Skip to content

Implement MsQuicConfiguration cache #99371

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 12 commits into from
Mar 21, 2024
+314 −15
Merged

Implement MsQuicConfiguration cache #99371

Show file tree
Hide file tree
Changes from 9 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
8b81795
Implement MsQuicConfiguration cache
rzikm Mar 6, 2024
6f94f38
Fix creds with custom cipher suites
rzikm Mar 7, 2024
34c314d
Polishing
rzikm Mar 7, 2024
6825c3a
Dispose discarded handle when racing to add into cache
rzikm Mar 7, 2024
b5689a5
Shuffle code around, add AppCtx switch for disabling
rzikm Mar 11, 2024
40c4bc2
Code review feedback
rzikm Mar 11, 2024
82965d2
Add comments, minor fixes
rzikm Mar 11, 2024
0578632
Fix failing test on Windows
rzikm Mar 11, 2024
8e26582
Code review feedback
rzikm Mar 15, 2024
c1ddffb
Apply suggestions from code review
rzikm Mar 18, 2024
ebab536
Code review changes
rzikm Mar 18, 2024
3e82d24
Merge branch 'main' into 98354-QUIC-MsQuicConfiguration-cache
rzikm Mar 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
242 changes: 242 additions & 0 deletions src/libraries/System.Net.Quic/src/System/Net/Quic/Internal/MsQuicConfiguration.Cache.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,242 @@
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.

using System.Diagnostics;
using System.Collections.Generic;
using System.Collections.Concurrent;
using System.Collections.ObjectModel;
using System.Security.Authentication;
using System.Net.Security;
using System.Security.Cryptography.X509Certificates;
using System.Threading;
using Microsoft.Quic;

namespace System.Net.Quic;

internal static partial class MsQuicConfiguration
{
private const int CheckExpiredModulo = 32;

private const string DisableCacheEnvironmentVariable = "DOTNET_SYSTEM_NET_QUIC_DISABLE_CONFIGURATION_CACHE";
private const string DisableCacheCtxSwitch = "System.Net.Quic.DisableConfigurationCache";

private static volatile int s_configurationCacheEnabled = -1;
internal static bool ConfigurationCacheEnabled
{
get
{
int enabled = s_configurationCacheEnabled;
if (enabled != -1)
{
return enabled != 0;
}

// AppContext switch takes precedence
if (AppContext.TryGetSwitch(DisableCacheCtxSwitch, out bool value))
{
s_configurationCacheEnabled = value ? 0 : 1;
}
else
{
// check environment variable
s_configurationCacheEnabled = Environment.GetEnvironmentVariable(DisableCacheEnvironmentVariable) is string envVar && (envVar == "1" || envVar.Equals("true", StringComparison.OrdinalIgnoreCase)) ? 0 : 1;
}

return s_configurationCacheEnabled != 0;
}
}

private static readonly ConcurrentDictionary<CacheKey, MsQuicConfigurationSafeHandle> s_configurationCache = new();

private readonly struct CacheKey : IEquatable<CacheKey>
{
public readonly List<byte[]> CertificateThumbprints;
public readonly QUIC_CREDENTIAL_FLAGS Flags;
public readonly QUIC_SETTINGS Settings;
public readonly List<SslApplicationProtocol> ApplicationProtocols;
public readonly QUIC_ALLOWED_CIPHER_SUITE_FLAGS AllowedCipherSuites;

public CacheKey(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites)
{
CertificateThumbprints = certificate == null ? new List<byte[]>() : new List<byte[]> { certificate.GetCertHash() };

if (intermediates != null)
{
foreach (X509Certificate2 intermediate in intermediates)
{
CertificateThumbprints.Add(intermediate.GetCertHash());
}
}

Flags = flags;
Settings = settings;
// make defensive copy to prevent modification (the list comes from user code)
ApplicationProtocols = new List<SslApplicationProtocol>(alpnProtocols);
AllowedCipherSuites = allowedCipherSuites;
}

public override bool Equals(object? obj) => obj is CacheKey key && Equals(key);

public bool Equals(CacheKey other)
{
if (CertificateThumbprints.Count != other.CertificateThumbprints.Count)
{
return false;
}

for (int i = 0; i < CertificateThumbprints.Count; i++)
{
if (!CertificateThumbprints[i].AsSpan().SequenceEqual(other.CertificateThumbprints[i]))
{
return false;
}
}

if (ApplicationProtocols.Count != other.ApplicationProtocols.Count)
{
return false;
}

for (int i = 0; i < ApplicationProtocols.Count; i++)
{
if (ApplicationProtocols[i] != other.ApplicationProtocols[i])
{
return false;
}
}

return
Flags == other.Flags &&
Settings.Equals(other.Settings) &&
AllowedCipherSuites == other.AllowedCipherSuites;
}

public override int GetHashCode()
{
HashCode hash = default;

foreach (var thumbprint in CertificateThumbprints)
{
hash.AddBytes(thumbprint);
}

hash.Add(Flags);
hash.Add(Settings);

foreach (var protocol in ApplicationProtocols)
{
hash.AddBytes(protocol.Protocol.Span);
}

hash.Add(AllowedCipherSuites);

return hash.ToHashCode();
}
}

private static MsQuicConfigurationSafeHandle GetCachedCredentialOrCreate(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites)
{
CacheKey key = new CacheKey(settings, flags, certificate, intermediates, alpnProtocols, allowedCipherSuites);

MsQuicConfigurationSafeHandle? handle;

if (s_configurationCache.TryGetValue(key, out handle) && handle.TryAddRentCount())
{
if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"Found cached MsQuicConfiguration: {handle}.");
}
return handle;
}

// if we get here, the handle is either not in the cache, or we lost the race between
// TryAddRentCount on this thread and MarkForDispose on another thread doing cache cleanup.
// In either case, we need to create a new handle.

if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"MsQuicConfiguration not found in cache, creating new.");
}

handle = CreateInternal(settings, flags, certificate, intermediates, alpnProtocols, allowedCipherSuites);
handle.TryAddRentCount(); // we are the first renter

MsQuicConfigurationSafeHandle cached;
do
{
cached = s_configurationCache.GetOrAdd(key, handle);
}
// If we get the same handle back, we successfully added it to the cache and we are done.
// If we get a different handle back, we need to increase the rent count.
// If we fail to add the rent count, then the existing/cached handle is in process of
// being removed from the cache and we can try again, eventually either succeeding to add our
// new handle or getting a fresh handle inserted by another thread meanwhile.
while (cached != handle && !cached.TryAddRentCount());

if (cached != handle)
{
// we lost a race with another thread to insert new handle into the cache
if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"Discarding MsQuicConfiguration {handle} (preferring cached {cached}).");
}

// First dispose decrements the rent count we added before attempting the cache insertion
// and second closes the handle
handle.Dispose();
handle.Dispose();
Debug.Assert(handle.IsClosed);

return cached;
}

// we added a new handle, check if we need to cleanup
if (s_configurationCache.Count % CheckExpiredModulo == 0)
Copy link
Member

@MihaZupan MihaZupan Mar 15, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This may lead to frequently throwing out and recreating entries once you have > 32 certs in use.
E.g. you're talking to 40 different hosts, and every time you reach 32 most of these objects will be idle so they're all thrown out, and you start from the beginning.

It may be worth adding slightly more logic here (e.g. skip throwing away entries that were used in the last second / use a timer instead of checking Count / allow only one CleanupCache call per X amount of time ...)

Copy link
Member Author

@rzikm rzikm Mar 18, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The strategy has been copied from the one we do in SslStream for Windows, I am not aware of any reported issues of too frequent cleanup (but maybe it just was not used for this sort of thing, cc @wfurt) and the code over there is ancient. How common is such a scenario?

My thoughts on this is to keep it simple, we are not trying to prevent all unnecessary allocations, only the frequent ones, if, say, app rotates 40 different configurations but does outbound connection once every second (i.e. 40s to rotate through all of them), then I don't think creating a fresh configuration makes a measurable dent in CPU usage.

If the app makes very frequent connections to multiple hosts and we should care about not doing extra work, then most of the configurations would still be in use and once there is a burst of connections and we stay above 32 connections, then there is no attempt for cleanup until the cache goes to 64 items, and so on.

I am not opposed to adding additional conditions for the cleanup, but adding additional conditions like "only 1 cleanup per X seconds" feels arbitrary without a more concrete evidence that it will help.

Another option would be making the cache cleanup size configurable via envvar so that we have a way out if some customer hits the issue.

Copy link
Member

@ManickaP ManickaP Mar 19, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMHO, this seems sufficient atm and if this proves problematic, we can always revisit the logic here.

{
// let only one thread perform cleanup at a time
lock (s_configurationCache)
{
if (s_configurationCache.Count % CheckExpiredModulo == 0)
{
CleanupCache();
}
}
}

return handle;
}

private static void CleanupCache()
{
KeyValuePair<CacheKey, MsQuicConfigurationSafeHandle>[] toRemoveAttempt = s_configurationCache.ToArray();

if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"Cleaning up MsQuicConfiguration cache, current size: {toRemoveAttempt.Length}.");
}

foreach ((CacheKey key, MsQuicConfigurationSafeHandle handle) in toRemoveAttempt)
{
if (!handle.TryMarkForDispose())
{
// handle in use
continue;
}

// the handle is not in use and has been marked such that no new rents can be added.
if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"Removing cached MsQuicConfiguration {handle}.");
}
bool removed = s_configurationCache.TryRemove(key, out _);
Debug.Assert(removed);
handle.Dispose();
Debug.Assert(handle.IsClosed);
}

if (NetEventSource.Log.IsEnabled())
{
NetEventSource.Info(null, $"Cleaning up MsQuicConfiguration cache, new size: {s_configurationCache.Count}.");
}
}
}
46 changes: 33 additions & 13 deletions src/libraries/System.Net.Quic/src/System/Net/Quic/Internal/MsQuicConfiguration.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,12 @@

namespace System.Net.Quic;

internal static class MsQuicConfiguration
internal static partial class MsQuicConfiguration
{
private static bool HasPrivateKey(this X509Certificate certificate)
=> certificate is X509Certificate2 certificate2 && certificate2.Handle != IntPtr.Zero && certificate2.HasPrivateKey;

public static MsQuicSafeHandle Create(QuicClientConnectionOptions options)
public static MsQuicConfigurationSafeHandle Create(QuicClientConnectionOptions options)
{
SslClientAuthenticationOptions authenticationOptions = options.ClientAuthenticationOptions;

Expand Down Expand Up @@ -79,7 +79,7 @@ public static MsQuicSafeHandle Create(QuicClientConnectionOptions options)
return Create(options, flags, certificate, intermediates, authenticationOptions.ApplicationProtocols, authenticationOptions.CipherSuitesPolicy, authenticationOptions.EncryptionPolicy);
}

public static MsQuicSafeHandle Create(QuicServerConnectionOptions options, string? targetHost)
public static MsQuicConfigurationSafeHandle Create(QuicServerConnectionOptions options, string? targetHost)
{
SslServerAuthenticationOptions authenticationOptions = options.ServerAuthenticationOptions;

Expand Down Expand Up @@ -117,7 +117,7 @@ public static MsQuicSafeHandle Create(QuicServerConnectionOptions options, strin
return Create(options, flags, certificate, intermediates, authenticationOptions.ApplicationProtocols, authenticationOptions.CipherSuitesPolicy, authenticationOptions.EncryptionPolicy);
}

private static unsafe MsQuicSafeHandle Create(QuicConnectionOptions options, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol>? alpnProtocols, CipherSuitesPolicy? cipherSuitesPolicy, EncryptionPolicy encryptionPolicy)
private static MsQuicConfigurationSafeHandle Create(QuicConnectionOptions options, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol>? alpnProtocols, CipherSuitesPolicy? cipherSuitesPolicy, EncryptionPolicy encryptionPolicy)
{
// Validate options and SSL parameters.
if (alpnProtocols is null || alpnProtocols.Count <= 0)
Expand Down Expand Up @@ -176,31 +176,51 @@ private static unsafe MsQuicSafeHandle Create(QuicConnectionOptions options, QUI
: 0; // 0 disables the timeout
}

QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites = QUIC_ALLOWED_CIPHER_SUITE_FLAGS.NONE;

if (cipherSuitesPolicy != null)
{
flags |= QUIC_CREDENTIAL_FLAGS.SET_ALLOWED_CIPHER_SUITES;
allowedCipherSuites = CipherSuitePolicyToFlags(cipherSuitesPolicy);
}

if (!MsQuicApi.UsesSChannelBackend)
{
flags |= QUIC_CREDENTIAL_FLAGS.USE_PORTABLE_CERTIFICATES;
}

if (ConfigurationCacheEnabled)
{
return GetCachedCredentialOrCreate(settings, flags, certificate, intermediates, alpnProtocols, allowedCipherSuites);
}

return CreateInternal(settings, flags, certificate, intermediates, alpnProtocols, allowedCipherSuites);
}

private static unsafe MsQuicConfigurationSafeHandle CreateInternal(QUIC_SETTINGS settings, QUIC_CREDENTIAL_FLAGS flags, X509Certificate? certificate, ReadOnlyCollection<X509Certificate2>? intermediates, List<SslApplicationProtocol> alpnProtocols, QUIC_ALLOWED_CIPHER_SUITE_FLAGS allowedCipherSuites)
{
QUIC_HANDLE* handle;

using MsQuicBuffers msquicBuffers = new MsQuicBuffers();
msquicBuffers.Initialize(alpnProtocols, alpnProtocol => alpnProtocol.Protocol);
ThrowHelper.ThrowIfMsQuicError(MsQuicApi.Api.ConfigurationOpen(
MsQuicApi.Api.Registration,
msquicBuffers.Buffers,
(uint)alpnProtocols.Count,
(uint)msquicBuffers.Count,
&settings,
(uint)sizeof(QUIC_SETTINGS),
(void*)IntPtr.Zero,
&handle),
"ConfigurationOpen failed");
MsQuicSafeHandle configurationHandle = new MsQuicSafeHandle(handle, SafeHandleType.Configuration);
MsQuicConfigurationSafeHandle configurationHandle = new MsQuicConfigurationSafeHandle(handle);

try
{
QUIC_CREDENTIAL_CONFIG config = new QUIC_CREDENTIAL_CONFIG { Flags = flags };
config.Flags |= (MsQuicApi.UsesSChannelBackend ? QUIC_CREDENTIAL_FLAGS.NONE : QUIC_CREDENTIAL_FLAGS.USE_PORTABLE_CERTIFICATES);

if (cipherSuitesPolicy != null)
QUIC_CREDENTIAL_CONFIG config = new QUIC_CREDENTIAL_CONFIG
{
config.Flags |= QUIC_CREDENTIAL_FLAGS.SET_ALLOWED_CIPHER_SUITES;
config.AllowedCipherSuites = CipherSuitePolicyToFlags(cipherSuitesPolicy);
}
Flags = flags,
AllowedCipherSuites = allowedCipherSuites
};

int status;
if (certificate is null)
Expand Down
Loading