aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/session
AgeCommit message (Collapse)AuthorFilesLines
2021-10-12session: set actual lcl ip on accepted ctFlorin Coras1-1/+1
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic2ba5fa234a394acb524b61573fc49f2d58c2dea
2021-10-06session: fix severity infoFilip Tehlar1-11/+10
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I6548274f8c0ae2a183b1d221cb195de445c2819f
2021-10-05session: Add session_sapi_enable_disableNathan Skrzypczak5-5/+33
Type: feature This adds an API message to do the switch at runtime. Change-Id: Ice6b69c57f0bfbf5668182e25593362ff4133615 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-21session: implement app_ns deletionNathan Skrzypczak11-50/+170
Type: feature Change-Id: If0edbb21a0283d66c648a9e190d238c8cfa56353 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-20session: use table_format in sh app nsNathan Skrzypczak1-10/+22
Type: refactor Change-Id: I99162d80280e0f45344671b18b1ea96db90d4282 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-16session: Add sock_name option to add_nsNathan Skrzypczak5-44/+183
This adds a new API call to add session namespaces It now takes a netns and a sock_name. (1) If no netns is passed, sock_name will be used as socket path. Defaulting to /run/vpp/app_ns_sockets/${ns_id} (2) If a netns is passed, the sock_name has to be abstract (i.e. start with '@'). It will default to `@vpp/session/${ns_id}` and will be created in the provided netns. Type: feature Change-Id: I90e9a8e5ecca2cabe7c05335663e33c8506dc9e7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-13tcp session: initialize sw_if_index at connect timeFlorin Coras1-8/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id0e67a9ce9c5d8bca2cd7a30493f03a02a46dc46
2021-09-09vlib: fix vlib_buffer_enqueue_to_next() overflowBenoît Ganne1-3/+3
vlib_buffer_enqueue_to_next() requires to allow overflow of up to 63 elements of 'buffer' and 'nexts' array. - add helper to compute the minimum size - fix occurences in session and async crypto Type: fix Change-Id: If8d7eebc5bf9beba71ba194aec0f79b8eb6d5843 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-09session: fix non-NULL terminated stringBenoît Ganne1-18/+7
vlib_unix_recursive_mkdir () expects a NULL-terminated C-string. Type: fix Change-Id: I412b48443d0792307d611c466747c0aa5e423417 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-09-01udp: fill rmt info if session is connection lessliuyacan1-1/+1
The app may send packet to different remote via sendto() with same socket (without calling connect()). In such scenario, remote address need to be filled in. Type: fix Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I49deb308668c05442f237e97acc9bfa239782482
2021-08-30session: fix prefetch out of struct bound on ArmTianyu Li1-1/+1
CLIB_PREFETCH (s->tx_fifo, 2 * CLIB_CACHE_LINE_BYTES, LOAD); sizeof(svm_fifo_t) is 128 bytes Note on 64B cacheline size Arm machine, CLIB_CACHE_LINE_BYTES 128 CLIB_CACHE_PREFETCH_BYTES 6 above CLIB_PREFETCH () macro will be expand to __builtin_prefetch(s->tx_fifo) __builtin_prefetch(s->tx_fifo + 64) __builtin_prefetch(s->tx_fifo + 128) << prefetch out of range __builtin_prefetch(s->tx_fifo + 192) << the same here Solution: Change to CLIB_PREFETCH (s->tx_fifo, sizeof (*(s->tx_fifo)), LOAD); Type: fix Signed-off-by: Tianyu Li <tianyu.li@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Change-Id: I745cbce3dbe5afcab53c39189d18392f569df5aa
2021-08-30session: close app wrk socket on deleteFlorin Coras3-6/+5
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I54fa6e8f12bb52988888e7019a88d6891017944c
2021-08-30tcp: Allow accepting session to send custom packetliuyacan1-1/+9
Tcp may want to send acks in established, but the app has not called accept() yet. Type: improvement Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I43b8cd386e533ca95c8ec260a0a1f695ea140358
2021-08-12session vcl: cert key add/del with socket apiFlorin Coras3-0/+101
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I70791285cbf427479d2dcbf70ffdce2253add2fb
2021-08-11svm: make more fifo segment header fields privateFlorin Coras1-4/+4
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idab0f455b52a38efd2cf3781497d8cc7f57bfa42
2021-07-24session: avoid vpp deadlock due to app crashliuyacan1-0/+6
In high traffic scenarios, if app crashed or hang on somewhere, app_mq will quickly accumulate to full, after which vpp worker will try 100 times before giving up allocating slot for every msg. This will cause vpp main thread barrier sync to fail. Type: fix Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I2b2bf2b272c5b3ca7e4a56af179af12bbcde149d
2021-07-23session vcl: support abstract sockets for app nsFlorin Coras4-16/+132
App namespaces can now be associated to a linux ip netns, e.g.: app ns add id <ns_id> secret <n> sw_if_index <n> netns <netns> If session layer's app sock api is enabled, this triggers the creation of an abstract listening socket in the netns that has been configured. For the example above that would be @vpp/session/<ns_id>. Consequently, vcl, or other apps attaching to vpp, can connect to said abstract socket from an ip netns without the need to share unix domain socket files. In particular, for vcl it's enough to set app-socket-api to @vpp/session/<ns_id> in the conf file. Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I26fdc626a760a3f423c5b8be4251623f6e9cd73a
2021-07-22session vcl: explit mq indices in ctrl messagesFlorin Coras2-3/+5
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8e80252b85dda9a8f5699109264dc1b913581442
2021-07-21session: fix unlisten rpc barrier releaseFlorin Coras1-4/+5
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9301fbbcd611033b4b6ad5313edbc66840f5bb3a
2021-07-19session: option to use memfd segs for builtin appsFlorin Coras2-41/+43
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iecb171c9451c0fa9a7c6ae4b3e9ab7774a4fe585
2021-07-13tcp session: next node config on connectsFlorin Coras1-3/+7
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ief06b1509d31b55efc8d1436b6ff9e01c6037a32
2021-07-12session: api cleanupFilip Tehlar2-73/+34
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Iacc58d27ac51c8a1c571087f98297e046b3477c2
2021-07-08session: allow listen in any fib if default namespaceFlorin Coras3-3/+12
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If0712f01bdd6f2fc892bcbe4e2cee28affd02520
2021-06-29session: free ctrl event data on connect rpcFlorin Coras1-0/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I56c4682aef59ed0e69073f9001341c425e65bd48
2021-06-24session: fix session formated str output truncated in cliXiaoming Jiang2-12/+16
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I2c2b739a5aa246bbf53d6663efd403c3aee9dddd
2021-06-22session: avoid reordering unlisten and connect msgFlorin Coras1-6/+33
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibe32f7965f8cf457c39845713b029c8a4647ee55
2021-06-18session: improve ct locking with multiple workersFlorin Coras5-165/+239
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id91c3be57d49745cb3db6c768a8d5d14133f899e
2021-06-18session: udp accept session state should be updated by appjxm1-2/+0
Type: fix Signed-off-by: jxm <jiangxiaoming@outlook.com> Change-Id: I6fb2620e7076e1e38a2ab85a70febe614b079e67
2021-06-17session: optimize ct fifo segment allocationsFlorin Coras4-84/+359
Allocate per app pair segments with space for more than one fifo. Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib96fe12b899cb14ff20c0be607814011e2c3fc6a
2021-06-12session: fix listener ct transport retrieval on acceptFlorin Coras1-6/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ied2608e7a28c59c908803ca676abbe93072fadb8
2021-06-11session: half-open free only on main threadFlorin Coras1-4/+3
TCP and (D)TLS clean up half-opens on main without a lock/barrier so cleanup initiated from first worker, e.g., cut-throughs, can corrupt the session pool. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2e5162831c0e201b22454f17fe55bfac44b85fa9
2021-06-03session: avoid ct connects loopFlorin Coras1-1/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I99af136ecab9be1f9e00de6d197b8f1c74ab4b20
2021-06-03session: lcl transport info on acceptFlorin Coras2-0/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia46b0b8afed30f84b244c06f0457303f9e8832cd
2021-05-25srtp: basic implementation based on libsrtp2Florin Coras2-2/+3
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic5e99938a5f130e83de6d590d2f89252d055bceb
2021-05-21session: improve main thread connects rpcFlorin Coras2-18/+26
Avoid grabbing the worker barrier if there's no work to be done. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ice3de5df41cd1752aba3419ad2e2dd82f30e9bfb
2021-05-20session: fix transport half-open cleanup callFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I47d241a8f2f9e9d0761d14dcddd3327c3b28932c
2021-05-19session: cleanup event llist usageFlorin Coras3-41/+27
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I750c856ac81d951e8c0e62c710e0f35a0c80d6f9
2021-05-19session: fix session queue node access on disableFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie4e3623e7e00456437fac5fb8f9c9083f1aa2a2e
2021-05-18tls: fix dtls with no workersFlorin Coras2-1/+14
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iecc33fda7f28c037289775ffe0525a50f89a2b8c
2021-05-18session: poll main thread if pending connectsFlorin Coras3-48/+76
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie8a15c50531f3ccd5f91dbc0779e4d9c0d146844
2021-05-18session: only handle old ctrl events per dispatchFlorin Coras1-6/+12
Avoids dispatching ctrl events generated while handling the current pending list. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibeaf901ba4cf58a68fbd88e5ec3c23f6c2f6f145
2021-05-18session: move tx-buffers to tx ctxFlorin Coras2-16/+14
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I10ec410fb7f3acb47128dda23510162dc13b20d0
2021-05-16session: rpc for connects to mainFlorin Coras3-5/+88
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifa47e1500e5cfb3c717f87b1d21131b9531c9005
2021-05-15session: fix coverity warningFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I24484a5192d7e683507ed640f75fb37914c0efb0
2021-05-14session: switch ct to vc and track half-opensFlorin Coras5-77/+220
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7f9c4b9b6e523ab549087ad21724f34f08fca793
2021-05-14tls: switch dtls to vc and track half-opensFlorin Coras3-10/+73
Also adds support for half-open support transport migration. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id04c194138956336f93246bbed0332a7030c67e2
2021-05-12tls: switch to vc service and track half-open sessionsFlorin Coras5-6/+14
Half-open tls sessions are now tracked by the app worker and are cleaned up only when tcp cleans up its half-open session, i.e., independent of when the established tls context is allocated. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If5d594d7095192dd527daf4ea1358ffeccdfcc7a
2021-05-12session: return connect session handle to appFlorin Coras6-32/+36
App transports not supported for now. Will have to be updated individually. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I75cb6c4e1c5af008af72858a9ee573016812abd4
2021-05-12session: support half-close connectionliuyacan8-4/+114
Some app(e.g. Envoy) may call shutdown() instead of close() when draining connection. Type: improvement Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I9543b9ca3caa87b10b134fd1fc4019124e41e4d2
2021-05-10session: use half-open sessions for vc establishmentFlorin Coras8-116/+111
Use half-open sessions to track virtual circuit connection establishment. These sesssions can only be allocated and freed by the thread that allocates half-open connections (main). Consequently, they can only be freed on half-open cleanup notifications from transports. Goal is to simplify state tracking within the session layer but it's also a first step towards allowing builtin apps to track and cleanup outstanding connects. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8a535906d13eb7f8966deb82333839de80f8049f