From f87a2bc5199104d87ccc48dcc2b0e18d345a9bb4 Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Fri, 10 Feb 2017 23:40:34 +0100 Subject: ipcpd: Silent shutdown of normal The acceptor will not log disconnects with IRMd. Unexpected disconnects will be reported and handled by management components. --- src/ipcpd/normal/main.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/ipcpd/normal') diff --git a/src/ipcpd/normal/main.c b/src/ipcpd/normal/main.c index 81912614..11ec0938 100644 --- a/src/ipcpd/normal/main.c +++ b/src/ipcpd/normal/main.c @@ -30,6 +30,7 @@ #include #include #include +#include #include "addr_auth.h" #include "ae.h" @@ -45,7 +46,6 @@ #include #include #include -#include #include #include @@ -108,7 +108,8 @@ static void * flow_acceptor(void * o) fd = flow_accept(&ae_name, &qs); if (fd < 0) { - log_warn("Flow accept failed."); + if (fd != -EIRMD) + log_warn("Flow accept failed: %d", fd); continue; } -- cgit v1.2.3 From f0ef4bdbf66ed12e52ff33da90d79af0cbc00436 Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Sat, 11 Feb 2017 00:00:38 +0100 Subject: ipcpd: Compare timestamp upon enrollment The enrollment procedure will ask for a timestamp of the IPCP it is enrolling with. It will (taking into account the RTT of the request) issue a warning if the offset is larger than RIB_WARN_TIME_OFFSET ms. --- include/ouroboros/config.h.in | 10 ++++---- src/ipcpd/normal/enroll.c | 53 ++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 56 insertions(+), 7 deletions(-) (limited to 'src/ipcpd/normal') diff --git a/include/ouroboros/config.h.in b/include/ouroboros/config.h.in index b95fe927..c1b6bd02 100644 --- a/include/ouroboros/config.h.in +++ b/include/ouroboros/config.h.in @@ -50,11 +50,9 @@ #define IRMD_THREADPOOL_SIZE 16 #define IPCPD_THREADPOOL_SIZE 3 #define IPCPD_MAX_CONNS IRMD_MAX_FLOWS -#define LOG_DIR "/@LOG_DIR@/" #define PTHREAD_COND_CLOCK CLOCK_MONOTONIC #define PFT_SIZE 1 << 12 /* Timeout values */ -#define SHM_DU_TIMEOUT_MICROS 15000 #define IRMD_ACCEPT_TIMEOUT 100 #define IRMD_FLOW_TIMEOUT 5000 #define IPCP_ACCEPT_TIMEOUT 100 @@ -63,9 +61,9 @@ #define ENROLL_TIMEOUT 2000 /* RIB configuration for normal */ #define RIB_MAX_PATH_LEN 256 -#define BOOT_NAME "boot" -#define MEMBERS_NAME "members" -#define DIF_NAME "dif_name" -#define DIR_NAME "directory" +#define BOOT_NAME "boot" +#define MEMBERS_NAME "members" +#define DIF_NAME "dif_name" +#define DIR_NAME "directory" #endif /* OUROBOROS_CONFIG */ diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c index 16bfc592..cea33bf2 100644 --- a/src/ipcpd/normal/enroll.c +++ b/src/ipcpd/normal/enroll.c @@ -21,10 +21,12 @@ #define OUROBOROS_PREFIX "enrollment" #include +#include #include #include #include #include +#include #include "ae.h" @@ -32,10 +34,15 @@ #include #include +/* Symbolic, will return current time */ +#define TIME_NAME "localtime" +#define ENROLL_WARN_TIME_OFFSET 20 + #define DLR "/" #define DIF_PATH DLR DIF_NAME #define BOOT_PATH DLR BOOT_NAME #define MEMBERS_PATH DLR MEMBERS_NAME +#define TIME_PATH DLR TIME_NAME int enroll_handle(int fd) { @@ -72,7 +79,6 @@ int enroll_handle(int fd) while (!(boot_r && members_r && dif_name_r)) { key = cdap_request_wait(ci, &oc, &name, &data, (size_t *) &len , &flags); - assert(key >= 0); assert(name); @@ -96,6 +102,15 @@ int enroll_handle(int fd) members_r = true; } else if (strcmp(name, dif_ro) == 0) { dif_name_r = true; + } else if (strcmp(name, TIME_PATH) == 0) { + struct timespec t; + uint64_t buf[2]; + clock_gettime(CLOCK_REALTIME, &t); + buf[0] = htonll(t.tv_sec); + buf[1] = htonll(t.tv_nsec); + cdap_reply_send(ci, key, 0, buf, sizeof(buf)); + free(name); + continue; } else { log_warn("Illegal read: %s.", name); cdap_reply_send(ci, key, -1, NULL, 0); @@ -146,6 +161,11 @@ int enroll_boot(char * dst_name) size_t len; int fd; + struct timespec t0; + struct timespec rtt; + + ssize_t delta_t; + char * boot_ro = BOOT_PATH; char * members_ro = MEMBERS_PATH; char * dif_ro = DIF_PATH; @@ -171,6 +191,37 @@ int enroll_boot(char * dst_name) log_dbg("Getting boot information from %s.", dst_name); + clock_gettime(CLOCK_REALTIME, &t0); + + key = cdap_request_send(ci, CDAP_READ, TIME_PATH, NULL, 0, 0); + if (key < 0) { + log_err("Failed to send CDAP request."); + cdap_destroy(ci); + flow_dealloc(fd); + return -1; + } + + if (cdap_reply_wait(ci, key, &data, &len)) { + log_err("Failed to get CDAP reply."); + cdap_destroy(ci); + flow_dealloc(fd); + return -1; + } + + clock_gettime(CLOCK_REALTIME, &rtt); + + delta_t = ts_diff_ms(&t0, &rtt); + + assert (len == 2 * sizeof (uint64_t)); + + rtt.tv_sec = ntohll(((uint64_t *) data)[0]); + rtt.tv_nsec = ntohll(((uint64_t *) data)[1]); + + if (abs(ts_diff_ms(&t0, &rtt)) - delta_t > ENROLL_WARN_TIME_OFFSET) + log_warn("Clock offset above threshold."); + + free(data); + key = cdap_request_send(ci, CDAP_READ, boot_ro, NULL, 0, 0); if (key < 0) { log_err("Failed to send CDAP request."); -- cgit v1.2.3 From 2ee140ec27335ca50e813080ee0e85e4ab86af37 Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Sat, 11 Feb 2017 17:04:27 +0100 Subject: ipcpd: Prevent access to directory before init Doing a directory query before the IPCP is has bootstrapped or is enrolled will result in an assertion failure as the directory is not yet ready. This fixes flow allocation over the LLC shim (which triggers a directory query from the IRMd) with a normal IPCP present. --- src/ipcpd/normal/dir.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) (limited to 'src/ipcpd/normal') diff --git a/src/ipcpd/normal/dir.c b/src/ipcpd/normal/dir.c index d30b9ec0..703f4e79 100644 --- a/src/ipcpd/normal/dir.c +++ b/src/ipcpd/normal/dir.c @@ -31,21 +31,22 @@ #include #include +#define DIR_PATH "/" DIR_NAME + static char dir_path[RIB_MAX_PATH_LEN + 1]; static void dir_path_reset(void) { - dir_path[strlen("/" DIR_NAME)]= '\0'; - assert(strcmp("/" DIR_NAME, dir_path) == 0); + dir_path[strlen(DIR_PATH)]= '\0'; + assert(strcmp(DIR_PATH, dir_path) == 0); } int dir_init(void) { /*FIXME: set ribmgr dissemination here */ - if (rib_add(RIB_ROOT, DIR_NAME)) return -1; - strcpy(dir_path, "/" DIR_NAME); + strcpy(dir_path, DIR_PATH); return 0; } @@ -66,6 +67,9 @@ int dir_name_reg(char * name) assert(name); + if (ipcp_get_state() != IPCP_OPERATIONAL) + return -EPERM; + dir_path_reset(); ret = rib_add(dir_path, name); @@ -91,6 +95,9 @@ int dir_name_unreg(char * name) assert(name); + if (ipcp_get_state() != IPCP_OPERATIONAL) + return -EPERM; + dir_path_reset(); rib_path_append(dir_path, name); @@ -116,6 +123,9 @@ int dir_name_query(char * name) { size_t len; + if (ipcp_get_state() != IPCP_OPERATIONAL) + return -EPERM; + dir_path_reset(); rib_path_append(dir_path, name); -- cgit v1.2.3 From cf5087a8397e379d059998b27ef86a1bb68d70ff Mon Sep 17 00:00:00 2001 From: dimitri staessens Date: Sun, 12 Feb 2017 16:40:38 +0100 Subject: include: Use width in endian naming convention ntohll and ntohl have been renamed ntoh64 and ntoh32, htonll and htonl have been renamed hton64 and hton32. --- include/ouroboros/endian.h | 24 ++++++++---------------- src/ipcpd/normal/enroll.c | 8 ++++---- 2 files changed, 12 insertions(+), 20 deletions(-) (limited to 'src/ipcpd/normal') diff --git a/include/ouroboros/endian.h b/include/ouroboros/endian.h index c6b0d80a..745f0c57 100644 --- a/include/ouroboros/endian.h +++ b/include/ouroboros/endian.h @@ -132,23 +132,15 @@ static inline uint64_t bswap_64(uint64_t x) { #endif #ifdef CPU_LITTLE_ENDIAN -#define htonll(x) bswap_64(x) -#ifndef htonl -#define htonl(x) bswap_32(x) -#endif -#define ntohll(x) bswap_64(x) -#ifndef ntohl -#define ntohl(x) bswap_32(x) -#endif +#define hton64(x) bswap_64(x) +#define hton32(x) bswap_32(x) +#define ntoh64(x) bswap_64(x) +#define ntoh32(x) bswap_32(x) #else /* CPU_LITTLE_ENDIAN */ -#define htonll(x) (x) -#ifndef htonl -#define htonl(x) (x) -#endif -#define ntohll(x) (x) -#ifndef ntohl -#define nothl(x) (x) -#endif +#define hton64(x) (x) +#define hton32(x) (x) +#define ntoh64(x) (x) +#define noth32(x) (x) #endif /* CPU_LITTLE_ENDIAN */ #endif /* OUROBOROS_ENDIAN_H */ diff --git a/src/ipcpd/normal/enroll.c b/src/ipcpd/normal/enroll.c index cea33bf2..94e171c0 100644 --- a/src/ipcpd/normal/enroll.c +++ b/src/ipcpd/normal/enroll.c @@ -106,8 +106,8 @@ int enroll_handle(int fd) struct timespec t; uint64_t buf[2]; clock_gettime(CLOCK_REALTIME, &t); - buf[0] = htonll(t.tv_sec); - buf[1] = htonll(t.tv_nsec); + buf[0] = hton64(t.tv_sec); + buf[1] = hton64(t.tv_nsec); cdap_reply_send(ci, key, 0, buf, sizeof(buf)); free(name); continue; @@ -214,8 +214,8 @@ int enroll_boot(char * dst_name) assert (len == 2 * sizeof (uint64_t)); - rtt.tv_sec = ntohll(((uint64_t *) data)[0]); - rtt.tv_nsec = ntohll(((uint64_t *) data)[1]); + rtt.tv_sec = ntoh64(((uint64_t *) data)[0]); + rtt.tv_nsec = ntoh64(((uint64_t *) data)[1]); if (abs(ts_diff_ms(&t0, &rtt)) - delta_t > ENROLL_WARN_TIME_OFFSET) log_warn("Clock offset above threshold."); -- cgit v1.2.3