2 * Copyright (c) 2016-2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
15 #include <vnet/session/application_interface.h>
16 #include <vnet/session/session.h>
17 #include <vlibmemory/api.h>
20 VPP's application/session API bind/unbind/connect/disconnect calls
23 #define app_interface_check_thread_and_barrier(_fn, _arg) \
24 if (PREDICT_FALSE (!vlib_thread_is_main_w_barrier ())) \
26 vlib_rpc_call_main_thread (_fn, (u8 *) _arg, sizeof(*_arg)); \
31 session_endpoint_in_ns (session_endpoint_t * sep)
33 u8 is_lep = session_endpoint_is_local (sep);
34 if (!is_lep && sep->sw_if_index != ENDPOINT_INVALID_INDEX
35 && !ip_interface_has_address (sep->sw_if_index, &sep->ip, sep->is_ip4))
37 clib_warning ("sw_if_index %u not configured with ip %U",
38 sep->sw_if_index, format_ip46_address, &sep->ip,
42 return (is_lep || ip_is_local (sep->fib_index, &sep->ip, sep->is_ip4));
46 api_parse_session_handle (u64 handle, u32 * session_index, u32 * thread_index)
48 session_manager_main_t *smm = vnet_get_session_manager_main ();
51 *thread_index = handle & 0xFFFFFFFF;
52 *session_index = handle >> 32;
54 if (*thread_index >= vec_len (smm->wrk))
55 return VNET_API_ERROR_INVALID_VALUE;
57 pool = smm->wrk[*thread_index].sessions;
59 if (pool_is_free_index (pool, *session_index))
60 return VNET_API_ERROR_INVALID_VALUE_2;
66 session_endpoint_update_for_app (session_endpoint_cfg_t * sep,
67 application_t * app, u8 is_connect)
69 app_namespace_t *app_ns;
70 u32 ns_index, fib_index;
72 ns_index = app->ns_index;
74 /* App is a transport proto, so fetch the calling app's ns */
75 if (app->flags & APP_OPTIONS_FLAGS_IS_TRANSPORT_APP)
77 app_worker_t *owner_wrk;
78 application_t *owner_app;
80 owner_wrk = app_worker_get (sep->app_wrk_index);
81 owner_app = application_get (owner_wrk->app_index);
82 ns_index = owner_app->ns_index;
84 app_ns = app_namespace_get (ns_index);
88 /* Ask transport and network to bind to/connect using local interface
89 * that "supports" app's namespace. This will fix our local connection
93 /* If in default namespace and user requested a fib index use it */
94 if (ns_index == 0 && sep->fib_index != ENDPOINT_INVALID_INDEX)
95 fib_index = sep->fib_index;
97 fib_index = sep->is_ip4 ? app_ns->ip4_fib_index : app_ns->ip6_fib_index;
98 sep->peer.fib_index = fib_index;
99 sep->fib_index = fib_index;
103 sep->sw_if_index = app_ns->sw_if_index;
107 if (app_ns->sw_if_index != APP_NAMESPACE_INVALID_INDEX
108 && sep->peer.sw_if_index != ENDPOINT_INVALID_INDEX
109 && sep->peer.sw_if_index != app_ns->sw_if_index)
110 clib_warning ("Local sw_if_index different from app ns sw_if_index");
112 sep->peer.sw_if_index = app_ns->sw_if_index;
117 vnet_listen_inline (vnet_listen_args_t * a)
119 app_listener_t *app_listener;
120 app_worker_t *app_wrk;
124 app = application_get_if_valid (a->app_index);
126 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
128 app_wrk = application_get_worker (app, a->wrk_map_index);
130 return VNET_API_ERROR_INVALID_VALUE;
132 a->sep_ext.app_wrk_index = app_wrk->wrk_index;
134 session_endpoint_update_for_app (&a->sep_ext, app, 0 /* is_connect */ );
135 if (!session_endpoint_in_ns (&a->sep))
136 return VNET_API_ERROR_INVALID_VALUE_2;
139 * Check if we already have an app listener
141 app_listener = app_listener_lookup (app, &a->sep_ext);
144 if (app_listener->app_index != app->app_index)
145 return VNET_API_ERROR_ADDRESS_IN_USE;
146 if (app_worker_start_listen (app_wrk, app_listener))
148 a->handle = app_listener_handle (app_listener);
153 * Create new app listener
155 if ((rv = app_listener_alloc_and_init (app, &a->sep_ext, &app_listener)))
158 if ((rv = app_worker_start_listen (app_wrk, app_listener)))
160 app_listener_cleanup (app_listener);
164 a->handle = app_listener_handle (app_listener);
169 vnet_unlisten_inline (vnet_unbind_args_t * a)
171 app_worker_t *app_wrk;
175 if (!(app = application_get_if_valid (a->app_index)))
176 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
178 al = app_listener_get_w_handle (a->handle);
179 if (al->app_index != app->app_index)
181 clib_warning ("app doesn't own handle %llu!", a->handle);
185 app_wrk = application_get_worker (app, a->wrk_map_index);
188 clib_warning ("no app %u worker %u", app->app_index, a->wrk_map_index);
192 return app_worker_stop_listen (app_wrk, al);
196 application_connect (vnet_connect_args_t * a)
198 app_worker_t *server_wrk, *client_wrk;
199 application_t *client;
207 if (session_endpoint_is_zero (&a->sep))
208 return VNET_API_ERROR_INVALID_VALUE;
210 client = application_get (a->app_index);
211 session_endpoint_update_for_app (&a->sep_ext, client, 1 /* is_connect */ );
212 client_wrk = application_get_worker (client, a->wrk_map_index);
215 * First check the local scope for locally attached destinations.
216 * If we have local scope, we pass *all* connects through it since we may
217 * have special policy rules even for non-local destinations, think proxy.
219 if (application_has_local_scope (client))
221 table_index = application_local_session_table (client);
222 lh = session_lookup_local_endpoint (table_index, &a->sep);
223 if (lh == SESSION_DROP_HANDLE)
224 return VNET_API_ERROR_APP_CONNECT_FILTERED;
226 if (lh == SESSION_INVALID_HANDLE)
229 ll = application_get_local_listener_w_handle (lh);
230 al = app_listener_get_w_session ((session_t *) ll);
233 * Break loop if rule in local table points to connecting app. This
234 * can happen if client is a generic proxy. Route connect through
235 * global table instead.
237 if (al->app_index == a->app_index)
240 server_wrk = app_listener_select_worker (al);
241 return app_worker_local_session_connect (client_wrk, server_wrk, ll,
246 * If nothing found, check the global scope for locally attached
247 * destinations. Make sure first that we're allowed to.
251 if (session_endpoint_is_local (&a->sep))
252 return VNET_API_ERROR_SESSION_CONNECT;
254 if (!application_has_global_scope (client))
255 return VNET_API_ERROR_APP_CONNECT_SCOPE;
257 fib_proto = session_endpoint_fib_proto (&a->sep);
258 table_index = application_session_table (client, fib_proto);
259 ls = session_lookup_listener (table_index, &a->sep);
262 al = app_listener_get_w_session (ls);
263 server_wrk = app_listener_select_worker (al);
264 ll = (local_session_t *) ls;
265 return app_worker_local_session_connect (client_wrk, server_wrk, ll,
270 * Not connecting to a local server, propagate to transport
272 if (app_worker_connect_session (client_wrk, &a->sep, a->api_context))
273 return VNET_API_ERROR_SESSION_CONNECT;
278 * unformat a vnet URI
280 * transport-proto://[hostname]ip46-addr:port
281 * eg. tcp://ip46-addr:port
282 * tls://[testtsl.fd.io]ip46-addr:port
284 * u8 ip46_address[16];
285 * u16 port_in_host_byte_order;
286 * stream_session_type_t sst;
289 * if (unformat (input, "%U", unformat_vnet_uri, &ip46_address,
290 * &sst, &port, &fifo_name))
295 unformat_vnet_uri (unformat_input_t * input, va_list * args)
297 session_endpoint_cfg_t *sep = va_arg (*args, session_endpoint_cfg_t *);
298 u32 transport_proto = 0, port;
300 if (unformat (input, "%U://%U/%d", unformat_transport_proto,
301 &transport_proto, unformat_ip4_address, &sep->ip.ip4, &port))
303 sep->transport_proto = transport_proto;
304 sep->port = clib_host_to_net_u16 (port);
308 else if (unformat (input, "%U://[%s]%U/%d", unformat_transport_proto,
309 &transport_proto, &sep->hostname, unformat_ip4_address,
310 &sep->ip.ip4, &port))
312 sep->transport_proto = transport_proto;
313 sep->port = clib_host_to_net_u16 (port);
317 else if (unformat (input, "%U://%U/%d", unformat_transport_proto,
318 &transport_proto, unformat_ip6_address, &sep->ip.ip6,
321 sep->transport_proto = transport_proto;
322 sep->port = clib_host_to_net_u16 (port);
326 else if (unformat (input, "%U://[%s]%U/%d", unformat_transport_proto,
327 &transport_proto, &sep->hostname, unformat_ip6_address,
328 &sep->ip.ip6, &port))
330 sep->transport_proto = transport_proto;
331 sep->port = clib_host_to_net_u16 (port);
338 static u8 *cache_uri;
339 static session_endpoint_cfg_t *cache_sep;
342 parse_uri (char *uri, session_endpoint_cfg_t * sep)
344 unformat_input_t _input, *input = &_input;
346 if (cache_uri && !strncmp (uri, (char *) cache_uri, vec_len (cache_uri)))
353 uri = (char *) format (0, "%s%c", uri, 0);
356 unformat_init_string (input, uri, strlen (uri));
357 if (!unformat (input, "%U", unformat_vnet_uri, sep))
359 unformat_free (input);
360 return VNET_API_ERROR_INVALID_VALUE;
362 unformat_free (input);
364 vec_free (cache_uri);
365 cache_uri = (u8 *) uri;
367 clib_mem_free (cache_sep);
368 cache_sep = clib_mem_alloc (sizeof (*sep));
375 app_validate_namespace (u8 * namespace_id, u64 secret, u32 * app_ns_index)
377 app_namespace_t *app_ns;
378 if (vec_len (namespace_id) == 0)
380 /* Use default namespace */
385 *app_ns_index = app_namespace_index_from_id (namespace_id);
386 if (*app_ns_index == APP_NAMESPACE_INVALID_INDEX)
387 return VNET_API_ERROR_APP_INVALID_NS;
388 app_ns = app_namespace_get (*app_ns_index);
390 return VNET_API_ERROR_APP_INVALID_NS;
391 if (app_ns->ns_secret != secret)
392 return VNET_API_ERROR_APP_WRONG_NS_SECRET;
397 app_name_from_api_index (u32 api_client_index)
399 vl_api_registration_t *regp;
400 regp = vl_api_client_index_to_registration (api_client_index);
402 return format (0, "%s%c", regp->name, 0);
404 clib_warning ("api client index %u does not have an api registration!",
406 return format (0, "unknown%c", 0);
410 * Attach application to vpp
412 * Allocates a vpp app, i.e., a structure that keeps back pointers
413 * to external app and a segment manager for shared memory fifo based
414 * communication with the external app.
417 vnet_application_attach (vnet_app_attach_args_t * a)
419 svm_fifo_segment_private_t *fs;
420 application_t *app = 0;
421 app_worker_t *app_wrk;
422 segment_manager_t *sm;
423 u32 app_ns_index = 0;
428 if (a->api_client_index != APP_INVALID_INDEX)
429 app = application_lookup (a->api_client_index);
431 app = application_lookup_name (a->name);
433 return clib_error_return_code (0, VNET_API_ERROR_INVALID_VALUE, 0,
434 "api index or name must be provided");
437 return clib_error_return_code (0, VNET_API_ERROR_APP_ALREADY_ATTACHED, 0,
438 "app already attached");
440 if (a->api_client_index != APP_INVALID_INDEX)
442 app_name = app_name_from_api_index (a->api_client_index);
446 secret = a->options[APP_OPTIONS_NAMESPACE_SECRET];
447 if ((rv = app_validate_namespace (a->namespace_id, secret, &app_ns_index)))
448 return clib_error_return_code (0, rv, 0, "namespace validation: %d", rv);
449 a->options[APP_OPTIONS_NAMESPACE] = app_ns_index;
451 if ((rv = application_alloc_and_init ((app_init_args_t *) a)))
452 return clib_error_return_code (0, rv, 0, "app init: %d", rv);
454 app = application_get (a->app_index);
455 if ((rv = application_alloc_worker_and_init (app, &app_wrk)))
456 return clib_error_return_code (0, rv, 0, "app default wrk init: %d", rv);
458 a->app_evt_q = app_wrk->event_queue;
459 app_wrk->api_client_index = a->api_client_index;
460 sm = segment_manager_get (app_wrk->first_segment_manager);
461 fs = segment_manager_get_segment_w_lock (sm, 0);
463 if (application_is_proxy (app))
464 application_setup_proxy (app);
466 ASSERT (vec_len (fs->ssvm.name) <= 128);
467 a->segment = &fs->ssvm;
468 a->segment_handle = segment_manager_segment_handle (sm, fs);
470 segment_manager_segment_reader_unlock (sm);
476 * Detach application from vpp
479 vnet_application_detach (vnet_app_detach_args_t * a)
483 app = application_get_if_valid (a->app_index);
486 clib_warning ("app not attached");
487 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
490 app_interface_check_thread_and_barrier (vnet_application_detach, a);
491 application_detach_process (app, a->api_client_index);
496 vnet_bind_uri (vnet_listen_args_t * a)
498 session_endpoint_cfg_t sep = SESSION_ENDPOINT_CFG_NULL;
501 rv = parse_uri (a->uri, &sep);
504 sep.app_wrk_index = 0;
505 clib_memcpy (&a->sep_ext, &sep, sizeof (sep));
506 return vnet_listen_inline (a);
510 vnet_unbind_uri (vnet_unbind_args_t * a)
512 session_endpoint_cfg_t sep = SESSION_ENDPOINT_CFG_NULL;
517 rv = parse_uri (a->uri, &sep);
521 /* NOTE: only default fib tables supported for uri apis */
522 table_index = session_lookup_get_index_for_fib (fib_ip_proto (!sep.is_ip4),
524 listener = session_lookup_listener (table_index,
525 (session_endpoint_t *) & sep);
527 return VNET_API_ERROR_ADDRESS_NOT_IN_USE;
528 a->handle = listen_session_get_handle (listener);
529 return vnet_unlisten_inline (a);
533 vnet_connect_uri (vnet_connect_args_t * a)
535 session_endpoint_cfg_t sep = SESSION_ENDPOINT_CFG_NULL;
539 rv = parse_uri (a->uri, &sep);
541 return clib_error_return_code (0, rv, 0, "app init: %d", rv);
543 clib_memcpy (&a->sep_ext, &sep, sizeof (sep));
544 if ((rv = application_connect (a)))
545 return clib_error_return_code (0, rv, 0, "connect failed");
550 vnet_disconnect_session (vnet_disconnect_args_t * a)
552 if (session_handle_is_local (a->handle))
556 /* Disconnect reply came to worker 1 not main thread */
557 app_interface_check_thread_and_barrier (vnet_disconnect_session, a);
559 if (!(ls = app_worker_get_local_session_from_handle (a->handle)))
562 return app_worker_local_session_disconnect (a->app_index, ls);
566 app_worker_t *app_wrk;
569 s = session_get_from_handle_if_valid (a->handle);
571 return VNET_API_ERROR_INVALID_VALUE;
572 app_wrk = app_worker_get (s->app_wrk_index);
573 if (app_wrk->app_index != a->app_index)
574 return VNET_API_ERROR_INVALID_VALUE;
576 /* We're peeking into another's thread pool. Make sure */
577 ASSERT (s->session_index == session_index_from_handle (a->handle));
585 vnet_listen (vnet_listen_args_t * a)
588 if ((rv = vnet_listen_inline (a)))
589 return clib_error_return_code (0, rv, 0, "bind failed: %d", rv);
594 vnet_unlisten (vnet_unbind_args_t * a)
597 if ((rv = vnet_unlisten_inline (a)))
598 return clib_error_return_code (0, rv, 0, "unbind failed: %d", rv);
603 vnet_connect (vnet_connect_args_t * a)
607 if ((rv = application_connect (a)))
608 return clib_error_return_code (0, rv, 0, "connect failed: %d", rv);
613 * fd.io coding-style-patch-verification: ON
616 * eval: (c-set-style "gnu")