2012-08-13 12:49:39 +07:00
|
|
|
#ifndef __PACKET_INTERNAL_H__
|
|
|
|
#define __PACKET_INTERNAL_H__
|
|
|
|
|
2017-06-30 17:08:10 +07:00
|
|
|
#include <linux/refcount.h>
|
|
|
|
|
2012-08-13 12:49:39 +07:00
|
|
|
struct packet_mclist {
|
|
|
|
struct packet_mclist *next;
|
|
|
|
int ifindex;
|
|
|
|
int count;
|
|
|
|
unsigned short type;
|
|
|
|
unsigned short alen;
|
|
|
|
unsigned char addr[MAX_ADDR_LEN];
|
|
|
|
};
|
|
|
|
|
|
|
|
/* kbdq - kernel block descriptor queue */
|
|
|
|
struct tpacket_kbdq_core {
|
|
|
|
struct pgv *pkbdq;
|
|
|
|
unsigned int feature_req_word;
|
|
|
|
unsigned int hdrlen;
|
|
|
|
unsigned char reset_pending_on_curr_blk;
|
|
|
|
unsigned char delete_blk_timer;
|
|
|
|
unsigned short kactive_blk_num;
|
|
|
|
unsigned short blk_sizeof_priv;
|
|
|
|
|
|
|
|
/* last_kactive_blk_num:
|
|
|
|
* trick to see if user-space has caught up
|
|
|
|
* in order to avoid refreshing timer when every single pkt arrives.
|
|
|
|
*/
|
|
|
|
unsigned short last_kactive_blk_num;
|
|
|
|
|
|
|
|
char *pkblk_start;
|
|
|
|
char *pkblk_end;
|
|
|
|
int kblk_size;
|
2014-08-15 23:16:04 +07:00
|
|
|
unsigned int max_frame_len;
|
2012-08-13 12:49:39 +07:00
|
|
|
unsigned int knum_blocks;
|
|
|
|
uint64_t knxt_seq_num;
|
|
|
|
char *prev;
|
|
|
|
char *nxt_offset;
|
|
|
|
struct sk_buff *skb;
|
|
|
|
|
|
|
|
atomic_t blk_fill_in_prog;
|
|
|
|
|
|
|
|
/* Default is set to 8ms */
|
|
|
|
#define DEFAULT_PRB_RETIRE_TOV (8)
|
|
|
|
|
|
|
|
unsigned short retire_blk_tov;
|
|
|
|
unsigned short version;
|
|
|
|
unsigned long tov_in_jiffies;
|
|
|
|
|
|
|
|
/* timer to retire an outstanding block */
|
|
|
|
struct timer_list retire_blk_timer;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct pgv {
|
|
|
|
char *buffer;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct packet_ring_buffer {
|
|
|
|
struct pgv *pg_vec;
|
2013-04-19 13:12:28 +07:00
|
|
|
|
2012-08-13 12:49:39 +07:00
|
|
|
unsigned int head;
|
|
|
|
unsigned int frames_per_block;
|
|
|
|
unsigned int frame_size;
|
|
|
|
unsigned int frame_max;
|
|
|
|
|
|
|
|
unsigned int pg_vec_order;
|
|
|
|
unsigned int pg_vec_pages;
|
|
|
|
unsigned int pg_vec_len;
|
|
|
|
|
packet: use percpu mmap tx frame pending refcount
In PF_PACKET's packet mmap(), we can avoid using one atomic_inc()
and one atomic_dec() call in skb destructor and use a percpu
reference count instead in order to determine if packets are
still pending to be sent out. Micro-benchmark with [1] that has
been slightly modified (that is, protcol = 0 in socket(2) and
bind(2)), example on a rather crappy testing machine; I expect
it to scale and have even better results on bigger machines:
./packet_mm_tx -s7000 -m7200 -z700000 em1, avg over 2500 runs:
With patch: 4,022,015 cyc
Without patch: 4,812,994 cyc
time ./packet_mm_tx -s64 -c10000000 em1 > /dev/null, stable:
With patch:
real 1m32.241s
user 0m0.287s
sys 1m29.316s
Without patch:
real 1m38.386s
user 0m0.265s
sys 1m35.572s
In function tpacket_snd(), it is okay to use packet_read_pending()
since in fast-path we short-circuit the condition already with
ph != NULL, since we have next frames to process. In case we have
MSG_DONTWAIT, we also do not execute this path as need_wait is
false here anyway, and in case of _no_ MSG_DONTWAIT flag, it is
okay to call a packet_read_pending(), because when we ever reach
that path, we're done processing outgoing frames anyway and only
look if there are skbs still outstanding to be orphaned. We can
stay lockless in this percpu counter since it's acceptable when we
reach this path for the sum to be imprecise first, but we'll level
out at 0 after all pending frames have reached the skb destructor
eventually through tx reclaim. When people pin a tx process to
particular CPUs, we expect overflows to happen in the reference
counter as on one CPU we expect heavy increase; and distributed
through ksoftirqd on all CPUs a decrease, for example. As
David Laight points out, since the C language doesn't define the
result of signed int overflow (i.e. rather than wrap, it is
allowed to saturate as a possible outcome), we have to use
unsigned int as reference count. The sum over all CPUs when tx
is complete will result in 0 again.
The BUG_ON() in tpacket_destruct_skb() we can remove as well. It
can _only_ be set from inside tpacket_snd() path and we made sure
to increase tx_ring.pending in any case before we called po->xmit(skb).
So testing for tx_ring.pending == 0 is not too useful. Instead, it
would rather have been useful to test if lower layers didn't orphan
the skb so that we're missing ring slots being put back to
TP_STATUS_AVAILABLE. But such a bug will be caught in user space
already as we end up realizing that we do not have any
TP_STATUS_AVAILABLE slots left anymore. Therefore, we're all set.
Btw, in case of RX_RING path, we do not make use of the pending
member, therefore we also don't need to use up any percpu memory
here. Also note that __alloc_percpu() already returns a zero-filled
percpu area, so initialization is done already.
[1] http://wiki.ipxwarzone.com/index.php5?title=Linux_packet_mmap
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-01-15 22:25:36 +07:00
|
|
|
unsigned int __percpu *pending_refcnt;
|
2013-04-19 13:12:28 +07:00
|
|
|
|
|
|
|
struct tpacket_kbdq_core prb_bdqc;
|
2012-08-13 12:49:39 +07:00
|
|
|
};
|
|
|
|
|
2012-08-16 12:36:48 +07:00
|
|
|
extern struct mutex fanout_mutex;
|
|
|
|
#define PACKET_FANOUT_MAX 256
|
|
|
|
|
|
|
|
struct packet_fanout {
|
2015-03-12 11:06:44 +07:00
|
|
|
possible_net_t net;
|
2012-08-16 12:36:48 +07:00
|
|
|
unsigned int num_members;
|
|
|
|
u16 id;
|
|
|
|
u8 type;
|
packet: packet fanout rollover during socket overload
Changes:
v3->v2: rebase (no other changes)
passes selftest
v2->v1: read f->num_members only once
fix bug: test rollover mode + flag
Minimize packet drop in a fanout group. If one socket is full,
roll over packets to another from the group. Maintain flow
affinity during normal load using an rxhash fanout policy, while
dispersing unexpected traffic storms that hit a single cpu, such
as spoofed-source DoS flows. Rollover breaks affinity for flows
arriving at saturated sockets during those conditions.
The patch adds a fanout policy ROLLOVER that rotates between sockets,
filling each socket before moving to the next. It also adds a fanout
flag ROLLOVER. If passed along with any other fanout policy, the
primary policy is applied until the chosen socket is full. Then,
rollover selects another socket, to delay packet drop until the
entire system is saturated.
Probing sockets is not free. Selecting the last used socket, as
rollover does, is a greedy approach that maximizes chance of
success, at the cost of extreme load imbalance. In practice, with
sufficiently long queues to absorb bursts, sockets are drained in
parallel and load balance looks uniform in `top`.
To avoid contention, scales counters with number of sockets and
accesses them lockfree. Values are bounds checked to ensure
correctness.
Tested using an application with 9 threads pinned to CPUs, one socket
per thread and sufficient busywork per packet operation to limits each
thread to handling 32 Kpps. When sent 500 Kpps single UDP stream
packets, a FANOUT_CPU setup processes 32 Kpps in total without this
patch, 270 Kpps with the patch. Tested with read() and with a packet
ring (V1).
Also, passes psock_fanout.c unit test added to selftests.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-19 17:18:11 +07:00
|
|
|
u8 flags;
|
2015-08-15 09:31:34 +07:00
|
|
|
union {
|
|
|
|
atomic_t rr_cur;
|
|
|
|
struct bpf_prog __rcu *bpf_prog;
|
|
|
|
};
|
2012-08-16 12:36:48 +07:00
|
|
|
struct list_head list;
|
|
|
|
struct sock *arr[PACKET_FANOUT_MAX];
|
|
|
|
spinlock_t lock;
|
2017-06-30 17:08:10 +07:00
|
|
|
refcount_t sk_ref;
|
2012-08-16 12:36:48 +07:00
|
|
|
struct packet_type prot_hook ____cacheline_aligned_in_smp;
|
|
|
|
};
|
|
|
|
|
2015-05-12 22:56:46 +07:00
|
|
|
struct packet_rollover {
|
|
|
|
int sock;
|
2015-06-16 23:51:37 +07:00
|
|
|
struct rcu_head rcu;
|
2015-05-12 22:56:50 +07:00
|
|
|
atomic_long_t num;
|
|
|
|
atomic_long_t num_huge;
|
|
|
|
atomic_long_t num_failed;
|
2015-05-12 22:56:49 +07:00
|
|
|
#define ROLLOVER_HLEN (L1_CACHE_BYTES / sizeof(u32))
|
|
|
|
u32 history[ROLLOVER_HLEN] ____cacheline_aligned;
|
2015-05-12 22:56:46 +07:00
|
|
|
} ____cacheline_aligned_in_smp;
|
|
|
|
|
2012-08-13 12:49:39 +07:00
|
|
|
struct packet_sock {
|
|
|
|
/* struct sock has to be the first member of packet_sock */
|
|
|
|
struct sock sk;
|
|
|
|
struct packet_fanout *fanout;
|
2013-04-19 13:12:29 +07:00
|
|
|
union tpacket_stats_u stats;
|
2012-08-13 12:49:39 +07:00
|
|
|
struct packet_ring_buffer rx_ring;
|
|
|
|
struct packet_ring_buffer tx_ring;
|
|
|
|
int copy_thresh;
|
|
|
|
spinlock_t bind_lock;
|
|
|
|
struct mutex pg_vec_lock;
|
|
|
|
unsigned int running:1, /* prot_hook is attached*/
|
|
|
|
auxdata:1,
|
|
|
|
origdev:1,
|
|
|
|
has_vnet_hdr:1;
|
packet: rollover lock contention avoidance
Rollover has to call packet_rcv_has_room on sockets in the fanout
group to find a socket to migrate to. This operation is expensive
especially if the packet sockets use rings, when a lock has to be
acquired.
Avoid pounding on the lock by all sockets by temporarily marking a
socket as "under memory pressure" when such pressure is detected.
While set, only the socket owner may call packet_rcv_has_room on the
socket. Once it detects normal conditions, it clears the flag. The
socket is not used as a victim by any other socket in the meantime.
Under reasonably balanced load, each socket writer frequently calls
packet_rcv_has_room and clears its own pressure field. As a backup
for when the socket is rarely written to, also clear the flag on
reading (packet_recvmsg, packet_poll) if this can be done cheaply
(i.e., without calling packet_rcv_has_room). This is only for
edge cases.
Tested:
Ran bench_rollover: a process with 8 sockets in a single fanout
group, each pinned to a single cpu that receives one nic recv
interrupt. RPS and RFS are disabled. The benchmark uses packet
rx_ring, which has to take a lock when determining whether a
socket has room.
Sent 3.5 Mpps of UDP traffic with sufficient entropy to spread
uniformly across the packet sockets (and inserted an iptables
rule to drop in PREROUTING to avoid protocol stack processing).
Without this patch, all sockets try to migrate traffic to
neighbors, causing lock contention when searching for a non-
empty neighbor. The lock is the top 9 entries.
perf record -a -g sleep 5
- 17.82% bench_rollover [kernel.kallsyms] [k] _raw_spin_lock
- _raw_spin_lock
- 99.00% spin_lock
+ 81.77% packet_rcv_has_room.isra.41
+ 18.23% tpacket_rcv
+ 0.84% packet_rcv_has_room.isra.41
+ 5.20% ksoftirqd/6 [kernel.kallsyms] [k] _raw_spin_lock
+ 5.15% ksoftirqd/1 [kernel.kallsyms] [k] _raw_spin_lock
+ 5.14% ksoftirqd/2 [kernel.kallsyms] [k] _raw_spin_lock
+ 5.12% ksoftirqd/7 [kernel.kallsyms] [k] _raw_spin_lock
+ 5.12% ksoftirqd/5 [kernel.kallsyms] [k] _raw_spin_lock
+ 5.10% ksoftirqd/4 [kernel.kallsyms] [k] _raw_spin_lock
+ 4.66% ksoftirqd/0 [kernel.kallsyms] [k] _raw_spin_lock
+ 4.45% ksoftirqd/3 [kernel.kallsyms] [k] _raw_spin_lock
+ 1.55% bench_rollover [kernel.kallsyms] [k] packet_rcv_has_room.isra.41
On net-next with this patch, this lock contention is no longer a
top entry. Most time is spent in the actual read function. Next up
are other locks:
+ 15.52% bench_rollover bench_rollover [.] reader
+ 4.68% swapper [kernel.kallsyms] [k] memcpy_erms
+ 2.77% swapper [kernel.kallsyms] [k] packet_lookup_frame.isra.51
+ 2.56% ksoftirqd/1 [kernel.kallsyms] [k] memcpy_erms
+ 2.16% swapper [kernel.kallsyms] [k] tpacket_rcv
+ 1.93% swapper [kernel.kallsyms] [k] mlx4_en_process_rx_cq
Looking closer at the remaining _raw_spin_lock, the cost of probing
in rollover is now comparable to the cost of taking the lock later
in tpacket_rcv.
- 1.51% swapper [kernel.kallsyms] [k] _raw_spin_lock
- _raw_spin_lock
+ 33.41% packet_rcv_has_room
+ 28.15% tpacket_rcv
+ 19.54% enqueue_to_backlog
+ 6.45% __free_pages_ok
+ 2.78% packet_rcv_fanout
+ 2.13% fanout_demux_rollover
+ 2.01% netif_receive_skb_internal
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-05-12 22:56:48 +07:00
|
|
|
int pressure;
|
2012-08-13 12:49:39 +07:00
|
|
|
int ifindex; /* bound device */
|
|
|
|
__be16 num;
|
2015-05-12 22:56:46 +07:00
|
|
|
struct packet_rollover *rollover;
|
2012-08-13 12:49:39 +07:00
|
|
|
struct packet_mclist *mclist;
|
|
|
|
atomic_t mapped;
|
|
|
|
enum tpacket_versions tp_version;
|
|
|
|
unsigned int tp_hdrlen;
|
|
|
|
unsigned int tp_reserve;
|
|
|
|
unsigned int tp_loss:1;
|
2012-11-07 06:10:47 +07:00
|
|
|
unsigned int tp_tx_has_off:1;
|
2012-08-13 12:49:39 +07:00
|
|
|
unsigned int tp_tstamp;
|
2013-11-21 22:50:58 +07:00
|
|
|
struct net_device __rcu *cached_dev;
|
packet: introduce PACKET_QDISC_BYPASS socket option
This patch introduces a PACKET_QDISC_BYPASS socket option, that
allows for using a similar xmit() function as in pktgen instead
of taking the dev_queue_xmit() path. This can be very useful when
PF_PACKET applications are required to be used in a similar
scenario as pktgen, but with full, flexible packet payload that
needs to be provided, for example.
On default, nothing changes in behaviour for normal PF_PACKET
TX users, so everything stays as is for applications. New users,
however, can now set PACKET_QDISC_BYPASS if needed to prevent
own packets from i) reentering packet_rcv() and ii) to directly
push the frame to the driver.
In doing so we can increase pps (here 64 byte packets) for
PF_PACKET a bit:
# CPUs -- QDISC_BYPASS -- qdisc path -- qdisc path[**]
1 CPU == 1,509,628 pps -- 1,208,708 -- 1,247,436
2 CPUs == 3,198,659 pps -- 2,536,012 -- 1,605,779
3 CPUs == 4,787,992 pps -- 3,788,740 -- 1,735,610
4 CPUs == 6,173,956 pps -- 4,907,799 -- 1,909,114
5 CPUs == 7,495,676 pps -- 5,956,499 -- 2,014,422
6 CPUs == 9,001,496 pps -- 7,145,064 -- 2,155,261
7 CPUs == 10,229,776 pps -- 8,190,596 -- 2,220,619
8 CPUs == 11,040,732 pps -- 9,188,544 -- 2,241,879
9 CPUs == 12,009,076 pps -- 10,275,936 -- 2,068,447
10 CPUs == 11,380,052 pps -- 11,265,337 -- 1,578,689
11 CPUs == 11,672,676 pps -- 11,845,344 -- 1,297,412
[...]
20 CPUs == 11,363,192 pps -- 11,014,933 -- 1,245,081
[**]: qdisc path with packet_rcv(), how probably most people
seem to use it (hopefully not anymore if not needed)
The test was done using a modified trafgen, sending a simple
static 64 bytes packet, on all CPUs. The trick in the fast
"qdisc path" case, is to avoid reentering packet_rcv() by
setting the RAW socket protocol to zero, like:
socket(PF_PACKET, SOCK_RAW, 0);
Tradeoffs are documented as well in this patch, clearly, if
queues are busy, we will drop more packets, tc disciplines are
ignored, and these packets are not visible to taps anymore. For
a pktgen like scenario, we argue that this is acceptable.
The pointer to the xmit function has been placed in packet
socket structure hole between cached_dev and prot_hook that
is hot anyway as we're working on cached_dev in each send path.
Done in joint work together with Jesper Dangaard Brouer.
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-12-06 17:36:17 +07:00
|
|
|
int (*xmit)(struct sk_buff *skb);
|
2012-08-13 12:49:39 +07:00
|
|
|
struct packet_type prot_hook ____cacheline_aligned_in_smp;
|
|
|
|
};
|
|
|
|
|
|
|
|
static struct packet_sock *pkt_sk(struct sock *sk)
|
|
|
|
{
|
|
|
|
return (struct packet_sock *)sk;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif
|