diff options
| author | luwenpeng <[email protected]> | 2023-11-23 16:52:06 +0800 |
|---|---|---|
| committer | luwenpeng <[email protected]> | 2023-11-24 11:37:24 +0800 |
| commit | bda50d79af1f7c59f5ab71fdefff06e3e3397be2 (patch) | |
| tree | 8eec56e3276271a192c2f73c1e2831aa5c02e22f /platform/src | |
| parent | cbac7fea291ded728a630227e196e17543f4646d (diff) | |
perf: 删除无效代码;修改变量命名;减少内存分配
Diffstat (limited to 'platform/src')
| -rw-r--r-- | platform/src/global_metrics.cpp | 28 | ||||
| -rw-r--r-- | platform/src/packet_io.cpp | 180 | ||||
| -rw-r--r-- | platform/src/policy.cpp | 47 | ||||
| -rw-r--r-- | platform/src/sce.cpp | 90 | ||||
| -rw-r--r-- | platform/src/sf_metrics.cpp | 2 | ||||
| -rw-r--r-- | platform/src/sf_status.cpp | 20 |
6 files changed, 157 insertions, 210 deletions
diff --git a/platform/src/global_metrics.cpp b/platform/src/global_metrics.cpp index 8044629..dd9d481 100644 --- a/platform/src/global_metrics.cpp +++ b/platform/src/global_metrics.cpp @@ -220,13 +220,13 @@ static void global_metrics_parse_config(const char *profile, struct metrics_conf config->statsd_format = 1; } - LOG_DEBUG("%s: STAT->output_file : %s", LOG_TAG_METRICS, config->output_file); - LOG_DEBUG("%s: STAT->statsd_server : %s", LOG_TAG_METRICS, config->statsd_server); - LOG_DEBUG("%s: STAT->statsd_port : %d", LOG_TAG_METRICS, config->statsd_port); - LOG_DEBUG("%s: STAT->statsd_format : %d", LOG_TAG_METRICS, config->statsd_format); - LOG_DEBUG("%s: STAT->statsd_cycle : %d", LOG_TAG_METRICS, config->statsd_cycle); - LOG_DEBUG("%s: STAT->prometheus_listen_port : %d", LOG_TAG_METRICS, config->prometheus_listen_port); - LOG_DEBUG("%s: STAT->prometheus_listen_url : %s", LOG_TAG_METRICS, config->prometheus_listen_url); + LOG_DEBUG("STAT->output_file : %s", config->output_file); + LOG_DEBUG("STAT->statsd_server : %s", config->statsd_server); + LOG_DEBUG("STAT->statsd_port : %d", config->statsd_port); + LOG_DEBUG("STAT->statsd_format : %d", config->statsd_format); + LOG_DEBUG("STAT->statsd_cycle : %d", config->statsd_cycle); + LOG_DEBUG("STAT->prometheus_listen_port : %d", config->prometheus_listen_port); + LOG_DEBUG("STAT->prometheus_listen_url : %s", config->prometheus_listen_url); } struct global_metrics *global_metrics_create(const char *profile, int thread_num) @@ -264,7 +264,7 @@ struct global_metrics *global_metrics_create(const char *profile, int thread_num if (STAT_MAX >= (sizeof(global_metrics->fs_id) / sizeof(global_metrics->fs_id[0]))) { - LOG_ERROR("%s: field stat has insufficient space to store fs_id, and supports a maximum of %lu fsids, but %d is needed ", LOG_TAG_METRICS, (sizeof(global_metrics->fs_id) / sizeof(global_metrics->fs_id[0])), STAT_MAX); + LOG_ERROR("field stat has insufficient space to store fs_id, and supports a maximum of %lu fsids, but %d is needed ", (sizeof(global_metrics->fs_id) / sizeof(global_metrics->fs_id[0])), STAT_MAX); global_metrics_destory(global_metrics); return NULL; } @@ -283,6 +283,18 @@ void global_metrics_destory(struct global_metrics *global_metrics) { if (global_metrics) { + if (global_metrics->thread_metrics_flag) + { + free(global_metrics->thread_metrics_flag); + global_metrics->thread_metrics_flag = NULL; + } + + if (global_metrics->thread_metrics_cache) + { + free(global_metrics->thread_metrics_cache); + global_metrics->thread_metrics_cache = NULL; + } + FS_library_destroy(); free(global_metrics); global_metrics = NULL; diff --git a/platform/src/packet_io.cpp b/platform/src/packet_io.cpp index cd87e4a..fef959a 100644 --- a/platform/src/packet_io.cpp +++ b/platform/src/packet_io.cpp @@ -94,7 +94,7 @@ int mbuff_get_metadata(marsio_buff_t *rx_buff, struct metadata *meta) // 1: E2I // 0: I2E - if (marsio_buff_get_metadata(rx_buff, MR_BUFF_DIR, &(meta->is_e2i_dir), sizeof(meta->is_e2i_dir)) <= 0) + if (marsio_buff_get_metadata(rx_buff, MR_BUFF_DIR, &(meta->direction), sizeof(meta->direction)) <= 0) { LOG_ERROR("%s: unable to get buff_dir from metadata", LOG_TAG_PKTIO); return -1; @@ -210,21 +210,23 @@ static void update_session_by_metadata(struct session_ctx *ctx, struct metadata if (meta->is_decrypted) { - dst_meta_i2e = ctx->decrypted_meta_i2e; - dst_meta_e2i = ctx->decrypted_meta_e2i; + dst_meta_i2e = &ctx->decrypted_meta_i2e; + dst_meta_e2i = &ctx->decrypted_meta_e2i; } else { - dst_meta_i2e = ctx->raw_meta_i2e; - dst_meta_e2i = ctx->raw_meta_e2i; + dst_meta_i2e = &ctx->raw_meta_i2e; + dst_meta_e2i = &ctx->raw_meta_e2i; } - if (meta->is_e2i_dir) + // 1: E2I + // 0: I2E + if (meta->direction) { // first packet update metadata - if (metadata_is_empty(dst_meta_e2i)) + if (metadata_isempty(dst_meta_e2i)) { - metadata_shallow_copy(dst_meta_e2i, meta); + metadata_copy(dst_meta_e2i, meta); } else { @@ -235,9 +237,9 @@ static void update_session_by_metadata(struct session_ctx *ctx, struct metadata else { // first packet update metadata - if (metadata_is_empty(dst_meta_i2e)) + if (metadata_isempty(dst_meta_i2e)) { - metadata_shallow_copy(dst_meta_i2e, meta); + metadata_copy(dst_meta_i2e, meta); } else { @@ -254,30 +256,32 @@ static void update_metadata_by_session(struct session_ctx *ctx, struct metadata meta->session_id = ctx->session_id; - if (meta->is_e2i_dir) + // 1: E2I + // 0: I2E + if (meta->direction) { if (meta->is_decrypted) { - sids = &ctx->decrypted_meta_e2i->sids; - route_ctx = &ctx->decrypted_meta_e2i->route_ctx; + sids = &(ctx->decrypted_meta_e2i.sids); + route_ctx = &(ctx->decrypted_meta_e2i.route_ctx); } else { - sids = &ctx->raw_meta_e2i->sids; - route_ctx = &ctx->raw_meta_e2i->route_ctx; + sids = &(ctx->raw_meta_e2i.sids); + route_ctx = &(ctx->raw_meta_e2i.route_ctx); } } else { if (meta->is_decrypted) { - sids = &ctx->decrypted_meta_i2e->sids; - route_ctx = &ctx->decrypted_meta_i2e->route_ctx; + sids = &(ctx->decrypted_meta_i2e.sids); + route_ctx = &(ctx->decrypted_meta_i2e.route_ctx); } else { - sids = &ctx->raw_meta_i2e->sids; - route_ctx = &ctx->raw_meta_i2e->route_ctx; + sids = &(ctx->raw_meta_i2e.sids); + route_ctx = &(ctx->raw_meta_i2e.route_ctx); } } @@ -491,6 +495,7 @@ static inline int send_packet_to_sf(struct session_ctx *session_ctx, marsio_buff char *buffer = NULL; struct packet_io *packet_io = thread_ctx->ref_io; struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; + uint32_t rehash_index = session_ctx->ctrl_meta.rehash_index; marsio_buff_ctrlzone_reset(mbuff); switch (sf->sf_connectivity.method) @@ -502,18 +507,18 @@ static inline int send_packet_to_sf(struct session_ctx *session_ctx, marsio_buff packet_io->config.dev_endpoint_l3_mac, sf->sf_dst_mac, packet_io->config.dev_endpoint_l3_ip, sf->sf_dst_ip, thread_ctx->tx_packets_ipid % 65535, session_ctx->vxlan_src_port, meta->raw_len, - meta->is_e2i_dir, meta->is_decrypted, sf->sf_index); + meta->direction, meta->is_decrypted, sf->sf_index); nsend = marsio_buff_datalen(mbuff); - marsio_buff_set_metadata(mbuff, MR_BUFF_REHASH_INDEX, &(session_ctx->ctrl_meta->rehash_index), sizeof(session_ctx->ctrl_meta->rehash_index)); + marsio_buff_set_metadata(mbuff, MR_BUFF_REHASH_INDEX, &rehash_index, sizeof(rehash_index)); marsio_send_burst(packet_io->dev_endpoint_l3.mr_path, thread_ctx->thread_index, &mbuff, 1); throughput_metrics_inc(&(thread_metrics->device.endpoint_vxlan_tx), 1, nsend); break; case ENCAPSULATE_METHOD_LAYER2_SWITCH: vlan_encapsulate(mbuff, - meta->is_e2i_dir ? sf->sf_connectivity.ext_vlan_tag : sf->sf_connectivity.int_vlan_tag, + meta->direction ? sf->sf_connectivity.ext_vlan_tag : sf->sf_connectivity.int_vlan_tag, packet_io->config.vlan_encapsulate_replace_orig_vlan_header); nsend = marsio_buff_datalen(mbuff); - marsio_buff_set_metadata(mbuff, MR_BUFF_REHASH_INDEX, &(session_ctx->ctrl_meta->rehash_index), sizeof(session_ctx->ctrl_meta->rehash_index)); + marsio_buff_set_metadata(mbuff, MR_BUFF_REHASH_INDEX, &rehash_index, sizeof(rehash_index)); marsio_send_burst(packet_io->dev_endpoint_l2.mr_path, thread_ctx->thread_index, &mbuff, 1); throughput_metrics_inc(&(thread_metrics->device.endpoint_vlan_tx), 1, nsend); break; @@ -654,7 +659,7 @@ static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx LOG_TAG_POLICY, session_ctx->session_id, session_ctx->session_addr, sf_index, chaining->chaining_used, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, - (meta->is_decrypted == 1 ? "decrypted" : "raw"), (meta->is_e2i_dir ? "E2I" : "I2E"), forward_type_to_string(sf->sff_forward_type), action_desc_to_string(sf->sf_action_desc)); + (meta->is_decrypted ? "decrypted" : "raw"), (meta->direction ? "E2I" : "I2E"), forward_type_tostring(sf->sff_forward_type), action_desc_tostring(sf->sf_action_desc)); switch (sf->sf_action) { @@ -714,13 +719,13 @@ static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx * handle session status ******************************************************************************/ -static int send_ctrl_packet(struct session_ctx *session_ctx, struct selected_chainings *chainings, struct thread_ctx *thread_ctx) +static int send_ctrl_packet(struct session_ctx *session_ctx, struct thread_ctx *thread_ctx) { struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx; struct packet_io *packet_io = thread_ctx->ref_io; struct mutable_array *rule_ids = &session_ctx->rule_ids; - struct selected_chaining *chaining_raw = chainings->chaining_raw; - struct selected_chaining *chaining_decrypted = chainings->chaining_decrypted; + struct selected_chaining *chaining_raw = session_ctx->chaining_raw; + struct selected_chaining *chaining_decrypted = session_ctx->chaining_decrypted; int thread_index = thread_ctx->thread_index; int sc_rsp_raw_exist = 0; int sc_rsp_decrypted_exist = 0; @@ -831,11 +836,11 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct selected_cha return 0; } - LOG_INFO("%s: session %lu %s send event log %ld bytes", LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, size); + LOG_INFO("%s: session %lu %s send event log %ld bytes", LOG_TAG_SFMETRICS, session_ctx->session_id, session_ctx->session_addr, size); marsio_buff_t *tx_buffs[1]; - char *packet_header_data = session_ctx->ctrl_meta->raw_data; - int packet_header_len = session_ctx->ctrl_meta->l7offset; + const char *packet_header_data = session_ctx->ctrl_packet_header_data; + int packet_header_len = session_ctx->ctrl_packet_header_len; marsio_buff_malloc_global(packet_io->instance, tx_buffs, 1, 0, thread_index); char *dst = marsio_buff_append(tx_buffs[0], packet_header_len + size); memcpy(dst, packet_header_data, packet_header_len); @@ -847,7 +852,7 @@ static int send_ctrl_packet(struct session_ctx *session_ctx, struct selected_cha meta.is_ctrl_pkt = 1; meta.sids.num = 1; meta.sids.elems[0] = sce_ctx->firewall_sids; - route_ctx_copy(&meta.route_ctx, &session_ctx->ctrl_meta->route_ctx); + route_ctx_copy(&meta.route_ctx, &(session_ctx->ctrl_meta.route_ctx)); mbuff_set_metadata(tx_buffs[0], &meta); int nsend = marsio_buff_datalen(tx_buffs[0]); marsio_send_burst(packet_io->dev_nf.mr_path, thread_index, tx_buffs, 1); @@ -864,7 +869,7 @@ static void send_event_log(struct session_ctx *session_ctx, struct thread_ctx *t if (sce_ctx->enable_send_log) { - nsend = send_ctrl_packet(session_ctx, &session_ctx->chainings, thread_ctx); + nsend = send_ctrl_packet(session_ctx, thread_ctx); if (nsend > 0) { ATOMIC_INC(&(thread_metrics->sf_session.log)); @@ -885,9 +890,9 @@ static void dump_sf_metrics(struct session_ctx *session_ctx, struct selected_cha { struct selected_sf *sf = &(chaining->chaining[i]); LOG_INFO("%s: session %lu %s metrics: policy %lu->%d->%d action %s->%s->%s rx_pkts %lu rx_bytes %lu tx_pkts %lu tx_bytes %lu", - LOG_TAG_METRICS, session_ctx->session_id, session_ctx->session_addr, + LOG_TAG_SFMETRICS, session_ctx->session_id, session_ctx->session_addr, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, - traffic_type_to_string(sf->traffic_type), forward_type_to_string(sf->sff_forward_type), action_desc_to_string(sf->sf_action_desc), + traffic_type_tostring(sf->traffic_type), forward_type_tostring(sf->sff_forward_type), action_desc_tostring(sf->sf_action_desc), sf->rx.n_pkts, sf->rx.n_bytes, sf->tx.n_pkts, sf->tx.n_bytes); } } @@ -898,7 +903,7 @@ static void session_value_free_cb(void *ctx) session_ctx_free(s_ctx); } -static void handle_policy_mutil_hits(struct session_ctx *session_ctx, struct control_packet *ctrl_pkt, packet *data_pkt, int is_e2i_dir, struct thread_ctx *thread_ctx) +static void handle_policy_mutil_hits(struct session_ctx *session_ctx, struct control_packet *ctrl_pkt, packet *data_pkt, int direction, struct thread_ctx *thread_ctx) { struct policy_enforcer *enforcer = thread_ctx->ref_enforcer; struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx; @@ -912,12 +917,12 @@ static void handle_policy_mutil_hits(struct session_ctx *session_ctx, struct con } else { - policy_enforce_select_chainings(enforcer, &session_ctx->chainings, session_ctx, data_pkt, rule_id, is_e2i_dir); + policy_enforce_select_chainings(enforcer, session_ctx, data_pkt, rule_id, direction); if (sce_ctx->enable_debug) { - selected_chaining_bref(session_ctx->chainings.chaining_raw); - selected_chaining_bref(session_ctx->chainings.chaining_decrypted); + selected_chaining_bref(session_ctx->chaining_raw); + selected_chaining_bref(session_ctx->chaining_decrypted); } mutable_array_add_elem(&session_ctx->rule_ids, rule_id); @@ -925,51 +930,6 @@ static void handle_policy_mutil_hits(struct session_ctx *session_ctx, struct con } } -static void handle_session_opening(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx) -{ - struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; - struct policy_enforcer *enforcer = thread_ctx->ref_enforcer; - struct session_table *session_table = thread_ctx->session_table; - struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx; - int chaining_size = policy_enforce_chaining_size(enforcer); - -#if 0 - if (session_table_search_by_id(session_table, meta->session_id)) - { - return ; - } -#endif - - struct packet data_pkt; - struct four_tuple inner_tuple4; - const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len); - sce_packet_get_innermost_tuple(&data_pkt, &inner_tuple4); - uint16_t real_offset = payload - meta->raw_data; - if (real_offset != meta->l7offset) - { - char *addr_str = four_tuple_tostring(&inner_tuple4); - LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, real_offset); - free(addr_str); - } - - struct session_ctx *session_ctx = session_ctx_new(); - session_ctx->session_id = meta->session_id; - session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(&inner_tuple4) : NULL; - session_ctx->vxlan_src_port = calculate_vxlan_source_port(&inner_tuple4); - four_tuple_copy(&session_ctx->inner_tuple4, &inner_tuple4); - metadata_deep_copy(session_ctx->ctrl_meta, meta); - session_ctx->chainings.chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); - session_ctx->chainings.chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); - session_ctx->ref_thread_ctx = thread_ctx; - - LOG_INFO("%s: session %lu %s active first", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr); - handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->is_e2i_dir, thread_ctx); - send_event_log(session_ctx, thread_ctx); - - session_table_insert(session_table, session_ctx->session_id, &session_ctx->inner_tuple4, session_ctx, session_value_free_cb); - ATOMIC_INC(&(thread_metrics->sf_session.num)); -} - static void handle_session_closing(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx) { struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; @@ -981,11 +941,8 @@ static void handle_session_closing(struct metadata *meta, struct control_packet struct session_ctx *s_ctx = (struct session_ctx *)node->value; LOG_INFO("%s: session %lu %s closing", LOG_TAG_PKTIO, s_ctx->session_id, s_ctx->session_addr); - struct selected_chaining *chaining_raw = s_ctx->chainings.chaining_raw; - dump_sf_metrics(s_ctx, chaining_raw); - - struct selected_chaining *chaining_decrypted = s_ctx->chainings.chaining_decrypted; - dump_sf_metrics(s_ctx, chaining_decrypted); + dump_sf_metrics(s_ctx, s_ctx->chaining_raw); + dump_sf_metrics(s_ctx, s_ctx->chaining_decrypted); session_table_delete_by_id(session_table, meta->session_id); ATOMIC_DEC(&(thread_metrics->sf_session.num)); @@ -995,6 +952,9 @@ static void handle_session_closing(struct metadata *meta, struct control_packet static void handle_session_active(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx) { struct session_table *session_table = thread_ctx->session_table; + struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; + struct policy_enforcer *enforcer = thread_ctx->ref_enforcer; + struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx; struct session_node *node = session_table_search_by_id(session_table, meta->session_id); if (node) @@ -1010,12 +970,42 @@ static void handle_session_active(struct metadata *meta, struct control_packet * } LOG_INFO("%s: session %lu %s active again", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr); - handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->is_e2i_dir, thread_ctx); + handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx); send_event_log(session_ctx, thread_ctx); } else { - handle_session_opening(meta, ctrl_pkt, thread_ctx); + struct packet data_pkt; + struct four_tuple inner_tuple4; + const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len); + sce_packet_get_innermost_tuple(&data_pkt, &inner_tuple4); + uint16_t real_offset = payload - meta->raw_data; + if (real_offset != meta->l7offset) + { + char *addr_str = four_tuple_tostring(&inner_tuple4); + LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, real_offset); + free(addr_str); + } + + int chaining_size = policy_enforce_chaining_size(enforcer); + struct session_ctx *session_ctx = session_ctx_new(); + session_ctx->session_id = meta->session_id; + session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(&inner_tuple4) : NULL; + session_ctx->vxlan_src_port = calculate_vxlan_source_port(&inner_tuple4); + four_tuple_copy(&session_ctx->inner_tuple4, &inner_tuple4); + metadata_copy(&session_ctx->ctrl_meta, meta); + session_ctx->ctrl_packet_header_data = memdup(meta->raw_data, meta->raw_len); + session_ctx->ctrl_packet_header_len = meta->raw_len; + session_ctx->chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); + session_ctx->chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); + session_ctx->ref_thread_ctx = thread_ctx; + + LOG_INFO("%s: session %lu %s active first", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr); + handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx); + send_event_log(session_ctx, thread_ctx); + + session_table_insert(session_table, session_ctx->session_id, &session_ctx->inner_tuple4, session_ctx, session_value_free_cb); + ATOMIC_INC(&(thread_metrics->sf_session.num)); } } @@ -1140,11 +1130,11 @@ static void handle_data_packet(marsio_buff_t *rx_buff, struct thread_ctx *thread if (meta.is_decrypted == 1) { - chaining = session_ctx->chainings.chaining_decrypted; + chaining = session_ctx->chaining_decrypted; } else { - chaining = session_ctx->chainings.chaining_raw; + chaining = session_ctx->chaining_raw; } if (chaining == NULL) { @@ -1185,7 +1175,7 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx meta.l7offset = 0; meta.is_ctrl_pkt = 0; sf_index = vxlan_get_opt(vxlan_hdr, VNI_OPT_SFINDEX); - meta.is_e2i_dir = vxlan_get_opt(vxlan_hdr, VNI_OPT_DIR); + meta.direction = vxlan_get_opt(vxlan_hdr, VNI_OPT_DIR); meta.is_decrypted = vxlan_get_opt(vxlan_hdr, VNI_OPT_TRAFFIC); session_ctx = inject_packet_search_session(session_table, meta.raw_data, meta.raw_len); @@ -1198,11 +1188,11 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx if (meta.is_decrypted == 1) { - chaining = session_ctx->chainings.chaining_decrypted; + chaining = session_ctx->chaining_decrypted; } else { - chaining = session_ctx->chainings.chaining_raw; + chaining = session_ctx->chaining_raw; } if (chaining == NULL || sf_index < 0 || sf_index >= chaining->chaining_used) diff --git a/platform/src/policy.cpp b/platform/src/policy.cpp index 9ee012c..4fbe4ce 100644 --- a/platform/src/policy.cpp +++ b/platform/src/policy.cpp @@ -374,7 +374,7 @@ static void chaining_param_new_cb(const char *table_name, int table_id, const ch LOG_ERROR("%s: unexpected chaining rule: (invalid targeted_traffic param) %s", LOG_TAG_POLICY, table_line); goto error_out; } - LOG_DEBUG("%s: parse chaining rule: %lu, targeted_traffic: %s", LOG_TAG_POLICY, param->rule_id, traffic_type_to_string(param->traffic_type)); + LOG_DEBUG("%s: parse chaining rule: %lu, targeted_traffic: %s", LOG_TAG_POLICY, param->rule_id, traffic_type_tostring(param->traffic_type)); // sff_profiles item = cJSON_GetObjectItem(json, "sff_profiles"); @@ -515,7 +515,7 @@ static void sff_param_new_cb(const char *table_name, int table_id, const char *k LOG_ERROR("%s: unexpected sff profile: (invalid type param) %s", LOG_TAG_POLICY, table_line); goto error_out; } - LOG_DEBUG("%s: parse sff profile: %d, type: %s", LOG_TAG_POLICY, param->sff_profile_id, forward_type_to_string(param->sff_forward_type)); + LOG_DEBUG("%s: parse sff profile: %d, type: %s", LOG_TAG_POLICY, param->sff_profile_id, forward_type_tostring(param->sff_forward_type)); // load_balance_method if (0 == strcasecmp(load_balance_method, "hash-int-ip")) @@ -820,7 +820,7 @@ static void sf_param_new_cb(const char *table_name, int table_id, const char *ke LOG_ERROR("%s: unexpected sf profile: (invalid connectivity->method param) %s", LOG_TAG_POLICY, table_line); goto error_out; } - LOG_DEBUG("%s: parse sf profile: %d, connectivity->method: %s", LOG_TAG_POLICY, param->sf_profile_id, encapsulate_method_to_string(param->sf_connectivity.method)); + LOG_DEBUG("%s: parse sf profile: %d, connectivity->method: %s", LOG_TAG_POLICY, param->sf_profile_id, encapsulate_method_tostring(param->sf_connectivity.method)); if (param->sf_connectivity.method == ENCAPSULATE_METHOD_LAYER2_SWITCH || param->sf_connectivity.method == ENCAPSULATE_METHOD_LAYER3_SWITCH) { @@ -1264,7 +1264,7 @@ static void select_sf_from_sff(struct policy_enforcer *enforcer, struct sff_para * Public API -- Utils ******************************************************************************/ -const char *traffic_type_to_string(enum traffic_type traffic_type) +const char *traffic_type_tostring(enum traffic_type traffic_type) { switch (traffic_type) { @@ -1279,7 +1279,7 @@ const char *traffic_type_to_string(enum traffic_type traffic_type) } } -const char *forward_type_to_string(enum forward_type forward_type) +const char *forward_type_tostring(enum forward_type forward_type) { switch (forward_type) { @@ -1294,7 +1294,7 @@ const char *forward_type_to_string(enum forward_type forward_type) } } -const char *action_desc_to_string(enum action_desc action_desc) +const char *action_desc_tostring(enum action_desc action_desc) { switch (action_desc) { @@ -1319,7 +1319,7 @@ const char *action_desc_to_string(enum action_desc action_desc) } } -const char *encapsulate_method_to_string(enum encapsulate_method encap_method) +const char *encapsulate_method_tostring(enum encapsulate_method encap_method) { switch (encap_method) { @@ -1344,11 +1344,11 @@ const char *encapsulate_method_to_string(enum encapsulate_method encap_method) // return !NULL : success struct selected_chaining *selected_chaining_create(int chaining_size, uint64_t session_id, char *session_addr) { - struct selected_chaining *chaining = (struct selected_chaining *)calloc(1, sizeof(struct selected_chaining)); + struct selected_chaining *chaining = (struct selected_chaining *)calloc(1, sizeof(struct selected_chaining) + chaining_size * sizeof(struct selected_sf)); assert(chaining); chaining->chaining_used = 0; chaining->chaining_size = chaining_size; - chaining->chaining = (struct selected_sf *)calloc(chaining->chaining_size, sizeof(struct selected_sf)); + chaining->chaining = (struct selected_sf *)(chaining + 1); assert(chaining->chaining); chaining->session_id = session_id; @@ -1361,11 +1361,6 @@ void selected_chaining_destory(struct selected_chaining *chaining) { if (chaining) { - if (chaining->chaining) - { - free(chaining->chaining); - chaining->chaining = NULL; - } free(chaining); chaining = NULL; } @@ -1386,14 +1381,14 @@ void selected_chaining_dump(struct selected_chaining *chaining) { struct selected_sf *node = &(chaining->chaining[i]); LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->rule_id : %lu", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->rule_id); - LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->traffic_type : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, traffic_type_to_string(node->traffic_type)); + LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->traffic_type : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, traffic_type_tostring(node->traffic_type)); // sff LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sff_profile_id : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sff_profile_id); - LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sff_forward_type : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, forward_type_to_string(node->sff_forward_type)); + LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sff_forward_type : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, forward_type_tostring(node->sff_forward_type)); // sf LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_profile_id : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sf_profile_id); - LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_action_desc : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, action_desc_to_string(node->sf_action_desc)); - LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_connectivity->encapsulate_method : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, encapsulate_method_to_string(node->sf_connectivity.method)); + LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_action_desc : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, action_desc_tostring(node->sf_action_desc)); + LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_connectivity->encapsulate_method : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, encapsulate_method_tostring(node->sf_connectivity.method)); LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_connectivity->int_vlan_tag : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sf_connectivity.int_vlan_tag); LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_connectivity->ext_vlan_tag : %d", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sf_connectivity.ext_vlan_tag); LOG_DEBUG("%s: session %lu %s selected_chaining->node[%d]->sf_connectivity->dest_ip : %s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, i, node->sf_connectivity.dest_ip); @@ -1423,7 +1418,7 @@ void selected_chaining_bref(struct selected_chaining *chaining) buff_used += snprintf(buff + buff_used, buff_size - buff_used, "\"node[%d]\":{\"policy\":\"%lu->%d->%d\",\"action\":\"%s->%s->%s\"}", i, node->rule_id, node->sff_profile_id, node->sf_profile_id, - traffic_type_to_string(node->traffic_type), forward_type_to_string(node->sff_forward_type), action_desc_to_string(node->sf_action_desc)); + traffic_type_tostring(node->traffic_type), forward_type_tostring(node->sff_forward_type), action_desc_tostring(node->sf_action_desc)); } } LOG_INFO("%s: session %lu %s selected_chaining_bref: %s}", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, buff); @@ -1473,7 +1468,7 @@ void selected_chaining_uniq(struct selected_chaining *chaining) // return NULL : error // return !NULL : success -struct policy_enforcer *policy_enforcer_create(const char *instance, const char *profile, int thread_num, void *logger) +struct policy_enforcer *policy_enforcer_create(const char *instance, const char *profile, int thread_num) { int ret = 0; int redis_port_begin = 0; @@ -1671,7 +1666,7 @@ int policy_enforce_chaining_size(struct policy_enforcer *enforcer) return enforcer->config.max_chaining_size; } -void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct selected_chainings *chainings, struct session_ctx *s_ctx, struct packet *data_pkt, uint64_t rule_id, int dir_is_i2e) +void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct session_ctx *s_ctx, struct packet *data_pkt, uint64_t rule_id, int direction) { int sff_profile_id; struct selected_chaining *chaining = NULL; @@ -1684,13 +1679,13 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se if (chaining_param->traffic_type == TRAFFIC_TYPE_RAW) { - chaining = chainings->chaining_raw; + chaining = s_ctx->chaining_raw; } else { - chaining = chainings->chaining_decrypted; + chaining = s_ctx->chaining_decrypted; } - LOG_INFO("%s: session %lu %s enforce %s chaining: rule_id %lu", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, traffic_type_to_string(chaining_param->traffic_type), rule_id); + LOG_INFO("%s: session %lu %s enforce %s chaining: rule_id %lu", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, traffic_type_tostring(chaining_param->traffic_type), rule_id); for (int i = 0; i < chaining_param->sff_profile_ids_num && chaining->chaining_used < chaining->chaining_size; i++) { @@ -1717,14 +1712,14 @@ void policy_enforce_select_chainings(struct policy_enforcer *enforcer, struct se // sf_index selected_sf->sf_index = chaining->chaining_used; - uint64_t packet_hash = packet_get_hash(data_pkt, sff_param->sff_ldbc.method, dir_is_i2e); + uint64_t packet_hash = packet_get_hash(data_pkt, sff_param->sff_ldbc.method, direction); select_sf_from_sff(enforcer, sff_param, selected_sf, s_ctx, packet_hash); LOG_INFO("%s: session %lu %s enforce chaining [%d/%d]: policy: %lu->%d->%d, action: %s->%s->%s", LOG_TAG_POLICY, chaining->session_id, chaining->session_addr, selected_sf->sf_index, chaining->chaining_size, selected_sf->rule_id, selected_sf->sff_profile_id, selected_sf->sf_profile_id, - traffic_type_to_string(chaining_param->traffic_type), forward_type_to_string(selected_sf->sff_forward_type), action_desc_to_string(selected_sf->sf_action_desc)); + traffic_type_tostring(chaining_param->traffic_type), forward_type_tostring(selected_sf->sff_forward_type), action_desc_tostring(selected_sf->sf_action_desc)); chaining->chaining_used++; sff_param_free(sff_param); diff --git a/platform/src/sce.cpp b/platform/src/sce.cpp index 9b870ef..26f7f92 100644 --- a/platform/src/sce.cpp +++ b/platform/src/sce.cpp @@ -9,14 +9,7 @@ * Struct Metadata ******************************************************************************/ -struct metadata *metadata_new() -{ - struct metadata *meta = (struct metadata *)calloc(1, sizeof(struct metadata)); - - return meta; -} - -int metadata_is_empty(struct metadata *meta) +int metadata_isempty(struct metadata *meta) { if (meta->write_ref == 0) { @@ -28,7 +21,7 @@ int metadata_is_empty(struct metadata *meta) } } -void metadata_shallow_copy(struct metadata *dst, struct metadata *src) +void metadata_copy(struct metadata *dst, struct metadata *src) { dst->write_ref++; dst->session_id = src->session_id; @@ -36,7 +29,7 @@ void metadata_shallow_copy(struct metadata *dst, struct metadata *src) dst->raw_data = NULL; dst->raw_len = 0; dst->l7offset = src->l7offset; - dst->is_e2i_dir = src->is_e2i_dir; + dst->direction = src->direction; dst->is_ctrl_pkt = src->is_ctrl_pkt; dst->is_decrypted = src->is_decrypted; @@ -44,28 +37,16 @@ void metadata_shallow_copy(struct metadata *dst, struct metadata *src) route_ctx_copy(&dst->route_ctx, &src->route_ctx); } -void metadata_deep_copy(struct metadata *dst, struct metadata *src) +char *memdup(const char *src, int len) { - metadata_shallow_copy(dst, src); - - dst->raw_data = (char *)calloc(src->raw_len + 1, sizeof(char)); - memcpy(dst->raw_data, src->raw_data, src->raw_len); - dst->raw_len = src->raw_len; -} - -void metadata_free(struct metadata *meta) -{ - if (meta) + if (src == NULL || len == 0) { - if (meta->raw_data) - { - free(meta->raw_data); - meta->raw_data = NULL; - } - - free(meta); - meta = NULL; + return NULL; } + + char *dst = (char *)calloc(len + 1, sizeof(char)); + memcpy(dst, src, len); + return dst; } /****************************************************************************** @@ -78,13 +59,6 @@ struct session_ctx *session_ctx_new() assert(session_ctx != NULL); mutable_array_init(&session_ctx->rule_ids); - - session_ctx->decrypted_meta_i2e = metadata_new(); - session_ctx->decrypted_meta_e2i = metadata_new(); - session_ctx->raw_meta_i2e = metadata_new(); - session_ctx->raw_meta_e2i = metadata_new(); - session_ctx->ctrl_meta = metadata_new(); - return session_ctx; } @@ -98,46 +72,22 @@ void session_ctx_free(struct session_ctx *session_ctx) session_ctx->session_addr = NULL; } - if (session_ctx->decrypted_meta_i2e) - { - metadata_free(session_ctx->decrypted_meta_i2e); - session_ctx->decrypted_meta_i2e = NULL; - } - - if (session_ctx->decrypted_meta_e2i) - { - metadata_free(session_ctx->decrypted_meta_e2i); - session_ctx->decrypted_meta_e2i = NULL; - } - - if (session_ctx->raw_meta_i2e) - { - metadata_free(session_ctx->raw_meta_i2e); - session_ctx->raw_meta_i2e = NULL; - } - - if (session_ctx->raw_meta_e2i) - { - metadata_free(session_ctx->raw_meta_e2i); - session_ctx->raw_meta_e2i = NULL; - } - - if (session_ctx->ctrl_meta) + if (session_ctx->ctrl_packet_header_data) { - metadata_free(session_ctx->ctrl_meta); - session_ctx->ctrl_meta = NULL; + free(session_ctx->ctrl_packet_header_data); + session_ctx->ctrl_packet_header_data = NULL; } - if (session_ctx->chainings.chaining_raw) + if (session_ctx->chaining_raw) { - selected_chaining_destory(session_ctx->chainings.chaining_raw); - session_ctx->chainings.chaining_raw = NULL; + selected_chaining_destory(session_ctx->chaining_raw); + session_ctx->chaining_raw = NULL; } - if (session_ctx->chainings.chaining_decrypted) + if (session_ctx->chaining_decrypted) { - selected_chaining_destory(session_ctx->chainings.chaining_decrypted); - session_ctx->chainings.chaining_decrypted = NULL; + selected_chaining_destory(session_ctx->chaining_decrypted); + session_ctx->chaining_decrypted = NULL; } free(session_ctx); @@ -175,7 +125,7 @@ struct sce_ctx *sce_ctx_create(const char *profile) goto error_out; } - sce_ctx->enforcer = policy_enforcer_create("SCE", profile, sce_ctx->nr_worker_threads, NULL); + sce_ctx->enforcer = policy_enforcer_create("SCE", profile, sce_ctx->nr_worker_threads); if (sce_ctx->enforcer == NULL) { goto error_out; diff --git a/platform/src/sf_metrics.cpp b/platform/src/sf_metrics.cpp index bf278e6..3e81836 100644 --- a/platform/src/sf_metrics.cpp +++ b/platform/src/sf_metrics.cpp @@ -88,7 +88,7 @@ struct sf_metrics *sf_metrics_create(const char *profile) handle->htable_elem_count = 0; if (handle->sockfd == -1) { - LOG_ERROR("%s: failed to create udp sockfd %s:%d, errno: %d, %s", LOG_TAG_SF_METRICS, handle->telegraf_bind_address, handle->telegraf_listen_port, errno, strerror(errno)); + LOG_ERROR("%s: failed to create udp sockfd %s:%d, errno: %d, %s", LOG_TAG_SFMETRICS, handle->telegraf_bind_address, handle->telegraf_listen_port, errno, strerror(errno)); sf_metrics_destory(handle); return NULL; } diff --git a/platform/src/sf_status.cpp b/platform/src/sf_status.cpp index c72e3af..6ba84c1 100644 --- a/platform/src/sf_status.cpp +++ b/platform/src/sf_status.cpp @@ -46,10 +46,10 @@ static void sf_status_parse_config(const char *profile, struct sf_status_config MESA_load_profile_int_def(profile, "METRICS", "telegraf_listen_port", &(config->telegraf_listen_port), 8300); MESA_load_profile_string_def(profile, "METRICS", "telegraf_bind_address", config->telegraf_bind_address, sizeof(config->telegraf_bind_address), "127.0.0.1"); - LOG_DEBUG("%s: METRICS->enable : %d", LOG_TAG_SF_STATUS, config->enable); - LOG_DEBUG("%s: METRICS->interval_s : %d", LOG_TAG_SF_STATUS, config->interval_s); - LOG_DEBUG("%s: METRICS->telegraf_listen_port : %d", LOG_TAG_SF_STATUS, config->telegraf_listen_port); - LOG_DEBUG("%s: METRICS->telegraf_bind_address : %s", LOG_TAG_SF_STATUS, config->telegraf_bind_address); + LOG_DEBUG("%s: METRICS->enable : %d", LOG_TAG_SFSTATUS, config->enable); + LOG_DEBUG("%s: METRICS->interval_s : %d", LOG_TAG_SFSTATUS, config->interval_s); + LOG_DEBUG("%s: METRICS->telegraf_listen_port : %d", LOG_TAG_SFSTATUS, config->telegraf_listen_port); + LOG_DEBUG("%s: METRICS->telegraf_bind_address : %s", LOG_TAG_SFSTATUS, config->telegraf_bind_address); } void sf_status_destory(struct sf_status *handle) @@ -95,7 +95,7 @@ struct sf_status *sf_status_create(const char *profile) handle->htable_elem_count = 0; if (handle->sockfd == -1) { - LOG_ERROR("%s: failed to create udp sockfd %s:%d, errno: %d, %s", LOG_TAG_SF_STATUS, handle->config.telegraf_bind_address, handle->config.telegraf_listen_port, errno, strerror(errno)); + LOG_ERROR("%s: failed to create udp sockfd %s:%d, errno: %d, %s", LOG_TAG_SFSTATUS, handle->config.telegraf_bind_address, handle->config.telegraf_listen_port, errno, strerror(errno)); sf_status_destory(handle); return NULL; } @@ -110,7 +110,7 @@ void sf_status_reset(struct sf_status *handle) return; } - LOG_DEBUG("%s: reset: elem_num %lu", LOG_TAG_SF_STATUS, handle->htable_elem_count); + LOG_DEBUG("%s: reset: elem_num %lu", LOG_TAG_SFSTATUS, handle->htable_elem_count); struct node *temp = NULL; struct node *node = NULL; @@ -136,14 +136,14 @@ void sf_status_delete(struct sf_status *handle, int sf_profile_id) if (temp) { handle->htable_elem_count--; - LOG_DEBUG("%s: delete: sf_profile %d success, elem_num %lu", LOG_TAG_SF_STATUS, sf_profile_id, handle->htable_elem_count); + LOG_DEBUG("%s: delete: sf_profile %d success, elem_num %lu", LOG_TAG_SFSTATUS, sf_profile_id, handle->htable_elem_count); HASH_DELETE(hh, handle->htable, temp); free(temp); temp = NULL; } else { - LOG_DEBUG("%s: delete: sf_profile %d not exists, elem_num %lu", LOG_TAG_SF_STATUS, sf_profile_id, handle->htable_elem_count); + LOG_DEBUG("%s: delete: sf_profile %d not exists, elem_num %lu", LOG_TAG_SFSTATUS, sf_profile_id, handle->htable_elem_count); } } @@ -160,7 +160,7 @@ void sf_status_update(struct sf_status *handle, int sf_vsys_id, int sf_profile_i { if (temp->sf_status != sf_status) { - LOG_DEBUG("%s: update: sf_profile %d status %d success, elem_num %lu", LOG_TAG_SF_STATUS, sf_profile_id, sf_status, handle->htable_elem_count); + LOG_DEBUG("%s: update: sf_profile %d status %d success, elem_num %lu", LOG_TAG_SFSTATUS, sf_profile_id, sf_status, handle->htable_elem_count); } temp->sf_vsys_id = sf_vsys_id; temp->sf_profile_id = sf_profile_id; @@ -170,7 +170,7 @@ void sf_status_update(struct sf_status *handle, int sf_vsys_id, int sf_profile_i else { handle->htable_elem_count++; - LOG_DEBUG("%s: insert: sf_profile %d status %d success, elem_num %lu", LOG_TAG_SF_STATUS, sf_profile_id, sf_status, handle->htable_elem_count); + LOG_DEBUG("%s: insert: sf_profile %d status %d success, elem_num %lu", LOG_TAG_SFSTATUS, sf_profile_id, sf_status, handle->htable_elem_count); temp = (struct node *)calloc(1, sizeof(struct node)); temp->sf_vsys_id = sf_vsys_id; temp->sf_profile_id = sf_profile_id; |