diff --git a/platform/src/packet_io.cpp b/platform/src/packet_io.cpp index f1d15ae..4f50a84 100644 --- a/platform/src/packet_io.cpp +++ b/platform/src/packet_io.cpp @@ -963,63 +963,65 @@ static void handle_session_closing(struct metadata *meta, struct control_packet } } -static void handle_session_active(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx) +static void verify_dataoffset(struct metadata *meta, struct packet *data_pkt, struct four_tuple *inner_tuple4) +{ + const char *payload = packet_parse(data_pkt, meta->raw_data, meta->raw_len); + uint16_t expect_offset = payload - meta->raw_data; + sce_packet_get_innermost_tuple(data_pkt, inner_tuple4); + if (expect_offset != meta->l7offset) + { + char *addr_str = four_tuple_tostring(inner_tuple4); + LOG_ERROR("%s: incorrect dataoffset %d in mbuff of session %lu %s (expect: %d)", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, expect_offset); + free(addr_str); + } +} + +static struct session_ctx *new_session(struct metadata *meta, struct four_tuple *inner_tuple4, struct thread_ctx *thread_ctx) { - struct session_table *session_table = thread_ctx->session_table; - struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; struct policy_enforcer *enforcer = thread_ctx->ref_enforcer; struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx; + int chaining_size = policy_enforce_chaining_size(enforcer); + + struct session_ctx *session_ctx = session_ctx_new(); + session_ctx->session_id = meta->session_id; + session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(inner_tuple4) : NULL; + session_ctx->rehash_index = meta->rehash_index; + session_ctx->vxlan_src_port = calculate_vxlan_source_port(inner_tuple4); + session_ctx->ctrl_pkt_hdr_ptr = memdup(meta->raw_data, meta->raw_len); + session_ctx->ctrl_pkt_hdr_len = meta->raw_len; + session_ctx->chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); + session_ctx->chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); + session_ctx->ref_thread_ctx = thread_ctx; + four_tuple_copy(&session_ctx->inner_tuple4, inner_tuple4); + route_ctx_copy(&session_ctx->ctrl_route_ctx, &meta->route_ctx); + + return session_ctx; +} + +static void handle_session_active(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx) +{ + struct packet data_pkt; + struct four_tuple inner_tuple4; + struct session_table *session_table = thread_ctx->session_table; + struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics; struct session_ctx *session_ctx = (struct session_ctx *)session_table_search_by_id(session_table, meta->session_id); + verify_dataoffset(meta, &data_pkt, &inner_tuple4); + if (session_ctx) { - struct packet data_pkt; - const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len); - uint16_t real_offset = payload - meta->raw_data; - if (real_offset != meta->l7offset) - { - LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, session_ctx->session_addr, real_offset); - } - LOG_INFO("%s: session %lu %s active again", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr); - handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx); - send_event_log(session_ctx, thread_ctx); } else { - struct packet data_pkt; - struct four_tuple inner_tuple4; - const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len); - sce_packet_get_innermost_tuple(&data_pkt, &inner_tuple4); - uint16_t real_offset = payload - meta->raw_data; - if (real_offset != meta->l7offset) - { - char *addr_str = four_tuple_tostring(&inner_tuple4); - LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, real_offset); - free(addr_str); - } - - int chaining_size = policy_enforce_chaining_size(enforcer); - struct session_ctx *session_ctx = session_ctx_new(); - session_ctx->session_id = meta->session_id; - session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(&inner_tuple4) : NULL; - session_ctx->rehash_index = meta->rehash_index; - session_ctx->vxlan_src_port = calculate_vxlan_source_port(&inner_tuple4); - four_tuple_copy(&session_ctx->inner_tuple4, &inner_tuple4); - route_ctx_copy(&session_ctx->ctrl_route_ctx, &meta->route_ctx); - session_ctx->ctrl_pkt_hdr_ptr = memdup(meta->raw_data, meta->raw_len); - session_ctx->ctrl_pkt_hdr_len = meta->raw_len; - session_ctx->chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); - session_ctx->chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr); - session_ctx->ref_thread_ctx = thread_ctx; - + session_ctx = new_session(meta, &inner_tuple4, thread_ctx); LOG_INFO("%s: session %lu %s active first", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr); - handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx); - send_event_log(session_ctx, thread_ctx); - session_table_insert(session_table, session_ctx->session_id, &session_ctx->inner_tuple4, session_ctx, session_value_free_cb); ATOMIC_INC(&(thread_metrics->session_num)); } + + handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx); + send_event_log(session_ctx, thread_ctx); } static void handle_session_resetall(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx)