Skip to content

Commit

Permalink
[ACL/DPB] Add support for in-place updates to ACL table bindings (son…
Browse files Browse the repository at this point in the history
…ic-net#1148)

Signed-off-by: Vasant Patil <vapatil@linkedin.com>
  • Loading branch information
vasant17 authored Mar 7, 2020
1 parent 0acf65d commit 884507b
Show file tree
Hide file tree
Showing 13 changed files with 833 additions and 210 deletions.
279 changes: 216 additions & 63 deletions orchagent/aclorch.cpp

Large diffs are not rendered by default.

23 changes: 19 additions & 4 deletions orchagent/aclorch.h
Original file line number Diff line number Diff line change
Expand Up @@ -374,6 +374,8 @@ class AclTable {
bool unbind();
// Link the ACL table with a port, for future bind or unbind
void link(sai_object_id_t portOid);
// Unlink the ACL table from a port after unbind
void unlink(sai_object_id_t portOid);
// Add or overwrite a rule into the ACL table
bool add(shared_ptr<AclRule> newRule);
// Remove a rule from the ACL table
Expand All @@ -387,8 +389,13 @@ class AclTable {
class AclOrch : public Orch, public Observer
{
public:
AclOrch(vector<TableConnector>& connectors, TableConnector switchTable,
PortsOrch *portOrch, MirrorOrch *mirrorOrch, NeighOrch *neighOrch, RouteOrch *routeOrch, DTelOrch *m_dTelOrch = NULL);
AclOrch(vector<TableConnector>& connectors,
TableConnector switchTable,
PortsOrch *portOrch,
MirrorOrch *mirrorOrch,
NeighOrch *neighOrch,
RouteOrch *routeOrch,
DTelOrch *m_dTelOrch = NULL);
~AclOrch();
void update(SubjectType, void *);

Expand All @@ -408,8 +415,9 @@ class AclOrch : public Orch, public Observer
RouteOrch *m_routeOrch;
DTelOrch *m_dTelOrch;

bool addAclTable(AclTable &aclTable, string table_id);
bool addAclTable(AclTable &aclTable);
bool removeAclTable(string table_id);
bool updateAclTable(AclTable &currentTable, AclTable &newTable);
bool addAclRule(shared_ptr<AclRule> aclRule, string table_id);
bool removeAclRule(string table_id, string rule_id);

Expand Down Expand Up @@ -442,13 +450,20 @@ class AclOrch : public Orch, public Observer
static void collectCountersThread(AclOrch *pAclOrch);

bool createBindAclTable(AclTable &aclTable, sai_object_id_t &table_oid);
sai_status_t bindAclTable(sai_object_id_t table_oid, AclTable &aclTable, bool bind = true);
sai_status_t bindAclTable(AclTable &aclTable, bool bind = true);
sai_status_t deleteUnbindAclTable(sai_object_id_t table_oid);

bool isAclTableTypeUpdated(acl_table_type_t table_type, AclTable &aclTable);
bool processAclTableType(string type, acl_table_type_t &table_type);
bool isAclTableStageUpdated(acl_stage_type_t acl_stage, AclTable &aclTable);
bool processAclTableStage(string stage, acl_stage_type_t &acl_stage);
bool processAclTablePorts(string portList, AclTable &aclTable);
bool validateAclTable(AclTable &aclTable);
bool updateAclTablePorts(AclTable &newTable, AclTable &curTable);
void getAddDeletePorts(AclTable &newT,
AclTable &curT,
set<string> &addSet,
set<string> &delSet);
sai_status_t createDTelWatchListTables();
sai_status_t deleteDTelWatchListTables();

Expand Down
2 changes: 1 addition & 1 deletion orchagent/pfcactionhandler.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -299,7 +299,7 @@ void PfcWdAclHandler::createPfcAclTable(sai_object_id_t port, string strTable, b
aclTable.link(port);
aclTable.id = strTable;
aclTable.stage = ingress ? ACL_STAGE_INGRESS : ACL_STAGE_EGRESS;
gAclOrch->addAclTable(aclTable, strTable);
gAclOrch->addAclTable(aclTable);
}

void PfcWdAclHandler::createPfcAclRule(shared_ptr<AclRulePfcwd> rule, uint8_t queueId, string strTable)
Expand Down
7 changes: 2 additions & 5 deletions orchagent/pfcwdorch.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -560,11 +560,8 @@ bool PfcWdSwOrch<DropHandler, ForwardHandler>::registerInWdDb(const Port& port,
sai_serialize_object_id(queueId));
}

// Create egress ACL table group for each port of pfcwd's interest
sai_object_id_t groupId;
gPortsOrch->createBindAclTableGroup(port.m_port_id, groupId, ACL_STAGE_INGRESS);
gPortsOrch->createBindAclTableGroup(port.m_port_id, groupId, ACL_STAGE_EGRESS);

// We do NOT need to create ACL table group here. It will be
// done when ACL tables are bound to ports
return true;
}

Expand Down
25 changes: 25 additions & 0 deletions orchagent/port.h
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ extern "C" {
#include <string>
#include <vector>
#include <map>
#include <bitset>

#define DEFAULT_PORT_VLAN_ID 1
/*
Expand Down Expand Up @@ -48,6 +49,14 @@ class Port
UNKNOWN
} ;

enum Dependency {
ACL_DEP,
FDB_DEP,
INTF_DEP,
LAG_DEP,
VLAN_DEP
};

Port() {};
Port(std::string alias, Type type) :
m_alias(alias), m_type(type) {};
Expand Down Expand Up @@ -89,6 +98,7 @@ class Port
sai_object_id_t m_egress_acl_table_group_id = 0;
vlan_members_t m_vlan_members;
sai_object_id_t m_parent_port_id = 0;
uint32_t m_dependency_bitmap = 0;
sai_port_oper_status_t m_oper_status = SAI_PORT_OPER_STATUS_UNKNOWN;
std::set<std::string> m_members;
std::set<std::string> m_child_ports;
Expand All @@ -108,6 +118,21 @@ class Port
std::vector<bool> m_queue_lock;
std::vector<bool> m_priority_group_lock;

std::unordered_set<sai_object_id_t> m_ingress_acl_tables_uset;
std::unordered_set<sai_object_id_t> m_egress_acl_tables_uset;

inline void set_dependency(Dependency dep)
{
m_dependency_bitmap |= (1 << dep);
}
inline void clear_dependency(Dependency dep)
{
m_dependency_bitmap &= ~(1 << dep);
}
inline bool has_dependency()
{
return (m_dependency_bitmap != 0);
}
};

}
Expand Down
Loading

0 comments on commit 884507b

Please sign in to comment.