|  | .. SPDX-License-Identifier: GPL-2.0 | 
|  |  | 
|  | ========================= | 
|  | Stream Parser (strparser) | 
|  | ========================= | 
|  |  | 
|  | Introduction | 
|  | ============ | 
|  |  | 
|  | The stream parser (strparser) is a utility that parses messages of an | 
|  | application layer protocol running over a data stream. The stream | 
|  | parser works in conjunction with an upper layer in the kernel to provide | 
|  | kernel support for application layer messages. For instance, Kernel | 
|  | Connection Multiplexor (KCM) uses the Stream Parser to parse messages | 
|  | using a BPF program. | 
|  |  | 
|  | The strparser works in one of two modes: receive callback or general | 
|  | mode. | 
|  |  | 
|  | In receive callback mode, the strparser is called from the data_ready | 
|  | callback of a TCP socket. Messages are parsed and delivered as they are | 
|  | received on the socket. | 
|  |  | 
|  | In general mode, a sequence of skbs are fed to strparser from an | 
|  | outside source. Message are parsed and delivered as the sequence is | 
|  | processed. This modes allows strparser to be applied to arbitrary | 
|  | streams of data. | 
|  |  | 
|  | Interface | 
|  | ========= | 
|  |  | 
|  | The API includes a context structure, a set of callbacks, utility | 
|  | functions, and a data_ready function for receive callback mode. The | 
|  | callbacks include a parse_msg function that is called to perform | 
|  | parsing (e.g.  BPF parsing in case of KCM), and a rcv_msg function | 
|  | that is called when a full message has been completed. | 
|  |  | 
|  | Functions | 
|  | ========= | 
|  |  | 
|  | :: | 
|  |  | 
|  | strp_init(struct strparser *strp, struct sock *sk, | 
|  | const struct strp_callbacks *cb) | 
|  |  | 
|  | Called to initialize a stream parser. strp is a struct of type | 
|  | strparser that is allocated by the upper layer. sk is the TCP | 
|  | socket associated with the stream parser for use with receive | 
|  | callback mode; in general mode this is set to NULL. Callbacks | 
|  | are called by the stream parser (the callbacks are listed below). | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_pause(struct strparser *strp) | 
|  |  | 
|  | Temporarily pause a stream parser. Message parsing is suspended | 
|  | and no new messages are delivered to the upper layer. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_unpause(struct strparser *strp) | 
|  |  | 
|  | Unpause a paused stream parser. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_stop(struct strparser *strp); | 
|  |  | 
|  | strp_stop is called to completely stop stream parser operations. | 
|  | This is called internally when the stream parser encounters an | 
|  | error, and it is called from the upper layer to stop parsing | 
|  | operations. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_done(struct strparser *strp); | 
|  |  | 
|  | strp_done is called to release any resources held by the stream | 
|  | parser instance. This must be called after the stream processor | 
|  | has been stopped. | 
|  |  | 
|  | :: | 
|  |  | 
|  | int strp_process(struct strparser *strp, struct sk_buff *orig_skb, | 
|  | unsigned int orig_offset, size_t orig_len, | 
|  | size_t max_msg_size, long timeo) | 
|  |  | 
|  | strp_process is called in general mode for a stream parser to | 
|  | parse an sk_buff. The number of bytes processed or a negative | 
|  | error number is returned. Note that strp_process does not | 
|  | consume the sk_buff. max_msg_size is maximum size the stream | 
|  | parser will parse. timeo is timeout for completing a message. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_data_ready(struct strparser *strp); | 
|  |  | 
|  | The upper layer calls strp_tcp_data_ready when data is ready on | 
|  | the lower socket for strparser to process. This should be called | 
|  | from a data_ready callback that is set on the socket. Note that | 
|  | maximum messages size is the limit of the receive socket | 
|  | buffer and message timeout is the receive timeout for the socket. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void strp_check_rcv(struct strparser *strp); | 
|  |  | 
|  | strp_check_rcv is called to check for new messages on the socket. | 
|  | This is normally called at initialization of a stream parser | 
|  | instance or after strp_unpause. | 
|  |  | 
|  | Callbacks | 
|  | ========= | 
|  |  | 
|  | There are six callbacks: | 
|  |  | 
|  | :: | 
|  |  | 
|  | int (*parse_msg)(struct strparser *strp, struct sk_buff *skb); | 
|  |  | 
|  | parse_msg is called to determine the length of the next message | 
|  | in the stream. The upper layer must implement this function. It | 
|  | should parse the sk_buff as containing the headers for the | 
|  | next application layer message in the stream. | 
|  |  | 
|  | The skb->cb in the input skb is a struct strp_msg. Only | 
|  | the offset field is relevant in parse_msg and gives the offset | 
|  | where the message starts in the skb. | 
|  |  | 
|  | The return values of this function are: | 
|  |  | 
|  | =========    =========================================================== | 
|  | >0           indicates length of successfully parsed message | 
|  | 0            indicates more data must be received to parse the message | 
|  | -ESTRPIPE    current message should not be processed by the | 
|  | kernel, return control of the socket to userspace which | 
|  | can proceed to read the messages itself | 
|  | other < 0    Error in parsing, give control back to userspace | 
|  | assuming that synchronization is lost and the stream | 
|  | is unrecoverable (application expected to close TCP socket) | 
|  | =========    =========================================================== | 
|  |  | 
|  | In the case that an error is returned (return value is less than | 
|  | zero) and the parser is in receive callback mode, then it will set | 
|  | the error on TCP socket and wake it up. If parse_msg returned | 
|  | -ESTRPIPE and the stream parser had previously read some bytes for | 
|  | the current message, then the error set on the attached socket is | 
|  | ENODATA since the stream is unrecoverable in that case. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void (*lock)(struct strparser *strp) | 
|  |  | 
|  | The lock callback is called to lock the strp structure when | 
|  | the strparser is performing an asynchronous operation (such as | 
|  | processing a timeout). In receive callback mode the default | 
|  | function is to lock_sock for the associated socket. In general | 
|  | mode the callback must be set appropriately. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void (*unlock)(struct strparser *strp) | 
|  |  | 
|  | The unlock callback is called to release the lock obtained | 
|  | by the lock callback. In receive callback mode the default | 
|  | function is release_sock for the associated socket. In general | 
|  | mode the callback must be set appropriately. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void (*rcv_msg)(struct strparser *strp, struct sk_buff *skb); | 
|  |  | 
|  | rcv_msg is called when a full message has been received and | 
|  | is queued. The callee must consume the sk_buff; it can | 
|  | call strp_pause to prevent any further messages from being | 
|  | received in rcv_msg (see strp_pause above). This callback | 
|  | must be set. | 
|  |  | 
|  | The skb->cb in the input skb is a struct strp_msg. This | 
|  | struct contains two fields: offset and full_len. Offset is | 
|  | where the message starts in the skb, and full_len is the | 
|  | the length of the message. skb->len - offset may be greater | 
|  | then full_len since strparser does not trim the skb. | 
|  |  | 
|  | :: | 
|  |  | 
|  | int (*read_sock_done)(struct strparser *strp, int err); | 
|  |  | 
|  | read_sock_done is called when the stream parser is done reading | 
|  | the TCP socket in receive callback mode. The stream parser may | 
|  | read multiple messages in a loop and this function allows cleanup | 
|  | to occur when exiting the loop. If the callback is not set (NULL | 
|  | in strp_init) a default function is used. | 
|  |  | 
|  | :: | 
|  |  | 
|  | void (*abort_parser)(struct strparser *strp, int err); | 
|  |  | 
|  | This function is called when stream parser encounters an error | 
|  | in parsing. The default function stops the stream parser and | 
|  | sets the error in the socket if the parser is in receive callback | 
|  | mode. The default function can be changed by setting the callback | 
|  | to non-NULL in strp_init. | 
|  |  | 
|  | Statistics | 
|  | ========== | 
|  |  | 
|  | Various counters are kept for each stream parser instance. These are in | 
|  | the strp_stats structure. strp_aggr_stats is a convenience structure for | 
|  | accumulating statistics for multiple stream parser instances. | 
|  | save_strp_stats and aggregate_strp_stats are helper functions to save | 
|  | and aggregate statistics. | 
|  |  | 
|  | Message assembly limits | 
|  | ======================= | 
|  |  | 
|  | The stream parser provide mechanisms to limit the resources consumed by | 
|  | message assembly. | 
|  |  | 
|  | A timer is set when assembly starts for a new message. In receive | 
|  | callback mode the message timeout is taken from rcvtime for the | 
|  | associated TCP socket. In general mode, the timeout is passed as an | 
|  | argument in strp_process. If the timer fires before assembly completes | 
|  | the stream parser is aborted and the ETIMEDOUT error is set on the TCP | 
|  | socket if in receive callback mode. | 
|  |  | 
|  | In receive callback mode, message length is limited to the receive | 
|  | buffer size of the associated TCP socket. If the length returned by | 
|  | parse_msg is greater than the socket buffer size then the stream parser | 
|  | is aborted with EMSGSIZE error set on the TCP socket. Note that this | 
|  | makes the maximum size of receive skbuffs for a socket with a stream | 
|  | parser to be 2*sk_rcvbuf of the TCP socket. | 
|  |  | 
|  | In general mode the message length limit is passed in as an argument | 
|  | to strp_process. | 
|  |  | 
|  | Author | 
|  | ====== | 
|  |  | 
|  | Tom Herbert (tom@quantonium.net) |