blob: c74f8e5b661b0049ada8e49aac0760591907af69 [file] [log] [blame]
Klement Sekerade34c352019-06-25 11:19:22 +00001/*
2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16/**
17 * @file
18 * @brief IPv4 Shallow Virtual Reassembly.
19 *
20 * This file contains the source code for IPv4 Shallow Virtual reassembly.
21 */
22
23#include <vppinfra/vec.h>
24#include <vnet/vnet.h>
25#include <vnet/ip/ip.h>
26#include <vnet/ip/ip4_to_ip6.h>
27#include <vppinfra/fifo.h>
28#include <vppinfra/bihash_16_8.h>
29#include <vnet/ip/reass/ip4_sv_reass.h>
30
31#define MSEC_PER_SEC 1000
32#define IP4_SV_REASS_TIMEOUT_DEFAULT_MS 100
33#define IP4_SV_REASS_EXPIRE_WALK_INTERVAL_DEFAULT_MS 10000 // 10 seconds default
34#define IP4_SV_REASS_MAX_REASSEMBLIES_DEFAULT 1024
35#define IP4_SV_REASS_MAX_REASSEMBLY_LENGTH_DEFAULT 3
36#define IP4_SV_REASS_HT_LOAD_FACTOR (0.75)
37
38typedef enum
39{
40 IP4_SV_REASS_RC_OK,
41 IP4_SV_REASS_RC_TOO_MANY_FRAGMENTS,
42 IP4_SV_REASS_RC_UNSUPP_IP_PROTO,
43} ip4_sv_reass_rc_t;
44
45typedef struct
46{
47 union
48 {
49 struct
50 {
51 u32 xx_id;
52 ip4_address_t src;
53 ip4_address_t dst;
54 u16 frag_id;
55 u8 proto;
56 u8 unused;
57 };
58 u64 as_u64[2];
59 };
60} ip4_sv_reass_key_t;
61
62typedef union
63{
64 struct
65 {
66 u32 reass_index;
67 u32 thread_index;
68 };
69 u64 as_u64;
70} ip4_sv_reass_val_t;
71
72typedef union
73{
74 struct
75 {
76 ip4_sv_reass_key_t k;
77 ip4_sv_reass_val_t v;
78 };
79 clib_bihash_kv_16_8_t kv;
80} ip4_sv_reass_kv_t;
81
82typedef struct
83{
84 // hash table key
85 ip4_sv_reass_key_t key;
86 // time when last packet was received
87 f64 last_heard;
88 // internal id of this reassembly
89 u64 id;
90 // trace operation counter
91 u32 trace_op_counter;
92 // minimum fragment length for this reassembly - used to estimate MTU
93 u16 min_fragment_length;
94 // buffer indexes of buffers in this reassembly in chronological order -
95 // including overlaps and duplicate fragments
96 u32 *cached_buffers;
97 // set to true when this reassembly is completed
98 bool is_complete;
99 // ip protocol
100 u8 ip_proto;
Klement Sekeraf126e742019-10-10 09:46:06 +0000101 u8 icmp_type_or_tcp_flags;
102 u32 tcp_ack_number;
103 u32 tcp_seq_number;
Klement Sekerade34c352019-06-25 11:19:22 +0000104 // l4 src port
105 u16 l4_src_port;
106 // l4 dst port
107 u16 l4_dst_port;
108 u32 next_index;
109 // lru indexes
110 u32 lru_prev;
111 u32 lru_next;
112} ip4_sv_reass_t;
113
114typedef struct
115{
116 ip4_sv_reass_t *pool;
117 u32 reass_n;
118 u32 id_counter;
119 clib_spinlock_t lock;
120 // lru indexes
121 u32 lru_first;
122 u32 lru_last;
123
124} ip4_sv_reass_per_thread_t;
125
126typedef struct
127{
128 // IPv4 config
129 u32 timeout_ms;
130 f64 timeout;
131 u32 expire_walk_interval_ms;
132 // maximum number of fragments in one reassembly
133 u32 max_reass_len;
134 // maximum number of reassemblies
135 u32 max_reass_n;
136
137 // IPv4 runtime
138 clib_bihash_16_8_t hash;
139 // per-thread data
140 ip4_sv_reass_per_thread_t *per_thread_data;
141
142 // convenience
143 vlib_main_t *vlib_main;
144 vnet_main_t *vnet_main;
145
146 // node index of ip4-drop node
147 u32 ip4_drop_idx;
148 u32 ip4_sv_reass_expire_node_idx;
149
150 /** Worker handoff */
151 u32 fq_index;
152 u32 fq_feature_index;
153
Klement Sekera63c73532019-09-30 14:35:36 +0000154 // reference count for enabling/disabling feature - per interface
155 u32 *feature_use_refcount_per_intf;
Klement Sekerade34c352019-06-25 11:19:22 +0000156
Klement Sekeraf126e742019-10-10 09:46:06 +0000157 // reference count for enabling/disabling feature - per interface
158 u32 *output_feature_use_refcount_per_intf;
159
Klement Sekerade34c352019-06-25 11:19:22 +0000160} ip4_sv_reass_main_t;
161
162extern ip4_sv_reass_main_t ip4_sv_reass_main;
163
164#ifndef CLIB_MARCH_VARIANT
165ip4_sv_reass_main_t ip4_sv_reass_main;
166#endif /* CLIB_MARCH_VARIANT */
167
168typedef enum
169{
170 IP4_SV_REASSEMBLY_NEXT_INPUT,
171 IP4_SV_REASSEMBLY_NEXT_DROP,
172 IP4_SV_REASSEMBLY_NEXT_HANDOFF,
173 IP4_SV_REASSEMBLY_N_NEXT,
174} ip4_sv_reass_next_t;
175
176typedef enum
177{
178 REASS_FRAGMENT_CACHE,
179 REASS_FINISH,
180 REASS_FRAGMENT_FORWARD,
Klement Sekeraf126e742019-10-10 09:46:06 +0000181 REASS_PASSTHROUGH,
Klement Sekerade34c352019-06-25 11:19:22 +0000182} ip4_sv_reass_trace_operation_e;
183
184typedef struct
185{
186 ip4_sv_reass_trace_operation_e action;
187 u32 reass_id;
188 u32 op_id;
189 u8 ip_proto;
190 u16 l4_src_port;
191 u16 l4_dst_port;
192} ip4_sv_reass_trace_t;
193
194extern vlib_node_registration_t ip4_sv_reass_node;
195extern vlib_node_registration_t ip4_sv_reass_node_feature;
196
197static u8 *
198format_ip4_sv_reass_trace (u8 * s, va_list * args)
199{
200 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
201 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
202 ip4_sv_reass_trace_t *t = va_arg (*args, ip4_sv_reass_trace_t *);
Klement Sekeraf126e742019-10-10 09:46:06 +0000203 if (REASS_PASSTHROUGH != t->action)
204 {
205 s = format (s, "reass id: %u, op id: %u ", t->reass_id, t->op_id);
206 }
Klement Sekerade34c352019-06-25 11:19:22 +0000207 switch (t->action)
208 {
209 case REASS_FRAGMENT_CACHE:
210 s = format (s, "[cached]");
211 break;
212 case REASS_FINISH:
213 s =
214 format (s, "[finish, ip proto=%u, src_port=%u, dst_port=%u]",
215 t->ip_proto, clib_net_to_host_u16 (t->l4_src_port),
216 clib_net_to_host_u16 (t->l4_dst_port));
217 break;
218 case REASS_FRAGMENT_FORWARD:
219 s =
220 format (s, "[forward, ip proto=%u, src_port=%u, dst_port=%u]",
221 t->ip_proto, clib_net_to_host_u16 (t->l4_src_port),
222 clib_net_to_host_u16 (t->l4_dst_port));
223 break;
Klement Sekeraf126e742019-10-10 09:46:06 +0000224 case REASS_PASSTHROUGH:
225 s = format (s, "[not-fragmented]");
226 break;
Klement Sekerade34c352019-06-25 11:19:22 +0000227 }
228 return s;
229}
230
231static void
232ip4_sv_reass_add_trace (vlib_main_t * vm, vlib_node_runtime_t * node,
233 ip4_sv_reass_main_t * rm, ip4_sv_reass_t * reass,
234 u32 bi, ip4_sv_reass_trace_operation_e action,
235 u32 ip_proto, u16 l4_src_port, u16 l4_dst_port)
236{
237 vlib_buffer_t *b = vlib_get_buffer (vm, bi);
238 ip4_sv_reass_trace_t *t = vlib_add_trace (vm, node, b, sizeof (t[0]));
Klement Sekeraf126e742019-10-10 09:46:06 +0000239 if (reass)
240 {
241 t->reass_id = reass->id;
242 t->op_id = reass->trace_op_counter;
243 ++reass->trace_op_counter;
244 }
Klement Sekerade34c352019-06-25 11:19:22 +0000245 t->action = action;
Klement Sekerade34c352019-06-25 11:19:22 +0000246 t->ip_proto = ip_proto;
247 t->l4_src_port = l4_src_port;
248 t->l4_dst_port = l4_dst_port;
Klement Sekerade34c352019-06-25 11:19:22 +0000249#if 0
250 static u8 *s = NULL;
251 s = format (s, "%U", format_ip4_sv_reass_trace, NULL, NULL, t);
252 printf ("%.*s\n", vec_len (s), s);
253 fflush (stdout);
254 vec_reset_length (s);
255#endif
256}
257
258
259always_inline void
260ip4_sv_reass_free (vlib_main_t * vm, ip4_sv_reass_main_t * rm,
261 ip4_sv_reass_per_thread_t * rt, ip4_sv_reass_t * reass)
262{
263 clib_bihash_kv_16_8_t kv;
264 kv.key[0] = reass->key.as_u64[0];
265 kv.key[1] = reass->key.as_u64[1];
266 clib_bihash_add_del_16_8 (&rm->hash, &kv, 0);
267 vlib_buffer_free (vm, reass->cached_buffers,
268 vec_len (reass->cached_buffers));
269 vec_free (reass->cached_buffers);
270 reass->cached_buffers = NULL;
271 if (~0 != reass->lru_prev)
272 {
273 ip4_sv_reass_t *lru_prev =
274 pool_elt_at_index (rt->pool, reass->lru_prev);
275 lru_prev->lru_next = reass->lru_next;
276 }
277 if (~0 != reass->lru_next)
278 {
279 ip4_sv_reass_t *lru_next =
280 pool_elt_at_index (rt->pool, reass->lru_next);
281 lru_next->lru_prev = reass->lru_prev;
282 }
283 if (rt->lru_first == reass - rt->pool)
284 {
285 rt->lru_first = reass->lru_next;
286 }
287 if (rt->lru_last == reass - rt->pool)
288 {
289 rt->lru_last = reass->lru_prev;
290 }
291 pool_put (rt->pool, reass);
292 --rt->reass_n;
293}
294
295always_inline void
296ip4_sv_reass_init (ip4_sv_reass_t * reass)
297{
298 reass->cached_buffers = NULL;
299 reass->is_complete = false;
300}
301
302always_inline ip4_sv_reass_t *
303ip4_sv_reass_find_or_create (vlib_main_t * vm, ip4_sv_reass_main_t * rm,
304 ip4_sv_reass_per_thread_t * rt,
305 ip4_sv_reass_kv_t * kv, u8 * do_handoff)
306{
307 ip4_sv_reass_t *reass = NULL;
Tom Seidenberg5a7f2f12020-04-28 17:58:12 -0400308 f64 now = vlib_time_now (vm);
Klement Sekerade34c352019-06-25 11:19:22 +0000309
Klement Sekerac99c0252019-12-18 12:17:06 +0000310 if (!clib_bihash_search_16_8 (&rm->hash, &kv->kv, &kv->kv))
Klement Sekerade34c352019-06-25 11:19:22 +0000311 {
312 if (vm->thread_index != kv->v.thread_index)
313 {
314 *do_handoff = 1;
315 return NULL;
316 }
317 reass = pool_elt_at_index (rt->pool, kv->v.reass_index);
318
319 if (now > reass->last_heard + rm->timeout)
320 {
321 ip4_sv_reass_free (vm, rm, rt, reass);
322 reass = NULL;
323 }
324 }
325
326 if (reass)
327 {
328 reass->last_heard = now;
329 return reass;
330 }
331
332 if (rt->reass_n >= rm->max_reass_n && rm->max_reass_n)
333 {
zhengdelunce533632020-05-22 15:42:28 +0800334 reass = pool_elt_at_index (rt->pool, rt->lru_first);
Klement Sekerade34c352019-06-25 11:19:22 +0000335 ip4_sv_reass_free (vm, rm, rt, reass);
336 }
337
338 pool_get (rt->pool, reass);
339 clib_memset (reass, 0, sizeof (*reass));
340 reass->id = ((u64) vm->thread_index * 1000000000) + rt->id_counter;
341 ++rt->id_counter;
342 ip4_sv_reass_init (reass);
343 ++rt->reass_n;
344 reass->lru_prev = reass->lru_next = ~0;
345
346 if (~0 != rt->lru_last)
347 {
348 ip4_sv_reass_t *lru_last = pool_elt_at_index (rt->pool, rt->lru_last);
349 reass->lru_prev = rt->lru_last;
350 lru_last->lru_next = rt->lru_last = reass - rt->pool;
351 }
352
353 if (~0 == rt->lru_first)
354 {
355 rt->lru_first = rt->lru_last = reass - rt->pool;
356 }
357
Klement Sekerac99c0252019-12-18 12:17:06 +0000358 reass->key.as_u64[0] = kv->kv.key[0];
359 reass->key.as_u64[1] = kv->kv.key[1];
Klement Sekerade34c352019-06-25 11:19:22 +0000360 kv->v.reass_index = (reass - rt->pool);
361 kv->v.thread_index = vm->thread_index;
362 reass->last_heard = now;
363
Klement Sekerac99c0252019-12-18 12:17:06 +0000364 if (clib_bihash_add_del_16_8 (&rm->hash, &kv->kv, 1))
Klement Sekerade34c352019-06-25 11:19:22 +0000365 {
366 ip4_sv_reass_free (vm, rm, rt, reass);
367 reass = NULL;
368 }
369
370 return reass;
371}
372
373always_inline ip4_sv_reass_rc_t
374ip4_sv_reass_update (vlib_main_t * vm, vlib_node_runtime_t * node,
375 ip4_sv_reass_main_t * rm, ip4_sv_reass_per_thread_t * rt,
Klement Sekeraf126e742019-10-10 09:46:06 +0000376 ip4_header_t * ip0, ip4_sv_reass_t * reass, u32 bi0)
Klement Sekerade34c352019-06-25 11:19:22 +0000377{
Klement Sekeraf126e742019-10-10 09:46:06 +0000378 vlib_buffer_t *b0 = vlib_get_buffer (vm, bi0);
Klement Sekerade34c352019-06-25 11:19:22 +0000379 ip4_sv_reass_rc_t rc = IP4_SV_REASS_RC_OK;
Klement Sekeraf126e742019-10-10 09:46:06 +0000380 const u32 fragment_first = ip4_get_fragment_offset_bytes (ip0);
Klement Sekerade34c352019-06-25 11:19:22 +0000381 if (0 == fragment_first)
382 {
Klement Sekeraf126e742019-10-10 09:46:06 +0000383 reass->ip_proto = ip0->protocol;
384 reass->l4_src_port = ip4_get_port (ip0, 1);
385 reass->l4_dst_port = ip4_get_port (ip0, 0);
Klement Sekerade34c352019-06-25 11:19:22 +0000386 if (!reass->l4_src_port || !reass->l4_dst_port)
387 return IP4_SV_REASS_RC_UNSUPP_IP_PROTO;
Klement Sekeraf126e742019-10-10 09:46:06 +0000388 if (IP_PROTOCOL_TCP == reass->ip_proto)
389 {
390 reass->icmp_type_or_tcp_flags = ((tcp_header_t *) (ip0 + 1))->flags;
391 reass->tcp_ack_number = ((tcp_header_t *) (ip0 + 1))->ack_number;
392 reass->tcp_seq_number = ((tcp_header_t *) (ip0 + 1))->seq_number;
393 }
394 else if (IP_PROTOCOL_ICMP == reass->ip_proto)
395 {
396 reass->icmp_type_or_tcp_flags =
397 ((icmp46_header_t *) (ip0 + 1))->type;
398 }
Klement Sekerade34c352019-06-25 11:19:22 +0000399 reass->is_complete = true;
400 vlib_buffer_t *b0 = vlib_get_buffer (vm, bi0);
401 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
402 {
403 ip4_sv_reass_add_trace (vm, node, rm, reass, bi0, REASS_FINISH,
404 reass->ip_proto, reass->l4_src_port,
405 reass->l4_dst_port);
406 }
407 }
408 vec_add1 (reass->cached_buffers, bi0);
409 if (!reass->is_complete)
410 {
Klement Sekeraf126e742019-10-10 09:46:06 +0000411 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
Klement Sekerade34c352019-06-25 11:19:22 +0000412 {
413 ip4_sv_reass_add_trace (vm, node, rm, reass, bi0,
414 REASS_FRAGMENT_CACHE, ~0, ~0, ~0);
415 }
416 if (vec_len (reass->cached_buffers) > rm->max_reass_len)
417 {
418 rc = IP4_SV_REASS_RC_TOO_MANY_FRAGMENTS;
419 }
420 }
421 return rc;
422}
423
424always_inline uword
425ip4_sv_reass_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
Klement Sekeraf126e742019-10-10 09:46:06 +0000426 vlib_frame_t * frame, bool is_feature,
427 bool is_output_feature, bool is_custom)
Klement Sekerade34c352019-06-25 11:19:22 +0000428{
429 u32 *from = vlib_frame_vector_args (frame);
430 u32 n_left_from, n_left_to_next, *to_next, next_index;
431 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
432 ip4_sv_reass_per_thread_t *rt = &rm->per_thread_data[vm->thread_index];
433 clib_spinlock_lock (&rt->lock);
434
435 n_left_from = frame->n_vectors;
436 next_index = node->cached_next_index;
437
Klement Sekera18c6cd92020-07-10 09:29:48 +0000438 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
439 vlib_get_buffers (vm, from, bufs, n_left_from);
440 u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
441 b = bufs;
442
443 /* optimistic case first - no fragments */
444 while (n_left_from >= 2)
445 {
446 vlib_buffer_t *b0, *b1;
447 u32 next0, next1;
448 b0 = *b;
449 b++;
450 b1 = *b;
451 b++;
452
453 /* Prefetch next iteration. */
454 if (PREDICT_TRUE (n_left_from >= 4))
455 {
456 vlib_buffer_t *p2, *p3;
457
458 p2 = *b;
459 p3 = *(b + 1);
460
461 vlib_prefetch_buffer_header (p2, LOAD);
462 vlib_prefetch_buffer_header (p3, LOAD);
463
464 CLIB_PREFETCH (p2->data, CLIB_CACHE_LINE_BYTES, LOAD);
465 CLIB_PREFETCH (p3->data, CLIB_CACHE_LINE_BYTES, LOAD);
466 }
467
468 ip4_header_t *ip0 =
469 (ip4_header_t *) u8_ptr_add (vlib_buffer_get_current (b0),
470 (is_output_feature ? 1 : 0) *
471 vnet_buffer (b0)->
472 ip.save_rewrite_length);
473 ip4_header_t *ip1 =
474 (ip4_header_t *) u8_ptr_add (vlib_buffer_get_current (b1),
475 (is_output_feature ? 1 : 0) *
476 vnet_buffer (b1)->
477 ip.save_rewrite_length);
478 if (PREDICT_FALSE
479 (ip4_get_fragment_more (ip0) || ip4_get_fragment_offset (ip0))
480 || (ip4_get_fragment_more (ip1) || ip4_get_fragment_offset (ip1)))
481 {
482 // fragment found, go slow path
483 b -= 2;
484 if (b - bufs > 0)
485 {
486 vlib_buffer_enqueue_to_next (vm, node, from, (u16 *) nexts,
487 b - bufs);
488 }
489 goto slow_path;
490 }
491 if (is_feature)
492 {
493 vnet_feature_next (&next0, b0);
494 }
495 else
496 {
497 next0 = is_custom ? vnet_buffer (b0)->ip.reass.next_index :
498 IP4_SV_REASSEMBLY_NEXT_INPUT;
499 }
500 vnet_buffer (b0)->ip.reass.is_non_first_fragment = 0;
501 vnet_buffer (b0)->ip.reass.ip_proto = ip0->protocol;
502 if (IP_PROTOCOL_TCP == ip0->protocol)
503 {
504 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
505 ((tcp_header_t *) (ip0 + 1))->flags;
506 vnet_buffer (b0)->ip.reass.tcp_ack_number =
507 ((tcp_header_t *) (ip0 + 1))->ack_number;
508 vnet_buffer (b0)->ip.reass.tcp_seq_number =
509 ((tcp_header_t *) (ip0 + 1))->seq_number;
510 }
511 else if (IP_PROTOCOL_ICMP == ip0->protocol)
512 {
513 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
514 ((icmp46_header_t *) (ip0 + 1))->type;
515 }
516 vnet_buffer (b0)->ip.reass.l4_src_port = ip4_get_port (ip0, 1);
517 vnet_buffer (b0)->ip.reass.l4_dst_port = ip4_get_port (ip0, 0);
518 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
519 {
520 ip4_sv_reass_add_trace (vm, node, rm, NULL, from[(b - 2) - bufs],
521 REASS_PASSTHROUGH,
522 vnet_buffer (b0)->ip.reass.ip_proto,
523 vnet_buffer (b0)->ip.reass.l4_src_port,
524 vnet_buffer (b0)->ip.reass.l4_dst_port);
525 }
526 if (is_feature)
527 {
528 vnet_feature_next (&next1, b1);
529 }
530 else
531 {
532 next1 = is_custom ? vnet_buffer (b1)->ip.reass.next_index :
533 IP4_SV_REASSEMBLY_NEXT_INPUT;
534 }
535 vnet_buffer (b1)->ip.reass.is_non_first_fragment = 0;
536 vnet_buffer (b1)->ip.reass.ip_proto = ip1->protocol;
537 if (IP_PROTOCOL_TCP == ip1->protocol)
538 {
539 vnet_buffer (b1)->ip.reass.icmp_type_or_tcp_flags =
540 ((tcp_header_t *) (ip1 + 1))->flags;
541 vnet_buffer (b1)->ip.reass.tcp_ack_number =
542 ((tcp_header_t *) (ip1 + 1))->ack_number;
543 vnet_buffer (b1)->ip.reass.tcp_seq_number =
544 ((tcp_header_t *) (ip1 + 1))->seq_number;
545 }
546 else if (IP_PROTOCOL_ICMP == ip1->protocol)
547 {
548 vnet_buffer (b1)->ip.reass.icmp_type_or_tcp_flags =
549 ((icmp46_header_t *) (ip1 + 1))->type;
550 }
551 vnet_buffer (b1)->ip.reass.l4_src_port = ip4_get_port (ip1, 1);
552 vnet_buffer (b1)->ip.reass.l4_dst_port = ip4_get_port (ip1, 0);
553 if (PREDICT_FALSE (b1->flags & VLIB_BUFFER_IS_TRACED))
554 {
555 ip4_sv_reass_add_trace (vm, node, rm, NULL, from[(b - 1) - bufs],
556 REASS_PASSTHROUGH,
557 vnet_buffer (b1)->ip.reass.ip_proto,
558 vnet_buffer (b1)->ip.reass.l4_src_port,
559 vnet_buffer (b1)->ip.reass.l4_dst_port);
560 }
561
562 n_left_from -= 2;
563 next[0] = next0;
564 next[1] = next1;
565 next += 2;
566 }
567
568 while (n_left_from > 0)
569 {
570 vlib_buffer_t *b0;
571 u32 next0;
572 b0 = *b;
573 b++;
574
575 ip4_header_t *ip0 =
576 (ip4_header_t *) u8_ptr_add (vlib_buffer_get_current (b0),
577 (is_output_feature ? 1 : 0) *
578 vnet_buffer (b0)->
579 ip.save_rewrite_length);
580 if (PREDICT_FALSE
581 (ip4_get_fragment_more (ip0) || ip4_get_fragment_offset (ip0)))
582 {
583 // fragment found, go slow path
584 b -= 1;
585 if (b - bufs > 0)
586 {
587 vlib_buffer_enqueue_to_next (vm, node, from, (u16 *) nexts,
588 b - bufs);
589 }
590 goto slow_path;
591 }
592 if (is_feature)
593 {
594 vnet_feature_next (&next0, b0);
595 }
596 else
597 {
598 next0 =
599 is_custom ? vnet_buffer (b0)->ip.
600 reass.next_index : IP4_SV_REASSEMBLY_NEXT_INPUT;
601 }
602 vnet_buffer (b0)->ip.reass.is_non_first_fragment = 0;
603 vnet_buffer (b0)->ip.reass.ip_proto = ip0->protocol;
604 if (IP_PROTOCOL_TCP == ip0->protocol)
605 {
606 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
607 ((tcp_header_t *) (ip0 + 1))->flags;
608 vnet_buffer (b0)->ip.reass.tcp_ack_number =
609 ((tcp_header_t *) (ip0 + 1))->ack_number;
610 vnet_buffer (b0)->ip.reass.tcp_seq_number =
611 ((tcp_header_t *) (ip0 + 1))->seq_number;
612 }
613 else if (IP_PROTOCOL_ICMP == ip0->protocol)
614 {
615 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
616 ((icmp46_header_t *) (ip0 + 1))->type;
617 }
618 vnet_buffer (b0)->ip.reass.l4_src_port = ip4_get_port (ip0, 1);
619 vnet_buffer (b0)->ip.reass.l4_dst_port = ip4_get_port (ip0, 0);
620 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
621 {
622 ip4_sv_reass_add_trace (vm, node, rm, NULL, from[(b - 1) - bufs],
623 REASS_PASSTHROUGH,
624 vnet_buffer (b0)->ip.reass.ip_proto,
625 vnet_buffer (b0)->ip.reass.l4_src_port,
626 vnet_buffer (b0)->ip.reass.l4_dst_port);
627 }
628
629 n_left_from -= 1;
630 next[0] = next0;
631 next += 1;
632 }
633
634 vlib_buffer_enqueue_to_next (vm, node, from, (u16 *) nexts,
635 frame->n_vectors);
636
637 goto done;
638
639slow_path:
640
641 from += b - bufs;
642
Klement Sekerade34c352019-06-25 11:19:22 +0000643 while (n_left_from > 0)
644 {
645 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
646
647 while (n_left_from > 0 && n_left_to_next > 0)
648 {
649 u32 bi0;
650 vlib_buffer_t *b0;
651 u32 next0;
652 u32 error0 = IP4_ERROR_NONE;
653
654 bi0 = from[0];
655 b0 = vlib_get_buffer (vm, bi0);
656
Klement Sekeraf126e742019-10-10 09:46:06 +0000657 ip4_header_t *ip0 =
658 (ip4_header_t *) u8_ptr_add (vlib_buffer_get_current (b0),
Klement Sekera11492292020-05-26 10:38:05 +0000659 (is_output_feature ? 1 : 0) *
Klement Sekeraf126e742019-10-10 09:46:06 +0000660 vnet_buffer (b0)->
661 ip.save_rewrite_length);
Klement Sekerade34c352019-06-25 11:19:22 +0000662 if (!ip4_get_fragment_more (ip0) && !ip4_get_fragment_offset (ip0))
663 {
664 // this is a regular packet - no fragmentation
Klement Sekeraf126e742019-10-10 09:46:06 +0000665 if (is_custom)
666 {
667 next0 = vnet_buffer (b0)->ip.reass.next_index;
668 }
669 else
670 {
671 next0 = IP4_SV_REASSEMBLY_NEXT_INPUT;
672 }
Klement Sekeraf126e742019-10-10 09:46:06 +0000673 vnet_buffer (b0)->ip.reass.is_non_first_fragment = 0;
Klement Sekerade34c352019-06-25 11:19:22 +0000674 vnet_buffer (b0)->ip.reass.ip_proto = ip0->protocol;
Klement Sekeraf126e742019-10-10 09:46:06 +0000675 if (IP_PROTOCOL_TCP == ip0->protocol)
676 {
677 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
678 ((tcp_header_t *) (ip0 + 1))->flags;
679 vnet_buffer (b0)->ip.reass.tcp_ack_number =
680 ((tcp_header_t *) (ip0 + 1))->ack_number;
681 vnet_buffer (b0)->ip.reass.tcp_seq_number =
682 ((tcp_header_t *) (ip0 + 1))->seq_number;
683 }
684 else if (IP_PROTOCOL_ICMP == ip0->protocol)
685 {
686 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
687 ((icmp46_header_t *) (ip0 + 1))->type;
688 }
Klement Sekerade34c352019-06-25 11:19:22 +0000689 vnet_buffer (b0)->ip.reass.l4_src_port = ip4_get_port (ip0, 1);
690 vnet_buffer (b0)->ip.reass.l4_dst_port = ip4_get_port (ip0, 0);
Klement Sekeraf126e742019-10-10 09:46:06 +0000691 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
692 {
693 ip4_sv_reass_add_trace (vm, node, rm, NULL, bi0,
694 REASS_PASSTHROUGH,
695 vnet_buffer (b0)->ip.reass.ip_proto,
696 vnet_buffer (b0)->ip.
697 reass.l4_src_port,
698 vnet_buffer (b0)->ip.
699 reass.l4_dst_port);
700 }
Klement Sekerade34c352019-06-25 11:19:22 +0000701 goto packet_enqueue;
702 }
703 const u32 fragment_first = ip4_get_fragment_offset_bytes (ip0);
704 const u32 fragment_length =
705 clib_net_to_host_u16 (ip0->length) - ip4_header_bytes (ip0);
706 const u32 fragment_last = fragment_first + fragment_length - 1;
707 if (fragment_first > fragment_last || fragment_first + fragment_length > UINT16_MAX - 20 || (fragment_length < 8 && ip4_get_fragment_more (ip0))) // 8 is minimum frag length per RFC 791
708 {
709 next0 = IP4_SV_REASSEMBLY_NEXT_DROP;
710 error0 = IP4_ERROR_REASS_MALFORMED_PACKET;
Klement Sekera1766ddc2020-03-30 16:59:38 +0200711 b0->error = node->errors[error0];
Klement Sekerade34c352019-06-25 11:19:22 +0000712 goto packet_enqueue;
713 }
714 ip4_sv_reass_kv_t kv;
715 u8 do_handoff = 0;
716
717 kv.k.as_u64[0] =
718 (u64) vec_elt (ip4_main.fib_index_by_sw_if_index,
719 vnet_buffer (b0)->sw_if_index[VLIB_RX]) |
720 (u64) ip0->src_address.as_u32 << 32;
721 kv.k.as_u64[1] =
722 (u64) ip0->dst_address.
723 as_u32 | (u64) ip0->fragment_id << 32 | (u64) ip0->protocol << 48;
724
725 ip4_sv_reass_t *reass =
726 ip4_sv_reass_find_or_create (vm, rm, rt, &kv, &do_handoff);
727
728 if (PREDICT_FALSE (do_handoff))
729 {
730 next0 = IP4_SV_REASSEMBLY_NEXT_HANDOFF;
731 vnet_buffer (b0)->ip.reass.owner_thread_index =
732 kv.v.thread_index;
733 goto packet_enqueue;
734 }
735
736 if (!reass)
737 {
738 next0 = IP4_SV_REASSEMBLY_NEXT_DROP;
739 error0 = IP4_ERROR_REASS_LIMIT_REACHED;
Klement Sekera1766ddc2020-03-30 16:59:38 +0200740 b0->error = node->errors[error0];
Klement Sekerade34c352019-06-25 11:19:22 +0000741 goto packet_enqueue;
742 }
743
744 if (reass->is_complete)
745 {
Klement Sekeraf126e742019-10-10 09:46:06 +0000746 if (is_custom)
747 {
748 next0 = vnet_buffer (b0)->ip.reass.next_index;
749 }
750 else
751 {
752 next0 = IP4_SV_REASSEMBLY_NEXT_INPUT;
753 }
Klement Sekeraf126e742019-10-10 09:46:06 +0000754 vnet_buffer (b0)->ip.reass.is_non_first_fragment =
755 ! !fragment_first;
Klement Sekerade34c352019-06-25 11:19:22 +0000756 vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;
Klement Sekeraf126e742019-10-10 09:46:06 +0000757 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
758 reass->icmp_type_or_tcp_flags;
759 vnet_buffer (b0)->ip.reass.tcp_ack_number =
760 reass->tcp_ack_number;
761 vnet_buffer (b0)->ip.reass.tcp_seq_number =
762 reass->tcp_seq_number;
Klement Sekerade34c352019-06-25 11:19:22 +0000763 vnet_buffer (b0)->ip.reass.l4_src_port = reass->l4_src_port;
764 vnet_buffer (b0)->ip.reass.l4_dst_port = reass->l4_dst_port;
Klement Sekerade34c352019-06-25 11:19:22 +0000765 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
766 {
767 ip4_sv_reass_add_trace (vm, node, rm, reass, bi0,
768 REASS_FRAGMENT_FORWARD,
769 reass->ip_proto,
770 reass->l4_src_port,
771 reass->l4_dst_port);
772 }
773 goto packet_enqueue;
774 }
775
776 ip4_sv_reass_rc_t rc =
Klement Sekeraf126e742019-10-10 09:46:06 +0000777 ip4_sv_reass_update (vm, node, rm, rt, ip0, reass, bi0);
Klement Sekerade34c352019-06-25 11:19:22 +0000778 switch (rc)
779 {
780 case IP4_SV_REASS_RC_OK:
781 /* nothing to do here */
782 break;
783 case IP4_SV_REASS_RC_TOO_MANY_FRAGMENTS:
784 vlib_node_increment_counter (vm, node->node_index,
785 IP4_ERROR_REASS_FRAGMENT_CHAIN_TOO_LONG,
786 1);
787 ip4_sv_reass_free (vm, rm, rt, reass);
788 goto next_packet;
789 break;
790 case IP4_SV_REASS_RC_UNSUPP_IP_PROTO:
791 vlib_node_increment_counter (vm, node->node_index,
792 IP4_ERROR_REASS_FRAGMENT_CHAIN_TOO_LONG,
793 1);
794 ip4_sv_reass_free (vm, rm, rt, reass);
795 goto next_packet;
796 break;
797 }
798 if (reass->is_complete)
799 {
800 u32 idx;
801 vec_foreach_index (idx, reass->cached_buffers)
802 {
803 u32 bi0 = vec_elt (reass->cached_buffers, idx);
804 vlib_buffer_t *b0 = vlib_get_buffer (vm, bi0);
Klement Sekera11492292020-05-26 10:38:05 +0000805 ip0 =
806 (ip4_header_t *) u8_ptr_add (vlib_buffer_get_current (b0),
807 (is_output_feature ? 1 : 0) *
808 vnet_buffer (b0)->
809 ip.save_rewrite_length);
Klement Sekerade34c352019-06-25 11:19:22 +0000810 u32 next0 = IP4_SV_REASSEMBLY_NEXT_INPUT;
811 if (is_feature)
812 {
813 vnet_feature_next (&next0, b0);
814 }
815 if (is_custom)
816 {
817 next0 = vnet_buffer (b0)->ip.reass.next_index;
818 }
819 if (0 == n_left_to_next)
820 {
821 vlib_put_next_frame (vm, node, next_index,
822 n_left_to_next);
823 vlib_get_next_frame (vm, node, next_index, to_next,
824 n_left_to_next);
825 }
826 to_next[0] = bi0;
827 to_next += 1;
828 n_left_to_next -= 1;
Klement Sekeraf126e742019-10-10 09:46:06 +0000829 vnet_buffer (b0)->ip.reass.is_non_first_fragment =
Klement Sekera11492292020-05-26 10:38:05 +0000830 ! !ip4_get_fragment_offset (ip0);
Klement Sekerade34c352019-06-25 11:19:22 +0000831 vnet_buffer (b0)->ip.reass.ip_proto = reass->ip_proto;
Klement Sekeraf126e742019-10-10 09:46:06 +0000832 vnet_buffer (b0)->ip.reass.icmp_type_or_tcp_flags =
833 reass->icmp_type_or_tcp_flags;
834 vnet_buffer (b0)->ip.reass.tcp_ack_number =
835 reass->tcp_ack_number;
836 vnet_buffer (b0)->ip.reass.tcp_seq_number =
837 reass->tcp_seq_number;
Klement Sekerade34c352019-06-25 11:19:22 +0000838 vnet_buffer (b0)->ip.reass.l4_src_port = reass->l4_src_port;
839 vnet_buffer (b0)->ip.reass.l4_dst_port = reass->l4_dst_port;
840 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
841 {
842 ip4_sv_reass_add_trace (vm, node, rm, reass, bi0,
843 REASS_FRAGMENT_FORWARD,
844 reass->ip_proto,
845 reass->l4_src_port,
846 reass->l4_dst_port);
847 }
848 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
849 to_next, n_left_to_next, bi0,
850 next0);
851 }
852 _vec_len (reass->cached_buffers) = 0; // buffers are owned by frame now
853 }
854 goto next_packet;
855
856 packet_enqueue:
Klement Sekerade34c352019-06-25 11:19:22 +0000857 to_next[0] = bi0;
858 to_next += 1;
859 n_left_to_next -= 1;
860 if (is_feature && IP4_ERROR_NONE == error0)
861 {
862 b0 = vlib_get_buffer (vm, bi0);
863 vnet_feature_next (&next0, b0);
864 }
Klement Sekerade34c352019-06-25 11:19:22 +0000865 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
866 to_next, n_left_to_next,
867 bi0, next0);
868
869 next_packet:
870 from += 1;
871 n_left_from -= 1;
872 }
873
874 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
875 }
876
Klement Sekera18c6cd92020-07-10 09:29:48 +0000877done:
Klement Sekerade34c352019-06-25 11:19:22 +0000878 clib_spinlock_unlock (&rt->lock);
879 return frame->n_vectors;
880}
881
882static char *ip4_sv_reass_error_strings[] = {
883#define _(sym, string) string,
884 foreach_ip4_error
885#undef _
886};
887
888VLIB_NODE_FN (ip4_sv_reass_node) (vlib_main_t * vm,
889 vlib_node_runtime_t * node,
890 vlib_frame_t * frame)
891{
892 return ip4_sv_reass_inline (vm, node, frame, false /* is_feature */ ,
Klement Sekeraf126e742019-10-10 09:46:06 +0000893 false /* is_output_feature */ ,
Klement Sekerade34c352019-06-25 11:19:22 +0000894 false /* is_custom */ );
895}
896
897/* *INDENT-OFF* */
898VLIB_REGISTER_NODE (ip4_sv_reass_node) = {
899 .name = "ip4-sv-reassembly",
900 .vector_size = sizeof (u32),
901 .format_trace = format_ip4_sv_reass_trace,
902 .n_errors = ARRAY_LEN (ip4_sv_reass_error_strings),
903 .error_strings = ip4_sv_reass_error_strings,
904 .n_next_nodes = IP4_SV_REASSEMBLY_N_NEXT,
905 .next_nodes =
906 {
907 [IP4_SV_REASSEMBLY_NEXT_INPUT] = "ip4-input",
908 [IP4_SV_REASSEMBLY_NEXT_DROP] = "ip4-drop",
909 [IP4_SV_REASSEMBLY_NEXT_HANDOFF] = "ip4-sv-reassembly-handoff",
910
911 },
912};
913/* *INDENT-ON* */
914
915VLIB_NODE_FN (ip4_sv_reass_node_feature) (vlib_main_t * vm,
916 vlib_node_runtime_t * node,
917 vlib_frame_t * frame)
918{
919 return ip4_sv_reass_inline (vm, node, frame, true /* is_feature */ ,
Klement Sekeraf126e742019-10-10 09:46:06 +0000920 false /* is_output_feature */ ,
Klement Sekerade34c352019-06-25 11:19:22 +0000921 false /* is_custom */ );
922}
923
924/* *INDENT-OFF* */
925VLIB_REGISTER_NODE (ip4_sv_reass_node_feature) = {
926 .name = "ip4-sv-reassembly-feature",
927 .vector_size = sizeof (u32),
928 .format_trace = format_ip4_sv_reass_trace,
929 .n_errors = ARRAY_LEN (ip4_sv_reass_error_strings),
930 .error_strings = ip4_sv_reass_error_strings,
931 .n_next_nodes = IP4_SV_REASSEMBLY_N_NEXT,
932 .next_nodes =
933 {
934 [IP4_SV_REASSEMBLY_NEXT_INPUT] = "ip4-input",
935 [IP4_SV_REASSEMBLY_NEXT_DROP] = "ip4-drop",
936 [IP4_SV_REASSEMBLY_NEXT_HANDOFF] = "ip4-sv-reass-feature-hoff",
937 },
938};
939/* *INDENT-ON* */
940
941/* *INDENT-OFF* */
942VNET_FEATURE_INIT (ip4_sv_reass_feature) = {
943 .arc_name = "ip4-unicast",
944 .node_name = "ip4-sv-reassembly-feature",
945 .runs_before = VNET_FEATURES ("ip4-lookup"),
946 .runs_after = 0,
947};
948/* *INDENT-ON* */
949
Klement Sekeraf126e742019-10-10 09:46:06 +0000950VLIB_NODE_FN (ip4_sv_reass_node_output_feature) (vlib_main_t * vm,
951 vlib_node_runtime_t * node,
952 vlib_frame_t * frame)
953{
954 return ip4_sv_reass_inline (vm, node, frame, true /* is_feature */ ,
955 true /* is_output_feature */ ,
956 false /* is_custom */ );
957}
958
959
960/* *INDENT-OFF* */
961VLIB_REGISTER_NODE (ip4_sv_reass_node_output_feature) = {
962 .name = "ip4-sv-reassembly-output-feature",
963 .vector_size = sizeof (u32),
964 .format_trace = format_ip4_sv_reass_trace,
965 .n_errors = ARRAY_LEN (ip4_sv_reass_error_strings),
966 .error_strings = ip4_sv_reass_error_strings,
967 .n_next_nodes = IP4_SV_REASSEMBLY_N_NEXT,
968 .next_nodes =
969 {
970 [IP4_SV_REASSEMBLY_NEXT_INPUT] = "ip4-input",
971 [IP4_SV_REASSEMBLY_NEXT_DROP] = "ip4-drop",
972 [IP4_SV_REASSEMBLY_NEXT_HANDOFF] = "ip4-sv-reass-feature-hoff",
973 },
974};
975/* *INDENT-ON* */
976
977/* *INDENT-OFF* */
978VNET_FEATURE_INIT (ip4_sv_reass_output_feature) = {
979 .arc_name = "ip4-output",
980 .node_name = "ip4-sv-reassembly-output-feature",
981 .runs_before = 0,
982 .runs_after = 0,
983};
984/* *INDENT-ON* */
985
Klement Sekerade34c352019-06-25 11:19:22 +0000986/* *INDENT-OFF* */
987VLIB_REGISTER_NODE (ip4_sv_reass_custom_node) = {
988 .name = "ip4-sv-reassembly-custom-next",
989 .vector_size = sizeof (u32),
990 .format_trace = format_ip4_sv_reass_trace,
991 .n_errors = ARRAY_LEN (ip4_sv_reass_error_strings),
992 .error_strings = ip4_sv_reass_error_strings,
993 .n_next_nodes = IP4_SV_REASSEMBLY_N_NEXT,
994 .next_nodes =
995 {
996 [IP4_SV_REASSEMBLY_NEXT_INPUT] = "ip4-input",
997 [IP4_SV_REASSEMBLY_NEXT_DROP] = "ip4-drop",
998 [IP4_SV_REASSEMBLY_NEXT_HANDOFF] = "ip4-sv-reassembly-handoff",
999
1000 },
1001};
1002/* *INDENT-ON* */
1003
1004VLIB_NODE_FN (ip4_sv_reass_custom_node) (vlib_main_t * vm,
1005 vlib_node_runtime_t * node,
1006 vlib_frame_t * frame)
1007{
1008 return ip4_sv_reass_inline (vm, node, frame, false /* is_feature */ ,
Klement Sekeraf126e742019-10-10 09:46:06 +00001009 false /* is_output_feature */ ,
Klement Sekerade34c352019-06-25 11:19:22 +00001010 true /* is_custom */ );
1011}
1012
1013#ifndef CLIB_MARCH_VARIANT
1014always_inline u32
1015ip4_sv_reass_get_nbuckets ()
1016{
1017 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1018 u32 nbuckets;
1019 u8 i;
1020
1021 nbuckets = (u32) (rm->max_reass_n / IP4_SV_REASS_HT_LOAD_FACTOR);
1022
1023 for (i = 0; i < 31; i++)
1024 if ((1 << i) >= nbuckets)
1025 break;
1026 nbuckets = 1 << i;
1027
1028 return nbuckets;
1029}
1030#endif /* CLIB_MARCH_VARIANT */
1031
1032typedef enum
1033{
1034 IP4_EVENT_CONFIG_CHANGED = 1,
1035} ip4_sv_reass_event_t;
1036
1037typedef struct
1038{
1039 int failure;
1040 clib_bihash_16_8_t *new_hash;
1041} ip4_rehash_cb_ctx;
1042
1043#ifndef CLIB_MARCH_VARIANT
Neale Rannsf50bac12019-12-06 05:53:17 +00001044static int
Klement Sekerade34c352019-06-25 11:19:22 +00001045ip4_rehash_cb (clib_bihash_kv_16_8_t * kv, void *_ctx)
1046{
1047 ip4_rehash_cb_ctx *ctx = _ctx;
1048 if (clib_bihash_add_del_16_8 (ctx->new_hash, kv, 1))
1049 {
1050 ctx->failure = 1;
1051 }
Neale Rannsf50bac12019-12-06 05:53:17 +00001052 return (BIHASH_WALK_CONTINUE);
Klement Sekerade34c352019-06-25 11:19:22 +00001053}
1054
1055static void
1056ip4_sv_reass_set_params (u32 timeout_ms, u32 max_reassemblies,
1057 u32 max_reassembly_length,
1058 u32 expire_walk_interval_ms)
1059{
1060 ip4_sv_reass_main.timeout_ms = timeout_ms;
1061 ip4_sv_reass_main.timeout = (f64) timeout_ms / (f64) MSEC_PER_SEC;
1062 ip4_sv_reass_main.max_reass_n = max_reassemblies;
1063 ip4_sv_reass_main.max_reass_len = max_reassembly_length;
1064 ip4_sv_reass_main.expire_walk_interval_ms = expire_walk_interval_ms;
1065}
1066
1067vnet_api_error_t
1068ip4_sv_reass_set (u32 timeout_ms, u32 max_reassemblies,
1069 u32 max_reassembly_length, u32 expire_walk_interval_ms)
1070{
1071 u32 old_nbuckets = ip4_sv_reass_get_nbuckets ();
1072 ip4_sv_reass_set_params (timeout_ms, max_reassemblies,
1073 max_reassembly_length, expire_walk_interval_ms);
1074 vlib_process_signal_event (ip4_sv_reass_main.vlib_main,
1075 ip4_sv_reass_main.ip4_sv_reass_expire_node_idx,
1076 IP4_EVENT_CONFIG_CHANGED, 0);
1077 u32 new_nbuckets = ip4_sv_reass_get_nbuckets ();
1078 if (ip4_sv_reass_main.max_reass_n > 0 && new_nbuckets > old_nbuckets)
1079 {
1080 clib_bihash_16_8_t new_hash;
1081 clib_memset (&new_hash, 0, sizeof (new_hash));
1082 ip4_rehash_cb_ctx ctx;
1083 ctx.failure = 0;
1084 ctx.new_hash = &new_hash;
1085 clib_bihash_init_16_8 (&new_hash, "ip4-dr", new_nbuckets,
1086 new_nbuckets * 1024);
1087 clib_bihash_foreach_key_value_pair_16_8 (&ip4_sv_reass_main.hash,
1088 ip4_rehash_cb, &ctx);
1089 if (ctx.failure)
1090 {
1091 clib_bihash_free_16_8 (&new_hash);
1092 return -1;
1093 }
1094 else
1095 {
1096 clib_bihash_free_16_8 (&ip4_sv_reass_main.hash);
1097 clib_memcpy_fast (&ip4_sv_reass_main.hash, &new_hash,
1098 sizeof (ip4_sv_reass_main.hash));
1099 clib_bihash_copied (&ip4_sv_reass_main.hash, &new_hash);
1100 }
1101 }
1102 return 0;
1103}
1104
1105vnet_api_error_t
1106ip4_sv_reass_get (u32 * timeout_ms, u32 * max_reassemblies,
1107 u32 * max_reassembly_length, u32 * expire_walk_interval_ms)
1108{
1109 *timeout_ms = ip4_sv_reass_main.timeout_ms;
1110 *max_reassemblies = ip4_sv_reass_main.max_reass_n;
1111 *max_reassembly_length = ip4_sv_reass_main.max_reass_len;
1112 *expire_walk_interval_ms = ip4_sv_reass_main.expire_walk_interval_ms;
1113 return 0;
1114}
1115
1116static clib_error_t *
1117ip4_sv_reass_init_function (vlib_main_t * vm)
1118{
1119 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1120 clib_error_t *error = 0;
1121 u32 nbuckets;
1122 vlib_node_t *node;
1123
1124 rm->vlib_main = vm;
1125 rm->vnet_main = vnet_get_main ();
1126
1127 vec_validate (rm->per_thread_data, vlib_num_workers ());
1128 ip4_sv_reass_per_thread_t *rt;
1129 vec_foreach (rt, rm->per_thread_data)
1130 {
1131 clib_spinlock_init (&rt->lock);
1132 pool_alloc (rt->pool, rm->max_reass_n);
1133 rt->lru_first = rt->lru_last = ~0;
1134 }
1135
1136 node = vlib_get_node_by_name (vm, (u8 *) "ip4-sv-reassembly-expire-walk");
1137 ASSERT (node);
1138 rm->ip4_sv_reass_expire_node_idx = node->index;
1139
1140 ip4_sv_reass_set_params (IP4_SV_REASS_TIMEOUT_DEFAULT_MS,
1141 IP4_SV_REASS_MAX_REASSEMBLIES_DEFAULT,
1142 IP4_SV_REASS_MAX_REASSEMBLY_LENGTH_DEFAULT,
1143 IP4_SV_REASS_EXPIRE_WALK_INTERVAL_DEFAULT_MS);
1144
1145 nbuckets = ip4_sv_reass_get_nbuckets ();
1146 clib_bihash_init_16_8 (&rm->hash, "ip4-dr", nbuckets, nbuckets * 1024);
1147
1148 node = vlib_get_node_by_name (vm, (u8 *) "ip4-drop");
1149 ASSERT (node);
1150 rm->ip4_drop_idx = node->index;
1151
1152 rm->fq_index = vlib_frame_queue_main_init (ip4_sv_reass_node.index, 0);
1153 rm->fq_feature_index =
1154 vlib_frame_queue_main_init (ip4_sv_reass_node_feature.index, 0);
1155
Klement Sekera63c73532019-09-30 14:35:36 +00001156 rm->feature_use_refcount_per_intf = NULL;
Klement Sekeraf126e742019-10-10 09:46:06 +00001157 rm->output_feature_use_refcount_per_intf = NULL;
Klement Sekera63c73532019-09-30 14:35:36 +00001158
Klement Sekerade34c352019-06-25 11:19:22 +00001159 return error;
1160}
1161
1162VLIB_INIT_FUNCTION (ip4_sv_reass_init_function);
1163#endif /* CLIB_MARCH_VARIANT */
1164
1165static uword
1166ip4_sv_reass_walk_expired (vlib_main_t * vm,
1167 vlib_node_runtime_t * node, vlib_frame_t * f)
1168{
1169 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1170 uword event_type, *event_data = 0;
1171
1172 while (true)
1173 {
1174 vlib_process_wait_for_event_or_clock (vm,
1175 (f64)
1176 rm->expire_walk_interval_ms /
1177 (f64) MSEC_PER_SEC);
1178 event_type = vlib_process_get_events (vm, &event_data);
1179
1180 switch (event_type)
1181 {
1182 case ~0: /* no events => timeout */
1183 /* nothing to do here */
1184 break;
1185 case IP4_EVENT_CONFIG_CHANGED:
1186 break;
1187 default:
1188 clib_warning ("BUG: event type 0x%wx", event_type);
1189 break;
1190 }
1191 f64 now = vlib_time_now (vm);
1192
1193 ip4_sv_reass_t *reass;
1194 int *pool_indexes_to_free = NULL;
1195
1196 uword thread_index = 0;
1197 int index;
1198 const uword nthreads = vlib_num_workers () + 1;
1199 for (thread_index = 0; thread_index < nthreads; ++thread_index)
1200 {
1201 ip4_sv_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
1202 clib_spinlock_lock (&rt->lock);
1203
1204 vec_reset_length (pool_indexes_to_free);
1205 /* *INDENT-OFF* */
Damjan Marionb2c31b62020-12-13 21:47:40 +01001206 pool_foreach_index (index, rt->pool) {
Klement Sekerade34c352019-06-25 11:19:22 +00001207 reass = pool_elt_at_index (rt->pool, index);
1208 if (now > reass->last_heard + rm->timeout)
1209 {
1210 vec_add1 (pool_indexes_to_free, index);
1211 }
Damjan Marionb2c31b62020-12-13 21:47:40 +01001212 }
Klement Sekerade34c352019-06-25 11:19:22 +00001213 /* *INDENT-ON* */
1214 int *i;
1215 /* *INDENT-OFF* */
1216 vec_foreach (i, pool_indexes_to_free)
1217 {
1218 ip4_sv_reass_t *reass = pool_elt_at_index (rt->pool, i[0]);
1219 ip4_sv_reass_free (vm, rm, rt, reass);
1220 }
1221 /* *INDENT-ON* */
1222
1223 clib_spinlock_unlock (&rt->lock);
1224 }
1225
1226 vec_free (pool_indexes_to_free);
1227 if (event_data)
1228 {
1229 _vec_len (event_data) = 0;
1230 }
1231 }
1232
1233 return 0;
1234}
1235
1236/* *INDENT-OFF* */
1237VLIB_REGISTER_NODE (ip4_sv_reass_expire_node) = {
1238 .function = ip4_sv_reass_walk_expired,
1239 .type = VLIB_NODE_TYPE_PROCESS,
1240 .name = "ip4-sv-reassembly-expire-walk",
1241 .format_trace = format_ip4_sv_reass_trace,
1242 .n_errors = ARRAY_LEN (ip4_sv_reass_error_strings),
1243 .error_strings = ip4_sv_reass_error_strings,
1244
1245};
1246/* *INDENT-ON* */
1247
1248static u8 *
1249format_ip4_sv_reass_key (u8 * s, va_list * args)
1250{
1251 ip4_sv_reass_key_t *key = va_arg (*args, ip4_sv_reass_key_t *);
1252 s =
1253 format (s,
1254 "xx_id: %u, src: %U, dst: %U, frag_id: %u, proto: %u",
1255 key->xx_id, format_ip4_address, &key->src, format_ip4_address,
1256 &key->dst, clib_net_to_host_u16 (key->frag_id), key->proto);
1257 return s;
1258}
1259
1260static u8 *
1261format_ip4_sv_reass (u8 * s, va_list * args)
1262{
1263 vlib_main_t *vm = va_arg (*args, vlib_main_t *);
1264 ip4_sv_reass_t *reass = va_arg (*args, ip4_sv_reass_t *);
1265
1266 s = format (s, "ID: %lu, key: %U trace_op_counter: %u\n",
1267 reass->id, format_ip4_sv_reass_key, &reass->key,
1268 reass->trace_op_counter);
1269
1270 vlib_buffer_t *b;
1271 u32 *bip;
1272 u32 counter = 0;
1273 vec_foreach (bip, reass->cached_buffers)
1274 {
1275 u32 bi = *bip;
1276 do
1277 {
1278 b = vlib_get_buffer (vm, bi);
1279 s = format (s, " #%03u: bi: %u, ", counter, bi);
1280 ++counter;
1281 bi = b->next_buffer;
1282 }
1283 while (b->flags & VLIB_BUFFER_NEXT_PRESENT);
1284 }
1285 return s;
1286}
1287
1288static clib_error_t *
1289show_ip4_reass (vlib_main_t * vm,
1290 unformat_input_t * input,
1291 CLIB_UNUSED (vlib_cli_command_t * lmd))
1292{
1293 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1294
1295 vlib_cli_output (vm, "---------------------");
1296 vlib_cli_output (vm, "IP4 reassembly status");
1297 vlib_cli_output (vm, "---------------------");
1298 bool details = false;
1299 if (unformat (input, "details"))
1300 {
1301 details = true;
1302 }
1303
1304 u32 sum_reass_n = 0;
1305 ip4_sv_reass_t *reass;
1306 uword thread_index;
1307 const uword nthreads = vlib_num_workers () + 1;
1308 for (thread_index = 0; thread_index < nthreads; ++thread_index)
1309 {
1310 ip4_sv_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
1311 clib_spinlock_lock (&rt->lock);
1312 if (details)
1313 {
1314 /* *INDENT-OFF* */
Damjan Marionb2c31b62020-12-13 21:47:40 +01001315 pool_foreach (reass, rt->pool) {
Klement Sekerade34c352019-06-25 11:19:22 +00001316 vlib_cli_output (vm, "%U", format_ip4_sv_reass, vm, reass);
Damjan Marionb2c31b62020-12-13 21:47:40 +01001317 }
Klement Sekerade34c352019-06-25 11:19:22 +00001318 /* *INDENT-ON* */
1319 }
1320 sum_reass_n += rt->reass_n;
1321 clib_spinlock_unlock (&rt->lock);
1322 }
1323 vlib_cli_output (vm, "---------------------");
1324 vlib_cli_output (vm, "Current IP4 reassemblies count: %lu\n",
1325 (long unsigned) sum_reass_n);
1326 vlib_cli_output (vm,
Vladimir Ratnikova877cf92019-12-21 06:27:52 -05001327 "Maximum configured concurrent shallow virtual IP4 reassemblies per worker-thread: %lu\n",
Klement Sekerade34c352019-06-25 11:19:22 +00001328 (long unsigned) rm->max_reass_n);
Vladimir Ratnikova877cf92019-12-21 06:27:52 -05001329 vlib_cli_output (vm,
1330 "Maximum configured shallow virtual IP4 reassembly timeout: %lums\n",
1331 (long unsigned) rm->timeout_ms);
1332 vlib_cli_output (vm,
1333 "Maximum configured shallow virtual IP4 reassembly expire walk interval: %lums\n",
1334 (long unsigned) rm->expire_walk_interval_ms);
Klement Sekerade34c352019-06-25 11:19:22 +00001335 return 0;
1336}
1337
1338/* *INDENT-OFF* */
1339VLIB_CLI_COMMAND (show_ip4_sv_reass_cmd, static) = {
1340 .path = "show ip4-sv-reassembly",
1341 .short_help = "show ip4-sv-reassembly [details]",
1342 .function = show_ip4_reass,
1343};
1344/* *INDENT-ON* */
1345
1346#ifndef CLIB_MARCH_VARIANT
1347vnet_api_error_t
1348ip4_sv_reass_enable_disable (u32 sw_if_index, u8 enable_disable)
1349{
Klement Sekeraf126e742019-10-10 09:46:06 +00001350 return ip4_sv_reass_enable_disable_with_refcnt (sw_if_index,
1351 enable_disable);
Klement Sekerade34c352019-06-25 11:19:22 +00001352}
1353#endif /* CLIB_MARCH_VARIANT */
1354
1355
1356#define foreach_ip4_sv_reass_handoff_error \
1357_(CONGESTION_DROP, "congestion drop")
1358
1359
1360typedef enum
1361{
1362#define _(sym,str) IP4_SV_REASSEMBLY_HANDOFF_ERROR_##sym,
1363 foreach_ip4_sv_reass_handoff_error
1364#undef _
1365 IP4_SV_REASSEMBLY_HANDOFF_N_ERROR,
1366} ip4_sv_reass_handoff_error_t;
1367
1368static char *ip4_sv_reass_handoff_error_strings[] = {
1369#define _(sym,string) string,
1370 foreach_ip4_sv_reass_handoff_error
1371#undef _
1372};
1373
1374typedef struct
1375{
1376 u32 next_worker_index;
1377} ip4_sv_reass_handoff_trace_t;
1378
1379static u8 *
1380format_ip4_sv_reass_handoff_trace (u8 * s, va_list * args)
1381{
1382 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1383 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1384 ip4_sv_reass_handoff_trace_t *t =
1385 va_arg (*args, ip4_sv_reass_handoff_trace_t *);
1386
1387 s =
1388 format (s, "ip4-sv-reassembly-handoff: next-worker %d",
1389 t->next_worker_index);
1390
1391 return s;
1392}
1393
1394always_inline uword
1395ip4_sv_reass_handoff_node_inline (vlib_main_t * vm,
1396 vlib_node_runtime_t * node,
1397 vlib_frame_t * frame, bool is_feature)
1398{
1399 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1400
1401 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
1402 u32 n_enq, n_left_from, *from;
1403 u16 thread_indices[VLIB_FRAME_SIZE], *ti;
1404 u32 fq_index;
1405
1406 from = vlib_frame_vector_args (frame);
1407 n_left_from = frame->n_vectors;
1408 vlib_get_buffers (vm, from, bufs, n_left_from);
1409
1410 b = bufs;
1411 ti = thread_indices;
1412
1413 fq_index = (is_feature) ? rm->fq_feature_index : rm->fq_index;
1414
1415 while (n_left_from > 0)
1416 {
1417 ti[0] = vnet_buffer (b[0])->ip.reass.owner_thread_index;
1418
1419 if (PREDICT_FALSE
1420 ((node->flags & VLIB_NODE_FLAG_TRACE)
1421 && (b[0]->flags & VLIB_BUFFER_IS_TRACED)))
1422 {
1423 ip4_sv_reass_handoff_trace_t *t =
1424 vlib_add_trace (vm, node, b[0], sizeof (*t));
1425 t->next_worker_index = ti[0];
1426 }
1427
1428 n_left_from -= 1;
1429 ti += 1;
1430 b += 1;
1431 }
1432 n_enq =
1433 vlib_buffer_enqueue_to_thread (vm, fq_index, from, thread_indices,
1434 frame->n_vectors, 1);
1435
1436 if (n_enq < frame->n_vectors)
1437 vlib_node_increment_counter (vm, node->node_index,
1438 IP4_SV_REASSEMBLY_HANDOFF_ERROR_CONGESTION_DROP,
1439 frame->n_vectors - n_enq);
1440 return frame->n_vectors;
1441}
1442
1443VLIB_NODE_FN (ip4_sv_reass_handoff_node) (vlib_main_t * vm,
1444 vlib_node_runtime_t * node,
1445 vlib_frame_t * frame)
1446{
1447 return ip4_sv_reass_handoff_node_inline (vm, node, frame,
1448 false /* is_feature */ );
1449}
1450
1451
1452/* *INDENT-OFF* */
1453VLIB_REGISTER_NODE (ip4_sv_reass_handoff_node) = {
1454 .name = "ip4-sv-reassembly-handoff",
1455 .vector_size = sizeof (u32),
1456 .n_errors = ARRAY_LEN(ip4_sv_reass_handoff_error_strings),
1457 .error_strings = ip4_sv_reass_handoff_error_strings,
1458 .format_trace = format_ip4_sv_reass_handoff_trace,
1459
1460 .n_next_nodes = 1,
1461
1462 .next_nodes = {
1463 [0] = "error-drop",
1464 },
1465};
1466/* *INDENT-ON* */
1467
1468
1469/* *INDENT-OFF* */
1470VLIB_NODE_FN (ip4_sv_reass_feature_handoff_node) (vlib_main_t * vm,
1471 vlib_node_runtime_t *
1472 node,
1473 vlib_frame_t * frame)
1474{
1475 return ip4_sv_reass_handoff_node_inline (vm, node, frame,
1476 true /* is_feature */ );
1477}
1478/* *INDENT-ON* */
1479
1480
1481/* *INDENT-OFF* */
1482VLIB_REGISTER_NODE (ip4_sv_reass_feature_handoff_node) = {
1483 .name = "ip4-sv-reass-feature-hoff",
1484 .vector_size = sizeof (u32),
1485 .n_errors = ARRAY_LEN(ip4_sv_reass_handoff_error_strings),
1486 .error_strings = ip4_sv_reass_handoff_error_strings,
1487 .format_trace = format_ip4_sv_reass_handoff_trace,
1488
1489 .n_next_nodes = 1,
1490
1491 .next_nodes = {
1492 [0] = "error-drop",
1493 },
1494};
1495/* *INDENT-ON* */
1496
1497#ifndef CLIB_MARCH_VARIANT
1498int
1499ip4_sv_reass_enable_disable_with_refcnt (u32 sw_if_index, int is_enable)
1500{
1501 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
Klement Sekera63c73532019-09-30 14:35:36 +00001502 vec_validate (rm->feature_use_refcount_per_intf, sw_if_index);
Klement Sekerade34c352019-06-25 11:19:22 +00001503 if (is_enable)
1504 {
Klement Sekera63c73532019-09-30 14:35:36 +00001505 if (!rm->feature_use_refcount_per_intf[sw_if_index])
Klement Sekerade34c352019-06-25 11:19:22 +00001506 {
Klement Sekera63c73532019-09-30 14:35:36 +00001507 ++rm->feature_use_refcount_per_intf[sw_if_index];
Klement Sekerade34c352019-06-25 11:19:22 +00001508 return vnet_feature_enable_disable ("ip4-unicast",
1509 "ip4-sv-reassembly-feature",
1510 sw_if_index, 1, 0, 0);
1511 }
Klement Sekera63c73532019-09-30 14:35:36 +00001512 ++rm->feature_use_refcount_per_intf[sw_if_index];
Klement Sekerade34c352019-06-25 11:19:22 +00001513 }
1514 else
1515 {
Klement Sekeraf126e742019-10-10 09:46:06 +00001516 if (rm->feature_use_refcount_per_intf[sw_if_index])
1517 --rm->feature_use_refcount_per_intf[sw_if_index];
Klement Sekera63c73532019-09-30 14:35:36 +00001518 if (!rm->feature_use_refcount_per_intf[sw_if_index])
Klement Sekerade34c352019-06-25 11:19:22 +00001519 return vnet_feature_enable_disable ("ip4-unicast",
1520 "ip4-sv-reassembly-feature",
1521 sw_if_index, 0, 0, 0);
1522 }
Klement Sekera407f5932019-12-11 13:06:27 +00001523 return 0;
Klement Sekerade34c352019-06-25 11:19:22 +00001524}
1525
1526uword
1527ip4_sv_reass_custom_register_next_node (uword node_index)
1528{
1529 return vlib_node_add_next (vlib_get_main (), ip4_sv_reass_custom_node.index,
1530 node_index);
1531}
Klement Sekeraf126e742019-10-10 09:46:06 +00001532
1533int
1534ip4_sv_reass_output_enable_disable_with_refcnt (u32 sw_if_index,
1535 int is_enable)
1536{
1537 ip4_sv_reass_main_t *rm = &ip4_sv_reass_main;
1538 vec_validate (rm->output_feature_use_refcount_per_intf, sw_if_index);
1539 if (is_enable)
1540 {
1541 if (!rm->output_feature_use_refcount_per_intf[sw_if_index])
1542 {
1543 ++rm->output_feature_use_refcount_per_intf[sw_if_index];
1544 return vnet_feature_enable_disable ("ip4-output",
1545 "ip4-sv-reassembly-output-feature",
1546 sw_if_index, 1, 0, 0);
1547 }
1548 ++rm->output_feature_use_refcount_per_intf[sw_if_index];
1549 }
1550 else
1551 {
1552 if (rm->output_feature_use_refcount_per_intf[sw_if_index])
1553 --rm->output_feature_use_refcount_per_intf[sw_if_index];
1554 if (!rm->output_feature_use_refcount_per_intf[sw_if_index])
1555 return vnet_feature_enable_disable ("ip4-output",
1556 "ip4-sv-reassembly-output-feature",
1557 sw_if_index, 0, 0, 0);
1558 }
1559 return 0;
1560}
Klement Sekerade34c352019-06-25 11:19:22 +00001561#endif
1562
1563/*
1564 * fd.io coding-style-patch-verification: ON
1565 *
1566 * Local Variables:
1567 * eval: (c-set-style "gnu")
1568 * End:
1569 */