = htonl (vec_len (acl_rules)); mp->acl_index = htonl (acl - am->acls); memcpy (mp->tag, acl->tag, sizeof (mp->tag)); // clib_memcpy (mp->r, acl->rules, acl->count * sizeof(acl->rules[0])); rules = mp->r; - for (i = 0; i < acl->count; i++) + for (i = 0; i < vec_len (acl_rules); i++) { - copy_acl_rule_to_api_rule (&rules[i], &acl->rules[i]); + copy_acl_rule_to_api_rule (&rules[i], &acl_rules[i]); } clib_mem_set_heap (oldheap); diff --git a/src/plugins/acl/acl.h b/src/plugins/acl/acl.h index ef2f25a8631..53650916423 100644 --- a/src/plugins/acl/acl.h +++ b/src/plugins/acl/acl.h @@ -91,7 +91,6 @@ typedef struct /** Required for pool_get_aligned */ CLIB_CACHE_LINE_ALIGN_MARK(cacheline0); u8 tag[64]; - u32 count; acl_rule_t *rules; } acl_list_t; diff --git a/src/plugins/acl/hash_lookup.c b/src/plugins/acl/hash_lookup.c index ff671d1c092..ccae26453d3 100644 --- a/src/plugins/acl/hash_lookup.c +++ b/src/plugins/acl/hash_lookup.c @@ -1182,7 +1182,7 @@ void hash_acl_add(acl_main_t *am, int acl_index) void *oldheap = hash_acl_set_heap(am); DBG("HASH ACL add : %d", acl_index); int i; - acl_list_t *a = &am->acls[acl_index]; + acl_rule_t *acl_rules = am->acls[acl_index].rules; vec_validate(am->hash_acl_infos, acl_index); hash_acl_info_t *ha = vec_elt_at_index(am->hash_acl_infos, acl_index); clib_memset(ha, 0, sizeof(*ha)); @@ -1192,19 +1192,19 @@ void hash_acl_add(acl_main_t *am, int acl_index) is a mask type, increment a reference count for that mask type */ /* avoid small requests by preallocating the entire vector before running the additions */ - if (a->count > 0) { - vec_validate(ha->rules, a->count-1); + if (vec_len(acl_rules) > 0) { + vec_validate(ha->rules, vec_len(acl_rules)-1); vec_reset_length(ha->rules); } - for(i=0; i < a->count; i++) { + for(i=0; i < vec_len(acl_rules); i++) { hash_ace_info_t ace_info; fa_5tuple_t mask; clib_memset(&ace_info, 0, sizeof(ace_info)); ace_info.acl_index = acl_index; ace_info.ace_index = i; - make_mask_and_match_from_rule(&mask, &a->rules[i], &ace_info); + make_mask_and_match_from_rule(&mask, &acl_rules[i], &ace_info); mask.pkt.flags_reserved = 0b000; ace_info.base_mask_type_index = assign_mask_type_index(am, &mask); /* assign the mask type index for matching itself */ diff --git a/src/plugins/acl/public_inlines.h b/src/plugins/acl/public_inlines.h index ba174c9b2a6..03b64012a74 100644 --- a/src/plugins/acl/public_inlines.h +++ b/src/plugins/acl/public_inlines.h @@ -292,8 +292,8 @@ single_acl_match_5tuple (acl_main_t * am, u32 acl_index, fa_5tuple_t * pkt_5tupl u32 * r_rule_match_p, u32 * trace_bitmap) { int i; - acl_list_t *a; acl_rule_t *r; + acl_rule_t *acl_rules; if (pool_is_free_index (am->acls, acl_index)) { @@ -304,10 +304,10 @@ single_acl_match_5tuple (acl_main_t * am, u32 acl_index, fa_5tuple_t * pkt_5tupl /* the ACL does not exist but is used for policy. Block traffic. */ return 0; } - a = am->acls + acl_index; - for (i = 0; i < a->count; i++) + acl_rules = am->acls[acl_index].rules; + for (i = 0; i < vec_len(acl_rules); i++) { - r = a->rules + i; + r = &acl_rules[i]; if (is_ip6 != r->is_ipv6) { continue; |