quic: quicly v0.1.2 update

- update quic plugin with new quicly/picotls API - remove packet allocator - remove crypto batching - update picotls plugin - add cli for quicly congestion control configuration Type: feature Change-Id: If76ef31c43b430eea2f7674539b2112aee0f351e Signed-off-by: Mathias Raoul <mathias.raoul@gmail.com>
2021-01-19 14:02:34 +00:00
parent 06f328129a
commit 2e4523816c
9 changed files with 450 additions and 618 deletions
@@ -1,4 +1,4 @@
-# Copyright (c) 2019 Cisco and/or its affiliates.
+# Copyright (c) 2021 Cisco and/or its affiliates.
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
@@ -11,9 +11,9 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-quicly_version := 0.1.0-vpp
+quicly_version := 0.1.2-vpp
 quicly_tarball := quicly_$(quicly_version).tar.gz
-quicly_tarball_md5sum := 223f62c4dda7cbb1d907956cafcfd3f0
+quicly_tarball_md5sum := 5b184b1733ba027843ab6605d931f752
 quicly_tarball_strip_dirs := 1
 quicly_url := https://github.com/vpp-quic/quicly/releases/download/v$(quicly_version)/quicly_$(quicly_version).tar.gz

@@ -0,0 +1,60 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index f5478d3..156df4c 100644
+--- a/CMakeLists.txt
+++ b/CMakeLists.txt
+@@ -65,6 +65,8 @@ IF (WITH_DTRACE)
+     ENDIF ()
+ ENDIF ()
+
+SET(CMAKE_POSITION_INDEPENDENT_CODE ON)
+
+ ADD_LIBRARY(quicly ${QUICLY_LIBRARY_FILES})
+
+ ADD_CUSTOM_COMMAND(
+@@ -84,6 +86,16 @@ TARGET_LINK_LIBRARIES(examples-echo quicly ${OPENSSL_LIBRARIES} ${CMAKE_DL_LIBS}
+
+ ADD_EXECUTABLE(udpfw t/udpfw.c)
+
+INSTALL (
+    DIRECTORY ${CMAKE_SOURCE_DIR}/include/
+    DESTINATION include
+    FILES_MATCHING PATTERN "*.h")
+
+INSTALL(TARGETS quicly
+        RUNTIME DESTINATION bin
+        LIBRARY DESTINATION lib
+        ARCHIVE DESTINATION lib)
+
+ ADD_CUSTOM_TARGET(check env BINARY_DIR=${CMAKE_CURRENT_BINARY_DIR} WITH_DTRACE=${WITH_DTRACE} prove --exec "sh -c" -v ${CMAKE_CURRENT_BINARY_DIR}/*.t t/*.t
+     WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
+     DEPENDS cli test.t)
+Submodule deps/picotls contains untracked content
+Submodule deps/picotls contains modified content
+diff --git a/deps/picotls/CMakeLists.txt b/deps/picotls/CMakeLists.txt
+index 874b9be..14411e2 100644
+--- a/deps/picotls/CMakeLists.txt
+++ b/deps/picotls/CMakeLists.txt
+@@ -12,6 +12,7 @@ IF (WITH_DTRACE)
+     MESSAGE(STATUS "Enabling USDT support")
+ ENDIF ()
+
+SET(CMAKE_POSITION_INDEPENDENT_CODE ON)
+ SET(CMAKE_C_FLAGS "-std=c99 -Wall -O2 -g ${CC_WARNING_FLAGS} ${CMAKE_C_FLAGS}")
+ INCLUDE_DIRECTORIES(
+     deps/cifra/src/ext
+@@ -131,6 +132,15 @@ ELSE ()
+     MESSAGE(WARNING "Disabling OpenSSL support (requires 1.0.1 or newer)")
+ ENDIF ()
+
+INSTALL (DIRECTORY ${CMAKE_SOURCE_DIR}/include/
+    DESTINATION include
+    FILES_MATCHING PATTERN "*.h")
+
+INSTALL(TARGETS picotls-core picotls-openssl
+        RUNTIME DESTINATION bin
+        LIBRARY DESTINATION lib
+        ARCHIVE DESTINATION lib)
+
+ ADD_CUSTOM_TARGET(check env BINARY_DIR=${CMAKE_CURRENT_BINARY_DIR} prove --exec '' -v ${CMAKE_CURRENT_BINARY_DIR}/*.t t/*.t WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR} DEPENDS ${TEST_EXES} cli)
+
+ IF (CMAKE_SYSTEM_NAME STREQUAL "Linux")
@@ -1,5 +1,5 @@

-# Copyright (c) 2019 Cisco
+# Copyright (c) 2021 Cisco
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at:
@@ -13,7 +13,7 @@
 # limitations under the License.

 unset(QUIC_LINK_LIBRARIES)
-set(EXPECTED_QUICLY_VERSION "0.1.0-vpp")
+set(EXPECTED_QUICLY_VERSION "0.1.2-vpp")

 find_path(QUICLY_INCLUDE_DIR NAMES quicly.h)
 find_path(PICOTLS_INCLUDE_DIR NAMES picotls.h)
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
@@ -62,8 +62,8 @@ quic_format_err (u8 * s, va_list * args)
    case QUICLY_TRANSPORT_ERROR_INTERNAL:
      s = format (s, "QUICLY_TRANSPORT_ERROR_INTERNAL");
      break;
-    case QUICLY_TRANSPORT_ERROR_SERVER_BUSY:
-      s = format (s, "QUICLY_TRANSPORT_ERROR_SERVER_BUSY");
+    case QUICLY_TRANSPORT_ERROR_CONNECTION_REFUSED:
+      s = format (s, "QUICLY_TRANSPORT_ERROR_CONNECTION_REFUSED");
      break;
    case QUICLY_TRANSPORT_ERROR_FLOW_CONTROL:
      s = format (s, "QUICLY_TRANSPORT_ERROR_FLOW_CONTROL");
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
@@ -47,8 +47,7 @@

 #define QUIC_MAX_COALESCED_PACKET 4

-#define QUIC_SEND_MAX_BATCH_PACKETS 16
-#define QUIC_RCV_MAX_BATCH_PACKETS 16
+#define QUIC_RCV_MAX_PACKETS 16

 #define QUIC_DEFAULT_CONN_TIMEOUT (30 * 1000)	/* 30 seconds */

@@ -134,6 +133,12 @@ typedef enum quic_ctx_flags_
  QUIC_F_IS_LISTENER = (1 << 1),
 } quic_ctx_flags_t;

+typedef enum quic_cc_type
+{
+  QUIC_CC_RENO,
+  QUIC_CC_CUBIC,
+} quic_cc_type_t;
+
 /* This structure is used to implement the concept of VPP connection for QUIC.
 * We create one per connection and one per stream. */
 typedef struct quic_ctx_
@@ -210,25 +215,6 @@ typedef struct quic_crypto_context_data_
  ptls_context_t ptls_ctx;
 } quic_crypto_context_data_t;

-typedef struct quic_encrypt_cb_ctx_
-{
-  quicly_datagram_t *packet;
-  struct quic_finalize_send_packet_cb_ctx_
-  {
-    size_t payload_from;
-    size_t first_byte_at;
-    ptls_cipher_context_t *hp;
-  } snd_ctx[QUIC_MAX_COALESCED_PACKET];
-  size_t snd_ctx_count;
-} quic_encrypt_cb_ctx;
-
-typedef struct quic_crypto_batch_ctx_
-{
-  vnet_crypto_op_t aead_crypto_tx_packets_ops[QUIC_SEND_MAX_BATCH_PACKETS],
-    aead_crypto_rx_packets_ops[QUIC_RCV_MAX_BATCH_PACKETS];
-  size_t nb_tx_packets, nb_rx_packets;
-} quic_crypto_batch_ctx_t;
-
 typedef struct quic_worker_ctx_
 {
  CLIB_CACHE_LINE_ALIGN_MARK (cacheline0);
@@ -237,7 +223,6 @@ typedef struct quic_worker_ctx_
  quicly_cid_plaintext_t next_cid;
  crypto_context_t *crypto_ctx_pool;		/**< per thread pool of crypto contexes */
  clib_bihash_24_8_t crypto_context_hash;	/**< per thread [params:crypto_ctx_index] hash */
-  quic_crypto_batch_ctx_t crypto_context_batch;
 } quic_worker_ctx_t;

 typedef struct quic_rx_packet_ctx_
@@ -268,6 +253,7 @@ typedef struct quic_main_
  uword *available_crypto_engines;	/**< Bitmap for registered engines */
  u8 default_crypto_engine;		/**< Used if you do connect with CRYPTO_ENGINE_NONE (0) */
  u64 max_packets_per_key;		/**< number of packets that can be sent without a key update */
+  u8 default_quic_cc;

  ptls_handshake_properties_t hs_properties;
  quic_session_cache_t session_cache;
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Copyright (c) 2021 Cisco and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
@@ -19,8 +19,6 @@
 #include <quicly.h>

 struct quic_ctx_t;
-struct quic_rx_packet_ctx_t;
-struct quic_crypto_batch_ctx_t;

 extern ptls_cipher_suite_t *quic_crypto_cipher_suites[];

@@ -29,21 +27,8 @@ int quic_encrypt_ticket_cb (ptls_encrypt_ticket_t * _self, ptls_t * tls,
 			    ptls_iovec_t src);
 void quic_crypto_decrypt_packet (quic_ctx_t * qctx,
 				 quic_rx_packet_ctx_t * pctx);
-void quic_crypto_batch_tx_packets (quic_crypto_batch_ctx_t * batch_ctx);
-void quic_crypto_batch_rx_packets (quic_crypto_batch_ctx_t * batch_ctx);
-void quic_crypto_finalize_send_packet (quicly_datagram_t * packet);
-
-void
-quic_crypto_finalize_send_packet_cb (struct st_quicly_crypto_engine_t *engine,
-				     quicly_conn_t * conn,
-				     ptls_cipher_context_t * hp,
-				     ptls_aead_context_t * aead,
-				     quicly_datagram_t * packet,
-				     size_t first_byte_at,
-				     size_t payload_from, int coalesced);

 #endif /* __included_vpp_quic_crypto_h__ */
-
 /*
 * fd.io coding-style-patch-verification: ON
 *
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020 Intel and/or its affiliates.
+ * Copyright (c) 2021 Intel and/or its affiliates.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at:
@@ -42,6 +42,8 @@ struct vpp_aead_context_t
  vnet_crypto_alg_t alg;
  u32 key_index;
  u32 chunk_index;
+  uint8_t iv[PTLS_MAX_IV_SIZE];
+  uint8_t static_iv[PTLS_MAX_IV_SIZE];
 };

 static void
@@ -128,8 +130,8 @@ ptls_vpp_crypto_cipher_setup_crypto (ptls_cipher_context_t * _ctx, int is_enc,
 }

 size_t
-ptls_vpp_crypto_aead_decrypt (ptls_aead_context_t * _ctx, void *_output,
-			      const void *input, size_t inlen, const void *iv,
+ptls_vpp_crypto_aead_decrypt (ptls_aead_context_t *_ctx, void *_output,
+			      const void *input, size_t inlen, uint64_t seq,
 			      const void *aad, size_t aadlen)
 {
  vlib_main_t *vm = vlib_get_main ();
@@ -139,7 +141,7 @@ ptls_vpp_crypto_aead_decrypt (ptls_aead_context_t * _ctx, void *_output,
  ctx->op.dst = _output;
  ctx->op.src = (void *) input;
  ctx->op.len = inlen - tag_size;;
-  ctx->op.iv = (void *) iv;
+  ctx->op.iv = ctx->static_iv;
  ctx->op.aad = (void *) aad;
  ctx->op.aad_len = aadlen;
  ctx->op.tag = (void *) input + inlen - tag_size;
@@ -152,11 +154,13 @@ ptls_vpp_crypto_aead_decrypt (ptls_aead_context_t * _ctx, void *_output,
 }

 static void
-ptls_vpp_crypto_aead_encrypt_init (ptls_aead_context_t * _ctx, const void *iv,
+ptls_vpp_crypto_aead_encrypt_init (ptls_aead_context_t *_ctx, uint64_t seq,
 				   const void *aad, size_t aadlen)
 {
  struct vpp_aead_context_t *ctx = (struct vpp_aead_context_t *) _ctx;
-  ctx->op.iv = (void *) iv;
+  ctx->op.iv = ctx->iv;
+  ptls_aead__build_iv (ctx->super.algo, ctx->op.iv, ctx->static_iv, seq);
+  ctx->op.iv = ctx->static_iv;
  ctx->op.aad = (void *) aad;
  ctx->op.aad_len = aadlen;
  ctx->op.n_chunks = 2;
@@ -200,10 +204,10 @@ ptls_vpp_crypto_aead_dispose_crypto (ptls_aead_context_t * _ctx)
  /* Do nothing */
 }

-
 static int
-ptls_vpp_crypto_aead_setup_crypto (ptls_aead_context_t * _ctx, int is_enc,
-				   const void *key, vnet_crypto_alg_t alg)
+ptls_vpp_crypto_aead_setup_crypto (ptls_aead_context_t *_ctx, int is_enc,
+				   const void *key, const void *iv,
+				   vnet_crypto_alg_t alg)
 {
  struct vlib_main_t *vm = vlib_get_main ();
  struct vpp_aead_context_t *ctx = (struct vpp_aead_context_t *) _ctx;
@@ -241,6 +245,7 @@ ptls_vpp_crypto_aead_setup_crypto (ptls_aead_context_t * _ctx, int is_enc,
    vnet_crypto_key_add (vm, ctx->alg, (void *) key, key_len);
  clib_rwlock_writer_unlock (&picotls_main.crypto_keys_rw_lock);
  ctx->chunk_index = 0;
+  clib_memcpy (ctx->static_iv, iv, ctx->super.algo->iv_size);

  ctx->super.do_decrypt = ptls_vpp_crypto_aead_decrypt;
  ctx->super.do_encrypt_init = ptls_vpp_crypto_aead_encrypt_init;
@@ -268,18 +273,20 @@ ptls_vpp_crypto_aes256ctr_setup_crypto (ptls_cipher_context_t * ctx,
 }

 static int
-ptls_vpp_crypto_aead_aes128gcm_setup_crypto (ptls_aead_context_t * ctx,
-					     int is_enc, const void *key)
+ptls_vpp_crypto_aead_aes128gcm_setup_crypto (ptls_aead_context_t *ctx,
+					     int is_enc, const void *key,
+					     const void *iv)
 {
-  return ptls_vpp_crypto_aead_setup_crypto (ctx, is_enc, key,
+  return ptls_vpp_crypto_aead_setup_crypto (ctx, is_enc, key, iv,
 					    VNET_CRYPTO_ALG_AES_128_GCM);
 }

 static int
-ptls_vpp_crypto_aead_aes256gcm_setup_crypto (ptls_aead_context_t * ctx,
-					     int is_enc, const void *key)
+ptls_vpp_crypto_aead_aes256gcm_setup_crypto (ptls_aead_context_t *ctx,
+					     int is_enc, const void *key,
+					     const void *iv)
 {
-  return ptls_vpp_crypto_aead_setup_crypto (ctx, is_enc, key,
+  return ptls_vpp_crypto_aead_setup_crypto (ctx, is_enc, key, iv,
 					    VNET_CRYPTO_ALG_AES_256_GCM);
 }