From patchwork Fri Mar 1 14:12:30 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Toke_H=C3=B8iland-J=C3=B8rgensen?= X-Patchwork-Id: 1050219 Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=redhat.com Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 449rwP0B3Sz9s2R for ; Sat, 2 Mar 2019 01:12:37 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728443AbfCAOMe (ORCPT ); Fri, 1 Mar 2019 09:12:34 -0500 Received: from mail-ed1-f68.google.com ([209.85.208.68]:41211 "EHLO mail-ed1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728331AbfCAOMd (ORCPT ); Fri, 1 Mar 2019 09:12:33 -0500 Received: by mail-ed1-f68.google.com with SMTP id x7so20084331eds.8 for ; Fri, 01 Mar 2019 06:12:32 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:date:message-id:user-agent :mime-version:content-transfer-encoding; bh=7bQLjdMTFcPNE3zrGhLaazb3VaJSfJxRcZKKcvWynbQ=; b=Mw7tdzj3k79mutpB3/oiZ8+cG7EC2Az4TYHoP4zSuTqa+syWiB3wIAIHlOA3Syu4dF dWUKkF4XPdjzKoeR7+c6CPt62TdacY0fc9f4JuE6e0u27IcXQeL+ea/jR2bTO0FwUz5c 0CpKr8YcC+PbCTmQzAWqCF4iAI88Zywb5o4G+n6WjCVABcfsAnyzYvgLuGynxhu402RI ye5H/vwtdu3GA6hRce5XsFsw9nJ0axJz6trs4AcpM5JWP20gowDNpHMUCmt4Bsmx5Mrk C8j6WmTH8UQFHTrFi8MoveKh6piiH0p4tk65fjWyxv/6Weev1vmFw0iE8u+7EjdXK+dd c0NQ== X-Gm-Message-State: APjAAAXb9Lwfv9YQnuTa+5dfiYEntapv8vFhNqIwPZPM8nR4T+iYurAO sjPp5I12HtTWkfX5CBWmu4bWaQ== X-Google-Smtp-Source: APXvYqwNhmwHwG/wne5iT7X27fr3OmYQ7/QBW+jc2kSFINTulN66M/EZwoGgVAV14rIUezEtzcpSdQ== X-Received: by 2002:a17:906:fd5:: with SMTP id c21mr3260355ejk.86.1551449551945; Fri, 01 Mar 2019 06:12:31 -0800 (PST) Received: from alrua-x1.borgediget.toke.dk (alrua-x1.vpn.toke.dk. [2a00:7660:6da:10::2]) by smtp.gmail.com with ESMTPSA id x7sm3764332eju.12.2019.03.01.06.12.30 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 01 Mar 2019 06:12:30 -0800 (PST) Received: by alrua-x1.borgediget.toke.dk (Postfix, from userid 1000) id 636E7183BB9; Fri, 1 Mar 2019 15:12:30 +0100 (CET) Subject: [PATCH net-next v3 0/3] xdp: Use a default map for xdp_redirect helper From: Toke =?utf-8?q?H=C3=B8iland-J=C3=B8rgensen?= To: David Miller Cc: netdev@vger.kernel.org, Jesper Dangaard Brouer , Daniel Borkmann , Alexei Starovoitov , Jakub Kicinski Date: Fri, 01 Mar 2019 15:12:30 +0100 Message-ID: <155144955030.28287.14029975169967438162.stgit@alrua-x1> User-Agent: StGit/unknown-version MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org This series changes the xdp_redirect helper to use a hidden default map. The redirect_map() helper also uses the map structure to batch packets, which results in a significant (around 50%) performance boost for the _map variant. However, the xdp_redirect() API is simpler if one just wants to redirect to another interface, which means people tend to use this interface and then wonder why they getter worse performance than expected. This series seeks to close this performance difference between the two APIs. It achieves this by changing xdp_redirect() to use a hidden devmap for looking up destination interfaces, thus gaining the batching benefit with no visible difference from the user API point of view. Allocation of the default map is done dynamically as programs using the xdp_redirect helper are loaded and attached to interfaces, and the maps are freed again when no longer needed. Because of tail calls, this requires two levels of refcounting: One global level that keeps track of whether any XDP programs using the xdp_redirect() helper are loaded in the system at all. And another that keeps track of whether any programs that could potentially result in a call to xdp_redirect (i.e., either programs using the helper, or programs using tail calls) are loaded in a given namespace. The default maps are dynamically sized to the nearest power-of-two size that can contain all interfaces present in each interface. If allocation fails, the user action that triggered the allocation (either attaching an XDP program, or moving an interface with a program attached) is rejected. If new interfaces appear in a namespace which causes the default map to become too small, a new one is allocated with the correct size; this allocation is the only one that cannot lead to a rejection of the userspace action, so if it fails a warning is emitted instead. The first patch in the series refactors devmap.c to prepare for the subsequent patches. The second patch adds the default map handling using the existing array-based devmap structure. The third patch adds a new map type (devmap_idx) that hashes devices on ifindex. Changelog: v2 -> v3: - Fix compile warnings when CONFIG_BPF_SYSCALL is unset (as pointed out by the kbuild test bot). v1 -> v2: - Add refcounting to only allocate default maps when needed - Using said refcounting, also deallocate default maps - Add dynamic sizing of default maps - Handle moving of interfaces between namespaces - Split out refactoring of devmap.c to separate patch - Use hashmap semantics for update_elem of devmap_idx type maps --- Toke Høiland-Jørgensen (3): xdp: Refactor devmap code in preparation for subsequent additions xdp: Always use a devmap for XDP_REDIRECT to a device xdp: Add devmap_idx map type for looking up devices by ifindex include/linux/bpf.h | 46 ++ include/linux/bpf_types.h | 1 include/linux/filter.h | 2 include/net/net_namespace.h | 2 include/net/netns/xdp.h | 11 + include/trace/events/xdp.h | 3 include/uapi/linux/bpf.h | 1 kernel/bpf/devmap.c | 609 +++++++++++++++++++++++++++---- kernel/bpf/syscall.c | 27 + kernel/bpf/verifier.c | 14 + net/core/dev.c | 59 +++ net/core/filter.c | 69 +--- tools/bpf/bpftool/map.c | 1 tools/include/uapi/linux/bpf.h | 1 tools/lib/bpf/libbpf_probes.c | 1 tools/testing/selftests/bpf/test_maps.c | 16 + 16 files changed, 720 insertions(+), 143 deletions(-)