diff mbox

[RFC,V2,2/3] filter-rewriter: track connection and parse packet

Message ID 1467440540-6630-3-git-send-email-zhangchen.fnst@cn.fujitsu.com
State New
Headers show

Commit Message

Zhang Chen July 2, 2016, 6:22 a.m. UTC 
We use colo-base.h to track connection and parse packet

Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
---
 net/filter-rewriter.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

Comments

Jason Wang July 4, 2016, 3:04 a.m. UTC | #1 
On 2016年07月02日 14:22, Zhang Chen wrote:
> We use colo-base.h to track connection and parse packet
>
> Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
> ---
>   net/filter-rewriter.c | 52 +++++++++++++++++++++++++++++++++++++++++++++++++++
>   1 file changed, 52 insertions(+)
>
> diff --git a/net/filter-rewriter.c b/net/filter-rewriter.c
> index 08b015d..c38ab24 100644
> --- a/net/filter-rewriter.c
> +++ b/net/filter-rewriter.c
> @@ -50,6 +50,20 @@ typedef struct RewriterState {
>       uint32_t hashtable_size;
>   } RewriterState;
>   
> +/*
> + * Return 1 on success, if return 0 means the pkt
> + * is not TCP packet
> + */
> +static int is_tcp_packet(Packet *pkt)
> +{
> +    if (!parse_packet_early(pkt) &&
> +        pkt->ip->ip_p == IPPROTO_TCP) {
> +        return 1;
> +    } else {
> +        return 0;
> +    }
> +}
> +
>   static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
>                                            NetClientState *sender,
>                                            unsigned flags,
> @@ -57,11 +71,49 @@ static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
>                                            int iovcnt,
>                                            NetPacketSent *sent_cb)
>   {
> +    RewriterState *s = FILTER_COLO_REWRITER(nf);
> +    Connection *conn;
> +    ConnectionKey key = {{ 0 } };
> +    Packet *pkt;
> +    ssize_t size = iov_size(iov, iovcnt);
> +    char *buf = g_malloc0(size);
> +
> +    iov_to_buf(iov, iovcnt, 0, buf, size);
> +    pkt = packet_new(buf, size);
> +
>       /*
>        * if we get tcp packet
>        * we will rewrite it to make secondary guest's
>        * connection established successfully
>        */
> +    if (is_tcp_packet(pkt)) {
> +        if (sender == nf->netdev) {
> +            fill_connection_key(pkt, &key, SECONDARY);
> +        } else {
> +            fill_connection_key(pkt, &key, PRIMARY);
> +        }
> +
> +        conn = connection_get(s->connection_track_table,
> +                              &key,
> +                              &s->hashtable_size);
> +        if (!conn->processing) {
> +            qemu_mutex_lock(&s->conn_list_lock);
> +            g_queue_push_tail(&s->conn_list, conn);
> +            qemu_mutex_unlock(&s->conn_list_lock);

conn_list was never used in this series, and I fail to understand why 
conn_list is needed?

> +            conn->processing = true;
> +        }
> +
> +        if (sender == nf->netdev) {
> +            /* NET_FILTER_DIRECTION_TX */
> +            /* handle_primary_tcp_pkt */
> +        } else {
> +            /* NET_FILTER_DIRECTION_RX */
> +            /* handle_secondary_tcp_pkt */
> +        }
> +    }
> +
> +    packet_destroy(pkt, NULL);
> +    pkt = NULL;
>       return 0;
>   }
>
Zhang Chen July 4, 2016, 7:47 a.m. UTC | #2 
On 07/04/2016 11:04 AM, Jason Wang wrote:
>
>
> On 2016年07月02日 14:22, Zhang Chen wrote:
>> We use colo-base.h to track connection and parse packet
>>
>> Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
>> Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
>> Signed-off-by: Wen Congyang <wency@cn.fujitsu.com>
>> ---
>>   net/filter-rewriter.c | 52 
>> +++++++++++++++++++++++++++++++++++++++++++++++++++
>>   1 file changed, 52 insertions(+)
>>
>> diff --git a/net/filter-rewriter.c b/net/filter-rewriter.c
>> index 08b015d..c38ab24 100644
>> --- a/net/filter-rewriter.c
>> +++ b/net/filter-rewriter.c
>> @@ -50,6 +50,20 @@ typedef struct RewriterState {
>>       uint32_t hashtable_size;
>>   } RewriterState;
>>   +/*
>> + * Return 1 on success, if return 0 means the pkt
>> + * is not TCP packet
>> + */
>> +static int is_tcp_packet(Packet *pkt)
>> +{
>> +    if (!parse_packet_early(pkt) &&
>> +        pkt->ip->ip_p == IPPROTO_TCP) {
>> +        return 1;
>> +    } else {
>> +        return 0;
>> +    }
>> +}
>> +
>>   static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
>>                                            NetClientState *sender,
>>                                            unsigned flags,
>> @@ -57,11 +71,49 @@ static ssize_t 
>> colo_rewriter_receive_iov(NetFilterState *nf,
>>                                            int iovcnt,
>>                                            NetPacketSent *sent_cb)
>>   {
>> +    RewriterState *s = FILTER_COLO_REWRITER(nf);
>> +    Connection *conn;
>> +    ConnectionKey key = {{ 0 } };
>> +    Packet *pkt;
>> +    ssize_t size = iov_size(iov, iovcnt);
>> +    char *buf = g_malloc0(size);
>> +
>> +    iov_to_buf(iov, iovcnt, 0, buf, size);
>> +    pkt = packet_new(buf, size);
>> +
>>       /*
>>        * if we get tcp packet
>>        * we will rewrite it to make secondary guest's
>>        * connection established successfully
>>        */
>> +    if (is_tcp_packet(pkt)) {
>> +        if (sender == nf->netdev) {
>> +            fill_connection_key(pkt, &key, SECONDARY);
>> +        } else {
>> +            fill_connection_key(pkt, &key, PRIMARY);
>> +        }
>> +
>> +        conn = connection_get(s->connection_track_table,
>> +                              &key,
>> +                              &s->hashtable_size);
>> +        if (!conn->processing) {
>> +            qemu_mutex_lock(&s->conn_list_lock);
>> +            g_queue_push_tail(&s->conn_list, conn);
>> +            qemu_mutex_unlock(&s->conn_list_lock);
>
> conn_list was never used in this series, and I fail to understand why 
> conn_list is needed?

When filter-rewriter work with colo-frame we need this do some 
synchronization job.
like colo do checkpoint,we will flush connection.
Maybe I should move this lock to other patch (like filter-rewriter work 
with colo-frame).

Thanks
Zhang Chen

>
>> +            conn->processing = true;
>> +        }
>> +
>> +        if (sender == nf->netdev) {
>> +            /* NET_FILTER_DIRECTION_TX */
>> +            /* handle_primary_tcp_pkt */
>> +        } else {
>> +            /* NET_FILTER_DIRECTION_RX */
>> +            /* handle_secondary_tcp_pkt */
>> +        }
>> +    }
>> +
>> +    packet_destroy(pkt, NULL);
>> +    pkt = NULL;
>>       return 0;
>>   }
>
>
>
> .
>
Jason Wang July 4, 2016, 8:29 a.m. UTC | #3 
On 2016年07月04日 15:47, Zhang Chen wrote:
>>> +    if (is_tcp_packet(pkt)) {
>>> +        if (sender == nf->netdev) {
>>> +            fill_connection_key(pkt, &key, SECONDARY);
>>> +        } else {
>>> +            fill_connection_key(pkt, &key, PRIMARY);
>>> +        }
>>> +
>>> +        conn = connection_get(s->connection_track_table,
>>> +                              &key,
>>> +                              &s->hashtable_size);
>>> +        if (!conn->processing) {
>>> +            qemu_mutex_lock(&s->conn_list_lock);
>>> +            g_queue_push_tail(&s->conn_list, conn);
>>> +            qemu_mutex_unlock(&s->conn_list_lock);
>>
>> conn_list was never used in this series, and I fail to understand why 
>> conn_list is needed?
>
> When filter-rewriter work with colo-frame we need this do some 
> synchronization job.
> like colo do checkpoint,we will flush connection.
> Maybe I should move this lock to other patch (like filter-rewriter 
> work with colo-frame).
>
> Thanks
> Zhang Chen 

Yes, please do it.
diff mbox

Patch

diff --git a/net/filter-rewriter.c b/net/filter-rewriter.c
index 08b015d..c38ab24 100644
--- a/net/filter-rewriter.c
+++ b/net/filter-rewriter.c
@@ -50,6 +50,20 @@  typedef struct RewriterState {
     uint32_t hashtable_size;
 } RewriterState;
 
+/*
+ * Return 1 on success, if return 0 means the pkt
+ * is not TCP packet
+ */
+static int is_tcp_packet(Packet *pkt)
+{
+    if (!parse_packet_early(pkt) &&
+        pkt->ip->ip_p == IPPROTO_TCP) {
+        return 1;
+    } else {
+        return 0;
+    }
+}
+
 static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
                                          NetClientState *sender,
                                          unsigned flags,
@@ -57,11 +71,49 @@  static ssize_t colo_rewriter_receive_iov(NetFilterState *nf,
                                          int iovcnt,
                                          NetPacketSent *sent_cb)
 {
+    RewriterState *s = FILTER_COLO_REWRITER(nf);
+    Connection *conn;
+    ConnectionKey key = {{ 0 } };
+    Packet *pkt;
+    ssize_t size = iov_size(iov, iovcnt);
+    char *buf = g_malloc0(size);
+
+    iov_to_buf(iov, iovcnt, 0, buf, size);
+    pkt = packet_new(buf, size);
+
     /*
      * if we get tcp packet
      * we will rewrite it to make secondary guest's
      * connection established successfully
      */
+    if (is_tcp_packet(pkt)) {
+        if (sender == nf->netdev) {
+            fill_connection_key(pkt, &key, SECONDARY);
+        } else {
+            fill_connection_key(pkt, &key, PRIMARY);
+        }
+
+        conn = connection_get(s->connection_track_table,
+                              &key,
+                              &s->hashtable_size);
+        if (!conn->processing) {
+            qemu_mutex_lock(&s->conn_list_lock);
+            g_queue_push_tail(&s->conn_list, conn);
+            qemu_mutex_unlock(&s->conn_list_lock);
+            conn->processing = true;
+        }
+
+        if (sender == nf->netdev) {
+            /* NET_FILTER_DIRECTION_TX */
+            /* handle_primary_tcp_pkt */
+        } else {
+            /* NET_FILTER_DIRECTION_RX */
+            /* handle_secondary_tcp_pkt */
+        }
+    }
+
+    packet_destroy(pkt, NULL);
+    pkt = NULL;
     return 0;
 }