WIP - introduce new process plugin API

Author: Pavel Siska

process-plugin-api/Makefile

@@ -0,0 +1,14 @@
+CXX := g++
+CXXFLAGS := -std=c++20 -Wall -Wextra -pedantic -Wunused -Wconversion -Wsign-conversion -g -fsanitize=address
+TARGET := ipx
+SRC := main.cpp
+
+.PHONY: all clean
+
+all: $(TARGET)
+
+$(TARGET): $(SRC)
+	$(CXX) $(CXXFLAGS) $^ -o $@
+
+clean:
+	rm -f $(TARGET)

process-plugin-api/biflowPair.hpp

@@ -0,0 +1,48 @@
+#pragma once
+
+#include <string>
+#include <utility>
+
+/**
+ * @brief Represents a pair of field names that are semantically linked in a bidirectional flow.
+ *
+ * The order of the fields does not matter; (A, B) is considered equal to (B, A).
+ */
+struct BiflowPair {
+	std::string forwardField; ///< Field name representing the forward direction.
+	std::string reverseField; ///< Field name representing the reverse direction.
+
+	/**
+	 * @brief Constructs a BiflowPair with the given field names.
+	 *
+	 * @param forward Name of the forward-direction field.
+	 * @param reverse Name of the reverse-direction field.
+	 */
+	BiflowPair(std::string forward, std::string reverse)
+		: forwardField(std::move(forward))
+		, reverseField(std::move(reverse))
+	{
+	}
+
+	/**
+	 * @brief Compares two BiflowPairs for equality.
+	 *
+	 * The comparison is order-independent: (A, B) == (B, A).
+	 *
+	 * @param other The BiflowPair to compare with.
+	 * @return true if the pairs are semantically equal.
+	 */
+	bool operator==(const BiflowPair& other) const
+	{
+		return (forwardField == other.forwardField && reverseField == other.reverseField)
+			|| (forwardField == other.reverseField && reverseField == other.forwardField);
+	}
+
+	/**
+	 * @brief Compares two BiflowPairs for inequality.
+	 *
+	 * @param other The BiflowPair to compare with.
+	 * @return true if the pairs are not equal.
+	 */
+	bool operator!=(const BiflowPair& other) const { return !(*this == other); }
+};

process-plugin-api/dummyProcessPlugin.hpp

@@ -0,0 +1,202 @@
+#pragma once
+
+#include "fieldHandler.hpp"
+#include "fieldManager.hpp"
+#include "fieldSchema.hpp"
+#include "processPlugin.hpp"
+#include "flowRecord.hpp"
+
+enum Direction : std::size_t { Forward = 0, Reverse = 1 };
+
+template<typename T>
+struct DirectionalField {
+	T values[2];
+
+	T& operator[](Direction d) { return values[static_cast<std::size_t>(d)]; }
+	const T& operator[](Direction d) const { return values[static_cast<std::size_t>(d)]; }
+};
+
+/*
+struct DummyExport {
+	uint8_t ipTtl;
+	uint8_t ipTtlRev;
+	uint8_t ipFlag;
+	uint8_t ipFlagRev;
+	uint16_t tcpWindow = 100;
+	uint16_t tcpWindowRev;
+	uint64_t tcpOption;
+	uint64_t tcpOptionRev;
+	uint32_t tcpMss;
+	uint32_t tcpMssRev;
+	uint16_t tcpSynSize;
+	std::vector<uint64_t> packets;
+	std::vector<uint64_t> packetsRev;
+};
+*/
+
+struct DummyExport {
+	DirectionalField<uint8_t> ipTtl;
+	DirectionalField<uint8_t> ipFlag;
+	DirectionalField<uint16_t> tcpWindow;
+	DirectionalField<uint64_t> tcpOption;
+	DirectionalField<uint32_t> tcpMss;
+	uint16_t tcpSynSize;
+	DirectionalField<std::vector<uint64_t>> packets;
+};
+
+enum class DummyFields : std::size_t {
+	IP_TTL = 0,
+	IP_TTL_REV,
+	IP_FLG,
+	IP_FLG_REV,
+	TCP_WIN,
+	TCP_WIN_REV,
+	TCP_OPT,
+	TCP_OPT_REV,
+	TCP_MSS,
+	TCP_MSS_REV,
+	TCP_SYN_SIZE,
+	PACKETS,
+	PACKETS_REV,
+	FIELDS_SIZE,
+};
+
+static FieldSchema createDummySchema()
+{
+	FieldSchema schema("basicplus");
+
+	schema.addScalarField<uint8_t>(
+		"IP_TTL",
+		FieldDirection::Forward,
+		offsetof(DummyExport, ipTtl.values[Direction::Forward]));
+	schema.addScalarField<uint8_t>(
+		"IP_TTL_REV",
+		FieldDirection::Reverse,
+		offsetof(DummyExport, ipTtl.values[Direction::Reverse]));
+	schema.addScalarField<uint8_t>(
+		"IP_FLG",
+		FieldDirection::Forward,
+		offsetof(DummyExport, ipFlag.values[Direction::Forward]));
+	schema.addScalarField<uint8_t>(
+		"IP_FLG_REV",
+		FieldDirection::Reverse,
+		offsetof(DummyExport, ipFlag.values[Direction::Reverse]));
+	schema.addScalarField<uint16_t>(
+		"TCP_WIN",
+		FieldDirection::Forward,
+		offsetof(DummyExport, tcpWindow.values[Direction::Forward]));
+	schema.addScalarField<uint16_t>(
+		"TCP_WIN_REV",
+		FieldDirection::Reverse,
+		offsetof(DummyExport, tcpWindow.values[Direction::Reverse]));
+	schema.addScalarField<uint64_t>(
+		"TCP_OPT",
+		FieldDirection::Forward,
+		offsetof(DummyExport, tcpOption.values[Direction::Forward]));
+	schema.addScalarField<uint64_t>(
+		"TCP_OPT_REV",
+		FieldDirection::Reverse,
+		offsetof(DummyExport, tcpOption.values[Direction::Reverse]));
+	schema.addScalarField<uint32_t>(
+		"TCP_MSS",
+		FieldDirection::Forward,
+		offsetof(DummyExport, tcpMss.values[Direction::Forward]));
+	schema.addScalarField<uint32_t>(
+		"TCP_MSS_REV",
+		FieldDirection::Reverse,
+		offsetof(DummyExport, tcpMss.values[Direction::Reverse]));
+	schema.addScalarField<uint16_t>(
+		"TCP_SYN_SIZE",
+		FieldDirection::DirectionalIndifferent,
+		offsetof(DummyExport, tcpSynSize));
+
+	schema.addVectorField<uint64_t>(
+		"PACKETS",
+		FieldDirection::Forward,
+		[](const void* thisPtr) -> std::span<const uint64_t> {
+			return reinterpret_cast<const DummyExport*>(thisPtr)
+				->packets.values[Direction::Forward];
+		});
+
+	schema.addVectorField<uint64_t>(
+		"PACKETS_REV",
+		FieldDirection::Forward,
+		[](const void* thisPtr) -> std::span<const uint64_t> {
+			return reinterpret_cast<const DummyExport*>(thisPtr)
+				->packets.values[Direction::Reverse];
+		});
+
+	schema.addBiflowPair("IP_TTL", "IP_TTL_REV");
+	schema.addBiflowPair("IP_FLG", "IP_FLG_REV");
+	schema.addBiflowPair("TCP_WIN", "TCP_WIN_REV");
+	schema.addBiflowPair("TCP_OPT", "TCP_OPT_REV");
+	schema.addBiflowPair("TCP_MSS", "TCP_MSS_REV");
+	schema.addBiflowPair("PACKETS", "PACKETS_REV");
+
+	return schema;
+}
+
+class DummyPlugin
+	: private FieldHandlers<DummyFields>
+	, public ProcessPlugin {
+public:
+	DummyPlugin(const std::string& params, FieldManager& manager)
+	{
+		const FieldSchema schema = createDummySchema();
+		const FieldSchemaHandler schemaHandler = manager.registerSchema(schema);
+
+		(void) params;
+
+		m_fieldHandlers[DummyFields::TCP_WIN] = schemaHandler.getFieldHandler("TCP_WIN");
+		m_fieldHandlers[DummyFields::TCP_OPT] = schemaHandler.getFieldHandler("TCP_OPT");
+		m_fieldHandlers[DummyFields::TCP_OPT_REV] = schemaHandler.getFieldHandler("TCP_OPT_REV");
+		m_fieldHandlers[DummyFields::PACKETS] = schemaHandler.getFieldHandler("PACKETS");
+		m_fieldHandlers[DummyFields::PACKETS_REV] = schemaHandler.getFieldHandler("PACKETS_REV");
+		// je potreba inicializovat vsechny fieldy
+	}
+
+	FlowAction onFlowCreate(FlowRecord& flowRecord, const Packet& packet) override
+	{
+		(void) packet;
+
+		m_exportData.tcpOption[Direction::Forward] = 156;
+		m_exportData.tcpOption[Direction::Reverse] = 1689;
+
+		// kdyz field dostane hodnotu, je potreba ho oznacit jako dostupny
+
+		m_fieldHandlers[DummyFields::TCP_OPT].setAsAvailable(flowRecord);
+		m_fieldHandlers[DummyFields::TCP_OPT_REV].setAsAvailable(flowRecord);
+
+		return FlowAction::RequestNoData;
+	}
+
+	FlowAction onFlowUpdate(FlowRecord& flowRecord, const Packet& packet) override
+	{
+		(void) flowRecord;
+		(void) packet;
+
+		m_exportData.packets[Direction::Forward] = {1, 2, 3, 4, 5, 6};
+		m_fieldHandlers[DummyFields::PACKETS].setAsAvailable(flowRecord);
+
+		return FlowAction::RequestNoData;
+	}
+
+	void onFlowExport() override {}
+
+	const void* getExportData() const noexcept override { return &m_exportData; }
+
+	ProcessPlugin* clone(std::byte* constructAtAddress) const override
+	{
+		return std::construct_at(reinterpret_cast<DummyPlugin*>(constructAtAddress), *this);
+	}
+
+	std::string getName() const override { return "DummyPlugin"; }
+
+	~DummyPlugin() override {}
+
+	DummyPlugin(const DummyPlugin& other) = default;
+	DummyPlugin(DummyPlugin&& other) = delete;
+
+private:
+	DummyExport m_exportData;
+};

process-plugin-api/fieldAccessor.hpp

@@ -0,0 +1,97 @@
+#pragma once
+
+#include <cstdint>
+#include <functional>
+#include <span>
+#include <string>
+#include <variant>
+
+/**
+ * @brief Accessor for reading a scalar field of type T from a binary structure using offset.
+ *
+ * Typically used when the field is stored at a known offset in a flat structure.
+ *
+ * @tparam T Type of the field (e.g. uint32_t, float, etc.).
+ */
+template<typename T>
+struct ScalarAccessor {
+	/// Construct accessor using byte offset from the base pointer.
+	explicit constexpr ScalarAccessor(std::size_t offset) noexcept
+		: offset(offset)
+	{
+	}
+
+	/// Read the scalar value from the provided memory.
+	T operator()(const void* data) const
+	{
+		return *reinterpret_cast<const T*>(static_cast<const char*>(data) + offset);
+	}
+
+	/// Byte offset of the field in the source structure.
+	std::size_t offset;
+};
+
+/**
+ * @brief Accessor for reading a read-only vector-like field using a lambda function.
+ *
+ * This accessor supports any container that can be viewed as `std::span<const T>`,
+ * such as:
+ *  - `std::vector<T>`
+ *  - `std::array<T, N>`
+ *  - C-style arrays `T[N]` (when the size is known)
+ *  - any custom container or accessor function returning `std::span<const T>`
+ *
+ *
+ * @tparam T Element type of the vector (e.g. `uint64_t`)
+ */
+template<typename T>
+struct VectorAccessor {
+	/// Type of the getter function that extracts a span from the given structure pointer.
+	using GetterFunc = std::function<std::span<const T>(const void*)>;
+
+	/// Construct the accessor with a user-supplied lambda or function.
+	explicit VectorAccessor(GetterFunc func)
+		: func(std::move(func))
+	{
+	}
+
+	/// Call the accessor to get a span of values from the provided structure pointer.
+	std::span<const T> operator()(const void* data) const { return func(data); }
+
+private:
+	GetterFunc func;
+};
+
+// Type-erased scalar getter for supported field types
+using ScalarValueGetter = std::variant<
+	ScalarAccessor<uint8_t>,
+	ScalarAccessor<uint16_t>,
+	ScalarAccessor<uint32_t>,
+	ScalarAccessor<uint64_t>,
+	ScalarAccessor<int8_t>,
+	ScalarAccessor<int16_t>,
+	ScalarAccessor<int32_t>,
+	ScalarAccessor<int64_t>,
+	ScalarAccessor<float>,
+	ScalarAccessor<double>>;
+
+// Type-erased vector getter for supported field types
+using VectorValueGetter = std::variant<
+	VectorAccessor<uint8_t>,
+	VectorAccessor<uint16_t>,
+	VectorAccessor<uint32_t>,
+	VectorAccessor<uint64_t>,
+	VectorAccessor<int8_t>,
+	VectorAccessor<int16_t>,
+	VectorAccessor<int32_t>,
+	VectorAccessor<int64_t>,
+	VectorAccessor<float>,
+	VectorAccessor<double>,
+	VectorAccessor<std::string>>;
+
+/**
+ * @brief Generic (type-erased) value getter that supports both scalar and vector types.
+ *
+ * Used in output fields to provide unified access to underlying data.
+ */
+using GenericValueGetter = std::variant<ScalarValueGetter, VectorValueGetter>;

process-plugin-api/fieldDescription.hpp

@@ -0,0 +1,29 @@
+#pragma once
+
+#include "fieldAccessor.hpp"
+#include "fieldDirection.hpp"
+
+#include <cstdint>
+#include <string>
+#include <variant>
+
+/**
+ * @brief Describes a field in a flow record schema.
+ *
+ * Contains metadata necessary to identify and access a field value,
+ * such as its group (e.g., "http", "tcp"), name (e.g., "IP_TTL"), direction
+ * (forward, reverse, or indifferent), and value accessor.
+ */
+struct FieldDescription {
+	/// Logical group to which this field belongs (e.g., "tls", "dns").
+	std::string group;
+
+	/// Name of the field (e.g., "SRC_PORT", "IP_TTL").
+	std::string name;
+
+	/// Direction of the field (Forward, Reverse, DirectionalIndifferent).
+	FieldDirection direction;
+
+	/// Value getter that allows access to the field's value in a record.
+	GenericValueGetter getter;
+};