summaryrefslogtreecommitdiff
path: root/src/ipcpd/eth
Commit message (Collapse)AuthorAgeFilesLines
* lib: Refactor reading packet from rbuffDimitri Staessens2022-03-301-2/+2
| | | | | | | | | | | | Reading packets from the rbuff and checking their validity (non-zero size, pass crc check, pass decryption) is now extracted into a function. Also adds a function to get the length of an sdu_du_buff instead of subtracting the tail and head pointers. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix memcpy with NULL in piggyback APIDimitri Staessens2022-03-081-2/+4
| | | | | | | | If there is no piggyback data, memcpy was passed a NULL pointer in memcpy(buf, NULL, 0) calls, which is undefined behaviour. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipdpd: Pass MPL to application at flow_allocationDimitri Staessens2022-03-082-4/+8
| | | | | | | | | | | | The maximum packet lifetime (MPL) is a property of the flow that needs to be passed to the reliable transmission protocol (FRCP) for its correct operation. Previously, the value of MPL was set fixed as one of the (fixed) Delta-t parameters. This patch makes the MPL a property of the layer, and it can now be set per layer-type at build time. This is a step towards a proper MPL estimator in the flow allocator. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib: Make flow liveness timeout configurableDimitri Staessens2022-03-031-0/+3
| | | | | | | | | The qosspec_t now has a timeout value that sets the timeout value of the flow. Flows with a peer that has timed out will now return -EFLOWPEER on flow_read() or flow_write(). Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix potential double unlock in ethDimitri Staessens2022-02-211-23/+15
| | | | | | | | | When handling management frames, there was a cancellation point after the unlock, which would cause the cleanup handler to attempt a double unlock if the thread was cancelled at that point. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib, ipcpd, irmd: Wrap pthread unlocks for cleanupDimitri Staessens2021-06-231-10/+3
| | | | | | | | | | | | This add an ouroboros/pthread.h header that wraps the pthread_..._unlock() functions for cleanup using pthread_cleanup_push() as this casting is not safe (and there were definitely bad casts in the code). The close() function is now also wrapped for cleanup in ouroboros/sockets.h. This allows enabling more compiler checks. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Move RIB initialization to common groundDimitri Staessens2021-06-211-1/+8
| | | | | | | | | | | | | | This moves Resource Information Base (RIB) initialization into the ipcp_init() function, so all IPCPs initialize a RIB. The RIB not shows some common IPCP information, such as the IPCP name, IPCP state and the layer name if the IPCP is part of a layer. The initialization of the hash algorithm and layer name was moved out of the common ipcp source because IPCPs may only know this information after enrollment. Some IPCPs were not even storing this information. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Update email addressesDimitri Staessens2021-01-033-6/+6
| | | | | | | | The ugent email addresses are shut down, updated to Ouroboros mail addresses. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Update copyright to 2021Dimitri Staessens2021-01-033-3/+3
| | | | | | | Happy New Year, Ouroboros! Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Improve locking np1_flow_set in eth and udpDimitri Staessens2020-09-261-2/+2
| | | | | | | A flow_set is thread-safe and doesn't need to be protected by a lock. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Add support for GCC 100.17.5Dimitri Staessens2020-05-231-0/+2
| | | | | | | | | GCC 10 defaults to -fno-common, so some variables that were defined in the headers needed to be declared "extern". The GCC 10 static analyzer can now be invoked using the DebugAnalyzer build option. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib, ipcpd: piggyback ECDHE on flow allocationDimitri Staessens2020-02-251-30/+63
| | | | | | | | | | | The initial implementation for the ECDHE key exchange was doing the key exchange after a flow was established. The public keys are now sent allowg on the flow allocation messages, so that an encrypted tunnel can be created within 1 RTT. The flow allocation steps had to be extended to pass the opaque data ('piggybacking'). Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix bad newline in eth.cDimitri Staessens2020-02-161-2/+2
| | | | | Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Filter fqueue events in packet handlersDimitri Staessens2020-01-251-0/+3
| | | | | | | | | | The eth, udp and local IPCPs were not filtering out the event types from the flow, causing some reads when there are no packets in the queue. The types are now also organized as flags so they can be filtered more quickly if needed. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Update copyright to 20200.16.0Dimitri Staessens2020-01-023-3/+3
| | | | | Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix length mismatch of encryption cypherDimitri Staessens2019-08-091-1/+1
| | | | | | | | The cypher_s field in QoS was sometimes 32 and sometimes 16 bits. This is now corrected to be 16 bits. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* lib: Add per-message encryption with OpenSSLDimitri Staessens2019-08-031-0/+3
| | | | | | | | | | | | | | | | | | | This adds a per-message symmetric encryption using the OpenSSL library. At flow allocation, an Elliptic Curve Diffie-Hellman exchange is performed to derive a shared secret, which is then hashed using SHA3-256 to be used as a key for symmetric AES-256 encryption. Each message on an encrypted flow adds a small crypto header that includes a random 128-bit Initialization Vector (IV). If the server does not have OpenSSL enabled, the flow allocation will fail with an -ECRYPT error. Future optimizations are to piggyback the public keys on the flow allocation message, and to enable per-flow encryption that maintains the context of the encryption over multiple packets and doesn't require sending IVs. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Set specific compiler flags for SWIG target0.15.2Dimitri Staessens2019-03-211-1/+4
| | | | | | | | | | The compiler flags for the SWIG target were added to the global CMAKE_C_FLAGS used for the entire project. This sets the flags uniquely for the SWIG target. The eth has a similar case for the c99 flag. There was a lingering include in dev.c that was removed. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Restrict MTU for Ethernet over loopbackDimitri Staessens2019-03-212-0/+7
| | | | | | | | | | | This restricts the MTU for the Ethernet IPCP over loopback adapters (devices named "lo*") to avoid it allocating 65K buffers per packet and quickly filling the default RDRBUFF space. The restriction is set using the build option IPCP_ETH_LO_MTU, with a default value of 1500 bytes. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Set default number of threads in eth to 1Dimitri Staessens2019-03-051-2/+2
| | | | | | | | | This makes the eth packet handler single-threaded by default, at least until stability issues that seem to be related to multi-threading are fixed. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Refactor create_r and flow_req_arrDimitri Staessens2019-03-041-3/+3
| | | | | | | | | | | The API calls for the IPCP to inform the IRMd of IPCP creation and incoming flow request had the pid_t in the call. This pid_t is removed and the getpid() call is now placed inside the function. Also refactors the cleanup for the main() functions of some of the lower IPCPs. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* build: Update copyright to 2019Dimitri Staessens2019-02-053-3/+3
| | | | | | | Updates the copyright notice in all sources to 2019. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* include: Add a flow_join operation for broadcastDimitri Staessens2018-12-271-0/+1
| | | | | | | | | | | | This adds a new flow_join operaiton for broadcast, which is a much safer solution than overloading destination name semantics. The internal API now also has a different IPCP_FLOW_JOIN operation. The IRMd doesn't need to query broadcasts IPCPs for the name, it can just check if an IPCP with the layer name exists. The broadcast IPCP doesn't need to implement the query proxy call anymore. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Wait for buffer when writing to Eth deviceDimitri Staessens2018-12-081-1/+13
| | | | | | | | This will cause the Ethernet IPCP to wait for a free buffer when using raw sockets to avoid packet drops when the network is congested. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Make Qdisc bypass configurableSander Vrijders2018-10-122-0/+6
| | | | | | | | This will make bypassing the qdisc configurable, as it might be handy for getting fast data rates but is generally needed. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* ipcpd: Fix SEGV in eth IPCPDimitri Staessens2018-10-101-1/+6
| | | | | | | | The memcpy of the device name was copying a fixed set of bytes (IFNAMSIZ), but the string conf->dev is usually shorter. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd, lib, irmd, tools: Change SDU to packetSander Vrijders2018-10-051-23/+23
| | | | | | | | This will change SDU (Service Data Unit) to packet everywhere. SDU is OSI terminology, whereas packet is Ouroboros terminology. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* lib: Pass qosspec at flow allocationDimitri Staessens2018-10-051-14/+37
| | | | | | | | | | | | The flow allocator now passes the full qos specification to the endpoint, instead of just a cube. This is a more flexible architecture, as it makes QoS cubes internal to the layers. Adds endianness transforms for the flow allocator protocol in the normal IPCP. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Use non-blocking socket in Ethernet IPCPSander Vrijders2018-10-031-3/+17
| | | | | | | | | | Since the Ethernet IPCP now has multiple reader threads it was possible that both exit the select call, which caused one of the two threads to block on the recv call. This makes the socket non-blocking so that the recv call simply fails. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* build: Prioritize raw socket API in buildSander Vrijders2018-10-031-15/+18
| | | | | | | | This will change the build to exclusively select one raw socket API in case multiple are present in the sytem, which will simplify the code. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* ipcpd: Bypass Qdisc in Ethernet IPCPSander Vrijders2018-10-031-0/+8
| | | | | | | | Since Linux kernel 3.14 there is the option to bypass the kernel Qdisc. This will speed up the Ethernet IPCP. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* ipcpd: Fix build for netmap enabled Ethernet IPCPSander Vrijders2018-10-032-7/+9
| | | | | | | | | There were some compilation issues introduced by adding the interface monitor to the Ethernet IPCP. Furthermore it was not possible to select between raw sockets or netmap if both were available. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* ipcpd: Fix bad lock in Ethernet IPCPSander Vrijders2018-10-031-1/+1
| | | | | | | | An unlock was called twice instead of a lock/unlock sequence, causing a data race. Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* ipcpd: Add multithreading to Ethernet IPCPDimitri Staessens2018-10-032-31/+61
| | | | | | | | | This adds multiple reader and writer threads, configurabe via cmake with IPCP_ETH_RD_THR and IPCP_ETH_WR_THR. Improves ethernet IPCP throughput, which looks to be limited by the raw socket calls. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Remove double close in Ethernet IPCPSander Vrijders2018-09-271-2/+1
| | | | | | | | | There was a double close of a fd in the Ethernet IPCP. It also passes the correct max length to a memcpy (a strlen of the source string was used previously). Signed-off-by: Sander Vrijders <[email protected]> Signed-off-by: Dimitri Staessens <[email protected]>
* include: Remove _DEFAULT_SOURCE in endian.hDimitri Staessens2018-09-271-0/+2
| | | | | | | | This removes the _DEFAULT_SOURCE definition in the endian header as it should not be there. This avoids double and conflicting definitions. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* Merge branch 'testing' into beSander Vrijders2018-06-131-22/+28
|\
| * ipcpd: Get mtu using ioctl before hw addressDimitri Staessens2018-06-131-6/+6
| | | | | | | | | | | | | | | | | | The SIOCGIFMTU command uses the ifr struct, which is a union, so it can't store the hw address and the MTU at the same time. We now call SIOCGIFMTU and set the MTU before SIOCGIFHWADDR. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
| * ipcpd: Fix MTU handling in ethDimitri Staessens2018-06-131-16/+22
| | | | | | | | | | | | | | | | This fixes the MTU handling in eth. Buffers are now allocated to smaller size. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* | Merge branch 'testing' into beSander Vrijders2018-06-081-1/+12
|\|
| * ipcpd: Limit eth MTU to rdrb in single-block modeDimitri Staessens2018-06-081-1/+12
| | | | | | | | | | | | | | | | | | When the SHM is in single block mode, the MTU may be bigger than a block. The eth IPCPs reserved buffers the size of MTU, which is now limited. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* | lib: Add a data qos cubeDimitri Staessens2018-06-081-1/+1
|/ | | | | | | | This adds a data qos cube that is reliable. Reliable qos can be selected by setting the loss parameter of the qosspec to 0. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Support raw qos in eth and udp IPCPsDimitri Staessens2018-06-081-1/+1
| | | | | | | | Flow allocation for raw was not yet supported in these IPCPS, causing enrollment to fail. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix setting MTU for eth-llcDimitri Staessens2018-05-081-3/+12
| | | | | | | | The MTU was not correctly set for the eth-llc ipcp. This also fixes a missing definition of ETH_MAX_MTU, which was introduced in kernel v4.10. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Use correct MTU for eth-dixDimitri Staessens2018-05-071-4/+24
| | | | | | | | The eth-dix IPCP was using a hardcoded MTU of 1500 bytes, but could support higher MTUs. Now jumbo frames are supported. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Fix truncate of small packetsDimitri Staessens2018-04-051-1/+1
| | | | | | | | The truncate was setting the length to the frame length, instead of the actual payload length to be delivered to the N+1. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Add ethertype checkDimitri Staessens2018-04-051-1/+7
| | | | | | | | An ethertype check was missing for the DIX ethernet IPCP, causing crashes if there is other traffic on the network. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Avoid unnecessary copy in eth writerDimitri Staessens2018-04-051-25/+45
| | | | | | | | | This writes into the Ethernet device directly from the rdrbuff to avoid a copy on the write side in the Ethernet IPCPs. This does not work for the netmap device. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Avoid unnecessary copy in eth readerDimitri Staessens2018-04-051-31/+70
| | | | | | | | | This reads from the Ethernet device directly into the rdrbuff to avoid a copy on the read side in the Ethernet IPCPs. This does not work for the netmap device. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>
* ipcpd: Enable locking threads to a CPU coreDimitri Staessens2018-04-051-0/+4
| | | | | | | | | This adds a function that locks a thread to a random core. This greatly improves performance on multi-cpu systems. There is no portable way to do this, this only implements it for GNU/Linux. Signed-off-by: Dimitri Staessens <[email protected]> Signed-off-by: Sander Vrijders <[email protected]>