summaryrefslogtreecommitdiffstats
path: root/src/plugins
diff options
context:
space:
mode:
authorFlorin Coras <fcoras@cisco.com>2021-03-10 16:15:11 -0800
committerDave Barach <openvpp@barachs.net>2021-03-11 20:15:25 +0000
commitd5403ac610c985acc780e625b4328d001efd0e63 (patch)
treeeaea9b708ce0fc70be234ddfcc6b23235618bd1d /src/plugins
parent1e6a0f64653c8142fa7032aba127ab4894bafc3c (diff)
hsa: add support for tls to proxy
Type: improvement Change-Id: I934e1e981bfa3e5ef81a61b2180604f9b9fc991b Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/plugins')
-rw-r--r--src/plugins/hs_apps/proxy.c123
-rw-r--r--src/plugins/hs_apps/proxy.h5
2 files changed, 89 insertions, 39 deletions
diff --git a/src/plugins/hs_apps/proxy.c b/src/plugins/hs_apps/proxy.c
index 834d03f8dbd..295968a2450 100644
--- a/src/plugins/hs_apps/proxy.c
+++ b/src/plugins/hs_apps/proxy.c
@@ -26,7 +26,7 @@ proxy_main_t proxy_main;
typedef struct
{
- char uri[128];
+ session_endpoint_cfg_t sep;
u32 app_index;
u32 api_context;
} proxy_connect_args_t;
@@ -37,11 +37,11 @@ proxy_cb_fn (void *data, u32 data_len)
proxy_connect_args_t *pa = (proxy_connect_args_t *) data;
vnet_connect_args_t a;
- memset (&a, 0, sizeof (a));
+ clib_memset (&a, 0, sizeof (a));
a.api_context = pa->api_context;
a.app_index = pa->app_index;
- a.uri = pa->uri;
- vnet_connect_uri (&a);
+ clib_memcpy (&a.sep_ext, &pa->sep, sizeof (pa->sep));
+ vnet_connect (&a);
}
static void
@@ -49,14 +49,14 @@ proxy_call_main_thread (vnet_connect_args_t * a)
{
if (vlib_get_thread_index () == 0)
{
- vnet_connect_uri (a);
+ vnet_connect (a);
}
else
{
proxy_connect_args_t args;
args.api_context = a->api_context;
args.app_index = a->app_index;
- clib_memcpy (args.uri, a->uri, vec_len (a->uri));
+ clib_memcpy (&args.sep, &a->sep_ext, sizeof (a->sep_ext));
vl_api_rpc_call_main_thread (proxy_cb_fn, (u8 *) & args, sizeof (args));
}
}
@@ -352,7 +352,8 @@ proxy_rx_callback (session_t * s)
clib_spinlock_unlock_if_init (&pm->sessions_lock);
- a->uri = (char *) pm->client_uri;
+ clib_memcpy (&a->sep_ext, &pm->client_sep, sizeof (pm->client_sep));
+ a->sep_ext.ckpair_index = pm->ckpair_index;
a->api_context = proxy_index;
a->app_index = pm->active_open_app_index;
proxy_call_main_thread (a);
@@ -368,6 +369,8 @@ proxy_force_ack (void *handlep)
session_t *ao_s;
ao_s = session_get_from_handle (pointer_to_uword (handlep));
+ if (session_get_transport_proto (ao_s) != TRANSPORT_PROTO_TCP)
+ return;
tc = session_get_transport (ao_s);
tcp_send_ack ((tcp_connection_t *) tc);
}
@@ -695,9 +698,28 @@ proxy_server_listen ()
proxy_main_t *pm = &proxy_main;
vnet_listen_args_t _a, *a = &_a;
clib_memset (a, 0, sizeof (*a));
+
a->app_index = pm->server_app_index;
- a->uri = (char *) pm->server_uri;
- return vnet_bind_uri (a);
+ clib_memcpy (&a->sep_ext, &pm->server_sep, sizeof (pm->server_sep));
+ a->sep_ext.ckpair_index = pm->ckpair_index;
+
+ return vnet_listen (a);
+}
+
+static void
+proxy_server_add_ckpair (void)
+{
+ vnet_app_add_cert_key_pair_args_t _ck_pair, *ck_pair = &_ck_pair;
+ proxy_main_t *pm = &proxy_main;
+
+ clib_memset (ck_pair, 0, sizeof (*ck_pair));
+ ck_pair->cert = (u8 *) test_srv_crt_rsa;
+ ck_pair->key = (u8 *) test_srv_key_rsa;
+ ck_pair->cert_len = test_srv_crt_rsa_len;
+ ck_pair->key_len = test_srv_key_rsa_len;
+ vnet_app_add_cert_key_pair (ck_pair);
+
+ pm->ckpair_index = ck_pair->index;
}
static int
@@ -716,6 +738,8 @@ proxy_server_create (vlib_main_t * vm)
for (i = 0; i < num_threads; i++)
vec_validate (pm->rx_buf[i], pm->rcv_buffer_size);
+ proxy_server_add_ckpair ();
+
if (proxy_server_attach ())
{
clib_warning ("failed to attach server app");
@@ -748,9 +772,12 @@ static clib_error_t *
proxy_server_create_command_fn (vlib_main_t * vm, unformat_input_t * input,
vlib_cli_command_t * cmd)
{
- proxy_main_t *pm = &proxy_main;
+ unformat_input_t _line_input, *line_input = &_line_input;
char *default_server_uri = "tcp://0.0.0.0/23";
char *default_client_uri = "tcp://6.0.2.2/23";
+ u8 *server_uri = 0, *client_uri = 0;
+ proxy_main_t *pm = &proxy_main;
+ clib_error_t *error = 0;
int rv, tmp32;
u64 tmp64;
@@ -762,58 +789,76 @@ proxy_server_create_command_fn (vlib_main_t * vm, unformat_input_t * input,
pm->prealloc_fifos = 0;
pm->private_segment_count = 0;
pm->private_segment_size = 0;
- pm->server_uri = 0;
- pm->client_uri = 0;
+
if (vlib_num_workers ())
clib_spinlock_init (&pm->sessions_lock);
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ unformat_user (input, unformat_line_input, line_input);
+
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (input, "fifo-size %U",
- unformat_memory_size, &pm->fifo_size))
+ if (unformat (line_input, "fifo-size %U", unformat_memory_size,
+ &pm->fifo_size))
;
- else if (unformat (input, "max-fifo-size %U",
- unformat_memory_size, &pm->max_fifo_size))
+ else if (unformat (line_input, "max-fifo-size %U", unformat_memory_size,
+ &pm->max_fifo_size))
;
- else if (unformat (input, "high-watermark %d", &tmp32))
+ else if (unformat (line_input, "high-watermark %d", &tmp32))
pm->high_watermark = (u8) tmp32;
- else if (unformat (input, "low-watermark %d", &tmp32))
+ else if (unformat (line_input, "low-watermark %d", &tmp32))
pm->low_watermark = (u8) tmp32;
- else if (unformat (input, "rcv-buf-size %d", &pm->rcv_buffer_size))
+ else if (unformat (line_input, "rcv-buf-size %d", &pm->rcv_buffer_size))
;
- else if (unformat (input, "prealloc-fifos %d", &pm->prealloc_fifos))
+ else if (unformat (line_input, "prealloc-fifos %d", &pm->prealloc_fifos))
;
- else if (unformat (input, "private-segment-count %d",
+ else if (unformat (line_input, "private-segment-count %d",
&pm->private_segment_count))
;
- else if (unformat (input, "private-segment-size %U",
+ else if (unformat (line_input, "private-segment-size %U",
unformat_memory_size, &tmp64))
{
if (tmp64 >= 0x100000000ULL)
- return clib_error_return
- (0, "private segment size %lld (%llu) too large", tmp64, tmp64);
+ {
+ error = clib_error_return (
+ 0, "private segment size %lld (%llu) too large", tmp64, tmp64);
+ goto done;
+ }
pm->private_segment_size = tmp64;
}
- else if (unformat (input, "server-uri %s", &pm->server_uri))
- vec_add1 (pm->server_uri, 0);
- else if (unformat (input, "client-uri %s", &pm->client_uri))
- vec_add1 (pm->client_uri, 0);
+ else if (unformat (line_input, "server-uri %s", &server_uri))
+ vec_add1 (server_uri, 0);
+ else if (unformat (line_input, "client-uri %s", &client_uri))
+ vec_add1 (client_uri, 0);
else
- return clib_error_return (0, "unknown input `%U'",
- format_unformat_error, input);
+ {
+ error = clib_error_return (0, "unknown input `%U'",
+ format_unformat_error, line_input);
+ goto done;
+ }
}
- if (!pm->server_uri)
+ if (!server_uri)
{
clib_warning ("No server-uri provided, Using default: %s",
default_server_uri);
- pm->server_uri = format (0, "%s%c", default_server_uri, 0);
+ server_uri = format (0, "%s%c", default_server_uri, 0);
}
- if (!pm->client_uri)
+ if (!client_uri)
{
clib_warning ("No client-uri provided, Using default: %s",
default_client_uri);
- pm->client_uri = format (0, "%s%c", default_client_uri, 0);
+ client_uri = format (0, "%s%c", default_client_uri, 0);
+ }
+
+ if (parse_uri ((char *) server_uri, &pm->server_sep))
+ {
+ error = clib_error_return (0, "Invalid server uri %v", server_uri);
+ goto done;
+ }
+ if (parse_uri ((char *) client_uri, &pm->client_sep))
+ {
+ error = clib_error_return (0, "Invalid client uri %v", server_uri);
+ goto done;
}
vnet_session_enable_disable (vm, 1 /* turn on session and transport */ );
@@ -824,10 +869,14 @@ proxy_server_create_command_fn (vlib_main_t * vm, unformat_input_t * input,
case 0:
break;
default:
- return clib_error_return (0, "server_create returned %d", rv);
+ error = clib_error_return (0, "server_create returned %d", rv);
}
- return 0;
+done:
+ unformat_free (line_input);
+ vec_free (client_uri);
+ vec_free (server_uri);
+ return error;
}
/* *INDENT-OFF* */
diff --git a/src/plugins/hs_apps/proxy.h b/src/plugins/hs_apps/proxy.h
index 4f74ea025fb..aef23e1e556 100644
--- a/src/plugins/hs_apps/proxy.h
+++ b/src/plugins/hs_apps/proxy.h
@@ -67,9 +67,10 @@ typedef struct
u32 private_segment_count; /**< Number of private fifo segs */
u32 private_segment_size; /**< size of private fifo segs */
int rcv_buffer_size;
- u8 *server_uri;
- u8 *client_uri;
+ session_endpoint_cfg_t server_sep;
+ session_endpoint_cfg_t client_sep;
+ u32 ckpair_index;
/*
* Test state variables
*/
ss="cm">/* *------------------------------------------------------------------ * Copyright (c) 2018 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. *------------------------------------------------------------------ */ #ifndef _AVF_H_ #define _AVF_H_ #include <avf/virtchnl.h> #include <vlib/log.h> #define AVF_RXD_STATUS(x) (1ULL << x) #define AVF_RXD_STATUS_DD AVF_RXD_STATUS(0) #define AVF_RXD_STATUS_EOP AVF_RXD_STATUS(1) #define AVF_RXD_ERROR_SHIFT 19 #define AVF_RXD_PTYPE_SHIFT 30 #define AVF_RXD_LEN_SHIFT 38 #define AVF_RX_MAX_DESC_IN_CHAIN 5 #define AVF_RXD_ERROR_IPE (1ULL << (AVF_RXD_ERROR_SHIFT + 3)) #define AVF_RXD_ERROR_L4E (1ULL << (AVF_RXD_ERROR_SHIFT + 4)) #define AVF_TXD_CMD(x) (1 << (x + 4)) #define AVF_TXD_CMD_EOP AVF_TXD_CMD(0) #define AVF_TXD_CMD_RS AVF_TXD_CMD(1) #define AVF_TXD_CMD_RSV AVF_TXD_CMD(2) #define foreach_avf_device_flags \ _(0, INITIALIZED, "initialized") \ _(1, ERROR, "error") \ _(2, ADMIN_UP, "admin-up") \ _(3, VA_DMA, "vaddr-dma") \ _(4, LINK_UP, "link-up") \ _(5, SHARED_TXQ_LOCK, "shared-txq-lock") \ _(6, ELOG, "elog") enum { #define _(a, b, c) AVF_DEVICE_F_##b = (1 << a), foreach_avf_device_flags #undef _ }; typedef volatile struct { union { struct { u64 mirr:13; u64 rsv1:3; u64 l2tag1:16; u64 filter_status:32; u64 status:19; u64 error:8; u64 rsv2:3; u64 ptype:8; u64 length:26; }; u64 qword[4]; #ifdef CLIB_HAVE_VEC256 u64x4 as_u64x4; #endif }; } avf_rx_desc_t; STATIC_ASSERT_SIZEOF (avf_rx_desc_t, 32); typedef volatile struct { union { u64 qword[2]; #ifdef CLIB_HAVE_VEC128 u64x2 as_u64x2; #endif }; } avf_tx_desc_t; STATIC_ASSERT_SIZEOF (avf_tx_desc_t, 16); typedef struct { CLIB_CACHE_LINE_ALIGN_MARK (cacheline0); volatile u32 *qrx_tail; u16 next; u16 size; avf_rx_desc_t *descs; u32 *bufs; u16 n_enqueued; u8 int_mode; u8 buffer_pool_index; } avf_rxq_t; typedef struct { CLIB_CACHE_LINE_ALIGN_MARK (cacheline0); volatile u32 *qtx_tail; u16 next; u16 size; clib_spinlock_t lock; avf_tx_desc_t *descs; u32 *bufs; u16 n_enqueued; u16 *rs_slots; } avf_txq_t; typedef struct { CLIB_CACHE_LINE_ALIGN_MARK (cacheline0); u32 flags; u32 per_interface_next_index; u32 dev_instance; u32 sw_if_index; u32 hw_if_index; vlib_pci_dev_handle_t pci_dev_handle; u32 numa_node; void *bar0; u8 *name; /* queues */ avf_rxq_t *rxqs; avf_txq_t *txqs; u16 n_tx_queues; u16 n_rx_queues; /* Admin queues */ avf_aq_desc_t *atq; avf_aq_desc_t *arq; void *atq_bufs; void *arq_bufs; u64 atq_bufs_pa; u64 arq_bufs_pa; u16 atq_next_slot; u16 arq_next_slot; virtchnl_pf_event_t *events; u16 vsi_id; u32 feature_bitmap; u8 hwaddr[6]; u16 num_queue_pairs; u16 max_vectors; u16 max_mtu; u32 rss_key_size; u32 rss_lut_size; virtchnl_link_speed_t link_speed; /* stats */ virtchnl_eth_stats_t eth_stats; /* error */ clib_error_t *error; } avf_device_t; #define AVF_RX_VECTOR_SZ VLIB_FRAME_SIZE enum { AVF_PROCESS_EVENT_START = 1, AVF_PROCESS_EVENT_STOP = 2, AVF_PROCESS_EVENT_AQ_INT = 3, } avf_process_event_t; typedef struct { u64 qw1s[AVF_RX_MAX_DESC_IN_CHAIN - 1]; u32 buffers[AVF_RX_MAX_DESC_IN_CHAIN - 1]; } avf_rx_tail_t; typedef struct { CLIB_CACHE_LINE_ALIGN_MARK (cacheline0); vlib_buffer_t *bufs[AVF_RX_VECTOR_SZ]; u64 qw1s[AVF_RX_VECTOR_SZ]; avf_rx_tail_t tails[AVF_RX_VECTOR_SZ]; vlib_buffer_t buffer_template; } avf_per_thread_data_t; typedef struct { u16 msg_id_base; avf_device_t *devices; avf_per_thread_data_t *per_thread_data; vlib_log_class_t log_class; } avf_main_t; extern avf_main_t avf_main; typedef struct { vlib_pci_addr_t addr; u8 *name; int enable_elog; u16 rxq_num; u16 rxq_size; u16 txq_size; /* return */ int rv; u32 sw_if_index; clib_error_t *error; } avf_create_if_args_t; void avf_create_if (vlib_main_t * vm, avf_create_if_args_t * args); void avf_delete_if (vlib_main_t * vm, avf_device_t * ad); extern vlib_node_registration_t avf_input_node; extern vnet_device_class_t avf_device_class; /* format.c */ format_function_t format_avf_device; format_function_t format_avf_device_name; format_function_t format_avf_input_trace; static inline u32 avf_get_u32 (void *start, int offset) { return *(u32 *) (((u8 *) start) + offset); } static inline u64 avf_get_u64 (void *start, int offset) { return *(u64 *) (((u8 *) start) + offset); } static inline u32 avf_get_u32_bits (void *start, int offset, int first, int last) { u32 value = avf_get_u32 (start, offset); if ((last == 0) && (first == 31)) return value; value >>= last; value &= (1 << (first - last + 1)) - 1; return value; } static inline u64 avf_get_u64_bits (void *start, int offset, int first, int last) { u64 value = avf_get_u64 (start, offset); if ((last == 0) && (first == 63)) return value; value >>= last; value &= (1 << (first - last + 1)) - 1; return value; } static inline void avf_set_u32 (void *start, int offset, u32 value) { (*(u32 *) (((u8 *) start) + offset)) = value; } static inline void avf_reg_write (avf_device_t * ad, u32 addr, u32 val) { *(volatile u32 *) ((u8 *) ad->bar0 + addr) = val; } static inline u32 avf_reg_read (avf_device_t * ad, u32 addr) { return *(volatile u32 *) (ad->bar0 + addr); } static inline void avf_reg_flush (avf_device_t * ad) { avf_reg_read (ad, AVFGEN_RSTAT); asm volatile ("":::"memory"); } static_always_inline int avf_rxd_is_not_eop (avf_rx_desc_t * d) { return (d->qword[1] & AVF_RXD_STATUS_EOP) == 0; } static_always_inline int avf_rxd_is_not_dd (avf_rx_desc_t * d) { return (d->qword[1] & AVF_RXD_STATUS_DD) == 0; } typedef struct { u32 next_index; u32 hw_if_index; u64 qw1s[AVF_RX_MAX_DESC_IN_CHAIN]; } avf_input_trace_t; #define foreach_avf_tx_func_error \ _(NO_FREE_SLOTS, "no free tx slots") typedef enum { #define _(f,s) AVF_TX_ERROR_##f, foreach_avf_tx_func_error #undef _ AVF_TX_N_ERROR, } avf_tx_func_error_t; #endif /* AVF_H */ /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */