summaryrefslogtreecommitdiffstats
path: root/src/plugins/gbp/gbp_policy_dpo.c
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2019-06-19 06:25:56 -0700
committerDamjan Marion <dmarion@me.com>2019-07-01 08:37:53 +0000
commit160c923f99c2adc103495fab1bfcefe965fe7fb8 (patch)
treea3b33e764c9ec138d519a5a2b4001bdf63eb8dba /src/plugins/gbp/gbp_policy_dpo.c
parent5770c916c0cf110ced690ff128b065bbb2c827ca (diff)
gbp: VRF scoped contracts
Type: feature Change-Id: I01772cfc3a0118a5c49bf346339788824e6931b2 Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/plugins/gbp/gbp_policy_dpo.c')
-rw-r--r--src/plugins/gbp/gbp_policy_dpo.c28
1 files changed, 20 insertions, 8 deletions
diff --git a/src/plugins/gbp/gbp_policy_dpo.c b/src/plugins/gbp/gbp_policy_dpo.c
index a7077899fd8..8152315c7b8 100644
--- a/src/plugins/gbp/gbp_policy_dpo.c
+++ b/src/plugins/gbp/gbp_policy_dpo.c
@@ -93,6 +93,7 @@ gbp_policy_dpo_get_urpf (const dpo_id_t * dpo)
void
gbp_policy_dpo_add_or_lock (dpo_proto_t dproto,
+ gbp_scope_t scope,
sclass_t sclass, u32 sw_if_index, dpo_id_t * dpo)
{
gbp_policy_dpo_t *gpd;
@@ -103,6 +104,7 @@ gbp_policy_dpo_add_or_lock (dpo_proto_t dproto,
gpd->gpd_proto = dproto;
gpd->gpd_sw_if_index = sw_if_index;
gpd->gpd_sclass = sclass;
+ gpd->gpd_scope = scope;
if (~0 != sw_if_index)
{
@@ -128,9 +130,9 @@ format_gbp_policy_dpo (u8 * s, va_list * ap)
gbp_policy_dpo_t *gpd = gbp_policy_dpo_get (index);
vnet_main_t *vnm = vnet_get_main ();
- s = format (s, "gbp-policy-dpo: %U, sclass:%d out:%U",
+ s = format (s, "gbp-policy-dpo: %U, scope:%d sclass:%d out:%U",
format_dpo_proto, gpd->gpd_proto,
- (int) gpd->gpd_sclass,
+ gpd->gpd_scope, (int) gpd->gpd_sclass,
format_vnet_sw_if_index_name, vnm, gpd->gpd_sw_if_index);
s = format (s, "\n%U", format_white_space, indent + 2);
s = format (s, "%U", format_dpo_id, &gpd->gpd_dpo, indent + 4);
@@ -151,6 +153,7 @@ gbp_policy_dpo_interpose (const dpo_id_t * original,
gpd = gbp_policy_dpo_get (original->dpoi_index);
gpd_clone->gpd_proto = gpd->gpd_proto;
+ gpd_clone->gpd_scope = gpd->gpd_scope;
gpd_clone->gpd_sclass = gpd->gpd_sclass;
gpd_clone->gpd_sw_if_index = gpd->gpd_sw_if_index;
@@ -233,11 +236,13 @@ static char *gbp_policy_dpo_error_strings[] = {
typedef struct gbp_policy_dpo_trace_t_
{
- u32 sclass;
- u32 dclass;
+ gbp_scope_t scope;
+ sclass_t sclass;
+ sclass_t dclass;
u32 acl_index;
u32 flags;
u32 action;
+ u32 gci;
} gbp_policy_dpo_trace_t;
typedef enum
@@ -323,11 +328,13 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
if (vnet_buffer2 (b0)->gbp.flags & VXLAN_GBP_GPFLAGS_A)
{
next0 = gpd0->gpd_dpo.dpoi_next_node;
- key0.as_u32 = ~0;
+ key0.as_u64 = ~0;
n_allow_a_bit++;
goto trace;
}
+ key0.as_u64 = 0;
+ key0.gck_scope = gpd0->gpd_scope;
key0.gck_src = vnet_buffer2 (b0)->gbp.sclass;
key0.gck_dst = gpd0->gpd_sclass;
@@ -440,11 +447,14 @@ gbp_policy_dpo_inline (vlib_main_t * vm,
gbp_policy_dpo_trace_t *tr;
tr = vlib_add_trace (vm, node, b0, sizeof (*tr));
+ tr->scope = key0.gck_scope;
tr->sclass = key0.gck_src;
tr->dclass = key0.gck_dst;
tr->acl_index = (gc0 ? gc0->gc_acl_index : ~0);
tr->flags = vnet_buffer2 (b0)->gbp.flags;
tr->action = action0;
+ tr->gci = (gc0 ? gc0 - gbp_contract_pool : INDEX_INVALID);
+
}
vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
@@ -472,9 +482,11 @@ format_gbp_policy_dpo_trace (u8 * s, va_list * args)
CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
gbp_policy_dpo_trace_t *t = va_arg (*args, gbp_policy_dpo_trace_t *);
- s = format (s, " sclass:%d dclass:%d acl-index:%d flags:%U action:%d",
- t->sclass, t->dclass, t->acl_index,
- format_vxlan_gbp_header_gpflags, t->flags, t->action);
+ s =
+ format (s,
+ "scope:%d sclass:%d dclass:%d gci:%d acl-index:%d flags:%U action:%d",
+ t->scope, t->sclass, t->dclass, t->gci, t->acl_index,
+ format_vxlan_gbp_header_gpflags, t->flags, t->action);
return s;
}