2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #ifndef __included_quic_h__
17 #define __included_quic_h__
19 #include <vnet/session/application_interface.h>
21 #include <vppinfra/lock.h>
22 #include <vppinfra/tw_timer_1t_3w_1024sl_ov.h>
23 #include <vppinfra/bihash_16_8.h>
27 #include <vnet/crypto/crypto.h>
28 #include <vppinfra/lock.h>
32 * 2 - connection/stream events
38 #define QUIC_TSTAMP_RESOLUTION 0.001 /* QUIC tick resolution (1ms) */
39 #define QUIC_TIMER_HANDLE_INVALID ((u32) ~0)
40 #define QUIC_SESSION_INVALID ((u32) ~0 - 1)
41 #define QUIC_MAX_PACKET_SIZE 1280
43 #define QUIC_INT_MAX 0x3FFFFFFFFFFFFFFF
44 #define QUIC_DEFAULT_FIFO_SIZE (64 << 10)
45 #define QUIC_SEND_PACKET_VEC_SIZE 16
46 #define QUIC_IV_LEN 17
48 #define QUIC_MAX_COALESCED_PACKET 4
50 #define QUIC_SEND_MAX_BATCH_PACKETS 16
51 #define QUIC_RCV_MAX_BATCH_PACKETS 16
53 #define QUIC_DEFAULT_CONN_TIMEOUT (30 * 1000) /* 30 seconds */
55 /* Taken from quicly.c */
56 #define QUICLY_QUIC_BIT 0x40
58 #define QUICLY_PACKET_TYPE_INITIAL (QUICLY_LONG_HEADER_BIT | QUICLY_QUIC_BIT | 0)
59 #define QUICLY_PACKET_TYPE_0RTT (QUICLY_LONG_HEADER_BIT | QUICLY_QUIC_BIT | 0x10)
60 #define QUICLY_PACKET_TYPE_HANDSHAKE (QUICLY_LONG_HEADER_BIT | QUICLY_QUIC_BIT | 0x20)
61 #define QUICLY_PACKET_TYPE_RETRY (QUICLY_LONG_HEADER_BIT | QUICLY_QUIC_BIT | 0x30)
62 #define QUICLY_PACKET_TYPE_BITMASK 0xf0
65 #define QUIC_ERROR_FULL_FIFO 0xff10
66 #define QUIC_APP_ERROR_CLOSE_NOTIFY QUICLY_ERROR_FROM_APPLICATION_ERROR_CODE(0)
67 #define QUIC_APP_ALLOCATION_ERROR QUICLY_ERROR_FROM_APPLICATION_ERROR_CODE(0x1)
68 #define QUIC_APP_ACCEPT_NOTIFY_ERROR QUICLY_ERROR_FROM_APPLICATION_ERROR_CODE(0x2)
69 #define QUIC_APP_CONNECT_NOTIFY_ERROR QUICLY_ERROR_FROM_APPLICATION_ERROR_CODE(0x3)
71 #define QUIC_DECRYPT_PACKET_OK 0
72 #define QUIC_DECRYPT_PACKET_NOTOFFLOADED 1
73 #define QUIC_DECRYPT_PACKET_ERROR 2
76 #define QUIC_DBG(_lvl, _fmt, _args...) \
77 if (_lvl <= QUIC_DEBUG) \
78 clib_warning (_fmt, ##_args)
80 #define QUIC_DBG(_lvl, _fmt, _args...)
83 #if CLIB_ASSERT_ENABLE
84 #define QUIC_ASSERT(truth) ASSERT (truth)
86 #define QUIC_ASSERT(truth) \
88 if (PREDICT_FALSE (! (truth))) \
89 QUIC_ERR ("ASSERT(%s) failed", # truth); \
93 #define QUIC_ERR(_fmt, _args...) \
95 clib_warning ("QUIC-ERR: " _fmt, ##_args); \
100 extern vlib_node_registration_t quic_input_node;
104 #define quic_error(n,s) QUIC_ERROR_##n,
105 #include <plugins/quic/quic_error.def>
110 typedef enum quic_ctx_conn_state_
112 QUIC_CONN_STATE_OPENED,
113 QUIC_CONN_STATE_HANDSHAKE,
114 QUIC_CONN_STATE_READY,
115 QUIC_CONN_STATE_PASSIVE_CLOSING,
116 QUIC_CONN_STATE_PASSIVE_CLOSING_APP_CLOSED,
117 QUIC_CONN_STATE_PASSIVE_CLOSING_QUIC_CLOSED,
118 QUIC_CONN_STATE_ACTIVE_CLOSING,
119 } quic_ctx_conn_state_t;
121 typedef enum quic_packet_type_
123 QUIC_PACKET_TYPE_NONE,
124 QUIC_PACKET_TYPE_RECEIVE,
125 QUIC_PACKET_TYPE_MIGRATE,
126 QUIC_PACKET_TYPE_ACCEPT,
127 QUIC_PACKET_TYPE_RESET,
128 QUIC_PACKET_TYPE_DROP,
129 } quic_packet_type_t;
131 typedef enum quic_ctx_flags_
133 QUIC_F_IS_STREAM = (1 << 0),
134 QUIC_F_IS_LISTENER = (1 << 1),
137 /* This structure is used to implement the concept of VPP connection for QUIC.
138 * We create one per connection and one per stream. */
139 typedef struct quic_ctx_
143 transport_connection_t connection;
145 { /** QUIC ctx case */
152 u8 _qctx_end_marker; /* Leave this at the end */
155 { /** STREAM ctx case */
156 quicly_stream_t *stream;
158 u32 quic_connection_ctx_id;
159 u8 _sctx_end_marker; /* Leave this at the end */
162 session_handle_t udp_session_handle;
164 u32 parent_app_wrk_id;
168 u32 crypto_context_index;
173 ptls_cipher_context_t *hp_ctx;
174 ptls_aead_context_t *aead_ctx;
176 int key_phase_ingress;
180 /* Make sure our custom fields don't overlap with the fields we use in
183 STATIC_ASSERT (offsetof (quic_ctx_t, _qctx_end_marker) <=
184 TRANSPORT_CONN_ID_LEN,
185 "connection data must be less than TRANSPORT_CONN_ID_LEN bytes");
186 STATIC_ASSERT (offsetof (quic_ctx_t, _sctx_end_marker) <=
187 TRANSPORT_CONN_ID_LEN,
188 "connection data must be less than TRANSPORT_CONN_ID_LEN bytes");
190 /* single-entry session cache */
191 typedef struct quic_session_cache_
193 ptls_encrypt_ticket_t super;
196 } quic_session_cache_t;
198 typedef struct quic_stream_data_
202 u32 app_rx_data_len; /**< bytes received, to be read by external app */
203 u32 app_tx_data_len; /**< bytes sent */
204 } quic_stream_data_t;
206 typedef struct quic_crypto_context_data_
208 quicly_context_t quicly_ctx;
209 char cid_key[QUIC_IV_LEN];
210 ptls_context_t ptls_ctx;
211 } quic_crypto_context_data_t;
213 typedef struct quic_encrypt_cb_ctx_
215 quicly_datagram_t *packet;
216 struct quic_finalize_send_packet_cb_ctx_
219 size_t first_byte_at;
220 ptls_cipher_context_t *hp;
221 } snd_ctx[QUIC_MAX_COALESCED_PACKET];
222 size_t snd_ctx_count;
223 } quic_encrypt_cb_ctx;
225 typedef struct quic_crypto_batch_ctx_
227 vnet_crypto_op_t aead_crypto_tx_packets_ops[QUIC_SEND_MAX_BATCH_PACKETS],
228 aead_crypto_rx_packets_ops[QUIC_RCV_MAX_BATCH_PACKETS];
229 size_t nb_tx_packets, nb_rx_packets;
230 } quic_crypto_batch_ctx_t;
232 typedef struct quic_worker_ctx_
234 CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
235 int64_t time_now; /**< worker time */
236 tw_timer_wheel_1t_3w_1024sl_ov_t timer_wheel; /**< worker timer wheel */
237 quicly_cid_plaintext_t next_cid;
238 crypto_context_t *crypto_ctx_pool; /**< per thread pool of crypto contexes */
239 clib_bihash_24_8_t crypto_context_hash; /**< per thread [params:crypto_ctx_index] hash */
240 quic_crypto_batch_ctx_t crypto_context_batch;
243 typedef struct quic_rx_packet_ctx_
245 quicly_decoded_packet_t packet;
246 u8 data[QUIC_MAX_PACKET_SIZE];
252 struct sockaddr_in6 sa6;
256 session_dgram_hdr_t ph;
257 } quic_rx_packet_ctx_t;
259 typedef struct quic_main_
262 quic_ctx_t **ctx_pool;
263 quic_worker_ctx_t *wrk_ctx;
264 clib_bihash_16_8_t connection_hash; /**< quic connection id -> conn handle */
265 f64 tstamp_ticks_per_clock;
267 ptls_cipher_suite_t ***quic_ciphers; /**< available ciphers by crypto engine */
268 uword *available_crypto_engines; /**< Bitmap for registered engines */
269 u8 default_crypto_engine; /**< Used if you do connect with CRYPTO_ENGINE_NONE (0) */
270 u64 max_packets_per_key; /**< number of packets that can be sent without a key update */
272 ptls_handshake_properties_t hs_properties;
273 quic_session_cache_t session_cache;
276 u32 udp_fifo_prealloc;
277 u32 connection_timeout;
279 u8 vnet_crypto_enabled;
281 clib_rwlock_t crypto_keys_quic_rw_lock;
284 #endif /* __included_quic_h__ */
287 * fd.io coding-style-patch-verification: ON
290 * eval: (c-set-style "gnu")