+ if (is_local || fib_proto == FIB_PROTOCOL_IP4)
+ {
+ u8 *tag = 0;
+ /* *INDENT-OFF* */
+ srt16 = &srt->session_rules_tables_16;
+ pool_foreach (rule16, srt16->rules) {
+ ri = mma_rules_table_rule_index_16 (srt16, rule16);
+ tag = session_rules_table_rule_tag (srt, ri, 1);
+ send_session_rule_details4 (rule16, is_local, tp, appns_index, tag,
+ reg, context);
+ }
+ /* *INDENT-ON* */
+ }
+ if (is_local || fib_proto == FIB_PROTOCOL_IP6)
+ {
+ u8 *tag = 0;
+ /* *INDENT-OFF* */
+ srt40 = &srt->session_rules_tables_40;
+ pool_foreach (rule40, srt40->rules) {
+ ri = mma_rules_table_rule_index_40 (srt40, rule40);
+ tag = session_rules_table_rule_tag (srt, ri, 1);
+ send_session_rule_details6 (rule40, is_local, tp, appns_index, tag,
+ reg, context);
+ }
+ /* *INDENT-ON* */
+ }
+}
+
+static void
+vl_api_session_rules_dump_t_handler (vl_api_session_rules_dump_t * mp)
+{
+ vl_api_registration_t *reg;
+ session_table_t *st;
+ u8 tp;
+
+ reg = vl_api_client_index_to_registration (mp->client_index);
+ if (!reg)
+ return;
+
+ /* *INDENT-OFF* */
+ session_table_foreach (st, ({
+ for (tp = 0; tp < TRANSPORT_N_PROTOS; tp++)
+ {
+ send_session_rules_table_details (&st->session_rules[tp],
+ st->active_fib_proto, tp,
+ st->is_local, st->appns_index, reg,
+ mp->context);
+ }
+ }));
+ /* *INDENT-ON* */
+}
+
+static void
+vl_api_app_add_cert_key_pair_t_handler (vl_api_app_add_cert_key_pair_t * mp)
+{
+ vl_api_app_add_cert_key_pair_reply_t *rmp;
+ vnet_app_add_cert_key_pair_args_t _a, *a = &_a;
+ u32 certkey_len, key_len, cert_len;
+ int rv = 0;
+ if (session_main_is_enabled () == 0)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto done;
+ }
+
+ cert_len = clib_net_to_host_u16 (mp->cert_len);
+ if (cert_len > 10000)
+ {
+ rv = VNET_API_ERROR_INVALID_VALUE;
+ goto done;
+ }
+
+ certkey_len = clib_net_to_host_u16 (mp->certkey_len);
+ if (certkey_len < cert_len)
+ {
+ rv = VNET_API_ERROR_INVALID_VALUE;
+ goto done;
+ }
+
+ key_len = certkey_len - cert_len;
+ if (key_len > 10000)
+ {
+ rv = VNET_API_ERROR_INVALID_VALUE;
+ goto done;
+ }
+
+ clib_memset (a, 0, sizeof (*a));
+ a->cert = mp->certkey;
+ a->key = mp->certkey + cert_len;
+ a->cert_len = cert_len;
+ a->key_len = key_len;
+ rv = vnet_app_add_cert_key_pair (a);
+
+done:
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_APP_ADD_CERT_KEY_PAIR_REPLY, ({
+ if (!rv)
+ rmp->index = clib_host_to_net_u32 (a->index);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void
+vl_api_app_del_cert_key_pair_t_handler (vl_api_app_del_cert_key_pair_t * mp)
+{
+ vl_api_app_del_cert_key_pair_reply_t *rmp;
+ u32 ckpair_index;
+ int rv = 0;
+ if (session_main_is_enabled () == 0)
+ {
+ rv = VNET_API_ERROR_FEATURE_DISABLED;
+ goto done;
+ }
+ ckpair_index = clib_net_to_host_u32 (mp->index);
+ rv = vnet_app_del_cert_key_pair (ckpair_index);
+
+done:
+ REPLY_MACRO (VL_API_APP_DEL_CERT_KEY_PAIR_REPLY);
+}
+
+static clib_error_t *
+application_reaper_cb (u32 client_index)
+{
+ application_t *app = application_lookup (client_index);
+ vnet_app_detach_args_t _a, *a = &_a;
+ if (app)
+ {
+ a->app_index = app->app_index;
+ a->api_client_index = client_index;
+ vnet_application_detach (a);
+ }
+ return 0;
+}
+
+VL_MSG_API_REAPER_FUNCTION (application_reaper_cb);
+
+/*
+ * Socket api functions
+ */
+
+static int
+mq_send_add_segment_sapi_cb (u32 app_wrk_index, u64 segment_handle)
+{
+ session_app_add_segment_msg_t m = { 0 };
+ app_worker_t *app_wrk;
+ fifo_segment_t *fs;
+ ssvm_private_t *sp;
+ u8 fd_flags = 0;
+
+ app_wrk = app_worker_get (app_wrk_index);
+
+ fs = segment_manager_get_segment_w_handle (segment_handle);
+ sp = &fs->ssvm;
+ ASSERT (ssvm_type (sp) == SSVM_SEGMENT_MEMFD);
+
+ fd_flags |= SESSION_FD_F_MEMFD_SEGMENT;
+
+ m.segment_size = sp->ssvm_size;
+ m.fd_flags = fd_flags;
+ m.segment_handle = segment_handle;
+ strncpy ((char *) m.segment_name, (char *) sp->name,
+ sizeof (m.segment_name) - 1);
+
+ app_wrk_send_ctrl_evt_fd (app_wrk, SESSION_CTRL_EVT_APP_ADD_SEGMENT, &m,
+ sizeof (m), sp->fd);
+
+ return 0;
+}
+
+static int
+mq_send_del_segment_sapi_cb (u32 app_wrk_index, u64 segment_handle)
+{
+ session_app_del_segment_msg_t m = { 0 };
+ app_worker_t *app_wrk;
+
+ app_wrk = app_worker_get (app_wrk_index);
+
+ m.segment_handle = segment_handle;
+
+ app_wrk_send_ctrl_evt (app_wrk, SESSION_CTRL_EVT_APP_DEL_SEGMENT, &m,
+ sizeof (m));
+
+ return 0;
+}
+
+static session_cb_vft_t session_mq_sapi_cb_vft = {
+ .session_accept_callback = mq_send_session_accepted_cb,
+ .session_disconnect_callback = mq_send_session_disconnected_cb,
+ .session_connected_callback = mq_send_session_connected_cb,
+ .session_reset_callback = mq_send_session_reset_cb,
+ .session_migrate_callback = mq_send_session_migrate_cb,
+ .session_cleanup_callback = mq_send_session_cleanup_cb,
+ .add_segment_callback = mq_send_add_segment_sapi_cb,
+ .del_segment_callback = mq_send_del_segment_sapi_cb,
+};
+
+static void
+session_api_attach_handler (app_namespace_t * app_ns, clib_socket_t * cs,
+ app_sapi_attach_msg_t * mp)
+{
+ int rv = 0, *fds = 0, n_fds = 0, i, n_workers;
+ vnet_app_attach_args_t _a, *a = &_a;
+ app_sapi_attach_reply_msg_t *rmp;
+ u8 fd_flags = 0, ctrl_thread;
+ app_ns_api_handle_t *handle;
+ fifo_segment_t *rx_mqs_seg;
+ app_sapi_msg_t msg = { 0 };
+ app_worker_t *app_wrk;
+ application_t *app;
+ svm_msg_q_t *rx_mq;
+
+ /* Make sure name is null terminated */
+ mp->name[63] = 0;
+
+ clib_memset (a, 0, sizeof (*a));
+ a->api_client_index = appns_sapi_socket_handle (app_ns, cs);
+ a->name = format (0, "%s", (char *) mp->name);
+ a->options = mp->options;
+ a->session_cb_vft = &session_mq_sapi_cb_vft;
+ a->use_sock_api = 1;
+ a->options[APP_OPTIONS_NAMESPACE] = app_namespace_index (app_ns);
+
+ if ((rv = vnet_application_attach (a)))
+ {
+ clib_warning ("attach returned: %d", rv);
+ goto done;
+ }
+
+ n_workers = vlib_num_workers ();
+ vec_validate (fds, 3 /* segs + tx evtfd */ + n_workers);
+
+ /* Send event queues segment */
+ app = application_get (a->app_index);
+ rx_mqs_seg = application_get_rx_mqs_segment (app);
+
+ fd_flags |= SESSION_FD_F_VPP_MQ_SEGMENT;
+ fds[n_fds] = rx_mqs_seg->ssvm.fd;
+ n_fds += 1;
+
+ /* Send fifo segment fd if needed */
+ if (ssvm_type (a->segment) == SSVM_SEGMENT_MEMFD)
+ {
+ fd_flags |= SESSION_FD_F_MEMFD_SEGMENT;
+ fds[n_fds] = a->segment->fd;
+ n_fds += 1;
+ }
+ if (a->options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_EVT_MQ_USE_EVENTFD)
+ {
+ fd_flags |= SESSION_FD_F_MQ_EVENTFD;
+ fds[n_fds] = svm_msg_q_get_eventfd (a->app_evt_q);
+ n_fds += 1;
+ }
+
+ if (application_use_private_rx_mqs ())