241 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			ReStructuredText
		
	
	
	
	
	
			
		
		
	
	
			241 lines
		
	
	
		
			8.5 KiB
		
	
	
	
		
			ReStructuredText
		
	
	
	
	
	
| .. SPDX-License-Identifier: GPL-2.0
 | |
| 
 | |
| =========================
 | |
| Stream Parser (strparser)
 | |
| =========================
 | |
| 
 | |
| Introduction
 | |
| ============
 | |
| 
 | |
| The stream parser (strparser) is a utility that parses messages of an
 | |
| application layer protocol running over a data stream. The stream
 | |
| parser works in conjunction with an upper layer in the kernel to provide
 | |
| kernel support for application layer messages. For instance, Kernel
 | |
| Connection Multiplexor (KCM) uses the Stream Parser to parse messages
 | |
| using a BPF program.
 | |
| 
 | |
| The strparser works in one of two modes: receive callback or general
 | |
| mode.
 | |
| 
 | |
| In receive callback mode, the strparser is called from the data_ready
 | |
| callback of a TCP socket. Messages are parsed and delivered as they are
 | |
| received on the socket.
 | |
| 
 | |
| In general mode, a sequence of skbs are fed to strparser from an
 | |
| outside source. Message are parsed and delivered as the sequence is
 | |
| processed. This modes allows strparser to be applied to arbitrary
 | |
| streams of data.
 | |
| 
 | |
| Interface
 | |
| =========
 | |
| 
 | |
| The API includes a context structure, a set of callbacks, utility
 | |
| functions, and a data_ready function for receive callback mode. The
 | |
| callbacks include a parse_msg function that is called to perform
 | |
| parsing (e.g.  BPF parsing in case of KCM), and a rcv_msg function
 | |
| that is called when a full message has been completed.
 | |
| 
 | |
| Functions
 | |
| =========
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	strp_init(struct strparser *strp, struct sock *sk,
 | |
| 		const struct strp_callbacks *cb)
 | |
| 
 | |
|      Called to initialize a stream parser. strp is a struct of type
 | |
|      strparser that is allocated by the upper layer. sk is the TCP
 | |
|      socket associated with the stream parser for use with receive
 | |
|      callback mode; in general mode this is set to NULL. Callbacks
 | |
|      are called by the stream parser (the callbacks are listed below).
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	void strp_pause(struct strparser *strp)
 | |
| 
 | |
|      Temporarily pause a stream parser. Message parsing is suspended
 | |
|      and no new messages are delivered to the upper layer.
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	void strp_unpause(struct strparser *strp)
 | |
| 
 | |
|      Unpause a paused stream parser.
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	void strp_stop(struct strparser *strp);
 | |
| 
 | |
|      strp_stop is called to completely stop stream parser operations.
 | |
|      This is called internally when the stream parser encounters an
 | |
|      error, and it is called from the upper layer to stop parsing
 | |
|      operations.
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	void strp_done(struct strparser *strp);
 | |
| 
 | |
|      strp_done is called to release any resources held by the stream
 | |
|      parser instance. This must be called after the stream processor
 | |
|      has been stopped.
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	int strp_process(struct strparser *strp, struct sk_buff *orig_skb,
 | |
| 			 unsigned int orig_offset, size_t orig_len,
 | |
| 			 size_t max_msg_size, long timeo)
 | |
| 
 | |
|     strp_process is called in general mode for a stream parser to
 | |
|     parse an sk_buff. The number of bytes processed or a negative
 | |
|     error number is returned. Note that strp_process does not
 | |
|     consume the sk_buff. max_msg_size is maximum size the stream
 | |
|     parser will parse. timeo is timeout for completing a message.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	void strp_data_ready(struct strparser *strp);
 | |
| 
 | |
|     The upper layer calls strp_tcp_data_ready when data is ready on
 | |
|     the lower socket for strparser to process. This should be called
 | |
|     from a data_ready callback that is set on the socket. Note that
 | |
|     maximum messages size is the limit of the receive socket
 | |
|     buffer and message timeout is the receive timeout for the socket.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	void strp_check_rcv(struct strparser *strp);
 | |
| 
 | |
|     strp_check_rcv is called to check for new messages on the socket.
 | |
|     This is normally called at initialization of a stream parser
 | |
|     instance or after strp_unpause.
 | |
| 
 | |
| Callbacks
 | |
| =========
 | |
| 
 | |
| There are six callbacks:
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	int (*parse_msg)(struct strparser *strp, struct sk_buff *skb);
 | |
| 
 | |
|     parse_msg is called to determine the length of the next message
 | |
|     in the stream. The upper layer must implement this function. It
 | |
|     should parse the sk_buff as containing the headers for the
 | |
|     next application layer message in the stream.
 | |
| 
 | |
|     The skb->cb in the input skb is a struct strp_msg. Only
 | |
|     the offset field is relevant in parse_msg and gives the offset
 | |
|     where the message starts in the skb.
 | |
| 
 | |
|     The return values of this function are:
 | |
| 
 | |
|     =========    ===========================================================
 | |
|     >0           indicates length of successfully parsed message
 | |
|     0            indicates more data must be received to parse the message
 | |
|     -ESTRPIPE    current message should not be processed by the
 | |
| 		 kernel, return control of the socket to userspace which
 | |
| 		 can proceed to read the messages itself
 | |
|     other < 0    Error in parsing, give control back to userspace
 | |
| 		 assuming that synchronization is lost and the stream
 | |
| 		 is unrecoverable (application expected to close TCP socket)
 | |
|     =========    ===========================================================
 | |
| 
 | |
|     In the case that an error is returned (return value is less than
 | |
|     zero) and the parser is in receive callback mode, then it will set
 | |
|     the error on TCP socket and wake it up. If parse_msg returned
 | |
|     -ESTRPIPE and the stream parser had previously read some bytes for
 | |
|     the current message, then the error set on the attached socket is
 | |
|     ENODATA since the stream is unrecoverable in that case.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	void (*lock)(struct strparser *strp)
 | |
| 
 | |
|     The lock callback is called to lock the strp structure when
 | |
|     the strparser is performing an asynchronous operation (such as
 | |
|     processing a timeout). In receive callback mode the default
 | |
|     function is to lock_sock for the associated socket. In general
 | |
|     mode the callback must be set appropriately.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	void (*unlock)(struct strparser *strp)
 | |
| 
 | |
|     The unlock callback is called to release the lock obtained
 | |
|     by the lock callback. In receive callback mode the default
 | |
|     function is release_sock for the associated socket. In general
 | |
|     mode the callback must be set appropriately.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	void (*rcv_msg)(struct strparser *strp, struct sk_buff *skb);
 | |
| 
 | |
|     rcv_msg is called when a full message has been received and
 | |
|     is queued. The callee must consume the sk_buff; it can
 | |
|     call strp_pause to prevent any further messages from being
 | |
|     received in rcv_msg (see strp_pause above). This callback
 | |
|     must be set.
 | |
| 
 | |
|     The skb->cb in the input skb is a struct strp_msg. This
 | |
|     struct contains two fields: offset and full_len. Offset is
 | |
|     where the message starts in the skb, and full_len is the
 | |
|     the length of the message. skb->len - offset may be greater
 | |
|     then full_len since strparser does not trim the skb.
 | |
| 
 | |
|     ::
 | |
| 
 | |
| 	int (*read_sock_done)(struct strparser *strp, int err);
 | |
| 
 | |
|      read_sock_done is called when the stream parser is done reading
 | |
|      the TCP socket in receive callback mode. The stream parser may
 | |
|      read multiple messages in a loop and this function allows cleanup
 | |
|      to occur when exiting the loop. If the callback is not set (NULL
 | |
|      in strp_init) a default function is used.
 | |
| 
 | |
|      ::
 | |
| 
 | |
| 	void (*abort_parser)(struct strparser *strp, int err);
 | |
| 
 | |
|      This function is called when stream parser encounters an error
 | |
|      in parsing. The default function stops the stream parser and
 | |
|      sets the error in the socket if the parser is in receive callback
 | |
|      mode. The default function can be changed by setting the callback
 | |
|      to non-NULL in strp_init.
 | |
| 
 | |
| Statistics
 | |
| ==========
 | |
| 
 | |
| Various counters are kept for each stream parser instance. These are in
 | |
| the strp_stats structure. strp_aggr_stats is a convenience structure for
 | |
| accumulating statistics for multiple stream parser instances.
 | |
| save_strp_stats and aggregate_strp_stats are helper functions to save
 | |
| and aggregate statistics.
 | |
| 
 | |
| Message assembly limits
 | |
| =======================
 | |
| 
 | |
| The stream parser provide mechanisms to limit the resources consumed by
 | |
| message assembly.
 | |
| 
 | |
| A timer is set when assembly starts for a new message. In receive
 | |
| callback mode the message timeout is taken from rcvtime for the
 | |
| associated TCP socket. In general mode, the timeout is passed as an
 | |
| argument in strp_process. If the timer fires before assembly completes
 | |
| the stream parser is aborted and the ETIMEDOUT error is set on the TCP
 | |
| socket if in receive callback mode.
 | |
| 
 | |
| In receive callback mode, message length is limited to the receive
 | |
| buffer size of the associated TCP socket. If the length returned by
 | |
| parse_msg is greater than the socket buffer size then the stream parser
 | |
| is aborted with EMSGSIZE error set on the TCP socket. Note that this
 | |
| makes the maximum size of receive skbuffs for a socket with a stream
 | |
| parser to be 2*sk_rcvbuf of the TCP socket.
 | |
| 
 | |
| In general mode the message length limit is passed in as an argument
 | |
| to strp_process.
 | |
| 
 | |
| Author
 | |
| ======
 | |
| 
 | |
| Tom Herbert (tom@quantonium.net)
 |