Commit Graph

318 Commits

Author SHA1 Message Date
logwang 9d39026bdb ff_epoll: support edge-triggered mode.
Convert epoll EPOLLET to kqueue EV_CLEAR.
2017-12-05 17:51:02 +08:00
logwang 2aa28acdb3 Fix #114: An out of bounds of memory in netinet/libalias/alias_sctp.c.
Run with valgrind, and found this:
==2228== Invalid write of size 8
==2228==    at 0x4E05DA: AliasSctpInit (alias_sctp.c:641)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==    by 0x5277AA: handle_ipfw_msg (ff_dpdk_if.c:1146)
==2228==    by 0x52788C: handle_msg (ff_dpdk_if.c:1196)
==2228==    by 0x5289B8: process_msg_ring (ff_dpdk_if.c:1213)
==2228==  Address 0x60779b0 is 4,800 bytes inside a block of size 4,802
alloc'd
==2228==    at 0x4C2ABBD: malloc (vg_replace_malloc.c:296)
==2228==    by 0x509F15: ff_malloc (ff_host_interface.c:89)
==2228==    by 0x4053BE: malloc (ff_glue.c:1021)
==2228==    by 0x4E054E: AliasSctpInit (alias_sctp.c:632)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==

The error line is:
`la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct
sctpTimerQ));`

Since SN_TIMER_QUEUE_SIZE is defined as SN_MAX_TIMER+2, and sn_calloc is
defined as sn_malloc(x * n) if _SYS_MALLOC_H_ is defined, the size of
calloced memory will be wrong, because the macro will be expanded to
sizeof(struct sctpTimerQ)*SN_MAX_TIMER+2.

And the memory will be out of bounds here.
```
/* Initialise circular timer Q*/
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
    LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
```
2017-12-05 15:32:10 +08:00
logwang bc0ac4755a Fix bug: incorrect usage of `rte_pktmbuf_clone` when dispatching arp packets.
Since f-stack uses `rte_pktmbuf_clone` to copy mbuf to other lcores when dispatching arp packets, but it doesn't real copy the packet data. The buf_addr of pktmbuf is pointed to the same address.

The arp response packet is generated with the same mbuf from the request
packet, it just swaps the src and dst address, so the copied mbufs will also be changed.

What we need is a deep copy function, and the arp packets are really small, so deep copy will not harm performance too much.

Fix #53 #111 #112.
2017-12-01 17:25:47 +08:00
logwang ffdb15be57 Configuration: optimize the description. 2017-12-01 16:53:57 +08:00
logwang 112c74aa2e Fix #107: some invalid usages of kqueue in `ff_epoll`.
1.Both EVFILT_READ and EVFILT_WRITE are values but not flags. It needs to check whether it is equal but not to do logic and.

2.If the read direction of the socket has shutdown, then the filter also sets EV_EOF in `flags`, and returns the socket error (if any) in `fflags`.
2017-11-27 18:39:34 +08:00
logwang 3c4a58ceba Roadmap: to support IPV6. 2017-11-27 14:03:46 +08:00
logwang 564e18ab25 Merge pull request #103 from tigerjibo/master
ipfw: should init dpdk before all malloc
2017-11-21 14:57:35 +08:00
Ji Bo 5e0cf829d9 ipfw: should init dpdk before all malloc
Signed-off-by: Ji Bo <jibo@xdja.com>
2017-11-21 14:32:00 +08:00
logwang 4e73363e2c Release-1.11 tag. 2017-11-21 11:42:39 +08:00
logwang 02610d5877 Example: keep run when accept failed. 2017-11-21 11:42:09 +08:00
logwang 49e481768a Use general protocol header length in protocol filter. 2017-11-21 11:20:14 +08:00
logwang 5ac59bc49a Micro_thread: convert encoding of source files and remove chinese comments. 2017-11-20 22:39:00 +08:00
logwang 8cfa29232a Fix #100: tcp anomaly when TSO is enabled.
1.Fix the wrong ip header length and tcp header length.
2.Recalculate the pseudo header checksum and set it to tcp header.
2017-11-20 17:07:10 +08:00
logwang b1bb619a90 Nginx: fix that worker may crash when reload or recv signals. 2017-11-20 17:06:02 +08:00
whl739 127dd473af Add tool: ipfw.
ipfw -- interface for firewall, packet scheduler, NAT and so on.

It is comprised of several components: the kernel firewall filter rule processor and its integrated packet accounting facility, the logging facility, NAT, a forward facility, a bridge facility, and an ipstealth facility.
Note that the `dummynet` traffic shaper is not merged.
2017-11-14 16:44:32 +08:00
logwang 0e1bd6da1b Fix bug: dead loop when destroy a network interface. 2017-11-10 18:52:10 +08:00
logwang 3bf83dd442 Merge pull request #98 from xujiaxuan/master
Fix bug: process input packets error if packet fragment
2017-11-10 14:41:09 +08:00
Xu Jiaxuan 4b3bcd46c0 Fix bug: process input packets error if packet fragment
modified:   lib/ff_dpdk_if.c
2017-11-10 13:58:32 +08:00
logwang eb5902d97d Api: add packet dispatch callback function register.
In some cases, for example, packets are forwarded to your server through
IP tunnel, and they will be received on fixed queues, since RSS doesn't support tunnels.So we need to dispatch them again.

With this commit, we can implement a dispatcher callback function and regist
it, packets retrieved from rx queue will be dispatched again according to
the dispatcher result.
2017-11-09 21:22:13 +08:00
logwang c855fce65e Configuration: set net.link.ether.inet.maxhold(number of packets to hold per ARP entry) to 5.
Since maxhold's default value is 1, it may not be enough for some
applicatins, so increase it to the value of
net.link.ether.inet.maxtries(ARP resolution attempts before returning
error).
2017-11-08 17:49:51 +08:00
logwang 555c848918 Ngctl: support interactive mode. 2017-11-01 18:53:07 +08:00
logwang 3b2bd0f641 Add tool: ngctl.
ngctl -- netgraph control utility.
The ngctl utility creates a new netgraph node of type socket which can be used to issue netgraph commands.
2017-11-01 17:38:22 +08:00
logwang bffb72754c Misc: make example in travis-ci and fix return value of `ff_connect`. 2017-10-31 11:08:04 +08:00
logwang a416aa0841 FreeBSD misc: add a macro to turn on NETGRAPH option and return error when call sleep 2017-10-27 18:08:44 +08:00
logwang c36e692a8e Use `KMOD_SRCS` to pass extra kernel module sourcs.
For example, if you have an extra FreeBSD kernel module, and want to
compile it into F-Stack, you can do it like this:
```
cd f-stack/lib
export "KMOD_SRCS=/your/kmod/path/a.c /your/kmod/path/b.c"
export "CONF_CFLAGS=-I/your/kmod/path"
make
```
2017-10-25 15:26:01 +08:00
logwang 20a9422e03 Fix bug: undefined refrence to `fueword`. 2017-10-25 15:16:28 +08:00
logwang a1fd9364a9 FreeBSD: add module netgraph. 2017-10-25 14:38:15 +08:00
logwang 20be49f608 Nginx: hijack `read` and `write`.
Since libssl calls `read` and `write` when SSL handshake, we must
hijack these two functions, so that the network IO can pass through
f-stack.
2017-09-26 17:00:20 +08:00
logwang b7d857a29d Merge pull request #80 from yuyang0/master
Fix #79: less arp ring.
2017-09-25 12:13:48 +08:00
YuYang 257bb980b4 less arp ring 2017-09-25 12:05:30 +08:00
logwang 1c388a5257 Update f-stack.conf of nginx.
Close #81.
2017-09-25 12:03:26 +08:00
logwang 85aab0a645 Optimize tx. 2017-09-22 17:35:50 +08:00
logwang 28b0198a41 Merge branch 'master' of https://github.com/F-Stack/f-stack 2017-09-21 15:06:12 +08:00
logwang 8755b2de54 Fix bug: freebsd sysctl config not work. 2017-09-21 15:03:05 +08:00
logwang 6dbdb4c147 Fix buf: freebsd sysctl config not work. 2017-09-21 14:57:01 +08:00
logwang 3b14d13555 Merge pull request #78 from yuyang0/multiple-nic
Multiple nic enhancement.
2017-09-21 13:55:17 +08:00
YuYang 80a6164c5c multiple NIC support
In current implementation, cores and ports are one to one mapped, this
PR allowed user to specify the core list used to handle single port. for
example cores 1,2,3 handle port 0 and cores 4,5,6 handle port 1.

- Add `port_list` config to dpdk section (used to specify the enabled port list)

- Add `lcore_list` config to port section(used to specify the core list mapped to that port)

- Delete `nb_ports` config in dpdk section

- Delete `port_mask` config in dpdk section
2017-09-21 12:33:25 +08:00
logwang 1a527102bc Example: exit when ff_api failed 2017-09-14 18:57:37 +08:00
logwang 8cf1d457cb Optimize makefile 2017-09-14 15:25:07 +08:00
logwang e81d492e9b travis-ci: make tools 2017-09-11 11:07:09 +08:00
logwang d181a8f5a3 Update docs 2017-09-11 11:04:19 +08:00
logwang 0f726c99c2 enable travis ci from yuyang0 2017-09-11 11:02:26 +08:00
logwang 1cd6edf41e Fix endless loop when connect to a peer if all ports are completely used. 2017-09-11 11:01:18 +08:00
Andy 85eb2ae96a 🐛 tools should init dpdk before all malloc for the same 'virtual memory address' 2017-09-07 14:27:27 -04:00
logwang 47da7658f2 Merge pull request #72 from yuyang0/cflags
use CONF_CFLAGS to pass extra CFLAGS
2017-09-06 13:40:28 +08:00
logwang 0fafa38d7e Merge pull request #71 from yuyang0/bc
notify user to install bc
2017-09-06 12:18:08 +08:00
YuYang 34b2fad45f use CONF_CFLAGS to pass extra CLFAGS 2017-09-06 10:26:12 +08:00
YuYang 06399ef331 notify user to install bc 2017-09-06 10:25:12 +08:00
logwang 63fb3d1fbf Fix nginx coredump on virtio vm and support kni.
1.close #67.
2.replace ff_primary process to primary worker process(the first one to
start and the last one to exit).
3.it's not graceful to reload.
2017-09-05 20:24:51 +08:00
logwang 1f5381c9ea Fix compiling errors of tools. 2017-09-05 14:30:42 +08:00