| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows bypassing the IPCP for local processes that share the same
packet pool, lowering latency between processes to comparable levels
as Unix sockets (RTT in the order of a microsecond).
For local processes, no IPCPs are needed:
$ irm b prog oping n oping
$ oping -l
Ouroboros ping server started.
New flow 64.
Received 64 bytes on fd 64.
The direct IPC can be disabled with the DISABLE_DIRECT_IPC build
flag. Note that this is needed for rumba 'local' experiments to
emulate network topologies. Without this flag all processes will just
communicate directly.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
| |
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The IRMd will now check the user UID and GID for privileged access,
avoiding unprivileged users being able to disrupt all IPC (e.g. by
shm_open the single pool and corrupting its metadata).
Non-privileged users are now limited to a PUP (per-user pool) for
sending/receiving packets. It is still created by the IRMd, but owned
by the user (uid) with 600 permissions. It does not add additional
copies for local IPC between their own processes (i.e. over the local
IPCP), but packets between processes owned by a different user or
destined over the network (other IPCPs) will incur a copy when
crossing the PUP / PUP or the PUP / GSPP boundary.
Privileged users and users in the ouroboros group still have direct
access to the GSPP (globally shared private pool) for packet transfer
that will avoid additional copies when processing packets between
processes owned by different users and to the network.
This aligns the security model with UNIX trust domains defined by UID
and GID by leveraging file permission on the pools in shared memory.
┌─────────────────────────────────────────────────────────────┐
│ Source Pool │ Dest Pool │ Operation │ Copies │
├─────────────────────────────────────────────────────────────┤
│ GSPP │ GSPP │ Zero-copy │ 0 │
│ PUP.uid │ PUP.uid │ Zero-copy │ 0 │
│ PUP.uid1 │ PUP.uid2 │ memcpy() │ 1 │
│ PUP.uid │ GSPP │ memcpy() │ 1 │
│ GSPP │ PUP.uid │ memcpy() │ 1 │
└─────────────────────────────────────────────────────────────┘
This also renames the struct ai ("application instance") in dev.c to
struct proc (process).
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the initial version for the flow allocation protocol header
between IRMd instances. This is a step towards flow authentication.
The header supports secure and authenticated flow allocation,
supporting certificate-based authentication and ephemeral key
exchange for end-to-end encryption.
id: 128-bit identifier for the entity.
timestamp: 64-bit timestamp (replay protection).
certificate: Certificate for authentication.
public key: ECDHE public key for key exchange.
data: Application data.
signature: Signature for integrity/authenticity.
Authentication and encryption require OpenSSL to be installed.
The IRMd compares the allocation request delay with the MPL of the
Layer over which the flow allocation was sent. MPL is now reported by
the Layer in ms instead of seconds.
Time functions revised for consistency and adds some tests.
The TPM can now print thread running times in Debug builds
(TPM_DEBUG_REPORT_INTERVAL) and abort processes with hung threads
(TPM_DEBUG_ABORT_TIMEOUT). Long running threads waiting for input
should call tpm_wait_work() to avoid trigger a process abort.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
| |
Slow but steady.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
| |
The cryptography functions were in a C source that was directly
imported into dev.c, enabling ECDHE+AES256 symmetric key encryption on
flows. Now crypt.c is an independent source file with associated
crypt.h header, to prepare for security management and configuration
in the IRMd.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
| |
2022 was a rather slow year...
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
| |
Growing pains.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This add an ouroboros/pthread.h header that wraps the
pthread_..._unlock() functions for cleanup using
pthread_cleanup_push() as this casting is not safe (and there were
definitely bad casts in the code). The close() function is now also
wrapped for cleanup in ouroboros/sockets.h.
This allows enabling more compiler checks.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
| |
The ugent email addresses are shut down, updated to Ouroboros mail
addresses.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
| |
Happy New Year, Ouroboros!
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
The function was returning under a cleanup handler, which is not
allowed. We don't do anything with the return value if the write
thread ends, so just stopping the thread is fine.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
| |
On a bad write, the writer thread would shutdown, leaving the
client hanging.
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
|
|
| |
This is more in line with the write() system call and prepares for
partial writes. Partial writes are disabled by default (and not yet
implemented).
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
| |
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
|
| |
|
|
|
|
|
| |
Updates the copyright notice in all sources to 2019.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
| |
This will change SDU (Service Data Unit) to packet everywhere. SDU is
OSI terminology, whereas packet is Ouroboros terminology.
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
This adds a --quiet -Q option to oping so it will only print the
statistics summary. Also fixes a division by 0 if duration is
specified with interval 0.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
| |
The oping tool can now select a qos spec to use. Allowed specs are
predefined an chosen using "raw", "best", "video" or "voice".
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
This adds out-of-order statistics to the oping tool. A packet is
considered out-of-order if its sequence number is lower than the
highest sequence number already received.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
This adds a timestamp option to oping, similar to the one in regular
ping and rinaperf, so that we can more easily correlate time and
latency.
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
|
| |
|
|
|
|
|
| |
This fixes two memleaks which were reported by cppcheck.
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
The oping tool was using a 1500 byte buffer, but didn't account for
partial reads when sending 1500 byte packets. This disables the
partial reads.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
|
|
| |
The rbuff uses the PTHREAD_COND_CLOCK for its condition variables, but
the flow_read was passing a time it got from the CLOCK_REALTIME_COARSE
clock. This causes the blocking reads not to timeout correctly.
The oping was updated to detect server timeouts and finish gracefully.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
| |
The reader thread was cancelled as soon as the writer was finished,
which resulted in missed responses and misreported packet loss.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
|
| |
This removes the dependencies for the tools on some ouroboros internal
headers (endian.h and time_utils.h) so they can be built out-of-tree.
The echo-app tool has been renamed oecho and the cbr tool has been
renamed ocbr.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
| |
Happy New Year, Ouroboros.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
|
|
| |
The oping client tried to cancel non-created pthreads if it was killed
during flow allocation, which caused a SEGV. The threads are now
stopped using a variable.
Fixes bug #2.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
| |
The oping tool now stores the time it sent the packet inside the SDU,
simplifying the implementation.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
|
|
| |
A more permissive license is needed on the tools since they serve as
example code for programs built on top of the ouroboros-dev and
ouroboros-irm libraries.
Signed-off-by: Dimitri Staessens <dimitri.staessens@ugent.be>
Signed-off-by: Sander Vrijders <sander.vrijders@ugent.be>
|
| |
|
|
|
|
|
| |
This replaces the flow_set_* commands with a single fccntl command
that can configure flows and the FRCT instance.
For more details, see "man 3 fccntl".
|
| |
|
|
|
|
|
|
|
|
| |
This revises the build system to have configuration per system
component. System settings can now be set using cmake.
The standard compliance defines were removed from configuration header
and are set in the sources where needed. Also some small code
refactors, such as moving the data for shims out of the ipcp structure
to the respective shims were performed.
|
| | |
|
| | |
|
| |
|
|
| |
This fixes a potential overflow when calculating the packet loss.
|
| |
|
|
|
|
| |
The flow_alloc_res and flow_alloc_resp calls have been removed. The
flow_alloc and flow_accept calls are now both blocking and take an
additional timeout argument.
|
| |
|
|
|
|
|
| |
Our mailserver was migrated from intec.ugent.be to the central
ugent.be emailserver. This PR updates the header files to reflect this
change as well. Some header files were also homogenized if the
parameters within the functions were badly aligned.
|
| |
|
|
|
| |
The AE name should not be passed over the layer boundaries. If an
application has more than one AE it should exchange this in CACEP.
|
| |
|
|
|
|
| |
Sometimes the receiver thread got the SDU before the writer thread has
set the sent time when testing over the local. The sent time is now
written before actually sending to avoid this.
|
| |
|
|
|
| |
Copyright is set to 2016 - 2017. License text on includes and sources
in the library are changed to indicate the LGPLv2.1 license.
|
| |
|
|
|
| |
This corrects the license statements on all files. Installed headers
are LGPLv2.1, the rest of the code is GPLv2.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Receiver timeouts can now be set on a flow using the flow_set_timeout
function. Specifying NULL disables the timeout. The flow_get_timeout
function gets the value for the timeout.
This commit also deprecates fcntl in favor of flow_get_flags and
flow_set_flags functions.
struct qos_spec is typedef'd as a qosspec_t.
The tools and cdap.c are updated to use the new API.
Fixes a bug in operf client where the client's writer thread wouldn't
cancel on SIGINT.
|
| |
|
|
|
|
| |
size_t is 32 bits on those machines, failing as an argument to
printf. Some variables in oping and operf were changed to uint32_t and
uint64_t to avoid issues.
|
| |
|
|
|
|
|
|
|
| |
If alloc_res fails all resources will be cleaned, except for the
assigned flow_descriptor, which must be released with a dealloc call.
Calling dealloc after a failed flow_alloc will not try to destroy the
already cleaned up flow in the IRMd and IPCPs.
Also fixes some memleaks in the oping client.
|
| | |
|
| |
|
|
|
| |
This has the code checked with -Wcast-qual and -Wconversion flags.
These flags were removed because SWIG generated code fails.
|
| |
|
|
|
| |
This reduces the risk for some bugs, for instance due to
signed/unsigned mismatches and unused variables.
|
| |
|
|
|
|
|
|
| |
The fast path will now use an incoming ring buffer per flow per
process. This necessitated the development of a new method for the
asynchronous io call, which is now based on an event queue system for
scalability (fqueue). The ipcpd's and tools have been updated to this
API.
|
| |
|
|
|
|
| |
The struct flow_set can now be accessed in applications as flow_set_t.
Fixes some malformed lines and homogenizes output when receiving bad
SDUs in the oping tool.
|
| |
|
|
| |
Now correctly handles and drops non-ouroboros traffic.
|
