FD.io VPP  v21.01.1
Vector Packet Processing
quic.c
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2019 Cisco and/or its affiliates.
3  * Licensed under the Apache License, Version 2.0 (the "License");
4  * you may not use this file except in compliance with the License.
5  * You may obtain a copy of the License at:
6  *
7  * http://www.apache.org/licenses/LICENSE-2.0
8  *
9  * Unless required by applicable law or agreed to in writing, software
10  * distributed under the License is distributed on an "AS IS" BASIS,
11  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12  * See the License for the specific language governing permissions and
13  * limitations under the License.
14  */
15 
16 #include <sys/socket.h>
17 
19 #include <vnet/session/transport.h>
20 #include <vnet/session/session.h>
21 #include <vlib/unix/plugin.h>
22 #include <vpp/app/version.h>
23 
24 #include <vppinfra/lock.h>
25 
26 #include <quic/quic.h>
27 #include <quic/certs.h>
28 #include <quic/error.h>
29 
30 #include <quicly/constants.h>
31 #include <quicly/defaults.h>
32 #include <picotls.h>
33 
34 #include <quic/quic_crypto.h>
35 
36 extern quicly_crypto_engine_t quic_crypto_engine;
37 
38 static char *quic_error_strings[] = {
39 #define quic_error(n,s) s,
40 #include <quic/quic_error.def>
41 #undef quic_error
42 };
43 
44 #define DEFAULT_MAX_PACKETS_PER_KEY 16777216
45 
47 static void quic_update_timer (quic_ctx_t * ctx);
49 static int quic_reset_connection (u64 udp_session_handle,
50  quic_rx_packet_ctx_t * pctx);
51 static void quic_proto_on_close (u32 ctx_index, u32 thread_index);
52 
53 static quicly_stream_open_t on_stream_open;
54 static quicly_closed_by_peer_t on_closed_by_peer;
55 static quicly_now_t quicly_vpp_now_cb;
56 
57 /* Crypto contexts */
58 
59 static inline void
61  quic_ctx_t * ctx)
62 {
64  kv->key[0] = ((u64) ctx->ckpair_index) << 32 | (u64) ctx->crypto_engine;
65  kv->key[1] = app->sm_properties.rx_fifo_size - 1;
66  kv->key[2] = app->sm_properties.tx_fifo_size - 1;
67 }
68 
69 static inline void
71  crypto_context_t * crctx)
72 {
75  kv->key[0] = ((u64) crctx->ckpair_index) << 32 | (u64) crctx->crypto_engine;
76  kv->key[1] = data->quicly_ctx.transport_params.max_stream_data.bidi_local;
77  kv->key[2] = data->quicly_ctx.transport_params.max_stream_data.bidi_remote;
78 }
79 
80 static void
82 {
83  quic_main_t *qm = &quic_main;
85  if (crctx->n_subscribers)
86  return;
88  clib_bihash_add_del_24_8 (&qm->wrk_ctx[thread_index].crypto_context_hash,
89  &kv, 0 /* is_add */ );
90  clib_mem_free (crctx->data);
91  pool_put (qm->wrk_ctx[thread_index].crypto_ctx_pool, crctx);
92 }
93 
94 static quicly_datagram_t *
95 quic_alloc_packet (quicly_packet_allocator_t * self, size_t payloadsize)
96 {
97  quicly_datagram_t *packet;
98  if ((packet =
99  clib_mem_alloc (sizeof (*packet) + payloadsize +
100  sizeof (quic_encrypt_cb_ctx))) == NULL)
101  return NULL;
102  packet->data.base =
103  (uint8_t *) packet + sizeof (*packet) + sizeof (quic_encrypt_cb_ctx);
104  quic_encrypt_cb_ctx *encrypt_cb_ctx =
105  (quic_encrypt_cb_ctx *) ((uint8_t *) packet + sizeof (*packet));
106 
107  clib_memset (encrypt_cb_ctx, 0, sizeof (*encrypt_cb_ctx));
108  return packet;
109 }
110 
111 static void
112 quic_free_packet (quicly_packet_allocator_t * self,
113  quicly_datagram_t * packet)
114 {
115  clib_mem_free (packet);
116 }
117 
118 quicly_packet_allocator_t quic_packet_allocator =
120 
121 static int
123 {
124  quic_main_t *qm = &quic_main;
125  crypto_context_t *crctx;
128  int num_threads = 1 /* main thread */ + vtm->n_threads;
129  int i;
130 
131  for (i = 0; i < num_threads; i++)
132  {
133  /* *INDENT-OFF* */
134  pool_foreach (crctx, qm->wrk_ctx[i].crypto_ctx_pool) {
135  if (crctx->ckpair_index == ckpair->cert_key_index)
136  {
138  clib_bihash_add_del_24_8 (&qm->wrk_ctx[i].crypto_context_hash, &kv, 0 /* is_add */ );
139  }
140  }
141  /* *INDENT-ON* */
142  }
143  return 0;
144 }
145 
146 static crypto_context_t *
148 {
149  quic_main_t *qm = &quic_main;
150  crypto_context_t *crctx;
151  u32 idx;
152 
153  pool_get (qm->wrk_ctx[thread_index].crypto_ctx_pool, crctx);
154  clib_memset (crctx, 0, sizeof (*crctx));
155  idx = (crctx - qm->wrk_ctx[thread_index].crypto_ctx_pool);
156  crctx->ctx_index = ((u32) thread_index) << 24 | idx;
157 
158  return crctx;
159 }
160 
161 static crypto_context_t *
162 quic_crypto_context_get (u32 cr_index, u32 thread_index)
163 {
164  quic_main_t *qm = &quic_main;
165  ASSERT (cr_index >> 24 == thread_index);
166  return pool_elt_at_index (qm->wrk_ctx[thread_index].crypto_ctx_pool,
167  cr_index & 0x00ffffff);
168 }
169 
170 static clib_error_t *
172  unformat_input_t * input,
173  vlib_cli_command_t * cmd)
174 {
175  quic_main_t *qm = &quic_main;
176  crypto_context_t *crctx;
178  int i, num_threads = 1 /* main thread */ + vtm->n_threads;
179  for (i = 0; i < num_threads; i++)
180  {
181  /* *INDENT-OFF* */
182  pool_foreach (crctx, qm->wrk_ctx[i].crypto_ctx_pool) {
183  vlib_cli_output (vm, "[%d][Q]%U", i, format_crypto_context, crctx);
184  }
185  /* *INDENT-ON* */
186  }
187  return 0;
188 }
189 
190 static clib_error_t *
192  unformat_input_t * input,
193  vlib_cli_command_t * cmd)
194 {
195  quic_main_t *qm = &quic_main;
196  unformat_input_t _line_input, *line_input = &_line_input;
197  u64 tmp;
198 
199  if (!unformat_user (input, unformat_line_input, line_input))
200  return 0;
201 
202  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
203  {
204  if (unformat (line_input, "%U", unformat_memory_size, &tmp))
205  {
206  qm->max_packets_per_key = tmp;
207  }
208  else
209  return clib_error_return (0, "unknown input '%U'",
210  format_unformat_error, line_input);
211  }
212 
213  return 0;
214 }
215 
216 static void
217 quic_release_crypto_context (u32 crypto_context_index, u8 thread_index)
218 {
219  crypto_context_t *crctx;
220  crctx = quic_crypto_context_get (crypto_context_index, thread_index);
221  crctx->n_subscribers--;
222  quic_crypto_context_free_if_needed (crctx, thread_index);
223 }
224 
225 static int
227 {
228  quic_main_t *qm = &quic_main;
229  quicly_context_t *quicly_ctx;
230  ptls_iovec_t key_vec;
231  app_cert_key_pair_t *ckpair;
232  application_t *app;
234  ptls_context_t *ptls_ctx;
235 
236  QUIC_DBG (2, "Init quic crctx %d thread %d", crctx->ctx_index,
237  ctx->c_thread_index);
238 
239  data = clib_mem_alloc (sizeof (*data));
240  /* picotls depends on data being zeroed */
241  clib_memset (data, 0, sizeof (*data));
242  crctx->data = (void *) data;
243  quicly_ctx = &data->quicly_ctx;
244  ptls_ctx = &data->ptls_ctx;
245 
246  ptls_ctx->random_bytes = ptls_openssl_random_bytes;
247  ptls_ctx->get_time = &ptls_get_time;
248  ptls_ctx->key_exchanges = ptls_openssl_key_exchanges;
249  ptls_ctx->cipher_suites = qm->quic_ciphers[ctx->crypto_engine];
250  ptls_ctx->certificates.list = NULL;
251  ptls_ctx->certificates.count = 0;
252  ptls_ctx->esni = NULL;
253  ptls_ctx->on_client_hello = NULL;
254  ptls_ctx->emit_certificate = NULL;
255  ptls_ctx->sign_certificate = NULL;
256  ptls_ctx->verify_certificate = NULL;
257  ptls_ctx->ticket_lifetime = 86400;
258  ptls_ctx->max_early_data_size = 8192;
259  ptls_ctx->hkdf_label_prefix__obsolete = NULL;
260  ptls_ctx->require_dhe_on_psk = 1;
261  ptls_ctx->encrypt_ticket = &qm->session_cache.super;
262  clib_memcpy (quicly_ctx, &quicly_spec_context, sizeof (quicly_context_t));
263 
264  quicly_ctx->max_packet_size = QUIC_MAX_PACKET_SIZE;
265  quicly_ctx->max_packets_per_key = qm->max_packets_per_key;
266  quicly_ctx->tls = ptls_ctx;
267  quicly_ctx->stream_open = &on_stream_open;
268  quicly_ctx->closed_by_peer = &on_closed_by_peer;
269  quicly_ctx->now = &quicly_vpp_now_cb;
270  quicly_amend_ptls_context (quicly_ctx->tls);
271 
272  quicly_ctx->packet_allocator = &quic_packet_allocator;
273  quicly_ctx->crypto_engine = &quic_crypto_engine;
274  quicly_ctx->transport_params.max_data = QUIC_INT_MAX;
275  quicly_ctx->transport_params.max_streams_uni = (uint64_t) 1 << 60;
276  quicly_ctx->transport_params.max_streams_bidi = (uint64_t) 1 << 60;
277  quicly_ctx->transport_params.max_idle_timeout = qm->connection_timeout;
278 
279  app = application_get (ctx->parent_app_id);
280  quicly_ctx->transport_params.max_stream_data.bidi_local =
281  app->sm_properties.rx_fifo_size - 1;
282  quicly_ctx->transport_params.max_stream_data.bidi_remote =
283  app->sm_properties.tx_fifo_size - 1;
284  quicly_ctx->transport_params.max_stream_data.uni = QUIC_INT_MAX;
285 
286  if (!app->quic_iv_set)
287  {
288  ptls_openssl_random_bytes (app->quic_iv, QUIC_IV_LEN - 1);
289  app->quic_iv[QUIC_IV_LEN - 1] = 0;
290  app->quic_iv_set = 1;
291  }
292 
293  clib_memcpy (data->cid_key, app->quic_iv, QUIC_IV_LEN);
294  key_vec = ptls_iovec_init (data->cid_key, QUIC_IV_LEN);
295  quicly_ctx->cid_encryptor =
296  quicly_new_default_cid_encryptor (&ptls_openssl_bfecb,
297  &ptls_openssl_aes128ecb,
298  &ptls_openssl_sha256, key_vec);
299 
301  if (!ckpair || !ckpair->key || !ckpair->cert)
302  {
303  QUIC_DBG (1, "Wrong ckpair id %d\n", crctx->ckpair_index);
304  return -1;
305  }
306  if (load_bio_private_key (quicly_ctx->tls, (char *) ckpair->key))
307  {
308  QUIC_DBG (1, "failed to read private key from app configuration\n");
309  return -1;
310  }
311  if (load_bio_certificate_chain (quicly_ctx->tls, (char *) ckpair->cert))
312  {
313  QUIC_DBG (1, "failed to load certificate\n");
314  return -1;
315  }
316  return 0;
317 
318 }
319 
320 static int
322 {
323  quic_main_t *qm = &quic_main;
324  crypto_context_t *crctx;
326 
327  if (ctx->crypto_engine == CRYPTO_ENGINE_NONE)
328  {
329  QUIC_DBG (2, "No crypto engine specified, using %d",
332  }
334  {
335  QUIC_DBG (1, "Quic does not support crypto engine %d",
336  ctx->crypto_engine);
337  return VNET_API_ERROR_MISSING_CERT_KEY;
338  }
339 
340  /* Check for exisiting crypto ctx */
342  if (clib_bihash_search_24_8
343  (&qm->wrk_ctx[ctx->c_thread_index].crypto_context_hash, &kv, &kv) == 0)
344  {
345  crctx = quic_crypto_context_get (kv.value, ctx->c_thread_index);
346  QUIC_DBG (2, "Found exisiting crypto context %d", kv.value);
347  ctx->crypto_context_index = kv.value;
348  crctx->n_subscribers++;
349  return 0;
350  }
351 
352  crctx = quic_crypto_context_alloc (ctx->c_thread_index);
353  ctx->crypto_context_index = crctx->ctx_index;
354  kv.value = crctx->ctx_index;
355  crctx->crypto_engine = ctx->crypto_engine;
356  crctx->ckpair_index = ctx->ckpair_index;
357  if (quic_init_crypto_context (crctx, ctx))
358  goto error;
360  goto error;
361  crctx->n_subscribers++;
362  clib_bihash_add_del_24_8 (&qm->
363  wrk_ctx[ctx->c_thread_index].crypto_context_hash,
364  &kv, 1 /* is_add */ );
365  return 0;
366 
367 error:
368  quic_crypto_context_free_if_needed (crctx, ctx->c_thread_index);
369  return VNET_API_ERROR_MISSING_CERT_KEY;
370 }
371 
372 /* Helper functions */
373 
374 static u32
375 quic_ctx_alloc (u32 thread_index)
376 {
377  quic_main_t *qm = &quic_main;
378  quic_ctx_t *ctx;
379 
380  pool_get (qm->ctx_pool[thread_index], ctx);
381 
382  clib_memset (ctx, 0, sizeof (quic_ctx_t));
383  ctx->c_thread_index = thread_index;
385  QUIC_DBG (3, "Allocated quic_ctx %u on thread %u",
386  ctx - qm->ctx_pool[thread_index], thread_index);
387  return ctx - qm->ctx_pool[thread_index];
388 }
389 
390 static void
392 {
393  QUIC_DBG (2, "Free ctx %u %x", ctx->c_thread_index, ctx->c_c_index);
394  u32 thread_index = ctx->c_thread_index;
396  if (CLIB_DEBUG)
397  clib_memset (ctx, 0xfb, sizeof (*ctx));
398  pool_put (quic_main.ctx_pool[thread_index], ctx);
399 }
400 
401 static quic_ctx_t *
402 quic_ctx_get (u32 ctx_index, u32 thread_index)
403 {
404  return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
405 }
406 
407 static quic_ctx_t *
408 quic_ctx_get_if_valid (u32 ctx_index, u32 thread_index)
409 {
410  if (pool_is_free_index (quic_main.ctx_pool[thread_index], ctx_index))
411  return 0;
412  return pool_elt_at_index (quic_main.ctx_pool[thread_index], ctx_index);
413 }
414 
415 quic_ctx_t *
416 quic_get_conn_ctx (quicly_conn_t * conn)
417 {
418  u64 conn_data;
419  conn_data = (u64) * quicly_get_data (conn);
420  return quic_ctx_get (conn_data & UINT32_MAX, conn_data >> 32);
421 }
422 
423 static void
424 quic_store_conn_ctx (quicly_conn_t * conn, quic_ctx_t * ctx)
425 {
426  *quicly_get_data (conn) =
427  (void *) (((u64) ctx->c_thread_index) << 32 | (u64) ctx->c_c_index);
428 }
429 
430 static inline int
432 {
433  return (ctx->flags & QUIC_F_IS_STREAM);
434 }
435 
436 static inline int
438 {
439  return (ctx->flags & QUIC_F_IS_LISTENER);
440 }
441 
442 static inline int
444 {
445  return !(quic_ctx_is_listener (ctx) || quic_ctx_is_stream (ctx));
446 }
447 
448 static inline session_t *
449 get_stream_session_and_ctx_from_stream (quicly_stream_t * stream,
450  quic_ctx_t ** ctx)
451 {
452  quic_stream_data_t *stream_data;
453 
454  stream_data = (quic_stream_data_t *) stream->data;
455  *ctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
456  return session_get ((*ctx)->c_s_index, stream_data->thread_index);
457 }
458 
459 static inline void
461  const quicly_cid_plaintext_t * id)
462 {
463  kv->key[0] = ((u64) id->master_id) << 32 | (u64) id->thread_id;
464  kv->key[1] = id->node_id;
465 }
466 
467 static int
469 {
470  u32 max_enqueue;
472  max_enqueue = svm_fifo_max_enqueue (udp_session->tx_fifo);
473  return clib_min (max_enqueue / packet_size, QUIC_SEND_PACKET_VEC_SIZE);
474 }
475 
476 static quicly_context_t *
478 {
479  crypto_context_t *crctx =
480  quic_crypto_context_get (ctx->crypto_context_index, ctx->c_thread_index);
482  (quic_crypto_context_data_t *) crctx->data;
483  return &data->quicly_ctx;
484 }
485 
486 static quicly_context_t *
487 quic_get_quicly_ctx_from_udp (u64 udp_session_handle)
488 {
489  session_t *udp_session = session_get_from_handle (udp_session_handle);
490  quic_ctx_t *ctx =
491  quic_ctx_get (udp_session->opaque, udp_session->thread_index);
492  return quic_get_quicly_ctx_from_ctx (ctx);
493 }
494 
495 static inline void
497 {
498  int rv = 0;
499  if (svm_fifo_set_event (udp_session->tx_fifo))
500  rv = session_send_io_evt_to_thread (udp_session->tx_fifo,
502  if (PREDICT_FALSE (rv))
503  clib_warning ("Event enqueue errored %d", rv);
504 }
505 
506 static inline void
508 {
509  tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
511  return;
512  tw = &quic_main.wrk_ctx[ctx->c_thread_index].timer_wheel;
513  tw_timer_stop_1t_3w_1024sl_ov (tw, ctx->timer_handle);
515  QUIC_DBG (4, "Stopping timer for ctx %u", ctx->c_c_index);
516 }
517 
518 /* QUIC protocol actions */
519 
520 static void
521 quic_ack_rx_data (session_t * stream_session)
522 {
523  u32 max_deq;
524  quic_ctx_t *sctx;
525  svm_fifo_t *f;
526  quicly_stream_t *stream;
527  quic_stream_data_t *stream_data;
528 
529  sctx = quic_ctx_get (stream_session->connection_index,
530  stream_session->thread_index);
532  stream = sctx->stream;
533  stream_data = (quic_stream_data_t *) stream->data;
534 
535  f = stream_session->rx_fifo;
536  max_deq = svm_fifo_max_dequeue (f);
537 
538  QUIC_ASSERT (stream_data->app_rx_data_len >= max_deq);
539  quicly_stream_sync_recvbuf (stream, stream_data->app_rx_data_len - max_deq);
540  QUIC_DBG (3, "Acking %u bytes", stream_data->app_rx_data_len - max_deq);
541  stream_data->app_rx_data_len = max_deq;
542 }
543 
544 static void
546 {
547  QUIC_DBG (2, "Disconnecting transport 0x%lx", ctx->udp_session_handle);
549  .handle = ctx->udp_session_handle,
550  .app_index = quic_main.app_index,
551  };
552 
553  if (vnet_disconnect_session (&a))
554  clib_warning ("UDP session 0x%lx disconnect errored",
555  ctx->udp_session_handle);
556 }
557 
558 static void
560 {
562  quicly_conn_t *conn;
563 
564  QUIC_DBG (2, "Deleting connection %u", ctx->c_c_index);
565 
567  quic_stop_ctx_timer (ctx);
568 
569  /* Delete the connection from the connection map */
570  conn = ctx->conn;
571  ctx->conn = NULL;
572  quic_make_connection_key (&kv, quicly_get_master_id (conn));
573  QUIC_DBG (2, "Deleting conn with id %lu %lu from map", kv.key[0],
574  kv.key[1]);
575  clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 0 /* is_add */ );
576 
578 
579  if (ctx->conn)
580  quicly_free (ctx->conn);
582 }
583 
584 void
586 {
588  vlib_node_increment_counter (vm, quic_input_node.index, evt, val);
589 }
590 
591 /**
592  * Called when quicly return an error
593  * This function interacts tightly with quic_proto_on_close
594  */
595 static void
597 {
598  QUIC_DBG (2, "QUIC connection %u/%u closed", ctx->c_thread_index,
599  ctx->c_c_index);
600 
601  /* TODO if connection is not established, just delete the session? */
602  /* Actually should send connect or accept error */
603 
604  switch (ctx->conn_state)
605  {
607  /* Error on an opened connection (timeout...)
608  This puts the session in closing state, we should receive a notification
609  when the app has closed its session */
611  /* This ensures we delete the connection when the app confirms the close */
613  break;
616  /* quic_proto_on_close will eventually be called when the app confirms the close
617  , we delete the connection at that point */
618  break;
620  /* App already confirmed close, we can delete the connection */
622  break;
627  break;
628  default:
629  QUIC_DBG (0, "BUG %d", ctx->conn_state);
630  break;
631  }
632 }
633 
634 static int
635 quic_send_datagram (session_t * udp_session, quicly_datagram_t * packet)
636 {
637  u32 max_enqueue;
639  u32 len, ret;
640  svm_fifo_t *f;
642 
643  len = packet->data.len;
644  f = udp_session->tx_fifo;
645  tc = session_get_transport (udp_session);
646  max_enqueue = svm_fifo_max_enqueue (f);
647  if (max_enqueue < SESSION_CONN_HDR_LEN + len)
648  {
649  QUIC_ERR ("Too much data to send, max_enqueue %u, len %u",
650  max_enqueue, len + SESSION_CONN_HDR_LEN);
651  return QUIC_ERROR_FULL_FIFO;
652  }
653 
654  /* Build packet header for fifo */
655  hdr.data_length = len;
656  hdr.data_offset = 0;
657  hdr.is_ip4 = tc->is_ip4;
658  clib_memcpy (&hdr.lcl_ip, &tc->lcl_ip, sizeof (ip46_address_t));
659  hdr.lcl_port = tc->lcl_port;
660 
661  /* Read dest address from quicly-provided sockaddr */
662  if (hdr.is_ip4)
663  {
664  QUIC_ASSERT (packet->dest.sa.sa_family == AF_INET);
665  struct sockaddr_in *sa4 = (struct sockaddr_in *) &packet->dest.sa;
666  hdr.rmt_port = sa4->sin_port;
667  hdr.rmt_ip.ip4.as_u32 = sa4->sin_addr.s_addr;
668  }
669  else
670  {
671  QUIC_ASSERT (packet->dest.sa.sa_family == AF_INET6);
672  struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) &packet->dest.sa;
673  hdr.rmt_port = sa6->sin6_port;
674  clib_memcpy (&hdr.rmt_ip.ip6, &sa6->sin6_addr, 16);
675  }
676 
677  ret = svm_fifo_enqueue (f, sizeof (hdr), (u8 *) & hdr);
678  if (ret != sizeof (hdr))
679  {
680  QUIC_ERR ("Not enough space to enqueue header");
681  return QUIC_ERROR_FULL_FIFO;
682  }
683  ret = svm_fifo_enqueue (f, len, packet->data.base);
684  if (ret != len)
685  {
686  QUIC_ERR ("Not enough space to enqueue payload");
687  return QUIC_ERROR_FULL_FIFO;
688  }
689 
690  quic_increment_counter (QUIC_ERROR_TX_PACKETS, 1);
691 
692  return 0;
693 }
694 
695 static int
697 {
698  quic_main_t *qm = &quic_main;
699  quicly_datagram_t *packets[QUIC_SEND_PACKET_VEC_SIZE];
700  session_t *udp_session;
701  quicly_conn_t *conn;
702  size_t num_packets, i, max_packets;
703  quicly_packet_allocator_t *pa;
704  int err = 0;
705  u32 thread_index = vlib_get_thread_index ();
706 
707  /* We have sctx, get qctx */
708  if (quic_ctx_is_stream (ctx))
709  ctx = quic_ctx_get (ctx->quic_connection_ctx_id, ctx->c_thread_index);
710 
712 
714  if (!udp_session)
715  goto quicly_error;
716 
717  conn = ctx->conn;
718 
719  if (!conn)
720  return 0;
721 
722  /* TODO : quicly can assert it can send min_packets up to 2 */
723  if (quic_sendable_packet_count (udp_session) < 2)
724  goto stop_sending;
725 
726  pa = quic_get_quicly_ctx_from_ctx (ctx)->packet_allocator;
727  do
728  {
729  max_packets = quic_sendable_packet_count (udp_session);
730  if (max_packets < 2)
731  break;
732  num_packets = max_packets;
733  if ((err = quicly_send (conn, packets, &num_packets)))
734  goto quicly_error;
735 
737  [thread_index].crypto_context_batch);
738 
739  for (i = 0; i != num_packets; ++i)
740  {
742  if ((err = quic_send_datagram (udp_session, packets[i])))
743  goto quicly_error;
744 
745  pa->free_packet (pa, packets[i]);
746  }
747  }
748  while (num_packets > 0 && num_packets == max_packets);
749 
750 stop_sending:
751  quic_set_udp_tx_evt (udp_session);
752 
753  QUIC_DBG (3, "%u[TX] %u[RX]", svm_fifo_max_dequeue (udp_session->tx_fifo),
754  svm_fifo_max_dequeue (udp_session->rx_fifo));
755  quic_update_timer (ctx);
756  return 0;
757 
758 quicly_error:
759  if (err && err != QUICLY_ERROR_PACKET_IGNORED
760  && err != QUICLY_ERROR_FREE_CONNECTION)
761  clib_warning ("Quic error '%U'.", quic_format_err, err);
763  return 1;
764 }
765 
766 /* Quicly callbacks */
767 
768 static void
769 quic_on_stream_destroy (quicly_stream_t * stream, int err)
770 {
771  quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
772  quic_ctx_t *sctx = quic_ctx_get (stream_data->ctx_id,
773  stream_data->thread_index);
774  session_t *stream_session = session_get (sctx->c_s_index,
775  sctx->c_thread_index);
776  QUIC_DBG (2, "DESTROYED_STREAM: session 0x%lx (%U)",
777  session_handle (stream_session), quic_format_err, err);
778 
779  stream_session->session_state = SESSION_STATE_CLOSED;
780  session_transport_delete_notify (&sctx->connection);
781 
782  quic_increment_counter (QUIC_ERROR_CLOSED_STREAM, 1);
783  quic_ctx_free (sctx);
784  clib_mem_free (stream->data);
785 }
786 
787 static void
788 quic_on_stop_sending (quicly_stream_t * stream, int err)
789 {
790 #if QUIC_DEBUG >= 2
791  quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
792  quic_ctx_t *sctx = quic_ctx_get (stream_data->ctx_id,
793  stream_data->thread_index);
794  session_t *stream_session = session_get (sctx->c_s_index,
795  sctx->c_thread_index);
796  clib_warning ("(NOT IMPLEMENTD) STOP_SENDING: session 0x%lx (%U)",
797  session_handle (stream_session), quic_format_err, err);
798 #endif
799  /* TODO : handle STOP_SENDING */
800 }
801 
802 static void
803 quic_on_receive_reset (quicly_stream_t * stream, int err)
804 {
805  quic_stream_data_t *stream_data = (quic_stream_data_t *) stream->data;
806  quic_ctx_t *sctx = quic_ctx_get (stream_data->ctx_id,
807  stream_data->thread_index);
808 #if QUIC_DEBUG >= 2
809  session_t *stream_session = session_get (sctx->c_s_index,
810  sctx->c_thread_index);
811  clib_warning ("RESET_STREAM: session 0x%lx (%U)",
812  session_handle (stream_session), quic_format_err, err);
813 #endif
814  session_transport_closing_notify (&sctx->connection);
815 }
816 
817 static void
818 quic_on_receive (quicly_stream_t * stream, size_t off, const void *src,
819  size_t len)
820 {
821  QUIC_DBG (3, "received data: %lu bytes, offset %lu", len, off);
822  u32 max_enq, rlen, rv;
823  quic_ctx_t *sctx;
824  session_t *stream_session;
825  app_worker_t *app_wrk;
826  svm_fifo_t *f;
827  quic_stream_data_t *stream_data;
828 
829  if (!len)
830  return;
831 
832  stream_data = (quic_stream_data_t *) stream->data;
833  sctx = quic_ctx_get (stream_data->ctx_id, stream_data->thread_index);
834  stream_session = session_get (sctx->c_s_index, stream_data->thread_index);
835  f = stream_session->rx_fifo;
836 
837  max_enq = svm_fifo_max_enqueue_prod (f);
838  QUIC_DBG (3, "Enqueuing %u at off %u in %u space", len, off, max_enq);
839  /* Handle duplicate packet/chunk from quicly */
840  if (off < stream_data->app_rx_data_len)
841  {
842  QUIC_DBG (3, "Session [idx %u, app_wrk %u, thread %u, rx-fifo 0x%llx]: "
843  "DUPLICATE PACKET (max_enq %u, len %u, "
844  "app_rx_data_len %u, off %u, ToBeNQ %u)",
845  stream_session->session_index,
846  stream_session->app_wrk_index,
847  stream_session->thread_index, f,
848  max_enq, len, stream_data->app_rx_data_len, off,
849  off - stream_data->app_rx_data_len + len);
850  return;
851  }
852  if (PREDICT_FALSE ((off - stream_data->app_rx_data_len + len) > max_enq))
853  {
854  QUIC_ERR ("Session [idx %u, app_wrk %u, thread %u, rx-fifo 0x%llx]: "
855  "RX FIFO IS FULL (max_enq %u, len %u, "
856  "app_rx_data_len %u, off %u, ToBeNQ %u)",
857  stream_session->session_index,
858  stream_session->app_wrk_index,
859  stream_session->thread_index, f,
860  max_enq, len, stream_data->app_rx_data_len, off,
861  off - stream_data->app_rx_data_len + len);
862  return; /* This shouldn't happen */
863  }
864  if (off == stream_data->app_rx_data_len)
865  {
866  /* Streams live on the same thread so (f, stream_data) should stay consistent */
867  rlen = svm_fifo_enqueue (f, len, (u8 *) src);
868  QUIC_DBG (3, "Session [idx %u, app_wrk %u, ti %u, rx-fifo 0x%llx]: "
869  "Enqueuing %u (rlen %u) at off %u in %u space, ",
870  stream_session->session_index,
871  stream_session->app_wrk_index,
872  stream_session->thread_index, f, len, rlen, off, max_enq);
873  stream_data->app_rx_data_len += rlen;
874  QUIC_ASSERT (rlen >= len);
875  app_wrk = app_worker_get_if_valid (stream_session->app_wrk_index);
876  if (PREDICT_TRUE (app_wrk != 0))
877  {
878  rv = app_worker_lock_and_send_event (app_wrk, stream_session,
880  if (rv)
881  QUIC_ERR ("Failed to ping app for RX");
882  }
883  quic_ack_rx_data (stream_session);
884  }
885  else
886  {
888  off - stream_data->app_rx_data_len,
889  len, (u8 *) src);
890  QUIC_ASSERT (rlen == 0);
891  }
892  return;
893 }
894 
895 void
896 quic_fifo_egress_shift (quicly_stream_t * stream, size_t delta)
897 {
898  quic_stream_data_t *stream_data;
899  session_t *stream_session;
900  quic_ctx_t *ctx;
901  svm_fifo_t *f;
902  u32 rv;
903 
904  stream_data = (quic_stream_data_t *) stream->data;
905  stream_session = get_stream_session_and_ctx_from_stream (stream, &ctx);
906  f = stream_session->tx_fifo;
907 
908  QUIC_ASSERT (stream_data->app_tx_data_len >= delta);
909  stream_data->app_tx_data_len -= delta;
910  ctx->bytes_written += delta;
911  rv = svm_fifo_dequeue_drop (f, delta);
912  QUIC_ASSERT (rv == delta);
913 
914  rv = quicly_stream_sync_sendbuf (stream, 0);
915  QUIC_ASSERT (!rv);
916 }
917 
918 void
919 quic_fifo_egress_emit (quicly_stream_t * stream, size_t off, void *dst,
920  size_t * len, int *wrote_all)
921 {
922  quic_stream_data_t *stream_data;
923  quic_ctx_t *ctx;
924  session_t *stream_session;
925  svm_fifo_t *f;
926  u32 deq_max;
927 
928  stream_data = (quic_stream_data_t *) stream->data;
929  stream_session = get_stream_session_and_ctx_from_stream (stream, &ctx);
930  f = stream_session->tx_fifo;
931 
932  QUIC_DBG (3, "Emitting %u, offset %u", *len, off);
933 
934  deq_max = svm_fifo_max_dequeue_cons (f);
935  QUIC_ASSERT (off <= deq_max);
936  if (off + *len < deq_max)
937  {
938  *wrote_all = 0;
939  }
940  else
941  {
942  *wrote_all = 1;
943  *len = deq_max - off;
944  }
945  QUIC_ASSERT (*len > 0);
946 
947  if (off + *len > stream_data->app_tx_data_len)
948  stream_data->app_tx_data_len = off + *len;
949 
950  svm_fifo_peek (f, off, *len, dst);
951 }
952 
953 static const quicly_stream_callbacks_t quic_stream_callbacks = {
954  .on_destroy = quic_on_stream_destroy,
955  .on_send_shift = quic_fifo_egress_shift,
956  .on_send_emit = quic_fifo_egress_emit,
957  .on_send_stop = quic_on_stop_sending,
958  .on_receive = quic_on_receive,
959  .on_receive_reset = quic_on_receive_reset
960 };
961 
962 static int
963 quic_on_stream_open (quicly_stream_open_t * self, quicly_stream_t * stream)
964 {
965  /* Return code for this function ends either
966  * - in quicly_receive : if not QUICLY_ERROR_PACKET_IGNORED, will close connection
967  * - in quicly_open_stream, returned directly
968  */
969 
970  session_t *stream_session, *quic_session;
971  quic_stream_data_t *stream_data;
972  app_worker_t *app_wrk;
973  quic_ctx_t *qctx, *sctx;
974  u32 sctx_id;
975  int rv;
976 
977  QUIC_DBG (2, "on_stream_open called");
978  stream->data = clib_mem_alloc (sizeof (quic_stream_data_t));
979  stream->callbacks = &quic_stream_callbacks;
980  /* Notify accept on parent qsession, but only if this is not a locally
981  * initiated stream */
982  if (quicly_stream_is_self_initiated (stream))
983  return 0;
984 
985  sctx_id = quic_ctx_alloc (vlib_get_thread_index ());
986  qctx = quic_get_conn_ctx (stream->conn);
987 
988  /* Might need to signal that the connection is ready if the first thing the
989  * server does is open a stream */
991  /* ctx might be invalidated */
992  qctx = quic_get_conn_ctx (stream->conn);
993 
994  stream_session = session_alloc (qctx->c_thread_index);
995  QUIC_DBG (2, "ACCEPTED stream_session 0x%lx ctx %u",
996  session_handle (stream_session), sctx_id);
997  sctx = quic_ctx_get (sctx_id, qctx->c_thread_index);
998  sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
999  sctx->parent_app_id = qctx->parent_app_id;
1000  sctx->quic_connection_ctx_id = qctx->c_c_index;
1001  sctx->c_c_index = sctx_id;
1002  sctx->c_s_index = stream_session->session_index;
1003  sctx->stream = stream;
1004  sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1005  sctx->flags |= QUIC_F_IS_STREAM;
1006  if (quicly_stream_is_unidirectional (stream->stream_id))
1007  stream_session->flags |= SESSION_F_UNIDIRECTIONAL;
1008 
1009  stream_data = (quic_stream_data_t *) stream->data;
1010  stream_data->ctx_id = sctx_id;
1011  stream_data->thread_index = sctx->c_thread_index;
1012  stream_data->app_rx_data_len = 0;
1013  stream_data->app_tx_data_len = 0;
1014 
1015  sctx->c_s_index = stream_session->session_index;
1016  stream_session->session_state = SESSION_STATE_CREATED;
1017  stream_session->app_wrk_index = sctx->parent_app_wrk_id;
1018  stream_session->connection_index = sctx->c_c_index;
1019  stream_session->session_type =
1020  session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, qctx->udp_is_ip4);
1021  quic_session = session_get (qctx->c_s_index, qctx->c_thread_index);
1022  stream_session->listener_handle = listen_session_get_handle (quic_session);
1023 
1024  app_wrk = app_worker_get (stream_session->app_wrk_index);
1025  if ((rv = app_worker_init_connected (app_wrk, stream_session)))
1026  {
1027  QUIC_ERR ("failed to allocate fifos");
1028  quicly_reset_stream (stream, QUIC_APP_ALLOCATION_ERROR);
1029  return 0; /* Frame is still valid */
1030  }
1031  svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
1034 
1035  if ((rv = app_worker_accept_notify (app_wrk, stream_session)))
1036  {
1037  QUIC_ERR ("failed to notify accept worker app");
1038  quicly_reset_stream (stream, QUIC_APP_ACCEPT_NOTIFY_ERROR);
1039  return 0; /* Frame is still valid */
1040  }
1041 
1042  return 0;
1043 }
1044 
1045 static void
1046 quic_on_closed_by_peer (quicly_closed_by_peer_t * self, quicly_conn_t * conn,
1047  int code, uint64_t frame_type,
1048  const char *reason, size_t reason_len)
1049 {
1050  quic_ctx_t *ctx = quic_get_conn_ctx (conn);
1051 #if QUIC_DEBUG >= 2
1052  session_t *quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
1053  clib_warning ("Session 0x%lx closed by peer (%U) %.*s ",
1054  session_handle (quic_session), quic_format_err, code,
1055  reason_len, reason);
1056 #endif
1059 }
1060 
1061 /* Timer handling */
1062 
1063 static int64_t
1064 quic_get_thread_time (u8 thread_index)
1065 {
1066  return quic_main.wrk_ctx[thread_index].time_now;
1067 }
1068 
1069 static int64_t
1070 quic_get_time (quicly_now_t * self)
1071 {
1072  u8 thread_index = vlib_get_thread_index ();
1073  return quic_get_thread_time (thread_index);
1074 }
1075 
1076 static u32
1077 quic_set_time_now (u32 thread_index)
1078 {
1080  f64 time = vlib_time_now (vlib_main);
1081  quic_main.wrk_ctx[thread_index].time_now = (int64_t) (time * 1000.f);
1082  return quic_main.wrk_ctx[thread_index].time_now;
1083 }
1084 
1085 /* Transport proto callback */
1086 static void
1087 quic_update_time (f64 now, u8 thread_index)
1088 {
1089  tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
1090 
1091  tw = &quic_main.wrk_ctx[thread_index].timer_wheel;
1092  quic_set_time_now (thread_index);
1093  tw_timer_expire_timers_1t_3w_1024sl_ov (tw, now);
1094 }
1095 
1096 static void
1098 {
1099  quic_ctx_t *ctx;
1100  QUIC_DBG (4, "Timer expired for conn %u at %ld", conn_index,
1101  quic_get_time (NULL));
1102  ctx = quic_ctx_get (conn_index, vlib_get_thread_index ());
1104  quic_send_packets (ctx);
1105 }
1106 
1107 static void
1109 {
1110  tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
1111  int64_t next_timeout, next_interval;
1112  session_t *quic_session;
1113  int rv;
1114 
1115  /* This timeout is in ms which is the unit of our timer */
1116  next_timeout = quicly_get_first_timeout (ctx->conn);
1117  next_interval = next_timeout - quic_get_time (NULL);
1118 
1119  if (next_timeout == 0 || next_interval <= 0)
1120  {
1121  if (ctx->c_s_index == QUIC_SESSION_INVALID)
1122  {
1123  next_interval = 1;
1124  }
1125  else
1126  {
1127  quic_session = session_get (ctx->c_s_index, ctx->c_thread_index);
1128  if (svm_fifo_set_event (quic_session->tx_fifo))
1129  {
1130  rv = session_send_io_evt_to_thread_custom (quic_session,
1131  quic_session->thread_index,
1133  if (PREDICT_FALSE (rv))
1134  QUIC_ERR ("Failed to enqueue builtin_tx %d", rv);
1135  }
1136  return;
1137  }
1138  }
1139 
1140  tw = &quic_main.wrk_ctx[vlib_get_thread_index ()].timer_wheel;
1141 
1142  QUIC_DBG (4, "Timer set to %ld (int %ld) for ctx %u", next_timeout,
1143  next_interval, ctx->c_c_index);
1144 
1146  {
1147  if (next_timeout == INT64_MAX)
1148  {
1149  QUIC_DBG (4, "timer for ctx %u already stopped", ctx->c_c_index);
1150  return;
1151  }
1152  ctx->timer_handle = tw_timer_start_1t_3w_1024sl_ov (tw, ctx->c_c_index,
1153  0, next_interval);
1154  }
1155  else
1156  {
1157  if (next_timeout == INT64_MAX)
1158  {
1159  quic_stop_ctx_timer (ctx);
1160  }
1161  else
1162  tw_timer_update_1t_3w_1024sl_ov (tw, ctx->timer_handle,
1163  next_interval);
1164  }
1165  return;
1166 }
1167 
1168 static void
1170 {
1171  int i;
1172 
1173  for (i = 0; i < vec_len (expired_timers); i++)
1174  {
1175  quic_timer_expired (expired_timers[i]);
1176  }
1177 }
1178 
1179 /* Transport proto functions */
1180 static int
1182 {
1183  uint64_t quic_session_handle;
1184  session_t *stream_session;
1185  quic_stream_data_t *stream_data;
1186  quicly_stream_t *stream;
1187  quicly_conn_t *conn;
1188  app_worker_t *app_wrk;
1189  quic_ctx_t *qctx, *sctx;
1190  u32 sctx_index;
1191  u8 is_unidir;
1192  int rv;
1193 
1194  /* Find base session to which the user want to attach a stream */
1195  quic_session_handle = session_handle (quic_session);
1196  QUIC_DBG (2, "Opening new stream (qsession %u)", quic_session_handle);
1197 
1198  if (session_type_transport_proto (quic_session->session_type) !=
1199  TRANSPORT_PROTO_QUIC)
1200  {
1201  QUIC_ERR ("received incompatible session");
1202  return -1;
1203  }
1204 
1205  app_wrk = app_worker_get_if_valid (quic_session->app_wrk_index);
1206  if (!app_wrk)
1207  {
1208  QUIC_ERR ("Invalid app worker :(");
1209  return -1;
1210  }
1211 
1212  sctx_index = quic_ctx_alloc (quic_session->thread_index); /* Allocate before we get pointers */
1213  sctx = quic_ctx_get (sctx_index, quic_session->thread_index);
1214  qctx = quic_ctx_get (quic_session->connection_index,
1215  quic_session->thread_index);
1216  if (quic_ctx_is_stream (qctx))
1217  {
1218  QUIC_ERR ("session is a stream");
1219  quic_ctx_free (sctx);
1220  return -1;
1221  }
1222 
1223  sctx->parent_app_wrk_id = qctx->parent_app_wrk_id;
1224  sctx->parent_app_id = qctx->parent_app_id;
1225  sctx->quic_connection_ctx_id = qctx->c_c_index;
1226  sctx->c_c_index = sctx_index;
1227  sctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1228  sctx->flags |= QUIC_F_IS_STREAM;
1229 
1230  conn = qctx->conn;
1231 
1232  if (!conn || !quicly_connection_is_ready (conn))
1233  return -1;
1234 
1235  is_unidir = sep->transport_flags & TRANSPORT_CFG_F_UNIDIRECTIONAL;
1236  if ((rv = quicly_open_stream (conn, &stream, is_unidir)))
1237  {
1238  QUIC_DBG (2, "Stream open failed with %d", rv);
1239  return -1;
1240  }
1241  quic_increment_counter (QUIC_ERROR_OPENED_STREAM, 1);
1242 
1243  sctx->stream = stream;
1244 
1245  QUIC_DBG (2, "Opened stream %d, creating session", stream->stream_id);
1246 
1247  stream_session = session_alloc (qctx->c_thread_index);
1248  QUIC_DBG (2, "Allocated stream_session 0x%lx ctx %u",
1249  session_handle (stream_session), sctx_index);
1250  stream_session->app_wrk_index = app_wrk->wrk_index;
1251  stream_session->connection_index = sctx_index;
1252  stream_session->listener_handle = quic_session_handle;
1253  stream_session->session_type =
1254  session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, qctx->udp_is_ip4);
1255  if (is_unidir)
1256  stream_session->flags |= SESSION_F_UNIDIRECTIONAL;
1257 
1258  sctx->c_s_index = stream_session->session_index;
1259  stream_data = (quic_stream_data_t *) stream->data;
1260  stream_data->ctx_id = sctx->c_c_index;
1261  stream_data->thread_index = sctx->c_thread_index;
1262  stream_data->app_rx_data_len = 0;
1263  stream_data->app_tx_data_len = 0;
1264  stream_session->session_state = SESSION_STATE_READY;
1265 
1266  /* For now we only reset streams. Cleanup will be triggered by timers */
1267  if ((rv = app_worker_init_connected (app_wrk, stream_session)))
1268  {
1269  QUIC_ERR ("failed to app_worker_init_connected");
1270  quicly_reset_stream (stream, QUIC_APP_CONNECT_NOTIFY_ERROR);
1271  return app_worker_connect_notify (app_wrk, NULL, rv, sep->opaque);
1272  }
1273 
1274  svm_fifo_add_want_deq_ntf (stream_session->rx_fifo,
1277 
1278  if (app_worker_connect_notify (app_wrk, stream_session, SESSION_E_NONE,
1279  sep->opaque))
1280  {
1281  QUIC_ERR ("failed to notify app");
1282  quic_increment_counter (QUIC_ERROR_CLOSED_STREAM, 1);
1283  quicly_reset_stream (stream, QUIC_APP_CONNECT_NOTIFY_ERROR);
1284  return -1;
1285  }
1286 
1287  return 0;
1288 }
1289 
1290 static int
1292 {
1293  vnet_connect_args_t _cargs, *cargs = &_cargs;
1294  quic_main_t *qm = &quic_main;
1295  quic_ctx_t *ctx;
1296  app_worker_t *app_wrk;
1297  application_t *app;
1298  u32 ctx_index;
1299  u32 thread_index = vlib_get_thread_index ();
1300  int error;
1301 
1302  clib_memset (cargs, 0, sizeof (*cargs));
1303  ctx_index = quic_ctx_alloc (thread_index);
1304  ctx = quic_ctx_get (ctx_index, thread_index);
1305  ctx->parent_app_wrk_id = sep->app_wrk_index;
1306  ctx->c_s_index = QUIC_SESSION_INVALID;
1307  ctx->c_c_index = ctx_index;
1308  ctx->udp_is_ip4 = sep->is_ip4;
1311  ctx->client_opaque = sep->opaque;
1312  ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1313  if (sep->hostname)
1314  ctx->srv_hostname = format (0, "%v", sep->hostname);
1315  else
1316  /* needed by quic for crypto + determining client / server */
1317  ctx->srv_hostname = format (0, "%U", format_ip46_address,
1318  &sep->ip, sep->is_ip4);
1320 
1321  clib_memcpy (&cargs->sep, sep, sizeof (session_endpoint_cfg_t));
1322  cargs->sep.transport_proto = TRANSPORT_PROTO_UDP;
1323  cargs->app_index = qm->app_index;
1324  cargs->api_context = ctx_index;
1325 
1326  app_wrk = app_worker_get (sep->app_wrk_index);
1327  app = application_get (app_wrk->app_index);
1328  ctx->parent_app_id = app_wrk->app_index;
1329  cargs->sep_ext.ns_index = app->ns_index;
1330  cargs->sep_ext.transport_flags = TRANSPORT_CFG_F_CONNECTED;
1331 
1332  ctx->crypto_engine = sep->crypto_engine;
1333  ctx->ckpair_index = sep->ckpair_index;
1334  if ((error = quic_acquire_crypto_context (ctx)))
1335  return error;
1336 
1337  if ((error = vnet_connect (cargs)))
1338  return error;
1339 
1340  return 0;
1341 }
1342 
1343 static int
1345 {
1346  QUIC_DBG (2, "Called quic_connect");
1348  session_t *quic_session;
1349  sep = (session_endpoint_cfg_t *) tep;
1350 
1351  quic_session = session_get_from_handle_if_valid (sep->parent_handle);
1352  if (quic_session)
1353  return quic_connect_stream (quic_session, sep);
1354  else
1355  return quic_connect_connection (sep);
1356 }
1357 
1358 static void
1359 quic_proto_on_close (u32 ctx_index, u32 thread_index)
1360 {
1361  int err;
1362  quic_ctx_t *ctx = quic_ctx_get_if_valid (ctx_index, thread_index);
1363  if (!ctx)
1364  return;
1365  session_t *stream_session = session_get (ctx->c_s_index,
1366  ctx->c_thread_index);
1367 #if QUIC_DEBUG >= 2
1368  clib_warning ("Closing session 0x%lx", session_handle (stream_session));
1369 #endif
1370  if (quic_ctx_is_stream (ctx))
1371  {
1372  quicly_stream_t *stream = ctx->stream;
1373  if (!quicly_stream_has_send_side (quicly_is_client (stream->conn),
1374  stream->stream_id))
1375  return;
1376  quicly_sendstate_shutdown (&stream->sendstate, ctx->bytes_written +
1378  (stream_session->tx_fifo));
1379  err = quicly_stream_sync_sendbuf (stream, 1);
1380  if (err)
1381  {
1382  QUIC_DBG (1, "sendstate_shutdown failed for stream session %lu",
1383  session_handle (stream_session));
1384  quicly_reset_stream (stream, QUIC_APP_ERROR_CLOSE_NOTIFY);
1385  }
1386  quic_send_packets (ctx);
1387  return;
1388  }
1389 
1390  switch (ctx->conn_state)
1391  {
1394  case QUIC_CONN_STATE_READY:
1396  quicly_conn_t *conn = ctx->conn;
1397  /* Start connection closing. Keep sending packets until quicly_send
1398  returns QUICLY_ERROR_FREE_CONNECTION */
1399 
1400  quic_increment_counter (QUIC_ERROR_CLOSED_CONNECTION, 1);
1401  quicly_close (conn, QUIC_APP_ERROR_CLOSE_NOTIFY, "Closed by peer");
1402  /* This also causes all streams to be closed (and the cb called) */
1403  quic_send_packets (ctx);
1404  break;
1407  /* send_packets will eventually return an error, we delete the conn at
1408  that point */
1409  break;
1411  quic_connection_delete (ctx);
1412  break;
1414  break;
1415  default:
1416  QUIC_ERR ("Trying to close conn in state %d", ctx->conn_state);
1417  break;
1418  }
1419 }
1420 
1421 static u32
1422 quic_start_listen (u32 quic_listen_session_index, transport_endpoint_t * tep)
1423 {
1424  vnet_listen_args_t _bargs, *args = &_bargs;
1425  quic_main_t *qm = &quic_main;
1426  session_handle_t udp_handle;
1428  session_t *udp_listen_session;
1429  app_worker_t *app_wrk;
1430  application_t *app;
1431  quic_ctx_t *lctx;
1432  u32 lctx_index;
1433  app_listener_t *app_listener;
1434  int rv;
1435 
1436  sep = (session_endpoint_cfg_t *) tep;
1437  app_wrk = app_worker_get (sep->app_wrk_index);
1438  /* We need to call this because we call app_worker_init_connected in
1439  * quic_accept_stream, which assumes the connect segment manager exists */
1441  app = application_get (app_wrk->app_index);
1442  QUIC_DBG (2, "Called quic_start_listen for app %d", app_wrk->app_index);
1443 
1444  clib_memset (args, 0, sizeof (*args));
1445  args->app_index = qm->app_index;
1446  args->sep_ext = *sep;
1447  args->sep_ext.ns_index = app->ns_index;
1448  args->sep_ext.transport_proto = TRANSPORT_PROTO_UDP;
1449  args->sep_ext.transport_flags = TRANSPORT_CFG_F_CONNECTED;
1450  if ((rv = vnet_listen (args)))
1451  return rv;
1452 
1453  lctx_index = quic_ctx_alloc (0);
1454  udp_handle = args->handle;
1455  app_listener = app_listener_get_w_handle (udp_handle);
1456  udp_listen_session = app_listener_get_session (app_listener);
1457  udp_listen_session->opaque = lctx_index;
1458 
1459  lctx = quic_ctx_get (lctx_index, 0);
1460  lctx->flags |= QUIC_F_IS_LISTENER;
1461 
1462  clib_memcpy (&lctx->c_rmt_ip, &args->sep.peer.ip, sizeof (ip46_address_t));
1463  clib_memcpy (&lctx->c_lcl_ip, &args->sep.ip, sizeof (ip46_address_t));
1464  lctx->c_rmt_port = args->sep.peer.port;
1465  lctx->c_lcl_port = args->sep.port;
1466  lctx->c_is_ip4 = args->sep.is_ip4;
1467  lctx->c_fib_index = args->sep.fib_index;
1468  lctx->c_proto = TRANSPORT_PROTO_QUIC;
1469  lctx->parent_app_wrk_id = sep->app_wrk_index;
1470  lctx->parent_app_id = app_wrk->app_index;
1471  lctx->udp_session_handle = udp_handle;
1472  lctx->c_s_index = quic_listen_session_index;
1473  lctx->crypto_engine = sep->crypto_engine;
1474  lctx->ckpair_index = sep->ckpair_index;
1475  if (quic_acquire_crypto_context (lctx))
1476  return -1;
1477 
1478  QUIC_DBG (2, "Listening UDP session 0x%lx",
1479  session_handle (udp_listen_session));
1480  QUIC_DBG (2, "Listening QUIC session 0x%lx", quic_listen_session_index);
1481  return lctx_index;
1482 }
1483 
1484 static u32
1485 quic_stop_listen (u32 lctx_index)
1486 {
1487  QUIC_DBG (2, "Called quic_stop_listen");
1488  quic_ctx_t *lctx;
1489  lctx = quic_ctx_get (lctx_index, 0);
1492  .handle = lctx->udp_session_handle,
1493  .app_index = quic_main.app_index,
1494  .wrk_map_index = 0 /* default wrk */
1495  };
1496  if (vnet_unlisten (&a))
1497  clib_warning ("unlisten errored");
1498 
1500  0 /* thread_index */ );
1501  quic_ctx_free (lctx);
1502  return 0;
1503 }
1504 
1505 static transport_connection_t *
1506 quic_connection_get (u32 ctx_index, u32 thread_index)
1507 {
1508  quic_ctx_t *ctx;
1509  ctx = quic_ctx_get (ctx_index, thread_index);
1510  return &ctx->connection;
1511 }
1512 
1513 static transport_connection_t *
1514 quic_listener_get (u32 listener_index)
1515 {
1516  QUIC_DBG (2, "Called quic_listener_get");
1517  quic_ctx_t *ctx;
1518  ctx = quic_ctx_get (listener_index, 0);
1519  return &ctx->connection;
1520 }
1521 
1522 static u8 *
1523 format_quic_ctx (u8 * s, va_list * args)
1524 {
1525  quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
1526  u32 verbose = va_arg (*args, u32);
1527  u8 *str = 0;
1528 
1529  if (!ctx)
1530  return s;
1531  str = format (str, "[#%d][Q] ", ctx->c_thread_index);
1532 
1533  if (quic_ctx_is_listener (ctx))
1534  str = format (str, "Listener, UDP %ld", ctx->udp_session_handle);
1535  else if (quic_ctx_is_stream (ctx))
1536  str = format (str, "Stream %ld conn %d",
1537  ctx->stream->stream_id, ctx->quic_connection_ctx_id);
1538  else /* connection */
1539  str = format (str, "Conn %d UDP %d", ctx->c_c_index,
1540  ctx->udp_session_handle);
1541 
1542  str = format (str, " app %d wrk %d", ctx->parent_app_id,
1543  ctx->parent_app_wrk_id);
1544 
1545  if (verbose == 1)
1546  s = format (s, "%-" SESSION_CLI_ID_LEN "s%-" SESSION_CLI_STATE_LEN "d",
1547  str, ctx->conn_state);
1548  else
1549  s = format (s, "%s\n", str);
1550  vec_free (str);
1551  return s;
1552 }
1553 
1554 static u8 *
1555 format_quic_connection (u8 * s, va_list * args)
1556 {
1557  u32 qc_index = va_arg (*args, u32);
1558  u32 thread_index = va_arg (*args, u32);
1559  u32 verbose = va_arg (*args, u32);
1560  quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1561  s = format (s, "%U", format_quic_ctx, ctx, verbose);
1562  return s;
1563 }
1564 
1565 static u8 *
1566 format_quic_half_open (u8 * s, va_list * args)
1567 {
1568  u32 qc_index = va_arg (*args, u32);
1569  u32 thread_index = va_arg (*args, u32);
1570  quic_ctx_t *ctx = quic_ctx_get (qc_index, thread_index);
1571  s = format (s, "[#%d][Q] half-open app %u", thread_index,
1572  ctx->parent_app_id);
1573  return s;
1574 }
1575 
1576 /* TODO improve */
1577 static u8 *
1578 format_quic_listener (u8 * s, va_list * args)
1579 {
1580  u32 tci = va_arg (*args, u32);
1581  u32 thread_index = va_arg (*args, u32);
1582  u32 verbose = va_arg (*args, u32);
1583  quic_ctx_t *ctx = quic_ctx_get (tci, thread_index);
1584  s = format (s, "%U", format_quic_ctx, ctx, verbose);
1585  return s;
1586 }
1587 
1588 /* Session layer callbacks */
1589 
1590 static inline void
1591 quic_build_sockaddr (struct sockaddr *sa, socklen_t * salen,
1592  ip46_address_t * addr, u16 port, u8 is_ip4)
1593 {
1594  if (is_ip4)
1595  {
1596  struct sockaddr_in *sa4 = (struct sockaddr_in *) sa;
1597  sa4->sin_family = AF_INET;
1598  sa4->sin_port = port;
1599  sa4->sin_addr.s_addr = addr->ip4.as_u32;
1600  *salen = sizeof (struct sockaddr_in);
1601  }
1602  else
1603  {
1604  struct sockaddr_in6 *sa6 = (struct sockaddr_in6 *) sa;
1605  sa6->sin6_family = AF_INET6;
1606  sa6->sin6_port = port;
1607  clib_memcpy (&sa6->sin6_addr, &addr->ip6, 16);
1608  *salen = sizeof (struct sockaddr_in6);
1609  }
1610 }
1611 
1612 static void
1614 {
1615  session_t *quic_session;
1616  app_worker_t *app_wrk;
1617  u32 ctx_id = ctx->c_c_index;
1618  u32 thread_index = ctx->c_thread_index;
1619  int rv;
1620 
1621  quic_session = session_alloc (thread_index);
1622 
1623  QUIC_DBG (2, "Allocated quic session 0x%lx", session_handle (quic_session));
1624  ctx->c_s_index = quic_session->session_index;
1625  quic_session->app_wrk_index = ctx->parent_app_wrk_id;
1626  quic_session->connection_index = ctx->c_c_index;
1627  quic_session->listener_handle = SESSION_INVALID_HANDLE;
1628  quic_session->session_type =
1629  session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, ctx->udp_is_ip4);
1630 
1631  /* If quic session connected fails, immediatly close connection */
1632  app_wrk = app_worker_get (ctx->parent_app_wrk_id);
1633  if ((rv = app_worker_init_connected (app_wrk, quic_session)))
1634  {
1635  QUIC_ERR ("failed to app_worker_init_connected");
1636  quic_proto_on_close (ctx_id, thread_index);
1637  app_worker_connect_notify (app_wrk, NULL, rv, ctx->client_opaque);
1638  return;
1639  }
1640 
1641  quic_session->session_state = SESSION_STATE_CONNECTING;
1642  if ((rv = app_worker_connect_notify (app_wrk, quic_session,
1643  SESSION_E_NONE, ctx->client_opaque)))
1644  {
1645  QUIC_ERR ("failed to notify app %d", rv);
1646  quic_proto_on_close (ctx_id, thread_index);
1647  return;
1648  }
1649 
1650  /* If the app opens a stream in its callback it may invalidate ctx */
1651  ctx = quic_ctx_get (ctx_id, thread_index);
1652  /*
1653  * app_worker_connect_notify() might have reallocated pool, reload
1654  * quic_session pointer
1655  */
1656  quic_session = session_get (ctx->c_s_index, thread_index);
1657  quic_session->session_state = SESSION_STATE_LISTENING;
1658 }
1659 
1660 static void
1662 {
1663  /* Called when we need to trigger quic session connected
1664  * we may call this function on the server side / at
1665  * stream opening */
1666 
1667  /* Conn may be set to null if the connection is terminated */
1668  if (!ctx->conn || ctx->conn_state != QUIC_CONN_STATE_HANDSHAKE)
1669  return;
1670  if (!quicly_connection_is_ready (ctx->conn))
1671  return;
1673  if (!quicly_is_client (ctx->conn))
1674  return;
1676 }
1677 
1678 static inline void
1679 quic_update_conn_ctx (quicly_conn_t * conn, quicly_context_t * quicly_context)
1680 {
1681  /* we need to update the quicly_conn on migrate
1682  * as it contains a pointer to the crypto context */
1683  ptls_context_t **tls;
1684  quicly_context_t **_quicly_context;
1685  _quicly_context = (quicly_context_t **) conn;
1686  *_quicly_context = quicly_context;
1687  tls = (ptls_context_t **) quicly_get_tls (conn);
1688  *tls = quicly_context->tls;
1689 }
1690 
1691 static void
1693 {
1694  u32 new_ctx_id, thread_index = vlib_get_thread_index ();
1695  quic_ctx_t *temp_ctx, *new_ctx;
1697  quicly_conn_t *conn;
1698  quicly_context_t *quicly_context;
1699  session_t *udp_session;
1700 
1701  temp_ctx = arg;
1702  new_ctx_id = quic_ctx_alloc (thread_index);
1703  new_ctx = quic_ctx_get (new_ctx_id, thread_index);
1704 
1705  QUIC_DBG (2, "Received conn %u (now %u)", temp_ctx->c_thread_index,
1706  new_ctx_id);
1707 
1708  clib_memcpy (new_ctx, temp_ctx, sizeof (quic_ctx_t));
1709  clib_mem_free (temp_ctx);
1710 
1711  new_ctx->c_thread_index = thread_index;
1712  new_ctx->c_c_index = new_ctx_id;
1713  quic_acquire_crypto_context (new_ctx);
1714 
1715  conn = new_ctx->conn;
1716  quicly_context = quic_get_quicly_ctx_from_ctx (new_ctx);
1717  quic_update_conn_ctx (conn, quicly_context);
1718 
1719  quic_store_conn_ctx (conn, new_ctx);
1720  quic_make_connection_key (&kv, quicly_get_master_id (conn));
1721  kv.value = ((u64) thread_index) << 32 | (u64) new_ctx_id;
1722  QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1723  clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1725  quic_update_timer (new_ctx);
1726 
1727  /* Trigger write on this connection if necessary */
1728  udp_session = session_get_from_handle (new_ctx->udp_session_handle);
1729  udp_session->opaque = new_ctx_id;
1730  udp_session->flags &= ~SESSION_F_IS_MIGRATING;
1731  if (svm_fifo_max_dequeue (udp_session->tx_fifo))
1732  quic_set_udp_tx_evt (udp_session);
1733 }
1734 
1735 static void
1736 quic_transfer_connection (u32 ctx_index, u32 dest_thread)
1737 {
1738  quic_ctx_t *ctx, *temp_ctx;
1739  u32 thread_index = vlib_get_thread_index ();
1740 
1741  QUIC_DBG (2, "Transferring conn %u to thread %u", ctx_index, dest_thread);
1742 
1743  temp_ctx = clib_mem_alloc (sizeof (quic_ctx_t));
1744  QUIC_ASSERT (temp_ctx != NULL);
1745  ctx = quic_ctx_get (ctx_index, thread_index);
1746 
1747  clib_memcpy (temp_ctx, ctx, sizeof (quic_ctx_t));
1748 
1749  quic_stop_ctx_timer (ctx);
1751  quic_ctx_free (ctx);
1752 
1753  /* Send connection to destination thread */
1755  (void *) temp_ctx);
1756 }
1757 
1758 static int
1759 quic_udp_session_connected_callback (u32 quic_app_index, u32 ctx_index,
1760  session_t * udp_session,
1761  session_error_t err)
1762 {
1763  QUIC_DBG (2, "QSession is now connected (id %u)",
1764  udp_session->session_index);
1765  /* This should always be called before quic_connect returns since UDP always
1766  * connects instantly. */
1768  struct sockaddr_in6 sa6;
1769  struct sockaddr *sa = (struct sockaddr *) &sa6;
1770  socklen_t salen;
1772  app_worker_t *app_wrk;
1773  quicly_conn_t *conn;
1774  quic_ctx_t *ctx;
1775  u32 thread_index = vlib_get_thread_index ();
1776  int ret;
1777  quicly_context_t *quicly_ctx;
1778 
1779 
1780  ctx = quic_ctx_get (ctx_index, thread_index);
1781  if (err)
1782  {
1783  u32 api_context;
1784  app_wrk = app_worker_get_if_valid (ctx->parent_app_wrk_id);
1785  if (app_wrk)
1786  {
1787  api_context = ctx->c_s_index;
1788  app_worker_connect_notify (app_wrk, 0, SESSION_E_NONE, api_context);
1789  }
1790  return 0;
1791  }
1792 
1793  ctx->c_thread_index = thread_index;
1794  ctx->c_c_index = ctx_index;
1795 
1796  QUIC_DBG (2, "Quic connect returned %u. New ctx [%u]%x",
1797  is_fail, thread_index, (ctx) ? ctx_index : ~0);
1798 
1799  ctx->udp_session_handle = session_handle (udp_session);
1800  udp_session->opaque = ctx_index;
1801 
1802  /* Init QUIC lib connection
1803  * Generate required sockaddr & salen */
1804  tc = session_get_transport (udp_session);
1805  quic_build_sockaddr (sa, &salen, &tc->rmt_ip, tc->rmt_port, tc->is_ip4);
1806 
1807  quicly_ctx = quic_get_quicly_ctx_from_ctx (ctx);
1808  ret = quicly_connect (&ctx->conn, quicly_ctx, (char *) ctx->srv_hostname,
1809  sa, NULL, &quic_main.wrk_ctx[thread_index].next_cid,
1810  ptls_iovec_init (NULL, 0), &quic_main.hs_properties,
1811  NULL);
1812  ++quic_main.wrk_ctx[thread_index].next_cid.master_id;
1813  /* Save context handle in quicly connection */
1814  quic_store_conn_ctx (ctx->conn, ctx);
1815  assert (ret == 0);
1816 
1817  /* Register connection in connections map */
1818  conn = ctx->conn;
1819  quic_make_connection_key (&kv, quicly_get_master_id (conn));
1820  kv.value = ((u64) thread_index) << 32 | (u64) ctx_index;
1821  QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
1822  clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
1823 
1824  /* UDP stack quirk? preemptively transfer connection if that happens */
1825  if (udp_session->thread_index != thread_index)
1826  quic_transfer_connection (ctx_index, udp_session->thread_index);
1827  else
1828  quic_send_packets (ctx);
1829 
1830  return ret;
1831 }
1832 
1833 static void
1835 {
1836  clib_warning ("UDP session disconnected???");
1837 }
1838 
1839 static void
1842 {
1843  quic_ctx_t *ctx;
1844 
1845  if (ntf != SESSION_CLEANUP_SESSION)
1846  return;
1847 
1848  ctx = quic_ctx_get (udp_session->opaque, udp_session->thread_index);
1849  quic_stop_ctx_timer (ctx);
1851  ctx->c_thread_index);
1852  quic_ctx_free (ctx);
1853 }
1854 
1855 static void
1857 {
1858  clib_warning ("UDP session reset???");
1859 }
1860 
1861 static void
1863 {
1864  u32 new_thread = session_thread_from_handle (new_sh);
1865  quic_ctx_t *ctx;
1866 
1867  QUIC_DBG (2, "Session %x migrated to %lx", s->session_index, new_sh);
1869  ctx = quic_ctx_get (s->opaque, s->thread_index);
1871 
1872  ctx->udp_session_handle = new_sh;
1873 #if QUIC_DEBUG >= 1
1874  s->opaque = 0xfeedface;
1875 #endif
1876  quic_transfer_connection (ctx->c_c_index, new_thread);
1877 }
1878 
1879 int
1881 {
1882  /* New UDP connection, try to accept it */
1883  u32 ctx_index;
1884  quic_ctx_t *ctx, *lctx;
1885  session_t *udp_listen_session;
1886  u32 thread_index = vlib_get_thread_index ();
1887 
1888  udp_listen_session =
1890 
1891  ctx_index = quic_ctx_alloc (thread_index);
1892  ctx = quic_ctx_get (ctx_index, thread_index);
1893  ctx->c_thread_index = udp_session->thread_index;
1894  ctx->c_c_index = ctx_index;
1895  ctx->c_s_index = QUIC_SESSION_INVALID;
1896  ctx->udp_session_handle = session_handle (udp_session);
1897  QUIC_DBG (2, "ACCEPTED UDP 0x%lx", ctx->udp_session_handle);
1898  ctx->listener_ctx_id = udp_listen_session->opaque;
1899  lctx = quic_ctx_get (udp_listen_session->opaque,
1900  udp_listen_session->thread_index);
1901  ctx->udp_is_ip4 = lctx->c_is_ip4;
1902  ctx->parent_app_id = lctx->parent_app_id;
1903  ctx->parent_app_wrk_id = lctx->parent_app_wrk_id;
1906  ctx->c_flags |= TRANSPORT_CONNECTION_F_NO_LOOKUP;
1907 
1908  ctx->crypto_engine = lctx->crypto_engine;
1909  ctx->ckpair_index = lctx->ckpair_index;
1911  udp_session->opaque = ctx_index;
1912 
1913  /* TODO timeout to delete these if they never connect */
1914  return 0;
1915 }
1916 
1917 static int
1918 quic_add_segment_callback (u32 client_index, u64 seg_handle)
1919 {
1920  /* No-op for builtin */
1921  return 0;
1922 }
1923 
1924 static int
1925 quic_del_segment_callback (u32 client_index, u64 seg_handle)
1926 {
1927  /* No-op for builtin */
1928  return 0;
1929 }
1930 
1931 static int
1933 {
1934  quic_ctx_t *ctx;
1935  session_t *stream_session = session_get (tc->s_index, tc->thread_index);
1936  QUIC_DBG (3, "Received app READ notification");
1937  quic_ack_rx_data (stream_session);
1938  svm_fifo_reset_has_deq_ntf (stream_session->rx_fifo);
1939 
1940  /* Need to send packets (acks may never be sent otherwise) */
1941  ctx = quic_ctx_get (stream_session->connection_index,
1942  stream_session->thread_index);
1943  quic_send_packets (ctx);
1944  return 0;
1945 }
1946 
1947 static int
1949 {
1950  session_t *stream_session = (session_t *) s;
1951  quic_stream_data_t *stream_data;
1952  quicly_stream_t *stream;
1953  quic_ctx_t *ctx;
1954  u32 max_deq;
1955  int rv;
1956 
1957  if (PREDICT_FALSE
1958  (stream_session->session_state >= SESSION_STATE_TRANSPORT_CLOSING))
1959  return 0;
1960  ctx = quic_ctx_get (stream_session->connection_index,
1961  stream_session->thread_index);
1962  if (PREDICT_FALSE (!quic_ctx_is_stream (ctx)))
1963  {
1964  goto tx_end; /* Most probably a reschedule */
1965  }
1966 
1967  QUIC_DBG (3, "Stream TX event");
1968  quic_ack_rx_data (stream_session);
1969  stream = ctx->stream;
1970  if (!quicly_sendstate_is_open (&stream->sendstate))
1971  {
1972  QUIC_ERR ("Warning: tried to send on closed stream");
1973  return -1;
1974  }
1975 
1976  stream_data = (quic_stream_data_t *) stream->data;
1977  max_deq = svm_fifo_max_dequeue (stream_session->tx_fifo);
1978  QUIC_ASSERT (max_deq >= stream_data->app_tx_data_len);
1979  if (max_deq == stream_data->app_tx_data_len)
1980  {
1981  QUIC_DBG (3, "TX but no data %d / %d", max_deq,
1982  stream_data->app_tx_data_len);
1983  return 0;
1984  }
1985  stream_data->app_tx_data_len = max_deq;
1986  rv = quicly_stream_sync_sendbuf (stream, 1);
1987  QUIC_ASSERT (!rv);
1988 
1989 tx_end:
1990  quic_send_packets (ctx);
1991  return 0;
1992 }
1993 
1994 /*
1995  * Returns 0 if a matching connection is found and is on the right thread.
1996  * Otherwise returns -1.
1997  * If a connection is found, even on the wrong thread, ctx_thread and ctx_index
1998  * will be set.
1999  */
2000 static inline int
2001 quic_find_packet_ctx (quic_rx_packet_ctx_t * pctx, u32 caller_thread_index)
2002 {
2004  clib_bihash_16_8_t *h;
2005  quic_ctx_t *ctx;
2006  u32 index, thread_id;
2007 
2008  h = &quic_main.connection_hash;
2009  quic_make_connection_key (&kv, &pctx->packet.cid.dest.plaintext);
2010  QUIC_DBG (3, "Searching conn with id %lu %lu", kv.key[0], kv.key[1]);
2011 
2012  if (clib_bihash_search_16_8 (h, &kv, &kv))
2013  {
2014  QUIC_DBG (3, "connection not found");
2015  return QUIC_PACKET_TYPE_NONE;
2016  }
2017 
2018  index = kv.value & UINT32_MAX;
2019  thread_id = kv.value >> 32;
2020  /* Check if this connection belongs to this thread, otherwise
2021  * ask for it to be moved */
2022  if (thread_id != caller_thread_index)
2023  {
2024  QUIC_DBG (2, "Connection is on wrong thread");
2025  /* Cannot make full check with quicly_is_destination... */
2026  pctx->ctx_index = index;
2027  pctx->thread_index = thread_id;
2028  return QUIC_PACKET_TYPE_MIGRATE;
2029  }
2030  ctx = quic_ctx_get (index, vlib_get_thread_index ());
2031  if (!ctx->conn)
2032  {
2033  QUIC_ERR ("ctx has no conn");
2034  return QUIC_PACKET_TYPE_NONE;
2035  }
2036  if (!quicly_is_destination (ctx->conn, NULL, &pctx->sa, &pctx->packet))
2037  return QUIC_PACKET_TYPE_NONE;
2038 
2039  QUIC_DBG (3, "Connection found");
2040  pctx->ctx_index = index;
2041  pctx->thread_index = thread_id;
2042  return QUIC_PACKET_TYPE_RECEIVE;
2043 }
2044 
2045 static void
2047 {
2048  quicly_context_t *quicly_ctx;
2049  session_t *quic_session;
2051  app_worker_t *app_wrk;
2052  quicly_conn_t *conn;
2053  quic_ctx_t *ctx;
2054  quic_ctx_t *lctx;
2055  int rv;
2056 
2057  /* new connection, accept and create context if packet is valid
2058  * TODO: check if socket is actually listening? */
2059  ctx = quic_ctx_get (pctx->ctx_index, pctx->thread_index);
2060  if (ctx->c_s_index != QUIC_SESSION_INVALID)
2061  {
2062  QUIC_DBG (2, "already accepted ctx 0x%x", ctx->c_s_index);
2063  return;
2064  }
2065 
2066  quicly_ctx = quic_get_quicly_ctx_from_ctx (ctx);
2067  if ((rv = quicly_accept (&conn, quicly_ctx, NULL, &pctx->sa,
2068  &pctx->packet, NULL,
2069  &quic_main.wrk_ctx[pctx->thread_index].next_cid,
2070  NULL)))
2071  {
2072  /* Invalid packet, pass */
2073  assert (conn == NULL);
2074  QUIC_ERR ("Accept failed with %U", quic_format_err, rv);
2075  /* TODO: cleanup created quic ctx and UDP session */
2076  return;
2077  }
2078  assert (conn != NULL);
2079 
2080  ++quic_main.wrk_ctx[pctx->thread_index].next_cid.master_id;
2081  /* Save ctx handle in quicly connection */
2082  quic_store_conn_ctx (conn, ctx);
2083  ctx->conn = conn;
2084 
2085  quic_session = session_alloc (ctx->c_thread_index);
2086  QUIC_DBG (2, "Allocated quic_session, 0x%lx ctx %u",
2087  session_handle (quic_session), ctx->c_c_index);
2088  quic_session->session_state = SESSION_STATE_LISTENING;
2089  ctx->c_s_index = quic_session->session_index;
2090 
2091  lctx = quic_ctx_get (ctx->listener_ctx_id, 0);
2092 
2093  quic_session->app_wrk_index = lctx->parent_app_wrk_id;
2094  quic_session->connection_index = ctx->c_c_index;
2095  quic_session->session_type =
2096  session_type_from_proto_and_ip (TRANSPORT_PROTO_QUIC, ctx->udp_is_ip4);
2097  quic_session->listener_handle = lctx->c_s_index;
2098 
2099  /* Register connection in connections map */
2100  quic_make_connection_key (&kv, quicly_get_master_id (conn));
2101  kv.value = ((u64) pctx->thread_index) << 32 | (u64) pctx->ctx_index;
2102  clib_bihash_add_del_16_8 (&quic_main.connection_hash, &kv, 1 /* is_add */ );
2103  QUIC_DBG (2, "Registering conn with id %lu %lu", kv.key[0], kv.key[1]);
2104 
2105  /* If notify fails, reset connection immediatly */
2106  if ((rv = app_worker_init_accepted (quic_session)))
2107  {
2108  QUIC_ERR ("failed to allocate fifos");
2110  return;
2111  }
2112 
2113  app_wrk = app_worker_get (quic_session->app_wrk_index);
2114  if ((rv = app_worker_accept_notify (app_wrk, quic_session)))
2115  {
2116  QUIC_ERR ("failed to notify accept worker app");
2118  return;
2119  }
2120 
2122 }
2123 
2124 static int
2125 quic_reset_connection (u64 udp_session_handle, quic_rx_packet_ctx_t * pctx)
2126 {
2127  /* short header packet; potentially a dead connection. No need to check the
2128  * length of the incoming packet, because loop is prevented by authenticating
2129  * the CID (by checking node_id and thread_id). If the peer is also sending a
2130  * reset, then the next CID is highly likely to contain a non-authenticating
2131  * CID, ... */
2132  QUIC_DBG (2, "Sending stateless reset");
2133  int rv;
2134  quicly_datagram_t *dgram;
2135  session_t *udp_session;
2136  quicly_context_t *quicly_ctx;
2137  if (pctx->packet.cid.dest.plaintext.node_id != 0
2138  || pctx->packet.cid.dest.plaintext.thread_id != 0)
2139  return 0;
2140  quicly_ctx = quic_get_quicly_ctx_from_udp (udp_session_handle);
2141  dgram = quicly_send_stateless_reset (quicly_ctx, &pctx->sa, NULL,
2142  &pctx->packet.cid.dest.plaintext);
2143  if (dgram == NULL)
2144  return 1;
2145  udp_session = session_get_from_handle (udp_session_handle);
2146  rv = quic_send_datagram (udp_session, dgram);
2147  quic_set_udp_tx_evt (udp_session);
2148  return rv;
2149 }
2150 
2151 static int
2152 quic_process_one_rx_packet (u64 udp_session_handle, svm_fifo_t * f,
2153  u32 fifo_offset, quic_rx_packet_ctx_t * pctx)
2154 {
2155  size_t plen;
2156  u32 full_len, ret;
2157  u32 thread_index = vlib_get_thread_index ();
2158  u32 cur_deq = svm_fifo_max_dequeue (f) - fifo_offset;
2159  quicly_context_t *quicly_ctx;
2160  session_t *udp_session;
2161  int rv;
2162 
2163  ret = svm_fifo_peek (f, fifo_offset,
2164  SESSION_CONN_HDR_LEN, (u8 *) & pctx->ph);
2166  QUIC_ASSERT (pctx->ph.data_offset == 0);
2167  full_len = pctx->ph.data_length + SESSION_CONN_HDR_LEN;
2168  if (full_len > cur_deq)
2169  {
2170  QUIC_ERR ("Not enough data in fifo RX");
2171  return 1;
2172  }
2173 
2174  /* Quicly can read len bytes from the fifo at offset:
2175  * ph.data_offset + SESSION_CONN_HDR_LEN */
2176  ret = svm_fifo_peek (f, SESSION_CONN_HDR_LEN + fifo_offset,
2177  pctx->ph.data_length, pctx->data);
2178  if (ret != pctx->ph.data_length)
2179  {
2180  QUIC_ERR ("Not enough data peeked in RX");
2181  return 1;
2182  }
2183 
2184  quic_increment_counter (QUIC_ERROR_RX_PACKETS, 1);
2185  quic_build_sockaddr (&pctx->sa, &pctx->salen, &pctx->ph.rmt_ip,
2186  pctx->ph.rmt_port, pctx->ph.is_ip4);
2187  quicly_ctx = quic_get_quicly_ctx_from_udp (udp_session_handle);
2188  plen = quicly_decode_packet (quicly_ctx, &pctx->packet,
2189  pctx->data, pctx->ph.data_length);
2190 
2191  if (plen == SIZE_MAX)
2192  {
2193  return 1;
2194  }
2195 
2196  rv = quic_find_packet_ctx (pctx, thread_index);
2197  if (rv == QUIC_PACKET_TYPE_RECEIVE)
2198  {
2200  if (quic_main.vnet_crypto_enabled)
2201  {
2202  quic_ctx_t *qctx = quic_ctx_get (pctx->ctx_index, thread_index);
2203  quic_crypto_decrypt_packet (qctx, pctx);
2204  }
2205  return 0;
2206  }
2207  else if (rv == QUIC_PACKET_TYPE_MIGRATE)
2208  {
2210  /* Connection found but on wrong thread, ask move */
2211  }
2212  else if (QUICLY_PACKET_IS_LONG_HEADER (pctx->packet.octets.base[0]))
2213  {
2215  udp_session = session_get_from_handle (udp_session_handle);
2216  pctx->ctx_index = udp_session->opaque;
2217  pctx->thread_index = thread_index;
2218  }
2219  else
2220  {
2221  pctx->ptype = QUIC_PACKET_TYPE_RESET;
2222  }
2223  return 1;
2224 }
2225 
2226 static int
2228 {
2229  /* Read data from UDP rx_fifo and pass it to the quicly conn. */
2230  quic_main_t *qm = &quic_main;
2231  quic_ctx_t *ctx = NULL, *prev_ctx = NULL;
2232  svm_fifo_t *f = udp_session->rx_fifo;
2233  u32 max_deq;
2234  u64 udp_session_handle = session_handle (udp_session);
2235  int rv = 0;
2236  u32 thread_index = vlib_get_thread_index ();
2237  u32 cur_deq, fifo_offset, max_packets, i;
2238 
2240 
2241  if (udp_session->flags & SESSION_F_IS_MIGRATING)
2242  {
2243  QUIC_DBG (3, "RX on migrating udp session");
2244  return 0;
2245  }
2246 
2247 rx_start:
2248  max_deq = svm_fifo_max_dequeue (f);
2249  if (max_deq == 0)
2250  return 0;
2251 
2252  fifo_offset = 0;
2253  max_packets = QUIC_RCV_MAX_BATCH_PACKETS;
2254 
2255 #if CLIB_DEBUG > 0
2256  clib_memset (packets_ctx, 0xfa,
2258 #endif
2259 
2260  for (i = 0; i < max_packets; i++)
2261  {
2262  packets_ctx[i].thread_index = UINT32_MAX;
2263  packets_ctx[i].ctx_index = UINT32_MAX;
2264  packets_ctx[i].ptype = QUIC_PACKET_TYPE_DROP;
2265 
2266  cur_deq = max_deq - fifo_offset;
2267  if (cur_deq == 0)
2268  {
2269  max_packets = i + 1;
2270  break;
2271  }
2272  if (cur_deq < SESSION_CONN_HDR_LEN)
2273  {
2274  fifo_offset = max_deq;
2275  max_packets = i + 1;
2276  QUIC_ERR ("Fifo %d < header size in RX", cur_deq);
2277  break;
2278  }
2279  rv = quic_process_one_rx_packet (udp_session_handle, f,
2280  fifo_offset, &packets_ctx[i]);
2281  if (packets_ctx[i].ptype != QUIC_PACKET_TYPE_MIGRATE)
2282  fifo_offset += SESSION_CONN_HDR_LEN + packets_ctx[i].ph.data_length;
2283  if (rv)
2284  {
2285  max_packets = i + 1;
2286  break;
2287  }
2288  }
2289 
2291  wrk_ctx[thread_index].crypto_context_batch);
2292 
2293  for (i = 0; i < max_packets; i++)
2294  {
2295  switch (packets_ctx[i].ptype)
2296  {
2298  ctx = quic_ctx_get (packets_ctx[i].ctx_index, thread_index);
2299  rv = quicly_receive (ctx->conn, NULL, &packets_ctx[i].sa,
2300  &packets_ctx[i].packet);
2301  if (rv && rv != QUICLY_ERROR_PACKET_IGNORED)
2302  {
2303  QUIC_ERR ("quicly_receive return error %U",
2304  quic_format_err, rv);
2305  }
2306  break;
2308  quic_accept_connection (&packets_ctx[i]);
2309  break;
2311  quic_reset_connection (udp_session_handle, &packets_ctx[i]);
2312  break;
2313  }
2314  }
2315  ctx = prev_ctx = NULL;
2316  for (i = 0; i < max_packets; i++)
2317  {
2318  prev_ctx = ctx;
2319  switch (packets_ctx[i].ptype)
2320  {
2322  ctx = quic_ctx_get (packets_ctx[i].ctx_index,
2323  packets_ctx[i].thread_index);
2325  ctx = quic_ctx_get (packets_ctx[i].ctx_index,
2326  packets_ctx[i].thread_index);
2327  break;
2329  ctx = quic_ctx_get (packets_ctx[i].ctx_index,
2330  packets_ctx[i].thread_index);
2331  break;
2332  default:
2333  continue; /* this exits the for loop since other packet types are
2334  necessarily the last in the batch */
2335  }
2336  if (ctx != prev_ctx)
2337  quic_send_packets (ctx);
2338  }
2339 
2340  udp_session = session_get_from_handle (udp_session_handle); /* session alloc might have happened */
2341  f = udp_session->rx_fifo;
2342  svm_fifo_dequeue_drop (f, fifo_offset);
2343 
2344  if (svm_fifo_max_dequeue (f))
2345  goto rx_start;
2346 
2347  return 0;
2348 }
2349 
2350 always_inline void
2352  transport_endpoint_t * tep, u8 is_lcl)
2353 {
2354  session_t *udp_session;
2355  if (!quic_ctx_is_stream (ctx))
2356  {
2357  udp_session = session_get_from_handle (ctx->udp_session_handle);
2358  session_get_endpoint (udp_session, tep, is_lcl);
2359  }
2360 }
2361 
2362 static void
2364  transport_endpoint_t * tep, u8 is_lcl)
2365 {
2366  quic_ctx_t *ctx;
2367  app_listener_t *app_listener;
2368  session_t *udp_listen_session;
2369  ctx = quic_ctx_get (listener_index, vlib_get_thread_index ());
2370  if (quic_ctx_is_listener (ctx))
2371  {
2372  app_listener = app_listener_get_w_handle (ctx->udp_session_handle);
2373  udp_listen_session = app_listener_get_session (app_listener);
2374  return session_get_endpoint (udp_listen_session, tep, is_lcl);
2375  }
2376  quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2377 }
2378 
2379 static void
2380 quic_get_transport_endpoint (u32 ctx_index, u32 thread_index,
2381  transport_endpoint_t * tep, u8 is_lcl)
2382 {
2383  quic_ctx_t *ctx;
2384  ctx = quic_ctx_get (ctx_index, thread_index);
2385  quic_common_get_transport_endpoint (ctx, tep, is_lcl);
2386 }
2387 
2388 /* *INDENT-OFF* */
2389 static session_cb_vft_t quic_app_cb_vft = {
2391  .session_disconnect_callback = quic_udp_session_disconnect_callback,
2392  .session_connected_callback = quic_udp_session_connected_callback,
2393  .session_reset_callback = quic_udp_session_reset_callback,
2394  .session_migrate_callback = quic_udp_session_migrate_callback,
2395  .add_segment_callback = quic_add_segment_callback,
2396  .del_segment_callback = quic_del_segment_callback,
2397  .builtin_app_rx_callback = quic_udp_session_rx_callback,
2398  .session_cleanup_callback = quic_udp_session_cleanup_callback,
2399  .app_cert_key_pair_delete_callback = quic_app_cert_key_pair_delete_callback,
2400 };
2401 
2403  .connect = quic_connect,
2404  .close = quic_proto_on_close,
2405  .start_listen = quic_start_listen,
2406  .stop_listen = quic_stop_listen,
2407  .get_connection = quic_connection_get,
2408  .get_listener = quic_listener_get,
2409  .update_time = quic_update_time,
2410  .app_rx_evt = quic_custom_app_rx_callback,
2411  .custom_tx = quic_custom_tx_callback,
2412  .format_connection = format_quic_connection,
2413  .format_half_open = format_quic_half_open,
2414  .format_listener = format_quic_listener,
2415  .get_transport_endpoint = quic_get_transport_endpoint,
2416  .get_transport_listener_endpoint = quic_get_transport_listener_endpoint,
2417  .transport_options = {
2418  .name = "quic",
2419  .short_name = "Q",
2420  .tx_type = TRANSPORT_TX_INTERNAL,
2421  .service_type = TRANSPORT_SERVICE_APP,
2422  },
2423 };
2424 /* *INDENT-ON* */
2425 
2426 static quicly_stream_open_t on_stream_open = { quic_on_stream_open };
2427 static quicly_closed_by_peer_t on_closed_by_peer = { quic_on_closed_by_peer };
2428 static quicly_now_t quicly_vpp_now_cb = { quic_get_time };
2429 
2430 static void
2432  ptls_cipher_suite_t ** ciphers)
2433 {
2434  quic_main_t *qm = &quic_main;
2435  vec_validate (qm->quic_ciphers, type);
2437  qm->quic_ciphers[type] = ciphers;
2438 }
2439 
2440 static void
2442 {
2443  quic_main_t *qm = &quic_main;
2444  segment_manager_props_t *seg_mgr_props =
2446 
2447  if (!seg_mgr_props)
2448  {
2449  clib_warning
2450  ("error while getting segment_manager_props_t, can't update fifo-size");
2451  return;
2452  }
2453 
2454  seg_mgr_props->tx_fifo_size = qm->udp_fifo_size;
2455  seg_mgr_props->rx_fifo_size = qm->udp_fifo_size;
2456 }
2457 
2458 static clib_error_t *
2460 {
2461  u32 segment_size = 256 << 20;
2463  tw_timer_wheel_1t_3w_1024sl_ov_t *tw;
2464  vnet_app_attach_args_t _a, *a = &_a;
2466  quic_main_t *qm = &quic_main;
2467  u32 num_threads, i;
2468 
2469  num_threads = 1 /* main thread */ + vtm->n_threads;
2470 
2471  clib_memset (a, 0, sizeof (*a));
2472  clib_memset (options, 0, sizeof (options));
2473 
2474  a->session_cb_vft = &quic_app_cb_vft;
2475  a->api_client_index = APP_INVALID_INDEX;
2476  a->options = options;
2477  a->name = format (0, "quic");
2478  a->options[APP_OPTIONS_SEGMENT_SIZE] = segment_size;
2479  a->options[APP_OPTIONS_ADD_SEGMENT_SIZE] = segment_size;
2480  a->options[APP_OPTIONS_RX_FIFO_SIZE] = qm->udp_fifo_size;
2481  a->options[APP_OPTIONS_TX_FIFO_SIZE] = qm->udp_fifo_size;
2483  a->options[APP_OPTIONS_FLAGS] = APP_OPTIONS_FLAGS_IS_BUILTIN;
2484  a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_USE_GLOBAL_SCOPE;
2485  a->options[APP_OPTIONS_FLAGS] |= APP_OPTIONS_FLAGS_IS_TRANSPORT_APP;
2486 
2487  if (vnet_application_attach (a))
2488  {
2489  clib_warning ("failed to attach quic app");
2490  return clib_error_return (0, "failed to attach quic app");
2491  }
2492 
2493  vec_validate (qm->ctx_pool, num_threads - 1);
2494  vec_validate (qm->wrk_ctx, num_threads - 1);
2495 
2496  for (i = 0; i < num_threads; i++)
2497  {
2498  qm->wrk_ctx[i].next_cid.thread_id = i;
2499  tw = &qm->wrk_ctx[i].timer_wheel;
2500  tw_timer_wheel_init_1t_3w_1024sl_ov (tw, quic_expired_timers_dispatch,
2501  1e-3 /* timer period 1ms */ , ~0);
2502  tw->last_run_time = vlib_time_now (vlib_get_main ());
2503  clib_bihash_init_24_8 (&qm->wrk_ctx[i].crypto_context_hash,
2504  "quic crypto contexts", 64, 128 << 10);
2505 
2508  }
2509 
2510  clib_bihash_init_16_8 (&qm->connection_hash, "quic connections", 1024,
2511  4 << 20);
2512 
2513  qm->app_index = a->app_index;
2517 
2518  transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2519  FIB_PROTOCOL_IP4, ~0);
2520  transport_register_protocol (TRANSPORT_PROTO_QUIC, &quic_proto,
2521  FIB_PROTOCOL_IP6, ~0);
2522 
2527  ptls_openssl_cipher_suites);
2531 
2533  if (vec_len (cm->engines) == 0)
2534  qm->vnet_crypto_enabled = 0;
2535  else
2536  qm->vnet_crypto_enabled = 1;
2537 
2538  vec_free (a->name);
2539  return 0;
2540 }
2541 
2543 
2544 static clib_error_t *
2546  unformat_input_t * input,
2547  vlib_cli_command_t * cmd)
2548 {
2549  unformat_input_t _line_input, *line_input = &_line_input;
2550  quic_main_t *qm = &quic_main;
2551  clib_error_t *e = 0;
2552 
2553  if (!unformat_user (input, unformat_line_input, line_input))
2554  return 0;
2555 
2556  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
2557  {
2558  if (unformat (line_input, "vpp"))
2560  else if (unformat (line_input, "picotls"))
2562  else
2563  {
2564  e = clib_error_return (0, "unknown input '%U'",
2565  format_unformat_error, line_input);
2566  goto done;
2567  }
2568  }
2569 done:
2570  unformat_free (line_input);
2571  return e;
2572 }
2573 
2575 static clib_error_t *
2577  unformat_input_t * input,
2578  vlib_cli_command_t * cmd)
2579 {
2580  quic_main_t *qm = &quic_main;
2581  unformat_input_t _line_input, *line_input = &_line_input;
2582  uword tmp;
2583 
2584  if (!unformat_user (input, unformat_line_input, line_input))
2585  return 0;
2586 
2587  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
2588  {
2589  if (unformat (line_input, "%U", unformat_memory_size, &tmp))
2590  {
2591  if (tmp >= 0x100000000ULL)
2592  {
2593  return clib_error_return
2594  (0, "fifo-size %llu (0x%llx) too large", tmp, tmp);
2595  }
2596  qm->udp_fifo_size = tmp;
2598  }
2599  else
2600  return clib_error_return (0, "unknown input '%U'",
2601  format_unformat_error, line_input);
2602  }
2603 
2604  return 0;
2605 }
2606 
2607 static inline u64
2609 {
2610  vlib_node_t *n;
2611  vlib_main_t *vm;
2612  vlib_error_main_t *em;
2613 
2614  u32 code, i;
2615  u64 c, sum = 0;
2616  int index = 0;
2617 
2618  vm = vlib_get_main ();
2619  em = &vm->error_main;
2620  n = vlib_get_node (vm, quic_input_node.index);
2621  code = event_code;
2622  /* *INDENT-OFF* */
2624  em = &this_vlib_main->error_main;
2625  i = n->error_heap_index + code;
2626  c = em->counters[i];
2627 
2628  if (i < vec_len (em->counters_last_clear))
2629  c -= em->counters_last_clear[i];
2630  sum += c;
2631  index++;
2632  }));
2633  /* *INDENT-ON* */
2634  return sum;
2635 }
2636 
2637 static void
2639 {
2640  u32 num_workers = vlib_num_workers ();
2641  quic_main_t *qm = &quic_main;
2642  quic_ctx_t *ctx = NULL;
2643  quicly_stats_t st, agg_stats;
2644  u32 i, nconn = 0, nstream = 0;
2645 
2646  clib_memset (&agg_stats, 0, sizeof (agg_stats));
2647  for (i = 0; i < num_workers + 1; i++)
2648  {
2649  /* *INDENT-OFF* */
2650  pool_foreach (ctx, qm->ctx_pool[i])
2651  {
2652  if (quic_ctx_is_conn (ctx) && ctx->conn)
2653  {
2654  quicly_get_stats (ctx->conn, &st);
2655  agg_stats.rtt.smoothed += st.rtt.smoothed;
2656  agg_stats.rtt.minimum += st.rtt.minimum;
2657  agg_stats.rtt.variance += st.rtt.variance;
2658  agg_stats.num_packets.received += st.num_packets.received;
2659  agg_stats.num_packets.sent += st.num_packets.sent;
2660  agg_stats.num_packets.lost += st.num_packets.lost;
2661  agg_stats.num_packets.ack_received += st.num_packets.ack_received;
2662  agg_stats.num_bytes.received += st.num_bytes.received;
2663  agg_stats.num_bytes.sent += st.num_bytes.sent;
2664  nconn++;
2665  }
2666  else if (quic_ctx_is_stream (ctx))
2667  nstream++;
2668  }
2669  /* *INDENT-ON* */
2670  }
2671  vlib_cli_output (vm, "-------- Connections --------");
2672  vlib_cli_output (vm, "Current: %u", nconn);
2673  vlib_cli_output (vm, "Opened: %d",
2674  quic_get_counter_value (QUIC_ERROR_OPENED_CONNECTION));
2675  vlib_cli_output (vm, "Closed: %d",
2676  quic_get_counter_value (QUIC_ERROR_CLOSED_CONNECTION));
2677  vlib_cli_output (vm, "---------- Streams ----------");
2678  vlib_cli_output (vm, "Current: %u", nstream);
2679  vlib_cli_output (vm, "Opened: %d",
2680  quic_get_counter_value (QUIC_ERROR_OPENED_STREAM));
2681  vlib_cli_output (vm, "Closed: %d",
2682  quic_get_counter_value (QUIC_ERROR_CLOSED_STREAM));
2683  vlib_cli_output (vm, "---------- Packets ----------");
2684  vlib_cli_output (vm, "RX Total: %d",
2685  quic_get_counter_value (QUIC_ERROR_RX_PACKETS));
2686  vlib_cli_output (vm, "RX 0RTT: %d",
2687  quic_get_counter_value (QUIC_ERROR_ZERO_RTT_RX_PACKETS));
2688  vlib_cli_output (vm, "RX 1RTT: %d",
2689  quic_get_counter_value (QUIC_ERROR_ONE_RTT_RX_PACKETS));
2690  vlib_cli_output (vm, "TX Total: %d",
2691  quic_get_counter_value (QUIC_ERROR_TX_PACKETS));
2692  vlib_cli_output (vm, "----------- Stats -----------");
2693  vlib_cli_output (vm, "Min RTT %f",
2694  nconn > 0 ? agg_stats.rtt.minimum / nconn : 0);
2695  vlib_cli_output (vm, "Smoothed RTT %f",
2696  nconn > 0 ? agg_stats.rtt.smoothed / nconn : 0);
2697  vlib_cli_output (vm, "Variance on RTT %f",
2698  nconn > 0 ? agg_stats.rtt.variance / nconn : 0);
2699  vlib_cli_output (vm, "Packets Received %lu",
2700  agg_stats.num_packets.received);
2701  vlib_cli_output (vm, "Packets Sent %lu", agg_stats.num_packets.sent);
2702  vlib_cli_output (vm, "Packets Lost %lu", agg_stats.num_packets.lost);
2703  vlib_cli_output (vm, "Packets Acks %lu",
2704  agg_stats.num_packets.ack_received);
2705  vlib_cli_output (vm, "RX bytes %lu", agg_stats.num_bytes.received);
2706  vlib_cli_output (vm, "TX bytes %lu", agg_stats.num_bytes.sent);
2707 }
2708 
2709 static u8 *
2710 quic_format_quicly_conn_id (u8 * s, va_list * args)
2711 {
2712  quicly_cid_plaintext_t *mid = va_arg (*args, quicly_cid_plaintext_t *);
2713  s = format (s, "C%x_%x", mid->master_id, mid->thread_id);
2714  return s;
2715 }
2716 
2717 static u8 *
2718 quic_format_quicly_stream_id (u8 * s, va_list * args)
2719 {
2720  quicly_stream_t *stream = va_arg (*args, quicly_stream_t *);
2721  s =
2722  format (s, "%U S%lx", quic_format_quicly_conn_id,
2723  quicly_get_master_id (stream->conn), stream->stream_id);
2724  return s;
2725 }
2726 
2727 static u8 *
2728 quic_format_listener_ctx (u8 * s, va_list * args)
2729 {
2730  quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
2731  s = format (s, "[#%d][%x][Listener]", ctx->c_thread_index, ctx->c_c_index);
2732  return s;
2733 }
2734 
2735 static u8 *
2736 quic_format_connection_ctx (u8 * s, va_list * args)
2737 {
2738  quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
2739  quicly_stats_t quicly_stats;
2740 
2741  s = format (s, "[#%d][%x]", ctx->c_thread_index, ctx->c_c_index);
2742 
2743  if (!ctx->conn)
2744  {
2745  s = format (s, "- no conn -\n");
2746  return s;
2747  }
2748  s = format (s, "[%U]",
2749  quic_format_quicly_conn_id, quicly_get_master_id (ctx->conn));
2750  quicly_get_stats (ctx->conn, &quicly_stats);
2751 
2752  s = format (s, "[RTT >%3d, ~%3d, V%3d, last %3d]",
2753  quicly_stats.rtt.minimum, quicly_stats.rtt.smoothed,
2754  quicly_stats.rtt.variance, quicly_stats.rtt.latest);
2755  s = format (s, " TX:%d RX:%d loss:%d ack:%d",
2756  quicly_stats.num_packets.sent,
2757  quicly_stats.num_packets.received,
2758  quicly_stats.num_packets.lost,
2759  quicly_stats.num_packets.ack_received);
2760  return s;
2761 }
2762 
2763 static u8 *
2764 quic_format_stream_ctx (u8 * s, va_list * args)
2765 {
2766  quic_ctx_t *ctx = va_arg (*args, quic_ctx_t *);
2767  session_t *stream_session;
2768  quicly_stream_t *stream = ctx->stream;
2769  u32 txs, rxs;
2770 
2771  s = format (s, "[#%d][%x]", ctx->c_thread_index, ctx->c_c_index);
2772  s = format (s, "[%U]", quic_format_quicly_stream_id, stream);
2773 
2774  stream_session = session_get_if_valid (ctx->c_s_index, ctx->c_thread_index);
2775  if (!stream_session)
2776  {
2777  s = format (s, "- no session -\n");
2778  return s;
2779  }
2780  txs = svm_fifo_max_dequeue (stream_session->tx_fifo);
2781  rxs = svm_fifo_max_dequeue (stream_session->rx_fifo);
2782  s = format (s, "[rx %d tx %d]\n", rxs, txs);
2783  return s;
2784 }
2785 
2786 static clib_error_t *
2788  unformat_input_t * input,
2789  vlib_cli_command_t * cmd)
2790 {
2791  unformat_input_t _line_input, *line_input = &_line_input;
2792  u8 show_listeners = 0, show_conn = 0, show_stream = 0;
2793  u32 num_workers = vlib_num_workers ();
2794  quic_main_t *qm = &quic_main;
2795  clib_error_t *error = 0;
2796  quic_ctx_t *ctx = NULL;
2797 
2799 
2800  if (!unformat_user (input, unformat_line_input, line_input))
2801  {
2803  return 0;
2804  }
2805 
2806  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
2807  {
2808  if (unformat (line_input, "listener"))
2809  show_listeners = 1;
2810  else if (unformat (line_input, "conn"))
2811  show_conn = 1;
2812  else if (unformat (line_input, "stream"))
2813  show_stream = 1;
2814  else
2815  {
2816  error = clib_error_return (0, "unknown input `%U'",
2817  format_unformat_error, line_input);
2818  goto done;
2819  }
2820  }
2821 
2822  for (int i = 0; i < num_workers + 1; i++)
2823  {
2824  /* *INDENT-OFF* */
2825  pool_foreach (ctx, qm->ctx_pool[i])
2826  {
2827  if (quic_ctx_is_stream (ctx) && show_stream)
2828  vlib_cli_output (vm, "%U", quic_format_stream_ctx, ctx);
2829  else if (quic_ctx_is_listener (ctx) && show_listeners)
2830  vlib_cli_output (vm, "%U", quic_format_listener_ctx, ctx);
2831  else if (quic_ctx_is_conn (ctx) && show_conn)
2833  }
2834  /* *INDENT-ON* */
2835  }
2836 
2837 done:
2838  unformat_free (line_input);
2839  return error;
2840 }
2841 
2842 /* *INDENT-OFF* */
2843 VLIB_CLI_COMMAND (quic_plugin_crypto_command, static) =
2844 {
2845  .path = "quic set crypto api",
2846  .short_help = "quic set crypto api [picotls, vpp]",
2847  .function = quic_plugin_crypto_command_fn,
2848 };
2849 VLIB_CLI_COMMAND(quic_plugin_set_fifo_size_command, static)=
2850 {
2851  .path = "quic set fifo-size",
2852  .short_help = "quic set fifo-size N[K|M|G] (default 64K)",
2854 };
2855 VLIB_CLI_COMMAND(quic_show_ctx_command, static)=
2856 {
2857  .path = "show quic",
2858  .short_help = "show quic",
2860 };
2861 VLIB_CLI_COMMAND (quic_list_crypto_context_command, static) =
2862 {
2863  .path = "show quic crypto context",
2864  .short_help = "list quic crypto contextes",
2866 };
2867 VLIB_CLI_COMMAND (quic_set_max_packets_per_key, static) =
2868 {
2869  .path = "set quic max_packets_per_key",
2870  .short_help = "set quic max_packets_per_key 16777216",
2871  .function = quic_set_max_packets_per_key_fn,
2872 };
2874 {
2875  .version = VPP_BUILD_VER,
2876  .description = "Quic transport protocol",
2877  .default_disabled = 1,
2878 };
2879 /* *INDENT-ON* */
2880 
2881 static clib_error_t *
2883 {
2884  unformat_input_t _line_input, *line_input = &_line_input;
2885  quic_main_t *qm = &quic_main;
2886  clib_error_t *error = 0;
2887  uword tmp;
2888  u32 i;
2889 
2891  qm->udp_fifo_prealloc = 0;
2893 
2894  if (!unformat_user (input, unformat_line_input, line_input))
2895  return 0;
2896 
2897  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
2898  {
2899  if (unformat (input, "fifo-size %U", unformat_memory_size, &tmp))
2900  {
2901  if (tmp >= 0x100000000ULL)
2902  {
2903  error = clib_error_return (0,
2904  "fifo-size %llu (0x%llx) too large",
2905  tmp, tmp);
2906  goto done;
2907  }
2908  qm->udp_fifo_size = tmp;
2909  }
2910  else if (unformat (input, "conn-timeout %u", &i))
2911  qm->connection_timeout = i;
2912  else if (unformat (input, "fifo-prealloc %u", &i))
2913  qm->udp_fifo_prealloc = i;
2914  else
2915  {
2916  error = clib_error_return (0, "unknown input '%U'",
2917  format_unformat_error, line_input);
2918  goto done;
2919  }
2920  }
2921 done:
2922  unformat_free (line_input);
2923  return error;
2924 }
2925 
2927 
2928 static uword
2930  vlib_frame_t * frame)
2931 {
2932  return 0;
2933 }
2934 
2935 /* *INDENT-OFF* */
2937 {
2938  .function = quic_node_fn,
2939  .name = "quic-input",
2940  .vector_size = sizeof (u32),
2942  .n_errors = ARRAY_LEN (quic_error_strings),
2943  .error_strings = quic_error_strings,
2944 };
2945 /* *INDENT-ON* */
2946 
2947 /*
2948  * fd.io coding-style-patch-verification: ON
2949  *
2950  * Local Variables:
2951  * eval: (c-set-style "gnu")
2952  * End:
2953  */
quicly_packet_allocator_t quic_packet_allocator
Definition: quic.c:118
#define vec_validate(V, I)
Make sure vector is long enough for given index (no header, unspecified alignment) ...
Definition: vec.h:509
#define QUIC_RCV_MAX_BATCH_PACKETS
Definition: quic.h:51
#define SESSION_CLI_STATE_LEN
u8 data[QUIC_MAX_PACKET_SIZE]
Definition: quic.h:246
static int quic_ctx_is_stream(quic_ctx_t *ctx)
Definition: quic.c:431
int app_worker_lock_and_send_event(app_worker_t *app, session_t *s, u8 evt_type)
Send event to application.
u32 connection_index
Index of the transport connection associated to the session.
static quicly_context_t * quic_get_quicly_ctx_from_ctx(quic_ctx_t *ctx)
Definition: quic.c:477
static quicly_closed_by_peer_t on_closed_by_peer
Definition: quic.c:54
units packets
Definition: map.api:366
static int quic_process_one_rx_packet(u64 udp_session_handle, svm_fifo_t *f, u32 fifo_offset, quic_rx_packet_ctx_t *pctx)
Definition: quic.c:2152
int quic_udp_session_accepted_callback(session_t *udp_session)
Definition: quic.c:1880
int app_worker_init_accepted(session_t *s)
#define QUIC_ASSERT(truth)
Definition: quic.h:86
u32 error_heap_index
Definition: node.h:325
static void quic_connection_delete(quic_ctx_t *ctx)
Definition: quic.c:559
vnet_crypto_engine_t * engines
Definition: crypto.h:430
static void quic_check_quic_session_connected(quic_ctx_t *ctx)
Definition: quic.c:1661
u64 quic_fifosize
Definition: quic.c:2574
uword * available_crypto_engines
Bitmap for registered engines.
Definition: quic.h:268
#define clib_min(x, y)
Definition: clib.h:328
ptls_context_t ptls_ctx
Definition: quic.h:210
static void quic_crypto_context_make_key_from_crctx(clib_bihash_kv_24_8_t *kv, crypto_context_t *crctx)
Definition: quic.c:70
session_type_t session_type
Type built from transport and network protocol types.
static u32 svm_fifo_max_enqueue_prod(svm_fifo_t *f)
Maximum number of bytes that can be enqueued into fifo.
Definition: svm_fifo.h:550
static u32 quic_stop_listen(u32 lctx_index)
Definition: quic.c:1485
quic_worker_ctx_t * wrk_ctx
Definition: quic.h:263
a
Definition: bitmap.h:544
static int quic_custom_app_rx_callback(transport_connection_t *tc)
Definition: quic.c:1932
static void quic_crypto_context_make_key_from_ctx(clib_bihash_kv_24_8_t *kv, quic_ctx_t *ctx)
Definition: quic.c:60
quicly_stream_t * stream
STREAM ctx case.
Definition: quic.h:156
svm_fifo_t * tx_fifo
int app_worker_connect_notify(app_worker_t *app_wrk, session_t *s, session_error_t err, u32 opaque)
u32 ns_index
Namespace the application belongs to.
Definition: application.h:116
static clib_error_t * quic_plugin_set_fifo_size_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: quic.c:2576
static int64_t quic_get_thread_time(u8 thread_index)
Definition: quic.c:1064
#define QUIC_SEND_PACKET_VEC_SIZE
Definition: quic.h:45
#define QUIC_DEFAULT_CONN_TIMEOUT
Definition: quic.h:53
struct _vnet_connect_args vnet_connect_args_t
static void quic_register_cipher_suite(crypto_engine_type_t type, ptls_cipher_suite_t **ciphers)
Definition: quic.c:2431
#define pool_foreach(VAR, POOL)
Iterate through pool.
Definition: pool.h:527
struct _vnet_unlisten_args_t vnet_unlisten_args_t
ptls_cipher_suite_t * quic_crypto_cipher_suites[]
Definition: quic_crypto.c:716
static int quic_udp_session_rx_callback(session_t *udp_session)
Definition: quic.c:2227
#define QUIC_TSTAMP_RESOLUTION
Definition: quic.h:38
#define PREDICT_TRUE(x)
Definition: clib.h:122
u32 session_index
Index in thread pool where session was allocated.
#define session_cli_return_if_not_enabled()
Definition: session.h:656
unsigned long u64
Definition: types.h:89
u32 parent_app_wrk_id
Definition: quic.h:164
u32 timer_handle
Definition: quic.h:163
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
void session_transport_delete_notify(transport_connection_t *tc)
Notification from transport that connection is being deleted.
Definition: session.c:997
transport_connection_t * session_get_transport(session_t *s)
Definition: session.c:1631
static f64 vlib_time_now(vlib_main_t *vm)
Definition: main.h:334
svm_fifo_t * rx_fifo
Pointers to rx/tx buffers.
static session_t * session_get_if_valid(u64 si, u32 thread_index)
Definition: session.h:314
VLIB_PLUGIN_REGISTER()
static session_t * listen_session_get_from_handle(session_handle_t handle)
Definition: session.h:583
static quic_ctx_t * quic_ctx_get(u32 ctx_index, u32 thread_index)
Definition: quic.c:402
#define vec_terminate_c_string(V)
(If necessary) NULL terminate a vector containing a c-string.
Definition: vec.h:1090
int64_t time_now
worker time
Definition: quic.h:235
static void quic_stop_ctx_timer(quic_ctx_t *ctx)
Definition: quic.c:507
vl_api_address_t src
Definition: gre.api:54
void session_send_rpc_evt_to_thread(u32 thread_index, void *fp, void *rpc_args)
Definition: session.c:110
int svm_fifo_peek(svm_fifo_t *f, u32 offset, u32 len, u8 *dst)
Peek data from fifo.
Definition: svm_fifo.c:1127
void session_transport_reset_notify(transport_connection_t *tc)
Notify application that connection has been reset.
Definition: session.c:1098
static void svm_fifo_reset_has_deq_ntf(svm_fifo_t *f)
Clear has notification flag.
Definition: svm_fifo.h:802
clib_bihash_16_8_t connection_hash
quic connection id -> conn handle
Definition: quic.h:264
static int quic_find_packet_ctx(quic_rx_packet_ctx_t *pctx, u32 caller_thread_index)
Definition: quic.c:2001
u32 client_opaque
Definition: quic.h:148
static uword * clib_bitmap_set(uword *ai, uword i, uword value)
Sets the ith bit of a bitmap to new_value Removes trailing zeros from the bitmap. ...
Definition: bitmap.h:167
uword unformat_user(unformat_input_t *input, unformat_function_t *func,...)
Definition: unformat.c:989
static void quic_build_sockaddr(struct sockaddr *sa, socklen_t *salen, ip46_address_t *addr, u16 port, u8 is_ip4)
Definition: quic.c:1591
vlib_main_t * vm
Definition: in2out_ed.c:1580
static u32 svm_fifo_max_enqueue(svm_fifo_t *f)
Definition: svm_fifo.h:564
static session_t * session_get(u32 si, u32 thread_index)
Definition: session.h:307
static int quic_connect(transport_endpoint_cfg_t *tep)
Definition: quic.c:1344
int vnet_unlisten(vnet_unlisten_args_t *a)
Definition: application.c:1055
static void quic_udp_session_reset_callback(session_t *s)
Definition: quic.c:1856
clib_time_t clib_time
Definition: main.h:123
static void quic_timer_expired(u32 conn_index)
Definition: quic.c:1097
static void quic_on_stop_sending(quicly_stream_t *stream, int err)
Definition: quic.c:788
static int quic_connect_connection(session_endpoint_cfg_t *sep)
Definition: quic.c:1291
#define QUIC_ERROR_FULL_FIFO
Definition: quic.h:65
f64 tstamp_ticks_per_clock
Definition: quic.h:265
u32 flags
Session flags.
#define pool_get(P, E)
Allocate an object E from a pool P (unspecified alignment).
Definition: pool.h:251
static void quic_expired_timers_dispatch(u32 *expired_timers)
Definition: quic.c:1169
vhost_vring_addr_t addr
Definition: vhost_user.h:111
struct quic_encrypt_cb_ctx_ quic_encrypt_cb_ctx
unsigned char u8
Definition: types.h:56
u8 data[128]
Definition: ipsec_types.api:90
#define QUIC_DBG(_lvl, _fmt, _args...)
Definition: quic.h:80
struct _vnet_bind_args_t vnet_listen_args_t
double f64
Definition: types.h:142
static int quic_custom_tx_callback(void *s, transport_send_params_t *sp)
Definition: quic.c:1948
static session_handle_t session_handle(session_t *s)
session_dgram_hdr_t ph
Definition: quic.h:256
void session_get_endpoint(session_t *s, transport_endpoint_t *tep, u8 is_lcl)
Definition: session.c:1642
#define clib_memcpy(d, s, n)
Definition: string.h:180
u32 ctx_index
index in crypto context pool
u64 * counters_last_clear
Definition: error.h:65
#define assert(x)
Definition: dlmalloc.c:31
static int quic_ctx_is_conn(quic_ctx_t *ctx)
Definition: quic.c:443
void session_transport_closing_notify(transport_connection_t *tc)
Notification from transport that connection is being closed.
Definition: session.c:975
static int quic_send_packets(quic_ctx_t *ctx)
Definition: quic.c:696
static void quic_on_quic_session_connected(quic_ctx_t *ctx)
Definition: quic.c:1613
static void quic_udp_session_cleanup_callback(session_t *udp_session, session_cleanup_ntf_t ntf)
Definition: quic.c:1840
clib_rwlock_t crypto_keys_quic_rw_lock
Definition: quic.h:281
static uword quic_node_fn(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
Definition: quic.c:2929
void * data
protocol specific data
static u8 * quic_format_quicly_conn_id(u8 *s, va_list *args)
Definition: quic.c:2710
static clib_error_t * quic_plugin_crypto_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: quic.c:2545
static int quic_udp_session_connected_callback(u32 quic_app_index, u32 ctx_index, session_t *udp_session, session_error_t err)
Definition: quic.c:1759
u8 default_crypto_engine
Used if you do connect with CRYPTO_ENGINE_NONE (0)
Definition: quic.h:269
static void quic_receive_connection(void *arg)
Definition: quic.c:1692
#define VLIB_INIT_FUNCTION(x)
Definition: init.h:173
#define QUIC_DEFAULT_FIFO_SIZE
Definition: quic.h:44
struct _vnet_disconnect_args_t vnet_disconnect_args_t
u64 bytes_written
Definition: quic.h:157
static u32 svm_fifo_max_dequeue(svm_fifo_t *f)
Fifo max bytes to dequeue.
Definition: svm_fifo.h:459
static int quic_reset_connection(u64 udp_session_handle, quic_rx_packet_ctx_t *pctx)
Definition: quic.c:2125
static u32 svm_fifo_max_dequeue_cons(svm_fifo_t *f)
Fifo max bytes to dequeue optimized for consumer.
Definition: svm_fifo.h:430
description fragment has unexpected format
Definition: map.api:433
static void quic_proto_on_close(u32 ctx_index, u32 thread_index)
Definition: quic.c:1359
static transport_connection_t * quic_connection_get(u32 ctx_index, u32 thread_index)
Definition: quic.c:1506
#define clib_error_return(e, args...)
Definition: error.h:99
static const transport_proto_vft_t quic_proto
Definition: quic.c:2402
static void quic_accept_connection(quic_rx_packet_ctx_t *pctx)
Definition: quic.c:2046
static u8 * quic_format_connection_ctx(u8 *s, va_list *args)
Definition: quic.c:2736
static void quic_ack_rx_data(session_t *stream_session)
Definition: quic.c:521
ip46_address_t lcl_ip
unsigned int u32
Definition: types.h:88
static clib_error_t * quic_config_fn(vlib_main_t *vm, unformat_input_t *input)
Definition: quic.c:2882
int session_send_io_evt_to_thread(svm_fifo_t *f, session_evt_type_t evt_type)
Definition: session.c:79
struct sockaddr sa
Definition: quic.h:251
ptls_handshake_properties_t hs_properties
Definition: quic.h:272
static u32 quic_start_listen(u32 quic_listen_session_index, transport_endpoint_t *tep)
Definition: quic.c:1422
#define SESSION_INVALID_HANDLE
Definition: session_types.h:23
static int quic_on_stream_open(quicly_stream_open_t *self, quicly_stream_t *stream)
Definition: quic.c:963
#define QUIC_MAX_PACKET_SIZE
Definition: quic.h:41
void quic_fifo_egress_emit(quicly_stream_t *stream, size_t off, void *dst, size_t *len, int *wrote_all)
Definition: quic.c:919
struct _vnet_app_attach_args_t vnet_app_attach_args_t
struct _transport_proto_vft transport_proto_vft_t
unformat_function_t unformat_line_input
Definition: format.h:282
struct _session_endpoint_cfg session_endpoint_cfg_t
#define QUIC_IV_LEN
Definition: quic.h:46
#define QUIC_TIMER_HANDLE_INVALID
Definition: quic.h:39
vl_api_fib_path_type_t type
Definition: fib_types.api:123
quic_ctx_t * quic_get_conn_ctx(quicly_conn_t *conn)
Definition: quic.c:416
char quic_iv[17]
quic initialization vector
Definition: application.h:127
vnet_crypto_main_t * cm
Definition: quic_crypto.c:53
Definition: cJSON.c:84
static session_type_t session_type_from_proto_and_ip(transport_proto_t proto, u8 is_ip4)
static quic_ctx_t * quic_ctx_get_if_valid(u32 ctx_index, u32 thread_index)
Definition: quic.c:408
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:546
static void clib_rwlock_init(clib_rwlock_t *p)
Definition: lock.h:152
static quicly_stream_open_t on_stream_open
Definition: quic.c:53
static void quic_on_receive_reset(quicly_stream_t *stream, int err)
Definition: quic.c:803
static void quic_connection_closed(quic_ctx_t *ctx)
Called when quicly return an error This function interacts tightly with quic_proto_on_close.
Definition: quic.c:596
quicly_crypto_engine_t quic_crypto_engine
Definition: quic_crypto.c:720
int app_worker_accept_notify(app_worker_t *app_wrk, session_t *s)
static session_t * session_get_from_handle(session_handle_t handle)
Definition: session.h:327
session_t * app_listener_get_session(app_listener_t *al)
Definition: application.c:280
vlib_error_main_t error_main
Definition: main.h:210
static u32 quic_set_time_now(u32 thread_index)
Definition: quic.c:1077
static clib_error_t * quic_show_connections_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: quic.c:2787
long ctx[MAX_CONNS]
Definition: main.c:144
void quic_crypto_batch_rx_packets(quic_crypto_batch_ctx_t *batch_ctx)
Definition: quic_crypto.c:75
u32 parent_app_id
Definition: quic.h:165
static int quic_app_cert_key_pair_delete_callback(app_cert_key_pair_t *ckpair)
Definition: quic.c:122
struct _unformat_input_t unformat_input_t
unsigned short u16
Definition: types.h:57
static u8 * quic_format_listener_ctx(u8 *s, va_list *args)
Definition: quic.c:2728
u32 app_index
Definition: quic.h:261
description malformed packet
Definition: map.api:445
vec_header_t h
Definition: buffer.c:322
#define pool_put(P, E)
Free an object E in pool P.
Definition: pool.h:301
#define APP_INVALID_INDEX
Definition: application.h:178
#define QUIC_ERR(_fmt, _args...)
Definition: quic.h:93
struct _segment_manager_props segment_manager_props_t
int svm_fifo_enqueue(svm_fifo_t *f, u32 len, const u8 *src)
Enqueue data to fifo.
Definition: svm_fifo.c:840
clib_bihash_24_8_t crypto_context_hash
per thread [params:crypto_ctx_index] hash
Definition: quic.h:239
#define PREDICT_FALSE(x)
Definition: clib.h:121
static u8 * format_quic_connection(u8 *s, va_list *args)
Definition: quic.c:1555
static void quic_update_conn_ctx(quicly_conn_t *conn, quicly_context_t *quicly_context)
Definition: quic.c:1679
#define always_inline
Definition: ipsec.h:28
u8 conn_state
Definition: quic.h:150
f64 seconds_per_clock
Definition: time.h:58
u32 app_rx_data_len
bytes received, to be read by external app
Definition: quic.h:202
u32 wrk_index
Worker index in global worker pool.
Definition: application.h:37
app_worker_t * app_worker_get_if_valid(u32 wrk_index)
static u8 * quic_format_quicly_stream_id(u8 *s, va_list *args)
Definition: quic.c:2718
#define DEFAULT_MAX_PACKETS_PER_KEY
Definition: quic.c:44
u64 max_packets_per_key
number of packets that can be sent without a key update
Definition: quic.h:270
static quicly_now_t quicly_vpp_now_cb
Definition: quic.c:55
#define foreach_vlib_main(body)
Definition: threads.h:242
vl_api_address_t dst
Definition: gre.api:55
static u32 quic_ctx_alloc(u32 thread_index)
Definition: quic.c:375
static char * quic_error_strings[]
Definition: quic.c:38
u32 n_subscribers
refcount of sessions using said context
static u64 listen_session_get_handle(session_t *s)
Definition: session.h:575
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
Definition: node_funcs.h:1231
u8 len
Definition: ip_types.api:103
u32 thread_index
Definition: quic.h:201
format_function_t format_ip46_address
Definition: ip46_address.h:50
int vnet_application_attach(vnet_app_attach_args_t *a)
Attach application to vpp.
Definition: application.c:816
static session_t * session_get_from_handle_if_valid(session_handle_t handle)
Definition: session.h:336
#define clib_bitmap_alloc(v, n_bits)
Allocate a bitmap with the supplied number of bits.
Definition: bitmap.h:109
static clib_error_t * quic_list_crypto_context_command_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: quic.c:171
static void quic_store_conn_ctx(quicly_conn_t *conn, quic_ctx_t *ctx)
Definition: quic.c:424
static u8 svm_fifo_set_event(svm_fifo_t *f)
Set fifo event flag.
Definition: svm_fifo.h:727
u64 * counters
Definition: error.h:62
quicly_conn_t * conn
QUIC ctx case.
Definition: quic.h:146
static int quic_acquire_crypto_context(quic_ctx_t *ctx)
Definition: quic.c:321
transport_connection_t connection
Definition: quic.h:143
app transport service
#define VLIB_EARLY_CONFIG_FUNCTION(x, n,...)
Definition: init.h:226
app_cert_key_pair_t * app_cert_key_pair_get_if_valid(u32 index)
Definition: application.c:1685
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:170
static u64 quic_get_counter_value(u32 event_code)
Definition: quic.c:2608
#define UNFORMAT_END_OF_INPUT
Definition: format.h:144
u32 ckpair_index
certificate & key
u32 ckpair_index
Definition: quic.h:166
svmdb_client_t * c
session_handle_t listener_handle
Parent listener session index if the result of an accept.
static_always_inline uword vlib_get_thread_index(void)
Definition: threads.h:219
static void quic_get_transport_listener_endpoint(u32 listener_index, transport_endpoint_t *tep, u8 is_lcl)
Definition: quic.c:2363
static void quic_release_crypto_context(u32 crypto_context_index, u8 thread_index)
Definition: quic.c:217
sll srl srl sll sra u16x4 i
Definition: vector_sse42.h:317
ptls_cipher_suite_t *** quic_ciphers
available ciphers by crypto engine
Definition: quic.h:267
static clib_error_t * quic_init(vlib_main_t *vm)
Definition: quic.c:2459
#define vec_free(V)
Free vector&#39;s memory (no header).
Definition: vec.h:380
segment_manager_props_t sm_properties
Segment manager properties.
Definition: application.h:107
#define SESSION_CLI_ID_LEN
#define SESSION_CONN_HDR_LEN
static void quic_on_receive(quicly_stream_t *stream, size_t off, const void *src, size_t len)
Definition: quic.c:818
static clib_error_t * quic_set_max_packets_per_key_fn(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: quic.c:191
#define clib_warning(format, args...)
Definition: error.h:59
quic_main_t quic_main
Definition: quic.c:46
ptls_encrypt_ticket_t super
Definition: quic.h:193
static u8 * quic_format_stream_ctx(u8 *s, va_list *args)
Definition: quic.c:2764
Don&#39;t register connection in lookup.
#define QUIC_SESSION_INVALID
Definition: quic.h:40
struct _transport_connection transport_connection_t
static int quic_send_datagram(session_t *udp_session, quicly_datagram_t *packet)
Definition: quic.c:635
void quic_crypto_decrypt_packet(quic_ctx_t *qctx, quic_rx_packet_ctx_t *pctx)
Definition: quic_crypto.c:244
static int quic_add_segment_callback(u32 client_index, u64 seg_handle)
Definition: quic.c:1918
int app_worker_init_connected(app_worker_t *app_wrk, session_t *s)
static void quic_transfer_connection(u32 ctx_index, u32 dest_thread)
Definition: quic.c:1736
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
Definition: pool.h:298
static int quic_connect_stream(session_t *quic_session, session_endpoint_cfg_t *sep)
Definition: quic.c:1181
size_t nb_rx_packets
Definition: quic.h:229
#define ARRAY_LEN(x)
Definition: clib.h:67
static uword clib_bitmap_get(uword *ai, uword i)
Gets the ith bit value from a bitmap.
Definition: bitmap.h:197
void quic_fifo_egress_shift(quicly_stream_t *stream, size_t delta)
Definition: quic.c:896
static void quic_on_closed_by_peer(quicly_closed_by_peer_t *self, quicly_conn_t *conn, int code, uint64_t frame_type, const char *reason, size_t reason_len)
Definition: quic.c:1046
crypto_context_t * crypto_ctx_pool
per thread pool of crypto contexes
Definition: quic.h:238
static transport_proto_t session_type_transport_proto(session_type_t st)
socklen_t salen
Definition: quic.h:254
static void quic_udp_session_migrate_callback(session_t *s, session_handle_t new_sh)
Definition: quic.c:1862
static void quic_update_time(f64 now, u8 thread_index)
Definition: quic.c:1087
tw_timer_wheel_1t_3w_1024sl_ov_t timer_wheel
worker timer wheel
Definition: quic.h:236
int load_bio_certificate_chain(ptls_context_t *ctx, const char *cert_data)
Definition: certs.c:178
application_t * application_get(u32 app_index)
Definition: application.c:426
static void quic_update_timer(quic_ctx_t *ctx)
Definition: quic.c:1108
static u32 session_thread_from_handle(session_handle_t handle)
void transport_register_protocol(transport_proto_t transport_proto, const transport_proto_vft_t *vft, fib_protocol_t fib_proto, u32 output_node)
Register transport virtual function table.
Definition: transport.c:246
vlib_main_t vlib_node_runtime_t * node
Definition: in2out_ed.c:1580
int vnet_app_add_cert_key_interest(u32 index, u32 app_index)
Ask for app cb on pair deletion.
Definition: application.c:1716
static transport_connection_t * quic_listener_get(u32 listener_index)
Definition: quic.c:1514
#define VLIB_CLI_COMMAND(x,...)
Definition: cli.h:158
segment_manager_props_t * application_get_segment_manager_properties(u32 app_index)
Definition: application.c:1317
apps acting as transports
app_listener_t * app_listener_get_w_handle(session_handle_t handle)
Get app listener for listener session handle.
Definition: application.c:88
static int quic_ctx_is_listener(quic_ctx_t *ctx)
Definition: quic.c:437
static int quic_del_segment_callback(u32 client_index, u64 seg_handle)
Definition: quic.c:1925
#define ASSERT(truth)
static int quic_init_crypto_context(crypto_context_t *crctx, quic_ctx_t *ctx)
Definition: quic.c:226
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
Definition: cli.c:696
u32 quic_connection_ctx_id
Definition: quic.h:158
static quicly_datagram_t * quic_alloc_packet(quicly_packet_allocator_t *self, size_t payloadsize)
Definition: quic.c:95
u8 vnet_crypto_enabled
Definition: quic.h:279
Notify on transition to empty.
Definition: svm_fifo.h:37
int vnet_listen(vnet_listen_args_t *a)
Definition: application.c:964
static u8 * format_quic_listener(u8 *s, va_list *args)
Definition: quic.c:1578
#define QUIC_APP_ACCEPT_NOTIFY_ERROR
Definition: quic.h:68
static void clib_mem_free(void *p)
Definition: mem.h:311
static void quic_set_udp_tx_evt(session_t *udp_session)
Definition: quic.c:496
u32 udp_fifo_prealloc
Definition: quic.h:276
session_handle_t udp_session_handle
Definition: quic.h:162
int svm_fifo_enqueue_with_offset(svm_fifo_t *f, u32 offset, u32 len, u8 *src)
Enqueue a future segment.
Definition: svm_fifo.c:898
static void svm_fifo_add_want_deq_ntf(svm_fifo_t *f, u8 ntf_type)
Set specific want notification flag.
Definition: svm_fifo.h:754
ip46_address_t rmt_ip
static void * clib_mem_alloc(uword size)
Definition: mem.h:253
int vnet_connect(vnet_connect_args_t *a)
Definition: application.c:1018
Notify on transition from full.
Definition: svm_fifo.h:36
static crypto_context_t * quic_crypto_context_alloc(u8 thread_index)
Definition: quic.c:147
static vlib_main_t * vlib_get_main(void)
Definition: global_funcs.h:23
#define QUIC_APP_CONNECT_NOTIFY_ERROR
Definition: quic.h:69
u8 thread_index
Index of the thread that allocated the session.
session_t * session_alloc(u32 thread_index)
Definition: session.c:184
u8 flags
Definition: quic.h:169
int vlib_main(vlib_main_t *volatile vm, unformat_input_t *input)
Definition: main.c:2130
#define QUIC_APP_ALLOCATION_ERROR
Definition: quic.h:67
static void quic_disconnect_transport(quic_ctx_t *ctx)
Definition: quic.c:545
u32 crypto_context_index
Definition: quic.h:168
static session_cb_vft_t quic_app_cb_vft
Definition: quic.c:2389
u8 * srv_hostname
Definition: quic.h:149
void quic_crypto_batch_tx_packets(quic_crypto_batch_ctx_t *batch_ctx)
Definition: quic_crypto.c:56
quicly_context_t quicly_ctx
Definition: quic.h:208
u8 * quic_format_err(u8 *s, va_list *args)
Definition: error.c:22
app_worker_t * app_worker_get(u32 wrk_index)
u64 session_handle_t
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
static int64_t quic_get_time(quicly_now_t *self)
Definition: quic.c:1070
volatile u8 session_state
State in session layer state machine.
vlib_main_t vlib_node_runtime_t vlib_frame_t * frame
Definition: in2out_ed.c:1581
#define QUIC_APP_ERROR_CLOSE_NOTIFY
Definition: quic.h:66
quicly_decoded_packet_t packet
Definition: quic.h:245
u32 opaque
Opaque, for general use.
u64 uword
Definition: types.h:112
static void unformat_free(unformat_input_t *i)
Definition: format.h:162
int app_worker_alloc_connects_segment_manager(app_worker_t *app)
u8 udp_is_ip4
Definition: quic.h:151
static void quic_get_transport_endpoint(u32 ctx_index, u32 thread_index, transport_endpoint_t *tep, u8 is_lcl)
Definition: quic.c:2380
u32 index
Definition: flow_types.api:221
static session_t * get_stream_session_and_ctx_from_stream(quicly_stream_t *stream, quic_ctx_t **ctx)
Definition: quic.c:449
int vnet_disconnect_session(vnet_disconnect_args_t *a)
Definition: application.c:1086
static void quic_crypto_context_free_if_needed(crypto_context_t *crctx, u8 thread_index)
Definition: quic.c:81
void quic_increment_counter(u8 evt, u8 val)
Definition: quic.c:585
u16 port
Definition: lb_types.api:73
session_cleanup_ntf_t
int session_send_io_evt_to_thread_custom(void *data, u32 thread_index, session_evt_type_t evt_type)
Definition: session.c:86
unformat_function_t unformat_memory_size
Definition: format.h:295
u8 app_crypto_engine_n_types(void)
Definition: application.c:1784
u32 app_index
Index of owning app.
Definition: application.h:43
static struct option options[]
Definition: main.c:52
static void quic_ctx_free(quic_ctx_t *ctx)
Definition: quic.c:391
static void quic_udp_session_disconnect_callback(session_t *s)
Definition: quic.c:1834
u8 * format_unformat_error(u8 *s, va_list *va)
Definition: unformat.c:91
static crypto_context_t * quic_crypto_context_get(u32 cr_index, u32 thread_index)
Definition: quic.c:162
char cid_key[QUIC_IV_LEN]
Definition: quic.h:209
static vlib_thread_main_t * vlib_get_thread_main()
Definition: global_funcs.h:32
static u32 vlib_num_workers()
Definition: threads.h:377
static vlib_node_t * vlib_get_node(vlib_main_t *vm, u32 i)
Get vlib node by index.
Definition: node_funcs.h:85
static void quic_free_packet(quicly_packet_allocator_t *self, quicly_datagram_t *packet)
Definition: quic.c:112
enum session_error_ session_error_t
enum crypto_engine_type_ crypto_engine_type_t
u32 app_wrk_index
Index of the app worker that owns the session.
static u8 * format_quic_ctx(u8 *s, va_list *args)
Definition: quic.c:1523
quic_crypto_batch_ctx_t crypto_context_batch
Definition: quic.h:240
quic_session_cache_t session_cache
Definition: quic.h:273
quic_ctx_t ** ctx_pool
Definition: quic.h:262
int(* session_accept_callback)(session_t *new_session)
Notify server of newly accepted session.
u32 connection_timeout
Definition: quic.h:277
quicly_cid_plaintext_t next_cid
Definition: quic.h:237
void quic_crypto_finalize_send_packet(quicly_datagram_t *packet)
Definition: quic_crypto.c:137
#define QUIC_INT_MAX
Definition: quic.h:43
static void quic_make_connection_key(clib_bihash_kv_16_8_t *kv, const quicly_cid_plaintext_t *id)
Definition: quic.c:460
static void quic_on_stream_destroy(quicly_stream_t *stream, int err)
Definition: quic.c:769
int quic_encrypt_ticket_cb(ptls_encrypt_ticket_t *_self, ptls_t *tls, int is_encrypt, ptls_buffer_t *dst, ptls_iovec_t src)
Definition: quic_crypto.c:725
u32 app_tx_data_len
bytes sent
Definition: quic.h:203
int svm_fifo_dequeue_drop(svm_fifo_t *f, u32 len)
Dequeue and drop bytes from fifo.
Definition: svm_fifo.c:1151
struct _svm_fifo svm_fifo_t
u32 udp_fifo_size
Definition: quic.h:275
static void quic_update_fifo_size()
Definition: quic.c:2441
vlib_node_registration_t quic_input_node
(constructor) VLIB_REGISTER_NODE (quic_input_node)
Definition: quic.c:2936
static quicly_context_t * quic_get_quicly_ctx_from_udp(u64 udp_session_handle)
Definition: quic.c:487
vnet_crypto_main_t crypto_main
Definition: crypto.c:20
u32 crypto_engine
Definition: quic.h:167
static void quic_common_get_transport_endpoint(quic_ctx_t *ctx, transport_endpoint_t *tep, u8 is_lcl)
Definition: quic.c:2351
static const quicly_stream_callbacks_t quic_stream_callbacks
Definition: quic.c:953
static u8 * format_quic_half_open(u8 *s, va_list *args)
Definition: quic.c:1566
uword unformat(unformat_input_t *i, const char *fmt,...)
Definition: unformat.c:978
u32 listener_ctx_id
Definition: quic.h:147
size_t nb_tx_packets
Definition: quic.h:229
static uword unformat_check_input(unformat_input_t *i)
Definition: format.h:170
static int quic_sendable_packet_count(session_t *udp_session)
Definition: quic.c:468
static void quic_show_aggregated_stats(vlib_main_t *vm)
Definition: quic.c:2638
int load_bio_private_key(ptls_context_t *ctx, const char *pk_data)
Definition: certs.c:192
u8 * format_crypto_context(u8 *s, va_list *args)
Definition: application.c:1447