OpenSDN source code
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
policy_set.cc
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2017 Juniper Networks, Inc. All rights reserved.
3  */
4 
5 #include <boost/uuid/uuid_io.hpp>
6 #include <vnc_cfg_types.h>
7 #include <agent_types.h>
8 #include <cfg/cfg_init.h>
9 #include <ifmap/ifmap_node.h>
10 #include <oper/ifmap_dependency_manager.h>
11 #include "base/logging.h"
12 #include "filter/acl.h"
13 #include "filter/policy_set.h"
14 #include "oper/config_manager.h"
15 #include "oper/agent_sandesh.h"
16 
17 PolicySet::PolicySet(const boost::uuids::uuid &uuid):
18  uuid_(uuid), global_(false) {
19 }
20 
21 PolicySet::~PolicySet() {
22  fw_policy_list_.clear();
23 }
24 
25 bool PolicySet::IsLess(const DBEntry &db) const {
26  const PolicySet &rhs = static_cast<const PolicySet&>(db);
27  return uuid_ < rhs.uuid_;
28 }
29 
30 std::string PolicySet::ToString() const {
31  std::string str = "Policy set ";
32  str.append(name_);
33  str.append(" Uuid :");
34  str.append(UuidToString(uuid_));
35  return str;
36 }
37 
38 DBEntryBase::KeyPtr PolicySet::GetDBRequestKey() const {
39  PolicySetKey *key = new PolicySetKey(uuid_);
40  return DBEntryBase::KeyPtr(key);
41 }
42 
43 void PolicySet::SetKey(const DBRequestKey *k) {
44  const PolicySetKey *key = static_cast<const PolicySetKey *>(k);
45  uuid_ = key->uuid_;
46 }
47 
48 bool PolicySet::Change(PolicySetTable *table, const PolicySetData *data) {
49  bool ret = false;
50  bool resync_intf = false;
51 
52  if (data->fw_policy_uuid_list_ != fw_policy_uuid_list_) {
53  fw_policy_uuid_list_ = data->fw_policy_uuid_list_;
54  ret = true;
55  fw_policy_list_.clear();
56  FirewallPolicyUuidList::const_iterator it = fw_policy_uuid_list_.begin();
57  for(; it != fw_policy_uuid_list_.end(); it++) {
58  AclKey key(it->second);
59  AclDBEntry *acl = static_cast<AclDBEntry *>(table->agent()->
60  acl_table()->FindActiveEntry(&key));
61  if (acl) {
62  fw_policy_list_.push_back(acl);
63  }
64  }
65  }
66 
67  if (data->global_ != global_) {
68  global_ = data->global_;
69  ret = true;
70  }
71 
72  if (global_) {
73  if (table->global_policy_set() != this) {
74  table->set_global_policy_set(this);
75  }
76 
77  if (ret) {
78  resync_intf = true;
79  }
80  } else if (global_ == false && table->global_policy_set() == this) {
81  table->set_global_policy_set(NULL);
82  resync_intf = true;
83  }
84 
85  if (resync_intf) {
86  table->agent()->cfg()->cfg_vm_interface_table()->NotifyAllEntries();
87  }
88 
89  return ret;
90 }
91 
92 bool PolicySet::DBEntrySandesh(Sandesh *sresp, std::string &name) const {
93  ApplicationPolicySetResp *resp = static_cast<ApplicationPolicySetResp*>(sresp);
94 
95  ApplicationPolicySetSandeshData apsd;
96  apsd.set_name(name_);
97  apsd.set_uuid(UuidToString(uuid_));
98 
99  std::vector<PolicyLinkData> acl_list;
100  FirewallPolicyList::const_iterator it = fw_policy_list_.begin();
101  for(; it != fw_policy_list_.end(); it++) {
102  PolicyLinkData pld;
103  pld.set_firewall_policy(UuidToString((*it)->GetUuid()));
104  acl_list.push_back(pld);
105  }
106 
107  apsd.set_firewall_policy_list(acl_list);
108  apsd.set_all_applications(global_);
109 
110  std::vector<ApplicationPolicySetSandeshData> &list =
111  const_cast<std::vector<ApplicationPolicySetSandeshData>&>(
112  resp->get_application_policy_set_list());
113  list.push_back(apsd);
114  return true;
115 }
116 
117 std::unique_ptr<DBEntry>
118 PolicySetTable::AllocEntry(const DBRequestKey *key) const {
119  const PolicySetKey *psk = static_cast<const PolicySetKey *>(key);
120  PolicySet *ps = new PolicySet(psk->uuid_);
121  return std::unique_ptr<DBEntry>(static_cast<DBEntry *>(ps));
122 }
123 
124 static PolicySetKey* BuildKey(const boost::uuids::uuid &u) {
125  return new PolicySetKey(u);
126 }
127 
128 static bool BuildFirewallPolicy(
129  Agent *agent, IFMapNode *node, boost::uuids::uuid &fp_uuid) {
130 
131  IFMapAgentTable *table = static_cast<IFMapAgentTable *>(node->table());
132  DBGraph *graph = table->GetGraph();
133 
134  for (DBGraphVertex::adjacency_iterator iter = node->begin(graph);
135  iter != node->end(table->GetGraph()); ++iter) {
136 
137  IFMapNode *adj_node = static_cast<IFMapNode *>(iter.operator->());
138  if (agent->config_manager()->SkipNode(adj_node,
139  agent->cfg()->cfg_firewall_policy_table())) {
140  continue;
141  }
142 
143  autogen::FirewallPolicy *fp =
144  static_cast<autogen::FirewallPolicy *>(adj_node->GetObject());
145  autogen::IdPermsType id_perms = fp->id_perms();
146  CfgUuidSet(id_perms.uuid.uuid_mslong, id_perms.uuid.uuid_lslong,
147  fp_uuid);
148  return true;
149  }
150 
151  return false;
152 }
153 
154 static PolicySetData* BuildData(Agent *agent, IFMapNode *node,
155  const autogen::ApplicationPolicySet *ps) {
156 
157  IFMapAgentTable *table = static_cast<IFMapAgentTable *>(node->table());
158  DBGraph *graph = table->GetGraph();
159  FirewallPolicyUuidList list;
160  bool global = ps->all_applications();
161 
162  for (DBGraphVertex::adjacency_iterator iter = node->begin(graph);
163  iter != node->end(table->GetGraph()); ++iter) {
164 
165  IFMapNode *adj_node = static_cast<IFMapNode *>(iter.operator->());
166  if (agent->config_manager()->SkipNode(adj_node,
167  agent->cfg()->cfg_policy_set_firewall_policy_table())) {
168  continue;
169  }
170 
171  boost::uuids::uuid fp_uuid = boost::uuids::nil_uuid();
172  autogen::ApplicationPolicySetFirewallPolicy *aps_fp =
173  static_cast<autogen::ApplicationPolicySetFirewallPolicy *>
174  (adj_node->GetObject());
175 
176  if (aps_fp->data().sequence == Agent::NullString()) {
177  continue;
178  }
179 
180  if (BuildFirewallPolicy(agent, adj_node, fp_uuid) == false) {
181  continue;
182  }
183 
184  list.insert(FirewallPolicyPair(aps_fp->data().sequence, fp_uuid));
185  }
186 
187  return new PolicySetData(agent, node, node->name(), global, list);
188 }
189 
190 bool PolicySetTable::IFNodeToReq(IFMapNode *node, DBRequest &req,
191  const boost::uuids::uuid &u) {
192  autogen::ApplicationPolicySet *ps =
193  static_cast<autogen::ApplicationPolicySet *>(node->GetObject());
194  assert(ps);
195 
196  assert(!u.is_nil());
197 
198  req.key.reset(BuildKey(u));
199  if ((req.oper == DBRequest::DB_ENTRY_DELETE) || node->IsDeleted()) {
200  req.oper = DBRequest::DB_ENTRY_DELETE;
201  return true;
202  }
203 
204  agent()->config_manager()->AddPolicySetNode(node);
205  return false;
206 }
207 
208 bool PolicySetTable::ProcessConfig(IFMapNode *node, DBRequest &req,
209  const boost::uuids::uuid &u) {
210  autogen::ApplicationPolicySet *ps =
211  static_cast <autogen::ApplicationPolicySet *>(node->GetObject());
212  assert(ps);
213 
214  req.key.reset(BuildKey(u));
215  if (node->IsDeleted()) {
216  return false;
217  }
218 
219  req.oper = DBRequest::DB_ENTRY_ADD_CHANGE;
220  req.data.reset(BuildData(agent(), node, ps));
221  return true;
222 }
223 
224 bool PolicySetTable::IFNodeToUuid(IFMapNode *node, boost::uuids::uuid &u) {
225  autogen::ApplicationPolicySet *ps =
226  static_cast<autogen::ApplicationPolicySet *>(node->GetObject());
227  autogen::IdPermsType id_perms = ps->id_perms();
228  CfgUuidSet(id_perms.uuid.uuid_mslong, id_perms.uuid.uuid_lslong, u);
229  return true;
230 }
231 
232 DBEntry *PolicySetTable::OperDBAdd(const DBRequest *req) {
233  PolicySetKey *key = static_cast<PolicySetKey *>(req->key.get());
234  PolicySetData *data = static_cast<PolicySetData *>(req->data.get());
235  PolicySet *ps = new PolicySet(key->uuid_);
236  ps->name_ = data->name_;
237  ps->Change(this, data);
238  return ps;
239 }
240 
241 bool PolicySetTable::OperDBResync(DBEntry *entry, const DBRequest *req) {
242  PolicySetData *data = static_cast<PolicySetData *>(req->data.get());
243  PolicySet *ps = static_cast<PolicySet *>(entry);
244  return ps->Change(this, data);
245 }
246 
247 bool PolicySetTable::OperDBOnChange(DBEntry *entry, const DBRequest *req) {
248  return OperDBResync(entry, req);
249 }
250 
251 bool PolicySetTable::OperDBDelete(DBEntry *entry,
252  const DBRequest *req) {
253  PolicySet *ps = static_cast<PolicySet *>(entry);
254  if (ps->global() && global_policy_set() == ps) {
255  set_global_policy_set(NULL);
256  }
257  return true;
258 }
259 
260 DBTableBase*
261 PolicySetTable::CreateTable(DB *db, const std::string &name) {
262 
263  PolicySetTable *table = new PolicySetTable(db, name);
264  table->Init();
265  return table;
266 }
267 
268 void ApplicationPolicySetReq::HandleRequest() const {
269  AgentSandeshPtr sand(new AgentPolicySetSandesh(context(), get_uuid(),
270  get_name()));
271  sand->DoSandesh(sand);
272 }
273 
274 AgentSandeshPtr PolicySetTable::GetAgentSandesh(const AgentSandeshArguments *args,
275  const std::string &context) {
276  return AgentSandeshPtr(new AgentPolicySetSandesh(context,
277  args->GetString("name"), args->GetString("uuid")));
278 }
PolicySet::global_
bool global_
Definition: policy_set.h:108
PolicySet::name_
std::string name_
Definition: policy_set.h:105
PolicySet::Change
bool Change(PolicySetTable *table, const PolicySetData *data)
Definition: policy_set.cc:48
CfgUuidSet
static void CfgUuidSet(uint64_t ms_long, uint64_t ls_long, boost::uuids::uuid &u)
Definition: agent_cmn.h:67
PolicySetTable::IFNodeToUuid
virtual bool IFNodeToUuid(IFMapNode *node, boost::uuids::uuid &u)
Definition: policy_set.cc:224
PolicySet::uuid_
boost::uuids::uuid uuid_
Definition: policy_set.h:104
AgentSandeshArguments::GetString
std::string GetString(const std::string &key) const
Definition: agent_sandesh.cc:662
PolicySet::fw_policy_list_
FirewallPolicyList fw_policy_list_
Definition: policy_set.h:107
PolicySetTable::GetAgentSandesh
virtual AgentSandeshPtr GetAgentSandesh(const AgentSandeshArguments *args, const std::string &context)
Definition: policy_set.cc:274
FirewallPolicyPair
std::pair< std::string, boost::uuids::uuid > FirewallPolicyPair
Definition: policy_set.h:51
PolicySetTable::OperDBAdd
virtual DBEntry * OperDBAdd(const DBRequest *req)
Definition: policy_set.cc:232
DBEntryBase::IsDeleted
bool IsDeleted() const
Definition: db_entry.h:49
Agent::config_manager
ConfigManager * config_manager() const
Definition: agent.cc:889
ifmap_node.h
PolicySet::PolicySet
PolicySet(const boost::uuids::uuid &uuid)
Definition: policy_set.cc:17
PolicySetTable::IFNodeToReq
virtual bool IFNodeToReq(IFMapNode *node, DBRequest &req, const boost::uuids::uuid &u)
Definition: policy_set.cc:190
AclKey
Definition: acl.h:62
AgentDBTable::agent
Agent * agent() const
Definition: agent_db.h:213
DBRequest::data
std::unique_ptr< DBRequestData > data
Definition: db_table.h:49
uuid
boost::uuids::uuid uuid
Definition: vnsw/agent/filter/policy.h:11
PolicySetTable::PolicySetTable
PolicySetTable(DB *db, const std::string &name)
Definition: policy_set.h:114
DBGraphVertex::end
adjacency_iterator end(DBGraph *graph)
Definition: db_graph_vertex.h:87
UuidToString
static std::string UuidToString(const boost::uuids::uuid &id)
Definition: string_util.h:138
IFMapNode::table
IFMapTable * table()
Definition: ifmap_node.h:29
DBTable::NotifyAllEntries
void NotifyAllEntries()
Definition: db_table.cc:596
FirewallPolicyUuidList
std::map< std::string, boost::uuids::uuid > FirewallPolicyUuidList
Definition: policy_set.h:50
DBEntryBase::KeyPtr
std::unique_ptr< DBRequestKey > KeyPtr
Definition: db_entry.h:25
PolicySetTable::AllocEntry
virtual std::unique_ptr< DBEntry > AllocEntry(const DBRequestKey *key) const
Definition: policy_set.cc:118
config_manager.h
PolicySetTable::OperDBOnChange
virtual bool OperDBOnChange(DBEntry *entry, const DBRequest *req)
Definition: policy_set.cc:247
BuildData
static PolicySetData * BuildData(Agent *agent, IFMapNode *node, const autogen::ApplicationPolicySet *ps)
Definition: policy_set.cc:154
IFMapAgentTable::GetGraph
const DBGraph * GetGraph() const
Definition: ifmap_agent_table.h:49
DB
Definition: db.h:24
BuildKey
static PolicySetKey * BuildKey(const boost::uuids::uuid &u)
Definition: policy_set.cc:124
DBTable::Init
void Init()
Definition: db_table.cc:387
AgentConfig::cfg_vm_interface_table
IFMapAgentTable * cfg_vm_interface_table() const
Definition: cfg_init.h:22
policy_set.h
Agent
Definition: agent.h:358
PolicySet::global
bool global() const
Definition: policy_set.h:98
DBRequest::key
std::unique_ptr< DBRequestKey > key
Definition: db_table.h:48
DBRequest::oper
DBOperation oper
Definition: db_table.h:42
Agent::NullString
static const std::string & NullString()
Definition: agent.h:437
PolicySet::DBEntrySandesh
bool DBEntrySandesh(Sandesh *resp, std::string &name) const
Definition: policy_set.cc:92
PolicySet::IsLess
virtual bool IsLess(const DBEntry &rhs) const
Definition: policy_set.cc:25
BuildFirewallPolicy
static bool BuildFirewallPolicy(Agent *agent, IFMapNode *node, boost::uuids::uuid &fp_uuid)
Definition: policy_set.cc:128
AgentSandeshPtr
class boost::shared_ptr< AgentSandesh > AgentSandeshPtr
Definition: agent_db.h:18
agent_sandesh.h
IFMapNode::name
const std::string & name() const
Definition: ifmap_node.h:48
PolicySet::fw_policy_uuid_list_
FirewallPolicyUuidList fw_policy_uuid_list_
Definition: policy_set.h:106
PolicySetTable::CreateTable
static DBTableBase * CreateTable(DB *db, const std::string &name)
Definition: policy_set.cc:261
AgentConfig::cfg_firewall_policy_table
IFMapAgentTable * cfg_firewall_policy_table() const
Definition: cfg_init.h:114
IFMapNode::GetObject
IFMapObject * GetObject()
Definition: ifmap_node.cc:63
PolicySet::ToString
virtual std::string ToString() const
Definition: policy_set.cc:30
PolicySetTable::global_policy_set
PolicySet * global_policy_set() const
Definition: policy_set.h:140
PolicySetData::name_
const std::string name_
Definition: policy_set.h:60
ifmap_dependency_manager.h
PolicySet::SetKey
virtual void SetKey(const DBRequestKey *key)
Definition: policy_set.cc:43
PolicySetTable::ProcessConfig
bool ProcessConfig(IFMapNode *node, DBRequest &req, const boost::uuids::uuid &u)
Definition: policy_set.cc:208
PolicySetTable::OperDBDelete
virtual bool OperDBDelete(DBEntry *entry, const DBRequest *req)
Definition: policy_set.cc:251
DBGraphVertex::adjacency_iterator
Definition: db_graph_vertex.h:30
PolicySetKey::uuid_
boost::uuids::uuid uuid_
Definition: policy_set.h:42
Agent::cfg
AgentConfig * cfg() const
Definition: agent.cc:865
AgentConfig::cfg_policy_set_firewall_policy_table
IFMapAgentTable * cfg_policy_set_firewall_policy_table() const
Definition: cfg_init.h:138
ConfigManager::SkipNode
bool SkipNode(IFMapNode *node)
Definition: config_manager.cc:613
PolicySetTable::OperDBResync
virtual bool OperDBResync(DBEntry *entry, const DBRequest *req)
Definition: policy_set.cc:241
DBGraphVertex::begin
adjacency_iterator begin(DBGraph *graph)
Definition: db_graph_vertex.h:84
ConfigManager::AddPolicySetNode
void AddPolicySetNode(IFMapNode *node)
Definition: config_manager.cc:462
PolicySetTable::set_global_policy_set
void set_global_policy_set(PolicySet *ps)
Definition: policy_set.h:144
AclDBEntry
Definition: acl.h:92
PolicySet::GetDBRequestKey
virtual KeyPtr GetDBRequestKey() const
Definition: policy_set.cc:38
PolicySetData::fw_policy_uuid_list_
FirewallPolicyUuidList fw_policy_uuid_list_
Definition: policy_set.h:62
cfg_init.h