From patchwork Tue Jul 17 02:39:42 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Darrell Ball X-Patchwork-Id: 944679 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="oeIjySAd"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 41V4JL0Mtkz9s0w for ; Tue, 17 Jul 2018 12:40:17 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 80035BB6; Tue, 17 Jul 2018 02:40:14 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 7D1E7BAD for ; Tue, 17 Jul 2018 02:40:13 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pl0-f68.google.com (mail-pl0-f68.google.com [209.85.160.68]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 243B8466 for ; Tue, 17 Jul 2018 02:40:13 +0000 (UTC) Received: by mail-pl0-f68.google.com with SMTP id f4-v6so11934992plb.9 for ; Mon, 16 Jul 2018 19:40:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:message-id; bh=hrLwufABaW2BWiNU6ffyjS+hppfSFF17pDfCeMcYnI0=; b=oeIjySAdrKPaOB4U3As3mF/+CN6ZQSBeDgwai2jDa9dFsASMR9rxUgXOFylFh0DAM1 eKEQuFxZcX/TAeQiji4e01QKVjdtsFKfGrZsvnpBx8pC+TMLKFxSH3LzHCiiy2zOnZpu WHKr3VGaYYF4BTdQTJYYXJjIechgmLFyoWNWP8QC3+zY2hWtqMWzmVUtDRWjP7kl/SjW fMFYJlQF/P6LCaldcmLSziX6sdvzryaJ6b48mccvN+x3Qj2DGK/qJIXVmj187yt94JB8 Hofu6az+pjtnJId2jpFD76n4+839awbFEAiFY4Xja/E5hLeb2QKpHtPWzsfbl+gj9fEF whOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:message-id; bh=hrLwufABaW2BWiNU6ffyjS+hppfSFF17pDfCeMcYnI0=; b=Uq/mSdRbaT26UXZWBGvMYKXV18NyMNzEm7kn0nALTYm8m/PPodYbEgQNv1XjoA4+P1 ynOV/g1MVhW9BKGqtJpN6Ve9ZQHzqZWwo3vr2qf+ZMAPWzk3JltqtHX9nEkPqrSPc9tn S5XtDROCb6PIfbsGcGaI1mkBA2G1G2jR1Zh7oVs1knPM4pFTCAxxKZaDGBkfuIDuZXN9 bzEGQnvCV8kMSZqmaPpgLb0ZAOIFLlP/NsxuRpYGS9TbawGZjCLAA/wpWApYErBngu/W D0xoqjEnpzZCpy8mh1y4xj9mTzVL0sp8DXoV3MI3QK5IJZnNqgI4HhrWZQCPvaOKy/vZ FzXw== X-Gm-Message-State: AOUpUlF68XVnYfiUckJdjcJmu6t+aEN0D630pryZurAH7BuPMLEideoO lf3T06I3bEDN+laQ0wK1now= X-Google-Smtp-Source: AAOMgpcCE1nzsMe5ImoM4B2mnE0i1DFdUS5Q3PXUUtaKpAvQ0OLHpMj1hcXN+d7/TF8KNkhrTzhiUg== X-Received: by 2002:a17:902:8a8e:: with SMTP id p14-v6mr18863554plo.213.1531795212753; Mon, 16 Jul 2018 19:40:12 -0700 (PDT) Received: from ubuntu.localdomain ([208.91.2.1]) by smtp.gmail.com with ESMTPSA id n9-v6sm50224487pfg.21.2018.07.16.19.40.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 16 Jul 2018 19:40:11 -0700 (PDT) From: Darrell Ball To: dlu998@gmail.com, dev@openvswitch.org, jpettit@ovn.org Date: Mon, 16 Jul 2018 19:39:42 -0700 Message-Id: <1531795191-58140-1-git-send-email-dlu998@gmail.com> X-Mailer: git-send-email 1.9.1 X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [patch v8 0/9] Userspace datapath: Add fragmentation support. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org Fragmentation support for userspace datapath conntrack is added; both v4 and v6 are supported. See the patches for additional details. Fragmentation tests for the userspace datapath are enabled by the patches and other test enhancements are added. v7->v8: Fix argument index (-1 vs -2) for recently added function ipf_set_enabled__(). Eliminate spaces around '|' for 'v4 | v6'. Reduce performance impact for non-fragments to approx zero. v6->v7: Address review comments (Thanks Justin). Rebase. Fix a couple bugs. Some enhancements. v5->v6: Rebase Folded patch 4 and some test enablement into patch 3 and brought an earlier patch forward in sequence Enable fragmentation by default Cleaup v4->v5: Added a sub-feature to optionally dump fragmentation lists. This is useful for DOS forensics and debugging. The testing coverage was also extended including checking more counters and frag list occupancies. Fixed a few bugs: 1/ Handle dpdk mempool source restrictions for a batch of packets from multiple sources; this also brings in a purge frag list function to handle pathological cases of stuck frags. 2/ ipf_destroy was missing packet frees for frag lists. 3/ A setting of CS_INVALID was missing for expired packets - I mentioned this earlier for version 4. Some enhancements and coding standards changes for Patch 3. v3->v4: Add V6 support to the patches. Fix possible race cleanup bug when the user disables fragmentation and there are list occupancies, not cleaned up yet. Add missed orig tuple fields for copy from reassembled packet to fragments. Fix an fragment list increment check - shoiuld have been "> 0" rather then "!= 0". Fix max frags calculation in case of theoretical corner case. Add proper lock annotations. Made some other improvements while adding V6 support. v2->v3: Patch 2 was updated: Remove "XXX" todo items by implementing the ones needed, including realloc frag_list contexts to save memory. Fix related bug with max_frag_list_size when min_frag_size is reconfigured. Tighten ip_tot_len sanity check for reassembled packets which was more loose than intended. Add another sanity check for fragment ip_tot_len; even though it be redundant, add for completeness. v1->v2: Few fixes, improvements and cleanups. Darrell Ball (9): dp-packet: Add const qualifiers for checksum apis. flow: Enhance parse_ipv6_ext_hdrs. tests: Add missed local stack checks. conntrack: Reword conntrack_execute() description. Userspace datapath: Add fragmentation handling. ipf: Add command to disable fragmentation handling. ipf: Add set minimum fragment size command. ipf: Add set maximum fragments supported command. ipf: Add fragmentation status reporting. NEWS | 12 + include/sparse/netinet/ip6.h | 1 + lib/automake.mk | 2 + lib/conntrack.c | 17 +- lib/ct-dpif.c | 69 ++ lib/ct-dpif.h | 13 + lib/dp-packet.h | 8 +- lib/dpctl.c | 227 ++++++ lib/dpctl.man | 38 + lib/dpif-netdev.c | 83 +++ lib/dpif-netlink.c | 7 + lib/dpif-provider.h | 25 +- lib/flow.c | 31 +- lib/flow.h | 3 +- lib/ipf.c | 1446 ++++++++++++++++++++++++++++++++++++++ lib/ipf.h | 76 ++ tests/system-kmod-macros.at | 42 +- tests/system-traffic.at | 52 +- tests/system-userspace-macros.at | 148 +++- 19 files changed, 2237 insertions(+), 63 deletions(-) create mode 100644 lib/ipf.c create mode 100644 lib/ipf.h