Documentation/networking/strparser.rst

0001 .. SPDX-License-Identifier: GPL-2.0
0002
0003 =========================
0004 Stream Parser (strparser)
0005 =========================
0006
0007 Introduction
0008 ============
0009
0010 The stream parser (strparser) is a utility that parses messages of an
0011 application layer protocol running over a data stream. The stream
0012 parser works in conjunction with an upper layer in the kernel to provide
0013 kernel support for application layer messages. For instance, Kernel
0014 Connection Multiplexor (KCM) uses the Stream Parser to parse messages
0015 using a BPF program.
0016
0017 The strparser works in one of two modes: receive callback or general
0018 mode.
0019
0020 In receive callback mode, the strparser is called from the data_ready
0021 callback of a TCP socket. Messages are parsed and delivered as they are
0022 received on the socket.
0023
0024 In general mode, a sequence of skbs are fed to strparser from an
0025 outside source. Message are parsed and delivered as the sequence is
0026 processed. This modes allows strparser to be applied to arbitrary
0027 streams of data.
0028
0029 Interface
0030 =========
0031
0032 The API includes a context structure, a set of callbacks, utility
0033 functions, and a data_ready function for receive callback mode. The
0034 callbacks include a parse_msg function that is called to perform
0035 parsing (e.g.  BPF parsing in case of KCM), and a rcv_msg function
0036 that is called when a full message has been completed.
0037
0038 Functions
0039 =========
0040
0041      ::
0042
0043         strp_init(struct strparser *strp, struct sock *sk,
0044                 const struct strp_callbacks *cb)
0045
0046      Called to initialize a stream parser. strp is a struct of type
0047      strparser that is allocated by the upper layer. sk is the TCP
0048      socket associated with the stream parser for use with receive
0049      callback mode; in general mode this is set to NULL. Callbacks
0050      are called by the stream parser (the callbacks are listed below).
0051
0052      ::
0053
0054         void strp_pause(struct strparser *strp)
0055
0056      Temporarily pause a stream parser. Message parsing is suspended
0057      and no new messages are delivered to the upper layer.
0058
0059      ::
0060
0061         void strp_unpause(struct strparser *strp)
0062
0063      Unpause a paused stream parser.
0064
0065      ::
0066
0067         void strp_stop(struct strparser *strp);
0068
0069      strp_stop is called to completely stop stream parser operations.
0070      This is called internally when the stream parser encounters an
0071      error, and it is called from the upper layer to stop parsing
0072      operations.
0073
0074      ::
0075
0076         void strp_done(struct strparser *strp);
0077
0078      strp_done is called to release any resources held by the stream
0079      parser instance. This must be called after the stream processor
0080      has been stopped.
0081
0082      ::
0083
0084         int strp_process(struct strparser *strp, struct sk_buff *orig_skb,
0085                          unsigned int orig_offset, size_t orig_len,
0086                          size_t max_msg_size, long timeo)
0087
0088     strp_process is called in general mode for a stream parser to
0089     parse an sk_buff. The number of bytes processed or a negative
0090     error number is returned. Note that strp_process does not
0091     consume the sk_buff. max_msg_size is maximum size the stream
0092     parser will parse. timeo is timeout for completing a message.
0093
0094     ::
0095
0096         void strp_data_ready(struct strparser *strp);
0097
0098     The upper layer calls strp_tcp_data_ready when data is ready on
0099     the lower socket for strparser to process. This should be called
0100     from a data_ready callback that is set on the socket. Note that
0101     maximum messages size is the limit of the receive socket
0102     buffer and message timeout is the receive timeout for the socket.
0103
0104     ::
0105
0106         void strp_check_rcv(struct strparser *strp);
0107
0108     strp_check_rcv is called to check for new messages on the socket.
0109     This is normally called at initialization of a stream parser
0110     instance or after strp_unpause.
0111
0112 Callbacks
0113 =========
0114
0115 There are six callbacks:
0116
0117     ::
0118
0119         int (*parse_msg)(struct strparser *strp, struct sk_buff *skb);
0120
0121     parse_msg is called to determine the length of the next message
0122     in the stream. The upper layer must implement this function. It
0123     should parse the sk_buff as containing the headers for the
0124     next application layer message in the stream.
0125
0126     The skb->cb in the input skb is a struct strp_msg. Only
0127     the offset field is relevant in parse_msg and gives the offset
0128     where the message starts in the skb.
0129
0130     The return values of this function are:
0131
0132     =========    ===========================================================
0133     >0           indicates length of successfully parsed message
0134     0            indicates more data must be received to parse the message
0135     -ESTRPIPE    current message should not be processed by the
0136                  kernel, return control of the socket to userspace which
0137                  can proceed to read the messages itself
0138     other < 0    Error in parsing, give control back to userspace
0139                  assuming that synchronization is lost and the stream
0140                  is unrecoverable (application expected to close TCP socket)
0141     =========    ===========================================================
0142
0143     In the case that an error is returned (return value is less than
0144     zero) and the parser is in receive callback mode, then it will set
0145     the error on TCP socket and wake it up. If parse_msg returned
0146     -ESTRPIPE and the stream parser had previously read some bytes for
0147     the current message, then the error set on the attached socket is
0148     ENODATA since the stream is unrecoverable in that case.
0149
0150     ::
0151
0152         void (*lock)(struct strparser *strp)
0153
0154     The lock callback is called to lock the strp structure when
0155     the strparser is performing an asynchronous operation (such as
0156     processing a timeout). In receive callback mode the default
0157     function is to lock_sock for the associated socket. In general
0158     mode the callback must be set appropriately.
0159
0160     ::
0161
0162         void (*unlock)(struct strparser *strp)
0163
0164     The unlock callback is called to release the lock obtained
0165     by the lock callback. In receive callback mode the default
0166     function is release_sock for the associated socket. In general
0167     mode the callback must be set appropriately.
0168
0169     ::
0170
0171         void (*rcv_msg)(struct strparser *strp, struct sk_buff *skb);
0172
0173     rcv_msg is called when a full message has been received and
0174     is queued. The callee must consume the sk_buff; it can
0175     call strp_pause to prevent any further messages from being
0176     received in rcv_msg (see strp_pause above). This callback
0177     must be set.
0178
0179     The skb->cb in the input skb is a struct strp_msg. This
0180     struct contains two fields: offset and full_len. Offset is
0181     where the message starts in the skb, and full_len is the
0182     the length of the message. skb->len - offset may be greater
0183     then full_len since strparser does not trim the skb.
0184
0185     ::
0186
0187         int (*read_sock_done)(struct strparser *strp, int err);
0188
0189      read_sock_done is called when the stream parser is done reading
0190      the TCP socket in receive callback mode. The stream parser may
0191      read multiple messages in a loop and this function allows cleanup
0192      to occur when exiting the loop. If the callback is not set (NULL
0193      in strp_init) a default function is used.
0194
0195      ::
0196
0197         void (*abort_parser)(struct strparser *strp, int err);
0198
0199      This function is called when stream parser encounters an error
0200      in parsing. The default function stops the stream parser and
0201      sets the error in the socket if the parser is in receive callback
0202      mode. The default function can be changed by setting the callback
0203      to non-NULL in strp_init.
0204
0205 Statistics
0206 ==========
0207
0208 Various counters are kept for each stream parser instance. These are in
0209 the strp_stats structure. strp_aggr_stats is a convenience structure for
0210 accumulating statistics for multiple stream parser instances.
0211 save_strp_stats and aggregate_strp_stats are helper functions to save
0212 and aggregate statistics.
0213
0214 Message assembly limits
0215 =======================
0216
0217 The stream parser provide mechanisms to limit the resources consumed by
0218 message assembly.
0219
0220 A timer is set when assembly starts for a new message. In receive
0221 callback mode the message timeout is taken from rcvtime for the
0222 associated TCP socket. In general mode, the timeout is passed as an
0223 argument in strp_process. If the timer fires before assembly completes
0224 the stream parser is aborted and the ETIMEDOUT error is set on the TCP
0225 socket if in receive callback mode.
0226
0227 In receive callback mode, message length is limited to the receive
0228 buffer size of the associated TCP socket. If the length returned by
0229 parse_msg is greater than the socket buffer size then the stream parser
0230 is aborted with EMSGSIZE error set on the TCP socket. Note that this
0231 makes the maximum size of receive skbuffs for a socket with a stream
0232 parser to be 2*sk_rcvbuf of the TCP socket.
0233
0234 In general mode the message length limit is passed in as an argument
0235 to strp_process.
0236
0237 Author
0238 ======
0239
0240 Tom Herbert (tom@quantonium.net)