PERFORCE change 125169 for review
Julian Elischer
julian at elischer.org
Wed Aug 15 08:50:19 PDT 2007
Marko Zec wrote:
> http://perforce.freebsd.org/chv.cgi?CH=125169
>
> Change 125169 by zec at zec_tpx32 on 2007/08/15 11:28:57
>
> Defer dispatching of netisr handlers for mbufs which have
> crossed a boundary between two vnets. Direct dispatching
> in such cases could lead to various LORs, or in most
> extreme circumstances cause the kernel stack to overflow.
>
> This is accomplished by the introduction of a new mbuf
> flag, M_REMOTE_VNET, which must be set by any kernel entity
> moving a mbuf from one vnet context to another. So far
> only ng_eiface and ng_wormhole can operate across a
> boundary between vnets, so update those two accordingly.
> The flag is then evaluated in netisr_dispatch(), and if
> set, the mbuf is queued for later processing instead of
> direct dispatching of netisr handler.
>
Is it not possible for unix domain sockets to do so if the file
descriptor as an a part of the filesystem that is shared?
I hope soon (within a year) to have several vimages from a
networking perspective but with a common filesystem root.
the processes will communicate between themselves using
Unix domain sockets. (That's what they currently do but I want to
make them have separate routing tables etc.
> Affected files ...
>
> .. //depot/projects/vimage/src/sys/net/netisr.c#6 edit
> .. //depot/projects/vimage/src/sys/netgraph/ng_eiface.c#7 edit
> .. //depot/projects/vimage/src/sys/netgraph/ng_wormhole.c#2 edit
> .. //depot/projects/vimage/src/sys/sys/mbuf.h#6 edit
>
> Differences ...
>
> ==== //depot/projects/vimage/src/sys/net/netisr.c#6 (text+ko) ====
>
> @@ -178,8 +178,19 @@
> * from an interface but does not guarantee ordering
> * between multiple places in the system (e.g. IP
> * dispatched from interfaces vs. IP queued from IPSec).
> + *
> + * If the kernel was compiled with options VIMAGE, also defer
> + * dispatch of netisr handlers for mbufs that have crossed a
> + * boundary between two vnets. Direct dispatching in such
> + * cases could lead to various LORs, or in most extreme
> + * circumstances cause the kernel stack to overflow.
> */
> +#ifndef VIMAGE
> if (netisr_direct && (ni->ni_flags & NETISR_MPSAFE)) {
> +#else
> + if (netisr_direct && (ni->ni_flags & NETISR_MPSAFE) &&
> + !(m->m_flags & M_REMOTE_VNET)) {
> +#endif
> isrstat.isrs_directed++;
> /*
> * NB: We used to drain the queue before handling
>
> ==== //depot/projects/vimage/src/sys/netgraph/ng_eiface.c#7 (text+ko) ====
>
> @@ -253,6 +253,12 @@
> continue;
> }
>
> +#ifdef VIMAGE
> + /* Mark up the mbuf if crossing vnet boundary */
> + if (ifp->if_vnet != node->nd_vnet)
> + m->m_flags |= M_REMOTE_VNET;
> +#endif
> +
> /*
> * Send packet; if hook is not connected, mbuf will get
> * freed.
> @@ -542,6 +548,12 @@
> /* Update interface stats */
> ifp->if_ipackets++;
>
> +#ifdef VIMAGE
> + /* Mark up the mbuf if crossing vnet boundary */
> + if (ifp->if_vnet != hook->hk_node->nd_vnet)
> + m->m_flags |= M_REMOTE_VNET;
> +#endif
> +
> (*ifp->if_input)(ifp, m);
>
> /* Done */
>
> ==== //depot/projects/vimage/src/sys/netgraph/ng_wormhole.c#2 (text+ko) ====
>
> @@ -378,11 +378,14 @@
> priv_p priv = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
> int error = 0;
> priv_p remote_priv = priv->remote_priv;
> + struct mbuf *m;
>
> if (priv->status != NG_WORMHOLE_ACTIVE) {
> NG_FREE_ITEM(item);
> error = ENOTCONN;
> } else {
> + m = NGI_M(item);
> + m->m_flags |= M_REMOTE_VNET;
> CURVNET_SET_QUIET(remote_priv->vnet);
> NG_FWD_ITEM_HOOK(error, item, remote_priv->hook);
> CURVNET_RESTORE();
>
> ==== //depot/projects/vimage/src/sys/sys/mbuf.h#6 (text+ko) ====
>
> @@ -192,6 +192,7 @@
> #define M_LASTFRAG 0x2000 /* packet is last fragment */
> #define M_VLANTAG 0x10000 /* ether_vtag is valid */
> #define M_PROMISC 0x20000 /* packet was not for us */
> +#define M_REMOTE_VNET 0x40000 /* mbuf crossed boundary between two vnets */
>
> /*
> * External buffer types: identify ext_buf type.
> @@ -214,7 +215,7 @@
> #define M_COPYFLAGS (M_PKTHDR|M_EOR|M_RDONLY|M_PROTO1|M_PROTO1|M_PROTO2|\
> M_PROTO3|M_PROTO4|M_PROTO5|M_SKIP_FIREWALL|\
> M_BCAST|M_MCAST|M_FRAG|M_FIRSTFRAG|M_LASTFRAG|\
> - M_VLANTAG|M_PROMISC)
> + M_VLANTAG|M_PROMISC|M_REMOTE_VNET)
>
> /*
> * Flags to purge when crossing layers.
More information about the p4-projects
mailing list