gfwleak/tango-tsg-service-chaining-engine
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

perf: 优化Session Active的处理逻辑

Browse Source
This commit is contained in:
luwenpeng
2023-11-29 11:21:07 +08:00
parent 23dbb7720c
commit 75237e905a
1 changed files with 44 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
platform/src/packet_io.cpp
View File

@@ -963,63 +963,65 @@ static void handle_session_closing(struct metadata *meta, struct control_packet
}
}
static void handle_session_active(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx)
static void verify_dataoffset(struct metadata *meta, struct packet *data_pkt, struct four_tuple *inner_tuple4)
{
const char *payload = packet_parse(data_pkt, meta->raw_data, meta->raw_len);
uint16_t expect_offset = payload - meta->raw_data;
sce_packet_get_innermost_tuple(data_pkt, inner_tuple4);
if (expect_offset != meta->l7offset)
{
char *addr_str = four_tuple_tostring(inner_tuple4);
LOG_ERROR("%s: incorrect dataoffset %d in mbuff of session %lu %s (expect: %d)", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, expect_offset);
free(addr_str);
}
}
static struct session_ctx *new_session(struct metadata *meta, struct four_tuple *inner_tuple4, struct thread_ctx *thread_ctx)
{
struct session_table *session_table = thread_ctx->session_table;
struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
struct policy_enforcer *enforcer = thread_ctx->ref_enforcer;
struct sce_ctx *sce_ctx = thread_ctx->ref_sce_ctx;
int chaining_size = policy_enforce_chaining_size(enforcer);
struct session_ctx *session_ctx = session_ctx_new();
session_ctx->session_id = meta->session_id;
session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(inner_tuple4) : NULL;
session_ctx->rehash_index = meta->rehash_index;
session_ctx->vxlan_src_port = calculate_vxlan_source_port(inner_tuple4);
session_ctx->ctrl_pkt_hdr_ptr = memdup(meta->raw_data, meta->raw_len);
session_ctx->ctrl_pkt_hdr_len = meta->raw_len;
session_ctx->chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr);
session_ctx->chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr);
session_ctx->ref_thread_ctx = thread_ctx;
four_tuple_copy(&session_ctx->inner_tuple4, inner_tuple4);
route_ctx_copy(&session_ctx->ctrl_route_ctx, &meta->route_ctx);
return session_ctx;
}
static void handle_session_active(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx)
{
struct packet data_pkt;
struct four_tuple inner_tuple4;
struct session_table *session_table = thread_ctx->session_table;
struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
struct session_ctx *session_ctx = (struct session_ctx *)session_table_search_by_id(session_table, meta->session_id);
verify_dataoffset(meta, &data_pkt, &inner_tuple4);
if (session_ctx)
{
struct packet data_pkt;
const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len);
uint16_t real_offset = payload - meta->raw_data;
if (real_offset != meta->l7offset)
{
LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, session_ctx->session_addr, real_offset);
}
LOG_INFO("%s: session %lu %s active again", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr);
handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx);
send_event_log(session_ctx, thread_ctx);
}
else
{
struct packet data_pkt;
struct four_tuple inner_tuple4;
const char *payload = packet_parse(&data_pkt, meta->raw_data, meta->raw_len);
sce_packet_get_innermost_tuple(&data_pkt, &inner_tuple4);
uint16_t real_offset = payload - meta->raw_data;
if (real_offset != meta->l7offset)
{
char *addr_str = four_tuple_tostring(&inner_tuple4);
LOG_ERROR("%s: incorrect dataoffset %d in the control zone of session %lu %s, the expect value is %d", LOG_TAG_PKTIO, meta->l7offset, meta->session_id, addr_str, real_offset);
free(addr_str);
}
int chaining_size = policy_enforce_chaining_size(enforcer);
struct session_ctx *session_ctx = session_ctx_new();
session_ctx->session_id = meta->session_id;
session_ctx->session_addr = sce_ctx->enable_debug ? four_tuple_tostring(&inner_tuple4) : NULL;
session_ctx->rehash_index = meta->rehash_index;
session_ctx->vxlan_src_port = calculate_vxlan_source_port(&inner_tuple4);
four_tuple_copy(&session_ctx->inner_tuple4, &inner_tuple4);
route_ctx_copy(&session_ctx->ctrl_route_ctx, &meta->route_ctx);
session_ctx->ctrl_pkt_hdr_ptr = memdup(meta->raw_data, meta->raw_len);
session_ctx->ctrl_pkt_hdr_len = meta->raw_len;
session_ctx->chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr);
session_ctx->chaining_decrypted = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr);
session_ctx->ref_thread_ctx = thread_ctx;
session_ctx = new_session(meta, &inner_tuple4, thread_ctx);
LOG_INFO("%s: session %lu %s active first", LOG_TAG_PKTIO, session_ctx->session_id, session_ctx->session_addr);
handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx);
send_event_log(session_ctx, thread_ctx);
session_table_insert(session_table, session_ctx->session_id, &session_ctx->inner_tuple4, session_ctx, session_value_free_cb);
ATOMIC_INC(&(thread_metrics->session_num));
}
handle_policy_mutil_hits(session_ctx, ctrl_pkt, &data_pkt, meta->direction, thread_ctx);
send_event_log(session_ctx, thread_ctx);
}
static void handle_session_resetall(struct metadata *meta, struct control_packet *ctrl_pkt, struct thread_ctx *thread_ctx)