X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fsession%2Fsession_api.c;h=c0ed1250dab84c7f259f5f26c5087b5865e208a4;hb=1a9e2f96d;hp=8fe1acf6a6e48b81433e64bf8e97f92dd94264c9;hpb=04943b4c42db300d0d895644f32da79a6d411c51;p=vpp.git diff --git a/src/vnet/session/session_api.c b/src/vnet/session/session_api.c index 8fe1acf6a6e..c0ed1250dab 100644 --- a/src/vnet/session/session_api.c +++ b/src/vnet/session/session_api.c @@ -21,40 +21,15 @@ #include #include #include - #include -#include - -#define vl_typedefs /* define message structures */ -#include -#undef vl_typedefs - -#define vl_endianfun /* define message structures */ -#include -#undef vl_endianfun - -/* instantiate all the print functions we know about */ -#define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__) -#define vl_printfun -#include -#undef vl_printfun +#include +#include +#include +#define REPLY_MSG_ID_BASE session_main.msg_id_base #include -#define foreach_session_api_msg \ -_(APP_ATTACH, app_attach) \ -_(APPLICATION_DETACH, application_detach) \ -_(SESSION_ENABLE_DISABLE, session_enable_disable) \ -_(APP_NAMESPACE_ADD_DEL, app_namespace_add_del) \ -_(SESSION_RULE_ADD_DEL, session_rule_add_del) \ -_(SESSION_RULES_DUMP, session_rules_dump) \ -_(APPLICATION_TLS_CERT_ADD, application_tls_cert_add) \ -_(APPLICATION_TLS_KEY_ADD, application_tls_key_add) \ -_(APP_ADD_CERT_KEY_PAIR, app_add_cert_key_pair) \ -_(APP_DEL_CERT_KEY_PAIR, app_del_cert_key_pair) \ -_(APP_WORKER_ADD_DEL, app_worker_add_del) \ - static transport_proto_t api_session_transport_proto_decode (const vl_api_transport_proto_t * api_tp) { @@ -118,6 +93,12 @@ mq_try_lock_and_alloc_msg (svm_msg_q_t * app_mq, svm_msg_q_msg_t * msg) SVM_Q_NOWAIT, msg); if (!rv) return 0; + /* + * Break the loop if mq is full, usually this is because the + * app has crashed or is hanging on somewhere. + */ + if (rv != -1) + break; try++; usleep (1); } @@ -130,45 +111,42 @@ mq_send_session_accepted_cb (session_t * s) { app_worker_t *app_wrk = app_worker_get (s->app_wrk_index); svm_msg_q_msg_t _msg, *msg = &_msg; - svm_msg_q_t *vpp_queue, *app_mq; + session_accepted_msg_t m = { 0 }; + svm_msg_q_t *app_mq; + fifo_segment_t *eq_seg; session_t *listener; - session_accepted_msg_t *mp; session_event_t *evt; application_t *app; app = application_get (app_wrk->app_index); - app_mq = app_wrk->event_queue; - if (mq_try_lock_and_alloc_msg (app_mq, msg)) - return SESSION_E_MQ_MSG_ALLOC; - evt = svm_msg_q_msg_data (app_mq, msg); - clib_memset (evt, 0, sizeof (*evt)); - evt->event_type = SESSION_CTRL_EVT_ACCEPTED; - mp = (session_accepted_msg_t *) evt->data; - clib_memset (mp, 0, sizeof (*mp)); - mp->context = app->app_index; - mp->server_rx_fifo = pointer_to_uword (s->rx_fifo->shr); - mp->server_tx_fifo = pointer_to_uword (s->tx_fifo->shr); - mp->segment_handle = session_segment_handle (s); - mp->flags = s->flags; + m.context = app->app_index; + m.server_rx_fifo = fifo_segment_fifo_offset (s->rx_fifo); + m.server_tx_fifo = fifo_segment_fifo_offset (s->tx_fifo); + m.segment_handle = session_segment_handle (s); + m.flags = s->flags; + + eq_seg = application_get_rx_mqs_segment (app); if (session_has_transport (s)) { listener = listen_session_get_from_handle (s->listener_handle); - mp->listener_handle = app_listen_session_handle (listener); + m.listener_handle = app_listen_session_handle (listener); if (application_is_proxy (app)) { listener = app_worker_first_listener (app_wrk, session_get_fib_proto (s), session_get_transport_proto (s)); if (listener) - mp->listener_handle = listen_session_get_handle (listener); + m.listener_handle = listen_session_get_handle (listener); } - vpp_queue = session_main_get_vpp_event_queue (s->thread_index); - mp->vpp_event_queue_address = pointer_to_uword (vpp_queue); - mp->handle = session_handle (s); + m.vpp_event_queue_address = + fifo_segment_msg_q_offset (eq_seg, s->thread_index); + m.mq_index = s->thread_index; + m.handle = session_handle (s); - session_get_endpoint (s, &mp->rmt, 0 /* is_lcl */ ); + session_get_endpoint (s, &m.rmt, 0 /* is_lcl */); + session_get_endpoint (s, &m.lcl, 1 /* is_lcl */); } else { @@ -176,13 +154,24 @@ mq_send_session_accepted_cb (session_t * s) ct = (ct_connection_t *) session_get_transport (s); listener = listen_session_get_from_handle (s->listener_handle); - mp->listener_handle = app_listen_session_handle (listener); - mp->rmt.is_ip4 = session_type_is_ip4 (listener->session_type); - mp->rmt.port = ct->c_rmt_port; - mp->handle = session_handle (s); - vpp_queue = session_main_get_vpp_event_queue (s->thread_index); - mp->vpp_event_queue_address = pointer_to_uword (vpp_queue); + m.listener_handle = app_listen_session_handle (listener); + m.rmt.is_ip4 = session_type_is_ip4 (listener->session_type); + m.rmt.port = ct->c_rmt_port; + m.lcl.port = ct->c_lcl_port; + m.handle = session_handle (s); + m.vpp_event_queue_address = + fifo_segment_msg_q_offset (eq_seg, s->thread_index); + m.mq_index = s->thread_index; } + + app_mq = app_wrk->event_queue; + if (mq_try_lock_and_alloc_msg (app_mq, msg)) + return SESSION_E_MQ_MSG_ALLOC; + + evt = svm_msg_q_msg_data (app_mq, msg); + clib_memset (evt, 0, sizeof (*evt)); + evt->event_type = SESSION_CTRL_EVT_ACCEPTED; + clib_memcpy_fast (evt->data, &m, sizeof (m)); svm_msg_q_add_and_unlock (app_mq, msg); return 0; @@ -261,33 +250,24 @@ mq_send_session_connected_cb (u32 app_wrk_index, u32 api_context, session_t * s, session_error_t err) { svm_msg_q_msg_t _msg, *msg = &_msg; - session_connected_msg_t *mp; - svm_msg_q_t *vpp_mq, *app_mq; + session_connected_msg_t m = { 0 }; + svm_msg_q_t *app_mq; transport_connection_t *tc; + fifo_segment_t *eq_seg; app_worker_t *app_wrk; session_event_t *evt; + application_t *app; app_wrk = app_worker_get (app_wrk_index); - app_mq = app_wrk->event_queue; - if (!app_mq) - { - clib_warning ("app %u with api index: %u not attached", - app_wrk->app_index, app_wrk->api_client_index); - return -1; - } - - if (mq_try_lock_and_alloc_msg (app_mq, msg)) - return SESSION_E_MQ_MSG_ALLOC; - evt = svm_msg_q_msg_data (app_mq, msg); - clib_memset (evt, 0, sizeof (*evt)); - evt->event_type = SESSION_CTRL_EVT_CONNECTED; - mp = (session_connected_msg_t *) evt->data; - clib_memset (mp, 0, sizeof (*mp)); - mp->context = api_context; + m.context = api_context; + m.retval = err; if (err) - goto done; + goto snd_msg; + + app = application_get (app_wrk->app_index); + eq_seg = application_get_rx_mqs_segment (app); if (session_has_transport (s)) { @@ -295,19 +275,20 @@ mq_send_session_connected_cb (u32 app_wrk_index, u32 api_context, if (!tc) { clib_warning ("failed to retrieve transport!"); - err = SESSION_E_REFUSED; - goto done; + m.retval = SESSION_E_REFUSED; + goto snd_msg; } - vpp_mq = session_main_get_vpp_event_queue (s->thread_index); - mp->handle = session_handle (s); - mp->vpp_event_queue_address = pointer_to_uword (vpp_mq); + m.handle = session_handle (s); + m.vpp_event_queue_address = + fifo_segment_msg_q_offset (eq_seg, s->thread_index); - session_get_endpoint (s, &mp->lcl, 1 /* is_lcl */ ); + session_get_endpoint (s, &m.lcl, 1 /* is_lcl */); - mp->server_rx_fifo = pointer_to_uword (s->rx_fifo->shr); - mp->server_tx_fifo = pointer_to_uword (s->tx_fifo->shr); - mp->segment_handle = session_segment_handle (s); + m.server_rx_fifo = fifo_segment_fifo_offset (s->rx_fifo); + m.server_tx_fifo = fifo_segment_fifo_offset (s->tx_fifo); + m.segment_handle = session_segment_handle (s); + m.mq_index = s->thread_index; } else { @@ -315,22 +296,37 @@ mq_send_session_connected_cb (u32 app_wrk_index, u32 api_context, session_t *ss; cct = (ct_connection_t *) session_get_transport (s); - mp->handle = session_handle (s); - mp->lcl.port = cct->c_lcl_port; - mp->lcl.is_ip4 = cct->c_is_ip4; - vpp_mq = session_main_get_vpp_event_queue (s->thread_index); - mp->vpp_event_queue_address = pointer_to_uword (vpp_mq); - mp->server_rx_fifo = pointer_to_uword (s->rx_fifo->shr); - mp->server_tx_fifo = pointer_to_uword (s->tx_fifo->shr); - mp->segment_handle = session_segment_handle (s); + m.handle = session_handle (s); + m.lcl.port = cct->c_lcl_port; + m.lcl.is_ip4 = cct->c_is_ip4; + m.vpp_event_queue_address = + fifo_segment_msg_q_offset (eq_seg, s->thread_index); + m.server_rx_fifo = fifo_segment_fifo_offset (s->rx_fifo); + m.server_tx_fifo = fifo_segment_fifo_offset (s->tx_fifo); + m.segment_handle = session_segment_handle (s); ss = ct_session_get_peer (s); - mp->ct_rx_fifo = pointer_to_uword (ss->tx_fifo->shr); - mp->ct_tx_fifo = pointer_to_uword (ss->rx_fifo->shr); - mp->ct_segment_handle = session_segment_handle (ss); + m.ct_rx_fifo = fifo_segment_fifo_offset (ss->tx_fifo); + m.ct_tx_fifo = fifo_segment_fifo_offset (ss->rx_fifo); + m.ct_segment_handle = session_segment_handle (ss); + m.mq_index = s->thread_index; } -done: - mp->retval = err; + /* Setup client session index in advance, in case data arrives + * before the app processes message and updates it */ + s->rx_fifo->shr->client_session_index = api_context; + s->tx_fifo->shr->client_session_index = api_context; + +snd_msg: + + app_mq = app_wrk->event_queue; + + if (mq_try_lock_and_alloc_msg (app_mq, msg)) + return SESSION_E_MQ_MSG_ALLOC; + + evt = svm_msg_q_msg_data (app_mq, msg); + clib_memset (evt, 0, sizeof (*evt)); + evt->event_type = SESSION_CTRL_EVT_CONNECTED; + clib_memcpy_fast (evt->data, &m, sizeof (m)); svm_msg_q_add_and_unlock (app_mq, msg); return 0; @@ -341,58 +337,60 @@ mq_send_session_bound_cb (u32 app_wrk_index, u32 api_context, session_handle_t handle, int rv) { svm_msg_q_msg_t _msg, *msg = &_msg; - svm_msg_q_t *app_mq, *vpp_evt_q; + session_bound_msg_t m = { 0 }; + svm_msg_q_t *app_mq; transport_endpoint_t tep; - session_bound_msg_t *mp; + fifo_segment_t *eq_seg; app_worker_t *app_wrk; session_event_t *evt; + application_t *app; app_listener_t *al; session_t *ls = 0; - app_wrk = app_worker_get (app_wrk_index); - app_mq = app_wrk->event_queue; - if (!app_mq) - { - clib_warning ("app %u with api index: %u not attached", - app_wrk->app_index, app_wrk->api_client_index); - return -1; - } - if (mq_try_lock_and_alloc_msg (app_mq, msg)) - return SESSION_E_MQ_MSG_ALLOC; + app_wrk = app_worker_get (app_wrk_index); - evt = svm_msg_q_msg_data (app_mq, msg); - clib_memset (evt, 0, sizeof (*evt)); - evt->event_type = SESSION_CTRL_EVT_BOUND; - mp = (session_bound_msg_t *) evt->data; - mp->context = api_context; + m.context = api_context; + m.retval = rv; if (rv) - goto done; + goto snd_msg; - mp->handle = handle; + m.handle = handle; al = app_listener_get_w_handle (handle); if (al->session_index != SESSION_INVALID_INDEX) ls = app_listener_get_session (al); else ls = app_listener_get_local_session (al); - session_get_endpoint (ls, &tep, 1 /* is_lcl */ ); - mp->lcl_port = tep.port; - mp->lcl_is_ip4 = tep.is_ip4; - clib_memcpy_fast (mp->lcl_ip, &tep.ip, sizeof (tep.ip)); - - vpp_evt_q = session_main_get_vpp_event_queue (0); - mp->vpp_evt_q = pointer_to_uword (vpp_evt_q); + session_get_endpoint (ls, &tep, 1 /* is_lcl */); + m.lcl_port = tep.port; + m.lcl_is_ip4 = tep.is_ip4; + clib_memcpy_fast (m.lcl_ip, &tep.ip, sizeof (tep.ip)); + app = application_get (app_wrk->app_index); + eq_seg = application_get_rx_mqs_segment (app); + m.vpp_evt_q = fifo_segment_msg_q_offset (eq_seg, ls->thread_index); + m.mq_index = ls->thread_index; - if (session_transport_service_type (ls) == TRANSPORT_SERVICE_CL) + if (session_transport_service_type (ls) == TRANSPORT_SERVICE_CL && + ls->rx_fifo) { - mp->rx_fifo = pointer_to_uword (ls->rx_fifo->shr); - mp->tx_fifo = pointer_to_uword (ls->tx_fifo->shr); - mp->segment_handle = session_segment_handle (ls); + m.rx_fifo = fifo_segment_fifo_offset (ls->rx_fifo); + m.tx_fifo = fifo_segment_fifo_offset (ls->tx_fifo); + m.segment_handle = session_segment_handle (ls); } -done: - mp->retval = rv; +snd_msg: + + app_mq = app_wrk->event_queue; + + if (mq_try_lock_and_alloc_msg (app_mq, msg)) + return SESSION_E_MQ_MSG_ALLOC; + + evt = svm_msg_q_msg_data (app_mq, msg); + clib_memset (evt, 0, sizeof (*evt)); + evt->event_type = SESSION_CTRL_EVT_BOUND; + clib_memcpy_fast (evt->data, &m, sizeof (m)); + svm_msg_q_add_and_unlock (app_mq, msg); return 0; } @@ -424,27 +422,34 @@ static void mq_send_session_migrate_cb (session_t * s, session_handle_t new_sh) { svm_msg_q_msg_t _msg, *msg = &_msg; - session_migrated_msg_t *mp; - svm_msg_q_t *vpp_evt_q; + session_migrated_msg_t m = { 0 }; + fifo_segment_t *eq_seg; app_worker_t *app_wrk; session_event_t *evt; svm_msg_q_t *app_mq; + application_t *app; + u32 thread_index; + thread_index = session_thread_from_handle (new_sh); app_wrk = app_worker_get (s->app_wrk_index); app_mq = app_wrk->event_queue; + app = application_get (app_wrk->app_index); + eq_seg = application_get_rx_mqs_segment (app); + + m.handle = session_handle (s); + m.new_handle = new_sh; + m.vpp_thread_index = thread_index; + m.vpp_evt_q = fifo_segment_msg_q_offset (eq_seg, thread_index); + m.segment_handle = SESSION_INVALID_HANDLE; + if (mq_try_lock_and_alloc_msg (app_mq, msg)) return; evt = svm_msg_q_msg_data (app_mq, msg); clib_memset (evt, 0, sizeof (*evt)); evt->event_type = SESSION_CTRL_EVT_MIGRATED; - mp = (session_migrated_msg_t *) evt->data; - mp->handle = session_handle (s); - mp->new_handle = new_sh; - mp->vpp_thread_index = session_thread_from_handle (new_sh); - vpp_evt_q = session_main_get_vpp_event_queue (mp->vpp_thread_index); - mp->vpp_evt_q = pointer_to_uword (vpp_evt_q); - mp->segment_handle = session_segment_handle (s); + clib_memcpy_fast (evt->data, &m, sizeof (m)); + svm_msg_q_add_and_unlock (app_mq, msg); } @@ -599,19 +604,20 @@ vl_api_session_enable_disable_t_handler (vl_api_session_enable_disable_t * mp) static void vl_api_app_attach_t_handler (vl_api_app_attach_t * mp) { - int rv = 0, fds[SESSION_N_FD_TYPE], n_fds = 0; - vl_api_app_attach_reply_t *rmp; - ssvm_private_t *segp; + int rv = 0, *fds = 0, n_fds = 0, n_workers, i; + fifo_segment_t *segp, *rx_mqs_seg = 0; vnet_app_attach_args_t _a, *a = &_a; - fifo_segment_t *evt_q_segment; + vl_api_app_attach_reply_t *rmp; u8 fd_flags = 0, ctrl_thread; vl_api_registration_t *reg; - svm_msg_q_t *ctrl_mq; + svm_msg_q_t *rx_mq; + application_t *app; reg = vl_api_client_index_to_registration (mp->client_index); if (!reg) return; + n_workers = vlib_num_workers (); if (!session_main_is_enabled () || appns_sapi_enabled ()) { rv = VNET_API_ERROR_FEATURE_DISABLED; @@ -642,13 +648,16 @@ vl_api_app_attach_t_handler (vl_api_app_attach_t * mp) } vec_free (a->namespace_id); - /* Send event queues segment */ - if ((evt_q_segment = session_main_get_evt_q_segment ())) - { - fd_flags |= SESSION_FD_F_VPP_MQ_SEGMENT; - fds[n_fds] = evt_q_segment->ssvm.fd; - n_fds += 1; - } + vec_validate (fds, 3 /* segs + tx evtfd */ + n_workers); + + /* Send rx mqs segment */ + app = application_get (a->app_index); + rx_mqs_seg = application_get_rx_mqs_segment (app); + + fd_flags |= SESSION_FD_F_VPP_MQ_SEGMENT; + fds[n_fds] = rx_mqs_seg->ssvm.fd; + n_fds += 1; + /* Send fifo segment fd if needed */ if (ssvm_type (a->segment) == SSVM_SEGMENT_MEMFD) { @@ -659,29 +668,39 @@ vl_api_app_attach_t_handler (vl_api_app_attach_t * mp) if (a->options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_EVT_MQ_USE_EVENTFD) { fd_flags |= SESSION_FD_F_MQ_EVENTFD; - fds[n_fds] = svm_msg_q_get_producer_eventfd (a->app_evt_q); + fds[n_fds] = svm_msg_q_get_eventfd (a->app_evt_q); n_fds += 1; } + if (application_use_private_rx_mqs ()) + { + fd_flags |= SESSION_FD_F_VPP_MQ_EVENTFD; + for (i = 0; i < n_workers + 1; i++) + { + rx_mq = application_rx_mq_get (app, i); + fds[n_fds] = svm_msg_q_get_eventfd (rx_mq); + n_fds += 1; + } + } + done: /* *INDENT-OFF* */ REPLY_MACRO2 (VL_API_APP_ATTACH_REPLY, ({ if (!rv) { - ctrl_thread = vlib_num_workers () ? 1 : 0; - ctrl_mq = session_main_get_vpp_event_queue (ctrl_thread); - segp = a->segment; + ctrl_thread = n_workers ? 1 : 0; + segp = (fifo_segment_t *) a->segment; rmp->app_index = clib_host_to_net_u32 (a->app_index); - rmp->app_mq = pointer_to_uword (a->app_evt_q); - rmp->vpp_ctrl_mq = pointer_to_uword (ctrl_mq); + rmp->app_mq = fifo_segment_msg_q_offset (segp, 0); + rmp->vpp_ctrl_mq = fifo_segment_msg_q_offset (rx_mqs_seg, ctrl_thread); rmp->vpp_ctrl_mq_thread = ctrl_thread; rmp->n_fds = n_fds; rmp->fd_flags = fd_flags; - if (vec_len (segp->name)) + if (vec_len (segp->ssvm.name)) { - vl_api_vec_to_api_string (segp->name, &rmp->segment_name); + vl_api_vec_to_api_string (segp->ssvm.name, &rmp->segment_name); } - rmp->segment_size = segp->ssvm_size; + rmp->segment_size = segp->ssvm.ssvm_size; rmp->segment_handle = clib_host_to_net_u64 (a->segment_handle); } })); @@ -689,6 +708,7 @@ done: if (n_fds) session_send_fds (reg, fds, n_fds); + vec_free (fds); } static void @@ -743,7 +763,7 @@ vl_api_app_worker_add_del_t_handler (vl_api_app_worker_add_del_t * mp) if (application_segment_manager_properties (app)->use_mq_eventfd) { fd_flags |= SESSION_FD_F_MQ_EVENTFD; - fds[n_fds] = svm_msg_q_get_producer_eventfd (args.evt_q); + fds[n_fds] = svm_msg_q_get_eventfd (args.evt_q); n_fds += 1; } @@ -755,13 +775,14 @@ done: rmp->segment_handle = clib_host_to_net_u64 (args.segment_handle); if (!rv && mp->is_add) { + rmp->app_event_queue_address = + fifo_segment_msg_q_offset ((fifo_segment_t *) args.segment, 0); + rmp->n_fds = n_fds; + rmp->fd_flags = fd_flags; if (vec_len (args.segment->name)) { vl_api_vec_to_api_string (args.segment->name, &rmp->segment_name); } - rmp->app_event_queue_address = pointer_to_uword (args.evt_q); - rmp->n_fds = n_fds; - rmp->fd_flags = fd_flags; } })); /* *INDENT-ON* */ @@ -813,6 +834,8 @@ vl_api_app_namespace_add_del_t_handler (vl_api_app_namespace_add_del_t * mp) vnet_app_namespace_add_del_args_t args = { .ns_id = ns_id, + .netns = 0, + .sock_name = 0, .secret = clib_net_to_host_u64 (mp->secret), .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), @@ -840,6 +863,104 @@ done: /* *INDENT-ON* */ } +static void +vl_api_app_namespace_add_del_v2_t_handler ( + vl_api_app_namespace_add_del_v2_t *mp) +{ + vl_api_app_namespace_add_del_v2_reply_t *rmp; + u8 *ns_id = 0, *netns = 0; + u32 appns_index = 0; + int rv = 0; + + if (session_main_is_enabled () == 0) + { + rv = VNET_API_ERROR_FEATURE_DISABLED; + goto done; + } + + mp->namespace_id[sizeof (mp->namespace_id) - 1] = 0; + mp->netns[sizeof (mp->netns) - 1] = 0; + ns_id = format (0, "%s", &mp->namespace_id); + netns = format (0, "%s", &mp->netns); + + vnet_app_namespace_add_del_args_t args = { + .ns_id = ns_id, + .netns = netns, + .sock_name = 0, + .secret = clib_net_to_host_u64 (mp->secret), + .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), + .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), + .ip6_fib_id = clib_net_to_host_u32 (mp->ip6_fib_id), + .is_add = 1 + }; + rv = vnet_app_namespace_add_del (&args); + if (!rv) + { + appns_index = app_namespace_index_from_id (ns_id); + if (appns_index == APP_NAMESPACE_INVALID_INDEX) + { + clib_warning ("app ns lookup failed id:%s", ns_id); + rv = VNET_API_ERROR_UNSPECIFIED; + } + } + vec_free (ns_id); + vec_free (netns); + +done: + REPLY_MACRO2 (VL_API_APP_NAMESPACE_ADD_DEL_V2_REPLY, ({ + if (!rv) + rmp->appns_index = clib_host_to_net_u32 (appns_index); + })); +} + +static void +vl_api_app_namespace_add_del_v3_t_handler ( + vl_api_app_namespace_add_del_v3_t *mp) +{ + vl_api_app_namespace_add_del_v3_reply_t *rmp; + u8 *ns_id = 0, *netns = 0, *sock_name = 0; + u32 appns_index = 0; + int rv = 0; + if (session_main_is_enabled () == 0) + { + rv = VNET_API_ERROR_FEATURE_DISABLED; + goto done; + } + mp->namespace_id[sizeof (mp->namespace_id) - 1] = 0; + mp->netns[sizeof (mp->netns) - 1] = 0; + ns_id = format (0, "%s", &mp->namespace_id); + netns = format (0, "%s", &mp->netns); + sock_name = format (0, "%s", &mp->sock_name); + vnet_app_namespace_add_del_args_t args = { + .ns_id = ns_id, + .netns = netns, + .sock_name = sock_name, + .secret = clib_net_to_host_u64 (mp->secret), + .sw_if_index = clib_net_to_host_u32 (mp->sw_if_index), + .ip4_fib_id = clib_net_to_host_u32 (mp->ip4_fib_id), + .ip6_fib_id = clib_net_to_host_u32 (mp->ip6_fib_id), + .is_add = mp->is_add, + }; + rv = vnet_app_namespace_add_del (&args); + if (!rv && mp->is_add) + { + appns_index = app_namespace_index_from_id (ns_id); + if (appns_index == APP_NAMESPACE_INVALID_INDEX) + { + clib_warning ("app ns lookup failed id:%s", ns_id); + rv = VNET_API_ERROR_UNSPECIFIED; + } + } + vec_free (ns_id); + vec_free (netns); + vec_free (sock_name); +done: + REPLY_MACRO2 (VL_API_APP_NAMESPACE_ADD_DEL_V3_REPLY, ({ + if (!rv) + rmp->appns_index = clib_host_to_net_u32 (appns_index); + })); +} + static void vl_api_session_rule_add_del_t_handler (vl_api_session_rule_add_del_t * mp) { @@ -886,7 +1007,7 @@ send_session_rule_details4 (mma_rule_16_t * rule, u8 is_local, rmp = vl_msg_api_alloc (sizeof (*rmp)); clib_memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_SESSION_RULES_DETAILS); + rmp->_vl_msg_id = ntohs (REPLY_MSG_ID_BASE + VL_API_SESSION_RULES_DETAILS); rmp->context = context; clib_memset (&lcl, 0, sizeof (lcl)); @@ -928,7 +1049,7 @@ send_session_rule_details6 (mma_rule_40_t * rule, u8 is_local, rmp = vl_msg_api_alloc (sizeof (*rmp)); clib_memset (rmp, 0, sizeof (*rmp)); - rmp->_vl_msg_id = ntohs (VL_API_SESSION_RULES_DETAILS); + rmp->_vl_msg_id = ntohs (REPLY_MSG_ID_BASE + VL_API_SESSION_RULES_DETAILS); rmp->context = context; clib_memset (&lcl, 0, sizeof (lcl)); @@ -1054,13 +1175,11 @@ vl_api_app_add_cert_key_pair_t_handler (vl_api_app_add_cert_key_pair_t * mp) } clib_memset (a, 0, sizeof (*a)); - vec_validate (a->cert, cert_len); - vec_validate (a->key, key_len); - clib_memcpy_fast (a->cert, mp->certkey, cert_len); - clib_memcpy_fast (a->key, mp->certkey + cert_len, key_len); + a->cert = mp->certkey; + a->key = mp->certkey + cert_len; + a->cert_len = cert_len; + a->key_len = key_len; rv = vnet_app_add_cert_key_pair (a); - vec_free (a->cert); - vec_free (a->key); done: /* *INDENT-OFF* */ @@ -1089,73 +1208,6 @@ done: REPLY_MACRO (VL_API_APP_DEL_CERT_KEY_PAIR_REPLY); } -/* ### WILL BE DEPRECATED POST 20.01 ### */ -static void -vl_api_application_tls_cert_add_t_handler (vl_api_application_tls_cert_add_t * - mp) -{ - vl_api_application_tls_cert_add_reply_t *rmp; - app_cert_key_pair_t *ckpair; - application_t *app; - u32 cert_len; - int rv = 0; - if (session_main_is_enabled () == 0) - { - rv = VNET_API_ERROR_FEATURE_DISABLED; - goto done; - } - if (!(app = application_lookup (mp->client_index))) - { - rv = VNET_API_ERROR_APPLICATION_NOT_ATTACHED; - goto done; - } - cert_len = clib_net_to_host_u16 (mp->cert_len); - if (cert_len > 10000) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto done; - } - ckpair = app_cert_key_pair_get_default (); - vec_validate (ckpair->cert, cert_len); - clib_memcpy_fast (ckpair->cert, mp->cert, cert_len); - -done: - REPLY_MACRO (VL_API_APPLICATION_TLS_CERT_ADD_REPLY); -} - -/* ### WILL BE DEPRECATED POST 20.01 ### */ -static void -vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t * - mp) -{ - vl_api_application_tls_key_add_reply_t *rmp; - app_cert_key_pair_t *ckpair; - application_t *app; - u32 key_len; - int rv = 0; - if (session_main_is_enabled () == 0) - { - rv = VNET_API_ERROR_FEATURE_DISABLED; - goto done; - } - if (!(app = application_lookup (mp->client_index))) - { - rv = VNET_API_ERROR_APPLICATION_NOT_ATTACHED; - goto done; - } - key_len = clib_net_to_host_u16 (mp->key_len); - if (key_len > 10000) - { - rv = VNET_API_ERROR_INVALID_VALUE; - goto done; - } - ckpair = app_cert_key_pair_get_default (); - vec_validate (ckpair->key, key_len); - clib_memcpy_fast (ckpair->key, mp->key, key_len); -done: - REPLY_MACRO (VL_API_APPLICATION_TLS_KEY_ADD_REPLY); -} - static clib_error_t * application_reaper_cb (u32 client_index) { @@ -1172,50 +1224,6 @@ application_reaper_cb (u32 client_index) VL_MSG_API_REAPER_FUNCTION (application_reaper_cb); -#define vl_msg_name_crc_list -#include -#undef vl_msg_name_crc_list - -static void -setup_message_id_table (api_main_t * am) -{ -#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id); - foreach_vl_msg_name_crc_session; -#undef _ -} - -/* - * session_api_hookup - * Add uri's API message handlers to the table. - * vlib has already mapped shared memory and - * added the client registration handlers. - * See .../open-repo/vlib/memclnt_vlib.c:memclnt_process() - */ -static clib_error_t * -session_api_hookup (vlib_main_t * vm) -{ - api_main_t *am = vlibapi_get_main (); - -#define _(N,n) \ - vl_msg_api_set_handlers(VL_API_##N, #n, \ - vl_api_##n##_t_handler, \ - vl_noop_handler, \ - vl_api_##n##_t_endian, \ - vl_api_##n##_t_print, \ - sizeof(vl_api_##n##_t), 1); - foreach_session_api_msg; -#undef _ - - /* - * Set up the (msg_name, crc, message-id) table - */ - setup_message_id_table (am); - - return 0; -} - -VLIB_API_INIT_FUNCTION (session_api_hookup); - /* * Socket api functions */ @@ -1333,16 +1341,16 @@ static void session_api_attach_handler (app_namespace_t * app_ns, clib_socket_t * cs, app_sapi_attach_msg_t * mp) { - int rv = 0, fds[SESSION_N_FD_TYPE], n_fds = 0; + int rv = 0, *fds = 0, n_fds = 0, i, n_workers; vnet_app_attach_args_t _a, *a = &_a; app_sapi_attach_reply_msg_t *rmp; - fifo_segment_t *evt_q_segment; u8 fd_flags = 0, ctrl_thread; app_ns_api_handle_t *handle; + fifo_segment_t *rx_mqs_seg; app_sapi_msg_t msg = { 0 }; app_worker_t *app_wrk; - svm_msg_q_t *ctrl_mq; application_t *app; + svm_msg_q_t *rx_mq; /* Make sure name is null terminated */ mp->name[63] = 0; @@ -1361,13 +1369,17 @@ session_api_attach_handler (app_namespace_t * app_ns, clib_socket_t * cs, goto done; } + n_workers = vlib_num_workers (); + vec_validate (fds, 3 /* segs + tx evtfd */ + n_workers); + /* Send event queues segment */ - if ((evt_q_segment = session_main_get_evt_q_segment ())) - { - fd_flags |= SESSION_FD_F_VPP_MQ_SEGMENT; - fds[n_fds] = evt_q_segment->ssvm.fd; - n_fds += 1; - } + app = application_get (a->app_index); + rx_mqs_seg = application_get_rx_mqs_segment (app); + + fd_flags |= SESSION_FD_F_VPP_MQ_SEGMENT; + fds[n_fds] = rx_mqs_seg->ssvm.fd; + n_fds += 1; + /* Send fifo segment fd if needed */ if (ssvm_type (a->segment) == SSVM_SEGMENT_MEMFD) { @@ -1378,10 +1390,21 @@ session_api_attach_handler (app_namespace_t * app_ns, clib_socket_t * cs, if (a->options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_EVT_MQ_USE_EVENTFD) { fd_flags |= SESSION_FD_F_MQ_EVENTFD; - fds[n_fds] = svm_msg_q_get_producer_eventfd (a->app_evt_q); + fds[n_fds] = svm_msg_q_get_eventfd (a->app_evt_q); n_fds += 1; } + if (application_use_private_rx_mqs ()) + { + fd_flags |= SESSION_FD_F_VPP_MQ_EVENTFD; + for (i = 0; i < n_workers + 1; i++) + { + rx_mq = application_rx_mq_get (app, i); + fds[n_fds] = svm_msg_q_get_eventfd (rx_mq); + n_fds += 1; + } + } + done: msg.type = APP_SAPI_MSG_TYPE_ATTACH_REPLY; @@ -1389,11 +1412,11 @@ done: rmp->retval = rv; if (!rv) { - ctrl_thread = vlib_num_workers ()? 1 : 0; - ctrl_mq = session_main_get_vpp_event_queue (ctrl_thread); + ctrl_thread = n_workers ? 1 : 0; rmp->app_index = a->app_index; - rmp->app_mq = pointer_to_uword (a->app_evt_q); - rmp->vpp_ctrl_mq = pointer_to_uword (ctrl_mq); + rmp->app_mq = + fifo_segment_msg_q_offset ((fifo_segment_t *) a->segment, 0); + rmp->vpp_ctrl_mq = fifo_segment_msg_q_offset (rx_mqs_seg, ctrl_thread); rmp->vpp_ctrl_mq_thread = ctrl_thread; rmp->n_fds = n_fds; rmp->fd_flags = fd_flags; @@ -1404,16 +1427,16 @@ done: /* Update app index for socket */ handle = (app_ns_api_handle_t *) & cs->private_data; - app = application_get (a->app_index); app_wrk = application_get_worker (app, 0); handle->aah_app_wrk_index = app_wrk->wrk_index; } clib_socket_sendmsg (cs, &msg, sizeof (msg), fds, n_fds); vec_free (a->name); + vec_free (fds); } -static void +void sapi_socket_close_w_handle (u32 api_handle) { app_namespace_t *app_ns = app_namespace_get (api_handle >> 16); @@ -1471,10 +1494,7 @@ sapi_add_del_worker_handler (app_namespace_t * app_ns, } if (!mp->is_add) - { - sapi_socket_close_w_handle (sapi_handle); - goto done; - } + goto done; /* Send fifo segment fd if needed */ if (ssvm_type (args.segment) == SSVM_SEGMENT_MEMFD) @@ -1486,7 +1506,7 @@ sapi_add_del_worker_handler (app_namespace_t * app_ns, if (application_segment_manager_properties (app)->use_mq_eventfd) { fd_flags |= SESSION_FD_F_MQ_EVENTFD; - fds[n_fds] = svm_msg_q_get_producer_eventfd (args.evt_q); + fds[n_fds] = svm_msg_q_get_eventfd (args.evt_q); n_fds += 1; } @@ -1502,7 +1522,8 @@ done: if (!rv && mp->is_add) { /* No segment name and size. This supports only memfds */ - rmp->app_event_queue_address = pointer_to_uword (args.evt_q); + rmp->app_event_queue_address = + fifo_segment_msg_q_offset ((fifo_segment_t *) args.segment, 0); rmp->n_fds = n_fds; rmp->fd_flags = fd_flags; @@ -1515,6 +1536,83 @@ done: clib_socket_sendmsg (cs, &msg, sizeof (msg), fds, n_fds); } +static void +sapi_add_del_cert_key_handler (app_namespace_t *app_ns, clib_socket_t *cs, + app_sapi_cert_key_add_del_msg_t *mp) +{ + vnet_app_add_cert_key_pair_args_t _a, *a = &_a; + app_sapi_cert_key_add_del_reply_msg_t *rmp; + app_sapi_msg_t msg = { 0 }; + int rv = 0; + + if (mp->is_add) + { + const u32 max_certkey_len = 2e4, max_cert_len = 1e4, max_key_len = 1e4; + clib_error_t *err; + u8 *certkey = 0; + u32 key_len; + + if (mp->certkey_len > max_certkey_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + vec_validate (certkey, mp->certkey_len - 1); + err = clib_socket_recvmsg (cs, certkey, mp->certkey_len, 0, 0); + if (err) + { + clib_error_report (err); + clib_error_free (err); + rv = SESSION_E_INVALID; + goto send_reply; + } + + if (mp->cert_len > max_cert_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + if (mp->certkey_len < mp->cert_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + key_len = mp->certkey_len - mp->cert_len; + if (key_len > max_key_len) + { + rv = SESSION_E_INVALID; + goto send_reply; + } + + clib_memset (a, 0, sizeof (*a)); + a->cert = certkey; + a->key = certkey + mp->cert_len; + a->cert_len = mp->cert_len; + a->key_len = key_len; + rv = vnet_app_add_cert_key_pair (a); + + vec_free (certkey); + } + else + { + rv = vnet_app_del_cert_key_pair (mp->index); + } + +send_reply: + + msg.type = APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY_REPLY; + rmp = &msg.cert_key_add_del_reply; + rmp->retval = rv; + rmp->context = mp->context; + if (!rv && mp->is_add) + rmp->index = a->index; + + clib_socket_sendmsg (cs, &msg, sizeof (msg), 0, 0); +} + static void sapi_socket_detach (app_namespace_t * app_ns, clib_socket_t * cs) { @@ -1523,7 +1621,6 @@ sapi_socket_detach (app_namespace_t * app_ns, clib_socket_t * cs) u32 api_client_handle; api_client_handle = appns_sapi_socket_handle (app_ns, cs); - sapi_socket_close_w_handle (api_client_handle); /* Cleanup everything because app worker closed socket or crashed */ handle = (app_ns_api_handle_t *) & cs->private_data; @@ -1575,6 +1672,9 @@ sapi_sock_read_ready (clib_file_t * cf) case APP_SAPI_MSG_TYPE_ADD_DEL_WORKER: sapi_add_del_worker_handler (app_ns, cs, &msg.worker_add_del); break; + case APP_SAPI_MSG_TYPE_ADD_DEL_CERT_KEY: + sapi_add_del_cert_key_handler (app_ns, cs, &msg.cert_key_add_del); + break; default: clib_warning ("app wrk %u unknown message type: %u", handle->aah_app_wrk_index, msg.type); @@ -1671,22 +1771,29 @@ appns_sapi_add_ns_socket (app_namespace_t * app_ns) struct stat file_stat; clib_error_t *err; clib_socket_t *cs; - u8 *dir = 0; - int rv = 0; + char dir[4096]; - vec_add (dir, vlib_unix_get_runtime_dir (), - strlen (vlib_unix_get_runtime_dir ())); - vec_add (dir, (u8 *) subdir, strlen (subdir)); - - err = vlib_unix_recursive_mkdir ((char *) dir); - if (err) + if (app_ns->netns) { - clib_error_report (err); - rv = -1; - goto error; + if (!app_ns->sock_name) + app_ns->sock_name = format (0, "@vpp/session/%v%c", app_ns->ns_id, 0); + if (app_ns->sock_name[0] != '@') + return VNET_API_ERROR_INVALID_VALUE; } + else + { + snprintf (dir, sizeof (dir), "%s%s", vlib_unix_get_runtime_dir (), + subdir); + err = vlib_unix_recursive_mkdir ((char *) dir); + if (err) + { + clib_error_report (err); + return VNET_API_ERROR_SYSCALL_ERROR_1; + } - app_ns->sock_name = format (0, "%v%v%c", dir, app_ns->ns_id, 0); + if (!app_ns->sock_name) + app_ns->sock_name = format (0, "%s%v%c", dir, app_ns->ns_id, 0); + } /* * Create and initialize socket to listen on @@ -1697,18 +1804,14 @@ appns_sapi_add_ns_socket (app_namespace_t * app_ns) CLIB_SOCKET_F_ALLOW_GROUP_WRITE | CLIB_SOCKET_F_SEQPACKET | CLIB_SOCKET_F_PASSCRED; - if ((err = clib_socket_init (cs))) + if ((err = clib_socket_init_netns (cs, app_ns->netns))) { clib_error_report (err); - rv = -1; - goto error; + return -1; } - if (stat ((char *) app_ns->sock_name, &file_stat) == -1) - { - rv = -1; - goto error; - } + if (!app_ns->netns && stat ((char *) app_ns->sock_name, &file_stat) == -1) + return -1; /* * Start polling it @@ -1726,11 +1829,36 @@ appns_sapi_add_ns_socket (app_namespace_t * app_ns) handle->aah_file_index = clib_file_add (&file_main, &cf); handle->aah_app_wrk_index = APP_INVALID_INDEX; -error: - vec_free (dir); - return rv; + return 0; } +static void +vl_api_application_tls_cert_add_t_handler ( + vl_api_application_tls_cert_add_t *mp) +{ + /* deprecated */ +} + +static void +vl_api_application_tls_key_add_t_handler (vl_api_application_tls_key_add_t *mp) +{ + /* deprecated */ +} + +#include +static clib_error_t * +session_api_hookup (vlib_main_t *vm) +{ + /* + * Set up the (msg_name, crc, message-id) table + */ + REPLY_MSG_ID_BASE = setup_message_id_table (); + + return 0; +} + +VLIB_API_INIT_FUNCTION (session_api_hookup); + /* * fd.io coding-style-patch-verification: ON *