Skip to content

Commit

Permalink
ACL fix proposal
Browse files Browse the repository at this point in the history
Signed-off-by: Andriy Yurkiv <ayurkiv@nvidia.com>
  • Loading branch information
ayurkiv-nvda committed Dec 13, 2022
1 parent e208c87 commit 078fdbb
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 3 deletions.
1 change: 1 addition & 0 deletions orchagent/aclorch.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -3078,6 +3078,7 @@ void AclOrch::initDefaultTableTypes()
builder.withName(TABLE_TYPE_DROP)
.withBindPointType(SAI_ACL_BIND_POINT_TYPE_PORT)
.withMatch(make_shared<AclTableMatch>(SAI_ACL_TABLE_ATTR_FIELD_TC))
.withMatch(make_shared<AclTableMatch>(SAI_ACL_TABLE_ATTR_FIELD_IN_PORTS))
.build()
);

Expand Down
1 change: 1 addition & 0 deletions orchagent/aclorch.h
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@

#define MLNX_MAX_RANGES_COUNT 16
#define INGRESS_TABLE_DROP "IngressTableDrop"
#define EGRESS_TABLE_DROP "EgressTableDrop"
#define RULE_OPER_ADD 0
#define RULE_OPER_DELETE 1

Expand Down
13 changes: 10 additions & 3 deletions orchagent/muxorch.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,13 @@ extern sai_router_interface_api_t* sai_router_intfs_api;
#define MUX_HW_STATE_UNKNOWN "unknown"
#define MUX_HW_STATE_ERROR "error"


static inline bool isIngressAcl()
{
string platform = getenv("platform") ? getenv("platform") : "";
return platform != MLNX_PLATFORM_SUBSTRING;
}

const map<std::pair<MuxState, MuxState>, MuxStateChange> muxStateTransition =
{
{ { MuxState::MUX_STATE_INIT, MuxState::MUX_STATE_ACTIVE}, MuxStateChange::MUX_STATE_INIT_ACTIVE
Expand Down Expand Up @@ -753,7 +760,7 @@ MuxAclHandler::MuxAclHandler(sai_object_id_t port, string alias)
SWSS_LOG_ENTER();

// There is one handler instance per MUX port
string table_name = MUX_ACL_TABLE_NAME;
string table_name = isIngressAcl() ? MUX_ACL_TABLE_NAME : EGRESS_TABLE_DROP;
string rule_name = MUX_ACL_RULE_NAME;

port_ = port;
Expand Down Expand Up @@ -791,7 +798,7 @@ MuxAclHandler::MuxAclHandler(sai_object_id_t port, string alias)
MuxAclHandler::~MuxAclHandler(void)
{
SWSS_LOG_ENTER();
string table_name = MUX_ACL_TABLE_NAME;
string table_name = isIngressAcl() ? MUX_ACL_TABLE_NAME : EGRESS_TABLE_DROP;
string rule_name = MUX_ACL_RULE_NAME;

SWSS_LOG_NOTICE("Un-Binding port %" PRIx64 "", port_);
Expand Down Expand Up @@ -837,7 +844,7 @@ void MuxAclHandler::createMuxAclTable(sai_object_id_t port, string strTable)
auto dropType = gAclOrch->getAclTableType(TABLE_TYPE_DROP);
assert(dropType);
acl_table.validateAddType(*dropType);
acl_table.stage = ACL_STAGE_INGRESS;
acl_table.stage = isIngressAcl() ? ACL_STAGE_INGRESS : ACL_STAGE_EGRESS;
gAclOrch->addAclTable(acl_table);
bindAllPorts(acl_table);
}
Expand Down

0 comments on commit 078fdbb

Please sign in to comment.