From: Jason Wang <jasowang@redhat.com>
To: Wen Congyang <wency@cn.fujitsu.com>,
Zhang Chen <zhangchen.fnst@cn.fujitsu.com>,
qemu devel <qemu-devel@nongnu.org>
Cc: zhanghailiang <zhang.zhanghailiang@huawei.com>,
Li Zhijian <lizhijian@cn.fujitsu.com>,
Gui jianfeng <guijianfeng@cn.fujitsu.com>,
"eddie.dong" <eddie.dong@intel.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
Yang Hongyang <hongyang.yang@easystack.cn>
Subject: Re: [Qemu-devel] [PATCH V4 1/2] net/filter-mirror: implement filter-redirector
Date: Thu, 17 Mar 2016 14:10:03 +0800 [thread overview]
Message-ID: <56EA4A3B.8060909@redhat.com> (raw)
In-Reply-To: <56E928C2.60100@cn.fujitsu.com>
On 03/16/2016 05:34 PM, Wen Congyang wrote:
> On 03/16/2016 04:18 PM, Jason Wang wrote:
>> >
>> >
>> > On 03/15/2016 06:03 PM, Zhang Chen wrote:
>>> >> Filter-redirector is a netfilter plugin.
>>> >> It gives qemu the ability to redirect net packet.
>>> >> redirector can redirect filter's net packet to outdev.
>>> >> and redirect indev's packet to filter.
>>> >>
>>> >> filter
>>> >> +
>>> >> |
>>> >> |
>>> >> redirector |
>>> >> +--------------+
>>> >> | | |
>>> >> | | |
>>> >> | | |
>>> >> indev +-----------+ +----------> outdev
>>> >> | | |
>>> >> | | |
>>> >> | | |
>>> >> +--------------+
>>> >> |
>>> >> |
>>> >> v
>>> >> filter
>>> >>
>>> >> usage:
>>> >>
>>> >> -netdev user,id=hn0
>>> >> -chardev socket,id=s0,host=ip_primary,port=X,server,nowait
>>> >> -chardev socket,id=s1,host=ip_primary,port=Y,server,nowait
>>> >> -filter-redirector,id=r0,netdev=hn0,queue=tx/rx/all,indev=s0,outdev=s1
>>> >>
>>> >> Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
>>> >> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
>>> >> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
>>> >> ---
>>> >> net/filter-mirror.c | 236 ++++++++++++++++++++++++++++++++++++++++++++++++++++
>>> >> qemu-options.hx | 9 ++
>>> >> vl.c | 3 +-
>>> >> 3 files changed, 247 insertions(+), 1 deletion(-)
>>> >>
>>> >> diff --git a/net/filter-mirror.c b/net/filter-mirror.c
>>> >> index 1b1ec16..77ece41 100644
>>> >> --- a/net/filter-mirror.c
>>> >> +++ b/net/filter-mirror.c
>>> >> @@ -26,12 +26,23 @@
>>> >> #define FILTER_MIRROR(obj) \
>>> >> OBJECT_CHECK(MirrorState, (obj), TYPE_FILTER_MIRROR)
>>> >>
>>> >> +#define FILTER_REDIRECTOR(obj) \
>>> >> + OBJECT_CHECK(MirrorState, (obj), TYPE_FILTER_REDIRECTOR)
>>> >> +
>>> >> #define TYPE_FILTER_MIRROR "filter-mirror"
>>> >> +#define TYPE_FILTER_REDIRECTOR "filter-redirector"
>>> >> +#define REDIRECTOR_MAX_LEN NET_BUFSIZE
>>> >>
>>> >> typedef struct MirrorState {
>>> >> NetFilterState parent_obj;
>>> >> + char *indev;
>>> >> char *outdev;
>>> >> + CharDriverState *chr_in;
>>> >> CharDriverState *chr_out;
>>> >> + int state; /* 0 = getting length, 1 = getting data */
>>> >> + unsigned int index;
>>> >> + unsigned int packet_len;
>>> >> + uint8_t buf[REDIRECTOR_MAX_LEN];
>>> >> } MirrorState;
>>> >>
>>> >> static int filter_mirror_send(CharDriverState *chr_out,
>>> >> @@ -68,6 +79,89 @@ err:
>>> >> return ret < 0 ? ret : -EIO;
>>> >> }
>>> >>
>>> >> +static void
>>> >> +redirector_to_filter(NetFilterState *nf, const uint8_t *buf, int len)
>>> >> +{
>>> >> + struct iovec iov = {
>>> >> + .iov_base = (void *)buf,
>>> >> + .iov_len = len,
>>> >> + };
>>> >> +
>>> >> + if (nf->direction == NET_FILTER_DIRECTION_ALL ||
>>> >> + nf->direction == NET_FILTER_DIRECTION_TX) {
>>> >> + qemu_netfilter_pass_to_next(nf->netdev, 0, &iov, 1, nf);
>>> >> + }
>>> >> +
>>> >> + if (nf->direction == NET_FILTER_DIRECTION_ALL ||
>>> >> + nf->direction == NET_FILTER_DIRECTION_RX) {
>>> >> + qemu_netfilter_pass_to_next(nf->netdev->peer, 0, &iov, 1, nf);
>>> >> + }
>>> >> +}
>>> >> +
>>> >> +static int redirector_chr_can_read(void *opaque)
>>> >> +{
>>> >> + return REDIRECTOR_MAX_LEN;
>>> >> +}
>>> >> +
>>> >> +static void redirector_chr_read(void *opaque, const uint8_t *buf, int size)
>>> >> +{
>>> >> + NetFilterState *nf = opaque;
>>> >> + MirrorState *s = FILTER_REDIRECTOR(nf);
>>> >> + unsigned int l;
>>> >> +
>>> >> + if (size == 0) {
>>> >> + /* the peer is closed ? */
>>> >> + return ;
>>> >> + }
>> >
>> > Looks like if you want to handle connection close, you need use event
>> > handler when calling qemu_chr_add_handlers().
> In which case, we will see size is 0 if we don't have a event handler?
Looking at tcp_chr_read(), it seems that we won't see zero size.
>
> For redirector filter, I think we don't care about if the char device
> is disconnected. If the char device is ready again, we will continue
> to read from the char device.
>
> So I think we just add more comments here.
>
>> >
>>> >> +
>>> >> + /* most of code is stolen from net_socket_send */
>> >
>> > This comment seems redundant.
>> >
>>> >> + while (size > 0) {
>>> >> + /* reassemble a packet from the network */
>>> >> + switch (s->state) {
>>> >> + case 0:
>>> >> + l = 4 - s->index;
>>> >> + if (l > size) {
>>> >> + l = size;
>>> >> + }
>>> >> + memcpy(s->buf + s->index, buf, l);
>>> >> + buf += l;
>>> >> + size -= l;
>>> >> + s->index += l;
>>> >> + if (s->index == 4) {
>>> >> + /* got length */
>>> >> + s->packet_len = ntohl(*(uint32_t *)s->buf);
>>> >> + s->index = 0;
>>> >> + s->state = 1;
>>> >> + }
>>> >> + break;
>>> >> + case 1:
>>> >> + l = s->packet_len - s->index;
>>> >> + if (l > size) {
>>> >> + l = size;
>>> >> + }
>>> >> + if (s->index + l <= sizeof(s->buf)) {
>>> >> + memcpy(s->buf + s->index, buf, l);
>>> >> + } else {
>>> >> + fprintf(stderr, "serious error: oversized packet received,"
>>> >> + "connection terminated.\n");
>> >
>> > error_report() looks better.
>> >
>>> >> + s->state = 0;
>>> >> + /* FIXME: do something ? */
>> >
>> > This needs some thought, but at least reset the fd handler and state is
>> > needed.
> Maybe we can read the data from the chardev, and drop it?
>
> Thanks
> Wen Congyang
>
No function difference, but reading and dropping will cost extra cpu
which seems not good.
next prev parent reply other threads:[~2016-03-17 6:10 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-15 10:03 [Qemu-devel] [PATCH V4 0/2] Introduce filter-redirector Zhang Chen
2016-03-15 10:03 ` [Qemu-devel] [PATCH V4 1/2] net/filter-mirror: implement filter-redirector Zhang Chen
2016-03-16 8:18 ` Jason Wang
2016-03-16 9:11 ` Li Zhijian
2016-03-16 9:34 ` Wen Congyang
2016-03-16 10:07 ` Li Zhijian
2016-03-17 6:10 ` Jason Wang [this message]
2016-03-17 6:18 ` Wen Congyang
2016-03-17 6:28 ` Jason Wang
2016-03-15 10:03 ` [Qemu-devel] [PATCH V4 2/2] tests/test-filter-redirector: Add unit test for filter-redirector Zhang Chen
2016-03-16 8:18 ` [Qemu-devel] [PATCH V4 0/2] Introduce filter-redirector Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56EA4A3B.8060909@redhat.com \
--to=jasowang@redhat.com \
--cc=dgilbert@redhat.com \
--cc=eddie.dong@intel.com \
--cc=guijianfeng@cn.fujitsu.com \
--cc=hongyang.yang@easystack.cn \
--cc=lizhijian@cn.fujitsu.com \
--cc=qemu-devel@nongnu.org \
--cc=wency@cn.fujitsu.com \
--cc=zhang.zhanghailiang@huawei.com \
--cc=zhangchen.fnst@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.