Merge branch 'main' into p4cpconfig

ipdk-io · Dec 27, 2023 · 5116664 · 5116664
2 parents 3123348 + c3a04f5
commit 5116664
Show file tree

Hide file tree

Showing 25 changed files with 1,215 additions and 393 deletions.
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -168,7 +168,7 @@ jobs:
           python -m pip install setuptools build wheel
 
       - name: Set up Go environment
-        uses: actions/setup-go@v4.1.0
+        uses: actions/setup-go@v5.0.0
         with:
           go-version: 'stable'
 

diff --git a/clients/p4rt-ctl/p4rt-ctl.in b/clients/p4rt-ctl/p4rt-ctl.in
@@ -78,6 +78,7 @@ for P4Runtime switches:
   add-meter-config SWITCH MTR_TBL MTR_FLOW     add packet mod meter config table entry
   get-packet-mod-meter SWITCH MTR_TBL MTR_FLOW     gets packet mod meter table entry
   get-direct-pkt-mod-meter SWITCH MTR_TBL MTR_FLOW     gets direct packet mod meter table entry
+  del-meter-config SWITCH MTR_TBL MTR_FLOW  delete packet mod meter config table entry
 """
 
 def usage():
@@ -1898,7 +1899,7 @@ def p4ctl_get_direct_pkt_mod_meter_entry(client, bridge, tbl_name, flow):
         raise Exception("Cannot find direct_meter_entry field in entity")
 
     te = helper.buildTableEntry(
-         table_name=cnt_tbl_name,
+         table_name=tbl_name,
          match_fields=key
      )
 
@@ -1909,6 +1910,34 @@ def p4ctl_get_direct_pkt_mod_meter_entry(client, bridge, tbl_name, flow):
             if entity.direct_meter_entry.table_entry.table_id == ce.table_entry.table_id:
                 print(_format_dme(entry.direct_meter_entry))
 
+@with_client
+def p4ctl_del_meter_config(client, bridge, tbl_name, flow):
+    """
+    del-meter-config SWITCH MTR_TBL MTR_FLOW
+    Example:
+        p4rt-ctl del-meter-config br0 my_control.meter1 "meter_id=2244878476,meter_index=10"
+    """
+    p4info = client.get_p4info()
+    if not p4info:
+        raise Exception("cannot retrieve P4Info from device {}".format(bridge))
+
+    helper = P4InfoHelper(p4info)
+    entity = p4runtime_pb2.Entity()
+    ce = entity.meter_entry
+
+    if ce is None:
+        raise Exception("Cannot find meter_entry field in entity")
+
+    meter_id, index = parse_get_meter_flow(flow)
+    ce.index.index = int(index)
+    ce.meter_id = int(meter_id)
+
+    update = p4runtime_pb2.Update()
+    update.type = p4runtime_pb2.Update.DELETE
+    update.entity.meter_entry.CopyFrom(ce)
+
+    client.write_update(update)
+
 all_commands = {
     "show": (p4ctl_show, 1),
     "set-pipe": (p4ctl_set_pipe, 3),
@@ -1933,6 +1962,7 @@ all_commands = {
     "add-meter-config" : (p4ctl_add_meter_config, 3),
     "get-packet-mod-meter" : (p4ctl_get_packet_mod_meter_entry, 2),
     "get-direct-pkt-mod-meter" : (p4ctl_get_direct_pkt_mod_meter_entry, 2)
+    "del-meter-config" : (p4ctl_del_meter_config, 2)
 }
 
 

diff --git a/docs/apps/apps-index.rst b/docs/apps/apps-index.rst
@@ -6,4 +6,5 @@
 
    ipsec-offload
    lnw/lnw-index
+   packet-io
 
diff --git a/docs/apps/ipsec-offload.md b/docs/apps/ipsec-offload.md
@@ -44,10 +44,10 @@ to load the hardware FXP pipeline with the IPsec package.
 
 ### Configure and run infrap4d
 
-To be able to program Security Association Database (SAD) entries using gNMI,
-enable fixed function support in infrap4d. Follow the instructions in
+Follow the instructions in
 [Running infrap4d](/guides/es2k/running-infrap4d.md)
-to prepare system with generated TDI.json and context.json file references.
+and prepare the system with generated TDI.json and context.json file references.
+In order to  offload IPsec, fixed function support must be enabled in infrap4d. 
 
 The /usr/share/stratum/es2k/es2k_skip_p4.conf file must include the fixed
 function configuration reference.
@@ -82,7 +82,7 @@ between local and peer system.
 
 This section provides detailed information on OpenConfig model and gNMI
 messages with the expected format. The strongSwan plugin has the following
-details encoded.
+details encoded, and user interaction is not needed.
 
 ### Config SAD message
 
@@ -130,10 +130,10 @@ at `/ipsec-offload/ipsec-spi/rx-spi`.
 ### Key Expiry Notification message
 
 The [gRPC Notification message](https://github.com/ipdk-io/openconfig-public/blob/master/release/models/ipsec/openconfig-ipsec-offload.yang#L308)
-at `/ipsec-offload` is used as a signal to trigger the
+at `/ipsec-offload/sadb-expire` is used as a signal to trigger the
 re-keying mechanism in IKE protocol.
 
 A gNMI subscription stream is opened from the gNMI client listening to these
 notification messages originating in the target. Upon receiving this
-notification, clients will initiate the re-keying mechanism to refresh
-the encyrption keys.
+notification, client will initiate the re-keying mechanism to refresh
+the encryption keys.