From patchwork Wed Apr 8 17:05:56 2026 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Aaron Conole X-Patchwork-Id: 2221003 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PweFl13j; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4frTxK4BbQz1xv0 for ; Thu, 09 Apr 2026 03:06:29 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 14DF66067D; Wed, 8 Apr 2026 17:06:27 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id kypRjI32w6eF; Wed, 8 Apr 2026 17:06:26 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 0FF4D60F91 Authentication-Results: smtp3.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PweFl13j Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp3.osuosl.org (Postfix) with ESMTPS id 0FF4D60F91; Wed, 8 Apr 2026 17:06:26 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id E9C2BC054A; Wed, 8 Apr 2026 17:06:25 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id B0011C0549 for ; Wed, 8 Apr 2026 17:06:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 9BD5E82287 for ; Wed, 8 Apr 2026 17:06:24 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 11WrAewhSH51 for ; Wed, 8 Apr 2026 17:06:23 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=aconole@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 7541E82280 Authentication-Results: smtp1.osuosl.org; dmarc=pass (p=quarantine dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 7541E82280 Authentication-Results: smtp1.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PweFl13j Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id 7541E82280 for ; Wed, 8 Apr 2026 17:06:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1775667981; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=4OUL4xmmrHRUX8F+k8ZpUZsDjkBB8eku2/eh8hZrBGM=; b=PweFl13j81VFV1GkkSWNYUwg98ZOdujoclRYgJ1RVfzUmjKa2rXtISBGpK7XtYnFblWXrP 4MXDux754cT9U0YL9y7BA3cjGnsAoLTatYrTzC67Ew2PzLKgzhy30w4UUDxbWvCbZjc2Mx hZx7KVF0oyzCG2oyFoWSNTRA25qiJp4= Received: from mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-673-xJsyNZD_M--v063JepmrdQ-1; Wed, 08 Apr 2026 13:06:18 -0400 X-MC-Unique: xJsyNZD_M--v063JepmrdQ-1 X-Mimecast-MFC-AGG-ID: xJsyNZD_M--v063JepmrdQ_1775667977 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id EDCD818005B8; Wed, 8 Apr 2026 17:06:16 +0000 (UTC) Received: from RHTRH0061144.redhat.com (unknown [10.22.89.172]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id F1B51300019F; Wed, 8 Apr 2026 17:06:14 +0000 (UTC) To: dev@openvswitch.org Date: Wed, 8 Apr 2026 13:05:56 -0400 Message-ID: <20260408170613.587902-1-aconole@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: uvFu7DQP__fd5aAxYI6YPkrrAggFL78T-AqhzypCQ3s_1775667977 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [RFC 00/12] ct-offload: Introduce a conntrack offload infrastructure. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Aaron Conole via dev From: Aaron Conole Reply-To: Aaron Conole Cc: Eli Britstein , Florian Westphal , Flavio Leitner Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" This series reworks the userspace connection tracker in Open vSwitch in order to introduce an infrastructure that future offload providers could use to offload connections, similar to facilities provided in the TC offload path. The goal is to enable userspace datapath offloads to provide additional connection tracking offload support. The early patches do a slight rework of the existing connection tracker to prepare for the offload to be added. These are just split-outs and renames to make things clearer. Patches 5-10 are the meat of the offload infrastructure. They provide the basic support - add/del/est/update primitives that give enough context into the userspace connection tracking layers to actually inform the hardware and keep the userspace updated. Additionally, we automatically disable tcp sequence number checking on connections that are 'offloaded'. Patch 11 shows a dummy offload implementation and some unit tests. Patch 12 is just documentation / NEWS. Submitted as RFC because I'm sure I've forgotten something. Aaron Conole (12): conntrack: Add per-conn storage for conntrack modules. conntrack: Introduce an observer pattern infrastructure as a hook. conntrack: Split the FTP and TFTP handling into separate files. conntrack-tcp: Convert to using the per-conn storage area. ct-offload: Add a new interface as an offload provider. ct-offload: Add batching support. ct-offload: Add a mark for offloaded connections. conntrack: Add calls to ct-offload infrastructure. ct-offload: Add configuration infrastructure. conntrack: Propagate input netdev pointer to conntrack. ct-offload-dummy: Introduce dummy ct offload. Documentation: Announce and describe the conntrack offload feature. Documentation/automake.mk | 1 + Documentation/topics/index.rst | 1 + .../topics/userspace-conntrack-offloading.rst | 76 ++ NEWS | 1 + lib/automake.mk | 7 + lib/conntrack-ftp.c | 689 +++++++++++++ lib/conntrack-private.h | 123 +++ lib/conntrack-tcp.c | 72 +- lib/conntrack-tcp.h | 61 ++ lib/conntrack-tftp.c | 47 + lib/conntrack.c | 904 ++++-------------- lib/conntrack.h | 44 +- lib/ct-offload-dummy.c | 253 +++++ lib/ct-offload-dummy.h | 64 ++ lib/ct-offload.c | 603 ++++++++++++ lib/ct-offload.h | 177 ++++ lib/dpif-netdev.c | 14 +- lib/dpif-offload.c | 13 + lib/dpif-offload.h | 1 + tests/dpif-netdev.at | 72 ++ tests/library.at | 54 ++ tests/test-conntrack.c | 460 ++++++++- vswitchd/bridge.c | 4 + 23 files changed, 2974 insertions(+), 767 deletions(-) create mode 100644 Documentation/topics/userspace-conntrack-offloading.rst create mode 100644 lib/conntrack-ftp.c create mode 100644 lib/conntrack-tcp.h create mode 100644 lib/conntrack-tftp.c create mode 100644 lib/ct-offload-dummy.c create mode 100644 lib/ct-offload-dummy.h create mode 100644 lib/ct-offload.c create mode 100644 lib/ct-offload.h