summaryrefslogtreecommitdiffstats
path: root/src/vnet/session/session_api.c
AgeCommit message (Collapse)AuthorFilesLines
2018-08-30vcl: add support for multi-worker appsFlorin Coras1-1/+5
Add basic support for app registration of multiple workers. LDP does not work with multi-worker apps. Change-Id: I3fc421a2a591a077b275827463f874b261415a63 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-08-28vcl/session: use mq for bind repliesFlorin Coras1-0/+84
Change-Id: Iac6e1c32cf99c5392a29f7366401b7fc39e463e3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-08-24session: fix coverity warningsFlorin Coras1-0/+3
Change-Id: I2a25bba675fc9c84e5d391533e92b9a041637405 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-08-24session: add support for multiple app workersFlorin Coras1-44/+154
Refactor session layer to support multiple workers per application. Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-08-15Remove client_index field from replies in APIOndrej Fabry1-1/+1
- replies should not need to contain client_index since it is used to identify sender of requests to VPP Change-Id: Iece3853b3f020054ee1652b149d0cf8d9580db4e Signed-off-by: Ondrej Fabry <ofabry@cisco.com>
2018-08-10vcl: support for eventfd mq signalingFlorin Coras1-46/+120
- support eventfd based mq signaling. Based on configuration, vcl epoll/select can use either condvars or epoll on mq eventfds. - add vcl support for memfd segments - vpp explicitly registers cut-through segments with apps/vcl - if using eventfd, make ldp allow one call to libc_epoll_create. Needed for the message queue epfd - update svm_queue_t to allow blocking calls with eventfd signaling. Change-Id: I064151ac370bbe29bb16c968bf4e3659c8286bea Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-08-04socket api: multiple fds in one msgFlorin Coras1-1/+2
Change-Id: I77a6e092a42290eed7201ad4a62e0d00ef997d2b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-07-27vcl: use events for epoll/select/read/writeFlorin Coras1-2/+6
Have vcl poll and wait on the event message queues as opposed to constantly polling the session fifos. This also adds event signaling to cut through sessions. On the downside, because we can't wait on multiple condvars, i.e., when we have multiple message queues because of cut-through registrations, we do timed waits. Change-Id: I29ade95dba449659fe46008bb1af502276a7c5fd Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-07-17session: send ctrl msg over mqFlorin Coras1-1/+206
Change-Id: I242056bc46ddb671064665916b2687860292dcb2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-07-17session: use msg queue for eventsFlorin Coras1-4/+4
Change-Id: I3c58367eec2243fe19b75be78a175c5261863e9e Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-18session: coverity warningsFlorin Coras1-2/+2
Change-Id: I53bb1e289ba16ee6d9aed7285b18437c996077a4 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-18udp/session: refactor to support dgram modeFlorin Coras1-4/+37
- adds session layer support for datagram based protocols - updates udp to work in pure connectionless and datagram mode. The existing connected mode is now 'accessible' for apps as a dummy UDPC, as in, connected udp, protocol. - updates udp_echo, echo client, echo server code to work in datagram mode. Change-Id: I2960c0d2d246cb166005f545794ec31fe0d546dd Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-04-16session: use generic session pool for listenersFlorin Coras1-5/+3
Change-Id: I825f3822910a6ee368b9004e39ca16ac6833e30c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-19session: fix coverity warningsFlorin Coras1-0/+10
Change-Id: I022dc40476ea9c30957b12bf1bd0629c6eb41cda Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-15Update session local address is_ip4 on bind when not globalKeith Burns (alagalah)1-0/+1
Change-Id: I73ddca5a86e83c9f547778828bb49d2bd4675eaf Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2018-03-07tls: enforce certificate verificationFlorin Coras1-8/+11
- add option to use test certificate in the ca chain - add hostname to extended session endpoint fields and connect api parameters. If hostname is present, certificate validation is enforced. - use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A different path can be provided via startup config Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-05tls: add stop listen handlerFlorin Coras1-2/+14
Change-Id: I233d02a669b6a0504cd54590c6c8e4fefadc4713 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-02session: first approximation implementation of tlsFlorin Coras1-0/+60
It consists of two main parts. First, add an application transport type whereby applications can offer transport to other applications. For instance, a tls app can offer transport services to other applications. And second, a tls transport app that leverages the mbedtls library for tls protocol implementation. Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-15session: avoid session handle conflict with vclFlorin Coras1-1/+12
Change-Id: I7f5a3b8d92ef07d60315bab6e560eba49ea07249 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-14session: support local sessions and deprecate redirectsFlorin Coras1-112/+145
Memfd backed shared memory segments can only be negotiated over sockets. For such scenarios, the existing redirect mechanism that establishes cut-through sessions does not work anymore as the two peer application do not share such a socket. This patch adds support for local sessions, as opposed to sessions backed by a transport connection, in a way that is almost transparent to the two applications by reusing the existing binary api messages. Moreover, all segment allocations are now entirely done through the segment manager valloc, so segment overlaps due to independent allocations previously required for redirects are completely avoided. The one notable characteristic of local sessions (cut-through from app perspective) notification messages is that they carry pointers to two event queues, one for each app peer, instead of one. For transport-backed sessions one of the queues can be inferred but for local session they cannot. Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-05session: segment manager refactorFlorin Coras1-1/+1
- use valloc as a 'central' segment baseva manager - use per segment manager segment pools and use rwlocks to guard them - add session test that exercises segment creation - embed segment manager properties into application since they're shared - fix rw locks Change-Id: I761164c147275d9e8a926f1eda395e090d231f9a Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-27Fix session/tcp coverity warningsFlorin Coras1-2/+4
Change-Id: I5c404eacb4a6c1e16485a6656168d9171ff49a8b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-25session: add support for memfd segmentsFlorin Coras1-48/+100
- update segment manager and session api to work with both flavors of ssvm segments - added generic ssvm slave/master init and del functions - cleanup/refactor tcp_echo - fixed uses of svm fifo pool as vector Change-Id: Ieee8b163faa407da6e77e657a2322de213a9d2a0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-11api: remove transport specific code from handlersFlorin Coras1-11/+11
This does not update api client code. In other words, if the client assumes the transport is shmem based, this patch does not change that. Furthermore, code that checks queue size, for tail dropping, is not updated. Done for the following apis: Plugins - acl - gtpu - memif - nat - pppoe VNET - bfd - bier - tapv2 - vhost user - dhcp - flow - geneve - ip - punt - ipsec/ipsec-gre - l2 - l2tp - lisp-cp/one-cp - lisp-gpe - map - mpls - policer - session - span - udp - tap - vxlan/vxlan-gpe - interface VPP - api/api.c OAM - oam_api.c Stats - stats.c Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-09api: refactor vlibmemoryFlorin Coras1-14/+13
- separate client/server code for both memory and socket apis - separate memory api code from generic vlib api code - move unix_shared_memory_fifo to svm and rename to svm_fifo_t - overall declutter Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-18session api: Fix Coverity Warning CID 180115Dave Wallace1-1/+1
Change-Id: I87e3de556910851d16af343bfcbede49500843ff Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-12-14session: cleanup attach flagsFlorin Coras1-3/+3
Change-Id: I39d21d15677f57e10b69b8842f2cbca277abddf0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-11session: generalize handling of network transportsFlorin Coras1-1/+1
- compute session type out of transport and network protos - make session, session lookup and session queue code network protocol agnostic This does not update the session layer to support non-ip network layer protocols Change-Id: Ifc2f92845e158b649d59462eb7d51c12af536691 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-01session: allocate cb messages from client ringFlorin Coras1-5/+5
Change-Id: Ib644a1840c5f24203b6968561f467fbe5e255055 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-27session: return bound listener for proxy acceptsFlorin Coras1-0/+10
This, if such a listener exists. Change-Id: I974cc858c1e2fee50189c3c67e4abb76be32a98a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-26Fix session rule port endianness.Milan Lenco1-6/+6
Change-Id: I43a7ac5b6c33810a465568d1955f400f4ef08786 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-11-22session: do not check transport for local table bindsFlorin Coras1-9/+9
Change-Id: I326c4472e5da8b6c0737655952d1983c7a0ea996 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-19session: fix session rules api to use transport protoFlorin Coras1-0/+1
Change-Id: Ie7b795715530e0920763098eb468c55fb17b1a2c Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-17vppcom: improve listener session handlingFlorin Coras1-16/+33
Change-Id: I86b2e2c5a655e53a915fbf62ff04ee23c86de234 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-12session: add handle to disconnect_session_reply api msg.Dave Wallace1-1/+1
Change-Id: I40f80110f5224b676d60252f9721fd1bc8a10b58 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-11-10session: add app ns index to ns create apiFlorin Coras1-2/+18
Change-Id: I86bfe4e8b0a899cc54c9b37eeb5eec701d0baf3d Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-10session: use pool for segment manager propertiesFlorin Coras1-2/+4
Change-Id: I280fea2610dcfc0b2da84973b9f567daec42f1f6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-09session: fix app index in unbindFlorin Coras1-1/+1
Change-Id: Iff1a665b6cf9ca2def0fcdacf02d7f8c579c0f4e Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-06session: add rule tagsFlorin Coras1-30/+53
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-05session: add api to dump rulesFlorin Coras1-0/+120
Change-Id: Ie42fd77e75e86a45cfe5951768c4638f27fdc3aa Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-28session: rules tablesFlorin Coras1-1/+39
This introduces 5-tuple lookup tables that may be used to implement custom session layer actions at connection establishment time (session layer perspective). The rules table build mask-match-action lookup trees that for a given 5-tuple key return the action for the first longest match. If rules overlap, ordering is established by tuple longest match with the following descending priority: remote ip, local ip, remote port, local port. At this time, the only match action supported is to forward packets to the application identified by the action. Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-26session: swap appns secret to host byte orderFlorin Coras1-1/+1
Change-Id: I355433e0f07b328c441ed642705b31ca5157fabe Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-26VCL: add session namespace support.Dave Wallace1-1/+1
Change-Id: I04f1b63e66260d99c0dd180b0295a55a9b750df7 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-17session: fix connect corner case crash.Dave Wallace1-17/+20
Change-Id: I54ced42749432335183ee3085a9ccc5f95a87ae9 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-17session: return local transport endpoint in connect replyFlorin Coras1-0/+7
Change-Id: I7794d5a0774017da4c1c15f45783a18754994ac8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-16udp: refactor udp codeFlorin Coras1-10/+13
Change-Id: I44d5c9df7c49b8d4d5677c6d319033b2da3e6b80 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-10session: add support for application namespacingFlorin Coras1-34/+119
Applications are now provided the option to select the namespace they are to be attached to and the scope of their attachement. Application namespaces are meant to: 1) constrain the scope of communication through the network by association with source interfaces and/or fib tables that provide the source ips to be used and limit the scope of routing 2) provide a namespace local scope to session layer communication, as opposed to the global scope provided by 1). That is, sessions can be established without assistance from transport and network layers. Albeit, zero/local-host ip addresses must still be provided in session establishment messages due to existing application idiosyncrasies. This mode of communication uses shared-memory fifos (cut-through sessions) exclusively. If applications request no namespace, they are assigned to the default one, which at its turn uses the default fib. Applications can request access to both local and global scopes for a namespace. If no scope is specified, session layer defaults to the global one. When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY) binds are converted to binds to the requested interface. Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-07Fix session connect_* api message handling.Dave Wallace1-14/+12
Change-Id: If7fd125989c90240de12953658d10007b9eb4f07 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-07-21Improvements to tcp rx path and debuggingFlorin Coras1-7/+0
- Increment rcv_nxt for fin packets - Call tcp_segment_rcv only if buffer has data - Parse rcv opts before deleting half-open connection - Fix initial rcv_wnd - Improved event logging Change-Id: I9b83c04f432c4cec832c480b03e534deff02c3b1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-06-19Overall tcp performance improvements (VPP-846)Florin Coras1-1/+1
- limit minimum rto per connection - cleanup sack scoreboard - switched svm fifo out-of-order data handling from absolute offsets to relative offsets. - improve cwnd handling when using sacks - add cc event debug stats - improved uri tcp test client/server: bugfixes and added half-duplex mode - expanded builtin client/server - updated uri socket client/server code to work in half-duplex - ensure session node unsets fifo event for empty fifo - fix session detach Change-Id: Ia446972340e32a65e0694ee2844355167d0c170d Signed-off-by: Florin Coras <fcoras@cisco.com>