4 * Copyright(c) 2010-2014 Intel Corporation. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
11 * * Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * * Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in
15 * the documentation and/or other materials provided with the
17 * * Neither the name of Intel Corporation nor the names of its
18 * contributors may be used to endorse or promote products derived
19 * from this software without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
22 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
23 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
24 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
25 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
26 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
27 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
31 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 #define BIT_SIZEOF(x) (sizeof(x) * CHAR_BIT)
39 TAILQ_HEAD(rte_acl_list, rte_tailq_entry);
42 rte_acl_find_existing(const char *name)
44 struct rte_acl_ctx *ctx = NULL;
45 struct rte_acl_list *acl_list;
46 struct rte_tailq_entry *te;
48 /* check that we have an initialised tail queue */
49 acl_list = RTE_TAILQ_LOOKUP_BY_IDX(RTE_TAILQ_ACL, rte_acl_list);
50 if (acl_list == NULL) {
51 rte_errno = E_RTE_NO_TAILQ;
55 rte_rwlock_read_lock(RTE_EAL_TAILQ_RWLOCK);
56 TAILQ_FOREACH(te, acl_list, next) {
57 ctx = (struct rte_acl_ctx *) te->data;
58 if (strncmp(name, ctx->name, sizeof(ctx->name)) == 0)
61 rte_rwlock_read_unlock(RTE_EAL_TAILQ_RWLOCK);
71 rte_acl_free(struct rte_acl_ctx *ctx)
73 struct rte_acl_list *acl_list;
74 struct rte_tailq_entry *te;
79 /* check that we have an initialised tail queue */
80 acl_list = RTE_TAILQ_LOOKUP_BY_IDX(RTE_TAILQ_ACL, rte_acl_list);
81 if (acl_list == NULL) {
82 rte_errno = E_RTE_NO_TAILQ;
86 rte_rwlock_write_lock(RTE_EAL_TAILQ_RWLOCK);
88 /* find our tailq entry */
89 TAILQ_FOREACH(te, acl_list, next) {
90 if (te->data == (void *) ctx)
94 rte_rwlock_write_unlock(RTE_EAL_TAILQ_RWLOCK);
98 TAILQ_REMOVE(acl_list, te, next);
100 rte_rwlock_write_unlock(RTE_EAL_TAILQ_RWLOCK);
108 rte_acl_create(const struct rte_acl_param *param)
111 struct rte_acl_ctx *ctx;
112 struct rte_acl_list *acl_list;
113 struct rte_tailq_entry *te;
114 char name[sizeof(ctx->name)];
116 /* check that we have an initialised tail queue */
117 acl_list = RTE_TAILQ_LOOKUP_BY_IDX(RTE_TAILQ_ACL, rte_acl_list);
118 if (acl_list == NULL) {
119 rte_errno = E_RTE_NO_TAILQ;
123 /* check that input parameters are valid. */
124 if (param == NULL || param->name == NULL) {
129 snprintf(name, sizeof(name), "ACL_%s", param->name);
131 /* calculate amount of memory required for pattern set. */
132 sz = sizeof(*ctx) + param->max_rule_num * param->rule_size;
134 /* get EAL TAILQ lock. */
135 rte_rwlock_write_lock(RTE_EAL_TAILQ_RWLOCK);
137 /* if we already have one with that name */
138 TAILQ_FOREACH(te, acl_list, next) {
139 ctx = (struct rte_acl_ctx *) te->data;
140 if (strncmp(param->name, ctx->name, sizeof(ctx->name)) == 0)
144 /* if ACL with such name doesn't exist, then create a new one. */
147 te = rte_zmalloc("ACL_TAILQ_ENTRY", sizeof(*te), 0);
150 RTE_LOG(ERR, ACL, "Cannot allocate tailq entry!\n");
154 ctx = rte_zmalloc_socket(name, sz, CACHE_LINE_SIZE, param->socket_id);
158 "allocation of %zu bytes on socket %d for %s failed\n",
159 sz, param->socket_id, name);
163 /* init new allocated context. */
164 ctx->rules = ctx + 1;
165 ctx->max_rules = param->max_rule_num;
166 ctx->rule_sz = param->rule_size;
167 ctx->socket_id = param->socket_id;
168 snprintf(ctx->name, sizeof(ctx->name), "%s", param->name);
170 te->data = (void *) ctx;
172 TAILQ_INSERT_TAIL(acl_list, te, next);
176 rte_rwlock_write_unlock(RTE_EAL_TAILQ_RWLOCK);
181 acl_add_rules(struct rte_acl_ctx *ctx, const void *rules, uint32_t num)
185 if (num + ctx->num_rules > ctx->max_rules)
189 pos += ctx->rule_sz * ctx->num_rules;
190 memcpy(pos, rules, num * ctx->rule_sz);
191 ctx->num_rules += num;
197 acl_check_rule(const struct rte_acl_rule_data *rd)
199 if ((rd->category_mask & LEN2MASK(RTE_ACL_MAX_CATEGORIES)) == 0 ||
200 rd->priority > RTE_ACL_MAX_PRIORITY ||
201 rd->priority < RTE_ACL_MIN_PRIORITY ||
202 rd->userdata == RTE_ACL_INVALID_USERDATA)
208 rte_acl_add_rules(struct rte_acl_ctx *ctx, const struct rte_acl_rule *rules,
211 const struct rte_acl_rule *rv;
215 if (ctx == NULL || rules == NULL || 0 == ctx->rule_sz)
218 for (i = 0; i != num; i++) {
219 rv = (const struct rte_acl_rule *)
220 ((uintptr_t)rules + i * ctx->rule_sz);
221 rc = acl_check_rule(&rv->data);
223 RTE_LOG(ERR, ACL, "%s(%s): rule #%u is invalid\n",
224 __func__, ctx->name, i + 1);
229 return acl_add_rules(ctx, rules, num);
234 * Note that RT structures are not affected.
237 rte_acl_reset_rules(struct rte_acl_ctx *ctx)
244 * Reset all rules and destroys RT structures.
247 rte_acl_reset(struct rte_acl_ctx *ctx)
250 rte_acl_reset_rules(ctx);
251 rte_acl_build(ctx, &ctx->config);
256 * Dump ACL context to the stdout.
259 rte_acl_dump(const struct rte_acl_ctx *ctx)
263 printf("acl context <%s>@%p\n", ctx->name, ctx);
264 printf(" max_rules=%"PRIu32"\n", ctx->max_rules);
265 printf(" rule_size=%"PRIu32"\n", ctx->rule_sz);
266 printf(" num_rules=%"PRIu32"\n", ctx->num_rules);
267 printf(" num_categories=%"PRIu32"\n", ctx->num_categories);
268 printf(" num_tries=%"PRIu32"\n", ctx->num_tries);
272 * Dump all ACL contexts to the stdout.
275 rte_acl_list_dump(void)
277 struct rte_acl_ctx *ctx;
278 struct rte_acl_list *acl_list;
279 struct rte_tailq_entry *te;
281 /* check that we have an initialised tail queue */
282 acl_list = RTE_TAILQ_LOOKUP_BY_IDX(RTE_TAILQ_ACL, rte_acl_list);
283 if (acl_list == NULL) {
284 rte_errno = E_RTE_NO_TAILQ;
288 rte_rwlock_read_lock(RTE_EAL_TAILQ_RWLOCK);
289 TAILQ_FOREACH(te, acl_list, next) {
290 ctx = (struct rte_acl_ctx *) te->data;
293 rte_rwlock_read_unlock(RTE_EAL_TAILQ_RWLOCK);
297 * Support for legacy ipv4vlan rules.
300 RTE_ACL_RULE_DEF(acl_ipv4vlan_rule, RTE_ACL_IPV4VLAN_NUM_FIELDS);
303 acl_ipv4vlan_check_rule(const struct rte_acl_ipv4vlan_rule *rule)
305 if (rule->src_port_low > rule->src_port_high ||
306 rule->dst_port_low > rule->dst_port_high ||
307 rule->src_mask_len > BIT_SIZEOF(rule->src_addr) ||
308 rule->dst_mask_len > BIT_SIZEOF(rule->dst_addr))
311 return acl_check_rule(&rule->data);
315 acl_ipv4vlan_convert_rule(const struct rte_acl_ipv4vlan_rule *ri,
316 struct acl_ipv4vlan_rule *ro)
320 ro->field[RTE_ACL_IPV4VLAN_PROTO_FIELD].value.u8 = ri->proto;
321 ro->field[RTE_ACL_IPV4VLAN_VLAN1_FIELD].value.u16 = ri->vlan;
322 ro->field[RTE_ACL_IPV4VLAN_VLAN2_FIELD].value.u16 = ri->domain;
323 ro->field[RTE_ACL_IPV4VLAN_SRC_FIELD].value.u32 = ri->src_addr;
324 ro->field[RTE_ACL_IPV4VLAN_DST_FIELD].value.u32 = ri->dst_addr;
325 ro->field[RTE_ACL_IPV4VLAN_SRCP_FIELD].value.u16 = ri->src_port_low;
326 ro->field[RTE_ACL_IPV4VLAN_DSTP_FIELD].value.u16 = ri->dst_port_low;
328 ro->field[RTE_ACL_IPV4VLAN_PROTO_FIELD].mask_range.u8 = ri->proto_mask;
329 ro->field[RTE_ACL_IPV4VLAN_VLAN1_FIELD].mask_range.u16 = ri->vlan_mask;
330 ro->field[RTE_ACL_IPV4VLAN_VLAN2_FIELD].mask_range.u16 =
332 ro->field[RTE_ACL_IPV4VLAN_SRC_FIELD].mask_range.u32 =
334 ro->field[RTE_ACL_IPV4VLAN_DST_FIELD].mask_range.u32 = ri->dst_mask_len;
335 ro->field[RTE_ACL_IPV4VLAN_SRCP_FIELD].mask_range.u16 =
337 ro->field[RTE_ACL_IPV4VLAN_DSTP_FIELD].mask_range.u16 =
342 rte_acl_ipv4vlan_add_rules(struct rte_acl_ctx *ctx,
343 const struct rte_acl_ipv4vlan_rule *rules,
348 struct acl_ipv4vlan_rule rv;
350 if (ctx == NULL || rules == NULL || ctx->rule_sz != sizeof(rv))
353 /* check input rules. */
354 for (i = 0; i != num; i++) {
355 rc = acl_ipv4vlan_check_rule(rules + i);
357 RTE_LOG(ERR, ACL, "%s(%s): rule #%u is invalid\n",
358 __func__, ctx->name, i + 1);
363 if (num + ctx->num_rules > ctx->max_rules)
366 /* perform conversion to the internal format and add to the context. */
367 for (i = 0, rc = 0; i != num && rc == 0; i++) {
368 acl_ipv4vlan_convert_rule(rules + i, &rv);
369 rc = acl_add_rules(ctx, &rv, 1);
376 acl_ipv4vlan_config(struct rte_acl_config *cfg,
377 const uint32_t layout[RTE_ACL_IPV4VLAN_NUM],
378 uint32_t num_categories)
380 static const struct rte_acl_field_def
381 ipv4_defs[RTE_ACL_IPV4VLAN_NUM_FIELDS] = {
383 .type = RTE_ACL_FIELD_TYPE_BITMASK,
384 .size = sizeof(uint8_t),
385 .field_index = RTE_ACL_IPV4VLAN_PROTO_FIELD,
386 .input_index = RTE_ACL_IPV4VLAN_PROTO,
389 .type = RTE_ACL_FIELD_TYPE_BITMASK,
390 .size = sizeof(uint16_t),
391 .field_index = RTE_ACL_IPV4VLAN_VLAN1_FIELD,
392 .input_index = RTE_ACL_IPV4VLAN_VLAN,
395 .type = RTE_ACL_FIELD_TYPE_BITMASK,
396 .size = sizeof(uint16_t),
397 .field_index = RTE_ACL_IPV4VLAN_VLAN2_FIELD,
398 .input_index = RTE_ACL_IPV4VLAN_VLAN,
401 .type = RTE_ACL_FIELD_TYPE_MASK,
402 .size = sizeof(uint32_t),
403 .field_index = RTE_ACL_IPV4VLAN_SRC_FIELD,
404 .input_index = RTE_ACL_IPV4VLAN_SRC,
407 .type = RTE_ACL_FIELD_TYPE_MASK,
408 .size = sizeof(uint32_t),
409 .field_index = RTE_ACL_IPV4VLAN_DST_FIELD,
410 .input_index = RTE_ACL_IPV4VLAN_DST,
413 .type = RTE_ACL_FIELD_TYPE_RANGE,
414 .size = sizeof(uint16_t),
415 .field_index = RTE_ACL_IPV4VLAN_SRCP_FIELD,
416 .input_index = RTE_ACL_IPV4VLAN_PORTS,
419 .type = RTE_ACL_FIELD_TYPE_RANGE,
420 .size = sizeof(uint16_t),
421 .field_index = RTE_ACL_IPV4VLAN_DSTP_FIELD,
422 .input_index = RTE_ACL_IPV4VLAN_PORTS,
426 memcpy(&cfg->defs, ipv4_defs, sizeof(ipv4_defs));
427 cfg->num_fields = RTE_DIM(ipv4_defs);
429 cfg->defs[RTE_ACL_IPV4VLAN_PROTO_FIELD].offset =
430 layout[RTE_ACL_IPV4VLAN_PROTO];
431 cfg->defs[RTE_ACL_IPV4VLAN_VLAN1_FIELD].offset =
432 layout[RTE_ACL_IPV4VLAN_VLAN];
433 cfg->defs[RTE_ACL_IPV4VLAN_VLAN2_FIELD].offset =
434 layout[RTE_ACL_IPV4VLAN_VLAN] +
435 cfg->defs[RTE_ACL_IPV4VLAN_VLAN1_FIELD].size;
436 cfg->defs[RTE_ACL_IPV4VLAN_SRC_FIELD].offset =
437 layout[RTE_ACL_IPV4VLAN_SRC];
438 cfg->defs[RTE_ACL_IPV4VLAN_DST_FIELD].offset =
439 layout[RTE_ACL_IPV4VLAN_DST];
440 cfg->defs[RTE_ACL_IPV4VLAN_SRCP_FIELD].offset =
441 layout[RTE_ACL_IPV4VLAN_PORTS];
442 cfg->defs[RTE_ACL_IPV4VLAN_DSTP_FIELD].offset =
443 layout[RTE_ACL_IPV4VLAN_PORTS] +
444 cfg->defs[RTE_ACL_IPV4VLAN_SRCP_FIELD].size;
446 cfg->num_categories = num_categories;
450 rte_acl_ipv4vlan_build(struct rte_acl_ctx *ctx,
451 const uint32_t layout[RTE_ACL_IPV4VLAN_NUM],
452 uint32_t num_categories)
454 struct rte_acl_config cfg;
456 if (ctx == NULL || layout == NULL)
459 acl_ipv4vlan_config(&cfg, layout, num_categories);
460 return rte_acl_build(ctx, &cfg);