2 * Copyright (c) 2017-2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/session/application.h>
17 #include <vnet/session/application_interface.h>
18 #include <vnet/session/application_namespace.h>
19 #include <vnet/session/application_local.h>
20 #include <vnet/session/session.h>
22 static app_main_t app_main;
24 #define app_interface_check_thread_and_barrier(_fn, _arg) \
25 if (PREDICT_FALSE (!vlib_thread_is_main_w_barrier ())) \
27 vlib_rpc_call_main_thread (_fn, (u8 *) _arg, sizeof(*_arg)); \
31 static app_listener_t *
32 app_listener_alloc (application_t * app)
34 app_listener_t *app_listener;
35 pool_get (app->listeners, app_listener);
36 clib_memset (app_listener, 0, sizeof (*app_listener));
37 app_listener->al_index = app_listener - app->listeners;
38 app_listener->app_index = app->app_index;
39 app_listener->session_index = SESSION_INVALID_INDEX;
40 app_listener->local_index = SESSION_INVALID_INDEX;
41 app_listener->ls_handle = SESSION_INVALID_HANDLE;
46 app_listener_get (application_t * app, u32 app_listener_index)
48 return pool_elt_at_index (app->listeners, app_listener_index);
52 app_listener_free (application_t * app, app_listener_t * app_listener)
54 clib_bitmap_free (app_listener->workers);
56 clib_memset (app_listener, 0xfa, sizeof (*app_listener));
57 pool_put (app->listeners, app_listener);
61 app_listener_handle (app_listener_t * al)
67 app_listener_get_w_session (session_t * ls)
71 app = application_get_if_valid (ls->app_index);
74 return app_listener_get (app, ls->al_index);
78 app_listen_session_handle (session_t * ls)
81 al = app_listener_get_w_session (ls);
83 return listen_session_get_handle (ls);
88 app_listener_get_w_handle (session_handle_t handle)
91 ls = session_get_from_handle_if_valid (handle);
94 return app_listener_get_w_session (ls);
98 app_listener_lookup (application_t * app, session_endpoint_cfg_t * sep_ext)
100 u32 table_index, fib_proto;
101 session_endpoint_t *sep;
102 session_handle_t handle;
105 sep = (session_endpoint_t *) sep_ext;
106 if (application_has_local_scope (app) && session_endpoint_is_local (sep))
108 table_index = application_local_session_table (app);
109 handle = session_lookup_endpoint_listener (table_index, sep, 1);
110 if (handle != SESSION_INVALID_HANDLE)
112 ls = listen_session_get_from_handle (handle);
113 return app_listener_get_w_session (ls);
117 fib_proto = session_endpoint_fib_proto (sep);
118 table_index = application_session_table (app, fib_proto);
119 handle = session_lookup_endpoint_listener (table_index, sep, 1);
120 if (handle != SESSION_INVALID_HANDLE)
122 ls = listen_session_get_from_handle (handle);
123 return app_listener_get_w_session ((session_t *) ls);
130 app_listener_alloc_and_init (application_t * app,
131 session_endpoint_cfg_t * sep,
132 app_listener_t ** listener)
134 app_listener_t *app_listener;
135 transport_connection_t *tc;
142 app_listener = app_listener_alloc (app);
143 al_index = app_listener->al_index;
144 st = session_type_from_proto_and_ip (sep->transport_proto, sep->is_ip4);
147 * Add session endpoint to local session table. Only binds to "inaddr_any"
148 * (i.e., zero address) are added to local scope table.
150 if (application_has_local_scope (app)
151 && session_endpoint_is_local ((session_endpoint_t *) sep))
153 session_type_t local_st;
156 local_st = session_type_from_proto_and_ip (TRANSPORT_PROTO_NONE,
158 ls = listen_session_alloc (0, local_st);
159 ls->app_index = app->app_index;
160 ls->app_wrk_index = sep->app_wrk_index;
161 lh = session_handle (ls);
163 if ((rv = session_listen (ls, sep)))
165 ls = session_get_from_handle (lh);
170 ls = session_get_from_handle (lh);
171 app_listener = app_listener_get (app, al_index);
172 app_listener->local_index = ls->session_index;
173 app_listener->ls_handle = lh;
174 ls->al_index = al_index;
176 table_index = application_local_session_table (app);
177 session_lookup_add_session_endpoint (table_index,
178 (session_endpoint_t *) sep, lh);
181 if (application_has_global_scope (app))
184 * Start listening on local endpoint for requested transport and scope.
185 * Creates a stream session with state LISTENING to be used in session
186 * lookups, prior to establishing connection. Requests transport to
187 * build it's own specific listening connection.
189 ls = listen_session_alloc (0, st);
190 ls->app_index = app->app_index;
191 ls->app_wrk_index = sep->app_wrk_index;
193 /* Listen pool can be reallocated if the transport is
195 lh = listen_session_get_handle (ls);
197 if ((rv = session_listen (ls, sep)))
199 ls = listen_session_get_from_handle (lh);
203 ls = listen_session_get_from_handle (lh);
204 app_listener = app_listener_get (app, al_index);
205 app_listener->session_index = ls->session_index;
206 app_listener->ls_handle = lh;
207 ls->al_index = al_index;
209 /* Add to the global lookup table after transport was initialized.
210 * Lookup table needs to be populated only now because sessions
211 * with cut-through transport are are added to app local tables that
212 * are not related to network fibs, i.e., cannot be added as
214 tc = session_get_transport (ls);
215 if (!(tc->flags & TRANSPORT_CONNECTION_F_NO_LOOKUP))
216 session_lookup_add_connection (tc, lh);
221 app_listener_free (app, app_listener);
225 *listener = app_listener;
230 app_listener_cleanup (app_listener_t * al)
232 application_t *app = application_get (al->app_index);
235 if (al->session_index != SESSION_INVALID_INDEX)
237 ls = session_get (al->session_index, 0);
238 session_stop_listen (ls);
239 listen_session_free (ls);
241 if (al->local_index != SESSION_INVALID_INDEX)
243 session_endpoint_t sep = SESSION_ENDPOINT_NULL;
246 table_index = application_local_session_table (app);
247 ls = listen_session_get (al->local_index);
248 ct_session_endpoint (ls, &sep);
249 session_lookup_del_session_endpoint (table_index, &sep);
250 session_stop_listen (ls);
251 listen_session_free (ls);
253 app_listener_free (app, al);
256 static app_worker_t *
257 app_listener_select_worker (application_t * app, app_listener_t * al)
261 app = application_get (al->app_index);
262 wrk_index = clib_bitmap_next_set (al->workers, al->accept_rotor + 1);
264 wrk_index = clib_bitmap_first_set (al->workers);
266 ASSERT (wrk_index != ~0);
267 al->accept_rotor = wrk_index;
268 return application_get_worker (app, wrk_index);
272 app_listener_get_session (app_listener_t * al)
274 if (al->session_index == SESSION_INVALID_INDEX)
277 return listen_session_get (al->session_index);
281 app_listener_get_local_session (app_listener_t * al)
283 if (al->local_index == SESSION_INVALID_INDEX)
285 return listen_session_get (al->local_index);
288 static app_worker_map_t *
289 app_worker_map_alloc (application_t * app)
291 app_worker_map_t *map;
292 pool_get (app->worker_maps, map);
293 clib_memset (map, 0, sizeof (*map));
298 app_worker_map_index (application_t * app, app_worker_map_t * map)
300 return (map - app->worker_maps);
304 app_worker_map_free (application_t * app, app_worker_map_t * map)
306 pool_put (app->worker_maps, map);
309 static app_worker_map_t *
310 app_worker_map_get (application_t * app, u32 map_index)
312 if (pool_is_free_index (app->worker_maps, map_index))
314 return pool_elt_at_index (app->worker_maps, map_index);
318 app_get_name (application_t * app)
324 application_session_table (application_t * app, u8 fib_proto)
326 app_namespace_t *app_ns;
327 app_ns = app_namespace_get (app->ns_index);
328 if (!application_has_global_scope (app))
329 return APP_INVALID_INDEX;
330 if (fib_proto == FIB_PROTOCOL_IP4)
331 return session_lookup_get_index_for_fib (fib_proto,
332 app_ns->ip4_fib_index);
334 return session_lookup_get_index_for_fib (fib_proto,
335 app_ns->ip6_fib_index);
339 application_local_session_table (application_t * app)
341 app_namespace_t *app_ns;
342 if (!application_has_local_scope (app))
343 return APP_INVALID_INDEX;
344 app_ns = app_namespace_get (app->ns_index);
345 return app_ns->local_table_index;
349 * Returns app name for app-index
352 application_name_from_index (u32 app_index)
354 application_t *app = application_get (app_index);
357 return app_get_name (app);
361 application_api_table_add (u32 app_index, u32 api_client_index)
363 if (api_client_index != APP_INVALID_INDEX)
364 hash_set (app_main.app_by_api_client_index, api_client_index, app_index);
368 application_api_table_del (u32 api_client_index)
370 hash_unset (app_main.app_by_api_client_index, api_client_index);
374 application_name_table_add (application_t * app)
376 hash_set_mem (app_main.app_by_name, app->name, app->app_index);
380 application_name_table_del (application_t * app)
382 hash_unset_mem (app_main.app_by_name, app->name);
386 application_lookup (u32 api_client_index)
389 p = hash_get (app_main.app_by_api_client_index, api_client_index);
391 return application_get_if_valid (p[0]);
397 application_lookup_name (const u8 * name)
400 p = hash_get_mem (app_main.app_by_name, name);
402 return application_get (p[0]);
407 static application_t *
408 application_alloc (void)
411 pool_get (app_main.app_pool, app);
412 clib_memset (app, 0, sizeof (*app));
413 app->app_index = app - app_main.app_pool;
418 application_get (u32 app_index)
420 if (app_index == APP_INVALID_INDEX)
422 return pool_elt_at_index (app_main.app_pool, app_index);
426 application_get_if_valid (u32 app_index)
428 if (pool_is_free_index (app_main.app_pool, app_index))
431 return pool_elt_at_index (app_main.app_pool, app_index);
435 application_verify_cb_fns (session_cb_vft_t * cb_fns)
437 if (cb_fns->session_accept_callback == 0)
438 clib_warning ("No accept callback function provided");
439 if (cb_fns->session_connected_callback == 0)
440 clib_warning ("No session connected callback function provided");
441 if (cb_fns->session_disconnect_callback == 0)
442 clib_warning ("No session disconnect callback function provided");
443 if (cb_fns->session_reset_callback == 0)
444 clib_warning ("No session reset callback function provided");
448 * Check app config for given segment type
450 * Returns 1 on success and 0 otherwise
453 application_verify_cfg (ssvm_segment_type_t st)
456 if (st == SSVM_SEGMENT_MEMFD)
458 is_valid = (session_main_get_evt_q_segment () != 0);
460 clib_warning ("memfd seg: vpp's event qs IN binary api svm region");
463 else if (st == SSVM_SEGMENT_SHM)
465 is_valid = (session_main_get_evt_q_segment () == 0);
467 clib_warning ("shm seg: vpp's event qs NOT IN binary api svm region");
475 application_alloc_and_init (app_init_args_t * a)
477 ssvm_segment_type_t seg_type = SSVM_SEGMENT_MEMFD;
478 segment_manager_props_t *props;
479 vl_api_registration_t *reg;
483 app = application_alloc ();
484 options = a->options;
486 * Make sure we support the requested configuration
488 if (!(options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_IS_BUILTIN))
490 reg = vl_api_client_index_to_registration (a->api_client_index);
492 return VNET_API_ERROR_APP_UNSUPPORTED_CFG;
493 if (vl_api_registration_file_index (reg) == VL_API_INVALID_FI)
494 seg_type = SSVM_SEGMENT_SHM;
498 seg_type = SSVM_SEGMENT_PRIVATE;
501 if ((options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_EVT_MQ_USE_EVENTFD)
502 && seg_type != SSVM_SEGMENT_MEMFD)
504 clib_warning ("mq eventfds can only be used if socket transport is "
505 "used for binary api");
506 return VNET_API_ERROR_APP_UNSUPPORTED_CFG;
509 if (!application_verify_cfg (seg_type))
510 return VNET_API_ERROR_APP_UNSUPPORTED_CFG;
512 /* Check that the obvious things are properly set up */
513 application_verify_cb_fns (a->session_cb_vft);
515 app->flags = options[APP_OPTIONS_FLAGS];
516 app->cb_fns = *a->session_cb_vft;
517 app->ns_index = options[APP_OPTIONS_NAMESPACE];
518 app->proxied_transports = options[APP_OPTIONS_PROXY_TRANSPORT];
519 app->name = vec_dup (a->name);
521 /* If no scope enabled, default to global */
522 if (!application_has_global_scope (app)
523 && !application_has_local_scope (app))
524 app->flags |= APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
526 props = application_segment_manager_properties (app);
527 segment_manager_props_init (props);
528 props->segment_size = options[APP_OPTIONS_SEGMENT_SIZE];
529 props->prealloc_fifos = options[APP_OPTIONS_PREALLOC_FIFO_PAIRS];
530 if (options[APP_OPTIONS_ADD_SEGMENT_SIZE])
532 props->add_segment_size = options[APP_OPTIONS_ADD_SEGMENT_SIZE];
533 props->add_segment = 1;
535 if (options[APP_OPTIONS_RX_FIFO_SIZE])
536 props->rx_fifo_size = options[APP_OPTIONS_RX_FIFO_SIZE];
537 if (options[APP_OPTIONS_TX_FIFO_SIZE])
538 props->tx_fifo_size = options[APP_OPTIONS_TX_FIFO_SIZE];
539 if (options[APP_OPTIONS_EVT_QUEUE_SIZE])
540 props->evt_q_size = options[APP_OPTIONS_EVT_QUEUE_SIZE];
541 if (options[APP_OPTIONS_FLAGS] & APP_OPTIONS_FLAGS_EVT_MQ_USE_EVENTFD)
542 props->use_mq_eventfd = 1;
543 if (options[APP_OPTIONS_TLS_ENGINE])
544 app->tls_engine = options[APP_OPTIONS_TLS_ENGINE];
545 props->segment_type = seg_type;
547 /* Add app to lookup by api_client_index table */
548 if (!application_is_builtin (app))
549 application_api_table_add (app->app_index, a->api_client_index);
551 application_name_table_add (app);
553 a->app_index = app->app_index;
555 APP_DBG ("New app name: %v api index: %u index %u", app->name,
556 a->api_client_index, app->app_index);
562 application_free (application_t * app)
564 app_worker_map_t *wrk_map;
565 app_worker_t *app_wrk;
568 * The app event queue allocated in first segment is cleared with
569 * the segment manager. No need to explicitly free it.
571 APP_DBG ("Delete app name %v index: %d", app->name, app->app_index);
573 if (application_is_proxy (app))
574 application_remove_proxy (app);
581 pool_flush (wrk_map, app->worker_maps, ({
582 app_wrk = app_worker_get (wrk_map->wrk_index);
583 app_worker_free (app_wrk);
586 pool_free (app->worker_maps);
589 * Cleanup remaining state
591 if (application_is_builtin (app))
592 application_name_table_del (app);
593 vec_free (app->name);
594 pool_put (app_main.app_pool, app);
598 application_detach_process (application_t * app, u32 api_client_index)
600 vnet_app_worker_add_del_args_t _args = { 0 }, *args = &_args;
601 app_worker_map_t *wrk_map;
602 u32 *wrks = 0, *wrk_index;
603 app_worker_t *app_wrk;
605 if (api_client_index == ~0)
607 application_free (app);
611 APP_DBG ("Detaching for app %v index %u api client index %u", app->name,
612 app->app_index, api_client_index);
615 pool_foreach (wrk_map, app->worker_maps, ({
616 app_wrk = app_worker_get (wrk_map->wrk_index);
617 if (app_wrk->api_client_index == api_client_index)
618 vec_add1 (wrks, app_wrk->wrk_index);
624 clib_warning ("no workers for app %u api_index %u", app->app_index,
629 args->app_index = app->app_index;
630 args->api_client_index = api_client_index;
631 vec_foreach (wrk_index, wrks)
633 app_wrk = app_worker_get (wrk_index[0]);
634 args->wrk_map_index = app_wrk->wrk_map_index;
636 vnet_app_worker_add_del (args);
642 application_get_worker (application_t * app, u32 wrk_map_index)
644 app_worker_map_t *map;
645 map = app_worker_map_get (app, wrk_map_index);
648 return app_worker_get (map->wrk_index);
652 application_get_default_worker (application_t * app)
654 return application_get_worker (app, 0);
658 application_n_workers (application_t * app)
660 return pool_elts (app->worker_maps);
664 application_listener_select_worker (session_t * ls)
669 app = application_get (ls->app_index);
670 al = app_listener_get (app, ls->al_index);
671 return app_listener_select_worker (app, al);
675 application_alloc_worker_and_init (application_t * app, app_worker_t ** wrk)
677 app_worker_map_t *wrk_map;
678 app_worker_t *app_wrk;
679 segment_manager_t *sm;
682 app_wrk = app_worker_alloc (app);
683 wrk_map = app_worker_map_alloc (app);
684 wrk_map->wrk_index = app_wrk->wrk_index;
685 app_wrk->wrk_map_index = app_worker_map_index (app, wrk_map);
688 * Setup first segment manager
690 sm = segment_manager_alloc ();
691 sm->app_wrk_index = app_wrk->wrk_index;
693 if ((rv = segment_manager_init (sm, app->sm_properties.segment_size,
694 app->sm_properties.prealloc_fifos)))
696 app_worker_free (app_wrk);
699 sm->first_is_protected = 1;
704 app_wrk->first_segment_manager = segment_manager_index (sm);
705 app_wrk->listeners_table = hash_create (0, sizeof (u64));
706 app_wrk->event_queue = segment_manager_event_queue (sm);
707 app_wrk->app_is_builtin = application_is_builtin (app);
715 vnet_app_worker_add_del (vnet_app_worker_add_del_args_t * a)
718 app_worker_map_t *wrk_map;
719 app_worker_t *app_wrk;
720 segment_manager_t *sm;
724 app = application_get (a->app_index);
726 return VNET_API_ERROR_INVALID_VALUE;
730 if ((rv = application_alloc_worker_and_init (app, &app_wrk)))
733 /* Map worker api index to the app */
734 app_wrk->api_client_index = a->api_client_index;
735 application_api_table_add (app->app_index, a->api_client_index);
737 sm = segment_manager_get (app_wrk->first_segment_manager);
738 fs = segment_manager_get_segment_w_lock (sm, 0);
739 a->segment = &fs->ssvm;
740 a->segment_handle = segment_manager_segment_handle (sm, fs);
741 segment_manager_segment_reader_unlock (sm);
742 a->evt_q = app_wrk->event_queue;
743 a->wrk_map_index = app_wrk->wrk_map_index;
747 wrk_map = app_worker_map_get (app, a->wrk_map_index);
749 return VNET_API_ERROR_INVALID_VALUE;
751 app_wrk = app_worker_get (wrk_map->wrk_index);
753 return VNET_API_ERROR_INVALID_VALUE;
755 application_api_table_del (app_wrk->api_client_index);
756 app_worker_free (app_wrk);
757 app_worker_map_free (app, wrk_map);
758 if (application_n_workers (app) == 0)
759 application_free (app);
765 app_validate_namespace (u8 * namespace_id, u64 secret, u32 * app_ns_index)
767 app_namespace_t *app_ns;
768 if (vec_len (namespace_id) == 0)
770 /* Use default namespace */
775 *app_ns_index = app_namespace_index_from_id (namespace_id);
776 if (*app_ns_index == APP_NAMESPACE_INVALID_INDEX)
777 return VNET_API_ERROR_APP_INVALID_NS;
778 app_ns = app_namespace_get (*app_ns_index);
780 return VNET_API_ERROR_APP_INVALID_NS;
781 if (app_ns->ns_secret != secret)
782 return VNET_API_ERROR_APP_WRONG_NS_SECRET;
787 app_name_from_api_index (u32 api_client_index)
789 vl_api_registration_t *regp;
790 regp = vl_api_client_index_to_registration (api_client_index);
792 return format (0, "%s", regp->name);
794 clib_warning ("api client index %u does not have an api registration!",
796 return format (0, "unknown");
800 * Attach application to vpp
802 * Allocates a vpp app, i.e., a structure that keeps back pointers
803 * to external app and a segment manager for shared memory fifo based
804 * communication with the external app.
807 vnet_application_attach (vnet_app_attach_args_t * a)
810 application_t *app = 0;
811 app_worker_t *app_wrk;
812 segment_manager_t *sm;
813 u32 app_ns_index = 0;
818 if (a->api_client_index != APP_INVALID_INDEX)
819 app = application_lookup (a->api_client_index);
821 app = application_lookup_name (a->name);
823 return VNET_API_ERROR_INVALID_VALUE;
826 return VNET_API_ERROR_APP_ALREADY_ATTACHED;
828 if (a->api_client_index != APP_INVALID_INDEX)
830 app_name = app_name_from_api_index (a->api_client_index);
834 secret = a->options[APP_OPTIONS_NAMESPACE_SECRET];
835 if ((rv = app_validate_namespace (a->namespace_id, secret, &app_ns_index)))
837 a->options[APP_OPTIONS_NAMESPACE] = app_ns_index;
839 if ((rv = application_alloc_and_init ((app_init_args_t *) a)))
842 app = application_get (a->app_index);
843 if ((rv = application_alloc_worker_and_init (app, &app_wrk)))
846 a->app_evt_q = app_wrk->event_queue;
847 app_wrk->api_client_index = a->api_client_index;
848 sm = segment_manager_get (app_wrk->first_segment_manager);
849 fs = segment_manager_get_segment_w_lock (sm, 0);
851 if (application_is_proxy (app))
852 application_setup_proxy (app);
854 ASSERT (vec_len (fs->ssvm.name) <= 128);
855 a->segment = &fs->ssvm;
856 a->segment_handle = segment_manager_segment_handle (sm, fs);
858 segment_manager_segment_reader_unlock (sm);
864 * Detach application from vpp
867 vnet_application_detach (vnet_app_detach_args_t * a)
871 app = application_get_if_valid (a->app_index);
874 clib_warning ("app not attached");
875 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
878 app_interface_check_thread_and_barrier (vnet_application_detach, a);
879 application_detach_process (app, a->api_client_index);
885 session_endpoint_in_ns (session_endpoint_t * sep)
887 u8 is_lep = session_endpoint_is_local (sep);
888 if (!is_lep && sep->sw_if_index != ENDPOINT_INVALID_INDEX
889 && !ip_interface_has_address (sep->sw_if_index, &sep->ip, sep->is_ip4))
891 clib_warning ("sw_if_index %u not configured with ip %U",
892 sep->sw_if_index, format_ip46_address, &sep->ip,
896 return (is_lep || ip_is_local (sep->fib_index, &sep->ip, sep->is_ip4));
900 session_endpoint_update_for_app (session_endpoint_cfg_t * sep,
901 application_t * app, u8 is_connect)
903 app_namespace_t *app_ns;
904 u32 ns_index, fib_index;
906 ns_index = app->ns_index;
908 /* App is a transport proto, so fetch the calling app's ns */
909 if (app->flags & APP_OPTIONS_FLAGS_IS_TRANSPORT_APP)
910 ns_index = sep->ns_index;
912 app_ns = app_namespace_get (ns_index);
916 /* Ask transport and network to bind to/connect using local interface
917 * that "supports" app's namespace. This will fix our local connection
921 /* If in default namespace and user requested a fib index use it */
922 if (ns_index == 0 && sep->fib_index != ENDPOINT_INVALID_INDEX)
923 fib_index = sep->fib_index;
925 fib_index = sep->is_ip4 ? app_ns->ip4_fib_index : app_ns->ip6_fib_index;
926 sep->peer.fib_index = fib_index;
927 sep->fib_index = fib_index;
931 sep->sw_if_index = app_ns->sw_if_index;
935 if (app_ns->sw_if_index != APP_NAMESPACE_INVALID_INDEX
936 && sep->peer.sw_if_index != ENDPOINT_INVALID_INDEX
937 && sep->peer.sw_if_index != app_ns->sw_if_index)
938 clib_warning ("Local sw_if_index different from app ns sw_if_index");
940 sep->peer.sw_if_index = app_ns->sw_if_index;
945 vnet_listen (vnet_listen_args_t * a)
947 app_listener_t *app_listener;
948 app_worker_t *app_wrk;
952 ASSERT (vlib_thread_is_main_w_barrier ());
954 app = application_get_if_valid (a->app_index);
956 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
958 app_wrk = application_get_worker (app, a->wrk_map_index);
960 return VNET_API_ERROR_INVALID_VALUE;
962 a->sep_ext.app_wrk_index = app_wrk->wrk_index;
964 session_endpoint_update_for_app (&a->sep_ext, app, 0 /* is_connect */ );
965 if (!session_endpoint_in_ns (&a->sep))
966 return VNET_API_ERROR_INVALID_VALUE_2;
969 * Check if we already have an app listener
971 app_listener = app_listener_lookup (app, &a->sep_ext);
974 if (app_listener->app_index != app->app_index)
975 return VNET_API_ERROR_ADDRESS_IN_USE;
976 if (app_worker_start_listen (app_wrk, app_listener))
978 a->handle = app_listener_handle (app_listener);
983 * Create new app listener
985 if ((rv = app_listener_alloc_and_init (app, &a->sep_ext, &app_listener)))
988 if ((rv = app_worker_start_listen (app_wrk, app_listener)))
990 app_listener_cleanup (app_listener);
994 a->handle = app_listener_handle (app_listener);
999 vnet_connect (vnet_connect_args_t * a)
1001 app_worker_t *client_wrk;
1002 application_t *client;
1004 ASSERT (vlib_thread_is_main_w_barrier ());
1006 if (session_endpoint_is_zero (&a->sep))
1007 return VNET_API_ERROR_INVALID_VALUE;
1009 client = application_get (a->app_index);
1010 session_endpoint_update_for_app (&a->sep_ext, client, 1 /* is_connect */ );
1011 client_wrk = application_get_worker (client, a->wrk_map_index);
1014 * First check the local scope for locally attached destinations.
1015 * If we have local scope, we pass *all* connects through it since we may
1016 * have special policy rules even for non-local destinations, think proxy.
1018 if (application_has_local_scope (client))
1022 a->sep_ext.original_tp = a->sep_ext.transport_proto;
1023 a->sep_ext.transport_proto = TRANSPORT_PROTO_NONE;
1024 rv = app_worker_connect_session (client_wrk, &a->sep, a->api_context);
1029 * Not connecting to a local server, propagate to transport
1031 if (app_worker_connect_session (client_wrk, &a->sep, a->api_context))
1032 return VNET_API_ERROR_SESSION_CONNECT;
1037 vnet_unlisten (vnet_unlisten_args_t * a)
1039 app_worker_t *app_wrk;
1043 ASSERT (vlib_thread_is_main_w_barrier ());
1045 if (!(app = application_get_if_valid (a->app_index)))
1046 return VNET_API_ERROR_APPLICATION_NOT_ATTACHED;
1048 if (!(al = app_listener_get_w_handle (a->handle)))
1051 if (al->app_index != app->app_index)
1053 clib_warning ("app doesn't own handle %llu!", a->handle);
1057 app_wrk = application_get_worker (app, a->wrk_map_index);
1060 clib_warning ("no app %u worker %u", app->app_index, a->wrk_map_index);
1064 return app_worker_stop_listen (app_wrk, al);
1068 vnet_disconnect_session (vnet_disconnect_args_t * a)
1070 app_worker_t *app_wrk;
1073 s = session_get_from_handle_if_valid (a->handle);
1075 return VNET_API_ERROR_INVALID_VALUE;
1076 app_wrk = app_worker_get (s->app_wrk_index);
1077 if (app_wrk->app_index != a->app_index)
1078 return VNET_API_ERROR_INVALID_VALUE;
1080 /* We're peeking into another's thread pool. Make sure */
1081 ASSERT (s->session_index == session_index_from_handle (a->handle));
1088 application_change_listener_owner (session_t * s, app_worker_t * app_wrk)
1090 app_worker_t *old_wrk = app_worker_get (s->app_wrk_index);
1091 app_listener_t *app_listener;
1097 hash_unset (old_wrk->listeners_table, listen_session_get_handle (s));
1098 if (session_transport_service_type (s) == TRANSPORT_SERVICE_CL
1100 segment_manager_dealloc_fifos (s->rx_fifo, s->tx_fifo);
1102 app = application_get (old_wrk->app_index);
1106 app_listener = app_listener_get (app, s->al_index);
1108 /* Only remove from lb for now */
1109 app_listener->workers = clib_bitmap_set (app_listener->workers,
1110 old_wrk->wrk_map_index, 0);
1112 if (app_worker_start_listen (app_wrk, app_listener))
1115 s->app_wrk_index = app_wrk->wrk_index;
1121 application_is_proxy (application_t * app)
1123 return (app->flags & APP_OPTIONS_FLAGS_IS_PROXY);
1127 application_is_builtin (application_t * app)
1129 return (app->flags & APP_OPTIONS_FLAGS_IS_BUILTIN);
1133 application_is_builtin_proxy (application_t * app)
1135 return (application_is_proxy (app) && application_is_builtin (app));
1139 application_has_local_scope (application_t * app)
1141 return app->flags & APP_OPTIONS_FLAGS_USE_LOCAL_SCOPE;
1145 application_has_global_scope (application_t * app)
1147 return app->flags & APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
1150 static clib_error_t *
1151 application_start_stop_proxy_fib_proto (application_t * app, u8 fib_proto,
1152 u8 transport_proto, u8 is_start)
1154 app_namespace_t *app_ns = app_namespace_get (app->ns_index);
1155 u8 is_ip4 = (fib_proto == FIB_PROTOCOL_IP4);
1156 session_endpoint_cfg_t sep = SESSION_ENDPOINT_CFG_NULL;
1157 transport_connection_t *tc;
1158 app_worker_t *app_wrk;
1163 /* TODO decide if we want proxy to be enabled for all workers */
1164 app_wrk = application_get_default_worker (app);
1167 s = app_worker_first_listener (app_wrk, fib_proto, transport_proto);
1170 sep.is_ip4 = is_ip4;
1171 sep.fib_index = app_namespace_get_fib_index (app_ns, fib_proto);
1172 sep.sw_if_index = app_ns->sw_if_index;
1173 sep.transport_proto = transport_proto;
1174 sep.app_wrk_index = app_wrk->wrk_index; /* only default */
1176 /* force global scope listener */
1178 app->flags &= ~APP_OPTIONS_FLAGS_USE_LOCAL_SCOPE;
1179 app_listener_alloc_and_init (app, &sep, &al);
1182 app_worker_start_listen (app_wrk, al);
1183 s = listen_session_get (al->session_index);
1184 s->flags |= SESSION_F_PROXY;
1189 s = app_worker_proxy_listener (app_wrk, fib_proto, transport_proto);
1193 tc = listen_session_get_transport (s);
1195 if (!ip_is_zero (&tc->lcl_ip, 1))
1198 sep.is_ip4 = is_ip4;
1199 sep.fib_index = app_namespace_get_fib_index (app_ns, fib_proto);
1200 sep.transport_proto = transport_proto;
1202 sti = session_lookup_get_index_for_fib (fib_proto, sep.fib_index);
1204 session_lookup_add_session_endpoint (sti,
1205 (session_endpoint_t *) & sep,
1208 session_lookup_del_session_endpoint (sti,
1209 (session_endpoint_t *) & sep);
1216 application_start_stop_proxy_local_scope (application_t * app,
1217 u8 transport_proto, u8 is_start)
1219 session_endpoint_t sep = SESSION_ENDPOINT_NULL;
1220 app_namespace_t *app_ns;
1221 app_ns = app_namespace_get (app->ns_index);
1223 sep.transport_proto = transport_proto;
1228 session_lookup_add_session_endpoint (app_ns->local_table_index, &sep,
1231 session_lookup_add_session_endpoint (app_ns->local_table_index, &sep,
1236 session_lookup_del_session_endpoint (app_ns->local_table_index, &sep);
1238 session_lookup_del_session_endpoint (app_ns->local_table_index, &sep);
1243 application_start_stop_proxy (application_t * app,
1244 transport_proto_t transport_proto, u8 is_start)
1246 if (application_has_local_scope (app))
1247 application_start_stop_proxy_local_scope (app, transport_proto, is_start);
1249 if (application_has_global_scope (app))
1251 application_start_stop_proxy_fib_proto (app, FIB_PROTOCOL_IP4,
1252 transport_proto, is_start);
1253 application_start_stop_proxy_fib_proto (app, FIB_PROTOCOL_IP6,
1254 transport_proto, is_start);
1259 application_setup_proxy (application_t * app)
1261 u16 transports = app->proxied_transports;
1262 transport_proto_t tp;
1264 ASSERT (application_is_proxy (app));
1267 transport_proto_foreach (tp, ({
1268 if (transports & (1 << tp))
1269 application_start_stop_proxy (app, tp, 1);
1275 application_remove_proxy (application_t * app)
1277 u16 transports = app->proxied_transports;
1278 transport_proto_t tp;
1280 ASSERT (application_is_proxy (app));
1283 transport_proto_foreach (tp, ({
1284 if (transports & (1 << tp))
1285 application_start_stop_proxy (app, tp, 0);
1290 segment_manager_props_t *
1291 application_segment_manager_properties (application_t * app)
1293 return &app->sm_properties;
1296 segment_manager_props_t *
1297 application_get_segment_manager_properties (u32 app_index)
1299 application_t *app = application_get (app_index);
1300 return &app->sm_properties;
1304 vnet_app_add_tls_cert (vnet_app_add_tls_cert_args_t * a)
1306 /* Deprected, will be remove after 20.01 */
1307 app_cert_key_pair_t *ckpair;
1308 ckpair = app_cert_key_pair_get_default ();
1309 ckpair->cert = vec_dup (a->cert);
1314 vnet_app_add_tls_key (vnet_app_add_tls_key_args_t * a)
1316 /* Deprected, will be remove after 20.01 */
1317 app_cert_key_pair_t *ckpair;
1318 ckpair = app_cert_key_pair_get_default ();
1319 ckpair->key = vec_dup (a->key);
1324 application_format_listeners (application_t * app, int verbose)
1326 vlib_main_t *vm = vlib_get_main ();
1327 app_worker_map_t *wrk_map;
1328 app_worker_t *app_wrk;
1334 vlib_cli_output (vm, "%U", format_app_worker_listener, 0 /* header */ ,
1340 pool_foreach (wrk_map, app->worker_maps, ({
1341 app_wrk = app_worker_get (wrk_map->wrk_index);
1342 if (hash_elts (app_wrk->listeners_table) == 0)
1344 hash_foreach (handle, sm_index, app_wrk->listeners_table, ({
1345 vlib_cli_output (vm, "%U", format_app_worker_listener, app_wrk,
1346 handle, sm_index, verbose);
1353 application_format_connects (application_t * app, int verbose)
1355 app_worker_map_t *wrk_map;
1356 app_worker_t *app_wrk;
1360 app_worker_format_connects (0, verbose);
1365 pool_foreach (wrk_map, app->worker_maps, ({
1366 app_wrk = app_worker_get (wrk_map->wrk_index);
1367 app_worker_format_connects (app_wrk, verbose);
1373 format_cert_key_pair (u8 * s, va_list * args)
1375 app_cert_key_pair_t *ckpair = va_arg (*args, app_cert_key_pair_t *);
1376 int key_len = 0, cert_len = 0;
1377 cert_len = vec_len (ckpair->cert);
1378 key_len = vec_len (ckpair->key);
1379 if (ckpair->cert_key_index == 0)
1380 s = format (s, "DEFAULT (cert:%d, key:%d)", cert_len, key_len);
1383 format (s, "%d (cert:%d, key:%d)", ckpair->cert_key_index, cert_len,
1389 format_application (u8 * s, va_list * args)
1391 application_t *app = va_arg (*args, application_t *);
1392 CLIB_UNUSED (int verbose) = va_arg (*args, int);
1393 segment_manager_props_t *props;
1394 const u8 *app_ns_name, *app_name;
1395 app_worker_map_t *wrk_map;
1396 app_worker_t *app_wrk;
1401 s = format (s, "%-10s%-20s%-40s", "Index", "Name", "Namespace");
1405 app_name = app_get_name (app);
1406 app_ns_name = app_namespace_id_from_index (app->ns_index);
1407 props = application_segment_manager_properties (app);
1410 s = format (s, "%-10u%-20v%-40s", app->app_index, app_name,
1415 s = format (s, "app-name %v app-index %u ns-index %u seg-size %U\n",
1416 app_name, app->app_index, app->ns_index,
1417 format_memory_size, props->add_segment_size);
1418 s = format (s, "rx-fifo-size %U tx-fifo-size %U workers:\n",
1419 format_memory_size, props->rx_fifo_size,
1420 format_memory_size, props->tx_fifo_size);
1423 pool_foreach (wrk_map, app->worker_maps, ({
1424 app_wrk = app_worker_get (wrk_map->wrk_index);
1425 s = format (s, "%U", format_app_worker, app_wrk);
1433 application_format_all_listeners (vlib_main_t * vm, int verbose)
1437 if (!pool_elts (app_main.app_pool))
1439 vlib_cli_output (vm, "No active server bindings");
1443 application_format_listeners (0, verbose);
1446 pool_foreach (app, app_main.app_pool, ({
1447 application_format_listeners (app, verbose);
1453 application_format_all_clients (vlib_main_t * vm, int verbose)
1457 if (!pool_elts (app_main.app_pool))
1459 vlib_cli_output (vm, "No active apps");
1463 application_format_connects (0, verbose);
1466 pool_foreach (app, app_main.app_pool, ({
1467 application_format_connects (app, verbose);
1472 static clib_error_t *
1473 show_certificate_command_fn (vlib_main_t * vm, unformat_input_t * input,
1474 vlib_cli_command_t * cmd)
1476 app_cert_key_pair_t *ckpair;
1477 session_cli_return_if_not_enabled ();
1480 pool_foreach (ckpair, app_main.cert_key_pair_store, ({
1481 vlib_cli_output (vm, "%U", format_cert_key_pair, ckpair);
1487 static clib_error_t *
1488 show_app_command_fn (vlib_main_t * vm, unformat_input_t * input,
1489 vlib_cli_command_t * cmd)
1491 int do_server = 0, do_client = 0;
1496 session_cli_return_if_not_enabled ();
1498 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
1500 if (unformat (input, "server"))
1502 else if (unformat (input, "client"))
1504 else if (unformat (input, "%u", &app_index))
1506 else if (unformat (input, "verbose"))
1509 return clib_error_return (0, "unknown input `%U'",
1510 format_unformat_error, input);
1515 application_format_all_listeners (vm, verbose);
1521 application_format_all_clients (vm, verbose);
1525 if (app_index != ~0)
1527 app = application_get_if_valid (app_index);
1529 return clib_error_return (0, "No app with index %u", app_index);
1531 vlib_cli_output (vm, "%U", format_application, app, /* verbose */ 1);
1535 /* Print app related info */
1536 if (!do_server && !do_client)
1538 vlib_cli_output (vm, "%U", format_application, 0, 0);
1540 pool_foreach (app, app_main.app_pool, ({
1541 vlib_cli_output (vm, "%U", format_application, app, 0);
1554 static app_cert_key_pair_t *
1555 app_cert_key_pair_alloc ()
1557 app_cert_key_pair_t *ckpair;
1558 pool_get (app_main.cert_key_pair_store, ckpair);
1559 clib_memset (ckpair, 0, sizeof (*ckpair));
1560 ckpair->cert_key_index = ckpair - app_main.cert_key_pair_store;
1564 app_cert_key_pair_t *
1565 app_cert_key_pair_get_if_valid (u32 index)
1567 if (pool_is_free_index (app_main.cert_key_pair_store, index))
1569 return app_cert_key_pair_get (index);
1572 app_cert_key_pair_t *
1573 app_cert_key_pair_get (u32 index)
1575 return pool_elt_at_index (app_main.cert_key_pair_store, index);
1578 app_cert_key_pair_t *
1579 app_cert_key_pair_get_default ()
1581 /* To maintain legacy bapi */
1582 return app_cert_key_pair_get (0);
1586 vnet_app_add_cert_key_pair (vnet_app_add_cert_key_pair_args_t * a)
1588 app_cert_key_pair_t *ckpair = app_cert_key_pair_alloc ();
1589 ckpair->cert = vec_dup (a->cert);
1590 ckpair->key = vec_dup (a->key);
1591 a->index = ckpair->cert_key_index;
1596 vent_app_add_cert_key_interest (u32 index, u32 app_index)
1598 app_cert_key_pair_t *ckpair;
1599 if (!(ckpair = app_cert_key_pair_get_if_valid (index)))
1601 vec_add1 (ckpair->app_interests, app_index);
1606 vnet_app_del_cert_key_pair (u32 index)
1608 app_cert_key_pair_t *ckpair;
1612 if (!(ckpair = app_cert_key_pair_get_if_valid (index)))
1613 return (VNET_API_ERROR_INVALID_VALUE);
1615 vec_foreach (app_index, ckpair->app_interests)
1617 if ((app = application_get_if_valid (*app_index))
1618 && app->cb_fns.app_cert_key_pair_delete_callback)
1619 app->cb_fns.app_cert_key_pair_delete_callback (ckpair);
1622 vec_free (ckpair->cert);
1623 vec_free (ckpair->key);
1624 pool_put (app_main.cert_key_pair_store, ckpair);
1629 cert_key_pair_store_init (vlib_main_t * vm)
1631 /* Add a certificate with index 0 to support legacy apis */
1632 (void) app_cert_key_pair_alloc ();
1637 VLIB_INIT_FUNCTION (cert_key_pair_store_init) =
1639 .runs_after = VLIB_INITS("unix_physmem_init"),
1642 VLIB_CLI_COMMAND (show_app_command, static) =
1645 .short_help = "show app [server|client] [verbose]",
1646 .function = show_app_command_fn,
1649 VLIB_CLI_COMMAND (show_certificate_command, static) =
1651 .path = "show app certificate",
1652 .short_help = "list app certs and keys present in store",
1653 .function = show_certificate_command_fn,
1658 * fd.io coding-style-patch-verification: ON
1661 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob