From: Intel Date: Fri, 8 Nov 2013 02:00:00 +0000 (+0100) Subject: app/test: rename pmac_acl as acl X-Git-Tag: spdx-start~11070 X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=4d2ca079d4279209c0b9099d708c0c53c1e24b6f;p=dpdk.git app/test: rename pmac_acl as acl Signed-off-by: Intel --- diff --git a/app/test/Makefile b/app/test/Makefile index d4bfd8423f..db85ddf3f4 100644 --- a/app/test/Makefile +++ b/app/test/Makefile @@ -89,11 +89,14 @@ SRCS-$(CONFIG_RTE_APP_TEST) += test_red.c SRCS-$(CONFIG_RTE_APP_TEST) += test_sched.c SRCS-$(CONFIG_RTE_APP_TEST) += test_meter.c SRCS-$(CONFIG_RTE_APP_TEST) += test_kni.c -SRCS-$(CONFIG_RTE_APP_TEST) += test_pmac_acl.c SRCS-$(CONFIG_RTE_APP_TEST) += test_power.c SRCS-$(CONFIG_RTE_APP_TEST) += test_common.c SRCS-$(CONFIG_RTE_APP_TEST) += test_timer_perf.c +ifeq ($(CONFIG_RTE_APP_TEST),y) +SRCS-$(CONFIG_RTE_LIBRTE_ACL) += test_acl.c +endif + CFLAGS += -O3 CFLAGS += $(WERROR_FLAGS) diff --git a/app/test/commands.c b/app/test/commands.c index a907ff77b6..f36533f6f5 100644 --- a/app/test/commands.c +++ b/app/test/commands.c @@ -178,12 +178,14 @@ static void cmd_autotest_parsed(void *parsed_result, ret |= test_meter(); if (all || !strcmp(res->autotest, "kni_autotest")) ret |= test_kni(); - if (all || !strcmp(res->autotest, "acl_autotest")) - ret |= test_pmac_acl(); if (all || !strcmp(res->autotest, "power_autotest")) ret |= test_power(); if (all || !strcmp(res->autotest, "common_autotest")) ret |= test_common(); +#ifdef RTE_LIBRTE_ACL + if (all || !strcmp(res->autotest, "acl_autotest")) + ret |= test_acl(); +#endif /* RTE_LIBRTE_ACL */ if (ret == 0) printf("Test OK\n"); @@ -215,7 +217,11 @@ cmdline_parse_token_string_t cmd_autotest_autotest = "memcpy_perf_autotest#ring_perf_autotest#" "red_autotest#meter_autotest#sched_autotest#" "memcpy_perf_autotest#kni_autotest#" - "pm_autotest#acl_autotest#power_autotest#" + "pm_autotest#" +#ifdef RTE_LIBRTE_ACL + "acl_autotest#" +#endif + "power_autotest#" "timer_perf_autotest#" "common_autotest#all_autotests"); diff --git a/app/test/test.h b/app/test/test.h index 1ce0c31abd..487a97ecbf 100644 --- a/app/test/test.h +++ b/app/test/test.h @@ -90,7 +90,7 @@ int test_func_reentrancy(void); int test_red(void); int test_sched(void); int test_meter(void); -int test_pmac_acl(void); +int test_acl(void); int test_kni(void); int test_power(void); int test_common(void); diff --git a/app/test/test_acl.c b/app/test/test_acl.c new file mode 100644 index 0000000000..668be33048 --- /dev/null +++ b/app/test/test_acl.c @@ -0,0 +1,887 @@ +/*- + * BSD LICENSE + * + * Copyright(c) 2010-2013 Intel Corporation. All rights reserved. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include +#include + +#include + +#include +#include + +#include "test.h" + +#ifdef RTE_LIBRTE_ACL + +#include +#include +#include + +#include "test_acl.h" + +#define LEN RTE_ACL_MAX_CATEGORIES + +struct rte_acl_param acl_param = { + .name = "acl_ctx", + .socket_id = SOCKET_ID_ANY, + .rule_size = sizeof(struct rte_acl_ipv4vlan_rule), + .max_rule_num = 0x30000, +}; + +struct rte_acl_ipv4vlan_rule acl_rule = { + .data = { .priority = 1, .category_mask = 0xff }, + .src_port_low = 0, + .src_port_high = UINT16_MAX, + .dst_port_low = 0, + .dst_port_high = UINT16_MAX, +}; + +/* byteswap to cpu or network order */ +static void +bswap_test_data(struct ipv4_7tuple * data, int len, int to_be) +{ + int i; + + for (i = 0; i < len; i++) { + + if (to_be) { + /* swap all bytes so that they are in network order */ + data[i].ip_dst = rte_cpu_to_be_32(data[i].ip_dst); + data[i].ip_src = rte_cpu_to_be_32(data[i].ip_src); + data[i].port_dst = rte_cpu_to_be_16(data[i].port_dst); + data[i].port_src = rte_cpu_to_be_16(data[i].port_src); + data[i].vlan = rte_cpu_to_be_16(data[i].vlan); + data[i].domain = rte_cpu_to_be_16(data[i].domain); + } + else { + data[i].ip_dst = rte_be_to_cpu_32(data[i].ip_dst); + data[i].ip_src = rte_be_to_cpu_32(data[i].ip_src); + data[i].port_dst = rte_be_to_cpu_16(data[i].port_dst); + data[i].port_src = rte_be_to_cpu_16(data[i].port_src); + data[i].vlan = rte_be_to_cpu_16(data[i].vlan); + data[i].domain = rte_be_to_cpu_16(data[i].domain); + } + } +} + +/* + * Test scalar and SSE ACL lookup. + */ +static int +test_classify(void) +{ + struct rte_acl_ctx * acx; + int ret, i; + uint32_t result, count; + + uint32_t results[DIM(acl_test_data) * RTE_ACL_MAX_CATEGORIES]; + + const uint8_t * data[DIM(acl_test_data)]; + + const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = { + offsetof(struct ipv4_7tuple, proto), + offsetof(struct ipv4_7tuple, vlan), + offsetof(struct ipv4_7tuple, ip_src), + offsetof(struct ipv4_7tuple, ip_dst), + offsetof(struct ipv4_7tuple, port_src), + }; + + acx = rte_acl_create(&acl_param); + if (acx == NULL) { + printf("Line %i: Error creating ACL context!\n", __LINE__); + return -1; + } + + /* add rules to the context */ + ret = rte_acl_ipv4vlan_add_rules(acx, acl_test_rules, + DIM(acl_test_rules)); + if (ret != 0) { + printf("Line %i: Adding rules to ACL context failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* try building the context */ + ret = rte_acl_ipv4vlan_build(acx, layout, RTE_ACL_MAX_CATEGORIES); + if (ret != 0) { + printf("Line %i: Building ACL context failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* swap all bytes in the data to network order */ + bswap_test_data(acl_test_data, DIM(acl_test_data), 1); + + /* store pointers to test data */ + for (i = 0; i < (int) DIM(acl_test_data); i++) + data[i] = (uint8_t *)&acl_test_data[i]; + + /** + * these will run quite a few times, it's necessary to test code paths + * from num=0 to num>8 + */ + for (count = 0; count < DIM(acl_test_data); count++) { + ret = rte_acl_classify(acx, data, results, + count, RTE_ACL_MAX_CATEGORIES); + if (ret != 0) { + printf("Line %i: SSE classify failed!\n", __LINE__); + goto err; + } + + /* check if we allow everything we should allow */ + for (i = 0; i < (int) count; i++) { + result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_ALLOW]; + if (result != acl_test_data[i].allow) { + printf("Line %i: Error in allow results at %i " + "(expected %"PRIu32" got %"PRIu32")!\n", + __LINE__, i, acl_test_data[i].allow, + result); + goto err; + } + } + + /* check if we deny everything we should deny */ + for (i = 0; i < (int) count; i++) { + result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_DENY]; + if (result != acl_test_data[i].deny) { + printf("Line %i: Error in deny results at %i " + "(expected %"PRIu32" got %"PRIu32")!\n", + __LINE__, i, acl_test_data[i].deny, + result); + goto err; + } + } + } + + /* make a quick check for scalar */ + ret = rte_acl_classify_scalar(acx, data, results, + DIM(acl_test_data), RTE_ACL_MAX_CATEGORIES); + if (ret != 0) { + printf("Line %i: SSE classify failed!\n", __LINE__); + goto err; + } + + /* check if we allow everything we should allow */ + for (i = 0; i < (int) DIM(acl_test_data); i++) { + result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_ALLOW]; + if (result != acl_test_data[i].allow) { + printf("Line %i: Error in allow results at %i " + "(expected %"PRIu32" got %"PRIu32")!\n", + __LINE__, i, acl_test_data[i].allow, + result); + goto err; + } + } + + /* check if we deny everything we should deny */ + for (i = 0; i < (int) DIM(acl_test_data); i++) { + result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_DENY]; + if (result != acl_test_data[i].deny) { + printf("Line %i: Error in deny results at %i " + "(expected %"PRIu32" got %"PRIu32")!\n", + __LINE__, i, acl_test_data[i].deny, + result); + goto err; + } + } + + /* free ACL context */ + rte_acl_free(acx); + + /* swap data back to cpu order so that next time tests don't fail */ + bswap_test_data(acl_test_data, DIM(acl_test_data), 0); + + return 0; +err: + + /* swap data back to cpu order so that next time tests don't fail */ + bswap_test_data(acl_test_data, DIM(acl_test_data), 0); + + rte_acl_free(acx); + + return -1; +} + +/* + * Test wrong layout behavior + * This test supplies the ACL context with invalid layout, which results in + * ACL matching the wrong stuff. However, it should match the wrong stuff + * the right way. We switch around source and destination addresses, + * source and destination ports, and protocol will point to first byte of + * destination port. + */ +static int +test_invalid_layout(void) +{ + struct rte_acl_ctx * acx; + int ret, i; + + uint32_t results[DIM(invalid_layout_data)]; + const uint8_t * data[DIM(invalid_layout_data)]; + + const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = { + /* proto points to destination port's first byte */ + offsetof(struct ipv4_7tuple, port_dst), + + 0, /* VLAN not used */ + + /* src and dst addresses are swapped */ + offsetof(struct ipv4_7tuple, ip_dst), + offsetof(struct ipv4_7tuple, ip_src), + + /* we can't swap ports here, so we will swap them in the data */ + offsetof(struct ipv4_7tuple, port_src), + }; + + acx = rte_acl_create(&acl_param); + if (acx == NULL) { + printf("Line %i: Error creating ACL context!\n", __LINE__); + return -1; + } + + /* putting a lot of rules into the context results in greater + * coverage numbers. it doesn't matter if they are identical */ + for (i = 0; i < 1000; i++) { + /* add rules to the context */ + ret = rte_acl_ipv4vlan_add_rules(acx, invalid_layout_rules, + DIM(invalid_layout_rules)); + if (ret != 0) { + printf("Line %i: Adding rules to ACL context failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + } + + /* try building the context */ + ret = rte_acl_ipv4vlan_build(acx, layout, 1); + if (ret != 0) { + printf("Line %i: Building ACL context failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* swap all bytes in the data to network order */ + bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 1); + + /* prepare data */ + for (i = 0; i < (int) DIM(invalid_layout_data); i++) { + data[i] = (uint8_t *)&invalid_layout_data[i]; + } + + /* classify tuples */ + ret = rte_acl_classify(acx, data, results, + DIM(results), 1); + if (ret != 0) { + printf("Line %i: SSE classify failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + for (i = 0; i < (int) DIM(results); i++) { + if (results[i] != invalid_layout_data[i].allow) { + printf("Line %i: Wrong results at %i (result=%u, should be %u)!\n", + __LINE__, i, results[i], invalid_layout_data[i].allow); + goto err; + } + } + + /* classify tuples (scalar) */ + ret = rte_acl_classify_scalar(acx, data, results, + DIM(results), 1); + if (ret != 0) { + printf("Line %i: Scalar classify failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + for (i = 0; i < (int) DIM(results); i++) { + if (results[i] != invalid_layout_data[i].allow) { + printf("Line %i: Wrong results at %i (result=%u, should be %u)!\n", + __LINE__, i, results[i], invalid_layout_data[i].allow); + goto err; + } + } + + rte_acl_free(acx); + + /* swap data back to cpu order so that next time tests don't fail */ + bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 0); + + return 0; +err: + + /* swap data back to cpu order so that next time tests don't fail */ + bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 0); + + rte_acl_free(acx); + + return -1; +} + +/* + * Test creating and finding ACL contexts, and adding rules + */ +static int +test_create_find_add(void) +{ + struct rte_acl_param param; + struct rte_acl_ctx * acx, *acx2, *tmp; + struct rte_acl_ipv4vlan_rule rules[LEN]; + + const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = {0}; + + const char * acx_name = "acx"; + const char * acx2_name = "acx2"; + int i, ret; + + /* create two contexts */ + memcpy(¶m, &acl_param, sizeof(param)); + param.max_rule_num = 2; + + param.name = acx_name; + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: Error creating %s!\n", __LINE__, acx_name); + return -1; + } + + param.name = acx2_name; + acx2 = rte_acl_create(¶m); + if (acx2 == NULL || acx2 == acx) { + printf("Line %i: Error creating %s!\n", __LINE__, acx2_name); + rte_acl_free(acx); + return -1; + } + + /* try to create third one, with an existing name */ + param.name = acx_name; + tmp = rte_acl_create(¶m); + if (tmp != acx) { + printf("Line %i: Creating context with existing name test failed!\n", + __LINE__); + if (tmp) + rte_acl_free(tmp); + goto err; + } + + param.name = acx2_name; + tmp = rte_acl_create(¶m); + if (tmp != acx2) { + printf("Line %i: Creating context with existing name test 2 failed!\n", + __LINE__); + if (tmp) + rte_acl_free(tmp); + goto err; + } + + /* try to find existing ACL contexts */ + tmp = rte_acl_find_existing(acx_name); + if (tmp != acx) { + printf("Line %i: Finding %s failed!\n", __LINE__, acx_name); + if (tmp) + rte_acl_free(tmp); + goto err; + } + + tmp = rte_acl_find_existing(acx2_name); + if (tmp != acx2) { + printf("Line %i: Finding %s failed!\n", __LINE__, acx2_name); + if (tmp) + rte_acl_free(tmp); + goto err; + } + + /* try to find non-existing context */ + tmp = rte_acl_find_existing("invalid"); + if (tmp != NULL) { + printf("Line %i: Non-existent ACL context found!\n", __LINE__); + goto err; + } + + /* free context */ + rte_acl_free(acx); + + + /* create valid (but severely limited) acx */ + memcpy(¶m, &acl_param, sizeof(param)); + param.max_rule_num = LEN; + + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: Error creating %s!\n", __LINE__, param.name); + goto err; + } + + /* create dummy acl */ + for (i = 0; i < LEN; i++) { + memcpy(&rules[i], &acl_rule, sizeof(struct rte_acl_ipv4vlan_rule)); + rules[i].data.userdata = i + 1; /* skip zero */ + rules[i].data.category_mask = 1 << i; /* one rule per category */ + } + + /* try filling up the context */ + ret = rte_acl_ipv4vlan_add_rules(acx, rules, LEN); + if (ret != 0) { + printf("Line %i: Adding %i rules to ACL context failed!\n", + __LINE__, LEN); + goto err; + } + + /* try adding to a (supposedly) full context */ + ret = rte_acl_ipv4vlan_add_rules(acx, rules, 1); + if (ret == 0) { + printf("Line %i: Adding rules to full ACL context should" + "have failed!\n", __LINE__); + goto err; + } + + /* try building the context */ + ret = rte_acl_ipv4vlan_build(acx, layout, RTE_ACL_MAX_CATEGORIES); + if (ret != 0) { + printf("Line %i: Building ACL context failed!\n", __LINE__); + goto err; + } + + rte_acl_free(acx); + rte_acl_free(acx2); + + return 0; +err: + rte_acl_free(acx); + rte_acl_free(acx2); + return -1; +} + +/* + * test various invalid rules + */ +static int +test_invalid_rules(void) +{ + struct rte_acl_ctx * acx; + int ret; + + struct rte_acl_ipv4vlan_rule rule; + + acx = rte_acl_create(&acl_param); + if (acx == NULL) { + printf("Line %i: Error creating ACL context!\n", __LINE__); + return -1; + } + + /* test inverted high/low source and destination ports. + * originally, there was a problem with memory consumption when using + * such rules. + */ + /* create dummy acl */ + memcpy(&rule, &acl_rule, sizeof(struct rte_acl_ipv4vlan_rule)); + rule.data.userdata = 1; + rule.dst_port_low = 0xfff0; + rule.dst_port_high = 0x0010; + + /* add rules to context and try to build it */ + ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (ret == 0) { + printf("Line %i: Adding rules to ACL context " + "should have failed!\n", __LINE__); + goto err; + } + + rule.dst_port_low = 0x0; + rule.dst_port_high = 0xffff; + rule.src_port_low = 0xfff0; + rule.src_port_high = 0x0010; + + /* add rules to context and try to build it */ + ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (ret == 0) { + printf("Line %i: Adding rules to ACL context " + "should have failed!\n", __LINE__); + goto err; + } + + rule.dst_port_low = 0x0; + rule.dst_port_high = 0xffff; + rule.src_port_low = 0x0; + rule.src_port_high = 0xffff; + + rule.dst_mask_len = 33; + + /* add rules to context and try to build it */ + ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (ret == 0) { + printf("Line %i: Adding rules to ACL context " + "should have failed!\n", __LINE__); + goto err; + } + + rule.dst_mask_len = 0; + rule.src_mask_len = 33; + + /* add rules to context and try to build it */ + ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (ret == 0) { + printf("Line %i: Adding rules to ACL context " + "should have failed!\n", __LINE__); + goto err; + } + + rule.dst_mask_len = 0; + rule.src_mask_len = 0; + rule.data.userdata = 0; + + /* try adding this rule (it should fail because userdata is invalid) */ + ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (ret == 0) { + printf("Line %i: Adding a rule with invalid user data " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + rte_acl_free(acx); + + return 0; + +err: + rte_acl_free(acx); + + return -1; +} + +/* + * test functions by passing invalid or + * non-workable parameters. + * + * we do very limited testing of classify functions here + * because those are performance-critical and + * thus don't do much parameter checking. + */ +static int +test_invalid_parameters(void) +{ + struct rte_acl_param param; + struct rte_acl_ctx * acx; + struct rte_acl_ipv4vlan_rule rule; + int result; + + uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = {0}; + + + /** + * rte_ac_create() + */ + + /* NULL param */ + acx = rte_acl_create(NULL); + if (acx != NULL) { + printf("Line %i: ACL context creation with NULL param " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* zero rule size */ + memcpy(¶m, &acl_param, sizeof(param)); + param.rule_size = 0; + + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: ACL context creation with zero rule len " + "failed!\n", __LINE__); + return -1; + } + else + rte_acl_free(acx); + + /* zero max rule num */ + memcpy(¶m, &acl_param, sizeof(param)); + param.max_rule_num = 0; + + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: ACL context creation with zero rule num " + "failed!\n", __LINE__); + return -1; + } + else + rte_acl_free(acx); + + /* invalid NUMA node */ + memcpy(¶m, &acl_param, sizeof(param)); + param.socket_id = RTE_MAX_NUMA_NODES + 1; + + acx = rte_acl_create(¶m); + if (acx != NULL) { + printf("Line %i: ACL context creation with invalid NUMA " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* NULL name */ + memcpy(¶m, &acl_param, sizeof(param)); + param.name = NULL; + + acx = rte_acl_create(¶m); + if (acx != NULL) { + printf("Line %i: ACL context creation with NULL name " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /** + * rte_acl_find_existing + */ + + acx = rte_acl_find_existing(NULL); + if (acx != NULL) { + printf("Line %i: NULL ACL context found!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /** + * rte_acl_ipv4vlan_add_rules + */ + + /* initialize everything */ + memcpy(¶m, &acl_param, sizeof(param)); + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: ACL context creation failed!\n", __LINE__); + return -1; + } + + memcpy(&rule, &acl_rule, sizeof(rule)); + + /* NULL context */ + result = rte_acl_ipv4vlan_add_rules(NULL, &rule, 1); + if (result == 0) { + printf("Line %i: Adding rules with NULL ACL context " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* NULL rule */ + result = rte_acl_ipv4vlan_add_rules(acx, NULL, 1); + if (result == 0) { + printf("Line %i: Adding NULL rule to ACL context " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* zero count (should succeed) */ + result = rte_acl_ipv4vlan_add_rules(acx, &rule, 0); + if (result != 0) { + printf("Line %i: Adding 0 rules to ACL context failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* free ACL context */ + rte_acl_free(acx); + + /* set wrong rule_size so that adding any rules would fail */ + param.rule_size = sizeof(struct rte_acl_ipv4vlan_rule) + 4; + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: ACL context creation failed!\n", __LINE__); + return -1; + } + + /* try adding a rule with size different from context rule_size */ + result = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); + if (result == 0) { + printf("Line %i: Adding an invalid sized rule " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* free ACL context */ + rte_acl_free(acx); + + + /** + * rte_acl_ipv4vlan_build + */ + + /* reinitialize context */ + memcpy(¶m, &acl_param, sizeof(param)); + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: ACL context creation failed!\n", __LINE__); + return -1; + } + + /* NULL context */ + result = rte_acl_ipv4vlan_build(NULL, layout, 1); + if (result == 0) { + printf("Line %i: Building with NULL context " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* NULL layout */ + result = rte_acl_ipv4vlan_build(acx, NULL, 1); + if (result == 0) { + printf("Line %i: Building with NULL layout " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* zero categories (should not fail) */ + result = rte_acl_ipv4vlan_build(acx, layout, 0); + if (result != 0) { + printf("Line %i: Building with 0 categories failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* SSE classify test */ + + /* cover zero categories in classify (should not fail) */ + result = rte_acl_classify(acx, NULL, NULL, 0, 0); + if (result != 0) { + printf("Line %i: SSE classify with zero categories " + "failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* cover invalid but positive categories in classify */ + result = rte_acl_classify(acx, NULL, NULL, 0, 3); + if (result == 0) { + printf("Line %i: SSE classify with 3 categories " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* scalar classify test */ + + /* cover zero categories in classify (should not fail) */ + result = rte_acl_classify_scalar(acx, NULL, NULL, 0, 0); + if (result != 0) { + printf("Line %i: Scalar classify with zero categories " + "failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* cover invalid but positive categories in classify */ + result = rte_acl_classify_scalar(acx, NULL, NULL, 0, 3); + if (result == 0) { + printf("Line %i: Scalar classify with 3 categories " + "should have failed!\n", __LINE__); + rte_acl_free(acx); + return -1; + } + + /* free ACL context */ + rte_acl_free(acx); + + + /** + * make sure void functions don't crash with NULL parameters + */ + + rte_acl_free(NULL); + + rte_acl_dump(NULL); + + return 0; +} + +/** + * Various tests that don't test much but improve coverage + */ +static int +test_misc(void) +{ + struct rte_acl_param param; + struct rte_acl_ctx * acx; + + /* create context */ + memcpy(¶m, &acl_param, sizeof(param)); + + acx = rte_acl_create(¶m); + if (acx == NULL) { + printf("Line %i: Error creating ACL context!\n", __LINE__); + return -1; + } + + /* dump context with rules - useful for coverage */ + rte_acl_list_dump(); + + rte_acl_dump(acx); + + rte_acl_free(acx); + + return 0; +} + +int +test_acl(void) +{ + if (test_invalid_parameters() < 0) + return -1; + if (test_invalid_rules() < 0) + return -1; + if (test_create_find_add() < 0) + return -1; + if (test_invalid_layout() < 0) + return -1; + if (test_misc() < 0) + return -1; + if (test_classify() < 0) + return -1; + + return 0; +} +#else + +int +test_acl(void) +{ + printf("This binary was not compiled with ACL support!\n"); + return 0; +} + +#endif /* RTE_LIBRTE_ACL */ diff --git a/app/test/test_acl.h b/app/test/test_acl.h new file mode 100644 index 0000000000..9515e04e60 --- /dev/null +++ b/app/test/test_acl.h @@ -0,0 +1,633 @@ +/*- + * BSD LICENSE + * + * Copyright(c) 2010-2013 Intel Corporation. All rights reserved. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * * Neither the name of Intel Corporation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT + * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef TEST_ACL_H_ +#define TEST_ACL_H_ + +struct ipv4_7tuple { + uint16_t vlan; + uint16_t domain; + uint8_t proto; + uint32_t ip_src; + uint32_t ip_dst; + uint16_t port_src; + uint16_t port_dst; + uint32_t allow; + uint32_t deny; +}; + +/* rules for invalid layout test */ +struct rte_acl_ipv4vlan_rule invalid_layout_rules[] = { + /* test src and dst address */ + { + .data = {.userdata = 1, .category_mask = 1}, + .src_addr = IPv4(10,0,0,0), + .src_mask_len = 24, + }, + { + .data = {.userdata = 2, .category_mask = 1}, + .dst_addr = IPv4(10,0,0,0), + .dst_mask_len = 24, + }, + /* test src and dst ports */ + { + .data = {.userdata = 3, .category_mask = 1}, + .dst_port_low = 100, + .dst_port_high = 100, + }, + { + .data = {.userdata = 4, .category_mask = 1}, + .src_port_low = 100, + .src_port_high = 100, + }, + /* test proto */ + { + .data = {.userdata = 5, .category_mask = 1}, + .proto = 0xf, + .proto_mask = 0xf + }, + { + .data = {.userdata = 6, .category_mask = 1}, + .dst_port_low = 0xf, + .dst_port_high = 0xf, + } +}; + +/* these might look odd because they don't match up the rules. This is + * intentional, as the invalid layout test presumes returning the correct + * results using the wrong data layout. + */ +struct ipv4_7tuple invalid_layout_data[] = { + {.ip_src = IPv4(10,0,1,0)}, /* should not match */ + {.ip_src = IPv4(10,0,0,1), .allow = 2}, /* should match 2 */ + {.port_src = 100, .allow = 4}, /* should match 4 */ + {.port_dst = 0xf, .allow = 6}, /* should match 6 */ +}; + +#define ACL_ALLOW 0 +#define ACL_DENY 1 +#define ACL_ALLOW_MASK 0x1 +#define ACL_DENY_MASK 0x2 + +/* ruleset for ACL unit test */ +struct rte_acl_ipv4vlan_rule acl_test_rules[] = { +/* destination IP addresses */ + /* matches all packets traveling to 192.168.0.0/16 */ + { + .data = {.userdata = 1, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .dst_addr = IPv4(192,168,0,0), + .dst_mask_len = 16, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets traveling to 192.168.1.0/24 */ + { + .data = {.userdata = 2, .category_mask = ACL_ALLOW_MASK, + .priority = 3}, + .dst_addr = IPv4(192,168,1,0), + .dst_mask_len = 24, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets traveling to 192.168.1.50 */ + { + .data = {.userdata = 3, .category_mask = ACL_DENY_MASK, + .priority = 2}, + .dst_addr = IPv4(192,168,1,50), + .dst_mask_len = 32, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* source IP addresses */ + /* matches all packets traveling from 10.0.0.0/8 */ + { + .data = {.userdata = 4, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .src_addr = IPv4(10,0,0,0), + .src_mask_len = 8, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets traveling from 10.1.1.0/24 */ + { + .data = {.userdata = 5, .category_mask = ACL_ALLOW_MASK, + .priority = 3}, + .src_addr = IPv4(10,1,1,0), + .src_mask_len = 24, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets traveling from 10.1.1.1 */ + { + .data = {.userdata = 6, .category_mask = ACL_DENY_MASK, + .priority = 2}, + .src_addr = IPv4(10,1,1,1), + .src_mask_len = 32, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* VLAN tag */ + /* matches all packets with lower 7 bytes of VLAN tag equal to 0x64 */ + { + .data = {.userdata = 7, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .vlan = 0x64, + .vlan_mask = 0x7f, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with VLAN tags that have 0x5 in them */ + { + .data = {.userdata = 8, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .vlan = 0x5, + .vlan_mask = 0x5, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with VLAN tag 5 */ + { + .data = {.userdata = 9, .category_mask = ACL_DENY_MASK, + .priority = 3}, + .vlan = 0x5, + .vlan_mask = 0xffff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* VLAN domain */ + /* matches all packets with lower 7 bytes of domain equal to 0x64 */ + { + .data = {.userdata = 10, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .domain = 0x64, + .domain_mask = 0x7f, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with domains that have 0x5 in them */ + { + .data = {.userdata = 11, .category_mask = ACL_ALLOW_MASK, + .priority = 3}, + .domain = 0x5, + .domain_mask = 0x5, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with domain 5 */ + { + .data = {.userdata = 12, .category_mask = ACL_DENY_MASK, + .priority = 3}, + .domain = 0x5, + .domain_mask = 0xffff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* destination port */ + /* matches everything with dst port 80 */ + { + .data = {.userdata = 13, .category_mask = ACL_ALLOW_MASK, + .priority = 3}, + .dst_port_low = 80, + .dst_port_high = 80, + .src_port_low = 0, + .src_port_high = 0xffff, + }, + /* matches everything with dst port 22-1023 */ + { + .data = {.userdata = 14, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .dst_port_low = 22, + .dst_port_high = 1023, + .src_port_low = 0, + .src_port_high = 0xffff, + }, + /* matches everything with dst port 1020 */ + { + .data = {.userdata = 15, .category_mask = ACL_DENY_MASK, + .priority = 3}, + .dst_port_low = 1020, + .dst_port_high = 1020, + .src_port_low = 0, + .src_port_high = 0xffff, + }, + /* matches everything with dst portrange 1000-2000 */ + { + .data = {.userdata = 16, .category_mask = ACL_DENY_MASK, + .priority = 2}, + .dst_port_low = 1000, + .dst_port_high = 2000, + .src_port_low = 0, + .src_port_high = 0xffff, + }, + +/* source port */ + /* matches everything with src port 80 */ + { + .data = {.userdata = 17, .category_mask = ACL_ALLOW_MASK, + .priority = 3}, + .src_port_low = 80, + .src_port_high = 80, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches everything with src port 22-1023 */ + { + .data = {.userdata = 18, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .src_port_low = 22, + .src_port_high = 1023, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches everything with src port 1020 */ + { + .data = {.userdata = 19, .category_mask = ACL_DENY_MASK, + .priority = 3}, + .src_port_low = 1020, + .src_port_high = 1020, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches everything with src portrange 1000-2000 */ + { + .data = {.userdata = 20, .category_mask = ACL_DENY_MASK, + .priority = 2}, + .src_port_low = 1000, + .src_port_high = 2000, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* protocol number */ + /* matches all packets with protocol number either 0x64 or 0xE4 */ + { + .data = {.userdata = 21, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .proto = 0x64, + .proto_mask = 0x7f, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with protocol that have 0x5 in them */ + { + .data = {.userdata = 22, .category_mask = ACL_ALLOW_MASK, + .priority = 2}, + .proto = 0x5, + .proto_mask = 0x5, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + /* matches all packets with protocol 5 */ + { + .data = {.userdata = 23, .category_mask = ACL_DENY_MASK, + .priority = 3}, + .proto = 0x5, + .proto_mask = 0xff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 0, + .dst_port_high = 0xffff, + }, + +/* rules combining various fields */ + { + .data = {.userdata = 24, .category_mask = ACL_ALLOW_MASK, + .priority = 4}, + /** make sure that unmasked bytes don't fail! */ + .dst_addr = IPv4(1,2,3,4), + .dst_mask_len = 16, + .src_addr = IPv4(5,6,7,8), + .src_mask_len = 24, + .proto = 0x5, + .proto_mask = 0xff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 22, + .dst_port_high = 1024, + .vlan = 0x8100, + .vlan_mask = 0xffff, + .domain = 0x64, + .domain_mask = 0xffff, + }, + { + .data = {.userdata = 25, .category_mask = ACL_DENY_MASK, + .priority = 4}, + .dst_addr = IPv4(5,6,7,8), + .dst_mask_len = 24, + .src_addr = IPv4(1,2,3,4), + .src_mask_len = 16, + .proto = 0x5, + .proto_mask = 0xff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 22, + .dst_port_high = 1024, + .vlan = 0x8100, + .vlan_mask = 0xffff, + .domain = 0x64, + .domain_mask = 0xffff, + }, + { + .data = {.userdata = 26, .category_mask = ACL_ALLOW_MASK, + .priority = 5}, + .dst_addr = IPv4(1,2,3,4), + .dst_mask_len = 8, + .src_addr = IPv4(5,6,7,8), + .src_mask_len = 32, + .proto = 0x5, + .proto_mask = 0xff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 22, + .dst_port_high = 1024, + .vlan = 0x64, + .vlan_mask = 0xffff, + }, + { + .data = {.userdata = 27, .category_mask = ACL_DENY_MASK, + .priority = 5}, + .dst_addr = IPv4(5,6,7,8), + .dst_mask_len = 32, + .src_addr = IPv4(1,2,3,4), + .src_mask_len = 8, + .proto = 0x5, + .proto_mask = 0xff, + .src_port_low = 0, + .src_port_high = 0xffff, + .dst_port_low = 22, + .dst_port_high = 1024, + .vlan = 0x64, + .vlan_mask = 0xffff, + }, +}; + +/* data for ACL unit test */ +struct ipv4_7tuple acl_test_data[] = { +/* testing single rule aspects */ + {.ip_src = IPv4(10,0,0,0), .allow = 4}, /* should match 4 */ + {.ip_src = IPv4(10,1,1,2), .allow = 5}, /* should match 5 */ + {.ip_src = IPv4(10,1,1,1), .allow = 5, + .deny = 6}, /* should match 5, 6 */ + {.ip_dst = IPv4(10,0,0,0)}, /* should not match */ + {.ip_dst = IPv4(10,1,1,2)}, /* should not match */ + {.ip_dst = IPv4(10,1,1,1)}, /* should not match */ + + {.ip_src = IPv4(192,168,2,50)}, /* should not match */ + {.ip_src = IPv4(192,168,1,2)}, /* should not match */ + {.ip_src = IPv4(192,168,1,50)}, /* should not match */ + {.ip_dst = IPv4(192,168,2,50), .allow = 1}, /* should match 1 */ + {.ip_dst = IPv4(192,168,1,49), .allow = 2}, /* should match 2 */ + {.ip_dst = IPv4(192,168,1,50), .allow = 2, + .deny = 3}, /* should match 2, 3 */ + + {.vlan = 0x64, .allow = 7}, /* should match 7 */ + {.vlan = 0xfE4, .allow = 7}, /* should match 7 */ + {.vlan = 0xE2}, /* should not match */ + {.vlan = 0xD, .allow = 8}, /* should match 8 */ + {.vlan = 0x6}, /* should not match */ + {.vlan = 0x5, .allow = 8, .deny = 9}, /* should match 8, 9 */ + + {.domain = 0x64, .allow = 10}, /* should match 10 */ + {.domain = 0xfE4, .allow = 10}, /* should match 10 */ + {.domain = 0xE2}, /* should not match */ + {.domain = 0xD, .allow = 11}, /* should match 11 */ + {.domain = 0x6}, /* should not match */ + {.domain = 0x5, .allow = 11, .deny = 12}, /* should match 11, 12 */ + + {.port_dst = 80, .allow = 13}, /* should match 13 */ + {.port_dst = 79, .allow = 14}, /* should match 14 */ + {.port_dst = 81, .allow = 14}, /* should match 14 */ + {.port_dst = 21}, /* should not match */ + {.port_dst = 1024, .deny = 16}, /* should match 16 */ + {.port_dst = 1020, .allow = 14, .deny = 15}, /* should match 14, 15 */ + + {.port_src = 80, .allow = 17}, /* should match 17 */ + {.port_src = 79, .allow = 18}, /* should match 18 */ + {.port_src = 81, .allow = 18}, /* should match 18 */ + {.port_src = 21}, /* should not match */ + {.port_src = 1024, .deny = 20}, /* should match 20 */ + {.port_src = 1020, .allow = 18, .deny = 19}, /* should match 18, 19 */ + + {.proto = 0x64, .allow = 21}, /* should match 21 */ + {.proto = 0xE4, .allow = 21}, /* should match 21 */ + {.proto = 0xE2}, /* should not match */ + {.proto = 0xD, .allow = 22}, /* should match 22 */ + {.proto = 0x6}, /* should not match */ + {.proto = 0x5, .allow = 22, .deny = 23}, /* should match 22, 23 */ + +/* testing matching multiple rules at once */ + {.vlan = 0x5, .ip_src = IPv4(10,1,1,1), + .allow = 5, .deny = 9}, /* should match 5, 9 */ + {.vlan = 0x5, .ip_src = IPv4(192,168,2,50), + .allow = 8, .deny = 9}, /* should match 8, 9 */ + {.vlan = 0x55, .ip_src = IPv4(192,168,1,49), + .allow = 8}, /* should match 8 */ + {.port_dst = 80, .port_src = 1024, + .allow = 13, .deny = 20}, /* should match 13,20 */ + {.port_dst = 79, .port_src = 1024, + .allow = 14, .deny = 20}, /* should match 14,20 */ + {.proto = 0x5, .ip_dst = IPv4(192,168,2,50), + .allow = 1, .deny = 23}, /* should match 1, 23 */ + + {.proto = 0x5, .ip_dst = IPv4(192,168,1,50), + .allow = 2, .deny = 23}, /* should match 2, 23 */ + {.vlan = 0x64, .domain = 0x5, + .allow = 11, .deny = 12}, /* should match 11, 12 */ + {.proto = 0x5, .port_src = 80, + .allow = 17, .deny = 23}, /* should match 17, 23 */ + {.proto = 0x5, .port_dst = 80, + .allow = 13, .deny = 23}, /* should match 13, 23 */ + {.proto = 0x51, .port_src = 5000}, /* should not match */ + {.ip_src = IPv4(192,168,1,50), + .ip_dst = IPv4(10,0,0,0), + .proto = 0x51, + .port_src = 5000, + .port_dst = 5000}, /* should not match */ + +/* test full packet rules */ + { + .ip_dst = IPv4(1,2,100,200), + .ip_src = IPv4(5,6,7,254), + .proto = 0x5, + .vlan = 0x8100, + .domain = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 24, + .deny = 23 + }, /* should match 23, 24 */ + { + .ip_dst = IPv4(5,6,7,254), + .ip_src = IPv4(1,2,100,200), + .proto = 0x5, + .vlan = 0x8100, + .domain = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 13, + .deny = 25 + }, /* should match 13, 25 */ + { + .ip_dst = IPv4(1,10,20,30), + .ip_src = IPv4(5,6,7,8), + .proto = 0x5, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 26, + .deny = 23 + }, /* should match 23, 26 */ + { + .ip_dst = IPv4(5,6,7,8), + .ip_src = IPv4(1,10,20,30), + .proto = 0x5, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 13, + .deny = 27 + }, /* should match 13, 27 */ + { + .ip_dst = IPv4(2,2,3,4), + .ip_src = IPv4(4,6,7,8), + .proto = 0x5, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 13, + .deny = 23 + }, /* should match 13, 23 */ + { + .ip_dst = IPv4(1,2,3,4), + .ip_src = IPv4(4,6,7,8), + .proto = 0x5, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 80, + .allow = 13, + .deny = 23 + }, /* should match 13, 23 */ + + +/* visual separator! */ + { + .ip_dst = IPv4(1,2,100,200), + .ip_src = IPv4(5,6,7,254), + .proto = 0x55, + .vlan = 0x8000, + .domain = 0x6464, + .port_src = 12345, + .port_dst = 8080, + .allow = 10 + }, /* should match 10 */ + { + .ip_dst = IPv4(5,6,7,254), + .ip_src = IPv4(1,2,100,200), + .proto = 0x55, + .vlan = 0x8100, + .domain = 0x6464, + .port_src = 12345, + .port_dst = 180, + .allow = 10 + }, /* should match 10 */ + { + .ip_dst = IPv4(1,10,20,30), + .ip_src = IPv4(5,6,7,8), + .proto = 0x55, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 180, + .allow = 7 + }, /* should match 7 */ + { + .ip_dst = IPv4(5,6,7,8), + .ip_src = IPv4(1,10,20,30), + .proto = 0x55, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 180, + .allow = 7 + }, /* should match 7 */ + { + .ip_dst = IPv4(2,2,3,4), + .ip_src = IPv4(4,6,7,8), + .proto = 0x55, + .vlan = 0x64, + .port_src = 12345, + .port_dst = 180, + .allow = 7 + }, /* should match 7 */ + { + .ip_dst = IPv4(1,2,3,4), + .ip_src = IPv4(4,6,7,8), + .proto = 0x50, + .vlan = 0x6466, + .port_src = 12345, + .port_dst = 12345, + }, /* should not match */ +}; + +#endif /* TEST_ACL_H_ */ diff --git a/app/test/test_pmac_acl.c b/app/test/test_pmac_acl.c deleted file mode 100644 index cc2df09b88..0000000000 --- a/app/test/test_pmac_acl.c +++ /dev/null @@ -1,887 +0,0 @@ -/*- - * BSD LICENSE - * - * Copyright(c) 2010-2013 Intel Corporation. All rights reserved. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * * Neither the name of Intel Corporation nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#include -#include - -#include - -#include -#include - -#include "test.h" - -#ifdef RTE_LIBRTE_PMAC - -#include -#include -#include - -#include "test_pmac_acl.h" - -#define LEN RTE_ACL_MAX_CATEGORIES - -struct rte_acl_param acl_param = { - .name = "acl_ctx", - .socket_id = SOCKET_ID_ANY, - .rule_size = sizeof(struct rte_acl_ipv4vlan_rule), - .max_rule_num = 0x30000, -}; - -struct rte_acl_ipv4vlan_rule acl_rule = { - .data = { .priority = 1, .category_mask = 0xff }, - .src_port_low = 0, - .src_port_high = UINT16_MAX, - .dst_port_low = 0, - .dst_port_high = UINT16_MAX, -}; - -/* byteswap to cpu or network order */ -static void -bswap_test_data(struct ipv4_7tuple * data, int len, int to_be) -{ - int i; - - for (i = 0; i < len; i++) { - - if (to_be) { - /* swap all bytes so that they are in network order */ - data[i].ip_dst = rte_cpu_to_be_32(data[i].ip_dst); - data[i].ip_src = rte_cpu_to_be_32(data[i].ip_src); - data[i].port_dst = rte_cpu_to_be_16(data[i].port_dst); - data[i].port_src = rte_cpu_to_be_16(data[i].port_src); - data[i].vlan = rte_cpu_to_be_16(data[i].vlan); - data[i].domain = rte_cpu_to_be_16(data[i].domain); - } - else { - data[i].ip_dst = rte_be_to_cpu_32(data[i].ip_dst); - data[i].ip_src = rte_be_to_cpu_32(data[i].ip_src); - data[i].port_dst = rte_be_to_cpu_16(data[i].port_dst); - data[i].port_src = rte_be_to_cpu_16(data[i].port_src); - data[i].vlan = rte_be_to_cpu_16(data[i].vlan); - data[i].domain = rte_be_to_cpu_16(data[i].domain); - } - } -} - -/* - * Test scalar and SSE ACL lookup. - */ -static int -test_classify(void) -{ - struct rte_acl_ctx * acx; - int ret, i; - uint32_t result, count; - - uint32_t results[DIM(acl_test_data) * RTE_ACL_MAX_CATEGORIES]; - - const uint8_t * data[DIM(acl_test_data)]; - - const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = { - offsetof(struct ipv4_7tuple, proto), - offsetof(struct ipv4_7tuple, vlan), - offsetof(struct ipv4_7tuple, ip_src), - offsetof(struct ipv4_7tuple, ip_dst), - offsetof(struct ipv4_7tuple, port_src), - }; - - acx = rte_acl_create(&acl_param); - if (acx == NULL) { - printf("Line %i: Error creating ACL context!\n", __LINE__); - return -1; - } - - /* add rules to the context */ - ret = rte_acl_ipv4vlan_add_rules(acx, acl_test_rules, - DIM(acl_test_rules)); - if (ret != 0) { - printf("Line %i: Adding rules to ACL context failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* try building the context */ - ret = rte_acl_ipv4vlan_build(acx, layout, RTE_ACL_MAX_CATEGORIES); - if (ret != 0) { - printf("Line %i: Building ACL context failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* swap all bytes in the data to network order */ - bswap_test_data(acl_test_data, DIM(acl_test_data), 1); - - /* store pointers to test data */ - for (i = 0; i < (int) DIM(acl_test_data); i++) - data[i] = (uint8_t *)&acl_test_data[i]; - - /** - * these will run quite a few times, it's necessary to test code paths - * from num=0 to num>8 - */ - for (count = 0; count < DIM(acl_test_data); count++) { - ret = rte_acl_classify(acx, data, results, - count, RTE_ACL_MAX_CATEGORIES); - if (ret != 0) { - printf("Line %i: SSE classify failed!\n", __LINE__); - goto err; - } - - /* check if we allow everything we should allow */ - for (i = 0; i < (int) count; i++) { - result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_ALLOW]; - if (result != acl_test_data[i].allow) { - printf("Line %i: Error in allow results at %i " - "(expected %"PRIu32" got %"PRIu32")!\n", - __LINE__, i, acl_test_data[i].allow, - result); - goto err; - } - } - - /* check if we deny everything we should deny */ - for (i = 0; i < (int) count; i++) { - result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_DENY]; - if (result != acl_test_data[i].deny) { - printf("Line %i: Error in deny results at %i " - "(expected %"PRIu32" got %"PRIu32")!\n", - __LINE__, i, acl_test_data[i].deny, - result); - goto err; - } - } - } - - /* make a quick check for scalar */ - ret = rte_acl_classify_scalar(acx, data, results, - DIM(acl_test_data), RTE_ACL_MAX_CATEGORIES); - if (ret != 0) { - printf("Line %i: SSE classify failed!\n", __LINE__); - goto err; - } - - /* check if we allow everything we should allow */ - for (i = 0; i < (int) DIM(acl_test_data); i++) { - result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_ALLOW]; - if (result != acl_test_data[i].allow) { - printf("Line %i: Error in allow results at %i " - "(expected %"PRIu32" got %"PRIu32")!\n", - __LINE__, i, acl_test_data[i].allow, - result); - goto err; - } - } - - /* check if we deny everything we should deny */ - for (i = 0; i < (int) DIM(acl_test_data); i++) { - result = results[i * RTE_ACL_MAX_CATEGORIES + ACL_DENY]; - if (result != acl_test_data[i].deny) { - printf("Line %i: Error in deny results at %i " - "(expected %"PRIu32" got %"PRIu32")!\n", - __LINE__, i, acl_test_data[i].deny, - result); - goto err; - } - } - - /* free ACL context */ - rte_acl_free(acx); - - /* swap data back to cpu order so that next time tests don't fail */ - bswap_test_data(acl_test_data, DIM(acl_test_data), 0); - - return 0; -err: - - /* swap data back to cpu order so that next time tests don't fail */ - bswap_test_data(acl_test_data, DIM(acl_test_data), 0); - - rte_acl_free(acx); - - return -1; -} - -/* - * Test wrong layout behavior - * This test supplies the ACL context with invalid layout, which results in - * ACL matching the wrong stuff. However, it should match the wrong stuff - * the right way. We switch around source and destination addresses, - * source and destination ports, and protocol will point to first byte of - * destination port. - */ -static int -test_invalid_layout(void) -{ - struct rte_acl_ctx * acx; - int ret, i; - - uint32_t results[DIM(invalid_layout_data)]; - const uint8_t * data[DIM(invalid_layout_data)]; - - const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = { - /* proto points to destination port's first byte */ - offsetof(struct ipv4_7tuple, port_dst), - - 0, /* VLAN not used */ - - /* src and dst addresses are swapped */ - offsetof(struct ipv4_7tuple, ip_dst), - offsetof(struct ipv4_7tuple, ip_src), - - /* we can't swap ports here, so we will swap them in the data */ - offsetof(struct ipv4_7tuple, port_src), - }; - - acx = rte_acl_create(&acl_param); - if (acx == NULL) { - printf("Line %i: Error creating ACL context!\n", __LINE__); - return -1; - } - - /* putting a lot of rules into the context results in greater - * coverage numbers. it doesn't matter if they are identical */ - for (i = 0; i < 1000; i++) { - /* add rules to the context */ - ret = rte_acl_ipv4vlan_add_rules(acx, invalid_layout_rules, - DIM(invalid_layout_rules)); - if (ret != 0) { - printf("Line %i: Adding rules to ACL context failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - } - - /* try building the context */ - ret = rte_acl_ipv4vlan_build(acx, layout, 1); - if (ret != 0) { - printf("Line %i: Building ACL context failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* swap all bytes in the data to network order */ - bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 1); - - /* prepare data */ - for (i = 0; i < (int) DIM(invalid_layout_data); i++) { - data[i] = (uint8_t *)&invalid_layout_data[i]; - } - - /* classify tuples */ - ret = rte_acl_classify(acx, data, results, - DIM(results), 1); - if (ret != 0) { - printf("Line %i: SSE classify failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - for (i = 0; i < (int) DIM(results); i++) { - if (results[i] != invalid_layout_data[i].allow) { - printf("Line %i: Wrong results at %i (result=%u, should be %u)!\n", - __LINE__, i, results[i], invalid_layout_data[i].allow); - goto err; - } - } - - /* classify tuples (scalar) */ - ret = rte_acl_classify_scalar(acx, data, results, - DIM(results), 1); - if (ret != 0) { - printf("Line %i: Scalar classify failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - for (i = 0; i < (int) DIM(results); i++) { - if (results[i] != invalid_layout_data[i].allow) { - printf("Line %i: Wrong results at %i (result=%u, should be %u)!\n", - __LINE__, i, results[i], invalid_layout_data[i].allow); - goto err; - } - } - - rte_acl_free(acx); - - /* swap data back to cpu order so that next time tests don't fail */ - bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 0); - - return 0; -err: - - /* swap data back to cpu order so that next time tests don't fail */ - bswap_test_data(invalid_layout_data, DIM(invalid_layout_data), 0); - - rte_acl_free(acx); - - return -1; -} - -/* - * Test creating and finding ACL contexts, and adding rules - */ -static int -test_create_find_add(void) -{ - struct rte_acl_param param; - struct rte_acl_ctx * acx, *acx2, *tmp; - struct rte_acl_ipv4vlan_rule rules[LEN]; - - const uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = {0}; - - const char * acx_name = "acx"; - const char * acx2_name = "acx2"; - int i, ret; - - /* create two contexts */ - memcpy(¶m, &acl_param, sizeof(param)); - param.max_rule_num = 2; - - param.name = acx_name; - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: Error creating %s!\n", __LINE__, acx_name); - return -1; - } - - param.name = acx2_name; - acx2 = rte_acl_create(¶m); - if (acx2 == NULL || acx2 == acx) { - printf("Line %i: Error creating %s!\n", __LINE__, acx2_name); - rte_acl_free(acx); - return -1; - } - - /* try to create third one, with an existing name */ - param.name = acx_name; - tmp = rte_acl_create(¶m); - if (tmp != acx) { - printf("Line %i: Creating context with existing name test failed!\n", - __LINE__); - if (tmp) - rte_acl_free(tmp); - goto err; - } - - param.name = acx2_name; - tmp = rte_acl_create(¶m); - if (tmp != acx2) { - printf("Line %i: Creating context with existing name test 2 failed!\n", - __LINE__); - if (tmp) - rte_acl_free(tmp); - goto err; - } - - /* try to find existing PM contexts */ - tmp = rte_acl_find_existing(acx_name); - if (tmp != acx) { - printf("Line %i: Finding %s failed!\n", __LINE__, acx_name); - if (tmp) - rte_acl_free(tmp); - goto err; - } - - tmp = rte_acl_find_existing(acx2_name); - if (tmp != acx2) { - printf("Line %i: Finding %s failed!\n", __LINE__, acx2_name); - if (tmp) - rte_acl_free(tmp); - goto err; - } - - /* try to find non-existing context */ - tmp = rte_acl_find_existing("invalid"); - if (tmp != NULL) { - printf("Line %i: Non-existent PM context found!\n", __LINE__); - goto err; - } - - /* free context */ - rte_acl_free(acx); - - - /* create valid (but severely limited) acx */ - memcpy(¶m, &acl_param, sizeof(param)); - param.max_rule_num = LEN; - - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: Error creating %s!\n", __LINE__, param.name); - goto err; - } - - /* create dummy acl */ - for (i = 0; i < LEN; i++) { - memcpy(&rules[i], &acl_rule, sizeof(struct rte_acl_ipv4vlan_rule)); - rules[i].data.userdata = i + 1; /* skip zero */ - rules[i].data.category_mask = 1 << i; /* one rule per category */ - } - - /* try filling up the context */ - ret = rte_acl_ipv4vlan_add_rules(acx, rules, LEN); - if (ret != 0) { - printf("Line %i: Adding %i rules to ACL context failed!\n", - __LINE__, LEN); - goto err; - } - - /* try adding to a (supposedly) full context */ - ret = rte_acl_ipv4vlan_add_rules(acx, rules, 1); - if (ret == 0) { - printf("Line %i: Adding rules to full ACL context should" - "have failed!\n", __LINE__); - goto err; - } - - /* try building the context */ - ret = rte_acl_ipv4vlan_build(acx, layout, RTE_ACL_MAX_CATEGORIES); - if (ret != 0) { - printf("Line %i: Building ACL context failed!\n", __LINE__); - goto err; - } - - rte_acl_free(acx); - rte_acl_free(acx2); - - return 0; -err: - rte_acl_free(acx); - rte_acl_free(acx2); - return -1; -} - -/* - * test various invalid rules - */ -static int -test_invalid_rules(void) -{ - struct rte_acl_ctx * acx; - int ret; - - struct rte_acl_ipv4vlan_rule rule; - - acx = rte_acl_create(&acl_param); - if (acx == NULL) { - printf("Line %i: Error creating ACL context!\n", __LINE__); - return -1; - } - - /* test inverted high/low source and destination ports. - * originally, there was a problem with memory consumption when using - * such rules. - */ - /* create dummy acl */ - memcpy(&rule, &acl_rule, sizeof(struct rte_acl_ipv4vlan_rule)); - rule.data.userdata = 1; - rule.dst_port_low = 0xfff0; - rule.dst_port_high = 0x0010; - - /* add rules to context and try to build it */ - ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (ret == 0) { - printf("Line %i: Adding rules to ACL context " - "should have failed!\n", __LINE__); - goto err; - } - - rule.dst_port_low = 0x0; - rule.dst_port_high = 0xffff; - rule.src_port_low = 0xfff0; - rule.src_port_high = 0x0010; - - /* add rules to context and try to build it */ - ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (ret == 0) { - printf("Line %i: Adding rules to ACL context " - "should have failed!\n", __LINE__); - goto err; - } - - rule.dst_port_low = 0x0; - rule.dst_port_high = 0xffff; - rule.src_port_low = 0x0; - rule.src_port_high = 0xffff; - - rule.dst_mask_len = 33; - - /* add rules to context and try to build it */ - ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (ret == 0) { - printf("Line %i: Adding rules to ACL context " - "should have failed!\n", __LINE__); - goto err; - } - - rule.dst_mask_len = 0; - rule.src_mask_len = 33; - - /* add rules to context and try to build it */ - ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (ret == 0) { - printf("Line %i: Adding rules to ACL context " - "should have failed!\n", __LINE__); - goto err; - } - - rule.dst_mask_len = 0; - rule.src_mask_len = 0; - rule.data.userdata = 0; - - /* try adding this rule (it should fail because userdata is invalid) */ - ret = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (ret == 0) { - printf("Line %i: Adding a rule with invalid user data " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - rte_acl_free(acx); - - return 0; - -err: - rte_acl_free(acx); - - return -1; -} - -/* - * test functions by passing invalid or - * non-workable parameters. - * - * we do very limited testing of classify functions here - * because those are performance-critical and - * thus don't do much parameter checking. - */ -static int -test_invalid_parameters(void) -{ - struct rte_acl_param param; - struct rte_acl_ctx * acx; - struct rte_acl_ipv4vlan_rule rule; - int result; - - uint32_t layout[RTE_ACL_IPV4VLAN_NUM] = {0}; - - - /** - * rte_ac_create() - */ - - /* NULL param */ - acx = rte_acl_create(NULL); - if (acx != NULL) { - printf("Line %i: ACL context creation with NULL param " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* zero rule size */ - memcpy(¶m, &acl_param, sizeof(param)); - param.rule_size = 0; - - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: ACL context creation with zero rule len " - "failed!\n", __LINE__); - return -1; - } - else - rte_acl_free(acx); - - /* zero max rule num */ - memcpy(¶m, &acl_param, sizeof(param)); - param.max_rule_num = 0; - - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: ACL context creation with zero rule num " - "failed!\n", __LINE__); - return -1; - } - else - rte_acl_free(acx); - - /* invalid NUMA node */ - memcpy(¶m, &acl_param, sizeof(param)); - param.socket_id = RTE_MAX_NUMA_NODES + 1; - - acx = rte_acl_create(¶m); - if (acx != NULL) { - printf("Line %i: ACL context creation with invalid NUMA " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* NULL name */ - memcpy(¶m, &acl_param, sizeof(param)); - param.name = NULL; - - acx = rte_acl_create(¶m); - if (acx != NULL) { - printf("Line %i: ACL context creation with NULL name " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /** - * rte_acl_find_existing - */ - - acx = rte_acl_find_existing(NULL); - if (acx != NULL) { - printf("Line %i: NULL ACL context found!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /** - * rte_acl_ipv4vlan_add_rules - */ - - /* initialize everything */ - memcpy(¶m, &acl_param, sizeof(param)); - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: ACL context creation failed!\n", __LINE__); - return -1; - } - - memcpy(&rule, &acl_rule, sizeof(rule)); - - /* NULL context */ - result = rte_acl_ipv4vlan_add_rules(NULL, &rule, 1); - if (result == 0) { - printf("Line %i: Adding rules with NULL ACL context " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* NULL rule */ - result = rte_acl_ipv4vlan_add_rules(acx, NULL, 1); - if (result == 0) { - printf("Line %i: Adding NULL rule to ACL context " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* zero count (should succeed) */ - result = rte_acl_ipv4vlan_add_rules(acx, &rule, 0); - if (result != 0) { - printf("Line %i: Adding 0 rules to ACL context failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* free ACL context */ - rte_acl_free(acx); - - /* set wrong rule_size so that adding any rules would fail */ - param.rule_size = sizeof(struct rte_acl_ipv4vlan_rule) + 4; - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: ACL context creation failed!\n", __LINE__); - return -1; - } - - /* try adding a rule with size different from context rule_size */ - result = rte_acl_ipv4vlan_add_rules(acx, &rule, 1); - if (result == 0) { - printf("Line %i: Adding an invalid sized rule " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* free ACL context */ - rte_acl_free(acx); - - - /** - * rte_acl_ipv4vlan_build - */ - - /* reinitialize context */ - memcpy(¶m, &acl_param, sizeof(param)); - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: ACL context creation failed!\n", __LINE__); - return -1; - } - - /* NULL context */ - result = rte_acl_ipv4vlan_build(NULL, layout, 1); - if (result == 0) { - printf("Line %i: Building with NULL context " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* NULL layout */ - result = rte_acl_ipv4vlan_build(acx, NULL, 1); - if (result == 0) { - printf("Line %i: Building with NULL layout " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* zero categories (should not fail) */ - result = rte_acl_ipv4vlan_build(acx, layout, 0); - if (result != 0) { - printf("Line %i: Building with 0 categories failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* SSE classify test */ - - /* cover zero categories in classify (should not fail) */ - result = rte_acl_classify(acx, NULL, NULL, 0, 0); - if (result != 0) { - printf("Line %i: SSE classify with zero categories " - "failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* cover invalid but positive categories in classify */ - result = rte_acl_classify(acx, NULL, NULL, 0, 3); - if (result == 0) { - printf("Line %i: SSE classify with 3 categories " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* scalar classify test */ - - /* cover zero categories in classify (should not fail) */ - result = rte_acl_classify_scalar(acx, NULL, NULL, 0, 0); - if (result != 0) { - printf("Line %i: Scalar classify with zero categories " - "failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* cover invalid but positive categories in classify */ - result = rte_acl_classify_scalar(acx, NULL, NULL, 0, 3); - if (result == 0) { - printf("Line %i: Scalar classify with 3 categories " - "should have failed!\n", __LINE__); - rte_acl_free(acx); - return -1; - } - - /* free ACL context */ - rte_acl_free(acx); - - - /** - * make sure void functions don't crash with NULL parameters - */ - - rte_acl_free(NULL); - - rte_acl_dump(NULL); - - return 0; -} - -/** - * Various tests that don't test much but improve coverage - */ -static int -test_misc(void) -{ - struct rte_acl_param param; - struct rte_acl_ctx * acx; - - /* create context */ - memcpy(¶m, &acl_param, sizeof(param)); - - acx = rte_acl_create(¶m); - if (acx == NULL) { - printf("Line %i: Error creating ACL context!\n", __LINE__); - return -1; - } - - /* dump context with rules - useful for coverage */ - rte_acl_list_dump(); - - rte_acl_dump(acx); - - rte_acl_free(acx); - - return 0; -} - -int -test_pmac_acl(void) -{ - if (test_invalid_parameters() < 0) - return -1; - if (test_invalid_rules() < 0) - return -1; - if (test_create_find_add() < 0) - return -1; - if (test_invalid_layout() < 0) - return -1; - if (test_misc() < 0) - return -1; - if (test_classify() < 0) - return -1; - - return 0; -} -#else - -int -test_pmac_acl(void) -{ - printf("This binary was not compiled with PMAC support!\n"); - return 0; -} - -#endif /* RTE_LIBRTE_PMAC */ diff --git a/app/test/test_pmac_acl.h b/app/test/test_pmac_acl.h deleted file mode 100644 index f3c6d6eb5c..0000000000 --- a/app/test/test_pmac_acl.h +++ /dev/null @@ -1,633 +0,0 @@ -/*- - * BSD LICENSE - * - * Copyright(c) 2010-2013 Intel Corporation. All rights reserved. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * * Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * * Neither the name of Intel Corporation nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR - * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT - * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT - * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, - * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY - * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT - * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE - * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef TEST_PMAC_ACL_H_ -#define TEST_PMAC_ACL_H_ - -struct ipv4_7tuple { - uint16_t vlan; - uint16_t domain; - uint8_t proto; - uint32_t ip_src; - uint32_t ip_dst; - uint16_t port_src; - uint16_t port_dst; - uint32_t allow; - uint32_t deny; -}; - -/* rules for invalid layout test */ -struct rte_acl_ipv4vlan_rule invalid_layout_rules[] = { - /* test src and dst address */ - { - .data = {.userdata = 1, .category_mask = 1}, - .src_addr = IPv4(10,0,0,0), - .src_mask_len = 24, - }, - { - .data = {.userdata = 2, .category_mask = 1}, - .dst_addr = IPv4(10,0,0,0), - .dst_mask_len = 24, - }, - /* test src and dst ports */ - { - .data = {.userdata = 3, .category_mask = 1}, - .dst_port_low = 100, - .dst_port_high = 100, - }, - { - .data = {.userdata = 4, .category_mask = 1}, - .src_port_low = 100, - .src_port_high = 100, - }, - /* test proto */ - { - .data = {.userdata = 5, .category_mask = 1}, - .proto = 0xf, - .proto_mask = 0xf - }, - { - .data = {.userdata = 6, .category_mask = 1}, - .dst_port_low = 0xf, - .dst_port_high = 0xf, - } -}; - -/* these might look odd because they don't match up the rules. This is - * intentional, as the invalid layout test presumes returning the correct - * results using the wrong data layout. - */ -struct ipv4_7tuple invalid_layout_data[] = { - {.ip_src = IPv4(10,0,1,0)}, /* should not match */ - {.ip_src = IPv4(10,0,0,1), .allow = 2}, /* should match 2 */ - {.port_src = 100, .allow = 4}, /* should match 4 */ - {.port_dst = 0xf, .allow = 6}, /* should match 6 */ -}; - -#define ACL_ALLOW 0 -#define ACL_DENY 1 -#define ACL_ALLOW_MASK 0x1 -#define ACL_DENY_MASK 0x2 - -/* ruleset for ACL unit test */ -struct rte_acl_ipv4vlan_rule acl_test_rules[] = { -/* destination IP addresses */ - /* matches all packets traveling to 192.168.0.0/16 */ - { - .data = {.userdata = 1, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .dst_addr = IPv4(192,168,0,0), - .dst_mask_len = 16, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets traveling to 192.168.1.0/24 */ - { - .data = {.userdata = 2, .category_mask = ACL_ALLOW_MASK, - .priority = 3}, - .dst_addr = IPv4(192,168,1,0), - .dst_mask_len = 24, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets traveling to 192.168.1.50 */ - { - .data = {.userdata = 3, .category_mask = ACL_DENY_MASK, - .priority = 2}, - .dst_addr = IPv4(192,168,1,50), - .dst_mask_len = 32, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* source IP addresses */ - /* matches all packets traveling from 10.0.0.0/8 */ - { - .data = {.userdata = 4, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .src_addr = IPv4(10,0,0,0), - .src_mask_len = 8, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets traveling from 10.1.1.0/24 */ - { - .data = {.userdata = 5, .category_mask = ACL_ALLOW_MASK, - .priority = 3}, - .src_addr = IPv4(10,1,1,0), - .src_mask_len = 24, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets traveling from 10.1.1.1 */ - { - .data = {.userdata = 6, .category_mask = ACL_DENY_MASK, - .priority = 2}, - .src_addr = IPv4(10,1,1,1), - .src_mask_len = 32, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* VLAN tag */ - /* matches all packets with lower 7 bytes of VLAN tag equal to 0x64 */ - { - .data = {.userdata = 7, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .vlan = 0x64, - .vlan_mask = 0x7f, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with VLAN tags that have 0x5 in them */ - { - .data = {.userdata = 8, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .vlan = 0x5, - .vlan_mask = 0x5, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with VLAN tag 5 */ - { - .data = {.userdata = 9, .category_mask = ACL_DENY_MASK, - .priority = 3}, - .vlan = 0x5, - .vlan_mask = 0xffff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* VLAN domain */ - /* matches all packets with lower 7 bytes of domain equal to 0x64 */ - { - .data = {.userdata = 10, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .domain = 0x64, - .domain_mask = 0x7f, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with domains that have 0x5 in them */ - { - .data = {.userdata = 11, .category_mask = ACL_ALLOW_MASK, - .priority = 3}, - .domain = 0x5, - .domain_mask = 0x5, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with domain 5 */ - { - .data = {.userdata = 12, .category_mask = ACL_DENY_MASK, - .priority = 3}, - .domain = 0x5, - .domain_mask = 0xffff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* destination port */ - /* matches everything with dst port 80 */ - { - .data = {.userdata = 13, .category_mask = ACL_ALLOW_MASK, - .priority = 3}, - .dst_port_low = 80, - .dst_port_high = 80, - .src_port_low = 0, - .src_port_high = 0xffff, - }, - /* matches everything with dst port 22-1023 */ - { - .data = {.userdata = 14, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .dst_port_low = 22, - .dst_port_high = 1023, - .src_port_low = 0, - .src_port_high = 0xffff, - }, - /* matches everything with dst port 1020 */ - { - .data = {.userdata = 15, .category_mask = ACL_DENY_MASK, - .priority = 3}, - .dst_port_low = 1020, - .dst_port_high = 1020, - .src_port_low = 0, - .src_port_high = 0xffff, - }, - /* matches everything with dst portrange 1000-2000 */ - { - .data = {.userdata = 16, .category_mask = ACL_DENY_MASK, - .priority = 2}, - .dst_port_low = 1000, - .dst_port_high = 2000, - .src_port_low = 0, - .src_port_high = 0xffff, - }, - -/* source port */ - /* matches everything with src port 80 */ - { - .data = {.userdata = 17, .category_mask = ACL_ALLOW_MASK, - .priority = 3}, - .src_port_low = 80, - .src_port_high = 80, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches everything with src port 22-1023 */ - { - .data = {.userdata = 18, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .src_port_low = 22, - .src_port_high = 1023, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches everything with src port 1020 */ - { - .data = {.userdata = 19, .category_mask = ACL_DENY_MASK, - .priority = 3}, - .src_port_low = 1020, - .src_port_high = 1020, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches everything with src portrange 1000-2000 */ - { - .data = {.userdata = 20, .category_mask = ACL_DENY_MASK, - .priority = 2}, - .src_port_low = 1000, - .src_port_high = 2000, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* protocol number */ - /* matches all packets with protocol number either 0x64 or 0xE4 */ - { - .data = {.userdata = 21, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .proto = 0x64, - .proto_mask = 0x7f, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with protocol that have 0x5 in them */ - { - .data = {.userdata = 22, .category_mask = ACL_ALLOW_MASK, - .priority = 2}, - .proto = 0x5, - .proto_mask = 0x5, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - /* matches all packets with protocol 5 */ - { - .data = {.userdata = 23, .category_mask = ACL_DENY_MASK, - .priority = 3}, - .proto = 0x5, - .proto_mask = 0xff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 0, - .dst_port_high = 0xffff, - }, - -/* rules combining various fields */ - { - .data = {.userdata = 24, .category_mask = ACL_ALLOW_MASK, - .priority = 4}, - /** make sure that unmasked bytes don't fail! */ - .dst_addr = IPv4(1,2,3,4), - .dst_mask_len = 16, - .src_addr = IPv4(5,6,7,8), - .src_mask_len = 24, - .proto = 0x5, - .proto_mask = 0xff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 22, - .dst_port_high = 1024, - .vlan = 0x8100, - .vlan_mask = 0xffff, - .domain = 0x64, - .domain_mask = 0xffff, - }, - { - .data = {.userdata = 25, .category_mask = ACL_DENY_MASK, - .priority = 4}, - .dst_addr = IPv4(5,6,7,8), - .dst_mask_len = 24, - .src_addr = IPv4(1,2,3,4), - .src_mask_len = 16, - .proto = 0x5, - .proto_mask = 0xff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 22, - .dst_port_high = 1024, - .vlan = 0x8100, - .vlan_mask = 0xffff, - .domain = 0x64, - .domain_mask = 0xffff, - }, - { - .data = {.userdata = 26, .category_mask = ACL_ALLOW_MASK, - .priority = 5}, - .dst_addr = IPv4(1,2,3,4), - .dst_mask_len = 8, - .src_addr = IPv4(5,6,7,8), - .src_mask_len = 32, - .proto = 0x5, - .proto_mask = 0xff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 22, - .dst_port_high = 1024, - .vlan = 0x64, - .vlan_mask = 0xffff, - }, - { - .data = {.userdata = 27, .category_mask = ACL_DENY_MASK, - .priority = 5}, - .dst_addr = IPv4(5,6,7,8), - .dst_mask_len = 32, - .src_addr = IPv4(1,2,3,4), - .src_mask_len = 8, - .proto = 0x5, - .proto_mask = 0xff, - .src_port_low = 0, - .src_port_high = 0xffff, - .dst_port_low = 22, - .dst_port_high = 1024, - .vlan = 0x64, - .vlan_mask = 0xffff, - }, -}; - -/* data for ACL unit test */ -struct ipv4_7tuple acl_test_data[] = { -/* testing single rule aspects */ - {.ip_src = IPv4(10,0,0,0), .allow = 4}, /* should match 4 */ - {.ip_src = IPv4(10,1,1,2), .allow = 5}, /* should match 5 */ - {.ip_src = IPv4(10,1,1,1), .allow = 5, - .deny = 6}, /* should match 5, 6 */ - {.ip_dst = IPv4(10,0,0,0)}, /* should not match */ - {.ip_dst = IPv4(10,1,1,2)}, /* should not match */ - {.ip_dst = IPv4(10,1,1,1)}, /* should not match */ - - {.ip_src = IPv4(192,168,2,50)}, /* should not match */ - {.ip_src = IPv4(192,168,1,2)}, /* should not match */ - {.ip_src = IPv4(192,168,1,50)}, /* should not match */ - {.ip_dst = IPv4(192,168,2,50), .allow = 1}, /* should match 1 */ - {.ip_dst = IPv4(192,168,1,49), .allow = 2}, /* should match 2 */ - {.ip_dst = IPv4(192,168,1,50), .allow = 2, - .deny = 3}, /* should match 2, 3 */ - - {.vlan = 0x64, .allow = 7}, /* should match 7 */ - {.vlan = 0xfE4, .allow = 7}, /* should match 7 */ - {.vlan = 0xE2}, /* should not match */ - {.vlan = 0xD, .allow = 8}, /* should match 8 */ - {.vlan = 0x6}, /* should not match */ - {.vlan = 0x5, .allow = 8, .deny = 9}, /* should match 8, 9 */ - - {.domain = 0x64, .allow = 10}, /* should match 10 */ - {.domain = 0xfE4, .allow = 10}, /* should match 10 */ - {.domain = 0xE2}, /* should not match */ - {.domain = 0xD, .allow = 11}, /* should match 11 */ - {.domain = 0x6}, /* should not match */ - {.domain = 0x5, .allow = 11, .deny = 12}, /* should match 11, 12 */ - - {.port_dst = 80, .allow = 13}, /* should match 13 */ - {.port_dst = 79, .allow = 14}, /* should match 14 */ - {.port_dst = 81, .allow = 14}, /* should match 14 */ - {.port_dst = 21}, /* should not match */ - {.port_dst = 1024, .deny = 16}, /* should match 16 */ - {.port_dst = 1020, .allow = 14, .deny = 15}, /* should match 14, 15 */ - - {.port_src = 80, .allow = 17}, /* should match 17 */ - {.port_src = 79, .allow = 18}, /* should match 18 */ - {.port_src = 81, .allow = 18}, /* should match 18 */ - {.port_src = 21}, /* should not match */ - {.port_src = 1024, .deny = 20}, /* should match 20 */ - {.port_src = 1020, .allow = 18, .deny = 19}, /* should match 18, 19 */ - - {.proto = 0x64, .allow = 21}, /* should match 21 */ - {.proto = 0xE4, .allow = 21}, /* should match 21 */ - {.proto = 0xE2}, /* should not match */ - {.proto = 0xD, .allow = 22}, /* should match 22 */ - {.proto = 0x6}, /* should not match */ - {.proto = 0x5, .allow = 22, .deny = 23}, /* should match 22, 23 */ - -/* testing matching multiple rules at once */ - {.vlan = 0x5, .ip_src = IPv4(10,1,1,1), - .allow = 5, .deny = 9}, /* should match 5, 9 */ - {.vlan = 0x5, .ip_src = IPv4(192,168,2,50), - .allow = 8, .deny = 9}, /* should match 8, 9 */ - {.vlan = 0x55, .ip_src = IPv4(192,168,1,49), - .allow = 8}, /* should match 8 */ - {.port_dst = 80, .port_src = 1024, - .allow = 13, .deny = 20}, /* should match 13,20 */ - {.port_dst = 79, .port_src = 1024, - .allow = 14, .deny = 20}, /* should match 14,20 */ - {.proto = 0x5, .ip_dst = IPv4(192,168,2,50), - .allow = 1, .deny = 23}, /* should match 1, 23 */ - - {.proto = 0x5, .ip_dst = IPv4(192,168,1,50), - .allow = 2, .deny = 23}, /* should match 2, 23 */ - {.vlan = 0x64, .domain = 0x5, - .allow = 11, .deny = 12}, /* should match 11, 12 */ - {.proto = 0x5, .port_src = 80, - .allow = 17, .deny = 23}, /* should match 17, 23 */ - {.proto = 0x5, .port_dst = 80, - .allow = 13, .deny = 23}, /* should match 13, 23 */ - {.proto = 0x51, .port_src = 5000}, /* should not match */ - {.ip_src = IPv4(192,168,1,50), - .ip_dst = IPv4(10,0,0,0), - .proto = 0x51, - .port_src = 5000, - .port_dst = 5000}, /* should not match */ - -/* test full packet rules */ - { - .ip_dst = IPv4(1,2,100,200), - .ip_src = IPv4(5,6,7,254), - .proto = 0x5, - .vlan = 0x8100, - .domain = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 24, - .deny = 23 - }, /* should match 23, 24 */ - { - .ip_dst = IPv4(5,6,7,254), - .ip_src = IPv4(1,2,100,200), - .proto = 0x5, - .vlan = 0x8100, - .domain = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 13, - .deny = 25 - }, /* should match 13, 25 */ - { - .ip_dst = IPv4(1,10,20,30), - .ip_src = IPv4(5,6,7,8), - .proto = 0x5, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 26, - .deny = 23 - }, /* should match 23, 26 */ - { - .ip_dst = IPv4(5,6,7,8), - .ip_src = IPv4(1,10,20,30), - .proto = 0x5, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 13, - .deny = 27 - }, /* should match 13, 27 */ - { - .ip_dst = IPv4(2,2,3,4), - .ip_src = IPv4(4,6,7,8), - .proto = 0x5, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 13, - .deny = 23 - }, /* should match 13, 23 */ - { - .ip_dst = IPv4(1,2,3,4), - .ip_src = IPv4(4,6,7,8), - .proto = 0x5, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 80, - .allow = 13, - .deny = 23 - }, /* should match 13, 23 */ - - -/* visual separator! */ - { - .ip_dst = IPv4(1,2,100,200), - .ip_src = IPv4(5,6,7,254), - .proto = 0x55, - .vlan = 0x8000, - .domain = 0x6464, - .port_src = 12345, - .port_dst = 8080, - .allow = 10 - }, /* should match 10 */ - { - .ip_dst = IPv4(5,6,7,254), - .ip_src = IPv4(1,2,100,200), - .proto = 0x55, - .vlan = 0x8100, - .domain = 0x6464, - .port_src = 12345, - .port_dst = 180, - .allow = 10 - }, /* should match 10 */ - { - .ip_dst = IPv4(1,10,20,30), - .ip_src = IPv4(5,6,7,8), - .proto = 0x55, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 180, - .allow = 7 - }, /* should match 7 */ - { - .ip_dst = IPv4(5,6,7,8), - .ip_src = IPv4(1,10,20,30), - .proto = 0x55, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 180, - .allow = 7 - }, /* should match 7 */ - { - .ip_dst = IPv4(2,2,3,4), - .ip_src = IPv4(4,6,7,8), - .proto = 0x55, - .vlan = 0x64, - .port_src = 12345, - .port_dst = 180, - .allow = 7 - }, /* should match 7 */ - { - .ip_dst = IPv4(1,2,3,4), - .ip_src = IPv4(4,6,7,8), - .proto = 0x50, - .vlan = 0x6466, - .port_src = 12345, - .port_dst = 12345, - }, /* should not match */ -}; - -#endif /* TEST_PMAC_ACL_H_ */ diff --git a/lib/Makefile b/lib/Makefile index c43fb4d2f1..b655d4fa48 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -51,7 +51,7 @@ DIRS-$(CONFIG_RTE_LIBRTE_NET) += librte_net DIRS-$(CONFIG_RTE_LIBRTE_POWER) += librte_power DIRS-$(CONFIG_RTE_LIBRTE_METER) += librte_meter DIRS-$(CONFIG_RTE_LIBRTE_SCHED) += librte_sched -DIRS-$(CONFIG_RTE_LIBRTE_PMAC) += librte_pmac +DIRS-$(CONFIG_RTE_LIBRTE_ACL) += librte_acl ifeq ($(CONFIG_RTE_EXEC_ENV_LINUXAPP),y) DIRS-$(CONFIG_RTE_LIBRTE_KNI) += librte_kni diff --git a/lib/librte_eal/common/include/rte_log.h b/lib/librte_eal/common/include/rte_log.h index c83368e011..37a9c2a9ce 100644 --- a/lib/librte_eal/common/include/rte_log.h +++ b/lib/librte_eal/common/include/rte_log.h @@ -70,7 +70,7 @@ extern struct rte_logs rte_logs; #define RTE_LOGTYPE_HASH 0x00000040 /**< Log related to hash table. */ #define RTE_LOGTYPE_LPM 0x00000080 /**< Log related to LPM. */ #define RTE_LOGTYPE_KNI 0x00000100 /**< Log related to KNI. */ -#define RTE_LOGTYPE_PMAC 0x00000200 /**< Log related to PMAC. */ +#define RTE_LOGTYPE_ACL 0x00000200 /**< Log related to ACL. */ #define RTE_LOGTYPE_POWER 0x00000400 /**< Log related to power. */ #define RTE_LOGTYPE_METER 0x00000800 /**< Log related to QoS meter. */ #define RTE_LOGTYPE_SCHED 0x00001000 /**< Log related to QoS port scheduler. */ diff --git a/mk/rte.app.mk b/mk/rte.app.mk index 728e5b509e..f863bfdf56 100644 --- a/mk/rte.app.mk +++ b/mk/rte.app.mk @@ -96,8 +96,8 @@ ifeq ($(CONFIG_RTE_LIBRTE_POWER),y) LDLIBS += -lrte_power endif -ifeq ($(CONFIG_RTE_LIBRTE_PMAC),y) -LDLIBS += -lrte_pmac +ifeq ($(CONFIG_RTE_LIBRTE_ACL),y) +LDLIBS += -lrte_acl endif ifeq ($(CONFIG_RTE_LIBRTE_METER),y)