*/
#include <sys/socket.h>
+#include <sys/syscall.h>
+
+#include <openssl/rand.h>
#include <vnet/session/application.h>
#include <vnet/session/transport.h>
quic_main_t *qm = &quic_main;
quic_ctx_t *ctx;
- pool_get (qm->ctx_pool[thread_index], ctx);
+ pool_get_aligned_safe (qm->ctx_pool[thread_index], ctx,
+ CLIB_CACHE_LINE_BYTES);
clib_memset (ctx, 0, sizeof (quic_ctx_t));
ctx->c_thread_index = thread_index;
clib_bihash_kv_16_8_t kv;
quicly_conn_t *conn;
+ if (ctx->conn == NULL)
+ {
+ QUIC_DBG (2, "Skipping redundant delete of connection %u",
+ ctx->c_c_index);
+ return;
+ }
QUIC_DBG (2, "Deleting connection %u", ctx->c_c_index);
QUIC_ASSERT (!quic_ctx_is_stream (ctx));
quic_disconnect_transport (ctx);
- if (ctx->conn)
- quicly_free (ctx->conn);
+ if (conn)
+ quicly_free (conn);
session_transport_delete_notify (&ctx->connection);
}
hdr.is_ip4 = tc->is_ip4;
clib_memcpy (&hdr.lcl_ip, &tc->lcl_ip, sizeof (ip46_address_t));
hdr.lcl_port = tc->lcl_port;
+ hdr.gso_size = 0;
/* Read dest address from quicly-provided sockaddr */
if (hdr.is_ip4)
quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
quic_ctx_t *sctx = quic_ctx_get (stream_data->ctx_id,
stream_data->thread_index);
- session_t *stream_session = session_get (sctx->c_s_index,
- sctx->c_thread_index);
QUIC_DBG (2, "DESTROYED_STREAM: session 0x%lx (%U)",
session_handle (stream_session), quic_format_err, err);
- stream_session->session_state = SESSION_STATE_CLOSED;
+ session_transport_closing_notify (&sctx->connection);
session_transport_delete_notify (&sctx->connection);
quic_increment_counter (QUIC_ERROR_CLOSED_STREAM, 1);
size_t len)
{
QUIC_DBG (3, "received data: %lu bytes, offset %lu", len, off);
- u32 max_enq, rlen, rv;
+ u32 max_enq;
quic_ctx_t *sctx;
session_t *stream_session;
app_worker_t *app_wrk;
svm_fifo_t *f;
quic_stream_data_t *stream_data;
+ int rlen;
if (!len)
return;
{
/* Streams live on the same thread so (f, stream_data) should stay consistent */
rlen = svm_fifo_enqueue (f, len, (u8 *) src);
+ if (PREDICT_FALSE (rlen < 0))
+ {
+ /*
+ * drop, fifo full
+ * drop, fifo grow
+ */
+ return;
+ }
QUIC_DBG (3, "Session [idx %u, app_wrk %u, ti %u, rx-fifo 0x%llx]: "
"Enqueuing %u (rlen %u) at off %u in %u space, ",
stream_session->session_index,
app_wrk = app_worker_get_if_valid (stream_session->app_wrk_index);
if (PREDICT_TRUE (app_wrk != 0))
{
- rv = app_worker_lock_and_send_event (app_wrk, stream_session,
- SESSION_IO_EVT_RX);
- if (rv)
- QUIC_ERR ("Failed to ping app for RX");
+ app_worker_rx_notify (app_wrk, stream_session);
}
quic_ack_rx_data (stream_session);
}
rlen = svm_fifo_enqueue_with_offset (f,
off - stream_data->app_rx_data_len,
len, (u8 *) src);
+ if (PREDICT_FALSE (rlen < 0))
+ {
+ /*
+ * drop, fifo full
+ * drop, fifo grow
+ */
+ return;
+ }
QUIC_ASSERT (rlen == 0);
}
return;
sctx->stream = stream;
sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
sctx->flags |= QUIC_F_IS_STREAM;
+ sctx->crypto_context_index = qctx->crypto_context_index;
if (quicly_stream_is_unidirectional (stream->stream_id))
stream_session->flags |= SESSION_F_UNIDIRECTIONAL;
stream_session->session_type =
session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, qctx->udp_is_ip4);
quic_session = session_get (qctx->c_s_index, qctx->c_thread_index);
+ /* Make sure quic session is in listening state */
+ quic_session->session_state = SESSION_STATE_LISTENING;
stream_session->listener_handle = listen_session_get_handle (quic_session);
app_wrk = app_worker_get (stream_session->app_wrk_index);
SVM_FIFO_WANT_DEQ_NOTIF_IF_FULL |
SVM_FIFO_WANT_DEQ_NOTIF_IF_EMPTY);
+ stream_session->session_state = SESSION_STATE_ACCEPTING;
if ((rv = app_worker_accept_notify (app_wrk, stream_session)))
{
QUIC_ERR ("failed to notify accept worker app");
quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
if (svm_fifo_set_event (quic_session->tx_fifo))
{
- rv = session_send_io_evt_to_thread_custom (quic_session,
- quic_session->thread_index,
- SESSION_IO_EVT_BUILTIN_TX);
+ rv = session_send_io_evt_to_thread_custom (
+ quic_session, quic_session->thread_index, SESSION_IO_EVT_TX);
if (PREDICT_FALSE (rv))
QUIC_ERR ("Failed to enqueue builtin_tx %d", rv);
}
}
}
- tw = &quic_main.wrk_ctx[vlib_get_thread_index ()].timer_wheel;
+ ASSERT (vlib_get_thread_index () == ctx->c_thread_index ||
+ vlib_get_thread_index () == 0);
+ tw = &quic_main.wrk_ctx[ctx->c_thread_index].timer_wheel;
QUIC_DBG (4, "Timer set to %ld (int %ld) for ctx %u", next_timeout,
next_interval, ctx->c_c_index);
quic_increment_counter (QUIC_ERROR_OPENED_STREAM, 1);
sctx->stream = stream;
+ sctx->crypto_context_index = qctx->crypto_context_index;
QUIC_DBG (2, "Opened stream %d, creating session", stream->stream_id);
stream_data->app_rx_data_len = 0;
stream_data->app_tx_data_len = 0;
stream_session->session_state = SESSION_STATE_READY;
+ stream_session->opaque = sep->opaque;
/* For now we only reset streams. Cleanup will be triggered by timers */
if ((rv = app_worker_init_connected (app_wrk, stream_session)))
return SESSION_E_NOEXTCFG;
/* Use pool on thread 1 if we have workers because of UDP */
- thread_index = vlib_num_workers () ? 1 : 0;
+ thread_index = transport_cl_thread ();
ccfg = &sep->ext_cfg->crypto;
clib_memset (cargs, 0, sizeof (*cargs));
}
static u32
-quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
+quic_start_listen (u32 quic_listen_session_index,
+ transport_endpoint_cfg_t *tep)
{
vnet_listen_args_t _bargs, *args = &_bargs;
transport_endpt_crypto_cfg_t *ccfg;
if (!ctx)
return s;
- str = format (str, "[#%d][Q] ", ctx->c_thread_index);
+ str = format (str, "[%d:%d][Q] ", ctx->c_thread_index, ctx->c_s_index);
if (quic_ctx_is_listener (ctx))
str = format (str, "Listener, UDP %ld", ctx->udp_session_handle);
quic_proto_on_close (ctx_id, thread_index);
return;
}
-
- /* If the app opens a stream in its callback it may invalidate ctx */
- ctx = quic_ctx_get (ctx_id, thread_index);
- /*
- * app_worker_connect_notify() might have reallocated pool, reload
- * quic_session pointer
- */
- quic_session = session_get (ctx->c_s_index, thread_index);
- quic_session->session_state = SESSION_STATE_LISTENING;
}
static void
return 0;
}
- ctx->c_thread_index = thread_index;
- ctx->c_c_index = ctx_index;
-
QUIC_DBG (2, "New ctx [%u]%x", thread_index, (ctx) ? ctx_index : ~0);
ctx->udp_session_handle = session_handle (udp_session);
ctx->ckpair_index = lctx->ckpair_index;
quic_acquire_crypto_context (ctx);
udp_session->opaque = ctx_index;
+ udp_session->session_state = SESSION_STATE_READY;
/* TODO timeout to delete these if they never connect */
return 0;
quic_session = session_alloc (ctx->c_thread_index);
QUIC_DBG (2, "Allocated quic_session, 0x%lx ctx %u",
session_handle (quic_session), ctx->c_c_index);
- quic_session->session_state = SESSION_STATE_LISTENING;
ctx->c_s_index = quic_session->session_index;
lctx = quic_ctx_get (ctx->listener_ctx_id, 0);
}
app_wrk = app_worker_get (quic_session->app_wrk_index);
+ quic_session->session_state = SESSION_STATE_ACCEPTING;
if ((rv = app_worker_accept_notify (app_wrk, quic_session)))
{
QUIC_ERR ("failed to notify accept worker app");
u64 options[APP_OPTIONS_N_OPTIONS];
quic_main_t *qm = &quic_main;
u32 num_threads, i;
+ u8 seed[32];
+
+ if (syscall (SYS_getrandom, &seed, sizeof (seed), 0) != sizeof (seed))
+ return clib_error_return_unix (0, "getrandom() failed");
+ RAND_seed (seed, sizeof (seed));
num_threads = 1 /* main thread */ + vtm->n_threads;
transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
FIB_PROTOCOL_IP6, ~0);
+ quic_load_openssl3_legacy_provider ();
clib_bitmap_alloc (qm->available_crypto_engines,
app_crypto_engine_n_types ());
quic_register_cipher_suite (CRYPTO_ENGINE_PICOTLS,
qm->vnet_crypto_enabled = 1;
if (qm->vnet_crypto_enabled == 1)
{
+ u8 empty_key[32] = {};
quic_register_cipher_suite (CRYPTO_ENGINE_VPP,
quic_crypto_cipher_suites);
qm->default_crypto_engine = CRYPTO_ENGINE_VPP;
+ vec_validate (qm->per_thread_crypto_key_indices, num_threads);
+ for (i = 0; i < num_threads; i++)
+ {
+ qm->per_thread_crypto_key_indices[i] = vnet_crypto_key_add (
+ vm, VNET_CRYPTO_ALG_AES_256_CTR, empty_key, 32);
+ }
}
qm->max_packets_per_key = DEFAULT_MAX_PACKETS_PER_KEY;
- clib_rwlock_init (&qm->crypto_keys_quic_rw_lock);
-
qm->default_quic_cc = QUIC_CC_RENO;
vec_free (a->name);
u32 code, i;
u64 c, sum = 0;
- int index = 0;
vm = vlib_get_main ();
em = &vm->error_main;
if (i < vec_len (em->counters_last_clear))
c -= em->counters_last_clear[i];
sum += c;
- index++;
}
return sum;
}
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
- if (unformat (input, "fifo-size %U", unformat_memory_size, &tmp))
+ if (unformat (line_input, "fifo-size %U", unformat_memory_size, &tmp))
{
if (tmp >= 0x100000000ULL)
{
}
qm->udp_fifo_size = tmp;
}
- else if (unformat (input, "conn-timeout %u", &i))
+ else if (unformat (line_input, "conn-timeout %u", &i))
qm->connection_timeout = i;
- else if (unformat (input, "fifo-prealloc %u", &i))
+ else if (unformat (line_input, "fifo-prealloc %u", &i))
qm->udp_fifo_prealloc = i;
else
{