X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvcl%2Fldp.c;h=19f3827bbcfe77ea7236fa63bba02a735b88017b;hb=ce17f46b8128d46e6168f45a0cd831e72a4d4bcb;hp=9e00d7e266842cb246cd94541f655b09b3f16282;hpb=d89411ef5f59b91101b0311a2dd41a3641985d1e;p=vpp.git diff --git a/src/vcl/ldp.c b/src/vcl/ldp.c index 9e00d7e2668..19f3827bbcf 100644 --- a/src/vcl/ldp.c +++ b/src/vcl/ldp.c @@ -80,6 +80,7 @@ typedef struct ldp_worker_ctx_ * Epoll state */ u8 epoll_wait_vcl; + u8 mq_epfd_added; int vcl_mq_epfd; } ldp_worker_ctx_t; @@ -99,6 +100,7 @@ typedef struct u32 vlsh_bit_val; u32 vlsh_bit_mask; u32 debug; + u8 transparent_tls; /** vcl needs next epoll_create to go to libc_epoll */ u8 vcl_needs_real_epoll; @@ -108,12 +110,17 @@ typedef struct #define LDBG(_lvl, _fmt, _args...) \ if (ldp->debug > _lvl) \ - clib_warning ("ldp<%d>: " _fmt, getpid(), ##_args) + { \ + int errno_saved = errno; \ + clib_warning ("ldp<%d>: " _fmt, getpid(), ##_args); \ + errno = errno_saved; \ + } static ldp_main_t ldp_main = { .vlsh_bit_val = (1 << LDP_SID_BIT_MIN), .vlsh_bit_mask = (1 << LDP_SID_BIT_MIN) - 1, .debug = LDP_DEBUG_INIT, + .transparent_tls = 0, }; static ldp_main_t *ldp = &ldp_main; @@ -130,11 +137,8 @@ ldp_worker_get_current (void) static inline void ldp_set_app_name (char *app_name) { - int rv = snprintf (ldp->app_name, LDP_APP_NAME_MAX, - "ldp-%d-%s", getpid (), app_name); - - if (rv >= LDP_APP_NAME_MAX) - app_name[LDP_APP_NAME_MAX - 1] = 0; + snprintf (ldp->app_name, LDP_APP_NAME_MAX, + "ldp-%d-%s", getpid (), app_name); } static inline char * @@ -268,6 +272,11 @@ ldp_init (void) return -1; } } + env_var_str = getenv (LDP_ENV_TLS_TRANS); + if (env_var_str) + { + ldp->transparent_tls = 1; + } /* *INDENT-OFF* */ pool_foreach (ldpw, ldp->workers, ({ @@ -372,24 +381,19 @@ readv (int fd, const struct iovec * iov, int iovcnt) vlsh = ldp_fd_to_vlsh (fd); if (vlsh != VLS_INVALID_HANDLE) { - do + for (i = 0; i < iovcnt; ++i) { - for (i = 0; i < iovcnt; ++i) + rv = vls_read (vlsh, iov[i].iov_base, iov[i].iov_len); + if (rv <= 0) + break; + else { - rv = vls_read (vlsh, iov[i].iov_base, iov[i].iov_len); - if (rv < 0) + total += rv; + if (rv < iov[i].iov_len) break; - else - { - total += rv; - if (rv < iov[i].iov_len) - break; - } } } - while ((rv >= 0) && (total == 0)); - - if (rv < 0) + if (rv < 0 && total == 0) { errno = -rv; size = -1; @@ -445,24 +449,20 @@ writev (int fd, const struct iovec * iov, int iovcnt) vlsh = ldp_fd_to_vlsh (fd); if (vlsh != VLS_INVALID_HANDLE) { - do + for (i = 0; i < iovcnt; ++i) { - for (i = 0; i < iovcnt; ++i) + rv = vls_write_msg (vlsh, iov[i].iov_base, iov[i].iov_len); + if (rv < 0) + break; + else { - rv = vls_write_msg (vlsh, iov[i].iov_base, iov[i].iov_len); - if (rv < 0) + total += rv; + if (rv < iov[i].iov_len) break; - else - { - total += rv; - if (rv < iov[i].iov_len) - break; - } } } - while ((rv >= 0) && (total == 0)); - if (rv < 0) + if (rv < 0 && total == 0) { errno = -rv; size = -1; @@ -527,7 +527,11 @@ fcntl (int fd, int cmd, ...) } else { +#ifdef HAVE_FCNTL64 + rv = libc_vfcntl64 (fd, cmd, ap); +#else rv = libc_vfcntl (fd, cmd, ap); +#endif } va_end (ap); @@ -535,6 +539,18 @@ fcntl (int fd, int cmd, ...) return rv; } +int +fcntl64 (int fd, int cmd, ...) +{ + va_list ap; + int rv; + + va_start (ap, cmd); + rv = fcntl (fd, cmd, ap); + va_end (ap); + return rv; +} + int ioctl (int fd, unsigned long int cmd, ...) { @@ -612,12 +628,13 @@ ldp_select_init_maps (fd_set * __restrict original, if (vlsh == VLS_INVALID_HANDLE) clib_bitmap_set_no_check (*libcb, fd, 1); else - clib_bitmap_set_no_check (*vclb, vlsh_to_session_index (vlsh), 1); + *vclb = clib_bitmap_set (*vclb, vlsh_to_session_index (vlsh), 1); })); /* *INDENT-ON* */ si_bits_set = clib_bitmap_last_set (*vclb) + 1; *si_bits = (si_bits_set > *si_bits) ? si_bits_set : *si_bits; + clib_bitmap_validate (*resultb, *si_bits); libc_bits_set = clib_bitmap_last_set (*libcb) + 1; *libc_bits = (libc_bits_set > *libc_bits) ? libc_bits_set : *libc_bits; @@ -636,6 +653,7 @@ ldp_select_vcl_map_to_libc (clib_bitmap_t * vclb, fd_set * __restrict libcb) /* *INDENT-OFF* */ clib_bitmap_foreach (si, vclb, ({ vlsh = vls_session_index_to_vlsh (si); + ASSERT (vlsh != VLS_INVALID_HANDLE); fd = ldp_vlsh_to_fd (vlsh); if (PREDICT_FALSE (fd < 0)) { @@ -748,15 +766,15 @@ ldp_pselect (int nfds, fd_set * __restrict readfds, { if (readfds) clib_memcpy_fast (ldpw->rd_bitmap, ldpw->si_rd_bitmap, - vec_len (ldpw->rd_bitmap) * + vec_len (ldpw->si_rd_bitmap) * sizeof (clib_bitmap_t)); if (writefds) clib_memcpy_fast (ldpw->wr_bitmap, ldpw->si_wr_bitmap, - vec_len (ldpw->wr_bitmap) * + vec_len (ldpw->si_wr_bitmap) * sizeof (clib_bitmap_t)); if (exceptfds) clib_memcpy_fast (ldpw->ex_bitmap, ldpw->si_ex_bitmap, - vec_len (ldpw->ex_bitmap) * + vec_len (ldpw->si_ex_bitmap) * sizeof (clib_bitmap_t)); rv = vls_select (si_bits, readfds ? ldpw->rd_bitmap : NULL, @@ -766,6 +784,7 @@ ldp_pselect (int nfds, fd_set * __restrict readfds, { errno = -rv; rv = -1; + goto done; } else if (rv > 0) { @@ -870,6 +889,71 @@ pselect (int nfds, fd_set * __restrict readfds, } #endif +/* If transparent TLS mode is turned on, then ldp will load key and cert. + */ +static int +load_tls_cert (vls_handle_t vlsh) +{ + char *env_var_str = getenv (LDP_ENV_TLS_CERT); + char inbuf[4096]; + char *tls_cert; + int cert_size; + FILE *fp; + + if (env_var_str) + { + fp = fopen (env_var_str, "r"); + if (fp == NULL) + { + LDBG (0, "ERROR: failed to open cert file %s \n", env_var_str); + return -1; + } + cert_size = fread (inbuf, sizeof (char), sizeof (inbuf), fp); + tls_cert = inbuf; + vppcom_session_tls_add_cert (vlsh_to_session_index (vlsh), tls_cert, + cert_size); + fclose (fp); + } + else + { + LDBG (0, "ERROR: failed to read LDP environment %s\n", + LDP_ENV_TLS_CERT); + return -1; + } + return 0; +} + +static int +load_tls_key (vls_handle_t vlsh) +{ + char *env_var_str = getenv (LDP_ENV_TLS_KEY); + char inbuf[4096]; + char *tls_key; + int key_size; + FILE *fp; + + if (env_var_str) + { + fp = fopen (env_var_str, "r"); + if (fp == NULL) + { + LDBG (0, "ERROR: failed to open key file %s \n", env_var_str); + return -1; + } + key_size = fread (inbuf, sizeof (char), sizeof (inbuf), fp); + tls_key = inbuf; + vppcom_session_tls_add_key (vlsh_to_session_index (vlsh), tls_key, + key_size); + fclose (fp); + } + else + { + LDBG (0, "ERROR: failed to read LDP environment %s\n", LDP_ENV_TLS_KEY); + return -1; + } + return 0; +} + int socket (int domain, int type, int protocol) { @@ -883,8 +967,14 @@ socket (int domain, int type, int protocol) if (((domain == AF_INET) || (domain == AF_INET6)) && ((sock_type == SOCK_STREAM) || (sock_type == SOCK_DGRAM))) { - u8 proto = ((sock_type == SOCK_DGRAM) ? - VPPCOM_PROTO_UDP : VPPCOM_PROTO_TCP); + u8 proto; + if (ldp->transparent_tls) + { + proto = VPPCOM_PROTO_TLS; + } + else + proto = ((sock_type == SOCK_DGRAM) ? + VPPCOM_PROTO_UDP : VPPCOM_PROTO_TCP); LDBG (0, "calling vls_create: proto %u (%s), is_nonblocking %u", proto, vppcom_proto_str (proto), is_nonblocking); @@ -897,6 +987,13 @@ socket (int domain, int type, int protocol) } else { + if (ldp->transparent_tls) + { + if (load_tls_cert (vlsh) < 0 || load_tls_key (vlsh) < 0) + { + return -1; + } + } rv = ldp_vlsh_to_fd (vlsh); } } @@ -1415,7 +1512,10 @@ recv (int fd, void *buf, size_t n, int flags) { size = vls_recvfrom (vlsh, buf, n, flags, NULL); if (size < 0) - errno = -size; + { + errno = -size; + size = -1; + } } else { @@ -1425,6 +1525,69 @@ recv (int fd, void *buf, size_t n, int flags) return size; } +static int +ldp_vls_sendo (vls_handle_t vlsh, const void *buf, size_t n, int flags, + __CONST_SOCKADDR_ARG addr, socklen_t addr_len) +{ + vppcom_endpt_t *ep = 0; + vppcom_endpt_t _ep; + + if (addr) + { + ep = &_ep; + switch (addr->sa_family) + { + case AF_INET: + ep->is_ip4 = VPPCOM_IS_IP4; + ep->ip = + (uint8_t *) & ((const struct sockaddr_in *) addr)->sin_addr; + ep->port = (uint16_t) ((const struct sockaddr_in *) addr)->sin_port; + break; + + case AF_INET6: + ep->is_ip4 = VPPCOM_IS_IP6; + ep->ip = + (uint8_t *) & ((const struct sockaddr_in6 *) addr)->sin6_addr; + ep->port = + (uint16_t) ((const struct sockaddr_in6 *) addr)->sin6_port; + break; + + default: + return EAFNOSUPPORT; + } + } + + return vls_sendto (vlsh, (void *) buf, n, flags, ep); +} + +static int +ldp_vls_recvfrom (vls_handle_t vlsh, void *__restrict buf, size_t n, + int flags, __SOCKADDR_ARG addr, + socklen_t * __restrict addr_len) +{ + u8 src_addr[sizeof (struct sockaddr_in6)]; + vppcom_endpt_t ep; + ssize_t size; + int rv; + + if (addr) + { + ep.ip = src_addr; + size = vls_recvfrom (vlsh, buf, n, flags, &ep); + + if (size > 0) + { + rv = ldp_copy_ep_to_sockaddr (addr, addr_len, &ep); + if (rv < 0) + size = rv; + } + } + else + size = vls_recvfrom (vlsh, buf, n, flags, NULL); + + return size; +} + ssize_t sendto (int fd, const void *buf, size_t n, int flags, __CONST_SOCKADDR_ARG addr, socklen_t addr_len) @@ -1438,38 +1601,7 @@ sendto (int fd, const void *buf, size_t n, int flags, vlsh = ldp_fd_to_vlsh (fd); if (vlsh != INVALID_SESSION_ID) { - vppcom_endpt_t *ep = 0; - vppcom_endpt_t _ep; - - if (addr) - { - ep = &_ep; - switch (addr->sa_family) - { - case AF_INET: - ep->is_ip4 = VPPCOM_IS_IP4; - ep->ip = - (uint8_t *) & ((const struct sockaddr_in *) addr)->sin_addr; - ep->port = - (uint16_t) ((const struct sockaddr_in *) addr)->sin_port; - break; - - case AF_INET6: - ep->is_ip4 = VPPCOM_IS_IP6; - ep->ip = - (uint8_t *) & ((const struct sockaddr_in6 *) addr)->sin6_addr; - ep->port = - (uint16_t) ((const struct sockaddr_in6 *) addr)->sin6_port; - break; - - default: - errno = EAFNOSUPPORT; - size = -1; - goto done; - } - } - - size = vls_sendto (vlsh, (void *) buf, n, flags, ep); + size = ldp_vls_sendo (vlsh, buf, n, flags, addr, addr_len); if (size < 0) { errno = -size; @@ -1481,7 +1613,6 @@ sendto (int fd, const void *buf, size_t n, int flags, size = libc_sendto (fd, buf, n, flags, addr, addr_len); } -done: return size; } @@ -1489,33 +1620,16 @@ ssize_t recvfrom (int fd, void *__restrict buf, size_t n, int flags, __SOCKADDR_ARG addr, socklen_t * __restrict addr_len) { - vls_handle_t sid; - ssize_t size, rv; + vls_handle_t vlsh; + ssize_t size; if ((errno = -ldp_init ())) return -1; - sid = ldp_fd_to_vlsh (fd); - if (sid != VLS_INVALID_HANDLE) + vlsh = ldp_fd_to_vlsh (fd); + if (vlsh != VLS_INVALID_HANDLE) { - vppcom_endpt_t ep; - u8 src_addr[sizeof (struct sockaddr_in6)]; - - if (addr) - { - ep.ip = src_addr; - size = vls_recvfrom (sid, buf, n, flags, &ep); - - if (size > 0) - { - rv = ldp_copy_ep_to_sockaddr (addr, addr_len, &ep); - if (rv < 0) - size = rv; - } - } - else - size = vls_recvfrom (sid, buf, n, flags, NULL); - + size = ldp_vls_recvfrom (vlsh, buf, n, flags, addr, addr_len); if (size < 0) { errno = -size; @@ -1531,7 +1645,7 @@ recvfrom (int fd, void *__restrict buf, size_t n, int flags, } ssize_t -sendmsg (int fd, const struct msghdr * message, int flags) +sendmsg (int fd, const struct msghdr * msg, int flags) { vls_handle_t vlsh; ssize_t size; @@ -1542,13 +1656,35 @@ sendmsg (int fd, const struct msghdr * message, int flags) vlsh = ldp_fd_to_vlsh (fd); if (vlsh != VLS_INVALID_HANDLE) { - LDBG (0, "LDP-TBD"); - errno = ENOSYS; - size = -1; + struct iovec *iov = msg->msg_iov; + ssize_t total = 0; + int i, rv; + + for (i = 0; i < msg->msg_iovlen; ++i) + { + rv = ldp_vls_sendo (vlsh, iov[i].iov_base, iov[i].iov_len, flags, + msg->msg_name, msg->msg_namelen); + if (rv < 0) + break; + else + { + total += rv; + if (rv < iov[i].iov_len) + break; + } + } + + if (rv < 0 && total == 0) + { + errno = -rv; + size = -1; + } + else + size = total; } else { - size = libc_sendmsg (fd, message, flags); + size = libc_sendmsg (fd, msg, flags); } return size; @@ -1603,7 +1739,7 @@ sendmmsg (int fd, struct mmsghdr *vmessages, unsigned int vlen, int flags) #endif ssize_t -recvmsg (int fd, struct msghdr * message, int flags) +recvmsg (int fd, struct msghdr * msg, int flags) { vls_handle_t vlsh; ssize_t size; @@ -1614,13 +1750,42 @@ recvmsg (int fd, struct msghdr * message, int flags) vlsh = ldp_fd_to_vlsh (fd); if (vlsh != VLS_INVALID_HANDLE) { - LDBG (0, "LDP-TBD"); - errno = ENOSYS; - size = -1; + struct iovec *iov = msg->msg_iov; + ssize_t max_deq, total = 0; + int i, rv; + + max_deq = vls_attr (vlsh, VPPCOM_ATTR_GET_NREAD, 0, 0); + if (!max_deq) + return 0; + + for (i = 0; i < msg->msg_iovlen; i++) + { + rv = ldp_vls_recvfrom (vlsh, iov[i].iov_base, iov[i].iov_len, flags, + (i == 0 ? msg->msg_name : NULL), + (i == 0 ? &msg->msg_namelen : NULL)); + if (rv <= 0) + break; + else + { + total += rv; + if (rv < iov[i].iov_len) + break; + } + if (total >= max_deq) + break; + } + + if (rv < 0 && total == 0) + { + errno = -rv; + size = -1; + } + else + size = total; } else { - size = libc_recvmsg (fd, message, flags); + size = libc_recvmsg (fd, msg, flags); } return size; @@ -1724,8 +1889,8 @@ getsockopt (int fd, int level, int optname, rv = -EFAULT; break; case TCP_CONGESTION: - strcpy (optval, "cubic"); *optlen = strlen ("cubic"); + strncpy (optval, "cubic", *optlen + 1); rv = 0; break; default: @@ -1837,6 +2002,7 @@ setsockopt (int fd, int level, int optname, (void *) optval, &optlen); break; case TCP_CONGESTION: + case TCP_CORK: /* Ignore */ rv = 0; break; @@ -2244,17 +2410,132 @@ done: return rv; } +static inline int +ldp_epoll_pwait_eventfd (int epfd, struct epoll_event *events, + int maxevents, int timeout, const sigset_t * sigmask) +{ + ldp_worker_ctx_t *ldpw = ldp_worker_get_current (); + int libc_epfd, rv = 0, num_ev; + vls_handle_t ep_vlsh; + + if ((errno = -ldp_init ())) + return -1; + + if (PREDICT_FALSE (!events || (timeout < -1))) + { + errno = EFAULT; + return -1; + } + + if (epfd == ldpw->vcl_mq_epfd) + return libc_epoll_pwait (epfd, events, maxevents, timeout, sigmask); + + ep_vlsh = ldp_fd_to_vlsh (epfd); + if (PREDICT_FALSE (ep_vlsh == VLS_INVALID_HANDLE)) + { + LDBG (0, "epfd %d: bad ep_vlsh %d!", epfd, ep_vlsh); + errno = EBADFD; + return -1; + } + + libc_epfd = vls_attr (ep_vlsh, VPPCOM_ATTR_GET_LIBC_EPFD, 0, 0); + if (PREDICT_FALSE (!libc_epfd)) + { + u32 size = sizeof (epfd); + + LDBG (1, "epfd %d, vep_vlsh %d calling libc_epoll_create1: " + "EPOLL_CLOEXEC", epfd, ep_vlsh); + libc_epfd = libc_epoll_create1 (EPOLL_CLOEXEC); + if (libc_epfd < 0) + { + rv = libc_epfd; + goto done; + } + + rv = vls_attr (ep_vlsh, VPPCOM_ATTR_SET_LIBC_EPFD, &libc_epfd, &size); + if (rv < 0) + { + errno = -rv; + rv = -1; + goto done; + } + } + if (PREDICT_FALSE (libc_epfd <= 0)) + { + errno = -libc_epfd; + rv = -1; + goto done; + } + + if (PREDICT_FALSE (!ldpw->mq_epfd_added)) + { + struct epoll_event e = { 0 }; + e.events = EPOLLIN; + e.data.fd = ldpw->vcl_mq_epfd; + if (libc_epoll_ctl (libc_epfd, EPOLL_CTL_ADD, ldpw->vcl_mq_epfd, &e) < + 0) + { + LDBG (0, "epfd %d, add libc mq epoll fd %d to libc epoll fd %d", + epfd, ldpw->vcl_mq_epfd, libc_epfd); + rv = -1; + goto done; + } + ldpw->mq_epfd_added = 1; + } + + rv = vls_epoll_wait (ep_vlsh, events, maxevents, 0); + if (rv > 0) + goto done; + else if (rv < 0) + { + errno = -rv; + rv = -1; + goto done; + } + + rv = libc_epoll_pwait (libc_epfd, events, maxevents, timeout, sigmask); + if (rv <= 0) + goto done; + for (int i = 0; i < rv; i++) + { + if (events[i].data.fd == ldpw->vcl_mq_epfd) + { + /* We should remove mq epoll fd from events. */ + rv--; + if (i != rv) + { + events[i].events = events[rv].events; + events[i].data.u64 = events[rv].data.u64; + } + num_ev = vls_epoll_wait (ep_vlsh, &events[rv], maxevents - rv, 0); + if (PREDICT_TRUE (num_ev > 0)) + rv += num_ev; + break; + } + } + +done: + return rv; +} + int epoll_pwait (int epfd, struct epoll_event *events, int maxevents, int timeout, const sigset_t * sigmask) { - return ldp_epoll_pwait (epfd, events, maxevents, timeout, sigmask); + if (vls_use_eventfd ()) + return ldp_epoll_pwait_eventfd (epfd, events, maxevents, timeout, + sigmask); + else + return ldp_epoll_pwait (epfd, events, maxevents, timeout, sigmask); } int epoll_wait (int epfd, struct epoll_event *events, int maxevents, int timeout) { - return ldp_epoll_pwait (epfd, events, maxevents, timeout, NULL); + if (vls_use_eventfd ()) + return ldp_epoll_pwait_eventfd (epfd, events, maxevents, timeout, NULL); + else + return ldp_epoll_pwait (epfd, events, maxevents, timeout, NULL); } int