Skip to content

Commit f25bebb

Browse files
jfeng-aristajfeng-arista
authored
Merge branch 'master' into master-update-fabric-link-monitor
2 parents 1fbe4d6 + 5054495 commit f25bebb

21 files changed

+1094
-134
lines changed

cfgmgr/Makefile.am

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -96,7 +96,7 @@ tunnelmgrd_CFLAGS = $(DBGFLAGS) $(AM_CFLAGS) $(CFLAGS_COMMON) $(CFLAGS_SAI) $(CF
9696
tunnelmgrd_CPPFLAGS = $(DBGFLAGS) $(AM_CFLAGS) $(CFLAGS_COMMON) $(CFLAGS_SAI) $(CFLAGS_ASAN)
9797
tunnelmgrd_LDADD = $(LDFLAGS_ASAN) $(COMMON_LIBS) $(SAIMETA_LIBS)
9898

99-
macsecmgrd_SOURCES = macsecmgrd.cpp macsecmgr.cpp $(COMMON_ORCH_SOURCE) shellcmd.h
99+
macsecmgrd_SOURCES = macsecmgrd.cpp macsecmgr.cpp $(COMMON_ORCH_SOURCE) shellcmd.h $(top_srcdir)/orchagent/macsecpost.cpp
100100
macsecmgrd_CFLAGS = $(DBGFLAGS) $(AM_CFLAGS) $(CFLAGS_COMMON) $(CFLAGS_SAI) $(CFLAGS_ASAN)
101101
macsecmgrd_CPPFLAGS = $(DBGFLAGS) $(AM_CFLAGS) $(CFLAGS_COMMON) $(CFLAGS_SAI) $(CFLAGS_ASAN)
102102
macsecmgrd_LDADD = $(LDFLAGS_ASAN) $(COMMON_LIBS) $(SAIMETA_LIBS)

cfgmgr/macsecmgrd.cpp

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@
1717
#include <select.h>
1818

1919
#include "macsecmgr.h"
20+
#include "macsecpost.h"
2021

2122
using namespace std;
2223
using namespace swss;
@@ -76,9 +77,28 @@ int main(int argc, char **argv)
7677
s.addSelectables(o->getSelectables());
7778
}
7879

80+
bool isPostStateReady = false;
81+
7982
SWSS_LOG_NOTICE("starting main loop");
8083
while (!received_sigterm)
8184
{
85+
/* Don't process any config until POST state is ready */
86+
if (!isPostStateReady)
87+
{
88+
std::string state = getMacsecPostState(&stateDb);
89+
if (state == "pass" || state == "disabled")
90+
{
91+
SWSS_LOG_NOTICE("FIPS MACSec POST ready: state %s", state.c_str());
92+
isPostStateReady = true;
93+
}
94+
else
95+
{
96+
/* Yield before retry */
97+
sleep(1);
98+
continue;
99+
}
100+
}
101+
82102
Selectable *sel;
83103
int ret;
84104

fpmsyncd/routesync.cpp

Lines changed: 77 additions & 90 deletions
Original file line numberDiff line numberDiff line change
@@ -174,7 +174,7 @@ void RouteSync::setRouteWithWarmRestart(FieldValueTupleWrapperBase & fvw,
174174
}
175175
else
176176
{
177-
m_warmStartHelper.insertRefreshMap(fvw.KeyOpFieldsValuesTupleVector()[1]);
177+
m_warmStartHelper.insertRefreshMap(fvw.KeyOpFieldsValuesTupleVector()[0]);
178178
}
179179
}
180180

@@ -923,39 +923,17 @@ bool RouteSync::getSrv6SteerRouteNextHop(struct nlmsghdr *h, int received_bytes,
923923
vector<FieldValueTuple>
924924
RouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
925925
vector<FieldValueTuple> fvVector;
926-
if (protocol != string()) {
927-
fvVector.push_back(FieldValueTuple("protocol", protocol.c_str()));
928-
}
929-
if (blackhole != string()) {
930-
fvVector.push_back(FieldValueTuple("blackhole", blackhole.c_str()));
931-
}
932-
if (nexthop != string()) {
933-
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
934-
}
935-
if (ifname != string()) {
936-
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
937-
}
938-
if (nexthop_group != string()) {
939-
fvVector.push_back(FieldValueTuple("nexthop_group", nexthop_group.c_str()));
940-
}
941-
if (mpls_nh != string()) {
942-
fvVector.push_back(FieldValueTuple("mpls_nh", mpls_nh.c_str()));
943-
}
944-
if (weight != string()) {
945-
fvVector.push_back(FieldValueTuple("weight", weight.c_str()));
946-
}
947-
if (vni_label != string()) {
948-
fvVector.push_back(FieldValueTuple("vni_label", vni_label.c_str()));
949-
}
950-
if (router_mac != string()) {
951-
fvVector.push_back(FieldValueTuple("router_mac", router_mac.c_str()));
952-
}
953-
if (segment != string()) {
954-
fvVector.push_back(FieldValueTuple("segment", segment.c_str()));
955-
}
956-
if (seg_src != string()) {
957-
fvVector.push_back(FieldValueTuple("seg_src", seg_src.c_str()));
958-
}
926+
fvVector.push_back(FieldValueTuple("protocol", protocol.c_str()));
927+
fvVector.push_back(FieldValueTuple("blackhole", blackhole.c_str()));
928+
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
929+
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
930+
fvVector.push_back(FieldValueTuple("nexthop_group", nexthop_group.c_str()));
931+
fvVector.push_back(FieldValueTuple("mpls_nh", mpls_nh.c_str()));
932+
fvVector.push_back(FieldValueTuple("weight", weight.c_str()));
933+
fvVector.push_back(FieldValueTuple("vni_label", vni_label.c_str()));
934+
fvVector.push_back(FieldValueTuple("router_mac", router_mac.c_str()));
935+
fvVector.push_back(FieldValueTuple("segment", segment.c_str()));
936+
fvVector.push_back(FieldValueTuple("seg_src", seg_src.c_str()));
959937
// Return value optimization will avoid copy of the following vector
960938
return fvVector;
961939
}
@@ -965,24 +943,12 @@ RouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
965943
vector<FieldValueTuple>
966944
LabelRouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
967945
vector<FieldValueTuple> fvVector;
968-
if (protocol != string()) {
969-
fvVector.push_back(FieldValueTuple("protocol", protocol.c_str()));
970-
}
971-
if (blackhole != string()) {
972-
fvVector.push_back(FieldValueTuple("blackhole", blackhole.c_str()));
973-
}
974-
if (nexthop != string()) {
975-
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
976-
}
977-
if (ifname != string()) {
978-
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
979-
}
980-
if (mpls_nh != string()) {
981-
fvVector.push_back(FieldValueTuple("mpls_nh", mpls_nh.c_str()));
982-
}
983-
if (mpls_pop != string()) {
984-
fvVector.push_back(FieldValueTuple("mpls_pop", mpls_pop.c_str()));
985-
}
946+
fvVector.push_back(FieldValueTuple("protocol", protocol.c_str()));
947+
fvVector.push_back(FieldValueTuple("blackhole", blackhole.c_str()));
948+
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
949+
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
950+
fvVector.push_back(FieldValueTuple("mpls_nh", mpls_nh.c_str()));
951+
fvVector.push_back(FieldValueTuple("mpls_pop", mpls_pop.c_str()));
986952
return fvVector;
987953
}
988954

@@ -991,12 +957,8 @@ LabelRouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
991957
vector<FieldValueTuple>
992958
VnetRouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
993959
vector<FieldValueTuple> fvVector;
994-
if (nexthop != string()) {
995-
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
996-
}
997-
if (ifname != string()) {
998-
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
999-
}
960+
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
961+
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
1000962
return fvVector;
1001963
}
1002964

@@ -1005,9 +967,7 @@ VnetRouteTableFieldValueTupleWrapper::fieldValueTupleVector() {
1005967
vector<FieldValueTuple>
1006968
VnetTunnelTableFieldValueTupleWrapper::fieldValueTupleVector() {
1007969
vector<FieldValueTuple> fvVector;
1008-
if (endpoint != string()) {
1009-
fvVector.push_back(FieldValueTuple("endpoint", endpoint.c_str()));
1010-
}
970+
fvVector.push_back(FieldValueTuple("endpoint", endpoint.c_str()));
1011971
return fvVector;
1012972
}
1013973

@@ -1016,15 +976,9 @@ VnetTunnelTableFieldValueTupleWrapper::fieldValueTupleVector() {
1016976
vector<FieldValueTuple>
1017977
NextHopGroupTableFieldValueTupleWrapper::fieldValueTupleVector() {
1018978
vector<FieldValueTuple> fvVector;
1019-
if (nexthop != string()) {
1020-
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
1021-
}
1022-
if (ifname != string()) {
1023-
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
1024-
}
1025-
if (weight != string()) {
1026-
fvVector.push_back(FieldValueTuple("weight", weight.c_str()));
1027-
}
979+
fvVector.push_back(FieldValueTuple("nexthop", nexthop.c_str()));
980+
fvVector.push_back(FieldValueTuple("ifname", ifname.c_str()));
981+
fvVector.push_back(FieldValueTuple("weight", weight.c_str()));
1028982
return fvVector;
1029983
}
1030984

@@ -1033,15 +987,9 @@ NextHopGroupTableFieldValueTupleWrapper::fieldValueTupleVector() {
1033987
vector<FieldValueTuple>
1034988
Srv6MySidTableFieldValueTupleWrapper::fieldValueTupleVector() {
1035989
vector<FieldValueTuple> fvVector;
1036-
if (action != string()) {
1037-
fvVector.push_back(FieldValueTuple("action", action.c_str()));
1038-
}
1039-
if (vrf != string()) {
1040-
fvVector.push_back(FieldValueTuple("vrf", vrf.c_str()));
1041-
}
1042-
if (adj != string()) {
1043-
fvVector.push_back(FieldValueTuple("adj", adj.c_str()));
1044-
}
990+
fvVector.push_back(FieldValueTuple("action", action.c_str()));
991+
fvVector.push_back(FieldValueTuple("vrf", vrf.c_str()));
992+
fvVector.push_back(FieldValueTuple("adj", adj.c_str()));
1045993
return fvVector;
1046994
}
1047995

@@ -1050,9 +998,7 @@ Srv6MySidTableFieldValueTupleWrapper::fieldValueTupleVector() {
1050998
vector<FieldValueTuple>
1051999
Srv6SidListTableFieldValueTupleWrapper::fieldValueTupleVector() {
10521000
vector<FieldValueTuple> fvVector;
1053-
if (path != string()) {
1054-
fvVector.push_back(FieldValueTuple("path", path.c_str()));
1055-
}
1001+
fvVector.push_back(FieldValueTuple("path", path.c_str()));
10561002
return fvVector;
10571003
}
10581004

@@ -1220,28 +1166,69 @@ void RouteSync::onSrv6SteerRouteMsg(struct nlmsghdr *h, int len)
12201166
if (nlmsg_type == RTM_DELROUTE)
12211167
{
12221168
string routeTableKeyStr = string(routeTableKey);
1223-
string srv6SidListTableKey = routeTableKeyStr;
1169+
string srv6SidListTableKey = vpn_sid_str;
12241170

12251171
SWSS_LOG_INFO("SRV6 RouteTable del msg: %s", routeTableKeyStr.c_str());
12261172
delWithWarmRestart(
12271173
RouteTableFieldValueTupleWrapper{std::move(routeTableKeyStr), std::string()},
12281174
*m_routeTable);
1229-
m_srv6SidListTable.del(srv6SidListTableKey);
1175+
1176+
auto it = m_srv6_sidlist_refcnt.find(srv6SidListTableKey);
1177+
if (it != m_srv6_sidlist_refcnt.end())
1178+
{
1179+
assert (it->second > 0);
1180+
1181+
/* Decrement the refcount for this SID list */
1182+
(it->second)--;
1183+
SWSS_LOG_INFO("Refcount for SID list '%s' decreased to %u",
1184+
srv6SidListTableKey.c_str(), it->second);
1185+
1186+
/* If the refcount drops to zero, remove the SID list from ApplDB */
1187+
if (it->second == 0)
1188+
{
1189+
m_srv6SidListTable.del(srv6SidListTableKey);
1190+
SWSS_LOG_INFO("Refcount for SID list '%s' is zero. SID list removed from ApplDB",
1191+
srv6SidListTableKey.c_str());
1192+
1193+
m_srv6_sidlist_refcnt.erase(srv6SidListTableKey);
1194+
}
1195+
}
1196+
else
1197+
{
1198+
SWSS_LOG_WARN("SID list '%s' not found in the map.", srv6SidListTableKey.c_str());
1199+
}
1200+
12301201
return;
12311202
}
12321203
else if (nlmsg_type == RTM_NEWROUTE)
12331204
{
12341205
string routeTableKeyStr = string(routeTableKey);
12351206
/* Write SID list to SRV6_SID_LIST_TABLE */
12361207

1237-
string srv6SidListTableKey = routeTableKeyStr;
1208+
string srv6SidListTableKey = vpn_sid_str;
12381209

1239-
Srv6SidListTableFieldValueTupleWrapper fvw{srv6SidListTableKey};
1240-
fvw.path = vpn_sid_str;
1210+
auto it = m_srv6_sidlist_refcnt.find(srv6SidListTableKey);
1211+
if (it != m_srv6_sidlist_refcnt.end())
1212+
{
1213+
/* SID list already exists: just bump the refcount */
1214+
(it->second)++;
1215+
SWSS_LOG_INFO("Refcount for SID list'%s' increased to %u",
1216+
srv6SidListTableKey.c_str(), it->second);
1217+
}
1218+
else
1219+
{
1220+
/* First time we see this SID list: program it into ApplDB and initialize the refcount to 1 */
1221+
Srv6SidListTableFieldValueTupleWrapper fvw{srv6SidListTableKey};
1222+
fvw.path = vpn_sid_str;
12411223

1242-
setTable(fvw, m_srv6SidListTable);
1243-
SWSS_LOG_DEBUG("Srv6SidListTable set msg: %s path: %s",
1244-
srv6SidListTableKey.c_str(), vpn_sid_str.c_str());
1224+
setTable(fvw, m_srv6SidListTable);
1225+
SWSS_LOG_DEBUG("Srv6SidListTable set msg: %s path: %s",
1226+
srv6SidListTableKey.c_str(), vpn_sid_str.c_str());
1227+
1228+
m_srv6_sidlist_refcnt[srv6SidListTableKey] = 1;
1229+
SWSS_LOG_INFO("SID list '%s' created and refcount initialized to 1",
1230+
srv6SidListTableKey.c_str());
1231+
}
12451232

12461233
/* Write route to ROUTE_TABLE */
12471234

fpmsyncd/routesync.h

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,6 @@ class FieldValueTupleWrapperBase {
5959
// then we would like to atomically cleanup earlier fields and set the new
6060
// fields in the hash-set in redis.
6161
vector<KeyOpFieldsValuesTuple> kfvVector;
62-
kfvVector.push_back(KeyOpFieldsValuesTuple {key.c_str(), "DEL", {}});
6362
auto fvVector = fieldValueTupleVector();
6463
kfvVector.push_back(KeyOpFieldsValuesTuple {key.c_str(), "SET", fvVector});
6564
return kfvVector;
@@ -83,7 +82,7 @@ class RouteTableFieldValueTupleWrapper : public FieldValueTupleWrapperBase {
8382
vector<FieldValueTuple> fieldValueTupleVector() override;
8483

8584
string protocol = string();
86-
string blackhole = string();
85+
string blackhole = string("false");
8786
string nexthop = string();
8887
string ifname = string();
8988
string nexthop_group = string();
@@ -107,7 +106,7 @@ class LabelRouteTableFieldValueTupleWrapper : public FieldValueTupleWrapperBase
107106
vector<FieldValueTuple> fieldValueTupleVector() override;
108107

109108
string protocol = string();
110-
string blackhole = string();
109+
string blackhole = string("false");
111110
string nexthop = string();
112111
string ifname = string();
113112
string mpls_nh = string();
@@ -250,6 +249,8 @@ class RouteSync : public NetMsg
250249
/* nexthop group table */
251250
ProducerStateTable m_nexthop_groupTable;
252251
map<uint32_t,NextHopGroup> m_nh_groups;
252+
/* SID list to refcount */
253+
map<string, uint32_t> m_srv6_sidlist_refcnt;
253254

254255
bool m_isSuppressionEnabled{false};
255256
FpmInterface* m_fpmInterface {nullptr};

orchagent/Makefile.am

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -132,6 +132,7 @@ orchagent_SOURCES = \
132132
twamporch.cpp \
133133
stporch.cpp \
134134
nexthopkey.cpp \
135+
macsecpost.cpp \
135136
high_frequency_telemetry/hftelorch.cpp \
136137
high_frequency_telemetry/hftelprofile.cpp \
137138
high_frequency_telemetry/counternameupdater.cpp \

orchagent/bulker.h

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -778,6 +778,12 @@ class EntityBulker
778778
return removing_entries.find(entry) != removing_entries.end();
779779
}
780780

781+
bool bulk_entry_pending_removal_or_set(const Te& entry) const
782+
{
783+
return removing_entries.find(entry) != removing_entries.end() ||
784+
setting_entries.find(entry) != setting_entries.end();
785+
}
786+
781787
private:
782788
std::unordered_map< // A map of
783789
Te, // entry ->

0 commit comments

Comments
 (0)