Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
This changes the behavior of both API calls
APPLICATION_TLS_CERT_ADD & APPLICATION_TLS_KEY_ADD
certificates and keys aren't bound to an app, they are
passed to it via connect / listen using the message
queue.
This should be followed by a per protocol (QUIC/TLS)
crypto_context store to save devrived structs
Change-Id: I36873bc8b63b5c72776c69e8cd9febc9cae31882
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type:refactor
Moves connect, disconnect, bind, unbind and app detach to message
queue from binary api. Simplifies app/vcl interaction with the session
layer since all session control messages are now handled over the mq.
Add/del segment messages require internal C api changes which affect all
builtin applications. They'll be moved in a different patch and might
not be back portable to 19.08.
Change-Id: I93f6d18e551b024effa75d47f5ff25f23ba8aff5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
Change-Id: Ia9a5b1a6d85c7f3f2e6db583b33b5b20029a1e88
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
In contrast to the closing notification, whereby a transport informs
the session layer that is beginning the closing procedure, this allows
transports to notify the session layer of the fact that the transport is
"fully" closed, i.e., it expects no more data.
Also:
- adds app closed state for sessions
- changes tcp to have it notify when an active close has finished
Type: feature
Change-Id: I13c738006c03f85015e05ab82843a33a69382aaf
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type:feature
Change-Id: Ic9515c0b11ca6f75503f47ec6b2c58d240afb144
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
Change-Id: I421750147a8a821bd0b522daf6c2b7239e551f12
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ib8cb19361c42e38e3f68d7147358378fff161eb1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I984f347fb465c0c405cef668d8690457e81788e2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I77ad9eb4d4c7699397aa4be6a973ef37c60db4c5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Currently supports on single stream exposed through standard internal APIs
Based on libquicly & picotls by h2o
Change-Id: I7bc1ec0e399d1fb02bfd1da91aa7410076d08d14
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
- disconnect sessions through session layer apis instead of directly
notifying the app worker.
- improve cli
- increase fifo sizes for tls app
Change-Id: I8a7d2865b3b00724e2a9da29fa4a906ea867da9b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7f3b015ea6750c9773e4285bb63b0d44fa2177b9
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ia1a628498fa3b639b6b1508f65c6aea1806f73ec
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- remove unused functions
- rename old "stream" functions
Change-Id: Icbb03daa9f9f1c58b5be5c38aa8a9cbcf9159b47
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Switches local connects to cut-thru transport
- Removes local sessions as a separate session type
Change-Id: I997c6355d8c8e4f2110678f785b0f5d96bba47f7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Introduce a cut-through transport as replacement to local sessions. This
first patch removes the per app local listener pools and switches local
listeners to sessions with cut-through transport.
Change-Id: I98b20c25bc5df5f4110bf66f76c650a973032618
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Move local session to separate header and source files. First step to
refactoring local sessions.
Change-Id: I280fdfef20ba8a0977d15c1c8ce030ea2fb72dde
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I1662ec4b5503cb64a8a86a2441842311d959b3a6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Make app-listener the handle for app listens. Consequently transport and
local listen sessions are now associated to the app-listener.
Change-Id: I9397a26d42cccb100970b6b4794c15bac2e11465
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- move transport specific types to transport_types
- add transport wrapper functions for interaction with transport
protocol vfts
Change-Id: I93f70d884585fc2f41c4a605e310c80e8a8972f2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Aggregate session specific types, getters and setters under
session_types.h
Change-Id: Ib205337502654969d60c72d1800c90247e1a9068
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Move app worker logic to app_worker.c
Change-Id: Ic5e5735b2884f006c064d023f491aa6888114810
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Rename core data structures. This will break compatibility for out of
tree builtin apps.
- stream_session_t to session_t
- server_rx/tx_fifo to rx/tx_fifo
- stream_session.h to session_types.h
- update copyright
Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
In case of multi process apps, after forking, the parent may decide to
close part or all of the sessions it shares with the child. Because the
sessions have fifos allocated in the parent's segment manager, they must
be moved to the child's segment manager.
Change-Id: I85b4c8c8545005724023ee14043647719cef61dd
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I03884b6cde9d4c38ae13d1994fd8d37d44016ef0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I766c0b2bfd5f781e4fe5df615a7ecd139b7d2cc4
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I8a680be62ab91d2ccb144641981a635506973a49
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Allow apps to register child processes as app workers. In particular,
on fork vcl now registers the child process with vpp as a new worker.
Change-Id: I52a65fbc3292962b1f6e1fe0f6153f739e6e0d4a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ie4c5cfc4c97acb321a46b4df589dc44de1b616ba
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I20dd2071c936eb2c1870d45860553007c8e20587
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Allows app workers to listen on the same session endpoint. Incoming
connects are spread across the workers in a round-robin fashion
Change-Id: Ib5f5817230d9abc6127a85cdbdcad70d980c0f7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iac6e1c32cf99c5392a29f7366401b7fc39e463e3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Refactor session layer to support multiple workers per application.
Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- support eventfd based mq signaling. Based on configuration, vcl
epoll/select can use either condvars or epoll on mq eventfds.
- add vcl support for memfd segments
- vpp explicitly registers cut-through segments with apps/vcl
- if using eventfd, make ldp allow one call to libc_epoll_create. Needed
for the message queue epfd
- update svm_queue_t to allow blocking calls with eventfd signaling.
Change-Id: I064151ac370bbe29bb16c968bf4e3659c8286bea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I3c58367eec2243fe19b75be78a175c5261863e9e
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ib88d703bb7d4b170059960b0688352c90c5fcc39
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Select the right segment manager for local sessions established via
global table.
Change-Id: I88ad4bf70d0cae160a0c744950098a954dfbc911
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I4b428e170436671b329657283cf7653befc85c9f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I6c215858d2c9c620787632b570950b15274c0df2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
It consists of two main parts. First, add an application transport type
whereby applications can offer transport to other applications. For
instance, a tls app can offer transport services to other applications.
And second, a tls transport app that leverages the mbedtls library for
tls protocol implementation.
Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7f5a3b8d92ef07d60315bab6e560eba49ea07249
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Memfd backed shared memory segments can only be negotiated over sockets.
For such scenarios, the existing redirect mechanism that establishes
cut-through sessions does not work anymore as the two peer application
do not share such a socket.
This patch adds support for local sessions, as opposed to sessions
backed by a transport connection, in a way that is almost transparent to
the two applications by reusing the existing binary api messages.
Moreover, all segment allocations are now entirely done through the
segment manager valloc, so segment overlaps due to independent
allocations previously required for redirects are completely avoided.
The one notable characteristic of local sessions (cut-through from app
perspective) notification messages is that they carry pointers to two
event queues, one for each app peer, instead of one. For
transport-backed sessions one of the queues can be inferred but for
local session they cannot.
Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- use valloc as a 'central' segment baseva manager
- use per segment manager segment pools and use rwlocks to guard them
- add session test that exercises segment creation
- embed segment manager properties into application since they're shared
- fix rw locks
Change-Id: I761164c147275d9e8a926f1eda395e090d231f9a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- update segment manager and session api to work with both flavors of
ssvm segments
- added generic ssvm slave/master init and del functions
- cleanup/refactor tcp_echo
- fixed uses of svm fifo pool as vector
Change-Id: Ieee8b163faa407da6e77e657a2322de213a9d2a0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- separate client/server code for both memory and socket apis
- separate memory api code from generic vlib api code
- move unix_shared_memory_fifo to svm and rename to svm_fifo_t
- overall declutter
Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I280fea2610dcfc0b2da84973b9f567daec42f1f6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5217364220023df34d5bee071cb750df1661b093
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
To enable this, applications set the proxy flag in their attach requests
and pass the transport protocols they want to act as proxies for as part
of the attach options.
When proxy is enabled, session rules that point incoming packets to the
proxy app are addedd to the local and global session tables, if these
scopes are accessible to the app. In particular, in case of the former,
the rule accepts packets from all sources and all ports destined to the
namespace's supporting interface address on any port. While in case of
the latter, a generic any destination and any port rule is addedd.
Change-Id: I791f8c1cc083350f02e26a2ac3bdbbfbfa19ece3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|