From patchwork Mon Dec  3 05:17:19 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Darrell Ball <dlu998@gmail.com>
X-Patchwork-Id: 1006655
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=pass (mailfrom) smtp.mailfrom=openvswitch.org
	(client-ip=140.211.169.12; helo=mail.linuxfoundation.org;
	envelope-from=ovs-dev-bounces@openvswitch.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.b="ITPDgltT"; dkim-atps=neutral
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 437YGZ2MxNz9s3Z
	for <incoming@patchwork.ozlabs.org>;
	Mon,  3 Dec 2018 16:20:06 +1100 (AEDT)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 0FE24BD5;
	Mon,  3 Dec 2018 05:18:12 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id C70E1BAC
	for <dev@openvswitch.org>; Mon,  3 Dec 2018 05:18:10 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pl1-f194.google.com (mail-pl1-f194.google.com
	[209.85.214.194])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 66734D3
	for <dev@openvswitch.org>; Mon,  3 Dec 2018 05:18:10 +0000 (UTC)
Received: by mail-pl1-f194.google.com with SMTP id k8so5822620pls.11
	for <dev@openvswitch.org>; Sun, 02 Dec 2018 21:18:10 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:to:subject:date:message-id:in-reply-to:references;
	bh=eZYD34gG4icY4hEfGVBHwLJ+9XYX0+uHTDjceHqKnRc=;
	b=ITPDgltTB7PzBqc/Ui8XGB9mILhWjf6Y+ziaidG7K1+xKWXD+8im7GklJ1FoJsxBhz
	n90wF2MU3uMC2cHeZixLD2dPASxGCSjiMR7/jx/kQFF8cb5j2kmiNuvSGqrst2YFikGw
	Wdc8/kkLsBadQEYc+X67lBVcvwIAQJjOzKaYr+6OxJkavJ6srQU03gpGUaWb9sknPabb
	4JHE75BuCntd5/Qo4YN1Al2vltEZndXwH2h5OWA9vfwJ3IY5pvGO/UMrAuZtRpPD1YOo
	EIHx27QvrL9O+6eJ0KDt401SFpyWoRua36Z5e8hdAzB6vY+qY94aPsDBQSavQHJ6r1lP
	aYRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=eZYD34gG4icY4hEfGVBHwLJ+9XYX0+uHTDjceHqKnRc=;
	b=fUhA2T/prYWtDsdvb28j4TDBtrML2vR8tUjmVa4axw0OysBh7lOH4gAyXvPIMfzaWF
	dyVQ7wu0uZdQXUYpSTYjgTjCVjesz/KzCgwc6K+gvocTm7sTHax3gsFX2TtDMpuqg/p2
	+asMZBrzdp/1mIJjx1wlxhT52s7+KfjHIwkIyvfJQJ71mrbNfr2FzPd9YsWOIqicxiW1
	Nrgt+iYNvSU6mAnDr2L2rADxHuSXCtl2ybwinXFStiFjQz3yl06vzwK6hD4KJls2m+B/
	45ET0llOk/P5RkGyVeRJRKN3b/A1eMcfakYQK1XdaX244Bl7cvUYgTYbBzmIMRlQzHTI
	uXMg==
X-Gm-Message-State: AA+aEWYul9kv9MFp/5jqzfyqXQGn91Rn24U3/QXPDBHFszh8qddvwwhi
	6CRzs+zngUKJcD4jQSsaT8E=
X-Google-Smtp-Source: 
 AFSGD/VFRs1e8g1o7aTDMNXXyLBIMs2NGe9/2S+Qx8WL2/Oc4FEHumentMNoGUsFe0vY2GdkVycrkQ==
X-Received: by 2002:a17:902:45:: with SMTP id
	63mr14021882pla.272.1543814289887;
	Sun, 02 Dec 2018 21:18:09 -0800 (PST)
Received: from localhost.localdomain (c-76-102-76-212.hsd1.ca.comcast.net.
	[76.102.76.212]) by smtp.gmail.com with ESMTPSA id
	w5sm15510880pfn.89.2018.12.02.21.18.08
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Sun, 02 Dec 2018 21:18:09 -0800 (PST)
From: Darrell Ball <dlu998@gmail.com>
To: dlu998@gmail.com,
	dev@openvswitch.org
Date: Sun,  2 Dec 2018 21:17:19 -0800
Message-Id: <1543814239-89269-5-git-send-email-dlu998@gmail.com>
X-Mailer: git-send-email 1.9.1
In-Reply-To: <1543814239-89269-1-git-send-email-dlu998@gmail.com>
References: <1543814239-89269-1-git-send-email-dlu998@gmail.com>
X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [patch v3 4/4] conntrack: Optimize recirculations.
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

In most cases, recirculations through conntrack can be much less costly.

If conntrack entry keys are changed outside of conntrack, the user must
call the pre-existing API, 'conntrack_clear()', which is modified in
this patch.

An implicit assumption is that a packet is processed to completion by a
PMD before returning to it's poll loop.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
---
 lib/conntrack.c | 46 ++++++++++++++++++++++++++++++++++++++++++++--
 lib/packets.h   |  4 ++++
 2 files changed, 48 insertions(+), 2 deletions(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 3168557..6f926c6 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -1200,6 +1200,39 @@ process_one(struct dp_packet *pkt, struct conn_lookup_ctx *ctx, uint16_t zone,
     }
 
     handle_alg_ctl(ctx, pkt, ct_alg_ctl, conn, now, !!nat_action_info);
+
+    if (nat_action_info && ct_alg_ctl == CT_ALG_CTL_NONE) {
+        pkt->md.conn = conn;
+        pkt->md.reply = ctx->reply;
+        pkt->md.icmp_related = ctx->icmp_related;
+    } else {
+        pkt->md.conn = NULL;
+    }
+}
+
+static inline void
+process_one_fast(struct dp_packet *pkt, uint16_t zone,
+                 const uint32_t *setmark,
+                 const struct ovs_key_ct_labels *setlabel,
+                 const struct nat_action_info_t *nat_action_info,
+                 struct conn *conn)
+{
+    if (nat_action_info) {
+        handle_nat(pkt, conn, zone, pkt->md.reply, pkt->md.icmp_related);
+        pkt->md.conn = NULL;
+    }
+
+    pkt->md.ct_zone = zone;
+    pkt->md.ct_mark = conn->mark;
+    pkt->md.ct_label = conn->label;
+
+    if (setmark) {
+        set_mark(pkt, conn, setmark[0], setmark[1]);
+    }
+
+    if (setlabel) {
+        set_label(pkt, conn, &setlabel[0], &setlabel[1]);
+    }
 }
 
 /* Sends the packets in '*pkt_batch' through the connection tracker 'ct'.  All
@@ -1223,8 +1256,16 @@ conntrack_execute(struct dp_packet_batch *pkt_batch, ovs_be16 dl_type,
     struct conn_lookup_ctx ctx;
 
     DP_PACKET_BATCH_FOR_EACH (i, packet, pkt_batch) {
-        if (packet->md.ct_state == CS_INVALID
-            || !conn_key_extract(packet, dl_type, &ctx, zone)) {
+        struct conn *conn = packet->md.conn;
+        if (OVS_UNLIKELY(packet->md.ct_state == CS_INVALID)) {
+            write_ct_md(packet, zone, NULL, NULL, NULL);
+                continue;
+        } else if (conn && !force && !commit && conn->key.zone == zone) {
+            process_one_fast(packet, zone, setmark, setlabel, nat_action_info,
+                             packet->md.conn);
+            continue;
+        } else if (OVS_UNLIKELY(!conn_key_extract(packet, dl_type, &ctx,
+                                zone))) {
             packet->md.ct_state = CS_INVALID;
             write_ct_md(packet, zone, NULL, NULL, NULL);
             continue;
@@ -1242,6 +1283,7 @@ conntrack_clear(struct dp_packet *packet)
     /* According to pkt_metadata_init(), ct_state == 0 is enough to make all of
      * the conntrack fields invalid. */
     packet->md.ct_state = 0;
+    packet->md.conn = NULL;
 }
 
 static void
diff --git a/lib/packets.h b/lib/packets.h
index 09a0ac3..a88d1ad 100644
--- a/lib/packets.h
+++ b/lib/packets.h
@@ -108,6 +108,9 @@ PADDED_MEMBERS_CACHELINE_MARKER(CACHE_LINE_SIZE, cacheline0,
     uint32_t ct_mark;           /* Connection mark. */
     ovs_u128 ct_label;          /* Connection label. */
     union flow_in_port in_port; /* Input port. */
+    void *conn;
+    bool reply;
+    bool icmp_related;
 );
 
 PADDED_MEMBERS_CACHELINE_MARKER(CACHE_LINE_SIZE, cacheline1,
@@ -157,6 +160,7 @@ pkt_metadata_init(struct pkt_metadata *md, odp_port_t port)
     md->tunnel.ip_dst = 0;
     md->tunnel.ipv6_dst = in6addr_any;
     md->in_port.odp_port = port;
+    md->conn = NULL;
 }
 
 /* This function prefetches the cachelines touched by pkt_metadata_init()