X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fsession%2Fsession_api.c;h=2121d2075e6aaef3e07b437bed244633cbdaf02a;hb=7b3a3df26;hp=5910cd366fb06626d3257f244df0d89a3d03ccf1;hpb=41d5f541d37dc564565b3b29eb370b65bb5a9036;p=vpp.git diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c index 5910cd366fb..2121d2075e6 100644 --- a/src/vnet/session/session_api.c +++ b/src/vnet/session/session_api.c @@ -21,38 +21,15 @@ #include #include #include - #include -#include - -#define vl_typedefs /* define message structures */ -#include -#undef vl_typedefs - -#define vl_endianfun /* define message structures */ -#include -#undef vl_endianfun - -/* instantiate all the print functions we know about */ -#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) -#define vl_printfun -#include -#undef vl_printfun +#include +#include +#include +#define REPLY_MSG_ID_BASE session_main.msg_id_base #include -#define foreach_session_api_msg \ -_(APP_ATTACH, app_attach) \ -_(APPLICATION_DETACH, application_detach) \ -_(SESSION_ENABLE_DISABLE, session_enable_disable) \ -_(APP_NAMESPACE_ADD_DEL, app_namespace_add_del) \ -_(SESSION_RULE_ADD_DEL, session_rule_add_del) \ -_(SESSION_RULES_DUMP, session_rules_dump) \ -_(APP_ADD_CERT_KEY_PAIR, app_add_cert_key_pair) \ -_(APP_DEL_CERT_KEY_PAIR, app_del_cert_key_pair) \ -_(APP_WORKER_ADD_DEL, app_worker_add_del) \ - static transport_proto_t api_session_transport_proto_decode (const vl_api_transport_proto_t * api_tp) { @@ -116,6 +93,12 @@ mq_try_lock_and_alloc_msg (svm_msg_q_t * app_mq, svm_msg_q_msg_t * msg) SVM_Q_NOWAIT, msg); if (!rv) return 0; + /* + * Break the loop if mq is full, usually this is because the + * app has crashed or is hanging on somewhere. + */ + if (rv != -1) + break; try++; usleep (1); } @@ -163,6 +146,7 @@ mq_send_session_accepted_cb (session_t * s) m.handle = session_handle (s); session_get_endpoint (s, &m.rmt, 0 /* is_lcl */); + session_get_endpoint (s, &m.lcl, 1 /* is_lcl */); } else { @@ -173,6 +157,7 @@ mq_send_session_accepted_cb (session_t * s) m.listener_handle = app_listen_session_handle (listener); m.rmt.is_ip4 = session_type_is_ip4 (listener->session_type); m.rmt.port = ct->c_rmt_port; + m.lcl.port = ct->c_lcl_port; m.handle = session_handle (s); m.vpp_event_queue_address = fifo_segment_msg_q_offset (eq_seg, s->thread_index); @@ -303,6 +288,7 @@ mq_send_session_connected_cb (u32 app_wrk_index, u32 api_context, m.server_rx_fifo = fifo_segment_fifo_offset (s->rx_fifo); m.server_tx_fifo = fifo_segment_fifo_offset (s->tx_fifo); m.segment_handle = session_segment_handle (s); + m.mq_index = s->thread_index; } else { @@ -322,8 +308,14 @@ mq_send_session_connected_cb (u32 app_wrk_index, u32 api_context, m.ct_rx_fifo = fifo_segment_fifo_offset (ss->tx_fifo); m.ct_tx_fifo = fifo_segment_fifo_offset (ss->rx_fifo); m.ct_segment_handle = session_segment_handle (ss); + m.mq_index = s->thread_index; } + /* Setup client session index in advance, in case data arrives + * before the app processes message and updates it */ + s->rx_fifo->shr->client_session_index = api_context; + s->tx_fifo->shr->client_session_index = api_context; + snd_msg: app_mq = app_wrk->event_queue; @@ -377,6 +369,7 @@ mq_send_session_bound_cb (u32 app_wrk_index, u32 api_context, app = application_get (app_wrk->app_index); eq_seg = application_get_rx_mqs_segment (app); m.vpp_evt_q = fifo_segment_msg_q_offset (eq_seg, ls->thread_index); + m.mq_index = ls->thread_index; if (session_transport_service_type (ls) == TRANSPORT_SERVICE_CL && ls->rx_fifo) @@ -608,6 +601,17 @@ vl_api_session_enable_disable_t_handler (vl_api_session_enable_disable_t * mp) REPLY_MACRO (VL_API_SESSION_ENABLE_DISABLE_REPLY); } +static void +vl_api_session_sapi_enable_disable_t_handler ( + vl_api_session_sapi_enable_disable_t *mp) +{ + vl_api_session_sapi_enable_disable_reply_t *rmp; + int rv = 0; + + rv = appns_sapi_enable_disable (mp->is_enable); + REPLY_MACRO (VL_API_SESSION_SAPI_ENABLE_DISABLE_REPLY); +} + static void vl_api_app_attach_t_handler (vl_api_app_attach_t * mp) { @@ -841,6 +845,8 @@ vl_api_app_namespace_add_del_t_handler (vl_api_app_namespace_add_del_t * mp) vnet_app_namespace_add_del_args_t args = { .ns_id = ns_id, + .netns = 0, + .sock_name = 0, .secret = clib_net_to_host_u64 (mp->secret), .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), @@ -868,6 +874,104 @@ done: /* *INDENT-ON* */ } +static void +vl_api_app_namespace_add_del_v2_t_handler ( + vl_api_app_namespace_add_del_v2_t *mp) +{ + vl_api_app_namespace_add_del_v2_reply_t *rmp; + u8 *ns_id = 0, *netns = 0; + u32 appns_index = 0; + int rv = 0; + + if (session_main_is_enabled () == 0) + { + rv = VNET_API_ERROR_FEATURE_DISABLED; + goto done; + } + + mp->namespace_id[sizeof (mp->namespace_id) - 1] = 0; + mp->netns[sizeof (mp->netns) - 1] = 0; + ns_id = format (0, "%s", &mp->namespace_id); + netns = format (0, "%s", &mp->netns); + + vnet_app_namespace_add_del_args_t args = { + .ns_id = ns_id, + .netns = netns, + .sock_name = 0, + .secret = clib_net_to_host_u64 (mp->secret), + .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), + .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), + .ip6_fib_id = clib_net_to_host_u32 (mp->ip6_fib_id), + .is_add = 1 + }; + rv = vnet_app_namespace_add_del (&args); + if (!rv) + { + appns_index = app_namespace_index_from_id (ns_id); + if (appns_index == APP_NAMESPACE_INVALID_INDEX) + { + clib_warning ("app ns lookup failed id:%s", ns_id); + rv = VNET_API_ERROR_UNSPECIFIED; + } + } + vec_free (ns_id); + vec_free (netns); + +done: + REPLY_MACRO2 (VL_API_APP_NAMESPACE_ADD_DEL_V2_REPLY, ({ + if (!rv) + rmp->appns_index = clib_host_to_net_u32 (appns_index); + })); +} + +static void +vl_api_app_namespace_add_del_v3_t_handler ( + vl_api_app_namespace_add_del_v3_t *mp) +{ + vl_api_app_namespace_add_del_v3_reply_t *rmp; + u8 *ns_id = 0, *netns = 0, *sock_name = 0; + u32 appns_index = 0; + int rv = 0; + if (session_main_is_enabled () == 0) + { + rv = VNET_API_ERROR_FEATURE_DISABLED; + goto done; + } + mp->namespace_id[sizeof (mp->namespace_id) - 1] = 0; + mp->netns[sizeof (mp->netns) - 1] = 0; + ns_id = format (0, "%s", &mp->namespace_id); + netns = format (0, "%s", &mp->netns); + sock_name = vl_api_from_api_to_new_vec (mp, &mp->sock_name); + vnet_app_namespace_add_del_args_t args = { + .ns_id = ns_id, + .netns = netns, + .sock_name = sock_name, + .secret = clib_net_to_host_u64 (mp->secret), + .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), + .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), + .ip6_fib_id = clib_net_to_host_u32 (mp->ip6_fib_id), + .is_add = mp->is_add, + }; + rv = vnet_app_namespace_add_del (&args); + if (!rv && mp->is_add) + { + appns_index = app_namespace_index_from_id (ns_id); + if (appns_index == APP_NAMESPACE_INVALID_INDEX) + { + clib_warning ("app ns lookup failed id:%s", ns_id); + rv = VNET_API_ERROR_UNSPECIFIED; + } + } + vec_free (ns_id); + vec_free (netns); + vec_free (sock_name); +done: + REPLY_MACRO2 (VL_API_APP_NAMESPACE_ADD_DEL_V3_REPLY, ({ + if (!rv) + rmp->appns_index = clib_host_to_net_u32 (appns_index); + })); +} + static void vl_api_session_rule_add_del_t_handler (vl_api_session_rule_add_del_t * mp) { @@ -914,7 +1018,7 @@ send_session_rule_details4 (mma_rule_16_t * rule, u8 is_local, rmp = vl_msg_api_alloc (sizeof (*rmp)); clib_memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_SESSION_RULES_DETAILS); + rmp->_vl_msg_id = ntohs (REPLY_MSG_ID_BASE + VL_API_SESSION_RULES_DETAILS); rmp->context = context; clib_memset (&lcl, 0, sizeof (lcl)); @@ -956,7 +1060,7 @@ send_session_rule_details6 (mma_rule_40_t * rule, u8 is_local, rmp = vl_msg_api_alloc (sizeof (*rmp)); clib_memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_SESSION_RULES_DETAILS); + rmp->_vl_msg_id = ntohs (REPLY_MSG_ID_BASE + VL_API_SESSION_RULES_DETAILS); rmp->context = context; clib_memset (&lcl, 0, sizeof (lcl)); @@ -1131,50 +1235,6 @@ application_reaper_cb (u32 client_index) VL_MSG_API_REAPER_FUNCTION (application_reaper_cb); -#define vl_msg_name_crc_list -#include -#undef vl_msg_name_crc_list - -static void -setup_message_id_table (api_main_t * am) -{ -#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id); - foreach_vl_msg_name_crc_session; -#undef _ -} - -/* - * session_api_hookup - * Add uri's API message handlers to the table. - * vlib has already mapped shared memory and - * added the client registration handlers. - * See .../open-repo/vlib/memclnt_vlib.c:memclnt_process() - */ -static clib_error_t * -session_api_hookup (vlib_main_t * vm) -{ - api_main_t *am = vlibapi_get_main (); - -#define _(N,n) \ - vl_msg_api_set_handlers(VL_API_##N, #n, \ - vl_api_##n##_t_handler, \ - vl_noop_handler, \ - vl_api_##n##_t_endian, \ - vl_api_##n##_t_print, \ - sizeof(vl_api_##n##_t), 1); - foreach_session_api_msg; -#undef _ - - /* - * Set up the (msg_name, crc, message-id) table - */ - setup_message_id_table (am); - - return 0; -} - -VLIB_API_INIT_FUNCTION (session_api_hookup); - /* * Socket api functions */ @@ -1387,7 +1447,7 @@ done: vec_free (fds); } -static void +void sapi_socket_close_w_handle (u32 api_handle) { app_namespace_t *app_ns = app_namespace_get (api_handle >> 16); @@ -1445,10 +1505,7 @@ sapi_add_del_worker_handler (app_namespace_t * app_ns, } if (!mp->is_add) - { - sapi_socket_close_w_handle (sapi_handle); - goto done; - } + goto done; /* Send fifo segment fd if needed */ if (ssvm_type (args.segment) == SSVM_SEGMENT_MEMFD) @@ -1490,6 +1547,83 @@ done: clib_socket_sendmsg (cs, &msg, sizeof (msg), fds, n_fds); } +static void +sapi_add_del_cert_key_handler (app_namespace_t *app_ns, clib_socket_t *cs, + app_sapi_cert_key_add_del_msg_t *mp) +{ + vnet_app_add_cert_key_pair_args_t _a, *a = &_a; + app_sapi_cert_key_add_del_reply_msg_t *rmp; + app_sapi_msg_t msg = { 0 }; + int rv = 0; + + if (mp->is_add) + { + const u32 max_certkey_len = 2e4, max_cert_len = 1e4, max_key_len = 1e4; + clib_error_t *err; + u8 *certkey = 0; + u32 key_len; + + if (mp->certkey_len > max_certkey_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + vec_validate (certkey, mp->certkey_len - 1); + err = clib_socket_recvmsg (cs, certkey, mp->certkey_len, 0, 0); + if (err) + { + clib_error_report (err); + clib_error_free (err); + rv = SESSION_E_INVALID; + goto send_reply; + } + + if (mp->cert_len > max_cert_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + if (mp->certkey_len < mp->cert_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + key_len = mp->certkey_len - mp->cert_len; + if (key_len > max_key_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + clib_memset (a, 0, sizeof (*a)); + a->cert = certkey; + a->key = certkey + mp->cert_len; + a->cert_len = mp->cert_len; + a->key_len = key_len; + rv = vnet_app_add_cert_key_pair (a); + + vec_free (certkey); + } + else + { + rv = vnet_app_del_cert_key_pair (mp->index); + } + +send_reply: + + msg.type = APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY_REPLY; + rmp = &msg.cert_key_add_del_reply; + rmp->retval = rv; + rmp->context = mp->context; + if (!rv && mp->is_add) + rmp->index = a->index; + + clib_socket_sendmsg (cs, &msg, sizeof (msg), 0, 0); +} + static void sapi_socket_detach (app_namespace_t * app_ns, clib_socket_t * cs) { @@ -1498,7 +1632,6 @@ sapi_socket_detach (app_namespace_t * app_ns, clib_socket_t * cs) u32 api_client_handle; api_client_handle = appns_sapi_socket_handle (app_ns, cs); - sapi_socket_close_w_handle (api_client_handle); /* Cleanup everything because app worker closed socket or crashed */ handle = (app_ns_api_handle_t *) & cs->private_data; @@ -1550,6 +1683,9 @@ sapi_sock_read_ready (clib_file_t * cf) case APP_SAPI_MSG_TYPE_ADD_DEL_WORKER: sapi_add_del_worker_handler (app_ns, cs, &msg.worker_add_del); break; + case APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY: + sapi_add_del_cert_key_handler (app_ns, cs, &msg.cert_key_add_del); + break; default: clib_warning ("app wrk %u unknown message type: %u", handle->aah_app_wrk_index, msg.type); @@ -1637,6 +1773,23 @@ error: return err; } +void +appns_sapi_del_ns_socket (app_namespace_t *app_ns) +{ + app_ns_api_handle_t *handle; + clib_socket_t *cs; + + pool_foreach (cs, app_ns->app_sockets) + { + handle = (app_ns_api_handle_t *) &cs->private_data; + clib_file_del_by_index (&file_main, handle->aah_file_index); + + clib_socket_close (cs); + clib_socket_free (cs); + } + pool_free (app_ns->app_sockets); +} + int appns_sapi_add_ns_socket (app_namespace_t * app_ns) { @@ -1646,44 +1799,47 @@ appns_sapi_add_ns_socket (app_namespace_t * app_ns) struct stat file_stat; clib_error_t *err; clib_socket_t *cs; - u8 *dir = 0; - int rv = 0; - - vec_add (dir, vlib_unix_get_runtime_dir (), - strlen (vlib_unix_get_runtime_dir ())); - vec_add (dir, (u8 *) subdir, strlen (subdir)); + char dir[4096]; - err = vlib_unix_recursive_mkdir ((char *) dir); - if (err) + if (app_ns->netns) { - clib_error_report (err); - rv = -1; - goto error; + if (!app_ns->sock_name) + app_ns->sock_name = format (0, "@vpp/session/%v%c", app_ns->ns_id, 0); + if (app_ns->sock_name[0] != '@') + return VNET_API_ERROR_INVALID_VALUE; } + else + { + snprintf (dir, sizeof (dir), "%s%s", vlib_unix_get_runtime_dir (), + subdir); + err = vlib_unix_recursive_mkdir ((char *) dir); + if (err) + { + clib_error_report (err); + return VNET_API_ERROR_SYSCALL_ERROR_1; + } - app_ns->sock_name = format (0, "%v%v%c", dir, app_ns->ns_id, 0); + if (!app_ns->sock_name) + app_ns->sock_name = format (0, "%s%v%c", dir, app_ns->ns_id, 0); + } /* * Create and initialize socket to listen on */ cs = appns_sapi_alloc_socket (app_ns); - cs->config = (char *) app_ns->sock_name; + cs->config = (char *) vec_dup (app_ns->sock_name); cs->flags = CLIB_SOCKET_F_IS_SERVER | CLIB_SOCKET_F_ALLOW_GROUP_WRITE | CLIB_SOCKET_F_SEQPACKET | CLIB_SOCKET_F_PASSCRED; - if ((err = clib_socket_init (cs))) + if ((err = clib_socket_init_netns (cs, app_ns->netns))) { clib_error_report (err); - rv = -1; - goto error; + return -1; } - if (stat ((char *) app_ns->sock_name, &file_stat) == -1) - { - rv = -1; - goto error; - } + if (!app_ns->netns && stat ((char *) app_ns->sock_name, &file_stat) == -1) + return -1; /* * Start polling it @@ -1701,11 +1857,36 @@ appns_sapi_add_ns_socket (app_namespace_t * app_ns) handle->aah_file_index = clib_file_add (&file_main, &cf); handle->aah_app_wrk_index = APP_INVALID_INDEX; -error: - vec_free (dir); - return rv; + return 0; +} + +static void +vl_api_application_tls_cert_add_t_handler ( + vl_api_application_tls_cert_add_t *mp) +{ + /* deprecated */ +} + +static void +vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t *mp) +{ + /* deprecated */ } +#include +static clib_error_t * +session_api_hookup (vlib_main_t *vm) +{ + /* + * Set up the (msg_name, crc, message-id) table + */ + REPLY_MSG_ID_BASE = setup_message_id_table (); + + return 0; +} + +VLIB_API_INIT_FUNCTION (session_api_hookup); + /* * fd.io coding-style-patch-verification: ON *