Commit Graph

1041 Commits

Author SHA1 Message Date
chenwei 70bb2888cb Nginx: support kernel network stack, so we can do what fstack can't do,
e.g. unix socket, ipc (with APP on kernel network stack), packet from kernel network stack.
1. Add a new directive kernel_network_stack :
    Syntax: 	kernel_network_stack on | off;
    Default: 	kernel_network_stack off;
   Context: 	http, server
  This directive is available only when NGX_HAVE_FF_STACK is defined.
  Determines whether server should run on kernel network stack or fstack.
2. Use a simpler and  more effective solution to discriminate fstack fd(file descriptor, only socket for now) from kernel fd.
2017-12-08 18:32:08 +08:00
chenwei 3ce9eefdd7 Nginx: support kernel network stack, so we can do what fstack can't do,
e.g. unix socket, ipc (with APP on kernel network stack), packet from kernel network stack.
1. Add a new directive kernel_network_stack :
    Syntax: 	kernel_network_stack on | off;
    Default: 	kernel_network_stack off;
   Context: 	http, server
  This directive is available only when NGX_HAVE_FF_STACK is defined.
  Determines whether server should run on kernel network stack or fstack.
2. Use a simpler and  more effective solution to discriminate fstack fd(file descriptor, only socket for now) from kernel fd.
2017-12-08 18:32:08 +08:00
chenwei 7138141b32 Merge pull request #1 from F-Stack/master
update to data
2017-12-07 21:08:20 +08:00
chenwei 1b895bd9c2
Merge pull request #1 from F-Stack/master
update to data
2017-12-07 21:08:20 +08:00
logwang b226a4cf7e ff_epoll: rewrite `ff_epoll_ctl`. 2017-12-07 12:24:49 +08:00
logwang 4ca4a48737 ff_epoll: rewrite `ff_epoll_ctl`. 2017-12-07 12:24:49 +08:00
logwang 9d39026bdb ff_epoll: support edge-triggered mode.
Convert epoll EPOLLET to kqueue EV_CLEAR.
2017-12-05 17:51:02 +08:00
logwang 794317ab37 ff_epoll: support edge-triggered mode.
Convert epoll EPOLLET to kqueue EV_CLEAR.
2017-12-05 17:51:02 +08:00
logwang 2aa28acdb3 Fix #114: An out of bounds of memory in netinet/libalias/alias_sctp.c.
Run with valgrind, and found this:
==2228== Invalid write of size 8
==2228==    at 0x4E05DA: AliasSctpInit (alias_sctp.c:641)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==    by 0x5277AA: handle_ipfw_msg (ff_dpdk_if.c:1146)
==2228==    by 0x52788C: handle_msg (ff_dpdk_if.c:1196)
==2228==    by 0x5289B8: process_msg_ring (ff_dpdk_if.c:1213)
==2228==  Address 0x60779b0 is 4,800 bytes inside a block of size 4,802
alloc'd
==2228==    at 0x4C2ABBD: malloc (vg_replace_malloc.c:296)
==2228==    by 0x509F15: ff_malloc (ff_host_interface.c:89)
==2228==    by 0x4053BE: malloc (ff_glue.c:1021)
==2228==    by 0x4E054E: AliasSctpInit (alias_sctp.c:632)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==

The error line is:
`la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct
sctpTimerQ));`

Since SN_TIMER_QUEUE_SIZE is defined as SN_MAX_TIMER+2, and sn_calloc is
defined as sn_malloc(x * n) if _SYS_MALLOC_H_ is defined, the size of
calloced memory will be wrong, because the macro will be expanded to
sizeof(struct sctpTimerQ)*SN_MAX_TIMER+2.

And the memory will be out of bounds here.
```
/* Initialise circular timer Q*/
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
    LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
```
2017-12-05 15:32:10 +08:00
logwang 7f92df961d Fix #114: An out of bounds of memory in netinet/libalias/alias_sctp.c.
Run with valgrind, and found this:
==2228== Invalid write of size 8
==2228==    at 0x4E05DA: AliasSctpInit (alias_sctp.c:641)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==    by 0x5277AA: handle_ipfw_msg (ff_dpdk_if.c:1146)
==2228==    by 0x52788C: handle_msg (ff_dpdk_if.c:1196)
==2228==    by 0x5289B8: process_msg_ring (ff_dpdk_if.c:1213)
==2228==  Address 0x60779b0 is 4,800 bytes inside a block of size 4,802
alloc'd
==2228==    at 0x4C2ABBD: malloc (vg_replace_malloc.c:296)
==2228==    by 0x509F15: ff_malloc (ff_host_interface.c:89)
==2228==    by 0x4053BE: malloc (ff_glue.c:1021)
==2228==    by 0x4E054E: AliasSctpInit (alias_sctp.c:632)
==2228==    by 0x4DE565: LibAliasInit (alias_db.c:2503)
==2228==    by 0x4E9B3B: nat44_config (ip_fw_nat.c:505)
==2228==    by 0x4E9E91: nat44_cfg (ip_fw_nat.c:599)
==2228==    by 0x4F1719: ipfw_ctl3 (ip_fw_sockopt.c:3666)
==2228==    by 0x4B9954: rip_ctloutput (raw_ip.c:659)
==2228==    by 0x447E11: sosetopt (uipc_socket.c:2505)
==2228==    by 0x44BF4D: kern_setsockopt (uipc_syscalls.c:1407)
==2228==    by 0x409F08: ff_setsockopt (ff_syscall_wrapper.c:412)
==2228==

The error line is:
`la->sctpNatTimer.TimerQ = sn_calloc(SN_TIMER_QUEUE_SIZE, sizeof(struct
sctpTimerQ));`

Since SN_TIMER_QUEUE_SIZE is defined as SN_MAX_TIMER+2, and sn_calloc is
defined as sn_malloc(x * n) if _SYS_MALLOC_H_ is defined, the size of
calloced memory will be wrong, because the macro will be expanded to
sizeof(struct sctpTimerQ)*SN_MAX_TIMER+2.

And the memory will be out of bounds here.
```
/* Initialise circular timer Q*/
for (i = 0; i < SN_TIMER_QUEUE_SIZE; i++)
    LIST_INIT(&la->sctpNatTimer.TimerQ[i]);
```
2017-12-05 15:32:10 +08:00
logwang bc0ac4755a Fix bug: incorrect usage of `rte_pktmbuf_clone` when dispatching arp packets.
Since f-stack uses `rte_pktmbuf_clone` to copy mbuf to other lcores when dispatching arp packets, but it doesn't real copy the packet data. The buf_addr of pktmbuf is pointed to the same address.

The arp response packet is generated with the same mbuf from the request
packet, it just swaps the src and dst address, so the copied mbufs will also be changed.

What we need is a deep copy function, and the arp packets are really small, so deep copy will not harm performance too much.

Fix #53 #111 #112.
2017-12-01 17:25:47 +08:00
logwang 48b700b73c Fix bug: incorrect usage of `rte_pktmbuf_clone` when dispatching arp packets.
Since f-stack uses `rte_pktmbuf_clone` to copy mbuf to other lcores when dispatching arp packets, but it doesn't real copy the packet data. The buf_addr of pktmbuf is pointed to the same address.

The arp response packet is generated with the same mbuf from the request
packet, it just swaps the src and dst address, so the copied mbufs will also be changed.

What we need is a deep copy function, and the arp packets are really small, so deep copy will not harm performance too much.

Fix #53 #111 #112.
2017-12-01 17:25:47 +08:00
logwang ffdb15be57 Configuration: optimize the description. 2017-12-01 16:53:57 +08:00
logwang aa3f528959 Configuration: optimize the description. 2017-12-01 16:53:57 +08:00
logwang 112c74aa2e Fix #107: some invalid usages of kqueue in `ff_epoll`.
1.Both EVFILT_READ and EVFILT_WRITE are values but not flags. It needs to check whether it is equal but not to do logic and.

2.If the read direction of the socket has shutdown, then the filter also sets EV_EOF in `flags`, and returns the socket error (if any) in `fflags`.
2017-11-27 18:39:34 +08:00
logwang 8c317b2231 Fix #107: some invalid usages of kqueue in `ff_epoll`.
1.Both EVFILT_READ and EVFILT_WRITE are values but not flags. It needs to check whether it is equal but not to do logic and.

2.If the read direction of the socket has shutdown, then the filter also sets EV_EOF in `flags`, and returns the socket error (if any) in `fflags`.
2017-11-27 18:39:34 +08:00
logwang 3c4a58ceba Roadmap: to support IPV6. 2017-11-27 14:03:46 +08:00
logwang e76966dcf1 Roadmap: to support IPV6. 2017-11-27 14:03:46 +08:00
logwang 564e18ab25 Merge pull request #103 from tigerjibo/master
ipfw: should init dpdk before all malloc
2017-11-21 14:57:35 +08:00
logwang c598cee34c
Merge pull request #103 from tigerjibo/master
ipfw: should init dpdk before all malloc
2017-11-21 14:57:35 +08:00
Ji Bo 5e0cf829d9 ipfw: should init dpdk before all malloc
Signed-off-by: Ji Bo <jibo@xdja.com>
2017-11-21 14:32:00 +08:00
Ji Bo 896dcc2b9a ipfw: should init dpdk before all malloc
Signed-off-by: Ji Bo <jibo@xdja.com>
2017-11-21 14:32:00 +08:00
logwang 4e73363e2c Release-1.11 tag. 2017-11-21 11:42:39 +08:00
logwang 595de2db4b Release-1.11 tag. 2017-11-21 11:42:39 +08:00
logwang 02610d5877 Example: keep run when accept failed. 2017-11-21 11:42:09 +08:00
logwang c7fe235229 Example: keep run when accept failed. 2017-11-21 11:42:09 +08:00
logwang 49e481768a Use general protocol header length in protocol filter. 2017-11-21 11:20:14 +08:00
logwang f17ba62bb6 Use general protocol header length in protocol filter. 2017-11-21 11:20:14 +08:00
logwang 5ac59bc49a Micro_thread: convert encoding of source files and remove chinese comments. 2017-11-20 22:39:00 +08:00
logwang 35a813994b Micro_thread: convert encoding of source files and remove chinese comments. 2017-11-20 22:39:00 +08:00
logwang 8cfa29232a Fix #100: tcp anomaly when TSO is enabled.
1.Fix the wrong ip header length and tcp header length.
2.Recalculate the pseudo header checksum and set it to tcp header.
2017-11-20 17:07:10 +08:00
logwang ef39c58b67 Fix #100: tcp anomaly when TSO is enabled.
1.Fix the wrong ip header length and tcp header length.
2.Recalculate the pseudo header checksum and set it to tcp header.
2017-11-20 17:07:10 +08:00
logwang b1bb619a90 Nginx: fix that worker may crash when reload or recv signals. 2017-11-20 17:06:02 +08:00
logwang ee61971c95 Nginx: fix that worker may crash when reload or recv signals. 2017-11-20 17:06:02 +08:00
whl739 127dd473af Add tool: ipfw.
ipfw -- interface for firewall, packet scheduler, NAT and so on.

It is comprised of several components: the kernel firewall filter rule processor and its integrated packet accounting facility, the logging facility, NAT, a forward facility, a bridge facility, and an ipstealth facility.
Note that the `dummynet` traffic shaper is not merged.
2017-11-14 16:44:32 +08:00
whl739 b37139ca32 Add tool: ipfw.
ipfw -- interface for firewall, packet scheduler, NAT and so on.

It is comprised of several components: the kernel firewall filter rule processor and its integrated packet accounting facility, the logging facility, NAT, a forward facility, a bridge facility, and an ipstealth facility.
Note that the `dummynet` traffic shaper is not merged.
2017-11-14 16:44:32 +08:00
logwang 0e1bd6da1b Fix bug: dead loop when destroy a network interface. 2017-11-10 18:52:10 +08:00
logwang 0b8e61ab4d Fix bug: dead loop when destroy a network interface. 2017-11-10 18:52:10 +08:00
logwang 3bf83dd442 Merge pull request #98 from xujiaxuan/master
Fix bug: process input packets error if packet fragment
2017-11-10 14:41:09 +08:00
logwang 8966cc7c16
Merge pull request #98 from xujiaxuan/master
Fix bug: process input packets error if packet fragment
2017-11-10 14:41:09 +08:00
Xu Jiaxuan 4b3bcd46c0 Fix bug: process input packets error if packet fragment
modified:   lib/ff_dpdk_if.c
2017-11-10 13:58:32 +08:00
logwang eb5902d97d Api: add packet dispatch callback function register.
In some cases, for example, packets are forwarded to your server through
IP tunnel, and they will be received on fixed queues, since RSS doesn't support tunnels.So we need to dispatch them again.

With this commit, we can implement a dispatcher callback function and regist
it, packets retrieved from rx queue will be dispatched again according to
the dispatcher result.
2017-11-09 21:22:13 +08:00
logwang c855fce65e Configuration: set net.link.ether.inet.maxhold(number of packets to hold per ARP entry) to 5.
Since maxhold's default value is 1, it may not be enough for some
applicatins, so increase it to the value of
net.link.ether.inet.maxtries(ARP resolution attempts before returning
error).
2017-11-08 17:49:51 +08:00
logwang 555c848918 Ngctl: support interactive mode. 2017-11-01 18:53:07 +08:00
logwang 3b2bd0f641 Add tool: ngctl.
ngctl -- netgraph control utility.
The ngctl utility creates a new netgraph node of type socket which can be used to issue netgraph commands.
2017-11-01 17:38:22 +08:00
logwang bffb72754c Misc: make example in travis-ci and fix return value of `ff_connect`. 2017-10-31 11:08:04 +08:00
logwang a416aa0841 FreeBSD misc: add a macro to turn on NETGRAPH option and return error when call sleep 2017-10-27 18:08:44 +08:00
logwang c36e692a8e Use `KMOD_SRCS` to pass extra kernel module sourcs.
For example, if you have an extra FreeBSD kernel module, and want to
compile it into F-Stack, you can do it like this:
```
cd f-stack/lib
export "KMOD_SRCS=/your/kmod/path/a.c /your/kmod/path/b.c"
export "CONF_CFLAGS=-I/your/kmod/path"
make
```
2017-10-25 15:26:01 +08:00
logwang 20a9422e03 Fix bug: undefined refrence to `fueword`. 2017-10-25 15:16:28 +08:00
logwang a1fd9364a9 FreeBSD: add module netgraph. 2017-10-25 14:38:15 +08:00