diff --git a/ci/travis.sh b/ci/travis.sh index 822b1d3..3b5351a 100644 --- a/ci/travis.sh +++ b/ci/travis.sh @@ -35,12 +35,10 @@ env | sort # Install dependency from YUM yum install -y libasan yum install -y mrzcpd -yum install -y libmaatframe-devel +yum install -y libmaat4-devel yum install -y libMESA_handle_logger-devel yum install -y libMESA_prof_load-devel yum install -y libMESA_field_stat2-devel -yum install -y librulescan-devel -yum install -y sapp-devel # Maat_rule require MESA/stream.h yum install -y numactl-libs # required by mrzcpd yum install -y libibverbs # required by mrzcpd yum install -y libbreakpad_mini-devel diff --git a/common/include/ctrl_packet.h b/common/include/ctrl_packet.h index 7ffe43e..3203438 100644 --- a/common/include/ctrl_packet.h +++ b/common/include/ctrl_packet.h @@ -22,8 +22,8 @@ struct ctrl_pkt_parser uint64_t session_id; enum session_state state; char method[32]; - int policy_ids[32]; - int policy_id_num; + uint64_t rule_ids[32]; + int rule_id_num; }; const char *session_state_to_string(enum session_state state); diff --git a/common/include/utils.h b/common/include/utils.h index 4018db0..f5097d9 100644 --- a/common/include/utils.h +++ b/common/include/utils.h @@ -31,26 +31,29 @@ extern "C" * fixed_num_array ******************************************************************************/ +#include + struct fixed_num_array { - int elems[128]; + uint64_t elems[128]; int num; int size; }; void fixed_num_array_init(struct fixed_num_array *array); -void fixed_num_array_add_elem(struct fixed_num_array *array, int elem); -void fixed_num_array_del_elem(struct fixed_num_array *array, int elem); +void fixed_num_array_add_elem(struct fixed_num_array *array, uint64_t elem); +void fixed_num_array_del_elem(struct fixed_num_array *array, uint64_t elem); int fixed_num_array_is_full(struct fixed_num_array *array); int fixed_num_array_count_elem(struct fixed_num_array *array); -int fixed_num_array_exist_elem(struct fixed_num_array *array, int elem); +int fixed_num_array_exist_elem(struct fixed_num_array *array, uint64_t elem); int fixed_num_array_index_elem(struct fixed_num_array *array, int index); /****************************************************************************** * sids ******************************************************************************/ -#include +typedef uint16_t sid_t; +#define MR_SID_LIST_MAXLEN 8 struct sids { diff --git a/common/src/ctrl_packet.cpp b/common/src/ctrl_packet.cpp index cf201e6..0f0ea45 100644 --- a/common/src/ctrl_packet.cpp +++ b/common/src/ctrl_packet.cpp @@ -126,7 +126,7 @@ int ctrl_packet_parser_parse(struct ctrl_pkt_parser *handler, const char *data, goto error_out; } - handler->policy_id_num = MIN(cJSON_GetArraySize(item), (int)(sizeof(handler->policy_ids) / sizeof(handler->policy_ids[0]))); + handler->rule_id_num = MIN(cJSON_GetArraySize(item), (int)(sizeof(handler->rule_ids) / sizeof(handler->rule_ids[0]))); cJSON_ArrayForEach(elem, item) { if (!cJSON_IsNumber(elem)) @@ -134,10 +134,10 @@ int ctrl_packet_parser_parse(struct ctrl_pkt_parser *handler, const char *data, LOG_ERROR("%s: unexpected control packet: (invalid service_chaining value) %s", LOG_TAG_POLICY, data); continue; } - handler->policy_ids[iter] = elem->valueint; + handler->rule_ids[iter] = elem->valueint; iter++; - if (iter == handler->policy_id_num) + if (iter == handler->rule_id_num) { break; } @@ -160,11 +160,11 @@ void ctrl_packet_parser_dump(struct ctrl_pkt_parser *handler) LOG_INFO("%s: session_id : %lu", LOG_TAG_POLICY, handler->session_id); LOG_INFO("%s: state : %s", LOG_TAG_POLICY, session_state_to_string(handler->state)); LOG_INFO("%s: method : %s", LOG_TAG_POLICY, handler->method); - LOG_INFO("%s: policy_id_num : %d", LOG_TAG_POLICY, handler->policy_id_num); + LOG_INFO("%s: rule_id_num : %d", LOG_TAG_POLICY, handler->rule_id_num); - for (int i = 0; i < handler->policy_id_num; i++) + for (int i = 0; i < handler->rule_id_num; i++) { - LOG_INFO("%s: policy_ids[%03d] : %i", LOG_TAG_POLICY, i, handler->policy_ids[i]); + LOG_INFO("%s: rule_ids[%03d] : %lu", LOG_TAG_POLICY, i, handler->rule_ids[i]); } } } diff --git a/common/src/utils.cpp b/common/src/utils.cpp index 6f8e1f5..314cf45 100644 --- a/common/src/utils.cpp +++ b/common/src/utils.cpp @@ -22,7 +22,7 @@ void fixed_num_array_init(struct fixed_num_array *array) array->size = sizeof(array->elems) / sizeof(array->elems[0]); } -void fixed_num_array_add_elem(struct fixed_num_array *array, int elem) +void fixed_num_array_add_elem(struct fixed_num_array *array, uint64_t elem) { if (array->num < array->size) { @@ -35,7 +35,7 @@ void fixed_num_array_add_elem(struct fixed_num_array *array, int elem) } } -void fixed_num_array_del_elem(struct fixed_num_array *array, int elem) +void fixed_num_array_del_elem(struct fixed_num_array *array, uint64_t elem) { for (int i = 0; i < array->num; i++) { @@ -75,7 +75,7 @@ int fixed_num_array_count_elem(struct fixed_num_array *array) } } -int fixed_num_array_exist_elem(struct fixed_num_array *array, int elem) +int fixed_num_array_exist_elem(struct fixed_num_array *array, uint64_t elem) { for (int i = 0; i < array->num; i++) { diff --git a/common/test/gtest_ctrl_packet.cpp b/common/test/gtest_ctrl_packet.cpp index 2af2f7b..2e6f0b7 100644 --- a/common/test/gtest_ctrl_packet.cpp +++ b/common/test/gtest_ctrl_packet.cpp @@ -16,10 +16,10 @@ TEST(CTRL_PACKET, PARSE) EXPECT_TRUE(parser.session_id == 123456789); EXPECT_TRUE(parser.state == SESSION_STATE_ACTIVE); EXPECT_STREQ(parser.method, "policy_update"); - EXPECT_TRUE(parser.policy_id_num == 3); - EXPECT_TRUE(parser.policy_ids[0] == 1); - EXPECT_TRUE(parser.policy_ids[1] == 2); - EXPECT_TRUE(parser.policy_ids[2] == 3); + EXPECT_TRUE(parser.rule_id_num == 3); + EXPECT_TRUE(parser.rule_ids[0] == 1); + EXPECT_TRUE(parser.rule_ids[1] == 2); + EXPECT_TRUE(parser.rule_ids[2] == 3); } int main(int argc, char **argv) diff --git a/conf/sce.conf b/conf/sce.conf index b70cbfd..2301c37 100644 --- a/conf/sce.conf +++ b/conf/sce.conf @@ -18,6 +18,9 @@ breakpad_upload_tools=/opt/tsg/framework/bin/minidump_upload [maat] # 0:json 1:redis 2:iris input_mode=1 +# LOG_LEVEL_TRACE = 0; LOG_LEVEL_DEBUG = 1; LOG_LEVEL_INFO = 2; +# LOG_LEVEL_WARN = 3; LOG_LEVEL_ERROR = 4; LOG_LEVEL_FATAL = 5; +log_level=5 stat_switch=1 perf_switch=1 scan_detail=0 diff --git a/platform/include/packet_io.h b/platform/include/packet_io.h index 3e9b122..d09e5f3 100644 --- a/platform/include/packet_io.h +++ b/platform/include/packet_io.h @@ -6,6 +6,8 @@ extern "C" { #endif +#include + // only for gtest int mbuff_get_metadata(marsio_buff_t *rx_buff, struct metadata *meta); int mbuff_set_metadata(marsio_buff_t *tx_buff, struct metadata *meta); diff --git a/platform/include/policy.h b/platform/include/policy.h index 58bbd38..dfe4f68 100644 --- a/platform/include/policy.h +++ b/platform/include/policy.h @@ -80,7 +80,7 @@ struct connectivity struct selected_sf { - int policy_id; + uint64_t rule_id; enum traffic_type traffic_type; int sff_profile_id; @@ -137,7 +137,7 @@ void policy_enforcer_destory(struct policy_enforcer *enforcer); // return -1 : error int policy_enforcer_register(struct policy_enforcer *enforcer); int policy_enforce_chaining_size(struct policy_enforcer *enforcer); -void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct raw_pkt_parser *parser, int policy_id, int dir_is_i2e); +void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct raw_pkt_parser *parser, uint64_t rule_id, int dir_is_i2e); #ifdef __cpluscplus } diff --git a/platform/include/sce.h b/platform/include/sce.h index 768b04a..1185cbf 100644 --- a/platform/include/sce.h +++ b/platform/include/sce.h @@ -72,7 +72,7 @@ struct session_ctx char *session_addr; struct addr_tuple4 inner_tuple4; - struct fixed_num_array policy_ids; + struct fixed_num_array rule_ids; struct metadata *raw_meta_i2e; struct metadata *raw_meta_e2i; diff --git a/platform/include/sf_metrics.h b/platform/include/sf_metrics.h index 1a3a814..b9652b0 100644 --- a/platform/include/sf_metrics.h +++ b/platform/include/sf_metrics.h @@ -13,7 +13,7 @@ struct sf_metrics *sf_metrics_create(const char *profile); void sf_metrics_destory(struct sf_metrics *handle); void sf_metrics_reset(struct sf_metrics *handle); -void sf_metrics_inc(struct sf_metrics *handle, int rule_id, int sff_profile_id, int sf_profile_id, uint64_t rx_pkts, uint64_t rx_bytes, uint64_t tx_pkts, uint64_t tx_bytes); +void sf_metrics_inc(struct sf_metrics *handle, uint64_t rule_id, int sff_profile_id, int sf_profile_id, uint64_t rx_pkts, uint64_t rx_bytes, uint64_t tx_pkts, uint64_t tx_bytes); void sf_metrics_send(struct sf_metrics *handle); int sf_metrics_get_interval(struct sf_metrics *handle); diff --git a/platform/src/packet_io.cpp b/platform/src/packet_io.cpp index e8d308c..c18142b 100644 --- a/platform/src/packet_io.cpp +++ b/platform/src/packet_io.cpp @@ -3,7 +3,6 @@ #include #include -#include #include #include @@ -11,6 +10,7 @@ #include "sce.h" #include "utils.h" #include "g_vxlan.h" +#include "packet_io.h" #include "sf_metrics.h" #include "ctrl_packet.h" #include "global_metrics.h" @@ -436,7 +436,7 @@ static void action_mirr_forward(marsio_buff_t *rx_buff, struct metadata *meta, s throughput_metrics_inc(&(g_metrics->device.endpoint_tx), 1, nsend); throughput_metrics_inc(&(g_metrics->raw_pkt.mirr_tx), 1, raw_len); throughput_metrics_inc(&sf->tx, 1, nsend); - sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend); + sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend); } static void action_stee_bypass(marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx) @@ -467,7 +467,7 @@ static void action_stee_forward(marsio_buff_t *rx_buff, struct metadata *meta, s throughput_metrics_inc(&(g_metrics->device.endpoint_tx), 1, nsend); throughput_metrics_inc(&(g_metrics->raw_pkt.stee_tx), 1, raw_len); throughput_metrics_inc(&sf->tx, 1, nsend); - sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend); + sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend); } static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx *session_ctx, struct selected_chaining *chaining, marsio_buff_t *rx_buff, struct metadata *meta, int next_sf_index) @@ -476,9 +476,9 @@ static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx for (sf_index = next_sf_index; sf_index < chaining->chaining_used; sf_index++) { struct selected_sf *sf = &(chaining->chaining[sf_index]); - LOG_INFO("%s: session: %lu %s execute chaining [%d/%d] policy_id: %d, sff_profile_id: %d, sf_profile_id: %d, sf_need_skip: %d, sf_action_reason: %s, is_e2i: %d, is_decrypted: %d", + LOG_INFO("%s: session: %lu %s execute chaining [%d/%d] rule_id: %lu, sff_profile_id: %d, sf_profile_id: %d, sf_need_skip: %d, sf_action_reason: %s, is_e2i: %d, is_decrypted: %d", LOG_TAG_POLICY, session_ctx->session_id, session_ctx->session_addr, sf_index, chaining->chaining_used, - sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), + sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), meta->is_e2i_dir, meta->is_decrypted); if (sf->sf_need_skip) @@ -607,8 +607,8 @@ static void dump_event_log(struct session_ctx *session_ctx, struct selected_chai for (int i = 0; i < chaining->chaining_used; i++) { struct selected_sf *sf = &(chaining->chaining[i]); - LOG_INFO("%s: session %lu %s %s metrics log: policy %d sff_profile_id %d sf_profile_id %d sf_need_skip %d sf_action_reason %s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu", - LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, tag, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes); + LOG_INFO("%s: session %lu %s %s metrics log: rule_id %lu sff_profile_id %d sf_profile_id %d sf_need_skip %d sf_action_reason %s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu", + LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, tag, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, sf->sf_need_skip, action_reason_to_string(sf->sf_action_reason), sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes); } } @@ -620,21 +620,21 @@ static void session_value_free_cb(void *ctx) static void handle_policy_mutil_hits(struct policy_enforcer *enforcer, struct session_ctx *session_ctx, struct ctrl_pkt_parser *ctrl_parser, raw_pkt_parser *raw_parser, int is_e2i_dir) { - for (int i = 0; i < ctrl_parser->policy_id_num; i++) + for (int i = 0; i < ctrl_parser->rule_id_num; i++) { - int policy_id = ctrl_parser->policy_ids[i]; - if (fixed_num_array_exist_elem(&session_ctx->policy_ids, policy_id)) + uint64_t rule_id = ctrl_parser->rule_ids[i]; + if (fixed_num_array_exist_elem(&session_ctx->rule_ids, rule_id)) { continue; } else { - policy_enforce_select_chainings(enforcer, &session_ctx->chainings, session_ctx, raw_parser, policy_id, is_e2i_dir); + policy_enforce_select_chainings(enforcer, &session_ctx->chainings, session_ctx, raw_parser, rule_id, is_e2i_dir); selected_chaining_bref(session_ctx->chainings.chaining_raw); selected_chaining_bref(session_ctx->chainings.chaining_decrypted); - fixed_num_array_add_elem(&session_ctx->policy_ids, policy_id); + fixed_num_array_add_elem(&session_ctx->rule_ids, rule_id); } } } @@ -951,7 +951,7 @@ static void handle_inject_packet(marsio_buff_t *rx_buff, struct thread_ctx *thre struct selected_sf *sf = &(chaining->chaining[sf_index]); throughput_metrics_inc(&sf->rx, 1, raw_len); throughput_metrics_inc(&(g_metrics->raw_pkt.stee_rx), 1, meta.raw_len); - sf_metrics_inc(thread_ctx->sf_metrics, sf->policy_id, sf->sff_profile_id, sf->sf_profile_id, 1, raw_len, 0, 0); + sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 1, raw_len, 0, 0); } marsio_buff_adj(rx_buff, raw_len - meta.raw_len); diff --git a/platform/src/policy.cpp b/platform/src/policy.cpp index c708f4a..6ad9ca4 100644 --- a/platform/src/policy.cpp +++ b/platform/src/policy.cpp @@ -1,8 +1,7 @@ #include #include - #include -#include +#include #include #include "global_metrics.h" @@ -28,6 +27,7 @@ struct policy_config { enum input_mode input_mode; + int log_level; int stat_switch; int perf_switch; int scan_detail; @@ -53,7 +53,7 @@ struct policy_config struct policy_enforcer { struct policy_config config; - Maat_feather_t maat; + struct maat *maat; int compile_table_id; // SERVICE_CHAINING_COMPILE table id int sff_table_id; // SERVICE_FUNCTION_FORWARDER_PROFILE table id @@ -66,7 +66,7 @@ struct policy_enforcer struct chaining_param { - int policy_id; + uint64_t rule_id; int ref_cnt; enum traffic_type traffic_type; @@ -220,6 +220,9 @@ error_out: static void policy_enforcer_config(const char *profile, struct policy_config *config) { MESA_load_profile_int_def(profile, "MAAT", "input_mode", (int *)&(config->input_mode), MAAT_INPUT_REDIS); + // LOG_LEVEL_TRACE = 0; LOG_LEVEL_DEBUG = 1; LOG_LEVEL_INFO = 2; + // LOG_LEVEL_WARN = 3; LOG_LEVEL_ERROR = 4; LOG_LEVEL_FATAL = 5; + MESA_load_profile_int_def(profile, "MAAT", "log_level", &(config->log_level), 5); MESA_load_profile_int_def(profile, "MAAT", "stat_switch", &(config->stat_switch), 1); MESA_load_profile_int_def(profile, "MAAT", "perf_switch", &(config->perf_switch), 1); MESA_load_profile_int_def(profile, "MAAT", "scan_detail", &(config->scan_detail), 0); @@ -246,6 +249,7 @@ static void policy_enforcer_config(const char *profile, struct policy_config *co } LOG_DEBUG("%s: MAAT->input_mode : %s", LOG_TAG_POLICY, (config->input_mode == MAAT_INPUT_REDIS ? "redis" : (config->input_mode == MAAT_INPUT_JSON ? "json" : (config->input_mode == MAAT_INPUT_FILE ? "file" : "unknown")))); + LOG_DEBUG("%s: MAAT->log_level : %d", LOG_TAG_POLICY, config->log_level); LOG_DEBUG("%s: MAAT->stat_switch : %d", LOG_TAG_POLICY, config->stat_switch); LOG_DEBUG("%s: MAAT->perf_switch : %d", LOG_TAG_POLICY, config->perf_switch); LOG_DEBUG("%s: MAAT->scan_detail : %d", LOG_TAG_POLICY, config->scan_detail); @@ -268,7 +272,7 @@ static void policy_enforcer_config(const char *profile, struct policy_config *co LOG_DEBUG("%s: MAAT->max_chaining_size : %d", LOG_TAG_POLICY, config->max_chaining_size); } -static void chaining_param_new_cb(int table_id, const char *key, const char *table_line, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void chaining_param_new_cb(const char *table_name, int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp) { int iter = 0; cJSON *json = NULL; @@ -278,9 +282,9 @@ static void chaining_param_new_cb(int table_id, const char *key, const char *tab size_t user_region_len = 0; struct chaining_param *param = NULL; - if (Maat_helper_read_column(table_line, 7, &user_region_offset, &user_region_len) < 0) + if (maat_helper_read_column(table_line, 7, &user_region_offset, &user_region_len) < 0) { - LOG_ERROR("%s: unexpected chaining policy: (invalid user region) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid user region) %s", LOG_TAG_POLICY, table_line); return; } @@ -289,19 +293,19 @@ static void chaining_param_new_cb(int table_id, const char *key, const char *tab json = cJSON_Parse(json_str); if (json == NULL) { - LOG_ERROR("%s: unexpected chaining policy: (invalid json format) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid json format) %s", LOG_TAG_POLICY, table_line); goto error_out; } param = (struct chaining_param *)calloc(1, sizeof(struct chaining_param)); - param->policy_id = atoi(key); + param->rule_id = atoll(key); param->ref_cnt = 1; // targeted_traffic item = cJSON_GetObjectItem(json, "targeted_traffic"); if (!item || !cJSON_IsString(item)) { - LOG_ERROR("%s: unexpected chaining policy: (invalid targeted_traffic param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid targeted_traffic param) %s", LOG_TAG_POLICY, table_line); goto error_out; } if (strcasecmp(item->valuestring, "raw") == 0) @@ -314,16 +318,16 @@ static void chaining_param_new_cb(int table_id, const char *key, const char *tab } else { - LOG_ERROR("%s: unexpected chaining policy: (invalid targeted_traffic param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid targeted_traffic param) %s", LOG_TAG_POLICY, table_line); goto error_out; } - LOG_DEBUG("%s: parse chaining policy: %d, targeted_traffic: %s", LOG_TAG_POLICY, param->policy_id, traffic_type_to_string(param->traffic_type)); + LOG_DEBUG("%s: parse chaining rule: %lu, targeted_traffic: %s", LOG_TAG_POLICY, param->rule_id, traffic_type_to_string(param->traffic_type)); // sff_profiles item = cJSON_GetObjectItem(json, "sff_profiles"); if (!item || !cJSON_IsArray(item) || !cJSON_GetArraySize(item)) { - LOG_ERROR("%s: unexpected chaining policy: (invalid sff_profiles param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid sff_profiles param) %s", LOG_TAG_POLICY, table_line); goto error_out; } param->sff_profile_ids_num = cJSON_GetArraySize(item); @@ -332,17 +336,17 @@ static void chaining_param_new_cb(int table_id, const char *key, const char *tab { if (!cJSON_IsNumber(element)) { - LOG_ERROR("%s: unexpected chaining policy: (invalid sff_profiles param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid sff_profiles param) %s", LOG_TAG_POLICY, table_line); continue; } - LOG_DEBUG("%s: parse chaining policy: %d, sff_profiles[%d/%d]: %d", LOG_TAG_POLICY, param->policy_id, iter, param->sff_profile_ids_num, element->valueint); + LOG_DEBUG("%s: parse chaining rule: %lu, sff_profiles[%d/%d]: %d", LOG_TAG_POLICY, param->rule_id, iter, param->sff_profile_ids_num, element->valueint); param->sff_profile_ids[iter] = element->valueint; iter++; } *ad = param; - LOG_INFO("%s: Add chaining policy: %d", LOG_TAG_POLICY, param->policy_id); + LOG_INFO("%s: Add chaining rule: %lu", LOG_TAG_POLICY, param->rule_id); cJSON_Delete(json); free(json_str); @@ -373,7 +377,7 @@ error_out: } } -static void chaining_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void chaining_param_free_cb(int table_id, void **ad, long argl, void *argp) { struct chaining_param *param = (struct chaining_param *)*ad; if (param == NULL) @@ -383,7 +387,7 @@ static void chaining_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long a if ((__sync_sub_and_fetch(¶m->ref_cnt, 1) == 0)) { - LOG_INFO("%s: Del chaining policy: %d", LOG_TAG_POLICY, param->policy_id); + LOG_INFO("%s: Del chaining rule: %lu", LOG_TAG_POLICY, param->rule_id); if (param->sff_profile_ids) { free(param->sff_profile_ids); @@ -396,7 +400,7 @@ static void chaining_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long a } } -static void chaining_param_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp) +static void chaining_param_dup_cb(int table_id, void **to, void **from, long argl, void *argp) { struct chaining_param *param = (struct chaining_param *)*from; if (param) @@ -415,7 +419,7 @@ static void chaining_param_free(struct chaining_param *param) chaining_param_free_cb(0, (void **)¶m, 0, NULL); } -static void sff_param_new_cb(int table_id, const char *key, const char *table_line, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void sff_param_new_cb(const char *table_name, int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp) { int iter = 0; struct sff_param *param = NULL; @@ -533,7 +537,7 @@ static void sff_param_new_cb(int table_id, const char *key, const char *table_li item = cJSON_GetObjectItem(root1, "action"); if (!item || !cJSON_IsString(item)) { - LOG_ERROR("%s: unexpected chaining policy: (invalid unavailability_action->action param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid unavailability_action->action param) %s", LOG_TAG_POLICY, table_line); goto error_out; } if (0 == strcasecmp(item->valuestring, "bypass")) @@ -546,7 +550,7 @@ static void sff_param_new_cb(int table_id, const char *key, const char *table_li } else { - LOG_ERROR("%s: unexpected chaining policy: (invalid unavailability_action->action param) %s", LOG_TAG_POLICY, table_line); + LOG_ERROR("%s: unexpected chaining rule: (invalid unavailability_action->action param) %s", LOG_TAG_POLICY, table_line); goto error_out; } LOG_DEBUG("%s: parse sff profile: %d, unavailability_action->action: %s", LOG_TAG_POLICY, param->sff_profile_id, item->valuestring); @@ -612,7 +616,7 @@ error_out: } } -static void sff_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void sff_param_free_cb(int table_id, void **ad, long argl, void *argp) { struct sff_param *param = (struct sff_param *)*ad; if (param == NULL) @@ -635,7 +639,7 @@ static void sff_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long argl, } } -static void sff_param_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp) +static void sff_param_dup_cb(int table_id, void **to, void **from, long argl, void *argp) { struct sff_param *param = (struct sff_param *)*from; if (param) @@ -654,7 +658,7 @@ static void sff_param_free(struct sff_param *param) sff_param_free_cb(0, (void **)¶m, 0, NULL); } -static void sf_param_new_cb(int table_id, const char *key, const char *table_line, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void sf_param_new_cb(const char *table_name, int table_id, const char *key, const char *table_line, void **ad, long argl, void *argp) { struct sf_param *param = NULL; cJSON *root1 = NULL; @@ -863,7 +867,7 @@ error_out: } } -static void sf_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long argl, void *argp) +static void sf_param_free_cb(int table_id, void **ad, long argl, void *argp) { struct sf_param *param = (struct sf_param *)*ad; if (param == NULL) @@ -882,7 +886,7 @@ static void sf_param_free_cb(int table_id, MAAT_PLUGIN_EX_DATA *ad, long argl, v } } -static void sf_param_dup_cb(int table_id, MAAT_PLUGIN_EX_DATA *to, MAAT_PLUGIN_EX_DATA *from, long argl, void *argp) +static void sf_param_dup_cb(int table_id, void **to, void **from, long argl, void *argp) { struct sf_param *param = (struct sf_param *)*from; if (param) @@ -911,7 +915,7 @@ static void select_sf_by_nearby_and_adminstatus(struct policy_enforcer *enforcer { memset(&buffer, 0, sizeof(buffer)); snprintf(buffer, sizeof(buffer), "%u", sff_param->sf_profile_ids[i]); - sf = (struct sf_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->sf_table_id, buffer); + sf = (struct sf_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->sf_table_id, buffer); if (sf == NULL) { LOG_ERROR("%s: failed to get sf parameter of profile %d", LOG_TAG_POLICY, sff_param->sf_profile_ids[i]); @@ -964,7 +968,7 @@ static enum session_action select_sf_by_ldbc(struct policy_enforcer *enforcer, s memset(&buffer, 0, sizeof(buffer)); snprintf(buffer, sizeof(buffer), "%u", sf_profile_id); - sf_param = (struct sf_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->sf_table_id, buffer); + sf_param = (struct sf_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->sf_table_id, buffer); if (sf_param == NULL) { LOG_ERROR("%s: failed to get sf parameter of profile %d", LOG_TAG_POLICY, sf_profile_id); @@ -1042,7 +1046,7 @@ static void selected_sf_init(struct selected_sf *item) if (item) { memset(item, 0, sizeof(struct selected_sf)); - item->policy_id = -1; + item->rule_id = 0; item->traffic_type = TRAFFIC_TYPE_NONE; item->sff_profile_id = -1; item->sff_forward_type = FORWARD_TYPE_NONE; @@ -1205,7 +1209,7 @@ void selected_chaining_dump(struct selected_chaining *chaining) for (int i = 0; i < chaining->chaining_used; i++) { struct selected_sf *node = &(chaining->chaining[i]); - LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->policy_id : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->policy_id); + LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->rule_id : %lu", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->rule_id); LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->traffic_type : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, traffic_type_to_string(node->traffic_type)); // sff LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sff_profile_id : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sff_profile_id); @@ -1243,8 +1247,8 @@ void selected_chaining_bref(struct selected_chaining *chaining) buff_used += snprintf(buff + buff_used, buff_size - buff_used, ","); } buff_used += snprintf(buff + buff_used, buff_size - buff_used, - "\"node[%d]\":{\"skip\":%d,\"policy_id\":%d,\"sff_profile_id\":%d,\"sf_profile_id\":%d,\"traffic_type\":\"%s\",\"sff_forward_type\":\"%s\",\"sf_action\":\"%s\",\"reason\":\"%s\"}", - i, node->sf_need_skip, node->policy_id, node->sff_profile_id, node->sf_profile_id, + "\"node[%d]\":{\"skip\":%d,\"rule_id\":%lu,\"sff_profile_id\":%d,\"sf_profile_id\":%d,\"traffic_type\":\"%s\",\"sff_forward_type\":\"%s\",\"sf_action\":\"%s\",\"reason\":\"%s\"}", + i, node->sf_need_skip, node->rule_id, node->sff_profile_id, node->sf_profile_id, traffic_type_to_string(node->traffic_type), forward_type_to_string(node->sff_forward_type), session_action_to_string(node->sf_action), action_reason_to_string(node->sf_action_reason)); } } @@ -1288,17 +1292,20 @@ struct policy_enforcer *policy_enforcer_create(const char *instance, const char assert(enforcer); policy_enforcer_config(profile, &(enforcer->config)); - enforcer->maat = Maat_feather(thread_num, enforcer->config.table_info, logger); - if (enforcer->maat == NULL) + struct maat_options *opts = maat_options_new(); + if (opts == NULL) { - LOG_ERROR("%s: unable create maat feather", LOG_TAG_POLICY); + LOG_ERROR("%s: unable create maat opts", LOG_TAG_POLICY); goto error_out; } - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_INSTANCE_NAME, instance, strlen(instance)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_FOREIGN_CONT_DIR, enforcer->config.foreign_cont_dir, strlen(enforcer->config.foreign_cont_dir)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_SCAN_DETAIL, &(enforcer->config.scan_detail), sizeof(enforcer->config.scan_detail)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_EFFECT_INVERVAL_MS, &(enforcer->config.effect_interval_ms), sizeof(enforcer->config.effect_interval_ms)); + maat_options_set_logger(opts, "log/maat.log", (enum log_level)enforcer->config.log_level); + maat_options_set_instance_name(opts, instance); + maat_options_set_caller_thread_number(opts, thread_num); + maat_options_set_foreign_cont_dir(opts, enforcer->config.foreign_cont_dir); + maat_options_set_rule_effect_interval_ms(opts, enforcer->config.effect_interval_ms); + // TODO set enforcer->config.scan_detail + // Maat4 is not supported temporarily switch (enforcer->config.input_mode) { @@ -1308,7 +1315,7 @@ struct policy_enforcer *policy_enforcer_create(const char *instance, const char LOG_ERROR("%s: invalid json_cfg_file", LOG_TAG_POLICY); goto error_out; } - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_JSON_FILE_PATH, enforcer->config.json_cfg_file, strlen(enforcer->config.json_cfg_file)); + maat_options_set_json_file(opts, enforcer->config.json_cfg_file); break; case MAAT_INPUT_REDIS: if (!strlen(enforcer->config.redis_server)) @@ -1331,9 +1338,7 @@ struct policy_enforcer *policy_enforcer_create(const char *instance, const char LOG_ERROR("%s: invalid redis_port_range", LOG_TAG_POLICY); goto error_out; } - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_REDIS_PORT, &redis_port_select, sizeof(redis_port_select)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_REDIS_IP, enforcer->config.redis_server, strlen(enforcer->config.redis_server)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_REDIS_INDEX, &(enforcer->config.redis_db_idx), sizeof(enforcer->config.redis_db_idx)); + maat_options_set_redis(opts, enforcer->config.redis_server, redis_port_select, enforcer->config.redis_db_idx); break; case MAAT_INPUT_FILE: if (!strlen(enforcer->config.ful_cfg_dir)) @@ -1346,8 +1351,7 @@ struct policy_enforcer *policy_enforcer_create(const char *instance, const char LOG_ERROR("%s: invalid inc_cfg_dir", LOG_TAG_POLICY); goto error_out; } - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_FULL_CFG_DIR, enforcer->config.ful_cfg_dir, strlen(enforcer->config.ful_cfg_dir)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_INC_CFG_DIR, enforcer->config.inc_cfg_dir, strlen(enforcer->config.inc_cfg_dir)); + maat_options_set_iris(opts, enforcer->config.ful_cfg_dir, enforcer->config.inc_cfg_dir); break; default: LOG_ERROR("%s: invalid input_mode %d", LOG_TAG_POLICY, enforcer->config.input_mode); @@ -1356,33 +1360,42 @@ struct policy_enforcer *policy_enforcer_create(const char *instance, const char if (enforcer->config.stat_switch) { - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_STAT_FILE_PATH, enforcer->config.stat_file, strlen(enforcer->config.stat_file)); - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_STAT_ON, NULL, 0); + // TODO enforcer->config.stat_file + // Maat4 is not supported temporarily + maat_options_set_stat_on(opts); if (enforcer->config.perf_switch) { - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_PERF_ON, NULL, 0); + maat_options_set_perf_on(opts); } } if (enforcer->config.deferred_load) { - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_DEFERRED_LOAD, NULL, 0); + maat_options_set_deferred_load_on(opts); } if (strlen(enforcer->config.accept_tags)) { - Maat_set_feather_opt(enforcer->maat, MAAT_OPT_ACCEPT_TAGS, &(enforcer->config.accept_tags), sizeof(enforcer->config.accept_tags)); + maat_options_set_accept_tags(opts, enforcer->config.accept_tags); } - if (Maat_initiate_feather(enforcer->maat) < 0) + enforcer->maat = maat_new(opts, enforcer->config.table_info); + if (enforcer->maat == NULL) { - LOG_ERROR("%s: maat init feather failed", LOG_TAG_POLICY); + LOG_ERROR("%s: unable create maat", LOG_TAG_POLICY); goto error_out; } + maat_options_free(opts); + opts = NULL; return enforcer; error_out: + if (opts) + { + maat_options_free(opts); + opts = NULL; + } policy_enforcer_destory(enforcer); return NULL; } @@ -1393,7 +1406,7 @@ void policy_enforcer_destory(struct policy_enforcer *enforcer) { if (enforcer->maat) { - Maat_burn_feather(enforcer->maat); + maat_free(enforcer->maat); enforcer->maat = NULL; } @@ -1407,52 +1420,52 @@ void policy_enforcer_destory(struct policy_enforcer *enforcer) int policy_enforcer_register(struct policy_enforcer *enforcer) { LOG_INFO("%s: register policy callback ...", LOG_TAG_POLICY); - enforcer->compile_table_id = Maat_table_register(enforcer->maat, "SERVICE_CHAINING_COMPILE"); + enforcer->compile_table_id = maat_get_table_id(enforcer->maat, "SERVICE_CHAINING_COMPILE"); if (enforcer->compile_table_id < 0) { LOG_ERROR("%s: register SERVICE_CHAINING_COMPILE table failed", LOG_TAG_POLICY); return -1; } - enforcer->sff_table_id = Maat_table_register(enforcer->maat, "SERVICE_FUNCTION_FORWARDER_PROFILE"); + enforcer->sff_table_id = maat_get_table_id(enforcer->maat, "SERVICE_FUNCTION_FORWARDER_PROFILE"); if (enforcer->sff_table_id < 0) { LOG_ERROR("%s: register SERVICE_FUNCTION_FORWARDER_PROFILE table ailed", LOG_TAG_POLICY); return -1; } - enforcer->sf_table_id = Maat_table_register(enforcer->maat, "SERVICE_FUNCTION_PROFILE"); + enforcer->sf_table_id = maat_get_table_id(enforcer->maat, "SERVICE_FUNCTION_PROFILE"); if (enforcer->sf_table_id < 0) { LOG_ERROR("%s: register SERVICE_FUNCTION_PROFILE table failed", LOG_TAG_POLICY); return -1; } - if (Maat_plugin_EX_register(enforcer->maat, enforcer->compile_table_id, - chaining_param_new_cb, - chaining_param_free_cb, - chaining_param_dup_cb, - NULL, 0, enforcer) != 0) + if (maat_plugin_table_ex_schema_register(enforcer->maat, "SERVICE_CHAINING_COMPILE", + chaining_param_new_cb, + chaining_param_free_cb, + chaining_param_dup_cb, + 0, enforcer) != 0) { LOG_ERROR("%s: register SERVICE_CHAINING_COMPILE plugin extension callbacks failed", LOG_TAG_POLICY); return -1; } - if (Maat_plugin_EX_register(enforcer->maat, enforcer->sff_table_id, - sff_param_new_cb, - sff_param_free_cb, - sff_param_dup_cb, - NULL, 0, enforcer) != 0) + if (maat_plugin_table_ex_schema_register(enforcer->maat, "SERVICE_FUNCTION_FORWARDER_PROFILE", + sff_param_new_cb, + sff_param_free_cb, + sff_param_dup_cb, + 0, enforcer) != 0) { LOG_ERROR("%s: register SERVICE_FUNCTION_FORWARDER_PROFILE plugin extension callbacks failed", LOG_TAG_POLICY); return -1; } - if (Maat_plugin_EX_register(enforcer->maat, enforcer->sf_table_id, - sf_param_new_cb, - sf_param_free_cb, - sf_param_dup_cb, - NULL, 0, enforcer) != 0) + if (maat_plugin_table_ex_schema_register(enforcer->maat, "SERVICE_FUNCTION_PROFILE", + sf_param_new_cb, + sf_param_free_cb, + sf_param_dup_cb, + 0, enforcer) != 0) { LOG_ERROR("%s: register SERVICE_FUNCTION_PROFILE plugin extension callbacks failed", LOG_TAG_POLICY); return -1; @@ -1467,7 +1480,7 @@ int policy_enforce_chaining_size(struct policy_enforcer *enforcer) return enforcer->config.max_chaining_size; } -void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct raw_pkt_parser *parser, int policy_id, int dir_is_i2e) +void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct raw_pkt_parser *parser, uint64_t rule_id, int dir_is_i2e) { uint64_t hash_value = 0; char buffer[16] = {0}; @@ -1477,11 +1490,11 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se struct chaining_param *chaining_param = NULL; struct selected_chaining *chaining = NULL; - snprintf(buffer, sizeof(buffer), "%d", policy_id); - chaining_param = (struct chaining_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->compile_table_id, buffer); + snprintf(buffer, sizeof(buffer), "%lu", rule_id); + chaining_param = (struct chaining_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->compile_table_id, buffer); if (chaining_param == NULL) { - LOG_ERROR("%s: session %lu %s failed to get chaining parameter of policy %d", LOG_TAG_POLICY, s_ctx->session_id, s_ctx->session_addr, policy_id); + LOG_ERROR("%s: session %lu %s failed to get chaining parameter of policy %lu", LOG_TAG_POLICY, s_ctx->session_id, s_ctx->session_addr, rule_id); return; } @@ -1493,21 +1506,21 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se { chaining = chainings->chaining_decrypted; } - LOG_INFO("%s: session %lu %s enforce %s chaining policy %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, traffic_type_to_string(chaining_param->traffic_type), policy_id); + LOG_INFO("%s: session %lu %s enforce %s chaining rule %lu", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, traffic_type_to_string(chaining_param->traffic_type), rule_id); for (int i = 0; i < chaining_param->sff_profile_ids_num && chaining->chaining_used < chaining->chaining_size; i++) { struct selected_sf *item = &(chaining->chaining[chaining->chaining_used]); selected_sf_init(item); - item->policy_id = policy_id; + item->rule_id = rule_id; item->traffic_type = chaining_param->traffic_type; item->sff_profile_id = chaining_param->sff_profile_ids[i]; item->sf_index = chaining->chaining_used; memset(buffer, 0, sizeof(buffer)); snprintf(buffer, sizeof(buffer), "%u", item->sff_profile_id); - sff_param = (struct sff_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->sff_table_id, buffer); + sff_param = (struct sff_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->sff_table_id, buffer); if (sff_param == NULL) { LOG_ERROR("%s: session %lu %s failed to get sff parameter of profile %d, bypass current sff !!!", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, item->sff_profile_id); @@ -1521,7 +1534,7 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se memset(&array, 0, sizeof(array)); fixed_num_array_init(&array); select_sf_by_nearby_and_adminstatus(enforcer, sff_param, &array); - LOG_DEBUG("%s: session %lu %s select sf from chaining policy %d sff_profile %d, sf_profile_num (before filter: %d -> filter nearby/admin_status: %d)", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, policy_id, item->sff_profile_id, sff_param->sf_profile_ids_num, fixed_num_array_count_elem(&array)); + LOG_DEBUG("%s: session %lu %s select sf from chaining rule %lu sff_profile %d, sf_profile_num (before filter: %d -> filter nearby/admin_status: %d)", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, rule_id, item->sff_profile_id, sff_param->sf_profile_ids_num, fixed_num_array_count_elem(&array)); if (fixed_num_array_count_elem(&array) == 0) { switch (sff_param->sff_exception.fail_action) @@ -1547,7 +1560,7 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se } break; } - LOG_DEBUG("%s: session %lu %s select sf frome chaining policy %d sff_profile %d, no sf available after filtering by 'nearby & admin_status', %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, policy_id, item->sff_profile_id, action_reason_to_string(item->sf_action_reason)); + LOG_DEBUG("%s: session %lu %s rule_id %lu sff_profile_id %d, no sf available after filtering by 'nearby & admin_status', %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, rule_id, item->sff_profile_id, action_reason_to_string(item->sf_action_reason)); chaining->chaining_used++; sff_param_free(sff_param); continue; @@ -1564,7 +1577,7 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se memset(&buffer, 0, sizeof(buffer)); snprintf(buffer, sizeof(buffer), "%u", item->sf_profile_id); - sf_param = (struct sf_param *)Maat_plugin_get_EX_data(enforcer->maat, enforcer->sf_table_id, buffer); + sf_param = (struct sf_param *)maat_plugin_table_get_ex_data(enforcer->maat, enforcer->sf_table_id, buffer); if (sf_param == NULL) { LOG_ERROR("%s: session %lu %s failed to get sf parameter of profile %d, bypass current sff !!!", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, item->sf_profile_id); diff --git a/platform/src/sce.cpp b/platform/src/sce.cpp index be62dbe..be31fe7 100644 --- a/platform/src/sce.cpp +++ b/platform/src/sce.cpp @@ -82,7 +82,7 @@ struct session_ctx *session_ctx_new() struct session_ctx *session_ctx = (struct session_ctx *)calloc(1, sizeof(struct session_ctx)); assert(session_ctx != NULL); - fixed_num_array_init(&session_ctx->policy_ids); + fixed_num_array_init(&session_ctx->rule_ids); session_ctx->raw_meta_i2e = metadata_new(); session_ctx->raw_meta_e2i = metadata_new(); diff --git a/platform/src/sf_metrics.cpp b/platform/src/sf_metrics.cpp index f78bde9..7337ade 100644 --- a/platform/src/sf_metrics.cpp +++ b/platform/src/sf_metrics.cpp @@ -10,11 +10,11 @@ #include "utils.h" #include "sf_metrics.h" -#define SCE_SF_METRICS "SCE-SF-METRICS,rule_id=%d,sff_profile_id=%d,sf_profile_id=%d,type=service_chaining_metrics sent_pkts=%lu,sent_bytes=%lu,recv_pkts=%lu,recv_bytes=%lu" +#define SCE_SF_METRICS "SCE-SF-METRICS,rule_id=%lu,sff_profile_id=%d,sf_profile_id=%d,type=service_chaining_metrics sent_pkts=%lu,sent_bytes=%lu,recv_pkts=%lu,recv_bytes=%lu" struct key_tuple { - int rule_id; + uint64_t rule_id; int sff_profile_id; int sf_profile_id; }; @@ -137,7 +137,7 @@ void sf_metrics_reset(struct sf_metrics *handle) } } -void sf_metrics_inc(struct sf_metrics *handle, int rule_id, int sff_profile_id, int sf_profile_id, uint64_t rx_pkts, uint64_t rx_bytes, uint64_t tx_pkts, uint64_t tx_bytes) +void sf_metrics_inc(struct sf_metrics *handle, uint64_t rule_id, int sff_profile_id, int sf_profile_id, uint64_t rx_pkts, uint64_t rx_bytes, uint64_t tx_pkts, uint64_t tx_bytes) { if (handle->config.enable == 0) { diff --git a/platform/test/CMakeLists.txt b/platform/test/CMakeLists.txt index 7cdd705..cd66ab2 100644 --- a/platform/test/CMakeLists.txt +++ b/platform/test/CMakeLists.txt @@ -14,4 +14,5 @@ target_link_libraries(gtest_policy common platform gtest) include(GoogleTest) gtest_discover_tests(gtest_policy) -file(COPY ./test_resource/ DESTINATION ./test_resource/) \ No newline at end of file +file(COPY ./test_resource/ DESTINATION ./test_resource/) +file(COPY ${CMAKE_SOURCE_DIR}/resource/table_info.conf DESTINATION ./test_resource/) \ No newline at end of file diff --git a/platform/test/gtest_policy.cpp b/platform/test/gtest_policy.cpp index 7e85497..937aae7 100644 --- a/platform/test/gtest_policy.cpp +++ b/platform/test/gtest_policy.cpp @@ -18,7 +18,7 @@ TEST(POLICY, SELECTED_CHAINING_LIFE_CYCLE) { struct selected_chaining *chaining = NULL; - chaining = selected_chaining_create(128, 0, NULL); + chaining = selected_chaining_create(128, 1, (char *)"1.1.1.1 11 2.2.2.2 22"); EXPECT_TRUE(chaining != nullptr); selected_chaining_destory(chaining); @@ -32,6 +32,8 @@ TEST(POLICY, POLICY_ENFORCER_LIFE_CYCLE) t_ctx.ref_metrics = &g_metrics; s_ctx.ref_thread_ctx = &t_ctx; + s_ctx.session_id = 1; + s_ctx.session_addr = (char *)"1.1.1.1 11 2.2.2.2 22"; struct raw_pkt_parser handler; raw_packet_parser_init(&handler, 0, LAYER_TYPE_ALL, 8); @@ -47,8 +49,8 @@ TEST(POLICY, POLICY_ENFORCER_LIFE_CYCLE) int dir_is_i2e = 1; struct selected_chainings chainings; - chainings.chaining_raw = selected_chaining_create(64, 0, NULL); - chainings.chaining_decrypted = selected_chaining_create(64, 0, NULL); + chainings.chaining_raw = selected_chaining_create(64, s_ctx.session_id, s_ctx.session_addr); + chainings.chaining_decrypted = selected_chaining_create(64, s_ctx.session_id, s_ctx.session_addr); policy_enforce_select_chainings(enforcer, &chainings, &s_ctx, &handler, 1, dir_is_i2e); policy_enforce_select_chainings(enforcer, &chainings, &s_ctx, &handler, 2, dir_is_i2e); policy_enforce_select_chainings(enforcer, &chainings, &s_ctx, &handler, 11, dir_is_i2e); diff --git a/platform/test/test_resource/sce.conf b/platform/test/test_resource/sce.conf index 50b700a..3d51ddb 100644 --- a/platform/test/test_resource/sce.conf +++ b/platform/test/test_resource/sce.conf @@ -4,6 +4,9 @@ nr_worker_threads=8 [maat] # 0:json 1:redis 2:iris input_mode=0 +# LOG_LEVEL_TRACE = 0; LOG_LEVEL_DEBUG = 1; LOG_LEVEL_INFO = 2; +# LOG_LEVEL_WARN = 3; LOG_LEVEL_ERROR = 4; LOG_LEVEL_FATAL = 5; +log_level=1 stat_switch=1 perf_switch=1 scan_detail=0 diff --git a/platform/test/test_resource/table_info.conf b/platform/test/test_resource/table_info.conf deleted file mode 100644 index ed7798c..0000000 --- a/platform/test/test_resource/table_info.conf +++ /dev/null @@ -1,3 +0,0 @@ -0 SERVICE_CHAINING_COMPILE plugin {"key":1,"valid":8} -1 SERVICE_FUNCTION_FORWARDER_PROFILE plugin {"key":1,"valid":8} -2 SERVICE_FUNCTION_PROFILE plugin {"key":1,"valid":6} \ No newline at end of file diff --git a/resource/table_info.conf b/resource/table_info.conf index ed7798c..f994170 100644 --- a/resource/table_info.conf +++ b/resource/table_info.conf @@ -1,3 +1,32 @@ -0 SERVICE_CHAINING_COMPILE plugin {"key":1,"valid":8} -1 SERVICE_FUNCTION_FORWARDER_PROFILE plugin {"key":1,"valid":8} -2 SERVICE_FUNCTION_PROFILE plugin {"key":1,"valid":6} \ No newline at end of file +[ + { + "table_id":0, + "table_name":"SERVICE_CHAINING_COMPILE", + "table_type":"plugin", + "valid_column":8, + "custom":{ + "key":1, + "key_type":"pointer" + } + }, + { + "table_id":1, + "table_name":"SERVICE_FUNCTION_FORWARDER_PROFILE", + "table_type":"plugin", + "valid_column":8, + "custom":{ + "key":1, + "key_type":"pointer" + } + }, + { + "table_id":2, + "table_name":"SERVICE_FUNCTION_PROFILE", + "table_type":"plugin", + "valid_column":6, + "custom":{ + "key":1, + "key_type":"pointer" + } + } +] \ No newline at end of file diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index bb7991b..2c47121 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -81,4 +81,5 @@ gtest_discover_tests(gtest_raw_pkt_stee_forward) file(COPY ./test_data/log/ DESTINATION ./log/) file(COPY ./test_data/conf/ DESTINATION ./conf/) -file(COPY ./test_data/resource/ DESTINATION ./resource/) \ No newline at end of file +file(COPY ./test_data/resource/ DESTINATION ./resource/) +file(COPY ${CMAKE_SOURCE_DIR}/resource/table_info.conf DESTINATION ./resource/) \ No newline at end of file diff --git a/test/test_data/conf/sce.conf b/test/test_data/conf/sce.conf index 68cfe53..5a362f8 100644 --- a/test/test_data/conf/sce.conf +++ b/test/test_data/conf/sce.conf @@ -18,6 +18,9 @@ breakpad_upload_tools=/opt/tsg/framework/bin/minidump_upload [maat] # 0:json 1:redis 2:iris input_mode=0 +# LOG_LEVEL_TRACE = 0; LOG_LEVEL_DEBUG = 1; LOG_LEVEL_INFO = 2; +# LOG_LEVEL_WARN = 3; LOG_LEVEL_ERROR = 4; LOG_LEVEL_FATAL = 5; +log_level=1 stat_switch=1 perf_switch=1 scan_detail=0 diff --git a/test/test_data/resource/table_info.conf b/test/test_data/resource/table_info.conf deleted file mode 100644 index ed7798c..0000000 --- a/test/test_data/resource/table_info.conf +++ /dev/null @@ -1,3 +0,0 @@ -0 SERVICE_CHAINING_COMPILE plugin {"key":1,"valid":8} -1 SERVICE_FUNCTION_FORWARDER_PROFILE plugin {"key":1,"valid":8} -2 SERVICE_FUNCTION_PROFILE plugin {"key":1,"valid":6} \ No newline at end of file diff --git a/vendor/CMakeLists.txt b/vendor/CMakeLists.txt index fe80236..3ad8e31 100644 --- a/vendor/CMakeLists.txt +++ b/vendor/CMakeLists.txt @@ -53,7 +53,7 @@ set_property(TARGET MESA_field_stat PROPERTY IMPORTED_LOCATION ${MESA_FRAMEWORK_ set_property(TARGET MESA_field_stat PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${MESA_FRAMEWORK_INCLUDE_DIR}) add_library(maatframe SHARED IMPORTED GLOBAL) -set_property(TARGET maatframe PROPERTY IMPORTED_LOCATION ${MESA_FRAMEWORK_LIB_DIR}/libmaatframe.so) +set_property(TARGET maatframe PROPERTY IMPORTED_LOCATION ${MESA_FRAMEWORK_LIB_DIR}/libmaat4.so) set_property(TARGET maatframe PROPERTY INTERFACE_INCLUDE_DIRECTORIES ${MESA_FRAMEWORK_INCLUDE_DIR}) set(MRZCPD_LIB_DIR /opt/mrzcpd/lib)