From: John Fastabend <john.fastabend@gmail.com>
To: tgraf@suug.ch, simon.horman@netronome.com, sfeldma@gmail.com
Cc: netdev@vger.kernel.org, jhs@mojatatu.com, davem@davemloft.net,
gerlitz.or@gmail.com, andy@greyhouse.net, ast@plumgrid.com
Subject: [net-next PATCH v3 03/12] net: flow: implement flow cache for get routines
Date: Tue, 20 Jan 2015 12:27:28 -0800 [thread overview]
Message-ID: <20150120202727.1741.30573.stgit@nitbit.x32> (raw)
In-Reply-To: <20150120202404.1741.8658.stgit@nitbit.x32>
I used rhashtable to implement a flow cache so software can track the
currently programmed rules without requiring every driver to
implement its own cache logic or fetch information from hardware.
I chose rhashtable to get the dynamic resizing.
Signed-off-by: John Fastabend <john.r.fastabend@intel.com>
---
include/linux/if_flow.h | 24 +++++++
net/core/flow_table.c | 152 +++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 169 insertions(+), 7 deletions(-)
diff --git a/include/linux/if_flow.h b/include/linux/if_flow.h
index 712b54f..07d7bca 100644
--- a/include/linux/if_flow.h
+++ b/include/linux/if_flow.h
@@ -21,6 +21,7 @@
#define _IF_FLOW_H
#include <uapi/linux/if_flow.h>
+#include <linux/rhashtable.h>
/**
* @struct net_flow_fields
@@ -134,6 +135,7 @@ struct net_flow_field_ref {
* @size max number of entries for table or -1 for unbounded
* @matches null terminated set of supported match types given by match uid
* @actions null terminated set of supported action types given by action uid
+ * @cache software cache of hardware flows
*/
struct net_flow_tbl {
char *name;
@@ -143,6 +145,7 @@ struct net_flow_tbl {
__u32 size;
struct net_flow_field_ref *matches;
__u32 *actions;
+ struct rhashtable cache;
};
/**
@@ -190,6 +193,8 @@ struct net_flow_tbl_node {
* @struct net_flow_rule
* @brief describes the match/action entry
*
+ * @node node for resizable hash table used for software cache of rules
+ * @rcu used to support delayed freeing via call_rcu in software cache
* @uid unique identifier for flow
* @priority priority to execute flow match/action in table
* @match null terminated set of match uids match criteria
@@ -198,10 +203,29 @@ struct net_flow_tbl_node {
* Flows must match all entries in match set.
*/
struct net_flow_rule {
+ struct rhash_head node;
+ struct rcu_head rcu;
__u32 table_id;
__u32 uid;
__u32 priority;
struct net_flow_field_ref *matches;
struct net_flow_action *actions;
};
+
+#ifdef CONFIG_NET_FLOW_TABLES
+int net_flow_init_cache(struct net_flow_tbl *table);
+void net_flow_destroy_cache(struct net_flow_tbl *table);
+#else
+static inline int
+net_flow_init_cache(struct net_flow_tbl *table)
+{
+ return 0;
+}
+
+static inline void
+net_flow_destroy_cache(struct net_flow_tbl *table)
+{
+ return;
+}
+#endif /* CONFIG_NET_FLOW_TABLES */
#endif /* _IF_FLOW_H_ */
diff --git a/net/core/flow_table.c b/net/core/flow_table.c
index 7b85e53..c1a9716 100644
--- a/net/core/flow_table.c
+++ b/net/core/flow_table.c
@@ -26,6 +26,8 @@
#include <net/genetlink.h>
#include <net/rtnetlink.h>
#include <linux/module.h>
+#include <linux/rhashtable.h>
+#include <linux/jhash.h>
static DEFINE_MUTEX(net_flow_mutex);
@@ -919,6 +921,27 @@ static int net_flow_cmd_get_table_graph(struct sk_buff *skb,
return genlmsg_reply(msg, info);
}
+static struct net_flow_tbl *net_flow_get_table(struct net_device *dev,
+ int table_id)
+{
+ struct net_flow_tbl **tables;
+ int i;
+
+ if (!dev->netdev_ops->ndo_flow_get_tbls)
+ return NULL;
+
+ tables = dev->netdev_ops->ndo_flow_get_tbls(dev);
+ if (!tables)
+ return NULL;
+
+ for (i = 0; tables[i]; i++) {
+ if (tables[i]->uid == table_id)
+ return tables[i];
+ }
+
+ return NULL;
+}
+
static int net_flow_put_flow_action(struct sk_buff *skb,
struct net_flow_action *a)
{
@@ -1017,11 +1040,39 @@ put_failure:
return err;
}
+static int net_flow_get_rule_cache(struct sk_buff *skb,
+ struct net_flow_tbl *table,
+ int min, int max)
+{
+ const struct bucket_table *tbl;
+ struct net_flow_rule *he;
+ int i, err = 0;
+
+ rcu_read_lock();
+ tbl = rht_dereference_rcu(table->cache.tbl, &table->cache);
+
+ for (i = 0; i < tbl->size; i++) {
+ struct rhash_head *pos;
+
+ rht_for_each_entry_rcu(he, pos, tbl, i, node) {
+ if (he->uid < min || (max > 0 && he->uid > max))
+ continue;
+ err = net_flow_put_rule(skb, he);
+ if (err)
+ goto out;
+ }
+ }
+out:
+ rcu_read_unlock();
+ return err;
+}
+
static struct sk_buff *net_flow_build_flows_msg(struct net_device *dev,
u32 portid, int seq, u8 cmd,
int min, int max, int table)
{
struct genlmsghdr *hdr;
+ struct net_flow_tbl *t;
struct nlattr *flows;
struct sk_buff *skb;
int err = -ENOBUFS;
@@ -1042,15 +1093,23 @@ static struct sk_buff *net_flow_build_flows_msg(struct net_device *dev,
goto out;
}
+ t = net_flow_get_table(dev, table);
+ if (!t) {
+ err = -EINVAL;
+ goto out;
+ }
+
flows = nla_nest_start(skb, NFL_FLOWS);
if (!flows) {
err = -EMSGSIZE;
goto out;
}
- err = -EOPNOTSUPP;
- if (err < 0)
- goto out_cancel;
+ err = net_flow_get_rule_cache(skb, t, min, max);
+ if (err < 0) {
+ nla_nest_cancel(skb, flows);
+ goto out;
+ }
nla_nest_end(skb, flows);
@@ -1059,8 +1118,6 @@ static struct sk_buff *net_flow_build_flows_msg(struct net_device *dev,
goto out;
return skb;
-out_cancel:
- nla_nest_cancel(skb, flows);
out:
nlmsg_free(skb);
return ERR_PTR(err);
@@ -1300,6 +1357,13 @@ static void net_flow_rule_free(struct net_flow_rule *rule)
kfree(rule);
}
+static void net_flow_rule_free_rcu(struct rcu_head *head)
+{
+ struct net_flow_rule *r = container_of(head, struct net_flow_rule, rcu);
+
+ net_flow_rule_free(r);
+}
+
static const
struct nla_policy net_flow_actarg_policy[NFL_ACTION_ARG_MAX + 1] = {
[NFL_ACTION_ARG_NAME] = { .type = NLA_STRING },
@@ -1505,6 +1569,70 @@ static int net_flow_get_rule(struct net_flow_rule *rule, struct nlattr *attr)
return 0;
}
+#define NFL_TABLE_ELEM_HINT 10
+int net_flow_init_cache(struct net_flow_tbl *table)
+{
+ struct rhashtable_params params = {
+ .nelem_hint = NFL_TABLE_ELEM_HINT,
+ .head_offset = offsetof(struct net_flow_rule, node),
+ .key_offset = offsetof(struct net_flow_rule, uid),
+ .key_len = sizeof(__u32),
+ .hashfn = jhash,
+ .grow_decision = rht_grow_above_75,
+ .shrink_decision = rht_shrink_below_30
+ };
+
+ return rhashtable_init(&table->cache, ¶ms);
+}
+EXPORT_SYMBOL(net_flow_init_cache);
+
+void net_flow_destroy_cache(struct net_flow_tbl *table)
+{
+ struct rhashtable *cache = &table->cache;
+ const struct bucket_table *tbl;
+ struct net_flow_rule *he;
+ struct rhash_head *pos, *next;
+ unsigned int i;
+
+ /* Stop an eventual async resizing */
+ cache->being_destroyed = true;
+ mutex_lock(&cache->mutex);
+
+ tbl = rht_dereference(cache->tbl, cache);
+ for (i = 0; i < tbl->size; i++) {
+ rht_for_each_entry_safe(he, pos, next, tbl, i, node) {
+ rhashtable_remove(&table->cache, &he->node);
+ call_rcu(&he->rcu, net_flow_rule_free_rcu);
+ }
+ }
+
+ mutex_unlock(&cache->mutex);
+ rhashtable_destroy(cache);
+}
+EXPORT_SYMBOL(net_flow_destroy_cache);
+
+static void net_flow_add_rule_cache(struct net_flow_tbl *table,
+ struct net_flow_rule *this)
+{
+ rhashtable_insert(&table->cache, &this->node);
+}
+
+static int net_flow_del_rule_cache(struct net_flow_tbl *table,
+ struct net_flow_rule *this)
+{
+ struct net_flow_rule *he;
+
+ he = rhashtable_lookup(&table->cache, &this->uid);
+ if (he) {
+ rhashtable_remove(&table->cache, &he->node);
+ synchronize_rcu();
+ net_flow_rule_free(he);
+ return 0;
+ }
+
+ return -EEXIST;
+}
+
static int net_flow_table_cmd_flows(struct sk_buff *recv_skb,
struct genl_info *info)
{
@@ -1546,6 +1674,8 @@ static int net_flow_table_cmd_flows(struct sk_buff *recv_skb,
net_flow_lock();
nla_for_each_nested(flow, info->attrs[NFL_FLOWS], rem) {
+ struct net_flow_tbl *table;
+
if (nla_type(flow) != NFL_FLOW)
continue;
@@ -1563,12 +1693,22 @@ static int net_flow_table_cmd_flows(struct sk_buff *recv_skb,
if (err)
goto out_locked;
+ table = net_flow_get_table(dev, this->table_id);
+ if (!table) {
+ err = -EINVAL;
+ goto skip;
+ }
+
switch (cmd) {
case NFL_TABLE_CMD_SET_FLOWS:
err = dev->netdev_ops->ndo_flow_set_rule(dev, this);
+ if (!err)
+ net_flow_add_rule_cache(table, this);
break;
case NFL_TABLE_CMD_DEL_FLOWS:
err = dev->netdev_ops->ndo_flow_del_rule(dev, this);
+ if (!err)
+ err = net_flow_del_rule_cache(table, this);
break;
default:
err = -EOPNOTSUPP;
@@ -1597,8 +1737,6 @@ skip:
net_flow_put_rule(skb, this);
}
- net_flow_rule_free(this);
-
if (err && err_handle == NFL_FLOWS_ERROR_ABORT)
goto out_locked;
}
next prev parent reply other threads:[~2015-01-20 20:27 UTC|newest]
Thread overview: 66+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-20 20:26 [net-next PATCH v3 00/12] Flow API John Fastabend
2015-01-20 20:26 ` [net-next PATCH v3 01/12] net: flow_table: create interface for hw match/action tables John Fastabend
2015-01-22 4:37 ` Simon Horman
2015-01-20 20:27 ` [net-next PATCH v3 02/12] net: flow_table: add rule, delete rule John Fastabend
2015-01-20 20:27 ` John Fastabend [this message]
2015-01-20 20:27 ` [net-next PATCH v3 04/12] net: flow_table: create a set of common headers and actions John Fastabend
2015-01-20 20:59 ` John W. Linville
2015-01-20 22:10 ` John Fastabend
2015-01-20 20:28 ` [net-next PATCH v3 05/12] net: flow_table: add validation functions for rules John Fastabend
2015-01-20 20:28 ` [net-next PATCH v3 06/12] net: rocker: add pipeline model for rocker switch John Fastabend
2015-01-20 20:29 ` [net-next PATCH v3 07/12] net: rocker: add set rule ops John Fastabend
2015-01-20 20:29 ` [net-next PATCH v3 08/12] net: rocker: add group_id slices and drop explicit goto John Fastabend
2015-01-20 20:30 ` [net-next PATCH v3 09/12] net: rocker: add multicast path to bridging John Fastabend
2015-01-20 20:30 ` [net-next PATCH v3 10/12] net: rocker: add cookie to group acls and use flow_id to set cookie John Fastabend
2015-01-20 20:31 ` [net-next PATCH v3 11/12] net: rocker: have flow api calls set cookie value John Fastabend
2015-01-20 20:31 ` [net-next PATCH v3 12/12] net: rocker: implement delete flow routine John Fastabend
2015-01-22 12:52 ` [net-next PATCH v3 00/12] Flow API Pablo Neira Ayuso
2015-01-22 13:37 ` Thomas Graf
2015-01-22 14:00 ` Pablo Neira Ayuso
2015-01-22 15:00 ` Jamal Hadi Salim
2015-01-22 15:13 ` Thomas Graf
2015-01-22 15:28 ` Jamal Hadi Salim
2015-01-22 15:37 ` Thomas Graf
2015-01-22 15:44 ` Jamal Hadi Salim
2015-01-23 10:10 ` Thomas Graf
2015-01-23 10:24 ` Jiri Pirko
2015-01-23 11:08 ` Thomas Graf
2015-01-23 11:39 ` Jiri Pirko
2015-01-23 12:28 ` Thomas Graf
2015-01-23 13:43 ` Jiri Pirko
2015-01-23 14:07 ` Thomas Graf
2015-01-23 15:25 ` Jiri Pirko
2015-01-23 15:43 ` John Fastabend
2015-01-23 15:56 ` Jiri Pirko
2015-01-23 15:49 ` Thomas Graf
2015-01-23 16:00 ` Jiri Pirko
2015-01-23 15:34 ` John Fastabend
2015-01-23 15:53 ` Jiri Pirko
2015-01-23 16:00 ` Thomas Graf
2015-01-23 16:08 ` John Fastabend
2015-01-23 16:16 ` Jiri Pirko
2015-01-24 13:04 ` Jamal Hadi Salim
2015-01-23 17:46 ` Thomas Graf
2015-01-23 19:59 ` John Fastabend
2015-01-23 23:16 ` Thomas Graf
2015-01-24 13:22 ` Jamal Hadi Salim
2015-01-24 13:34 ` Thomas Graf
2015-01-24 13:01 ` Jamal Hadi Salim
2015-01-26 8:26 ` Simon Horman
2015-01-26 12:26 ` Jamal Hadi Salim
2015-01-27 4:28 ` David Ahern
2015-01-27 4:58 ` Andy Gospodarek
2015-01-27 15:54 ` Jamal Hadi Salim
2015-01-24 12:36 ` Jamal Hadi Salim
2015-01-22 15:48 ` Jiri Pirko
2015-01-22 17:58 ` Thomas Graf
2015-01-22 16:49 ` Pablo Neira Ayuso
2015-01-22 17:10 ` John Fastabend
2015-01-22 17:44 ` Thomas Graf
2015-01-24 12:34 ` Jamal Hadi Salim
2015-01-24 13:48 ` Thomas Graf
2015-01-23 9:00 ` David Miller
2015-01-22 16:58 ` John Fastabend
2015-01-23 10:49 ` Thomas Graf
2015-01-23 16:42 ` John Fastabend
2015-01-24 12:29 ` Jamal Hadi Salim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150120202727.1741.30573.stgit@nitbit.x32 \
--to=john.fastabend@gmail.com \
--cc=andy@greyhouse.net \
--cc=ast@plumgrid.com \
--cc=davem@davemloft.net \
--cc=gerlitz.or@gmail.com \
--cc=jhs@mojatatu.com \
--cc=netdev@vger.kernel.org \
--cc=sfeldma@gmail.com \
--cc=simon.horman@netronome.com \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.